I am writing my first book review here in my blog after almost two years. I guess it is the only technical book that I read within this period “Network Security first-step”. Honestly, I do not feel the necessity to read a book. I can easily googling on the Internet write on forums or better ask my contracted partner for the necessary info.
I was sitting lazy in the office; one of my colleagues came and said “if you want to order a book this year, find it on Barns&Noble and send me the link until afternoon”. Some ideas flow over my mind
– No I don’t need a book
– Maybe a reference book would be good. No I am using Cisco web site and it’s searchable
– Exam preparation books maybe. No they are boring.
– If I found a book that I can read before sleep. Well written, easy to read, but not marketing mambo jambo, to get some real purified info.
I started to search than.
The book “Network Security first-step”
It has been written by Tom Thomas, published by Cisco Press in 2004. ISBN number is 1-58720-099-6. It has red cover with a lock on it, 431 pages. It has $29.95 price tag on behind.
It is a must read for any IT guy who has “security” word in his/her title or job definition. If you are teaching any kind of information security courses /classes, you too. It is also a must read for all networkers on security specialization path and Information security auditors.
It is nice to read if you are CIO or IT technology manager/director and any kind of networker.
It starts with basics of hacking; terminology, methods and organizations working against hackers.
It talks about security technologies like ACLs, NAT and TACACS. Continue with security protocols like DES, MD5, PPTP and SSH, A full chapter for firewalls, a full chapter for router security. A very clear and detailed VPN chapter has been followed by wireless security. Wireless security includes both technology related titles like WEP, EAP and history of war walking and wireless hacking tools. IDS chapter is so informative and honeypots was a new term for me explained in this chapter. Last chapter is about real world hacking tools.
Most interesting thing in this book for me was second chapter completely dedicated for security policies. Explains basics of building security policies and than it gives some reusable security policy samples.
Mentioned tools mostly open source tools which you can easily download from Internet and work on your own in more detail. Related URLs has been given for tools and organizations. This will let you use this book as a start point for your further security studies.
He mention about his own company (Granite Systems) in some points. I have to say there are some hidden advertising on it.
This book does the trick. Get one copy of it for your own. I am aware this book has been published in 2004 and I am suggesting it in 2009. You can preview some chapters at Amazon website. You will see why I suggested it.