Loading ...
Sorry, an error occurred while loading the content.

[techbooks] REVIEW: "Internet Security with Windows NT", Mark Joseph Edwards

Expand Messages
  • Rob Slade, doting grandpa of Ryan and Tr
    BKINSCNT.RVW 990625 Internet Security with Windows NT , Mark Joseph Edwards, 1998, 1-882419-62-6, U$49.95 %A Mark Joseph Edwards mark@ntshop.net
    Message 1 of 1 , Jul 28, 1999
      BKINSCNT.RVW 990625

      "Internet Security with Windows NT", Mark Joseph Edwards, 1998,
      1-882419-62-6, U$49.95
      %A Mark Joseph Edwards mark@... mark@...
      %C 221 E. 29th St., Loveland, CO 80538
      %D 1998
      %G 1-882419-62-6
      %I Duke Communications/29th Street Press
      %O U$49.95 800-621-1544 970-663-4700 fax: 970-667-2321
      %O www.29thstreetpress.com ccarmel@...
      %P 515 + CD-ROM
      %T "Internet Security with Windows NT"

      The introduction states that the book is intended for those with
      little or no NT security knowledge, but I suspect that making this the
      sole resource for a new system manager would be a dangerous thing,
      since it provides the proverbial "little knowledge."

      Chapter one gives the user or administrator too much and, at the same
      time, not enough background on TCP/IP. There is a lot of trivia that
      does not relate to security, while there is no discussion of, for
      example, dynamic re-routing, which would be important in future
      examinations of IP spoofing. The grab bag of mostly intrusion related
      information in chapter two is not terribly helpful in preparing a
      defence. It is not clear to me why this part is entitled "TCP/IP

      Part two outlines the basics of the Microsoft Windows security model.
      There is little presentation of a conceptual understanding or
      framework of the foundation chapter three, which instead lists a
      number of terms and programs. The "how to" of simple security
      operations is more comprehensible in chapter four.

      Part three talks about principles of network security. Chapter five
      does not deal with multiprotocol networks, but again lists an
      assortment of security concerns. A number of security threats are
      described in chapter six, but not in an organized fashion. (The virus
      information, obtained from the Semantec [sic] Anti-virus Research
      Center, is basically useless.) A number of aspects that should be
      addressed in a security policy are listed in chapter seven. Chapter
      eight discusses a number of client programs for NT, but without much
      security relevance. A number of attacks are tersely described in
      chapter nine.

      Part four looks at firewalls. Chapter ten does a reasonable job of
      explaining the different types of firewalls, although it also includes
      some unrelated material. Some considerations for evaluation are given
      in chapter eleven.

      Part five outlines the Microsoft Proxy Server. Chapter twelve runs
      through dialogue boxes in the Internet Information Server. The proxy
      server itself is described in chapter thirteen. Design issues are
      discussed in chapter fourteen. Implementation is talked about in
      chapter fifteen, although there are a number of areas not completely
      covered. Some client considerations are mentioned in chapter sixteen.
      Seventeen looks at troubleshooting and maintenance.

      The book can provide some useful material, although most of the
      utility comes from the appendices, listing quick suggestions and
      resource contacts, rather than the text itself. Much of the content
      is unfocussed and almost disorganized. Some topics included are not
      immediately relevant to security work, while other areas stop short of
      actually helping the user or administrator.

      copyright Robert M. Slade, 1999 BKINSCNT.RVW 990625

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... rslade@... slade@... p1@...
      Freebie Mags: http://sun.soci.niu.edu/~rslade/magazine.htm
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.