Firewalls and Internet Security, Second Edition

dbc15 writes "A timely and much needed update to the first edition, Fwais 2.0 is an excellent overview of the current landscape and psychology involving intranet, vpn and Internet host security while correctly addressing the positives and negatives of firewall / internet security and the techniques used by hackers." Firewalls and Internet Security, Second Edition. author Cheswick-Bellovin-Rubin, 2003 pages 433 publisher Addison-Wesley rating AA++ reviewer D Bruce Curtis, Ceo, American Interconnect ISBN 020163466X summary Incorporating an Internet firewall from start to finish.

The authors start with hacking and security needs analysis, progress thru strategies and techniques, and end with useful security formulas, hypotheses and real life examples. They draw upon their own experiences and observations about network security and host protection to give the reader a well-rounded view of the concepts of security as they apply today. The book is well written with simple examples and antecedents. They have taken great care to explain how hackers work and their methodology. The best thing about the book is that it does not go into great detail about unnecessary finite security specifics and shows what works best while adding value by allowing the reader the opportunity to think for themselves and address their own needs. They maintain the premise that: " Simple security is better than complex security: it is easier to understand, verify, and maintain."(Page 81) while covering the types of attacks not only by method, but also by class, ranging from the kiddie script up to the sophisticated tunneling and VPN methods.

FWAIS 2.0 is a comprehensive guide to the most common security problems while not wasting time on the insignificant. It includes a good set of general rules and the tool sets necessary to secure a network at any level. FAWAIS 2.0 covers current protocols and allows simple guidelines for flexibility in determining your own network needs. It describes the weaknesses in both hardware and software while addressing their relational aspects in easy to understand terms. Written with Freebsd in mind many of the techniques in this edition adapt well to other sources such as Linux, Os/X, Unix, NetBsd, and Solaris.

The entire premise of the book revolves around the concept that old style layered security is not as good as it may appear. And that internet security and firewalls are a holistic endeavor of system integration and design. The authors have taken care to show just how difficult it can be to keep up with large network topology and lend truth to the fact that there is no such thing as absolute security.

The concepts found in this book cover subjects such as :

• What firewalls can and cannot do, capabilities and weaknesses.
• What filtering services work best.
• What services and practices are overkill.
• Why firewalls are necessary, the risks to servers and the servers relationship to proper firewall installation.
• What the steps to hacking are and the methodology used to break into a host.
• The why, what and where of limiting services and the tools to secure the appropriate functions.
• Types of firewalls and best practices for implementing security while building and designing firewalls.
• Why building your own firewalls may be your best solution.
• Applying past experiences to your firewall design.
• Intrusion detection systems and their role as a network tool in firewall construction.
• Honey pot examples showing how the techniques have been used to thwart and frustrate potential adversaries.

This is not a how to book written with step-by-step specific fill-in-the-blanks, connect-the-dots, detailed mechanical guidelines; it addresses the real needs of the administrator in relation to actual daily situations. As they state on page 213 "-we don't think the hard part of firewall administration is data entry, it is knowing what the appropriate policies are."

The second edition is well documented and includes plenty of good link references, appendices and bibliography resources to help any professional keep current with the ever-changing environment of network defense.

Any organization evaluating current security needs should find the second edition helpful for determining their security goals and a comprehensive guide to help design, implement and deploy firewalls. The second edition is a definite must for any security library, certification-training program or public/private classroom situation.

I recommend Firewalls and Internet Security as the best starting point for anyone who might be considering any changes in company security structure or earning their security certifications.

You can purchase the Firewalls and Internet Security, Second Edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

FP

Faggot Piss

Re:FP

one time there was this firewall and i looked at it and it was kinda old but you could see where the fire smoked up the windows and the doors and it was pretty cool because there was no way anyone could have put out the fire even though the firewall was well built it had these windows and doors that were put in by the owner and it was bad because firewalls aren't supposed to have doors and windows but he put them in anyway and it just proves that there shouldn't be any because the building next door burned down too even though it had no doors or windows because the two firewalls are supposed to work together i guess and since one was basically illegal and the other was fine it didn't matter but it's interesting because the building next to the second building didn't burn down because the firewalls were both intacted so it just goes to show you that the department of building and safety really know what the hell they're talking about and people who don't build to code are all idiots. my head hurts.

YOU SO FUCKING FAIL IT!!!

Firewalls will slowly stop working...

Think about it. 10 years ago, nobody had very powerful firewalls. Now, almost all the ports are blocked with things that are so overly powerful like Windows's XP firewall. Eventually, we will be so scared of hackers that we will even close port 80 with new Norton Brutalwall. Honestly, I don't see why anyone would not have sex with Archie Bunker. I mean, come on. His dick is so supple it that I just can't help but fuck it with my cold, sweaty palms. It makes me feel like I'm working for the Vatican again! When it gets right down to it, props to all the slashdot trolls you're my homies my nizzles. Archie Bunker troll ownz you penisbird fewls! I mean come on, firewalls are too much nowadays. We should enforce stricter laws and create new hardware that fights hackers, instead of closing out all our damn ports. Palladium comes to mind.

GAY NIGGER ASSOCIATION OF AMERICA, 2ND EDITION

GNAA (GAY NIGGER ASSOCIATION OF AMERICA) Is Actively Seeking New Members.

Be a proud member of America's first GAY NIGGER ASSOCIATION.
For more information, make sure to stop by our official IRC channel,
#GNAA of EFNET.
If you are having trouble finding efnet servers, try connecting to irc.secsup.org or irc.isprime.com

No, you GNAA fool.

It was renamed to Gay Niggers United (GNU).

GO to #gnu on irc.freenode.net for all our gclansmen.

Re:What is the best free FireWall software ? zone

The best firewall software would probably be if I set your fat, greasy mom on fire in a gasoline-filled trench, you stupid nigger!

Re:question about book

Nice troll. How about a RMStroll that corrects everyone that says Linux with "No it is GNU/Linux!!!"