Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Network Security First-Step", Tom Thomas

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKNTSCFS.RVW 20051106 Network Security First-Step , Tom Thomas, 2004, 1-58720-099-6, U$29.95/C$42.95 %A Tom Thomas %C 800 East 96th Street,
    Message 1 of 1 , Jan 25, 2006
    • 0 Attachment
      BKNTSCFS.RVW 20051106

      "Network Security First-Step", Tom Thomas, 2004, 1-58720-099-6,
      U$29.95/C$42.95
      %A Tom Thomas
      %C 800 East 96th Street, Indianapolis, IN 46240
      %D 2004
      %G 1-58720-099-6
      %I Cisco Press
      %O U$29.95/C$42.95 feedback@... 800-382-3419
      %O http://www.amazon.com/exec/obidos/ASIN/1587200996/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/1587200996/robsladesinte-21
      %O http://www.amazon.ca/exec/obidos/ASIN/1587200996/robsladesin03-20
      %O Audience n- Tech 1 Writing 1 (see revfaq.htm for explanation)
      %P 456 p.
      %T "Network Security First-Step"

      The introduction defines the audience for this book very broadly: so
      broadly that it appears to try to be all things to all people, and
      simply, too! (Wireless security seems to be a major consideration.)
      The preface does specifically mention students and security
      professionals.

      Chapter one is the usual "selling" section of the book: in this case
      promoting the idea that "hackers" are out there and trying to getcha.
      The material is only loosely organized, and seemingly more intent on
      proving that the author knows a bunch of "inside" information than on
      usefully informing the reader. (Thomas also tends to make thinly
      veiled attacks on Microsoft: many security experts are unhappy with
      some of Microsoft's decisions in regard to security, but snide
      references to "the richest man in the world" are unlikely to assist
      users in securing their systems.) A couple of references for further
      study are mentioned: these are works that are more popular than
      accurate. Review questions are provided at the end: these are the
      all-too-standard simplistic reading checks. (Some of the answers
      provided don't actually answer the questions at all.) The review of
      security policies, in chapter two, is reasonable, but generic and
      terse. The bulk of the content comes in a sample set of functional
      security policies which touch on a few important topics, but will
      probably be of very limited use to most readers. Supposedly an
      overview of security technologies, most of chapter three concentrates
      on defining different types of firewalls (and doesn't do a very good
      job with stateful inspection), with (for some odd reason) brief
      mentions of public key infrastructure and two centralized
      authentication systems. Chapter four lists a couple of cryptographic,
      a couple of tunneling, and the secure shell protocols. An
      introduction to the concept of firewalls, in chapter five, seems odd
      following the more detailed catalogue previously. In contradiction to
      the introduction's position, much of this content is complicated (not
      assisted by a lack of structure in the writing), and also becomes more
      specific to Cisco products, including pages of PIX configuration
      tables. Routers would relate to packet filtering, one would think,
      but chapter six also contains content inspection and intrusion
      detection topics. (The material becomes even more focussed on Cisco,
      reprinting a twelve page secure IOS template.) Chapter seven, on
      virtual private networks, fails to stress the difference between
      tunnelling and encryption, does a very poor job of explaining IPSec
      (also seems to confuse the discrete log problem used by the Diffie-
      Hellman algorithm with the prime factoring used by RSA), and spends a
      large section at the end listing commands for configuring IPSec on
      Cisco products. The ordinary wireless security topics are in chapter
      eight. Chapter nine looks primarily at intrusion detection, and a
      little bit at honeypots. A list of attacks, more specific than those
      in chapter one, and some vulnerability scanning tools, are outlined in
      chapter ten.

      In relation to the attempt to make the material simple, the author
      seems to assume that understanding equates with entertainment, and
      tries to provide humour. The attempts at witticisms are irrelevant
      and distracting. The student will find this text too facile, and of
      questionable accuracy in a number of places. The professional will
      find the work too disorganized to act as any kind of reference, and
      the content lacking in both analytical and implementation
      considerations.

      copyright Robert M. Slade, 2005 BKNTSCFS.RVW 20051106


      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      Partial/recent: http://www.eGroups.com/list/techbooks/
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.