LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: September 26th, 2014
Linux Security Week: September 22nd, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Review: Mastering Network Security, Second Edition Print E-mail
User Rating:      How can I rate this item?
Book Reviews The introduction states that this book is aimed at systems administrators who are not security experts, but have some responsibility for ensuring the integrity of their systems. That would seem to cover most sysadmins.

Vitals:

TitleMastering Network Security, Second Edition
AuthorChris Brenton/Cameron Hunt
Pages490
ISBN0-7821-4142-0
PublisherSybex Computer Books
PurchaseAmazon

Summary and Opinions:

However, whether the material in this work is at a suitable level for most sysadmins is open to question. Now, to be fair to the authors, it seems that this second edition is a reissue, only marginally revised, of a book that was originally published seven years ago. (Under most standard contracts, publishers have the right to do this, and authors can't do much about it.) At that point, the material might have been pretty reasonable. Currently, it isn't.

Chapter one discusses systems theory. While the application of the text to network and security management is reasonably obvious in hypothetical terms, it is not at all clear in regard to direct operation in the real world. (This is particularly true for those who are not security professionals.) The systems development life cycle (SDLC) is covered in chapter two and, again, while it is an important topic, the relation to security is not made manifest. The introduction to networking itself covers the OSI (Open Systems Interconnection) model, routing, and bits of TCP/IP, in chapter three. One would have thought that this would have been old news to sysadmins. The same is true of the material on transmission and network topology, in chapter four. There is some mention of security issues, but the discussion is minimal.

Chapter five has a reasonable overview of firewalls, although the terminology is not always standard. Chapter six is documentation for the Cisco PIX firewall. The information about intrusion detection systems, in chapter seven, provides good material on points often neglected by other works, and adds a guide to Snort. The coverage of cryptography, in chapter eight, has a confusing structure. Most of the material on virtual private networks consists of screen shots of Microsoft's RRAS (Routing and Remote Access Server), in chapter nine.

Chapter ten relies on old concepts and technologies to discuss viruses and other malware. Disaster prevention and recovery, in chapter eleven, concentrates on building redundancy and the VERITAS server based backup system. A good deal of information about Windows, most of which may have some relevance to security, is in chapter twelve. Some introductory, and some network, data about UNIX is available in chapter thirteen. Chapter fourteen describes how information can be obtained about your system in order to mount an intrusion attack. Some resources for security are mentioned in chapter fifteen.

Overall, the book does provide a fair amount of information that would likely be of help to most network administrators in securing their systems and networks. However, there is also a lot of detail that is not directly relevant to the task, some erroneous content, and not a few gaps. While the original authors may have mastered their topic, the volume currently on offer does not reflect that.


Rob Slade is a data communications and security specialist from North Vancouver, British Columbia, Canada. His first love is teaching, and he got into computers because of an interest in what they could do in improving the education process in the public school system. He still has links with the education system in BC with both grade school and the college system, and writes and speaks for the computer educators in the province. He has a B.Sc. from the University of BC, an M.S. (in Computer and Information Science Education, which no one can ever remember) from the University of Oregon, and a Diploma of Christian Studies from Regent College. He is the founder of the DECUS Canada Education and Training SIG.

To find out more information about Rob, you can go to his website here. You can also read more reviews from Rob here.

Comments
master studentWritten by meran on 2007-02-01 02:17:05
hello for all  
while lam a master student computer secience wish to get some refernce on linux seceurty wish any one help me for that subject with many thanks for all

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.