| Overview
In the five years since the first edition of this classic book was
published, Internet use has exploded. The commercial world has
rushed headlong into doing business on the Web, often without
integrating sound security technologies and policies into their
products and methods. The security risks--and the need to protect
both business and personal data--have never been greater. We've
updated Building Internet Firewalls to address these newer
risks. What kinds of security threats does the Internet pose? Some,
like password attacks and the exploiting of known security holes,
have been around since the early days of networking. And others,
like the distributed denial of service attacks that crippled Yahoo,
E-Bay, and other major e-commerce sites in early 2000, are in
current headlines. Firewalls, critical components of today's
computer networks, effectively protect a system from most Internet
security threats. They keep damage on one part of the network--such
as eavesdropping, a worm program, or file damage--from spreading to
the rest of the network. Without firewalls, network security
problems can rage out of control, dragging more and more systems
down. Like the bestselling and highly respected first edition,
Building Internet Firewalls, 2nd Edition, is a practical and
detailed step-by-step guide to designing and installing firewalls
and configuring Internet services to work with a firewall. Much
expanded to include Linux and Windows coverage, the second edition
describes:
Firewall technologies: packet filtering, proxying, network
address translation, virtual private networks Architectures such as screening routers, dual-homed hosts,
screened hosts, screened subnets, perimeter networks, internal
firewalls Issues involved in a variety of new Internet services and
protocols through a firewall Email and News Web services and scripting languages (e.g., HTTP, Java,
JavaScript, ActiveX, RealAudio, RealVideo) File transfer and sharing services such as NFS, Samba Remote access services such as Telnet, the BSD "r" commands,
SSH, BackOrifice 2000 Real-time conferencing services such as ICQ and talk Naming and directory services (e.g., DNS, NetBT, the Windows
Browser) Authentication and auditing services (e.g., PAM, Kerberos,
RADIUS); Administrative services (e.g., syslog, SNMP, SMS, RIP and other
routing protocols, and ping and other network diagnostics) Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP) Database protocols (e.g., ODBC, JDBC, and protocols for Oracle,
Sybase, and Microsoft SQL Server)
The book's complete list of resources includes the location of many
publicly available firewall construction tools.
Editorial ReviewsProduct DescriptionIn the five years since the first edition of this classic book, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks--and the need to protect both business and personal data--have never been greater. Like the highly respected, bestselling first edition, Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes a variety of firewall technologies and architectures. It also contains a new set of chapters describing the issues involved in a variety of Internet services and protocols through a firewall. In addition to the standard email, News, FTP, DNS, and Telnet services, the book now covers web services and scripting languages, Windows NT services, authentication and auditing services, intermediary protocols, and database protocols. The book also has a complete list of resources, including the location of many publicly available firewall construction tools. | Amazon.com ReviewIn the vast and varied universe of computer books, only a few stand out as the best in their subject areas. Building Internet Firewalls is one of those. It's deep, yet carefully focused, so that almost anything you might want to know about firewall strategies for protecting networks is here. In addition, there's lots of information on the reasons that we build firewalls in the first place, which is to say the security risks that come with Internet connectivity. You'll learn a great deal about Internet services and the protocols that provide them as you follow this book's recommendations for stifling attacks. If there's a shortcoming to this book, it's its lack of coverage of the turnkey firewall products that are becoming popular among home and small-office users. Emphasis here is on more complicated network defenses that require careful design and setup--both design and implementation are the order of the day here. The authors carefully enumerate the threats they see in various situations, go into some detail on how those threats manifest themselves, and explain what configuration changes you can make to your perimeter defenses to repulse those threats. Plenty of illustrations make points about good and bad security strategies (you want to put the routers here and here, not here or here). You'll learn a lot by reading this book from cover to cover, no matter how much experience you have. --David Wall Topics covered: Means of protecting private networks from external security threats. The authors go into detail on attackers' means of exploiting security holes in common Internet services, and show how to plug those holes or at least limit the damage that can be done through them. With coverage of Unix, Linux, and Windows NT, the authors detail their philosophies of firewall design and general security policy. |
Other Readers Also Read | Top Sellers in This Category | Browse Similar Topics | | | Top Level Categories:Sub-Categories: | | | | |
Reader Reviews From Amazon (Ranked by 'Helpfulness') Average Customer Rating: based on 37 reviews. Classic book at creating your own Firewall!, 2006-02-25 Reviewer rating: O'Reilly's "Building Internet Firewalls-2nd Edition" by Zwicky is a classic book that fully describes how to build and integrate various types of firewalls into any type of networking infrastructure. The book is a beast (at over 800 pages) and covers the wide range of security concerns when implementing firewalls. Please note, this book does not cover firewalls that are platforms (so don't expect to learn how to admin a PIX or Juniper/NetScreen firewall), nor does it discuss firewalls such as CheckPoint. What this book does discuss (and in depth), is how to build your own firewall, from scratch using the O/S of your choice, and how to harden the host.
The book begins with a general introduction to TCP/IP and networking. Starting with Chapter 5 (about 100 pages into the book), the book really comes into it's own. The book's next few chapters focus on the different types of firewalls architectures (packet filters, proxy systems, bastion hosts (Unix, Linux and Windows)).
The third section of the book focuses on Internet services - RPC, TLS & SSL, WWW, FTP & TFTP, Sendmail, DNS, IRC, etc... All the major protocols are covered. I believe that this book discusses some of the fundamental TCP/IP protocols, from a security perspective, better than any other book on the market. For example, on page 352, is a detailed discussion on RPC and portmappers.
I have always enjoyed "Building Internet Firewalls" and still periodically reference it to help secure firewalls/hosts. This book should be placed various close to you on your IP Security bookshelf.
I give this book 5 pings out of 5:
!!!!! | The best firewall book around, but lacking re: policy design, 2005-07-01 Reviewer rating: _Building Internet Firewalls_ is a great reference if you are looking for physical configuration recommendations (how to connect stuff) or protocol packet filtering characteristics (lots of great detail there), but it does not describe firewall policy design or management in any detail (and I'm not aware of a firewall book that does). This could use a few more "real world" examples of filter policies (not just physical architecture), perhaps even a chapter dedicated to each of a home network, a small-to-medium-size business (with perhaps a more complicated and rigorous policy), and a large enterprise (with multiple firewalls and a complex policy). | Firewall Book Review, 2005-02-23 Reviewer rating: I think this is one of the best firewall books on the market. It is written in language that is easy to understand and has a lot of nice diagrams. | Okay for discussing general ideas, but not much real world, 2003-05-11 Reviewer rating: Okay for discussing general ideas, but not much real world use. There's not a lot to be had from this book. They cover too much and discuss too much generalized topics and never really touch on any real-world working, intelligent firewall fules and uses. Just too much generalized fluff. You'll get more from a 'man page' on iptables and be able to put it to use, at least, compared to this. It is interesting, but there's too much generalization and fluff and not much someone can *use* from it. | very good book for networkers to understand security, 2003-04-04 Reviewer rating: bought this book after I brought up my own internet facing servers. coming from a networking background, the internet was an open space for me not until I read this book. This book tells you what kinds of security threats are out there, why and how you can protect your sites while still running all the services. very interesting and humorous too. Thanks. |
Some information above was provided using data from Amazon.com. View at Amazon > |
| |
|
|
