Click on book to order!

In the years since publication of the first edition ofthis classic reference, Internet use has exploded and e-commerce has become a daily part of business and personal life. As Internet usage has grown, so have the security threats. Some threats, like password attacks and the exploiting of known security holes, have been around since the early days of networking. Others, like password sniffers, IP forgery, and various types of hijacking and replay attacks, are newer. And still others, like the defacement of web sites, and the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, come from today's headlines.

Firewalls are a very effective way to protect a system from most Internet security threats and are a critical component of today's computer networks. Firewalls in networks keep damage on one part of the network (e.g., eavesdropping, a worm program, file damage) from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down.

Like the first edition of Building Internet Firewalls, this second edition is a practical and detailed guide to designing and building firewalls and to configuring Internet services to work with firewalls. This much expanded edition covers Linux and Windows NT, as well as Unix. It describes a variety of firewall technologies (packet filtering, proxying, network address translation, virtual private networks) and architectures (e.g., screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewalls). It also contains a new set of chapters describing the issues involved in a variety of new Internet services and protocols through a firewall.

Building Internet Firewalls covers more than 100 Internet services and protocols, including email and News; Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo); file transfer and sharing services (e.g., NFS, Samba); remote access services (e.g., Telnet, the BSD "r" commands, SSH, BackOrifice 2000); real-time conferencing services (e.g., ICQ, talk); naming and directory services (e.g., DNS, NetBT, the Windows Browser); authentication and auditing services (e.g., PAM, Kerberos, RADIUS); administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics); intermediary protocols (e.g., RPC, SMB, CORBA, IIOP); and database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server).

The book also contains chapters on security policies, cryptography, maintaining firewalls, and responding to security incidents, as well as a complete list of resources, including the location of many publicly available firewall construction tools.