BKITNTSC.RVW   970805

"Internet & TCP/IP Network Security", Uday O. Pabrai/Vijay K. Burgani,
1996, 0-07-048215-2, U$39.95
%A   Uday O. Pabrai uday.pabrai@ngt.com
%A   Vijay K. Burgani vgurbani@tellabs.com
%C   300 Water Street, Whitby, Ontario   L1N 9B6
%D   1996
%G   0-07-048215-2
%I   McGraw-Hill Ryerson/Osborne
%O   U$39.95 905-430-5000 +1-800-565-5758 +1-905-430-5134 fax: 905-
430-5020
%P   357
%T   "Internet & TCP/IP Network Security: Securing Protocols and
Applications"

This book does cover a good deal of ground in terms of security
vulnerabilities and measures in UNIX, Internet protocols, and Internet
applications.  At times, it goes well beyond the standard material,
suggesting, for example, a handy tip for increasing the security and
reducing loopholes in Perl programs.

However, the book is also inconsistent, and even undisciplined.  The
level of detail varies greatly from one topic to another.  A promise
to take the reader step-by-step through the secure setup of Internet
applications is really only fulfilled for ftp--and then, only for
Solaris and SunOS.  Sometimes, it is difficult to follow the topical
organization within chapters.  At other points, it is hard to
understand the inclusion of topics that are not discussed in terms of
security, such as the OSI (Open Systems Interconnection) reference
model, or details of the header structure for TCP/IP protocol packets
and envelopes.

The strongest part of the book is the coverage of non-commercial
(SATAN, COPS, and TCP Wrapper) and commercial security packages and
tools.

copyright Robert M. Slade, 1997   BKITNTSC.RVW   970805