Your mail to Firewalls-Book-Info

Firewalls-Book-Info-Owner at Firewalls-Book-Info-Owner at
Fri Jul 16 02:05:35 GMT 2004

This pre-recorded message is being sent in response to your recent
email to Firewalls-Book-Info.

Building Internet Firewalls, Second Edition

by Elizabeth D. Zwicky, Simon Cooper, and D. Brent Chapman

Published by O'Reilly & Associates
2nd Edition June 2000
894 Pages
ISBN 1-56592-871-7

List price $49.95

Available through the Internet at a discount from

Also available from the publisher, O'Reilly & Associates:
    US/Canadian Inquiries: 1-800-998-9938
    Local/Overseas Orders/Inquiries: 1-707-829-0515

Order your copy today!


In the five years since the first edition of this classic book was
published, Internet use has exploded. The commercial world has
rushed headlong into doing business on the Web, often without
integrating sound security technologies and policies into their
products and methods. The security risks--and the need to protect
both business and personal data--have never been greater. We've
updated Building Internet Firewalls to address these newer risks.

What kinds of security threats does the Internet pose? Some, like
password attacks and the exploiting of known security holes, have
been around since the early days of networking. And others, like
the distributed denial of service attacks that crippled Yahoo,
E-Bay, and other major e-commerce sites in early 2000, are in
current headlines.

Firewalls, a critical component of today's computer networks,
effectively protect a system from most Internet security threats.
They keep damage on one part of the network--such as eavesdropping,
a worm program, or file damage--from spreading to the rest of the
network. Without firewalls, network security problems can rage out
of control, dragging more and more systems down.

Like the bestselling and highly respected first edition, Building
Internet Firewalls, 2nd Edition, is a practical and detailed
step-by-step guide to designing and installing firewalls and
configuring Internet services to work with a firewall. Much expanded
to include Linux and Windows coverage, the second edition describes:

    Firewall technologies: packet filtering, proxying, network
    address translation, virtual private networks

    Architectures such as screening routers, dual-homed hosts,
    screened hosts, screened subnets, perimeter networks,
    internal firewalls

    Issues involved in a variety of new Internet services and
    protocols through a firewall

    Email and News

    Web services and scripting languages (e.g., HTTP, Java,
    JavaScript, ActiveX, RealAudio, RealVideo)

    File transfer and sharing services such as NFS, Samba

    Remote access services such as Telnet, the BSD "r" commands,
    SSH, BackOrifice 2000

    Real-time conferencing services such as ICQ and talk

    Naming and directory services (e.g., DNS, NetBT, the Windows

    Authentication and auditing services (e.g., PAM, Kerberos,

    Administrative services (e.g., syslog, SNMP, SMS, RIP and
    other routing protocols, and ping and other network

    Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP)

    Database protocols (e.g., ODBC, JDBC, and protocols for
    Oracle, Sybase, and Microsoft SQL Server)

The book's complete list of resources includes the location of many
publicly available firewall construction tools.

Table of Contents

Part I: Network Security
    Chapter 1: Why Internet Firewalls?
        What Are You Trying to Protect?
        What Are You Trying to Protect Against?
        Who Do You Trust?
        How Can You Protect Your Site?
        What Is an Internet Firewall?
        Religious Arguments
    Chapter 2: Internet Services
        Secure Services and Safe Services
        The World Wide Web
        Electronic Mail and News
        File Transfer, File Sharing, and Printing
        Remote Access
        Real-Time Conferencing Services
        Naming and Directory Services
        Authentication and Auditing Services
        Administrative Services
    Chapter 3: Security Strategies
        Least Privilege
        Defense in Depth
        Choke Point
        Weakest Link
        Fail-Safe Stance
        Universal Participation
        Diversity of Defense
        Security Through Obscurity
Part II: Building Firewalls
    Chapter 4: Packets and Protocols
        What Does a Packet Look Like?
        Protocols Above IP
        Protocols Below IP
        Application Layer Protocols
        IP Version 6
        Non-IP Protocols
        Attacks Based on Low-Level Protocol Details
    Chapter 5: Firewall Technologies
        Some Firewall Definitions
        Packet Filtering
        Proxy Services
        Network Address Translation
        Virtual Private Networks
    Chapter 6: Firewall Architectures
        Single-Box Architectures
        Screened Host Architectures
        Screened Subnet Architectures
        Architectures with Multiple Screened Subnets
        Variations on Firewall Architectures
        Terminal Servers and Modem Pools
        Internal Firewalls
    Chapter 7: Firewall Design
        Define Your Needs
        Evaluate the Available Products
        Put Everything Together
    Chapter 8: Packet Filtering
        What Can You Do with Packet Filtering?
        Configuring a Packet Filtering Router
        What Does the Router Do with Packets?
        Packet Filtering Tips and Tricks
        Conventions for Packet Filtering Rules
        Filtering by Address
        Filtering by Service
        Choosing a Packet Filtering Router
        Packet Filtering Implementations for General-Purpose Computers
        Where to Do Packet Filtering
        What Rules Should You Use?
        Putting It All Together
    Chapter 9: Proxy Systems
        Why Proxying?
        How Proxying Works
        Proxy Server Terminology
        Proxying Without a Proxy Server
        Using SOCKS for Proxying
        Using the TIS Internet Firewall Toolkit for Proxying
        Using Microsoft Proxy Server
        What If You Can't Proxy?
    Chapter 10: Bastion Hosts
        General Principles
        Special Kinds of Bastion Hosts
        Choosing a Machine
        Choosing a Physical Location
        Locating Bastion Hosts on the Network
        Selecting Services Provided by a Bastion Host
        Disabling User Accounts on Bastion Hosts
        Building a Bastion Host
        Securing the Machine
        Disabling Nonrequired Services
        Operating the Bastion Host
        Protecting the Machine and Backups
    Chapter 11: Unix and Linux Bastion Hosts
        Which Version of Unix?
        Securing Unix
        Disabling Nonrequired Services
        Installing and Modifying Services
        Reconfiguring for Production
        Running a Security Audit
    Chapter 12: Windows NT and Windows 2000 Bastion Hosts
        Approaches to Building Windows NT Bastion Hosts
        Which Version of Windows NT?
        Securing Windows NT
        Disabling Nonrequired Services
        Installing and Modifying Services
Part III: Internet Services
    Chapter 13: Internet Services and Firewalls
        Attacks Against Internet Services
        Evaluating the Risks of a Service
        Analyzing Other Protocols
        What Makes a Good Firewalled Service?
        Choosing Security-Critical Programs
        Controlling Unsafe Configurations
    Chapter 14: Intermediary Protocols
        Remote Procedure Call (RPC)
        Distributed Component Object Model (DCOM)
        NetBIOS over TCP/IP (NetBT)
        Common Internet File System (CIFS) and Server Message Block (SMB)
        Common Object Request Broker Architecture (CORBA)
            and Internet Inter-Orb Protocol (IIOP)
        Transport Layer Security (TLS) and Secure Socket Layer (SSL)
        The Generic Security Services API (GSSAPI)
        Remote Access Service (RAS)
        Point-to-Point Tunneling Protocol (PPTP)
        Layer 2 Transport Protocol (L2TP)
    Chapter 15: The World Wide Web
        HTTP Server Security
        HTTP Client Security
        Mobile Code and Web-Related Languages
        Cache Communication Protocols
        Push Technologies
        RealAudio and RealVideo
        Gopher and WAIS
    Chapter 16: Electronic Mail and News
        Electronic Mail
        Simple Mail Transfer Protocol (SMTP)
        Other Mail Transfer Protocols
        Microsoft Exchange
        Lotus Notes and Domino
        Post Office Protocol (POP)
        Internet Message Access Protocol (IMAP)
        Microsoft Messaging API (MAPI)
        Network News Transfer Protocol (NNTP)
    Chapter 17: File Transfer, File Sharing, and Printing
        File Transfer Protocol (FTP)
        Trivial File Transfer Protocol (TFTP)
        Network File System (NFS)
        File Sharing for Microsoft Networks
        Summary of Recommendations for File Sharing
        Printing Protocols
        Related Protocols
    Chapter 18: Remote Access to Hosts
        Terminal Access (Telnet)
        Remote Command Execution
        Remote Graphical Interfaces
    Chapter 19: Real-Time Conferencing Services
        Internet Relay Chat (IRC)
        Multimedia Protocols
        Multicast and the Multicast Backbone (MBONE)
    Chapter 20: Naming and Directory Services
        Domain Name System (DNS)
        Network Information Service (NIS)
        NetBIOS for TCP/IP Name Service and Windows Internet Name Service
        The Windows Browser
        Lightweight Directory Access Protocol (LDAP)
        Active Directory
        Information Lookup Services
    Chapter 21: Authentication and Auditing Services
        What Is Authentication?
        Authentication Mechanisms
        Modular Authentication for Unix
        NTLM Domains
        Remote Authentication Dial-in User Service (RADIUS)
        TACACS and Friends
        Auth and identd
    Chapter 22: Administrative Services
        System Management Protocols
        Routing Protocols
        Protocols for Booting and Boot-Time Configuration
        ICMP and Network Diagnostics
        Network Time Protocol (NTP)
        File Synchronization
        Mostly Harmless Protocols
    Chapter 23: Databases and Games
    Chapter 24: Two Sample Firewalls
        Screened Subnet Architecture
        Merged Routers and Bastion Host Using General-Purpose Hardware
Part IV: Keeping Your Site Secure
    Chapter 25: Security Policies
        Your Security Policy
        Putting Together a Security Policy
        Getting Strategic and Policy Decisions Made
        What If You Can't Get a Security Policy?
    Chapter 26: Maintaining Firewalls
        Monitoring Your System
        Keeping up to Date
        How Long Does It Take?
        When Should You Start Over?
    Chapter 27: Responding to  Security Incidents
        Responding to an Incident
        What to Do After an Incident
        Pursuing and Capturing the Intruder
        Planning Your Response
        Being Prepared
Part V: Appendixes
    A. Resources
    B. Tools
    C. Cryptography


Primarily system administrators, although managers who are concerned about
securing their systems or deciding whether to connect to the Internet will
get a lot of general information from Parts I and IV of this book.

About the Authors

Elizabeth D. Zwicky is a director at Counterpane Internet Security,
a managed security services company. She has been doing large-scale
Unix system administration and related work for 15 years, and was
a founding board member of both the System Administrators Guild
(SAGE) and BayLISA (the San Francisco Bay Area system administrators
group), as well as a nonvoting member of the first board of the
Australian system administration group, SAGE-AU. She has been
involuntarily involved in Internet security since before the 1988
Morris Internet worm. In her lighter moments, she is one of the
few people who makes significant use of the rand function in
PostScript, producing PostScript documents that are different every
time they're printed.

Simon Cooper is a computer professional currently working in Silicon
Valley. He has worked in different computer-related fields ranging
from hardware through operating systems and device drivers to
application software and systems support in both commercial and
educational environments. He has an interest in the activities of
the Internet Engineering Task Force (IETF) and USENIX, is a member
of the British Computer Conservation Society, and is a founding
member of the Computer Museum History Center. Simon has released
a small number of his own open source programs and has contributed
time and code to the XFree86 project. In his spare time, Simon
likes to play ice hockey, solve puzzles of a mathematical nature,
and tinker with Linux.

D. Brent Chapman is a networking professional in Silicon Valley.
He has designed and built Internet firewall systems for a wide
range of organizations, using a variety of techniques and technologies.
He is the founder of the Firewalls Internet mailing list, and
creator of the Majordomo mailing list management package. He is
the founder, principal, and technical lead of Great Circle Associates,
Inc., a highly regarded strategic consulting and training firm
specializing in Internet networking and security. Over the last 15
years, Brent has worked in a variety of consulting, engineering,
and management roles in information technology, operations, and
technology marketing for a wide range of employers and clients,
including the Xerox Palo Alto Research Center (PARC), Silicon
Graphics, Inc. (SGI), and Covad Communications Company.

Ordering Information

Building Internet Firewalls, Second Edition
by Elizabeth D. Zwicky, Simon Cooper, and D. Brent Chapman

Published by O'Reilly & Associates
2nd Edition June 2000
894 Pages
ISBN 1-56592-871-7

List price $49.95

Available through the Internet at a discount from

Also available from the publisher, O'Reilly & Associates:
    US/Canadian Inquiries: 1-800-998-9938
    Local/Overseas Orders/Inquiries: 1-707-829-0515

Order your copy today!

More information about the samba-technical mailing list