Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private> BKBLVPNS.RVW 20020916 [http://www.amazon.com/exec/obidos/ASIN/1578702666/c4iorg - WK :) ] "Building Linux Virtual Private Networks (VPNs)", Oleg Kolesnikov/Brian Hatch, 2002, 1-57870-266-6, U$44.99/C$69.99/UK#34.99 %A Oleg Kolesnikov olegat_private okat_private %A Brian Hatch briat_private brianat_private %C 201 W. 103rd Street, Indianapolis, IN 46290 %D 2002 %G 1-57870-266-6 %I Macmillan Computer Publishing (MCP)/New Riders %O U$44.99/C$69.99/UK#34.99 800-858-7674 317-581-3743 infoat_private %O http://www.amazon.com/exec/obidos/ASIN/1578702666/robsladesinterne %P 385 p. %T "Building Linux Virtual Private Networks (VPNs)" Like "Practical UNIX and Internet Security" (cf. BKPRUISC.RVW) this book so thoroughly covers its general field, in this case virtual private networks (VPNs), that it is useful to security people regardless of whether or not they use Linux. There are abundant practical considerations in this work that other volumes ignore. Part one deals with the basics of VPNs. Chapter one is a good, readable, realistic introduction (and we will accept the mention of 40 bit DES in IPSec as a typo: it is listed as such in the errata at the associated website, http://www.buildinglinuxvpns.net). The title of chapter two, VPN fundamentals, is oddly both true and not: the items mentioned are not factors of VPNs as such, but aspects and considerations of VPNs that influence network choices, and network configurations that impel VPN architecture. Part two covers implementing standard VPN protocols. Chapter three provides a detailed and clear explanation of PPP (Point-to-Point Protocol) over SSH (Secure Shell). PPP over SSL (Secure Sockets Layer)/TLS (Transport Layer Security), in chapter three, outlines the basics, increased security, and scripts for troubleshooting. Excellent coverage of IPSec in general, plus some implementation details in Linux, is in chapter five. Chapter six explains FreeS/WAN from philosophy to source to configuration. There is good analysis of the design and weaknesses of PPTP (Point-to-Point Tunnelling Protocol) and how to run it on Linux, in chapter seven. Part three examines the implementation of nonstandard VPN protocols. Chapter eight looks at the design, options, and setup of VTun. The lightweight cIPe is covered in chapter nine. Designed for user level rather than kernel operation, as well as more modern and robust cryptography, tinc is explained in chapter ten. I have not found, to date, a book that does a better job of explaining the concepts and operations of virtual private networks. This should become the classic text. copyright Robert M. Slade, 2002 BKBLVPNS.RVW 20020916 -- ====================== rsladeat_private rsladeat_private sladeat_private p1at_private Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/ Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458): February 10, 2003 February 14, 2003 St. Louis, MO March 31, 2003 April 4, 2003 Indianapolis, IN - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Jan 08 2003 - 05:54:14 PST