Building Internet Firewalls (2nd Edition)

Basically there is really nothing about this book that you can not like. It is vague enough for an end-user and in-depth enough for security administrators. All in all I truly believe that this is an absolute must if you operate a *nix based operating system that is connected to the internet.

Rating:
Summary: Okay for discussing general ideas, but not much real world
Review: Okay for discussing general ideas, but not much real world use. There's not a lot to be had from this book. They cover too much and discuss too much generalized topics and never really touch on any real-world working, intelligent firewall fules and uses. Just too much generalized fluff. You'll get more from a 'man page' on iptables and be able to put it to use, at least, compared to this. It is interesting, but there's too much generalization and fluff and not much someone can *use* from it.

Rating:
Summary: old
Review: Please do yourself a favor and get the second edition of this book that was printed, I think, in July 2000.

Rating:
Summary: Vamos al grano !
Review: Si, podria catalogar a este libro con esas palabras. Tuve la oportunidad de leer varios libros sobre seguridad, intrusion y firewalls en Internet, pero la gran parte de ellos mas parecen una historia, un libro de intruduccion a TCP/IP, o un libro introductorio a redes que un libro practico sobre firewalls.
Hace unos meses anduve buscando un libro, con configuraciones claras para firewalls, con una amplia variedad de protocolos analizados y detalles sobre los mismos. Honestamente no lo halle.

Luego de buscar en la red, encontre algunos buenos comentarios sobre este libro, me acerque a una tienda y lo revise. Sinceramente era lo que buscaba.
Sus paginas contienen configuraciones sobre una amplia varidad de protocolos, caracteristicas de los mismos, detalles que no se deben perder de vista, trucos para evitar dejar agueros abiertos.
Ofrece tablas por cada protocolo expuesto y como configurarlo a traves de packet filters, elemento esencial para mover la configuracion a un firewall especifico.
Me siento contento con mi compra y honestamente la recomiendo.
Desafortundamente este no es un libro para principiantes, y honestamente no creo que haya un libro sobre firewalls que a su vez enseñe TCP/IP (dicen que quien mucho abarca poco aprieta), asi que si deseas aprender sobre firewalls, seguridad o intrusion y no conoces a profundidad todavia TCP/IP, no compres este, compra el libro de Douglas Comer primeramente.
Este libro tampoco habla sobre intrusion o recuperacion, es tan concreto en sus paginas para construir firewalls como lo es en su titulo.
Unico Requisito: Conocer claramente TCP/IP.
Unico Objetivo: Configurar firewalls.
Verdadero Merito: Cubre ampliamente y en detalle la gran mayoria de los protocolos populares en redes internet.
No compres este libro si estas buscando tener un mejor panorama sobre firewalls o seguridad, compra este libro si quieres una tienes una silla y un firewall para configurar frente a ti.
Espero que mi esperiencia te sirva. Saludos.
Piyux.

Rating:
Summary: I usually don't review books but...
Review: Since someone from Boston gave this book such a horrible review I had to counter with my own opinion. I am a systems administrator for an internet start up in Boston. I have a good understanding of security and firewalls. I bought this book to increase that knowlege. This book was a big help. While it is a bit outdated by the standards of the internet the basic principles of security are the same. This is an excellent reference book as well as a good book to get started with. The sections the packet filtering charactoristics of a lot of popular services was helpful.

Rating:
Summary: True, this book is now classic
Review: Since there was no such thing as CIDR when it was written, we now have a few reserves to directly apply the book's conclusions. Because private IPs were rather new then, the authors did not take advantage of their security aspects. It was written at the time passive mode ftp was rather rare. Because there was no IP masquerades nor NAT, authors' choices for outbound connections were limited to few proxies and impractical packet filtering. PC unix-likes, which are the major player in building firewalls nowadays, were infantile, it they existed. There were very few choices on packet filters, the most important firewall component. Dialup connections were yet negligible, so the book did not discuss personal securities when connected to internet.

In spite of all these and other changes, the book solidly laid out firewall network structures. We don't see any significant variations of them, as yet. Its in depth discussions on impacts of various tcp/udp/icmp protocols upon firewalls are now the criteria we use to judge safeties of newly proposed ones. Despite new security softwares, and new exploits I must add, arrive daily, the book has established true home ground we start from. On the other hand, I am certainly interested in what authors would say looking at changes we have encountered.

Rating:
Summary: Beginner and Intermidiate excellence.......
Review: This book does a very good job of explaining what firewalls are, the function they serve, what they can and cannot do, and other topics related to them. I purchased this book to distribute to students as I teach Network Security in my place of business and it helped individuals with little or no experience in firewalls and servers understand and even setup and install a firewall on a network. If you are just learning about firewalls or know a moderate amount on them this is a good book to bring you to a very educated level.

Rating:
Summary: Extremely useful, packed with information
Review: This book has hundreds of little gems that will be very helpful for anyone who is designing or maintaining a firewall. While not specific enough to contain all you'll need to build a firewall it does have a great deal of information you can use to make your firewall more efficient and secure. Some examples are: how powerful your bastion host should be, general background on IPSec, different vulnerabilities of Java vs. Active X, why you want to keep your bastion host isolated from your internal network, a handy breakdown of some useful NT registry keys and an informative appendix on cryptography. The authors go through the majority of the most commonly used protocols (and implementations of those protocols) on the Internet and talk about the hazards of using them. I particularly enjoyed the sections on DNS (with its treatment of different types of DNS records, double reverse lookup and hiding information with multiple servers) and X Windows ( particularly how it's used by ssh and what XDMCP is for). Along with every protocol description there was also a nice section with advice on how to make it work with SOCKS. I also enjoyed the charts presenting packet filtering suggestions found throughout the book and the section on sample firewalls at the end which combined the charts. The only thing missing from this book was some more specific information on firewall implementation. There were also some occasions were the authors brought up protocols or applications just for the sake of mentioning them and then didn't provide any useful information about them. All in all though, this book was very much worth reading.

Rating:
Summary: Review
Review: This book says you all about Firewall & Internet Securities. This is written comparatively in easy language and is useful also to non technical persons.

Rating:
Summary: Essential for you computer bookshelf
Review: This is another fine example of O'Reilly's lucid and informative publishing. It is a must have (like a lot of O'Reilly books) for anyone interested in computer and internet security and should be read by all who are involved in administrating internetworked computer systems. Plain English descriptions and humorous little details like April Fool's Day RFC's make reading it unlike reading typical internetworking books. 27 extensive, well-organized chapters include firewall design, packet filtering, proxy systems, bastion hosts and even 2 sample firewalls. There is also a special appendix on cryptography. It could have been a bit more product-oriented (could have mentioned Cisco's Pix or Checkpoints FW-1, but I guess that's not the point of this book, really). This is the only book other than Crime & Punishment I have ever given 5 Stars!