Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "NT 4 Network Security", Matthew Strebe/Charles Perkins/

Expand Messages
  • Rob Slade, doting grandpa of Ryan and Tr
    BKNT4NSC.RVW 20000609 NT 4 Network Security , Matthew Strebe/Charles Perkins/Michael G. Moncur, 1999, 0-7821-2425-9, U$49.99 %A Matthew Strebe
    Message 1 of 1 , Aug 14 10:14 AM
      BKNT4NSC.RVW 20000609

      "NT 4 Network Security", Matthew Strebe/Charles Perkins/Michael G.
      Moncur, 1999, 0-7821-2425-9, U$49.99
      %A Matthew Strebe ntsecurity@...
      %A Charles Perkins ntsecurity@...
      %A Michael G. Moncur mgm@...
      %C 1151 Marina Village Parkway, Alameda, CA 94501
      %D 1999
      %G 0-7821-2425-9
      %I Sybex Computer Books
      %O U$49.99 800-227-2346 Fax: 510-523-2373 info@...
      %P 940 p. + CD-ROM
      %T "NT 4 Network Security, Second Edition"

      While dauntingly thick, this is a generally readable, and fairly
      comprehensive, introduction to security in general, and particularly
      to Windows NT in a networked environment. On the other hand, it
      sometimes has less material than you would expect.

      Chapter one presents a general overview of security, touching lightly
      on a range of topics and indicating areas the book is going to cover.
      It is interesting to note that one subject seems to be left out: data
      and business recovery is only mentioned tangentially. For example,
      the NTFS disk format is noted to fully support security, but the
      possible problems in recovering when the disk goes bad are not
      mentioned. Human security, in chapter two, covers a wide range of
      social factors, including an extensive discussion of password choice,
      and the importance of treating your employees fairly and well. The
      explanation of encryption, in chapter three, deals with a number of
      important aspects, but is poorly structured. It also brings in a
      number of unrealistic factors, such as the use of quantum computers,
      and neglects some fairly important current developments. A general
      plan for administering security is proposed in chapter four.

      Chapter five presents the Windows NT security model, and, while it
      does a better job than many other such works, it does not really
      provide a clear working picture. User account functions, with another
      look at passwords, is reviewed in chapter six. System policy is
      introduced in chapter seven, but the overall operation and effect is
      not explained well, and the material almost immediately degenerates
      into a terse listing of policy options. Although chapter eight
      purports to examine file systems, most of it deals with setting
      security permissions with NTFS.

      Chapter nine starts to look at networking issues with workgroups and
      shares. Unfortunately, while the mechanics of sharing operations are
      clear enough, the concepts are not. Domains and trust relationships
      are introduced, but not very functionally, in chapter ten.

      Fault tolerance, in chapter eleven, gives some basic information on
      various types of disk redundance, and a few tips on backup.

      Chapter twelve talks about virus protection. I am used to security
      texts that have numerous mistakes in this area, but I was astonished
      to see, at the beginning of this section, mention of a "CMOS virus"
      (no such thing) that infects the CMOS BIOS code. A computer's "CMOS"
      is the term used to refer to the small chip containing battery
      supported memory, holding a small table of information. This
      information is used by the BIOS programming, which programming is
      generally stored in read-only memory. (The next page actually
      mentions this.) CMOS memory is generally too small to hold any
      effective virus. In addition, it is only called as data, and no
      program that you did manage to store in the CMOS area would ever run.
      In any case, the text goes on to say that these viruses can obtain
      complete control over a computer, and cannot be removed by most
      antiviral software. (I suppose the statement about removal is true
      enough: since they don't exist, who would bother to write removal
      programs?) There is also an erroneous account of the Brain virus, a
      two page exegesis on Java that finally admits Java can't be used to
      create viral applets, a statement that NT is "immune" to file viruses
      (it's not), a list of antiviral types that only mentions different
      types of scanners (never mentioning activity monitors or change
      detection software), and a section on trojan software.

      Remote access actually starts with a brief mention, at the end of
      chapter twelve, of the dangers of pcAnywhere. (Both here and in the
      following, there are stories of scanning local networks from home ISP
      service. The authors do not mention that this operation is restricted
      to those with cable modems.) Chapter thirteen starts off with some
      opining on phone phreaking, but then does move on to some reasonable
      information on securing dial-in situations. The material on multi-
      vendor networks, in chapter fourteen, does little more than assert
      that other operating systems have security holes, too, you know!
      Chapter fifteen is an introduction to the Internet, but, because of a
      rather loose structure, does not present security concepts in a
      coherent manner. Similarly, the overview of TCP/IP, in chapter
      sixteen, lists a number of potential problems with the protocols but
      not much instruction on what to do about them.

      Chapter seventeen describes a rather random bag of advice on security
      aspects on client (non-server, or, in other words, user) machines.
      Then we move back into network territory with a blend of firewall and
      virtual private network (VPN) technology in chapter eighteen. Chapter
      nineteen tells us about VPNs, with a few mentions of firewalls.
      Microsoft BackOffice is reviewed in chapter twenty, but without much
      specific information about security.

      Chapter twenty one lists a variety of user (application) level
      security loopholes. A number of attacks available at the network
      level are listed in chapter twenty two. "The Secure Server," in
      chapter twenty three, looks primarily at physical security and
      concerns (and finally admits that NTFS can be bypassed after all).
      Chapter twenty four looks at physical matters again, mostly in the
      TEMPEST realm (and with a little misinformation about fibre optics and
      fish tanks).

      The authors have tried to lighten up a rather heavy topic by including
      humour in the text. While the remarks don't really get in the way of
      the content, they don't really support it, either. There is also an
      attempt to keep readers from getting lost in the jargon by providing
      "terminology" boxes throughout the book. This is helpful, but is not
      used as consistently as it could be. Acronyms, in particular,
      frequently start to appear in the text without ever having been
      specifically defined.

      This work has better conceptual coverage than "Microsoft Windows NT
      4.0 Security, Audit, and Control" by James G. Jumes et al, (cf.
      BKWNTSAC.RVW), and is about equal to "Windows NT Server 4 Security
      Handbook" by Hadfield, Hatter, and Bixler (cf. BKNT4SHB.RVW). There
      is better structure and more willingness to discuss flaws than is
      apparent in the "Windows NT Security Guide" by Stephen A. Sutton (cf.
      BKWNTSCG.RVW). It has perhaps the same level of quality, and is
      certainly larger than "Windows NT Security" by Charles B. Rutstein
      (cf. BKWNTSEC.RVW), but there is not as much depth in places. "PCWeek
      Microsoft Windows NT Security," by Lambert and Patel (cf.
      BKPWNTSG.RVW), has better material in significantly less space. In
      terms of Internet material, it is about the same as "Internet Security
      with Windows NT," by Mark Joseph Edwards (cf. BKINSCNT.RVW), although
      it could hardly be worse. In general it is a good, useful guide, but
      there are still a number of holes to patch.

      copyright Robert M. Slade, 2000 BKNT4NSC.RVW 20000609

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... rslade@... slade@... p1@...
      All you need in this life is ignorance and confidence, and then
      success is sure. - Mark Twain
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.