BKPRCFRW.RVW 20000823 "Practical Firewalls", Terry William Ogletree, 2000, 0-7897-2416-2, U$34.99/C$52.95/UK#25.50 %A Terry William Ogletree ogletree@bellsouth.net two@twoinc.com %C 201 W. 103rd Street, Indianapolis, IN 46290 %D 2000 %G 0-7897-2416-2 %I Macmillan Computer Publishing (MCP) %O U$34.99/C$52.95/UK#25.50 800-858-7674 www.mcp.com info@mcp.com %P 491 p. %T "Practical Firewalls" Unfortunately, not much of this book is really practical. And a lot of it is not about firewalls, either. Part one presents the fundamentals of understanding firewalls and security. Chapter one looks at firewall basics, mentioning many topics but doing a poor job of explanation. Since the material is very generic there is almost no detail. The TCP/IP content, in chapter two, is also quite vague, with lots of irrelevant details like DNS (Domain Name Service) record fieldnames, but little related to security, and that of low quality. Security and the Internet gives a general listing of threats, most not related to firewalls, in chapter three. Chapter four has some good discussion of some aspects of policy and design, but it is limited. There are rough outlines of firewalls structures, but the material on pros and cons is poor. (As the book progresses there are increasing amounts of repetitious text, as this chapter amply demonstrates.) The review of packet filtering, in chapter five, has some good points, but too much of the text relies on "one size fits all" pronouncements. Again, there is a lot of irrelevant detail on TCP/IP headers and not much on, say, filtering rules. Because a bastion host is very highly secured itself, chapter six is merely general security material, touching on too many operating systems for good coverage. Some good points but limited scope makes the proxy server topic weak in chapter seven. Chapter eight does slightly better on auditing, by limiting itself to UNIX and Windows NT. Part two looks at encryption, the relationship of which to firewalls is problematic. Chapter nine does not really cover encryption technology, being simply a set of definitions of basic terms. Since a Virtual Private Network (VPN) is defined, in chapter ten, in terms of tunneling, the material is necessarily restricted to that subsection of the field. Chapter eleven does not really tell the reader how to use PGP (the Pretty Good Privacy encryption program) but only deals with some aspects of installation. Part three touches on installation and configuration of a number of products. Chapter twelve lists a number of firewall related tools, for UNIX, that are available on the Internet. "Lists" is definitely the operative word: so little information is given about the programs that chapters thirteen through sixteen cover basic installation and components of TCP Wrappers, TIS (Trusted Information Systems) Firewall Toolkit, SOCKS, and SQUID. ipfwadm and ipchains (for Linux) are described in chapter seventeen. Turning to Windows NT, chapter eighteen recounts the installation of Microsoft Proxy Server and nineteen does the same with the Elron CommandView firewall. Firewall appliances, or standalone units are promoted in chapter twenty. Chapter twenty one closes off with the same kind of vague generalities given in part one. The most valuable part of this book is part three: even though the material is very limited, it is, at least, of some practical use. Most of the other content is of questionable accuracy or completeness, and therefore restricted in practicality. As noted, large sections of the text aren't even about firewalls. This book definitely does not compare with the classics like Cheswick and Bellovin's "Firewalls and Internet Security" (cf. BKFRINSC.RVW) or Chapman and Zwicky's "Building Internet Firewalls" (cf. BKBUINFI.RVW): a few suggestions about installation of specific programs does not make up for a lack of explanation of fundamental concepts, attacks, and defensive strategies. copyright Robert M. Slade, 2000 BKPRCFRW.RVW 20000823