2020ok  Directory of FREE Online Books and FREE eBooks

Free eBooks > Computers & Internet > Digital Business & Culture > Project Management > Statistical Computing > Building Internet Firewalls O Reilly

Building Internet Firewalls O Reilly

by Elizabeth D. Zwicky, Simon Cooper, and D. Brent Chapman

Download Book

If you are the author or the publisher, and would like to link to your site here, please contact us.

About Book

In the vast and varied universe of computer books, only a few stand out as the best in their subject areas. Building Internet Firewalls is one of those. It's deep, yet carefully focused, so that almost anything you might want to know about firewall strategies for protecting networks is here. In addition, there's lots of information on the reasons that we build firewalls in the first place, which is to say the security risks that come with Internet connectivity. You'll learn a great deal about Internet services and the protocols that provide them as you follow this book's recommendations for stifling attacks.

If there's a shortcoming to this book, it's its lack of coverage of the turnkey firewall products that are becoming popular among home and small-office users. Emphasis here is on more complicated network defenses that require careful design and setup--both design and implementation are the order of the day here. The authors carefully enumerate the threats they see in various situations, go into some detail on how those threats manifest themselves, and explain what configuration changes you can make to your perimeter defenses to repulse those threats. Plenty of illustrations make points about good and bad security strategies (you want to put the routers here and here, not here or here). You'll learn a lot by reading this book from cover to cover, no matter how much experience you have. --David Wall

Topics covered: Means of protecting private networks from external security threats. The authors go into detail on attackers' means of exploiting security holes in common Internet services, and show how to plug those holes or at least limit the damage that can be done through them. With coverage of Unix, Linux, and Windows NT, the authors detail their philosophies of firewall design and general security policy.

Book Description
In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks--and the need to protect both business and personal data--have never been greater. We've updated Building Internet Firewalls to address these newer risks. What kinds of security threats does the Internet pose? Some, like password attacks and the exploiting of known security holes, have been around since the early days of networking. And others, like the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, are in current headlines. Firewalls, critical components of today's computer networks, effectively protect a system from most Internet security threats. They keep damage on one part of the network--such as eavesdropping, a worm program, or file damage--from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down. Like the bestselling and highly respected first edition, Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes:

    • Firewall technologies: packet filtering, proxying, network address translation, virtual private networks
    • Architectures such as screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewalls
    • Issues involved in a variety of new Internet services and protocols through a firewall
    • Email and News
    • Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo)
    • File transfer and sharing services such as NFS, Samba
    • Remote access services such as Telnet, the BSD "r" commands, SSH, BackOrifice 2000
    • Real-time conferencing services such as ICQ and talk
    • Naming and directory services (e.g., DNS, NetBT, the Windows Browser)
    • Authentication and auditing services (e.g., PAM, Kerberos, RADIUS);
    • Administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics)
    • Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP)
    • Database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server)
    The book's complete list of resources includes the location of many publicly available firewall construction tools.

Book Info
A practical and detailed guide to designing and building firewalls and to configuring Internet services to work with firewalls. Covers Linux and Windows NT, as well as Unix. Describes a variety of firewall technologies and architectures. Contains chapters on security policies, cryptography, and more. Softcover. DLC: Computer networks--Security measures.

The publisher, O'Reilly and Associates
More than a million systems are now connected to the Internet, and something like 15 million people in 100 countries on all seven continents use Internet services. More than 100 million email messages are exchanged each day, along with countless files, documents, and audio and video images. Everyone is jumping on the Internet bandwagon. Once a haven for academicians and scientists, the Net is now reaching large and small businesses, government at all levels, school children, and senior citizens. The commercial world is rushing headlong into doing business on the Internet, barely pausing while technologies and policies catch up with their desire to go online. But, too few of the seekers after Internet wisdom and riches consider whether their businesses will be safe on the Net. What kinds of security risks are posed by the Internet? Some risks have been around since the early days of networking -- password attacks (guessing them or cracking them via password dictionaries and cracking programs), denial of service, and exploiting known security holes. Some risks are newer and even more dangerous -- packet sniffers, IP (Internet Protocol) forgery, and various types of hijacking attacks. Firewalls are a very effective way to protect your system from these Internet security threats. Firewalls in computer networks keep damage on one part of the network (e.g., eavesdropping, a worm program, file damage) from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down. What is a firewall? It's a hardware and/or software solution that restricts access from your internal network to the Internet -- and vice versa. A firewall may also be used to separate two or more parts of your local network (for example, protecting finance from R&D). The firewall is installed at the perimeter of the network, ordinarily where it connects to the Internet. You can think of a firewall as a checkpoint; all traffic, incoming and outgoing, is stopped at this point. Because it is, the firewall can make sure that it is acceptable. "Acceptable" means that whatever is passing through -- email, file transfers, remote logins, NFS mounts, etc. -- conforms to the security policy of the site. Building Internet Firewalls is a practical guide to building firewalls on the Internet. If your site is connected to the Internet, or if you're considering getting connected, you need this book. It describes a variety of firewall approaches and architectures and discusses how you can build packet filtering and proxying solutions at your site. It also contains a full discussion of how to configure Internet services (e.g., FTP, SMTP, Telnet) to work with a firewall. The book also includes a complete list of resources, including the location of many publicly available firewall construction tools. The book is divided into four parts: Part I discusses Internet threats, the benefits of firewalls, overall security strategies, and a summary of Internet services and their security risks. Part II describes possible firewall designs and general terms and concepts, how to protect the bastion host in your firewall configuration, how to build proxying and packet filtering firewalls, and how to configure Internet services to operate with a firewall. Part III describes how to maintain a firewall, develop a security policy, and respond to a security incident. Part IV contains appendices consisting of a resource summary, a directory of how to find firewall toolkits and other security-related tools, and a detailed summary providing TCP/IP background information.



PLEASE READ: All comments must be approved before appearing in the thread; time and space constraints prevent all comments from appearing. We will only approve comments that are directly related to the article, use appropriate language and are not attacking the comments of others.

Message (please, no HTML tags. Web addresses will be hyperlinked):

Related Free eBooks

Related Tags

DIGG This story   Save To Google   Save To Windows Live   Save To Del.icio.us   diigo it   Save To blinklist
Save To Furl   Save To Yahoo! My Web 2.0   Save To Blogmarks   Save To Shadows   Save To stumbleupon   Save To Reddit