Protecting Your Web Site with Firewalls
Author: Marcus Goncalves
Publisher: Prentice Hall PTR
Price: $49 US
Reviewer: Leam Hall
If you can configure a DNS nameserver on your coffee break, this book is not for you. However, if you need a platform-independent general overview of Internet/Intranet security issues, Mr. Goncalves uses a conversational tone and an abundance of resources to help you get a firm grasp of the basics.
There are many web sites that are unprotected and unsecured. This may be due to a system administrator who is over tasked and does not have enough research time, who is new to a particular operating system or who just does not know how important security is. The author provides good, basic information on what the security needs may be and how to balance cost of security against availability of services. Individual chapters give introductions to financial issues, strategies for different web site platforms and implementing services like conferencing, e-mail, FTP, NNTP and HTTP.
There is also plenty of material written in non-technical language. This can be very useful when trying to educate upper management on basic security issues and why they need to be funded. The whole book provides many information sites, including 77 pages of appendices giving resources for firewall products, web server products, authentication, password and other administrative tools. This may be the best part of the book, to help you quickly see what sort of material is available for your operating system.
There are a few things I did not like about the book. The editing and proofreading could have been better. I generally read too quickly to find spelling or grammatical errors, but I found some here. Also, several sections left me wondering what I was supposed to have learned. My most abundant gripe is the nondifferentiation between “hackers” and “crackers”. I consider myself a junior hacker, yet one of the most law abiding people I know. Hackers play with code and try to create; crackers intrude—hopefully the media will soon understand the difference. There is also the ubiquitous CD-ROM; this one contains an evaluation copy of an NT-based logging and reporting system. Nothing for the Unix/Linux crowd.
The book's target audience is those who need a very basic introduction with a lot of resources. It meets that market well, but most Linux Journal readers will be somewhat more advanced. For $49 US, get this book only if you are certain it meets your particular needs. Otherwise, do a lot of web surfing and find a book tailored to your specific operating system and level of expertise.
Getting Started with DevOps - Including New Data on IT Performance from Puppet Labs 2015 State of DevOps Report
August 27, 2015
12:00 PM CDT
DevOps represents a profound change from the way most IT departments have traditionally worked: from siloed teams and high-anxiety releases to everyone collaborating on uneventful and more frequent releases of higher-quality code. It doesn't matter how large or small an organization is, or even whether it's historically slow moving or risk averse — there are ways to adopt DevOps sanely, and get measurable results in just weeks.
Free to Linux Journal readers.Register Now!
- Hacking a Safe with Bash
- Django Models and Migrations
- Secure Server Deployments in Hostile Territory, Part II
- Home Automation with Raspberry Pi
- The Controversy Behind Canonical's Intellectual Property Policy
- Huge Package Overhaul for Debian and Ubuntu
- Shashlik - a Tasty New Android Simulator
- Embed Linux in Monitoring and Control Systems
- KDE Reveals Plasma Mobile
- diff -u: What's New in Kernel Development