I am writing my first book review almost two years later on my blog. I think that the only technical book I read during this period was “Network Security first-step.” Honestly, I do not need to read a book. I can easily search the Internet, post to forums, or request the necessary information from my contracted partner.
I was sitting lazily in the office; One of my colleagues came and said: “if you want to order a book this year, find it in Barns&Noble and send me the link by the end of the day.” Some ideas flow into my mind
– No, I don’t need a book
– Maybe a reference book would be nice. No, I use the Cisco website, and it’s searchable
– Exam preparation books, maybe. No, they are boring.
– If I find a book, I can read it before I go to sleep. Well written, easy to read, to get some real pure information,
I started searching.
The book “Network Security first-step”
It has been written by Tom Thomas, published by Cisco Press in 2004. ISBN is 1-58720-099-6. It has a red cover with a lock on it, 431 pages. It has a price tag of $29.95 behind it.
It is a must-read for any IT guy who has the “security” word in his/her title or job definition. If you offer any kind of information security courses /classes, you too. It is also a must-read for all networkers on security specialization path and Information security auditors.
It is nice to read if you are a CIO or IT technology manager/director and any kind of networker.
It starts with the basics of hacking; terminology, methods, and organizations working against hackers.
It talks about security technologies like ACLs, NAT, and TACACS. Continue with security protocols such as DES, MD5, PPTP, and SSH, A complete chapter for firewalls, an entire section for router security. An apparent and detailed VPN chapter has been followed by wireless security. Wireless security includes both technology-related titles such as WEP, EAP, and history of war walking and wireless hacking tools. IDS chapter is very informative, and honeypot was a new term for me explained in this chapter. The last section is about real-world hacking tools.
The most exciting thing for me in this book was the second chapter wholly devoted to security policies. It explains the basics of building security policies and then provides some reusable security policy samples.
Mentioned tools mostly open-source tools that you can easily download from the Internet and work in more detail on your own. Related URLs are provided for tools and organizations. It will allow you to use this book as a starting point for your future security studies.
He mentions his own company (Granite Systems) at some points. I must say there are some hidden advertisements on it.
This book does the trick. Get a copy for yourself. I am aware that this book was published in 2004, and I am suggesting it in 2009. You can preview some chapters on the Amazon website. You will see why I suggested it.