Firewalls and Internet Security: Repelling the Wily Hacker

Addison-Wesley in cooperation with William Cheskwick, Steven Bellovin and Aviel Rubin have produced yet another well-researched publication.This book is all about Internet security, firewalls, VPNs and much more, all of which are hot topics and renowned buzzwords within today's IT industry. In the first chapter, the authors express their view on network security and demonstrate the different methods an Administrator can use in order to secure their network(s). This is carried out by categorizing security into Host-Based and Perimeter security.The second and third chapters are approximately 50 pages covering basic protocols, including IPv6, DNS, FTP, SNMP, NTP, RPC-based protocols and a several more like the famous NAT. The chapters are concluded with a summary on wireless security.The next five chapters (chapter 4 to 8 inclusive), analyze various attacks used against networks and server operating systems in an attempt to exploit them. There is a wealth of information concerning hacking, allowing the reader to enter the mind of a hacker in terms of what they think and how they proceed to meet their goal. One complete chapter is dedicated to various password tactics in which one can ensure that a hacker's life is made more difficult should they attempt to break into a few accounts using well-known methods related to password guessing. CHAP, PAP, Radius and PKI are also analyzed.Chapter 9 to 12 are dedicated to Firewalls and VPNs which, in passing, happen to be my favourite chapters. They offer an in-depth analysis of the Firewall concept, packet filtering, application-level filtering and circuit level gateways. It proceeds with information about the filtering services, giving detailed examples on how one could use IPChains to create a simple or complex set of rules to efficiently block/permit packets entering in and out the network. This is perhaps the only downside to this informative book, where IPTables would have been beneficial to include, since people rarely use IPchains these days.Lastly, chapter 12 talks about VPNs, their encryption methods, and considers both their weaknesses and advantages.In addition to this, the book continues with several more chapters covering general questions that may arise for the reader, such as intranet routing, administration security and intrusion detection systems.Towards the end, the authors talk about their personal experiences with people trying to hack into their companies and, as a result, explain the step- by- step process of how they managed to fight them and secure their networks. These pages are simply a goldmine for anyone interested in this area.In summary, I'd say that the book is well worth its money and would suggest it to anyone interested in network security and firewalls. I am certain they won't be disappointed simply because the book has a lot to offer...

(I reviewed the manuscript before publication for the publisher, buthere I'm speaking for myself.)The first edition of this book became known as the must-have boookabout firewalls, and rightly so. It defined how to build a firewallfor a couple of generations of Internet security managers. Since thattime, firewalls have become ubiquitous for corporate networks, andthey're even common in some form for many home networks. In a world where firewalls are conveniently built into networkappliances, do we need a book about how to build them? In this case,the answer is clearly "yes," but perhaps not for the obvious reasons.What Cheswick, Bellovin, and Rubin have done is given us a guide tothinking about securing networks, not just building firewalls. In asense, the importance of the second edition of "Firewalls and InternetSecurity" has shifted to "Internet Security". The authors provide away of thinking about the problems of Internet security, not a basicguide to operating firewall products on the market today.It is this way of thinking about Internet security that provideslasting value for the reader as well. The book explains criticalfeatures (and problems) of the Internet architecture and its protocols,giving the reader the context to understand how various attacks workand how they can be prevented. By emphasizing fundamentals, theauthors provide valuable insight for the future as well as for today.Yet the book is relentlessly pragmatic--it is focused on securing realsystems on real networks.It's also fun to read. The writing is both witty and wise, and itdoesn't take an expert to understand it. However, the experiencedreader will still find much insight and will undoubtedly learn a fewthings along the way.

A timely and much needed update to the first edition, Fwais 2.0 is an excellent overview of the current landscape and psychology involving intranet, VPN and Internet host security while correctly addressing the positives and negatives of firewall / internet security and the techniques used by hackers. The authors start with hacking and security needs analysis, progress thru strategies and techniques, and end with useful security formulas, hypotheses and real life examples. They draw upon their own experiences and observations about network security and host protection to give the reader a well-rounded view of the concepts of security as they apply today. The book is well written with simple examples and antecedents. They have taken great care to explain how hackers work and their methodology. The best thing about the book is that it does not go into great detail about unnecessary finite security specifics and shows what works best while adding value by allowing the reader the opportunity to think for themselves and address their own needs. They maintain the premise that: " Simple security is better than complex security: it is easier to understand, verify, and maintain."(Page 81) while covering the types of attacks not only by method, but also by class, ranging from the kiddie script up to the sophisticated tunneling and VPN methods. FWAIS 2.0 is a comprehensive guide to the most common security problems while not wasting time on the insignificant. It includes a good set of general rules and the tool sets necessary to secure a network at any level. FAWAIS 2.0 covers current protocols and allows simple guidelines for flexibility in determining your own network needs. It describes the weaknesses in both hardware and software while addressing their relational aspects in easy to understand terms. Written with Freebsd in mind many of the techniques in this edition adapt well to other sources such as Linux, Os/X, Unix, NetBsd, and Solaris. The entire premise of the book revolves around the concept that old style layered security is not as good as it may appear. And that internet security and firewalls are a holistic endeavor of system integration and design. The authors have taken care to show just how difficult it can be to keep up with large network topology and lend truth to the fact that; "There is no such thing as absolute security." (Page 3)The concepts found in this book cover subjects such as :What firewalls can and cannot do, capabilities and weaknesses.What filtering services work best.What services and practices are overkill.Why firewalls are necessary, the risks to servers and the servers relationship to proper firewall installation. What the steps to hacking are and the methodology used to break into a host.The why, what and where of limiting services and the tools to secure the appropriate functions.Types of firewalls and best practices for implementing security while building and designing firewalls.Why building your own fire

(I had the pleasure of doing a pre-release review for the publisher. My wife and I enjoyed the meal they paid for. However this posting is done on my own.)When the book first came out, it defined an Internet specialty. The Internet is now a bigger, and sometimes more dangerous, place. "Firewalls and Internet Security" won't guarantee your network's safety, but failure ignorance of the material in this book will guarantee its compromise. The book provides an extraordinary combination of theory and practise, framework and procedure, technology and operations. The depth of the authors' knowledge and the pragmatic tone throughout the book make it unrivaled. The writing is unusually accessible; it neither suffers from excessively obscure technical language nor does it pander to the reader with facile, superficial discussion. The humor is nicely spaced, and martini-dry.A section on protocols is not simply one-more cursory review of what they do. Instead it provides a unique and thorough analysis of their security considerations, so that designers and network administrators can understand the strengths and weakness of the Internet's core technologies.If you run a network and care about its safety, you won't be able to do your job well enough without reading this book. If you develop Internet technology, then remember that security is almost always impossible to design-in later. If you haven't read this book, you are not likely to get the design right./d

The title of this book doesn't really do it justice. It covers a lot more than just firewalls. The reader is greatly benefited by a quick read that's full of memorable facts.Its well written, talking about topics that can, in isolation, appear as arcane. The arcane is framed nicely by a spy vs. spy story that's fascinating. Ok, its not a Clifford Stoll novel, but its still great for those of us who want the nitty gritty details.I can't tell you how many copies of this book I've bought.