 The magazine of the Melbourne PC User Group For the bookshelf |
Firewalls and Internet Security
reviewed by Richard Solly
More and more computers are appearing on the Internet every day. Security is never far from the attention of both the system manager and the computer user. What better way to keep out the unwelcome hacker than to put up a "firewall".
The UNIX network system manager will find this book both informative and readable. The steps to set up a dedicated computer as an intruder "firewall" are described. This firewall computer has specific safeguards by which unauthorized entry to a network are both detected and defended.
Both propriety and public domain software tools used to build the firewall are outlined. The source is stated for most of these tools. The operation of the firewall is described through the methods that are used to repel hacker attacks. Most of the software tools and techniques will find application to working computers, not just to those used as a firewall. A number of these tools are in use on the computers of the Melb PC Internet service.
Cheswick and Bellovin are researchers at the AT&T Bell Labs. Their experience in detecting and repelling hacker attacks is woven throughout the book. Two chapters document the activities of international hackers with AT&T computers.
These sections widen the appeal of the book beyond the UNIX system administrator. The computer journalist will find details to add depth to the next hacker story. Knowledgeable computer users will find facts to help sort out hacker fiction.
This book will appeal to the general UNIX system administrator to illustrate the UNIX computer security strengths and weaknesses. Computer security specialists will find a 20-page bibliography to build upon the foundations established by this book.
|
William R.Cheswick & Steven M. Bellovin: Firewalls and Internet Security Repelling the Wily Hacker ISBN 0 201 63357 4 Published by Addison-Wesley 306 pages RRP $50.95 |
Managing Internet Information Services
reviewed by Ash Nallawalla
Aimed mainly at UNIX system administrators, Managing Internet Information Services promises to become another "must-have" title. To be more precise, this book will interest administrators who want to set up a UNIX machine on the Internet that will provide information to users. The secondary audience are the "data librarians" who create or collate this information, for which root access is not required.
The book begins with a description of how Internet services work and the resources you need to become an information provider. You then read about how Finger, Inetd and Telnet-based services work and how to set them up.
Several chapters each cover the concepts and installation of WAIS, Gopher, WWW, Veronica, Jughead, mailing lists, and ftpmail. Smaller chapters cover firewalls, Xinetd, legal issues, and intellectual property. Appendixes cover the syntax and options for Gopher, HTML and *.conf directives. Whereas books used to provide the example software and scripts on a CD-ROM or disk, this book makes you fetch the information from an FTP site.
The chapters on the World Wide Web (WWW) were of the greatest interest to me. Although most of my WWW knowledge has been self-taught, this book filled in many gaps, particularly topics I had not studied, such as creating password-protected areas. This option and some others, such as mirroring documents and servers will prove useful when our site becomes one of the machines in the APCUG network. The authors have written mostly about the NCSA http daemon, whereas we use the CERN version (which provides better security); fortunately the two versions have more similarities than differences and most of the information is relevant.
In addition to the theory, the authors also cover practicalities, such as how much effort must you spend in converting data to the HTML format; for example, plain ASCII makes the information available immediately, whereas spending time on embedding HTML links makes the benefits of hypertext available to the reader.
Several detailed scripts make the book immediately usable. For example, I used to run a DOS program on
testbox that sent out information about Melb PC when mail (an empty message) was sent to it. You will have seen several of those "info@somewhere.com" addresses - don't bother sending a personalised message to them! Mail sent to such an address simply sends back a canned message as though a human did it. I am moving this to
info@melbpc.org.au or a similar name, and a Perl script in the book has saved me the trouble of finding an equivalent program.
Many of our subscribers receive the same mailing list and we are hoping to overcome this resource hog by asking them to subscribe to a local mailing list that receives the external list. This way, only one set of messages comes to our system. The
sendmail script provided in the book did not work as supplied, but as we run our own mailing list program,
majordomo, we will use it to do this relay task. The more elegant method of gating mail to a local newsgroup and vice versa is not documented: indeed, there is no mention of news management in this book.
In conclusion, this is yet another excellent publication of the same high standard as other books from the O'Reilly & Associates publishing house and well worth the money.
| Liu, Peek, Jones, Buus, Nye et al: Managing Internet Information Services ISBN 1 56592 062 7 Published by O'Reilly & Associates 630 pages RRP $59.95 |
 |
The Australian Internet Book
reviewed by Ash Nallawalla
Prominent journalists Geoff Ebbs and Jeremy Horey have written Australia's first book for Internet beginners. Although there are dozens of foreign books about this subject, a local book was needed. Most authors appear to assume that readers live in their country. This book is no different, which achieves the desired result for us. This book presents the Internet as it is from our perspective and I appreciate this.
The Internet plumbing cannot keep up with the new connections and the new users who tap into it. The authors estimate there are over 100 million Internet users (sharing two million computers), although others have been more restrained in their estimates. Knowing the popularity of the subject, that figure could be soon passed.
What does a new "Internaut" need to know? First, the means of getting there. For those who haven't found a service provider, the enclosed
Enternet software will connect you to none other than connect.com (which provides our own service with connectivity) via a "131" number anywhere in Australia. I did not try this copy-protected software other than load it and see a demo at PC95: it is well-suited to the purpose. You get some applications but have to jump through some hoops to get Netscape 0.96, namely, dial Connect.com and register.
You are told what to expect and you start exploring as a lurker, that is, without advertising your presence to the net. The Web is where you begin. You then use Gopher to find information for you; fetch files with FTP; connect to another site with Telnet; then look at Archie to find files. Next you get brave and send electronic mail, read and post news, try Internet Relay Chat, and learn how to find people who are on the Net.
Reference material includes partial lists of Australian service providers, Internet sites, sources of help, reviews of popular Internet software, a Glossary and an Index. Some discount coupons are also provided. Overall, it is a worthy purchase and I hope some minor deficiencies are corrected in the next edition.
Although the coverage of the Internet is good, the authors missed some opportunities. The screen dumps suggest that the book was compiled during the December-January holiday period and to a very tight schedule. Perhaps there was no time left for a spelling check or a technical edit.
Some of the technical content is shallow: the authors keep using the term baud when they mean
bits per second. Understandably, they find the term "boring" and refer you to the Glossary, which does a good job of describing the
data rate instead of baud. They refer to newsgroups most of the time as conferences. A
TCP/IP stack has been described "colloquially" as a dialler. If you can ignore the Glossary and the minor hiccups above, it is still a good buy.
|
Geoff Ebbs and Jeremy Horey The Australian Internet Book: Your Information Highway Toolkit ISBN 1 875889 00 0 Published by Woodslane Press 295 pages RRP $49.95 |
 |
Reprinted from the April 1995 issue of PC Update, the magazine of Melbourne PC User Group, Australia
