BKNTSCHK.RVW 20070921 "Network Security Hacks", Andrew Lockart, 2007, 0-596-52763-2, U$29.99/C$38.99 %A Andrew Lockart %C 103 Morris Street, Suite A, Sebastopol, CA 95472 %D 2007 %G 0-596-52763-2 978-0-596-52763-1 %I O'Reilly & Associates, Inc. %O U$29.99/C$38.99 707-829-0515 fax: 707-829-0104 nuts@ora.com %O http://www.amazon.com/exec/obidos/ASIN/0596527632/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0596527632/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0596527632/robsladesin03-20 %O Audience i Tech 2 Writing 1 (see revfaq.htm for explanation) %P 298 p. %T "Network Security Hacks, 2nd Edition" Chapter one lists twenty-two tips for using a number of utilities and programs to enhance the security of UNIX systems. The explanations are clear and specific, although you would probably have to be really familiar with UNIX administration to get the full benefit of these suggestions. Windows gets fourteen hacks in chapter two. While useful, these could have had more explanation in some cases, in regard to the limitations and pitfalls of the recommendations. A variety of tools that address aspects of confidentiality are listed in chapter three. Almost all of the firewall tools discussed in chapter four are for UNIX, although some do have Windows versions. (The Windows firewall is discussed, but so poorly that one almost suspects that the whole purpose is to force the reader to use the suggested alternative.) Advice on securing various services and applications (mostly from Guess What Operating System) is given in chapter five. Again, the bulk of the network security tools discussed in chapter six are for UNIX, with some Windows editions. The wireless tips, in chapter seven, work best with UNIX. The same is true with the logging tips in chapter eight, although there is mention of arranging to have Windows report to a syslogd. Network monitoring, and some analysis thereof, is in chapter nine. Tunnels and VPN (Virtual Private Network) products are detailed in chapter ten. Most of the network intrusion detection material in chapter eleven concerns Snort. (You are not my NIDS, you are a Snort!) Chapter twelve lists a few recovery and response tools. If you run a UNIX system and network, this book enumerates many useful tasks, settings, and tools that will help to make your systems and network more secure. copyright Robert M. Slade, 2004, 2007 BKNTSCHK.RVW 20070921