I was sitting lazy in the office; one of my colleagues came and said “if you want to order a book this year, find it on Barns&Noble and send me the link until afternoon”. Some ideas flashed in my mind
- No, I don’t need a book
- Maybe, a reference book would be good. No, I am using Cisco web site , everything is available and searchable.
- Exam preparation books maybe. No they are boring.
- I wanted to find a book, which I could read before sleep. It should be well written, easy to read, but not marketing mambo jambo, and should have some real purified info.
I started hunting for such a book!

The book “Network Security first-step”


It has been written by Tom Thomas, published by Cisco Press in 2004. ISBN number is 1-58720-099-6. It has red cover with a lock on it, 431 pages. It has price tag of $29.99 at the back of the book.

It is a must read for any IT guy who is into network “security” and has a job that deals with it. If you are teaching any kind of information security courses /classes, then you too need it. It is also a must read for all those who specialize in network security and also it is suitable for Information security auditors.

It is nice to read if you are CIO or IT technology manager/director and any kind of networker.

The Content
It starts with basics of hacking; terminology, methods and organizations that are working against the hackers.
The book speaks about security technologies like ACLs, NAT and TACACS, security protocols like DES, MD5, PPTP and SSH, A full chapter for firewalls, a full chapter for router security. A very clear and detailed VPN chapter has been followed by wireless security. Wireless security includes both technology related titles like WEP, EAP and history of war walking and wireless hacking tools. IDS chapter is so informative and honeypots was a new term for me explained in this chapter. Last chapter is about real world hacking tools.

Most interesting thing in this book for me was second chapter completely dedicated for security policies. Explains basics of building security policies and than it gives some reusable security policy samples.

Mentioned tools mostly open source tools which you can easily download from Internet and work on your own in more detail. Related URLs has been given for tools and organizations. This will let you use this book as a start point for your further security studies.

He mention about his own company (Granite Systems) in some points. I have to say there are some hidden advertising on it.

Conclusion
This book does the trick. Get one copy of it for your own. I am aware this book has been published in 2004 and I am suggesting it in 2009. I know what I said. You can download Chapter 8: Wireless Security under Sample Content tab from informIT website. You will see why I suggest it.