The best-selling first edition of Firewalls and Internet Security became the bible of Internet security by showing a generation of Internet security experts how to think about threats and solutions. This completely updated and expanded second edition defines the security problems companies face in today's Internet, identifies the weaknesses in the most popular security technologies, and illustrates the ins and outs of deploying an effective firewall. Readers will learn how to plan and execute a security strategy that allows easy access to Internet services while defeating even the wiliest of hackers.

Firewalls and Internet Security, Second Edition, draws upon the authors' experiences as researchers in the forefront of their field since the beginning of the Internet explosion.

The book begins with an introduction to their philosophy of Internet security. It progresses quickly to a dissection of possible attacks on hosts and networks and describes the tools and techniques used to perpetrate--and prevent--such attacks. The focus then shifts to firewalls and virtual private networks (VPNs), providing a step-by-step guide to firewall deployment. Readers are immersed in the real-world practices of Internet security through a critical examination of problems and practices on today's intranets, as well as discussions of the deployment of a hacking-resistant host and of intrusion detection systems (IDS). The authors scrutinize secure communications over insecure networks and conclude with their predictions about the future of firewalls and Internet security.

The book's appendixes provide an introduction to cryptography and a list of resources (also posted to the book's Web site) that readers can rely on for tracking further security developments.

Armed with the authors' hard-won knowledge of how to fight off hackers, readers of Firewalls and Internet Security, Second Edition, can make security decisions that will make the Internet--and their computers--safer.

020163466XB01302003

Amazon.com® Reader Reviews (Ranked by Helpfulness)

Average Amazon.com® Rating:  Based on 22 Ratings

Yet another worthwhile book for us all in the IT industry! - 2003-10-10
Reviewer Rating:
Addison-Wesley in cooperation with William Cheskwick, Steven Bellovin and Aviel Rubin have produced yet another well-researched publication.

This book is all about Internet security, firewalls, VPNs and much more, all of which are hot topics and renowned buzzwords within today's IT industry.

In the first chapter, the authors express their view on network security and demonstrate the different methods an Administrator can use in order to secure their network(s). This is carried out by categorizing security into Host-Based and Perimeter security.

The second and third chapters are approximately 50 pages covering basic protocols, including IPv6, DNS, FTP, SNMP, NTP, RPC-based protocols and a several more like the famous NAT. The chapters are concluded with a summary on wireless security.

The next five chapters (chapter 4 to 8 inclusive), analyze various attacks used against networks and server operating systems in an attempt to exploit them. There is a wealth of information concerning hacking, allowing the reader to enter the mind of a hacker in terms of what they think and how they proceed to meet their goal.

One complete chapter is dedicated to various password tactics in which one can ensure that a hacker's life is made more difficult should they attempt to break into a few accounts using well-known methods related to password guessing. CHAP, PAP, Radius and PKI are also analyzed.

Chapter 9 to 12 are dedicated to Firewalls and VPNs which, in passing, happen to be my favourite chapters. They offer an in-depth analysis of the Firewall concept, packet filtering, application-level filtering and circuit level gateways. It proceeds with information about the filtering services, giving detailed examples on how one could use IPChains to create a simple or complex set of rules to efficiently block/permit packets entering in and out the network. This is perhaps the only downside to this informative book, where IPTables would have been beneficial to include, since people rarely use IPchains these days.

Lastly, chapter 12 talks about VPNs, their encryption methods, and considers both their weaknesses and advantages.

In addition to this, the book continues with several more chapters covering general questions that may arise for the reader, such as intranet routing, administration security and intrusion detection systems.

Towards the end, the authors talk about their personal experiences with people trying to hack into their companies and, as a result, explain the step- by- step process of how they managed to fight them and secure their networks. These pages are simply a goldmine for anyone interested in this area.

In summary, I'd say that the book is well worth its money and would suggest it to anyone interested in network security and firewalls. I am certain they won't be disappointed simply because the book has a lot to offer...

Good upgrade to a classic - 2004-04-05
Reviewer Rating:
This second edition has all the qualities the first edition had 10 years ago: Their writing is clear, they provide a sober assessment of the costs & benefits of various services (as opposed to other reviewers, I don't think the authors had much of an anti-Microsoft bias, just a realistic perspective on where Windows products are regarding security). The book is still fairly compact and it comes with an excellent biography and pointers to security software.

Decent overview - 2008-06-14
Reviewer Rating:
Nutshell review - This book provides a good overview and starting point for firewall and internet related security issues. It doesn't cover everything but does a fair job on the material it does cover.

What, you don't own this? - 2006-03-03
Reviewer Rating:
You should buy this book. Then you should read this book.

A great overview, but a little thin on details. - 2005-04-22
Reviewer Rating:
This book is an excellent comprehensive introduction to computer security from policies to technologies. However, as pointed out by other reviewers, the depth of content when it comes to specifics is rather shallow, but one must take into account that to discuss each of these topics in depth would require volumes of text, and much of the specific information can easily be found in texts devoted specifically to those individual topics or from online sources. Given the breadth of information discussed, I think it strikes a very effective balance in displaying the information necessary to understand the basics of computer security.

The book should have a home on the bookshelf of anyone who deals with computer systems. It also serves as a great primer for those in management or anyone else who is less than technical but needs a pretty concise 30,000 ft. level overview to understand what their technical staff is talking about.

Browse Similar Topics

Top Level Categories:
Internet/Online

Sub-Categories:
Internet/Online > Security