Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Network Security Jumpstart", Matthew Strebe

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKNTSCJS.RVW 20030604 Network Security Jumpstart , Matthew Strebe, 2002, 0-7821-4120-X, U$24.99/C$39.95/UK#18.99 %A Matthew Strebe
    Message 1 of 1 , Jul 6, 2004
      BKNTSCJS.RVW 20030604

      "Network Security Jumpstart", Matthew Strebe, 2002, 0-7821-4120-X,
      %A Matthew Strebe mbs+jumpstart@...
      %C 1151 Marina Village Parkway, Alameda, CA 94501
      %D 2002
      %G 0-7821-4120-X
      %I Sybex Computer Books
      %O U$24.99/C$39.95/UK#18.99 800-227-2346 info@...
      %O http://www.amazon.com/exec/obidos/ASIN/078214120X/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/078214120X/robsladesin03-20
      %P 365 p.
      %T "Network Security Jumpstart"

      The introduction states that this book is suitable for anyone from the
      home user to the network administrator to the CEO. Which is a pretty
      tall order.

      Chapter one has a decent overview of why computers aren't secure, a
      scant computer security history, a few security concepts, and a fairly
      trivial set of "review" questions. There is a media level exposition
      on "hackers," in chapter two, a rough outline of intrusion procedures,
      and a list of specific attacks that I'm not sure the author fully
      understands. (Immediately following "Denial of Service" comes a
      separate entry for "Floods": flooding being a type of denial of
      service.) There is a terse introduction to cryptography, and not much
      more than chapter one gave us about authentication, in chapter three.
      The suggestions for policy creation, in chapter four, aren't bad for
      simple cases, but seriously understate the difficulty of establishing
      a full policy, even for home users. Chapter five describes firewalls
      (and seven tells a little bit more about using them at home). Chapter
      six makes the common mistake of assuming that all VPNs (Virtual
      Private Networks) are about confidentiality: some are merely about
      managing communications configurations.

      There is some correct and useful information about viruses in chapter
      eight, but it is unfortunately mixed in with a lot of garbage.
      Windows NT and its subsequent versions are *not* immune to viruses,
      although a rigorous set of file permissions can reduce your risk of
      file infectors (which are no longer a major category anyway).
      Signature scanners are *not* the only type of antiviral software.
      Viruses were *not* invented by accident, BRAIN *never* had an onscreen
      display and didn't infect program files, and neither Stoned nor
      Jerusalem (Friday the 13th is one variant) were based on BRAIN.
      Neither Stoned nor BRAIN relied on program sharing to propagate: data
      disks were quite sufficient. Viruses that only replicate are *not*
      benign (anybody ever have problems with Stoned? Melissa?
      Loveletter?), *will* be discovered, and scanning signatures *are*

      Fault tolerance, in chapter nine, is not quite business continuity
      planning (BCP), but does go beyond the usual UPS (Uninterruptable
      Power Supply) and backup recommendations. Although chapter ten lists
      a number of security mechanisms in Windows, a practical understanding
      of their use is not presented. The UNIX tools in eleven are described
      more usefully--but they only relate to file permissions. The network
      security tools for UNIX are in twelve--but are only enumerated.
      Chapter thirteen has good suggestions for Web server security--but
      doesn't say how to implement them. A random collection of email
      security tools and threats makes up chapter fourteen. IDS (Intrusion
      Detection System) concepts are not explained very well in chapter
      fifteen: Strebe apparently doesn't understand that all forms use audit
      data of one type or another, and doesn't list the major distinctions
      between either the engine type or sensor location.

      Even given all the faults, one has to admit that Strebe has not done a
      bad job with his ambitious intent. Certainly home users and CEOs can
      find better explanations here than in many of the other works aimed at
      them, however much I might wish that the book as a whole was more
      accurate. And, yes, even the network administrators might find some
      helpful points in the more conceptual material at the beginning of the
      book: most of them could do with a better understanding of the need
      for policy. This work isn't great, by any means, but it can fulfill a
      need for a quick guide to network threats, for a variety of audiences.

      copyright Robert M. Slade, 2004 BKNTSCJS.RVW 20030604

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      This message is in beta test, but should ship any day now.
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.