In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks--and the need to protect both business and personal data--have never been greater. We've updated Building Internet Firewalls to address these newer risks. What kinds of security threats does the Internet pose? Some, like password attacks and the exploiting of known security holes, have been around since the early days of networking. And others, like the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, are in current headlines. Firewalls, critical components of today's computer networks, effectively protect a system from most Internet security threats. They keep damage on one part of the network--such as eavesdropping, a worm program, or file damage--from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down. Like the bestselling and highly respected first edition, Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes:

• Firewall technologies: packet filtering, proxying, network address translation, virtual private networks

• Architectures such as screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewalls

• Issues involved in a variety of new Internet services and protocols through a firewall

• Email and News

• Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo)

• File transfer and sharing services such as NFS, Samba

• Remote access services such as Telnet, the BSD "r" commands, SSH, BackOrifice 2000

• Real-time conferencing services such as ICQ and talk

• Naming and directory services (e.g., DNS, NetBT, the Windows Browser)

• Authentication and auditing services (e.g., PAM, Kerberos, RADIUS);

• Administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics)

• Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP)

• Database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server)

Amazon.com® Reader Reviews (Ranked by Helpfulness)

Average Amazon.com® Rating:  Based on 38 Ratings

Okay for discussing general ideas, but not much real world - 2003-05-11
Reviewer Rating:
Okay for discussing general ideas, but not much real world use. There's not a lot to be had from this book. They cover too much and discuss too much generalized topics and never really touch on any real-world working, intelligent firewall fules and uses. Just too much generalized fluff. You'll get more from a 'man page' on iptables and be able to put it to use, at least, compared to this. It is interesting, but there's too much generalization and fluff and not much someone can *use* from it.

Classic book at creating your own Firewall! - 2006-02-25
Reviewer Rating:
O'Reilly's "Building Internet Firewalls-2nd Edition" by Zwicky is a classic book that fully describes how to build and integrate various types of firewalls into any type of networking infrastructure. The book is a beast (at over 800 pages) and covers the wide range of security concerns when implementing firewalls. Please note, this book does not cover firewalls that are platforms (so don't expect to learn how to admin a PIX or Juniper/NetScreen firewall), nor does it discuss firewalls such as CheckPoint. What this book does discuss (and in depth), is how to build your own firewall, from scratch using the O/S of your choice, and how to harden the host.

The book begins with a general introduction to TCP/IP and networking. Starting with Chapter 5 (about 100 pages into the book), the book really comes into it's own. The book's next few chapters focus on the different types of firewalls architectures (packet filters, proxy systems, bastion hosts (Unix, Linux and Windows)).

The third section of the book focuses on Internet services - RPC, TLS & SSL, WWW, FTP & TFTP, Sendmail, DNS, IRC, etc... All the major protocols are covered. I believe that this book discusses some of the fundamental TCP/IP protocols, from a security perspective, better than any other book on the market. For example, on page 352, is a detailed discussion on RPC and portmappers.

I have always enjoyed "Building Internet Firewalls" and still periodically reference it to help secure firewalls/hosts. This book should be placed various close to you on your IP Security bookshelf.

I give this book 5 pings out of 5:
!!!!!

The best firewall book around, but lacking re: policy design - 2005-07-01
Reviewer Rating:
_Building Internet Firewalls_ is a great reference if you are looking for physical configuration recommendations (how to connect stuff) or protocol packet filtering characteristics (lots of great detail there), but it does not describe firewall policy design or management in any detail (and I'm not aware of a firewall book that does). This could use a few more "real world" examples of filter policies (not just physical architecture), perhaps even a chapter dedicated to each of a home network, a small-to-medium-size business (with perhaps a more complicated and rigorous policy), and a large enterprise (with multiple firewalls and a complex policy).

Firewall Book Review - 2005-02-23
Reviewer Rating:
I think this is one of the best firewall books on the market. It is written in language that is easy to understand and has a lot of nice diagrams.

Important Intro and Reference - 2009-08-30
Reviewer Rating:
This book is probably the most important book published on the subject. It is a general look at how internet firewalls work from a conceptual point of view and their role in network security. This is not and is not intended to be a guide on how to use specific firewall products. It is an excellent overview to network perimeter security.

The book contains two basic elements: Conceptual understanding of firewalls and how to look at perimeter security generally on one hand, and detailed TCP protocol reference material on the other. I found (for the second edition) both sides were reasonably up to date, and that the industry hasn't moved far enough since 2000 to invalidate this material.

As I said, this is has very little product-specific information in it and it is not a substitute for product documentation (whether Cisco, Checkpoint, or Linux/Netfilter). However it is the best reference on the subject I have found, and it is the best introduction to network perimeter security I have seen. This topic also is universally applicable to IT fields and so should be considered to be a classic study of an important topic. For this reason, this book belongs on the bookshelf of every IT professional.

Browse Similar Topics

Top Level Categories:
Internet/Online
Networking
Security

Sub-Categories:
Internet/Online > Security
Networking > Firewall
Networking > Security
Security > Internet/Online