BKINSCNT.RVW 990625 "Internet Security with Windows NT", Mark Joseph Edwards, 1998, 1-882419-62-6, U$49.95 %A Mark Joseph Edwards mark@ntshop.net mark@ntsecurity.net %C 221 E. 29th St., Loveland, CO 80538 %D 1998 %G 1-882419-62-6 %I Duke Communications/29th Street Press %O U$49.95 800-621-1544 970-663-4700 fax: 970-667-2321 %O www.29thstreetpress.com ccarmel@29thstreetpress.com %P 515 + CD-ROM %T "Internet Security with Windows NT" The introduction states that the book is intended for those with little or no NT security knowledge, but I suspect that making this the sole resource for a new system manager would be a dangerous thing, since it provides the proverbial "little knowledge." Chapter one gives the user or administrator too much and, at the same time, not enough background on TCP/IP. There is a lot of trivia that does not relate to security, while there is no discussion of, for example, dynamic re-routing, which would be important in future examinations of IP spoofing. The grab bag of mostly intrusion related information in chapter two is not terribly helpful in preparing a defence. It is not clear to me why this part is entitled "TCP/IP Essentials." Part two outlines the basics of the Microsoft Windows security model. There is little presentation of a conceptual understanding or framework of the foundation chapter three, which instead lists a number of terms and programs. The "how to" of simple security operations is more comprehensible in chapter four. Part three talks about principles of network security. Chapter five does not deal with multiprotocol networks, but again lists an assortment of security concerns. A number of security threats are described in chapter six, but not in an organized fashion. (The virus information, obtained from the Semantec [sic] Anti-virus Research Center, is basically useless.) A number of aspects that should be addressed in a security policy are listed in chapter seven. Chapter eight discusses a number of client programs for NT, but without much security relevance. A number of attacks are tersely described in chapter nine. Part four looks at firewalls. Chapter ten does a reasonable job of explaining the different types of firewalls, although it also includes some unrelated material. Some considerations for evaluation are given in chapter eleven. Part five outlines the Microsoft Proxy Server. Chapter twelve runs through dialogue boxes in the Internet Information Server. The proxy server itself is described in chapter thirteen. Design issues are discussed in chapter fourteen. Implementation is talked about in chapter fifteen, although there are a number of areas not completely covered. Some client considerations are mentioned in chapter sixteen. Seventeen looks at troubleshooting and maintenance. The book can provide some useful material, although most of the utility comes from the appendices, listing quick suggestions and resource contacts, rather than the text itself. Much of the content is unfocussed and almost disorganized. Some topics included are not immediately relevant to security work, while other areas stop short of actually helping the user or administrator. copyright Robert M. Slade, 1999 BKINSCNT.RVW 990625