[ISN] REVIEW: "Network Security Jumpstart", Matthew Strebe

From: InfoSec News (isn@private)
Date: Wed Jul 07 2004 - 03:10:14 PDT

Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rslade@private>

BKNTSCJS.RVW   20030604

"Network Security Jumpstart", Matthew Strebe, 2002, 0-7821-4120-X,
%A   Matthew Strebe mbs+jumpstart@private
%C   1151 Marina Village Parkway, Alameda, CA   94501
%D   2002
%G   0-7821-4120-X
%I   Sybex Computer Books
%O   U$24.99/C$39.95/UK#18.99 800-227-2346 info@private
%O  http://www.amazon.com/exec/obidos/ASIN/078214120X/robsladesinterne
%O   http://www.amazon.ca/exec/obidos/ASIN/078214120X/robsladesin03-20
%P   365 p.
%T   "Network Security Jumpstart"

The introduction states that this book is suitable for anyone from the
home user to the network administrator to the CEO.  Which is a pretty
tall order.

Chapter one has a decent overview of why computers aren't secure, a
scant computer security history, a few security concepts, and a fairly
trivial set of "review" questions.  There is a media level exposition
on "hackers," in chapter two, a rough outline of intrusion procedures,
and a list of specific attacks that I'm not sure the author fully
understands.  (Immediately following "Denial of Service" comes a
separate entry for "Floods": flooding being a type of denial of
service.)  There is a terse introduction to cryptography, and not much
more than chapter one gave us about authentication, in chapter three. 
The suggestions for policy creation, in chapter four, aren't bad for
simple cases, but seriously understate the difficulty of establishing
a full policy, even for home users.  Chapter five describes firewalls
(and seven tells a little bit more about using them at home).  Chapter
six makes the common mistake of assuming that all VPNs (Virtual
Private Networks) are about confidentiality: some are merely about
managing communications configurations.

There is some correct and useful information about viruses in chapter
eight, but it is unfortunately mixed in with a lot of garbage. 
Windows NT and its subsequent versions are *not* immune to viruses,
although a rigorous set of file permissions can reduce your risk of
file infectors (which are no longer a major category anyway). 
Signature scanners are *not* the only type of antiviral software. 
Viruses were *not* invented by accident, BRAIN *never* had an onscreen
display and didn't infect program files, and neither Stoned nor
Jerusalem (Friday the 13th is one variant) were based on BRAIN. 
Neither Stoned nor BRAIN relied on program sharing to propagate: data
disks were quite sufficient.  Viruses that only replicate are *not*
benign (anybody ever have problems with Stoned?  Melissa? 
Loveletter?), *will* be discovered, and scanning signatures *are*

Fault tolerance, in chapter nine, is not quite business continuity
planning (BCP), but does go beyond the usual UPS (Uninterruptable
Power Supply) and backup recommendations.  Although chapter ten lists
a number of security mechanisms in Windows, a practical understanding
of their use is not presented.  The UNIX tools in eleven are described
more usefully--but they only relate to file permissions.  The network
security tools for UNIX are in twelve--but are only enumerated. 
Chapter thirteen has good suggestions for Web server security--but
doesn't say how to implement them.  A random collection of email
security tools and threats makes up chapter fourteen.  IDS (Intrusion
Detection System) concepts are not explained very well in chapter
fifteen: Strebe apparently doesn't understand that all forms use audit
data of one type or another, and doesn't list the major distinctions
between either the engine type or sensor location.

Even given all the faults, one has to admit that Strebe has not done a
bad job with his ambitious intent.  Certainly home users and CEOs can
find better explanations here than in many of the other works aimed at
them, however much I might wish that the book as a whole was more
accurate.  And, yes, even the network administrators might find some
helpful points in the more conceptual material at the beginning of the
book: most of them could do with a better understanding of the need
for policy.  This work isn't great, by any means, but it can fulfill a
need for a quick guide to network threats, for a variety of audiences.

copyright Robert M. Slade, 2004   BKNTSCJS.RVW   20030604

======================  (quote inserted randomly by Pegasus Mailer)
rslade@private      slade@private      rslade@private
Keep away from people who try to belittle your ambitions. Small
people always do that, but the really great make you feel that
you, too, can become great.                             - Mark Twain
http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade

Help InfoSec News with a donation: http://www.c4i.org/donation.html

This archive was generated by hypermail 2.1.3 : Wed Jul 07 2004 - 04:51:11 PDT