BKNTSCJS.RVW 20030604 "Network Security Jumpstart", Matthew Strebe, 2002, 0-7821-4120-X, U$24.99/C$39.95/UK#18.99 %A Matthew Strebe mbs+jumpstart@connectic.net %C 1151 Marina Village Parkway, Alameda, CA 94501 %D 2002 %G 0-7821-4120-X %I Sybex Computer Books %O U$24.99/C$39.95/UK#18.99 800-227-2346 info@sybex.com %O http://www.amazon.com/exec/obidos/ASIN/078214120X/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/078214120X/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/078214120X/robsladesin03-20 %P 365 p. %T "Network Security Jumpstart" The introduction states that this book is suitable for anyone from the home user to the network administrator to the CEO. Which is a pretty tall order. Chapter one has a decent overview of why computers aren't secure, a scant computer security history, a few security concepts, and a fairly trivial set of "review" questions. There is a media level exposition on "hackers," in chapter two, a rough outline of intrusion procedures, and a list of specific attacks that I'm not sure the author fully understands. (Immediately following "Denial of Service" comes a separate entry for "Floods": flooding being a type of denial of service.) There is a terse introduction to cryptography, and not much more than chapter one gave us about authentication, in chapter three. The suggestions for policy creation, in chapter four, aren't bad for simple cases, but seriously understate the difficulty of establishing a full policy, even for home users. Chapter five describes firewalls (and seven tells a little bit more about using them at home). Chapter six makes the common mistake of assuming that all VPNs (Virtual Private Networks) are about confidentiality: some are merely about managing communications configurations. There is some correct and useful information about viruses in chapter eight, but it is unfortunately mixed in with a lot of garbage. Windows NT and its subsequent versions are *not* immune to viruses, although a rigorous set of file permissions can reduce your risk of file infectors (which are no longer a major category anyway). Signature scanners are *not* the only type of antiviral software. Viruses were *not* invented by accident, BRAIN *never* had an onscreen display and didn't infect program files, and neither Stoned nor Jerusalem (Friday the 13th is one variant) were based on BRAIN. Neither Stoned nor BRAIN relied on program sharing to propagate: data disks were quite sufficient. Viruses that only replicate are *not* benign (anybody ever have problems with Stoned? Melissa? Loveletter?), *will* be discovered, and scanning signatures *are* created. Fault tolerance, in chapter nine, is not quite business continuity planning (BCP), but does go beyond the usual UPS (Uninterruptable Power Supply) and backup recommendations. Although chapter ten lists a number of security mechanisms in Windows, a practical understanding of their use is not presented. The UNIX tools in eleven are described more usefully--but they only relate to file permissions. The network security tools for UNIX are in twelve--but are only enumerated. Chapter thirteen has good suggestions for Web server security--but doesn't say how to implement them. A random collection of email security tools and threats makes up chapter fourteen. IDS (Intrusion Detection System) concepts are not explained very well in chapter fifteen: Strebe apparently doesn't understand that all forms use audit data of one type or another, and doesn't list the major distinctions between either the engine type or sensor location. Even given all the faults, one has to admit that Strebe has not done a bad job with his ambitious intent. Certainly home users and CEOs can find better explanations here than in many of the other works aimed at them, however much I might wish that the book as a whole was more accurate. And, yes, even the network administrators might find some helpful points in the more conceptual material at the beginning of the book: most of them could do with a better understanding of the need for policy. This work isn't great, by any means, but it can fulfill a need for a quick guide to network threats, for a variety of audiences. copyright Robert M. Slade, 2004 BKNTSCJS.RVW 20030604