Search in Book Reviews

As soon as the company network is connected to the Internet (even for something as simple as email) one has the problem of the security not only of confidential information but also public information, i.e. hackers altering the companies web pages (remember the occasion when the CIA's web page was modified to read'Welcome to the Central Stupidity Agency').

This massive text takes one in detail through planning, implementing and administering a secure Internet connection. Part one covers TCP/IP basics (address, network configuration/access files, TCP/IP daemons), understanding UUCP (the 'UNIX to UNIX CoPy' software which can transfer files from one system to another and execute programs on remote systems) and audit trails (e.g. for tracking security violations and attempted break-in). Part two then deals with securing the Internet gateway discussing spoofing (one machine masquerading as another),

sniffing(picking up data as it travels through the network), firewalls (the TIS Firewall is used as an example),SATAN(a program which can automate attacks allowing administrators to test their security) andKerberos(a network authentication system). Part three looks at message security, i.e. once an apparently valid message is past the firewall how to ensure that it will not compromise security. For example, Java and GCI security are discussed followed by a detailed examina-tion of viruses. The CD contains a number of utilities.

An easy to read, well structured book that would be very useful for professional network administrators. In summary it explains the techniques used by intruders to bypass security measures, how a network administrator sets up firewalls and encrypts data to prevent this and then, how to test the resultant system. Too specialised (and expensive) to be a set student text but very good background reading.