|
UnixReview.com
MONTH YEAR
Book Review: Network Security
Reviewed by Peter H. Salus
Network Security: A Practical Approach
Jan L. Harrington
Elsevier, Inc., 2005
ISBN 0123116333
365 pages
It seems to me that there are several dramatically
different kinds of "security" books — the highly
specific (like Cheswick, Bellovin & Rubin on
Firewalls), the mammothly comprehensive (like
Bishop), the totally trivial (no examples, lest
I embarrass someone), and the simply useful. Harrington's
Network Security falls into this last category.
Harrington is not attempting to present the entire
field of security neatly packaged. She has tried to
provide a "comprehensive resource" for practitioners
that will be comprehensible to management. And
while she mentions a variety of topics, her presentation
is well focused on the dangers of network connectivity.
Harrington provides readers with a dozen chapters and three Appendices. There's
also a nifty glossary.
The Appendix listing ports was particularly interesting
as it lists both the application programs and
the attackers. Thus Port 80 is both "HTTP" and
"Nimda" and Port 445 is both "Microsoft-DS" and
"Sasser." I hadn't realized how many different ports
trinoo attacked (1524, 27444, 27665, 31335, 34555,
35555).
Among the things that I really liked in Network Security were the listings
of both a valid and a spoofed address, as well as the headers of a valid mailing
list (pp.
|
