[ISN] REVIEW: "Building Linux Virtual Private Networks (VPNs)", Oleg Kolesnikov/Brian Hatch

From: InfoSec News (isnat_private)
Date: Wed Jan 08 2003 - 02:54:57 PST

  • Next message: InfoSec News: "[ISN] 'DVD Jon' scores huge legal victory"

    Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private>
    BKBLVPNS.RVW   20020916
    [http://www.amazon.com/exec/obidos/ASIN/1578702666/c4iorg  - WK :) ]
    "Building Linux Virtual Private Networks (VPNs)", Oleg
    Kolesnikov/Brian Hatch, 2002, 1-57870-266-6, U$44.99/C$69.99/UK#34.99
    %A   Oleg Kolesnikov olegat_private okat_private
    %A   Brian Hatch briat_private brianat_private
    %C   201 W. 103rd Street, Indianapolis, IN   46290
    %D   2002
    %G   1-57870-266-6
    %I   Macmillan Computer Publishing (MCP)/New Riders
    %O   U$44.99/C$69.99/UK#34.99 800-858-7674 317-581-3743 infoat_private
    %O  http://www.amazon.com/exec/obidos/ASIN/1578702666/robsladesinterne
    %P   385 p.
    %T   "Building Linux Virtual Private Networks (VPNs)"
    Like "Practical UNIX and Internet Security" (cf. BKPRUISC.RVW) this
    book so thoroughly covers its general field, in this case virtual
    private networks (VPNs), that it is useful to security people
    regardless of whether or not they use Linux.  There are abundant
    practical considerations in this work that other volumes ignore.
    Part one deals with the basics of VPNs.  Chapter one is a good,
    readable, realistic introduction (and we will accept the mention of 40
    bit DES in IPSec as a typo: it is listed as such in the errata at the
    associated website, http://www.buildinglinuxvpns.net).  The title of
    chapter two, VPN fundamentals, is oddly both true and not: the items
    mentioned are not factors of VPNs as such, but aspects and
    considerations of VPNs that influence network choices, and network
    configurations that impel VPN architecture.
    Part two covers implementing standard VPN protocols.  Chapter three
    provides a detailed and clear explanation of PPP (Point-to-Point
    Protocol) over SSH (Secure Shell).  PPP over SSL (Secure Sockets
    Layer)/TLS (Transport Layer Security), in chapter three, outlines the
    basics, increased security, and scripts for troubleshooting.  
    Excellent coverage of IPSec in general, plus some implementation
    details in Linux, is in chapter five.  Chapter six explains FreeS/WAN
    from philosophy to source to configuration.  There is good analysis of
    the design and weaknesses of PPTP (Point-to-Point Tunnelling Protocol)
    and how to run it on Linux, in chapter seven.
    Part three examines the implementation of nonstandard VPN protocols.  
    Chapter eight looks at the design, options, and setup of VTun.  The
    lightweight cIPe is covered in chapter nine.  Designed for user level
    rather than kernel operation, as well as more modern and robust
    cryptography, tinc is explained in chapter ten.
    I have not found, to date, a book that does a better job of explaining
    the concepts and operations of virtual private networks.  This should
    become the classic text.
    copyright Robert M. Slade, 2002   BKBLVPNS.RVW   20020916
    rsladeat_private  rsladeat_private  sladeat_private p1at_private
    Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
    Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
        February 10, 2003   February 14, 2003   St. Louis, MO
        March 31, 2003      April 4, 2003       Indianapolis, IN
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Wed Jan 08 2003 - 05:54:14 PST