The Virtual Bookcase for browsing and sharing reviews of books. New to this site? Read the welcome page first.

The Virtual Bookcase Home
Recent reviews
Collected book news
Welcome to this site

Book details of 'Internet Security Professional Reference'

Cover of Internet Security Professional Reference
TitleInternet Security Professional Reference
Author(s)Cisco Systems Inc., Tom Sheldon, Tim Petru, Joel Snyder, Chris Hare
PublishedJanuary 1997
PublisherNew Riders
Web links for this book
Search at
Wikipedia booksources
Shop for this book
As an Amazon Associate I earn from qualifying purchases

Back to shelf Computer networks
Back to shelf Computer security


Vote for this book

The Virtual Bookcase Reviews of 'Internet Security Professional Reference':

Reviewer wrote:
This is a big book--more than 850 pages. And the type is small, too. It has precisely what's needed to pack a comprehensive resource on Internet security into a single volume. The authors don't waste space on philosophizing or lecturing about security--they simply lay out what a site manager needs to know, beginning with the basics of TCP/IP. The book presents a five-part approach. Part one deals with security management, including TCP/IP, daemons, UUCP, and audit trails. Part two switches perspectives to that of the intruder, showing ways of gaining illicit accesses and how attempts to do so can be thwarted. Part three examines the challenges of creating secure channels for messaging. Part four shows how to deal with security concerns raised by Windows NT, Java, and various viruses. Part five contains the appendices, offering an array of security references and resources where site managers can find further and updated information. While the need to cram such a vast storehouse of information into the books rarely allows for a relaxed style of exposition, the authors have done a fine job of keeping explanations clear and useful to even novice site managers.

Reviewer Rob Slade wrote:
"Internet" and "security" are two items of great interest, so I guess someone had to write this book. However, I wish it had been someone willing to put some thought into it. Internet security is a complex and many-facetted field, and the narrow views presented here don't come close to doing it justice. Part one is supposed to be about managing Internet security, but it mostly contains a grab bag of background information on the net, with fairly large gaps in the coverage. Chapter one looks at IP addressing and domains, with a mixed lot of UNIX commands related to the net. Some daemon processes are listed in chapter two, along with some discussion of writing your own with shell scripts or Perl, and twenty pages of program listings. A number of UUCP programs are overviewed in chapter three. Some UNIX, NT, and DOS auditing programs and utilities are listed in chapter four. Part two looks at access security. Sniffing and spoofing are reviewed in chapter five, but the sections on protection may be less than helpful. Chapter six is supposed to tell you how to build a firewall. It does list a large number of UNIX utilities related to the function, but this might have been more useful if there had first been even the most token attempt to explain what a firewall was, and the different types and functions. There is a basic explanation in chapter seven, but aimed primarily at evaluation of commercial firewall products. Chapter eight is a very detailed exploration of SATAN (Security Administrator Tool for Analyzing Networks), covering the basic concept of looking for your own holes, a number of tools that look for specific holes, detection tools to note probing attempts, and the operation of SATAN itself. There is a detailed description of Kerberos exchange messages in chapter nine. Part three purports to be about the security of messaging, but seems to be limited to encryption of content. Chapter ten gives the usual, banal introduction to encryption, using examples of old, outmoded substitution ciphers, and never realistically discussing algorithm or key strength, nor key management. Chapter eleven is a rewrite of the documentation for PGP (Pretty Good Privacy) 2.6.2. Part four lumps together four topics under the heading of "modern concerns." Some Windows NT security features are discussed in chapter twelve, but not in much detail. (In fact, the chapter is entitled "Windows NT Internet Security" but doesn't have much to say about the Internet at all.) Chapter thirteen looks at Java, but the security content seems to relate strictly to the bytecode verifier and the applet "sandbox," and doesn't have much detail on those topics. CGI (Common Gateway Interface) security for Web forms gets a very terse review in chapter fourteen. After all of the foregoing, I was pleasantly astounded to find that the virus information, in chapter fifteen, is quite good. The explanation of how viruses work is extremely thorough, and the description of the different types of antiviral software is solid. The recommendations for recovery are not quite as good (FDISK can create more trouble than the virus you are trying to get rid of) and the review of Windows NT is rather optimistic. There are rather massive holes in the coverage presented in this book. The heavy UNIX concentration is only one example, but there are whole subjects not even mentioned. On the other hand, great chunks of the material contained in these pages have only the most tenuous connection to either the Internet or security. While there are some good bits that might justify the purchase of this book for experts, by no means can it be recommended as a sole source, or even an introduction. copyright Robert M. Slade, 1998

Add my review for Internet Security Professional Reference

Book description:

If you are using the Internet to conduct professional or personal business, you want to know your Internet connection is secure. This book gives you all the information and tools you need to keep the hackers out and the mission-critical information in. It takes you through planning, implementing, and administering a secure Internet connection--from understanding UUCP and auditing to encryption and firewalls to understanding viruses. A comprehensive resource for security and network professionals alike, this book will show you how to use and implement the latest technologies in the most secure fashion, including Java, CGI, and Windows NT.

Search The Virtual Bookcase

Enter a title word, author name or ISBN.

The shelves in The Virtual Bookcase

Arts and architecture (25)
Biography (24)
Business and Management (120)
Cars and driving (53)
Cartoons (45)
Children's books (180)
Computer (475)
Computer history/fun (113)
Computer networks (382)
Computer programming (215)
Computer security (272)
Cook books (89)
Fantasy (154)
Fiction (446)
Health and body (71)
History (138)
Hobby (37)
Horror (65)
Humorous books (52)
Literature (57)
Operating systems (94)
Outdoor camping (162)
Outdoors (236)
Politics (85)
Privacy (61)
Psychology (55)
Religion (17)
Science (113)
Science Fiction (156)
Self-help books (56)
Technology (14)
Travel guides (308)
War and weapons (29)
World Wide Web (213)
Zen (5)
Other books (89)

The Virtual Bookcase is created and maintained by Koos van den Hout. Contact e-mail
Site credits
Copyright © 2000-2020 Koos van den Hout / The Virtual Bookcase Copyright and privacy statement