BKSSGHNI.RVW 20061119 "Security Sage's Guide to Hardening the Network Infrastructure", Steven Andres/Brian Kenyon, 2004, 1-931836-01-9, U$59.95/C$79.95 %A Steven Andres %A Brian Kenyon %C 800 Hingham Street, Rockland, MA 02370 %D 2004 %G 1-931836-01-9 %I Syngress Media, Inc. %O U$59.95/C$79.95 781-681-5151 fax: 781-681-3585 www.syngress.com %O http://www.amazon.com/exec/obidos/ASIN/1931836019/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/1931836019/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/1931836019/robsladesin03-20 %O Audience n- Tech 1 Writing 1 (see revfaq.htm for explanation) %P 512 p. %T "Security Sage's Guide to Hardening the Network Infrastructure" Chapter one seems to discuss the ideas of network segmentation, possibly with an eye to the necessity for providing extra controls for sensitive compartments within your network. A number of sniffing and scanning tools are listed in chapter two, most with fairly limited descriptions. A confused and unstructured look at firewalls is in chapter three. Chapter four lists a number of vulnerabilities from old versions of firewalls. Some of chapter five outlines the use of routers as packet filtering firewalls, but more of it is directed to simplistic configuration changes that might help harden the devices. Chapter six is a grab bag of random (and tersely described) network security safeguards. An explanation of network switches, with limited application to security, is in chapter seven. Various attacks and exploits are enumerated in chapter eight. Intrusion detection systems (and a few other tools) are discussed in chapter nine. Some thoughts on network design are given, for perimeters in chapter ten, and internal networks in eleven. If you are completely new to network security you will find some information in this book to get you started, but in a limited and scattered fashion. There are any number of better books that provide a more comprehensive and better structured outline, such as William Stallings' "Cryptography and Network Security" (cf. BKCRNTSC.RVW) or "Network Security" by Kaufman, Perlman, and Speciner (cf. BKNTWSEC.RVW). copyright Robert M. Slade, 2006 BKSSGHNI.RVW 20061119