[ISN] REVIEW: "Mastering Network Security", Chris Brenton/Cameron Hunt

From: InfoSec News (isnat_private)
Date: Tue Feb 04 2003 - 02:46:37 PST

  • Next message: InfoSec News: "[ISN] Regina police recover missing hard drive"

    Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private>
    BKMSNTSC.RVW   20021220
    "Mastering Network Security", Chris Brenton/Cameron Hunt, 2003,
    0-7821-4142-0, U$49.99/C$79.95/UK#37.99
    %A   Chris Brenton cbrentonat_private
    %A   Cameron Hunt camat_private
    %C   1151 Marina Village Parkway, Alameda, CA   94501
    %D   2003
    %G   0-7821-4142-0
    %I   Sybex Computer Books
    %O   U$49.99/C$79.95/UK#37.99 800-227-2346 infoat_private
    %O  http://www.amazon.com/exec/obidos/ASIN/0782141420/robsladesinterne
    %P   490 p.
    %T   "Mastering Network Security, Second Edition"
    The introduction states that this book is aimed at systems
    administrators who are not security experts, but have some
    responsibility for ensuring the integrity of their systems.  That
    would seem to cover most sysadmins.  However, whether the material in
    this work is at a suitable level for most sysadmins is open to
    question.  Now, to be fair to the authors, it seems that this second
    edition is a reissue, only marginally revised, of a book that was
    originally published seven years ago.  (Under most standard contracts,
    publishers have the right to do this, and authors can't do much about
    it.)  At that point, the material might have been pretty reasonable. 
    Currently, it isn't.
    Chapter one discusses systems theory.  While the application of the
    text to network and security management is reasonably obvious in
    hypothetical terms, it is not at all clear in regard to direct
    operation in the real world.  (This is particularly true for those who
    are not security professionals.)  The systems development life cycle
    (SDLC) is covered in chapter two and, again, while it is an important
    topic, the relation to security is not made manifest.  The
    introduction to networking itself covers the OSI (Open Systems
    Interconnection) model, routing, and bits of TCP/IP, in chapter three. 
    One would have thought that this would have been old news to
    sysadmins.  The same is true of the material on transmission and
    network topology, in chapter four.  There is some mention of security
    issues, but the discussion is minimal.
    Chapter five has a reasonable overview of firewalls, although the
    terminology is not always standard.  Chapter six is documentation for
    the Cisco PIX firewall.  The information about intrusion detection
    systems, in chapter seven, provides good material on points often
    neglected by other works, and adds a guide to Snort.  The coverage of
    cryptography, in chapter eight, has a confusing structure.  Most of
    the material on virtual private networks consists of screen shots of
    Microsoft's RRAS (Routing and Remote Access Server), in chapter nine.
    Chapter ten relies on old concepts and technologies to discuss viruses
    and other malware.  Disaster prevention and recovery, in chapter
    eleven, concentrates on building redundancy and the VERITAS server
    based backup system.  A good deal of information about Windows, most
    of which may have some relevance to security, is in chapter twelve. 
    Some introductory, and some network, data about UNIX is available in
    chapter thirteen.  Chapter fourteen describes how information can be
    obtained about your system in order to mount an intrusion attack. 
    Some resources for security are mentioned in chapter fifteen.
    Overall, the book does provide a fair amount of information that would
    likely be of help to most network administrators in securing their
    systems and networks.  However, there is also a lot of detail that is
    not directly relevant to the task, some erroneous content, and not a
    few gaps.  While the original authors may have mastered their topic,
    the volume currently on offer does not reflect that.
    copyright Robert M. Slade, 2002   BKMSNTSC.RVW   20021220
    rsladeat_private  rsladeat_private  sladeat_private p1at_private
    Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
    Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
              March 31, 2003           Indianapolis, IN
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Feb 04 2003 - 05:43:42 PST