Internet security threats include password attacks and the exploiting of known security holes, which have been around since the early days of networking. Other threats, like password sniffers, IP forgery, and various types of hijacking and replay attacks, are newer. And still others, like the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, come from today's headlines. "The attacks on Internet-connected systems we are seeing today are more serious and more technically complex than those in the past," says Elizabeth D. Zwicky, co-author of Building Internet Firewalls. "To keep those attacks from compromising our systems, we all need all the help we can get."
Firewalls are a very effective way to protect your system from most Internet security threats and are a critical component of today's computer networks. Firewalls in networks keep damage on one part of the network (e.g., eavesdropping, a worm program, file damage) from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down.
Like the first edition of the highly respected and best-selling Building Internet Firewalls, the second edition is a practical and detailed guide to building firewalls on the Internet. It provides step-by-step explanations of how to design and install firewalls, and how to configure Internet services to work with a firewall. The second edition is much expanded. It covers Linux and Windows NT, as well as Unix platforms. It describes a variety of firewall technologies (packet filtering, proxying, network address translation, virtual private networks) as well as architectures (e.g., screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewalls).
The book also contains a new set of chapters describing the issues involved in a variety of new Internet services and protocols through a firewall. It covers email and news; Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo); file transfer and sharing services (e.g., NFS, Samba); remote access services (e.g., Telnet, the BSD "r" commands, SSH, BackOffice 2000); real-time conferencing services (e.g., ICQ, talk); naming and directory services (e.g.,DNS, NetBT, the Windows Browser); authentication and auditing services (e.g., PAM, Kerberos, RADIUS); administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics); intermediary protocols (e.g., RPC, SMB, CORBA, IIOP); and database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server).
In addition, Building Internet Firewalls, Second Edition features a complete list of resources, including the location of many publicly available firewall construction tools.
Online Resources:
- Chapter 13, Internet Services and Firewalls, is available free online.
- More information about the book, including Table of Contents, index, author bio, and samples.
- A cover graphic in jpeg format.
Building Internet Firewalls, 2nd Edition
By Elizabeth D. Zwicky, Simon Cooper, & D. Brent Chapman
2nd Edition, June 2000
1-56592-871-7, 894 pages, $44.95 (US$)
order@oreilly.com
About O’Reilly
For over 45 years, O’Reilly has provided technology and business training, knowledge, and insight to help companies succeed. Our unique network of experts and innovators share their knowledge and expertise through the company’s SaaS-based training and learning platform. O’Reilly delivers highly topical and comprehensive technology and business learning solutions to millions of users across enterprise, consumer, and university channels. For more information, visit www.oreilly.com.