Get APLawrence.com by RSSLinux Firewalls
2007/10/31
- 9781593271411
- Prentice Hall
- 9780132198576
Order (or just read more about) Linux Firewalls from
Amazon.com
Although the introduction says "This book assumes some familiarity with TCP/IP networking concepts", it actually requires a pretty fair familiarity. Do not make the mistake of assuming that this is some cookie cutter approach that's going to teach you a bit about iptables and give you some scripts you can slap into place and forget. There are books that do that, but this isn't one.
The subtitle is "Attack Detection and Response with iptables, psad and fwsnort. Michael Rash is the author of psad, fwknop, and fwsnort among other things, so you can trust he knows what he's talking about here.
This is much more about learning how attackers try to get in and developing the countermeasures to keep them out. As everyone keeps reminding you, security is a journey, not a destination: you never get to "secure", you just work at it incessantly.
As such, this is a good book - I'm not sure it's a "great book" as the foreword proclaims, but then I'm probably too stingy with my superlatives. It's also possible that I'm simply not well versed enough in this area to appreciate greatness when it falls into my grubby little hands.
Nevertheless, I enjoyed this, and if you do know enough about networking to do a bit more than set your box to "Obtain an IP address automatically", you might enjoy it also. Michael Rash is the developer of the Dragon IDS and you'll find his website at http://www.cipherdyne.org/.
Video at http://www.youtube.com/watch?v=aDdq0u5xIME
Technorati tags: Book+Review
Enter your email address for automatic notification of new posts here
(be sure to whitelist 'feedburner.com' if you use spam filtering)
| Views for this page | ||||
|---|---|---|---|---|
| Today | This Week | This Month | This Year | Overall |
| 7 | 25 | 144 | 1,345 | 2,608 |
Have you tried Searching this site?
Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates
This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.
Your ad here - $24.00 yearly!
http://www.loch-raven.com/ Over 18 years of experience Unix and Linux servers. Linux and Unix consulting, system administration, remote administration, custom scripting, web desing and hosting.
http://bcstechnology.net Full service Linux & UNIX systems integrator; Windows to UNIX/Linux Client-Server Specialist; Secure E-Mail & Website Hosting; Thoroughbred Software Developer; Custom Industrial Automation; Hardware & Electronics Experts; In Business Since 1985.
http://www.vss3.com SCO/Caldera OpenServer, Unixware & Linux. Tarantella & Non-stop Clustering
Related Posts
Thu Nov 1 13:55:29 2007: Subject: BigDumbDinosaur
It's interesting you reviewed this book, as I've yet to find anything about iptables that is worth the paper on which it is printed. What I know about iptables was gleaned from a painful discovery process, not by consulting some well-written tome (there aren't any on the subject).
Unfortunately, in the world of Linux, crappy documentation is the norm. For all the work and talent that has been applied to the OS itself, I'm amazed at how poorly it has been documented. Many man or info pages are an incomplete mess or are entirely missing. In some cases, man pages are obviously the product of someone who far more an expert at writing code than English prose. This whole situation is ironic, given that RTFM is often the response given to a newbie by Linux veterans. How do we expect anyone to RTFM when there isn't anything to read or what is available is incomplete?
Add your comments
Installation and light training Boston and New England
Reliable and experienced, punctual and professional.