Protecting Your Web Site with Firewalls
Author: Marcus Goncalves
Publisher: Prentice Hall PTR
Price: $49 US
Reviewer: Leam Hall
If you can configure a DNS nameserver on your coffee break, this book is not for you. However, if you need a platform-independent general overview of Internet/Intranet security issues, Mr. Goncalves uses a conversational tone and an abundance of resources to help you get a firm grasp of the basics.
There are many web sites that are unprotected and unsecured. This may be due to a system administrator who is over tasked and does not have enough research time, who is new to a particular operating system or who just does not know how important security is. The author provides good, basic information on what the security needs may be and how to balance cost of security against availability of services. Individual chapters give introductions to financial issues, strategies for different web site platforms and implementing services like conferencing, e-mail, FTP, NNTP and HTTP.
There is also plenty of material written in non-technical language. This can be very useful when trying to educate upper management on basic security issues and why they need to be funded. The whole book provides many information sites, including 77 pages of appendices giving resources for firewall products, web server products, authentication, password and other administrative tools. This may be the best part of the book, to help you quickly see what sort of material is available for your operating system.
There are a few things I did not like about the book. The editing and proofreading could have been better. I generally read too quickly to find spelling or grammatical errors, but I found some here. Also, several sections left me wondering what I was supposed to have learned. My most abundant gripe is the nondifferentiation between “hackers” and “crackers”. I consider myself a junior hacker, yet one of the most law abiding people I know. Hackers play with code and try to create; crackers intrude—hopefully the media will soon understand the difference. There is also the ubiquitous CD-ROM; this one contains an evaluation copy of an NT-based logging and reporting system. Nothing for the Unix/Linux crowd.
The book's target audience is those who need a very basic introduction with a lot of resources. It meets that market well, but most Linux Journal readers will be somewhat more advanced. For $49 US, get this book only if you are certain it meets your particular needs. Otherwise, do a lot of web surfing and find a book tailored to your specific operating system and level of expertise.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- BitTorrent Inc.'s Sync
- The US Government and Open-Source Software
- The Humble Hacker?
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide