EXTENSIONS
GRAHAM K. ROGERS
A high proportion of computer users are dependent on networks. A problem with the system means that productivity falls and, in proportion, frustration rises. For many of us, mercifully, once a small home network is set up, it rarely needs any changes.
For someone with a small home network, Scott Lowe's, Home Networking: The Missing Manual, is fine.
A larger organisation will have perhaps scores of users with accounts, data, settings; all of which must be managed. That falls to the system administrators, who may have to contend with different operating systems, special needs, security, updates and the occasional loss of service. A monumental task.
There are several sources of help. As well as online information, there are many books aimed at all, or specific concepts, for example TCP/IP. A major concern these days is security, as networks may come under attack from a variety of directions, both external and internal.
Two books came my way a while back, both covering the subject of network security, but each with its own approach: McNab's Network Security Assessment (2nd edition) and the multi-authored Security Power Tools.
 |
 |
Title: Network Security Assessment, Second Edition
Author: Chris McNab
Publication: O'Reilly: Sebastopol, CA.
Price: $39.99 (1,340 baht); 478pp
ISBN: 0-596-51030-6 |
Title: Security Power Tools
Author: Brian Burns
Publication: O'Reilly: Sebastopol, CA.
Price: $59.99 (2,010 baht); 822pp
ISBN: 0-596-00963-1 |
Chris McNab takes the same approach I had when fixing my motorcycle in the past. To find out the problems and provide solutions, first you need to analyse. Ten of the 16 chapters begin with the word, "Assessing". (Another two use, "Assessment".) The final section of some chapters has an easy to understand explanation of steps that ought to be considered. Others refer to further reading for solutions.
McNab looks at specific examples of the technology used, for example the Apache web server and port scanning, and in many cases outlines any known vulnerabilities, then suggests solutions. About Apache, for example, he says, "(it) has a number of known remotely exploitable issues ..." which he explains both in the text and a reference table.
As much of the text is taken up with code, it is primarily a work for reference. There are screen shots throughout the book, although it is not heavily illustrated as there's no need. An excellent, in-depth work that should grace the shelves of any system administrator, university computer department, or library.
The much larger Security Power Tools is co-authored by 10 experts, most of whom are members of the Juniper Networks J-Security team. In the foreword it is claimed that they are not book writers, although the end result is worthy. They each concentrate on their specific strengths. This does not detract at all from MacNab's single-author approach.
The opening chapter, in a section by itself, covers legal and ethical aspects. As some tools that are available to those who work in networking may allow access to other networks, it is a good idea to know where the line is before we over-step it. Simple examples of these probes are ping and whois - both legal. Port scanning might not be, depending on who does it and for what purpose.
The book's sections are "Reconnaissance", "Penetration", "Control", "Defence", "Monitoring" and "Discovery". Nic Beauchsesne's writing on rootkits, for example, defines the term and explains some of the tools available to those who would seek to install them. The best solution to the rootkit is a good defence, as removal "could end up being a very difficult task," he claims. In the examination, rootkit identifiers are also reviewed; then the solution: In this case it includes a fresh install.
Like the work by Chris McNab, Security Power Tools has a few monochrome illustrations where necessary, but most of the discussion includes fair amounts of code plus brief explanations or definitions where needed.
There are also occasionally snippets of information or suggestions, separated from the text and highlighted. For example, in "Finding a Windows Backdoor with Netstat", we read, "You can use the -v flag in conjunction with the -b flag ..."
Security Power Tools, with over 800 pages, is clearly the more comprehensive, although this does not diminish the McNab work by any means - they complement each other. MacNab veering towards analysis; while Burns is more proactive in defence of a system. Both include references to different operating systems: Solaris, Windows, Mac OS X and various flavours of Linux; McNab also has a passing reference to the Silicon Graphics IRIX system.
Both are wide-ranging and valuable reference works for those charged with security or learning about the tools to make our networks and computers safer. As such, the index in each is detailed. Included in the price is access to online versions at the Safari web site (safari.oreilly.com).
Graham K. Rogers has OS X-flavoured web pages, with links to an RSS feed and a weekly podcast at http://www.extensions.in.th/index4.html.
Prev
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Next
