Network
Security Book Reviews
Biometrics,
Samir Nanavati/Michael Thieme/Raj Nanavati, 2002
Part one deals with the fundamentals
of biometrics. Chapter one presents a brief rationale for the use of the technology.
Biometric concepts are given in chapter two, but only the most basic. In chapter
three's look at accuracy there are standard metrics as well as a few unusual
ones (and some non-standard jargon).
Read More...
Implementing
Intrusion Detection Systems, Tim Crothers, 2003
The preface implies that this book is a professional reference for building and
maintaining intrusion detection systems (IDSs). I'd say it has a fair way to
go before it could make that claim.
Chapter
one is an overview of intrusion detection. The basic
concepts are all included, but it is often difficult
to understand the point that the author is making.
Read
More ...
802.11
Security, Bruce Potter/Bob Fleck, 2003
The preface states that this book is aimed at the network engineer, and the security
engineer, or the hobbyist, but it is not an introductory work. The reader will
need to know Linux to the kernel configuration level, and TCP/IP networking to
the ARP (Address Resolution Protocol) level.
Read More...
The Book of Wi-Fi, John Ross, 2003
Chapter one provides the usual explanation of 802.11 technologies, right down
to the typical non-description of direct sequence spread spectrum. Components
and devices, and some reasonable suggestions on evaluation and purchase, are
listed in chapter two. Generic planning and basic installation, mostly of access
points, is covered in chapter three.
Read
More...
Building Secure Wireless Networks with 802.11,
Jahanzeb Khan/Anis Khwaja, 2003
As
with any hot topic, there are lots of people willing
(eager!) to tell you about the security of wireless local
area networks, without first making sure that they really
know the subject.
Read More ...
Firewalls
and Internet Security, William R. Cheswick/Steven
M. Bellovin/Aviel D. Rubin, 2003
As
the first work to deal seriously and completely with
the topic, the first edition of "Firewalls and
Internet Security" was one of those classics that
get known only by the last names of the authors, so
as not to leave any possibility of confusion with books
whose titles may be similar.
Read More ...
Hack Attacks Testing, John Chirillo,
2003
The description
in the introduction seems to indicate that this text might be
similar to SATAN (Security Administrator's Tool for Analyzing
Networks), in that it explains how to build a set of utilities
in order to identify vulnerabilities. As such, there is the possibility
that the work is open to a charge of being more useful to attackers
than to defenders. Fortunately, the book does not provide a great
deal of information that could be used to break into systems.
Unfortunately, it doesn't help much with defence, either.
Read More ...
High Integrity Software, John Barnes, 2003
Once
upon a time, a group set out to build a language which
would allow you to write programs that could be formally
verified. Formal analysis and proof can be used to
determine that a program will work the way you want
it to, and not do something very weird (usually at
an inopportune time). First came the attempt to build
the Southampton Program Analysis Development Environment
(or SPADE) using a subset of the Pascal programming
language. When it was determined that Pascal wasn't
really suitable, research was directed to Ada, and
the SPADE Ada Kernel, or (with a little poetic licence)
SPARK, was the result.
Read More
...
Implementing Intrusion Detection Systems, Tim Crothers, 2003
The preface implies that this book is a professional reference
for building and maintaining intrusion detection systems (IDSs).
I'd say it has a fair way to go before it could make that claim.
Chapter
one is an overview of intrusion detection. The basic
concepts are all included, but it is often difficult
to understand the point that the author is making.
Read
More ...
Intrusion Detection, Edward G. Amoroso, 1999
This is not (very much not) to be confused with the
identically named, and almost equally recent, book
by Escamilla (cf. BKINTRDT.RVW). Where Escamilla's
is basically a large brochure for various commercial
systems, Amoroso has specifically chosen to avoid products,
concentrating on concepts, and not a few technical
details.
Read More ...
Intrusion Detection, Rebecca Gurley Bace, 2000
Bace's take on this topic (and title) provides a solid
and comprehensive background for anyone pursuing the
subject. Concentrating on a conceptual model the book
is occasionally weak in regard to practical implementation,
but more than makes up for this textual deficiency
with a strong sense of historical background, developmental
approaches, and references to specific implementations
that the practitioner may research separately.
Read
More ...
Intrusion
Detection with Snort, Rafeeq Ur Rehman, 2003
Chapter one is a very simple
introduction to intrusion detection and
Snort. Beginning with a brief look at topology, chapter
two runs
through an installation of Snort, but does not provide
much in the way
of explanation or recommendation at the various points.
Read More ...
Intrusion Signatures and Analysis, Stephen Northcutt
et al, 2001
Intrusion detection and network forensics are now vitally important
topics in the security arena. An explanation of how to identify
dangerous signatures, and extract evidence of an intrusion or
attack from network logs, is something that most network administrators
require. Unfortunately, while the idea is good, and badly needed,
the execution, in the case of the current work, is seriously
flawed.
Read More
...
Protected
Internet, Intranet, and Virtual Private Networks,
Alexander Moldovyan et al, 2003
Despite the slim size, it is still disconcerting to find that there are only
three chapters in this book. Chapter one provides an introduction to client/server
networking, while implying that the technology is *not* hierarchical. Basic networking
concepts are covered, but the writing has an academic pomposity without the requisite
rigour.
Read More ...
Securing the Network from Malicious Code,
Douglas Schweitzer, 2002
While there is some basic information about viruses
and trojans in this work, it isn't clear, good, particularly
helpful, or easy to extract from the surrounding verbiage. What
content is related to networks has very little to do with securing
or protecting them from malware.
Read More ...
Mastering Network Security,
Chris Brenton/Cameron Hunt, 2003
The introduction states that this book is aimed at systems administrators
who are not security experts, but have some responsibility for
ensuring the integrity of their systems. That would seem to cover
most sysadmins. However, whether the material in this work is
at a suitable level for most sysadmins is open to question. Now,
to be fair to the authors, it seems that this second edition
is a reissue, only marginally revised, of a book that was originally
published seven years ago.
Read More ...
Mobile VPN,
Alex Shneyderman/Alessio Casati, 2003
Part one presents wireless data fundamentals. Chapter one gives an introduction
to mobile virtual private networks (MVPN), and the emphasis on cellular technology
points out that the authors are familiar with the telecommunications, rather
than security, field of work. The material contains a weak suggestion that MVPNs
may be useful, lots of alphabet soup, and very little in the way of conceptual
background.
Read More...
.NET Security and Cryptography",
Peter Thorsteinson/G. Gnana Arun
Ganesh, 2004
For
an ancient linear/procedural dinosaur like myself,
it is
interesting to see the difference between the prehistoric
API
(Application Programming Interface) library documentation
and the
descriptions of the new object-oriented classes. Older
books were
full of icky things such as usage syntax and required
parameters.
While this work does contain some sample code, generally
with comments
that merely repeat what is obvious from the name of the
method, most
of the material simply consists of mentioning that the
methods and
classes exist. I can only wonder at the marvels of the
new age of
programming, where everything is so "intuitive" that
correct coding is automatic and inevitable.
Read More...
Network Security, Charlie Kaufman/Radia
Perlman/Mike Speciner, 2002
For communications security, this is the text. As well
as solid conceptual background of cryptography and authentication,
there is overview coverage of specific security implementations,
including Kerberos, PEM (Privacy Enhanced Mail), PGP (Pretty
Good Privacy), IPsec, SSL (Secure Sockets Layer), AES (Advanced
Encryption Standard), and a variety of proprietary systems. Where
many security texts use only UNIX examples, this one gives tips
on Lotus Notes, NetWare, and Windows NT.
Read More ...
Secure Coding
Recent events have demonstrated that we
are badly in need of guidance in the matter of
the construction of secure software (or the safe
fabrication of code). This book covers a topic
that is very necessary. Unfortunately, the work
is insufficient to the task.
Read More ...
Wireless Security End to End, Brian Carter/Russell Shumway,
2002
Part one is an introduction
to wireless network security. Chapter one is supposed to be an opening to wireless
networking, but is basically a list of common protocols. Wireless threat analysis,
in chapter two, is an unstructured list of miscellaneous threats. A facile overview
of blackhat communities, some intrusion tools, and a discussion of insider attacks
(without mention of any relevance to wireless networking) is in chapter three.
Read More ...
Wireless Security Essentials, Russell Dean Vines, 2002
The introduction asserts, as a statement on
the rapid pace of technological innovation, that wireless
security may have changed between the writing and the
publication of the book. It may be an interesting comment
on security that the book is still relevant and that
wireless security is unchanged in the two years since
the book's completion. It may also be a measure of the
good job that Vines did on his subject.
Read More ...
|
