In the five years since the first edition of this classic book was
published, Internet use has exploded. The commercial world has rushed
headlong into doing business on the Web, often without integrating sound
security technologies and policies into their products and methods. The
security risks--and the need to protect both business and personal
data--have never been greater. We've updated Building Internet
Firewalls to address these newer risks.
What kinds of security threats does the Internet pose? Some, like
password attacks and the exploiting of known security holes, have been
around since the early days of networking. And others, like the
distributed denial of service attacks that crippled Yahoo, E-Bay, and
other major e-commerce sites in early 2000, are in current headlines.
Firewalls, critical components of today's computer networks, effectively
protect a system from most Internet security threats. They keep damage
on one part of the network--such as eavesdropping, a worm program, or
file damage--from spreading to the rest of the network. Without
firewalls, network security problems can rage out of control, dragging
more and more systems down.
Like the bestselling and highly respected first edition, Building
Internet Firewalls, 2nd Edition, is a practical and detailed
step-by-step guide to designing and installing firewalls and configuring
Internet services to work with a firewall. Much expanded to include
Linux and Windows coverage, the second edition describes:
-
- Firewall technologies: packet filtering, proxying, network address
translation, virtual private networks
- Architectures such as screening routers, dual-homed hosts, screened
hosts, screened subnets, perimeter networks, internal firewalls
- Issues involved in a variety of new Internet services and protocols
through a firewall
- Email and News
- Web services and scripting languages (e.g., HTTP, Java, JavaScript,
ActiveX, RealAudio, RealVideo)
- File transfer and sharing services such as NFS, Samba
- Remote access services such as Telnet, the BSD "r" commands, SSH,
BackOrifice 2000
- Real-time conferencing services such as ICQ and talk
- Naming and directory services (e.g., DNS, NetBT, the Windows
Browser)
- Authentication and auditing services (e.g., PAM, Kerberos, RADIUS);
- Administrative services (e.g., syslog, SNMP, SMS, RIP and other
routing protocols, and ping and other network diagnostics)
- Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP)
- Database protocols (e.g., ODBC, JDBC, and protocols for Oracle,
Sybase, and Microsoft SQL Server)