BKSAFSEC.RVW 20051023
"Safe and Secure", Arman Danesh/Ali Mehrassa/Felix
Lau, 2002,
0-672-32243-9, U$24.99/C$37.95/UK#17.99
%A Arman Danesh
%A Ali Mehrassa
%A Felix Lau
%C 201 W. 103rd Street, Indianapolis, IN 46290
%D 2002
%G 0-672-32243-9
%I Macmillan Computer Publishing (MCP)
%O U$24.99/C$37.95/UK#17.99 800-858-7674 317-581-3743
info mcp.com
%O http://www.amazon.com/exec/obidos/ASIN/0672322
439/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/067
2322439/robsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASIN/067232243
9/robsladesin03-20
%O Audience i- Tech 1 Writing 1 (see revfaq.htm for
explanation)
%P 359 p.
%T "Safe and Secure: Secure Your Home Network and
Protect Your
Privacy Online"
The introduction states that the book is intended to help
home
Internet users protect themselves.
Part one deals with Internet basics and threats. The
material is
brief and simplistic. It is easily within the grasp of home
users,
but it is difficult to say that the background provided is
either
necessary or sufficient as a basis for security needs.
Chapter one
briefly lists a few of the dangers you can encounter on the
net. Even
more briefly, chapter two mentions some of the protective
measures
that can address the reported hazards. An elementary
overview of
aspects of TCP/IP makes up chapter three. Chapter four, the
longest
in this section, contains material on networking hardware,
topologies,
and application considerations that home users are extremely
unlikely
to encounter.
Part two addresses the protection of a home computer.
Chapter five
supposedly deals with the protection of a network-connected
standalone
computer, which would seem to be a contradiction in terms.
The text
deals with the Windows 98/ME operating system, which was
current at
the time the book was published, but in such a lockstep
fashion that
it is basically useless for anything else. Wireless LAN
technology is
tersely reviewed in chapter six. Chapter seven prints the
screenshots
for an installation of a version of the Zonealarm software
personal
firewall. There are sloppy definitions of viruses, worms,
and trojan
horse programs in chapter eight. Installation screenshots
for a
couple of widely-sold virus scanning programs are in chapter
nine.
Part three looks to the defence of a local area network in
the home.
Chapter ten provides a high level overview of firewalls,
with much of
the material being unsuitable for the needs of the home
user.
Screenshots for the Windows settings required for a
dual-homed (dual
network card) circuit-level proxy firewall (which seems to
be an
awfully complicated setup for a home user) are printed in
chapter
eleven. Setup screens for a few hardware packet filtering
and address
translation firewalls are in chapter twelve. Telecommuting
is
discussed in chapter thirteen, with some mentions of
security factors.
Virtual private networks, probably not an issue for home
users, are
considered in chapter fourteen: again, Windows software
settings are
the major issue. Chapter fifteen ponders the risks of
running servers
(such as private Web servers) on a home machine, primarily
addressed
via port restriction.
Privacy and data security are addressed in part four. Most
of the
material on human factors, in chapter sixteen, consists of
standard
identity theft prevention advice. There is reasonable
information
about cookies in chapter seventeen. The content about
anonymous
browsing and email, in chapter eighteen, is brief, and of
limited
value. Chapter nineteen, on encryption, gives severely
limited
background and predominately includes PGP installation
screenshots.
Part five looks at testing and recovery. Chapter twenty has
a
plausible examination of port scanning. Twenty-one talks
about logs,
but is not of much help in demonstrating how to use them.
Some basic
steps when a problem becomes evident are listed in chapter
twenty-two.
Chapter twenty-three essentially says to keep your software
up to
date. Screenshots for the Microsoft Backup program are in
chapter
twenty-five.
The home user requires basic information about computer and
Internet
security. The content of this book never gets too deep for
the
average person, and does provide some useful advice for many
of the
most common problems. At the same time, there are vital
issues that
the home user may see daily which are not addressed. In
addition,
much of the content of the book is of almost no interest to
those
outside of a commercial or corporate environment.
Therefore, while
there is some value in the work, a great deal of extraneous
text has
to be mined in order to find it. This means that you can't
just give
this volume to your Mom in order to keep her computer safe.
copyright Robert M. Slade, 2005 BKSAFSEC.RVW 20051023
====================== (quote inserted randomly by Pegasus
Mailer)
rsladevcn.bc.ca sladevictoria.tc.ca
rsladesun.soci.niu.edu
Vizzini: You fell victim to one of the classic blunders! The
most
famous is never get involved in a land war in Asia
- The
Princess Bride
http://victoria.tc.ca/t
echrev or http://sun.soci.niu.e
du/~rslade
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://g
roups.yahoo.com/group/CISSP-Discuss/
<*> To unsubscribe from this group, send an email to:
CISSP-Discuss-unsubscribe@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.c
om/info/terms/
|