Security Power Tools
Bryan Burns, Jennifer Stisa Granick, Steve Manzuik, Paul Guersch, Dave Killion, Nicolas Beauchesne, Eric Moret, Julien Sobrier, Michael Lynn, Eric Markham, Chris Iezzoni, Philippe Biondi
O'Reilly - 1st Edition
http://oreilly.com/catalog/9780596009632/index.html

This is a detailed overview of tools that can be used to detect and defend against various security threats. The book generally groups software by category, with a section/chapter devoted to each tool. The software tool is thoroughly covered from download to installation to configuration. A fair amount of theory is covered for the various attack vectors discuss but the book focuses on practical, real-world examples.

The topics covered vary across a wide range but each is still covered with a good amount of depth which accounts for the books large size (856 pages). For each threat model covered, various tools that can be used for detection, avoidance, and protection are discussed along with user guides on how to acquire and set up the tools. The software discussed is generally open source and free of charge. Packages for all major PC operating systems are covered. Linux and Windows get the lion's share of attention but Mac and Unix are covered as well. Of course most of the Linux tools are Unix tools as well. Many of the Windows tools talked about are Linux ports.

I enjoyed the book overall and in particular I enjoyed the ability to "follow along" by downloading and working with the software packages covered in each section. Security professionals and hobbyist will certainly recognize many of the tools but a few might be new to many and even on the popular tools, some interesting features might not be know to all.

Summary:

- Practical explanations of each security topic are given for real world use.
- Focus is on example and practice
- A great book for security professionals and security hobbyist.

A classic ad for Snap-on brand tools featured the tagline, "I own the best, please don't ask to borrow them." In the new, complex world of IT security, picking the best tool for the job is no easy task. An indispensable reference on the subject, Security Power Tools, brings together a slew of expert authors who detail the best security tools available.

The main portion of the book is divided into six sections comprising 23 chapters that cover the following aspects of network security: reconnaissance, penetration, control, defense, monitoring, and discovery. The chapters cover tools for major operating systems from Unix/Linux, to Windows and Macintosh. The book is organized and progresses in a logical sequence that parallels real-world security scenarios and application of the tools.

Each section and subsection covers the subjects at hand, and then lists the appropriate tool for the job. The book not only lists and evaluates top tools but also explains how to access all of them, many for free, by downloading them from the Internet.

Many of the hacking countermeasures listed in the book may, however, require specific legal permission before use. Perhaps for this reason, the book opens with a chapter on legal and ethical issues. Yet the chapter does not read like a legal disclaimer--quite the contrary--it's both engaging and fascinating.

This book is written for experienced security professionals who need an authoritative resource for finding the best IT security tool for the job. At nearly 800 pages, the text covers nearly every available security tool known, making it the de facto reference to such tool selection. Readers will find it an invaluable guide

This is a book that serves its purpose wonderfully.

Its chapters and articles are based on a series of assumptions. First, that the reader won't read the book from head to tail but bit-by-bit. Second, that the reader, although not a complete geek, has a deep interest in computer sciences and computer security, from a practical standpoint.
Given those two conditions, it is a wonderfully easy to read book which will participate in the answering to the following question: "what tool should I use to answer this ____ (fill in the blank) IT Security problem?".
That's a good thing for a "power tool book" isn't it ?

I think this book should have been titled more along the lines of "Network Attack and Defense", but that doesn't detract from its contents. This is a great network-focused coverage of some of the things that the bad guys will do to get into your network and, to some extent, what you can do about it. I particularly enjoyed chapters five and eight on wireless recon and penetration, which have great coverage on how to set up various wireless tools on Linux (which can be a daunting task for the uninitiated), as well as chapter eighteen on network sniffing (Practical Packet Analysis makes a good followup to this chapter). The last chapter also tacks on a bit on binary reverse engineering, which seems like an afterthought in the context of the rest of the book, but is still a good read. Overall, another great security book from O'Reilly!

Security Power Tools (SPT) is O'Reilly Publishing's sister manual to their popular Unix Power Tools [&]. It is written as a primer to various security tools, organized within seven sections, covering Legal and Ethics, Reconnaissance, Penetration, Control, Defense, Monitoring, and Discovery. While the target audience of SPT is security professionals, the book weighs in at just over 800 pages and probably has something for everyone working in a technical facet of IT.

Having said that, I really enjoyed reading this book. I read it nearly cover-to-cover, and while I was at least familiar with most of the material in the book, I was still able to find gems of knowledge, even in tools that I work with on a daily basis. Expect to read about some tools that you may already know about, like Nmap, Nessus, and The Metasploit Framework, but keep reading for a heap of other useful applications that you may not be familiar with.

One of the strengths of the book is the varying backgrounds of its contributing authors; just as the book covers a diverse tool set, the expertise of the authors is also diverse. The book was written collaboratively by twelve individuals, made up primarily of Juniper Networks' J-Security team [&]. Despite an opportunity for vendor-bias towards Juniper products, the book remained vendor-neutral. The majority of the book focuses on open-source and free-ware applications, although there is commercial software covered as well. In fact, Chapter 9 - Exploitation Framework Applications covers Canvas [&] and Core Impact [&] exclusively; both commercial applications.

One of the chapters that makes this book unique is the chapter on Law and Ethics, written by Jennifer Stisa Granick. You may recognize Ms Granick from her representation of Michael Lynn in during the Cisco Gate ordeal at Black Hat 2005 (coincidentally, Michael Lynn is also one of the contributing authors of this book). She provides an insightful discussion on not only the legal implications of security work, but also the role that ethics plays in some of those "gray" areas that security professionals may find themselves in.

Another chapter that sets this book apart is Chapter 6 - Custom Packet Generation, which primarily focuses on the use of Scapy. The chapter is written by Phillipe Biondi, the author of Scapy, and he provides an excellent argument to "Decode, Do Not Interpret". He discusses the advantages of writing tools that will provide you with raw decoded information, without an interpretation of that information. For instance, if you scanned a port on a remote host, Biondi would argue that it would be better for your tool to tell you that the remote host returned a RST packet rather than telling you that the port is closed. Beyond this valuable discussion, Biondi provides a very thorough discussion of the uses of Scapy, along with several good examples. This chapter alone makes this book worth buying.

While I liked this book, there were also some problems that prevented me from giving it a 5-star rating. For starters, the preface describes the overwhelming amount of content that was edited out of this book to keep it within size constraints, yet there was quite a bit of content that detracted from the value-density of the book. As I mentioned previously, the majority of SPT is a security primer and should not be considered a reference. Given this position, I believe that there was too much step-by-step installation and setup content. As an example, Chapter 16 - E-Mail Security and Anti-Spam covered the installation and management of the Norton Anti-Virus client. I can appreciate the security-related value of anti-virus software, but I felt that a step-by-step walk through of a Norton product was irrelevant.

Additionally, while I previously stated that the diverse expertise of the authors was a benefit, the varied writing style detracted from the readability of the book. Content aside, I found some chapters to be fun to read while others were boring, due to a particular author's writing style.

In summary, I would recommend this book to anyone interested in an overview of where to get started in researching security tools for a particular purpose. While none of the discussions in the book are exhaustive, they will definitely get you started and arm you with enough information to know what you want and where to get it.

I am probably the first reviewer to have read the vast majority of Security Power Tools (SPT). I do not think the other reviewers are familiar with similar books like Anti-Hacker Toolkit, first published in 2002 and most recently updated in a third edition (AHT3E) in Feb 2006. (I doubt the SPT authors read or even were aware of AHT3E.) SPT has enough original material that I expect at least some of it will appeal to many readers, justifying four stars. On the other hand, a good portion of the material (reviewed previously as "the most up-to-date tools") offers nothing new and in some cases is several years old.

I'll begin with my favorite sections. SPT started very strongly with Jennifer Grannick's chapter on law as it pertains to security issues. She is an excellent writer and I would like to see her create her own book on the same subject. I liked Philippe Biondi's work in Ch 6 (Custom Packet Generation) although his coverage of Scapy (while great) is not for the beginner. (Just try as many examples as you can -- Scapy is cool.) Ch 7 (Metasploit) provided a great discussion of Metasploit 3; I learned quite a bit. I was pleasantly surprised by Ch 15 (Securing Communications). It was very practical. I should mention that some of the chapters appeared to be good, but they were outside my expertise and beyond my skill level. These included Ch 10 (Custom Exploitation), Ch 22 (Application Fuzzing) and Ch 23 (Binary Reverse Engineering). I was initially inclined to skip the section on BO2k in Ch 11 (Backdoors), but I didn't know the tool had been updated in Mar 07 and could be considered "viable" in the age of botnets.

Readers may also like SPT because it mixes coverage of open source and commercial tools. For example, Ch 9 (Exploitation Framework Applications) covers CORE IMPACT and Immunity CANVAS. Ch 3 (Vulnerability Scanning) describes WebInspect. Ch 17 (Device Security Testing) describes Traffic IQ Pro. Other commercial tools are mentioned in SPT but these were covered with more than a cursory overview.

The major problems I had with SPT involved indications of old material and lack of originality. Ch 20 (Host Monitoring) doesn't include any URLs for the tools it mentions. Tool versions are incredibly out-of-date, with references to 2006 or even 2005, despite versions from early 2007 (pre-publication) being available. (Examples: Afick 2.10-1, 17 May 07; Samhain 2.3.4, 1 May 07; Tripware Open Source 2.4.1.2, 18 Apr 07). Ch 19 (Network Monitoring) mentions ACID as a Snort console; BASE replaced ACID in Sep 04! The script to download and update Snort rules uses snortrules.tar.gz, which also (besides not working now) dates it to late 2004. Ch 22 says @Stake's WebProxy is a great tool, but it's been unavailable for several years. Ch 23 mentions SoftIce, but it was discontinued in Apr 06. (Unfortunately the same chapter neglects covering PaiMei "since it will probably change" -- although the Web page lists 22 May 07 as the last update.) Ch 2 (Network Scanning) lists PortSentry, but that tool hasn't been supported since '03 and is now replaced by Mike Rash's Psad. Ch 13 spends a lot of time talking about IPFW as a BSD firewall, even though Pf has been the preferred tool for several years. Ch 5 (Wireless Reconnaissance) seems to ignore that AirPcap is a viable solution for wireless sniffing on Windows. Ch 21 (Forensics) offered absolutely nothing new or advanced.

Overall, you will probably find something to really like about SPT. I would take a much different approach in the future. Trying to coordinate so many authors probably resulted in some authors finishing their sections in late '05 or early '06. They waited until the remainder finished so the book could be published in Aug 07. I am not convinced another mammoth book is needed -- maybe smaller books on focused topics would be worthwhile. I would also not bother to cover tools addressed elsewhere --especially in other O'Reilly books.

Bryan Burns, et.al.'s SECURITY POWER TOOLS is a top pick for collections catering to network administrators and programmers concerned with security issues. Security engineers have authored this in-depth coverage, which comes from members of the Juniper Networks Security Engineering team and some guests, who tell how to tweak and customize the most popular network security applications. Best practices for control, defense and more are surveyed in detailed, in-depth chapters perfect for those working on security systems.

I guess there is a misconception in the field of pentesting that everything is about tools. People started considering pentesting as mere collection of tools. This books is not about that. This book does not only help with knowing the various tools, it helps you to understand them, to tune them according to your need or your customer's need. The real skill is not to write a tool of your own when you already have the same tool out there. The real skill in this field is to take an existing tool and modify it based on your need.

This book isn't about teaching you network security from the ground up. Instead, it is a reference book on the most up-to-date tools used in network and computer security with good and detailed advice on exactly how to use them, and in the case of the open source tools, where to find them. If a file or small script is necessary to activate a tool, the authors show what you need to do. In the case where tools are screen-driven, the book shows screen shots of the application. There is also advice on under what circumstances you should use a tool. I think it is as good as anything O'Reilly has published, but you have to remember it is a reference book, not a textbook. If you are a beginner, I recommend "Counter Hack Reloaded" by Ed Skoudis. It is probably the best introductory book on network security you'll find. It provides basic knowledge and a way of thinking when approaching network security. This book is more about the weapons you'll need along the way. The table of contents is not currently shown, so I list that next:

Part I. Legal and Ethics
1. Legal and Ethics Issues
1.1 Core Issues
1.2 Computer Trespass Laws: No "Hacking" Allowed
1.3 Reverse Engineering
1.4 Vulnerability Reporting
1.5 What to Do from Now On

Part II. Reconnaissance
2. Network Scanning
2.1 How Scanners Work
2.2 Superuser Privileges
2.3 Three Network Scanners to Consider
2.4 Host Discovery
2.5 Port Scanning
2.6 Specifying Custom Ports
2.7 Specifying Targets to Scan
2.8 Different Scan Types
2.9 Tuning the Scan Speed
2.10 Application Fingerprinting
2.11 Operating System Detection
2.12 Saving Nmap Output
2.13 Resuming Nmap Scans
2.14 Avoiding Detection
2.15 Conclusion
3. Vulnerability Scanning
3.1 Nessus
3.2 Nikto
3.3 WebInspect
4. LAN Reconnaissance
4.1 Mapping the LAN
4.2 Using ettercap and arpspoof on a Switched Network
4.3 Dealing with Static ARP Tables
4.4 Getting Information from the LAN
4.5 Manipulating Packet Data
5. Wireless Reconnaissance
5.1 Get the Right Wardriving Gear
5.2 802.11 Network Basics
5.3 802.11 Frames
5.4 How Wireless Discovery Tools Work
5.5 Netstumbler
5.6 Kismet at a Glance
5.7 Using Kismet
5.8 Sorting the Kismet Network List
5.9 Using Network Groups with Kismet
5.10 Using Kismet to Find Networks by Probe Requests
5.11 Kismet GPS Support Using gpsd
5.12 Looking Closer at Traffic with Kismet
5.13 Capturing Packets and Decrypting Traffic with Kismet
5.14 Wireshark at a Glance
5.15 Using Wireshark
5.16 AirDefense Mobile
5.17 AirMagnet Analyzers
5.18 Other Wardriving Tools
6. Custom Packet Generation
6.1 Why Create Custom Packets?
6.2 Hping
6.3 Scapy
6.4 Packet-Crafting Examples with Scapy
6.5 Packet Mangling with Netfilter
6.6 References

Part III. Penetration
7. Metasploit
7.1 Metasploit Interfaces
7.2 Updating Metasploit
7.3 Choosing an Exploit
7.4 Choosing a Payload
7.5 Setting Options
7.6 Running an Exploit
7.7 Managing Sessions and Jobs
7.8 The Meterpreter
7.9 Security Device Evasion
7.10 Sample Evasion Output
7.11 Evasion Using NOPs and Encoders
7.12 In Conclusion
8. Wireless Penetration
8.1 WEP and WPA Encryption
8.2 Aircrack
8.3 Installing Aircrack-ng
8.4 Running Aircrack-ng
8.5 Airpwn
8.6 Basic Airpwn Usage
8.7 Airpwn Configuration Files
8.8 Using Airpwn on WEP-Encrypted Networks
8.9 Scripting with Airpwn
8.10 Karma
8.11 Conclusion
9. Exploitation Framework Applications
9.1 Task Overview
9.2 Core Impact Overview
9.3 Network Reconnaissance with Core Impact
9.4 Core Impact Exploit Search Engine
9.5 Running an Exploit
9.6 Running Macros
9.7 Bouncing Off an Installed Agent
9.8 Enabling an Agent to Survive a Reboot
9.9 Mass Scale Exploitation
9.10 Writing Modules for Core Impact
9.11 The Canvas Exploit Framework
9.12 Porting Exploits Within Canvas
9.13 Using Canvas from the Command Line
9.14 Digging Deeper with Canvas
9.15 Advanced Exploitation with MOSDEF
9.16 Writing Exploits for Canvas
9.17 Exploiting Alternative Tools
10. Custom Exploitation
10.1 Understanding Vulnerabilities
10.2 Analyzing Shellcode
10.3 Testing Shellcode
10.4 Creating Shellcode
10.5 Disguising Shellcode
10.6 Execution Flow Hijacking
10.7 References

Part IV. Control
11. Backdoors
11.1 Choosing a Backdoor
11.2 VNC
11.3 Creating and Packaging a VNC Backdoor
11.4 Connecting to and Removing the VNC Backdoor
11.5 Back Orifice 2000
11.6 Configuring a BO2k Server
11.7 Configuring a BO2k Client
11.8 Adding New Servers to the BO2k Workspace
11.9 Using the BO2k Backdoor
11.10 BO2k Powertools
11.11 Encryption for BO2k Communications
11.12 Concealing the BO2k Protocol
11.13 Removing BO2k
11.14 A Few Unix Backdoors
12. Rootkits
12.1 Windows Rootkit: Hacker Defender
12.2 Linux Rootkit: Adore-ng
12.3 Detecting Rootkits Techniques
12.4 Windows Rootkit Detectors
12.5 Linux Rootkit Detectors
12.6 Cleaning an Infected System
12.7 The Future of Rootkits

Part V. Defense
13. Proactive Defense: Firewalls
13.1 Firewall Basics
13.2 Network Address Translation
13.3 Securing BSD Systems with ipfw/natd
13.4 Securing GNU/Linux Systems with netfilter/iptables
13.5 Securing Windows Systems with Windows Firewall/Internet Connection Sharing
13.6 Verifying Your Coverage
14. Host Hardening
14.1 Controlling Services
14.2 Turning Off What You Do Not Need
14.3 Limiting Access
14.4 Limiting Damage
14.5 Bastille Linux
14.6 SELinux
14.7 Password Cracking
14.8 Chrooting
14.9 Sandboxing with OS Virtualization
15. Securing Communications
15.1 The SSH-2 Protocol
15.2 SSH Configuration
15.3 SSH Authentication
15.4 SSH Shortcomings
15.5 SSH Troubleshooting
15.6 Remote File Access with SSH
15.7 SSH Advanced Use
15.8 Using SSH Under Windows
15.9 File and Email Signing and Encryption
15.10 GPG
15.11 Create Your GPG Keys
15.12 Encryption and Signature with GPG
15.13 PGP Versus GPG Compatibility
15.14 Encryption and Signature with S/MIME
15.15 Stunnel
15.16 Disk Encryption
15.17 Windows Filesystem Encryption with PGP Disk
15.18 Linux Filesystem Encryption with LUKS
15.19 Conclusion
16. Email Security and Anti-Spam
16.1 Norton Antivirus
16.2 The ClamAV Project
16.3 ClamWin
16.4 Freshclam
16.5 Clamscan
16.6 clamd and clamdscan
16.7 ClamAV Virus Signatures
16.8 Procmail
16.9 Basic Procmail Rules
16.10 Advanced Procmail Rules
16.11 ClamAV with Procmail
16.12 Unsolicited Email
16.13 Spam Filtering with Bayesian Filters
16.14 SpamAssassin
16.15 SpamAssassin Rules
16.16 Plug-ins for SpamAssassin
16.17 SpamAssassin with Procmail
16.18 Anti-Phishing Tools
16.19 Conclusion
17. Device Security Testing
17.1 Replay Traffic with Tcpreplay
17.2 Traffic IQ Pro
17.3 ISIC Suite
17.4 Protos

Part VI. Monitoring
18. Network Capture
18.1 tcpdump
18.2 Ethereal/Wireshark
18.3 pcap Utilities: tcpflow and Netdude
18.4 Python/Scapy Script Fixes Checksums
18.5 Conclusion
19. Network Monitoring
19.1 Snort
19.2 Implementing Snort
19.3 Honeypot Monitoring
19.4 Gluing the Stuff Together
20. Host Monitoring
20.1 Using File Integrity Checkers
20.2 File Integrity Hashing
20.3 The Do-It-Yourself Way with rpmverify
20.4 Comparing File Integrity Checkers
20.5 Prepping the Environment for Samhain and Tripwire
20.6 Database Initialization with Samhain and Tripwire
20.7 Securing the Baseline Storage with Samhain and Tripwire
20.8 Running Filesystem Checks with Samhain and Tripwire
20.9 Managing File Changes and Updating Storage Database with Samhain and Tripwire
20.10 Recognizing Malicious Activity with Samhain and Tripwire
20.11 Log Monitoring with Logwatch
20.12 Improving Logwatch's Filters
20.13 Host Monitoring in Large Environments with Prelude-IDS
20.14 Conclusion

Part VII. Discovery
21. Forensics
21.1 Netstat
21.2 The Forensic ToolKit
21.3 Sysinternals
22. Application Fuzzing
22.1 Which Fuzzer to Use
22.2 Different Types of Fuzzers for Different Tasks
22.3 Writing a Fuzzer with Spike
22.4 The Spike API
22.5 File-Fuzzing Apps
22.6 Fuzzing Web Applications
22.7 Configuring WebProxy
22.8 Automatic Fuzzing with WebInspect
22.9 Next-Generation Fuzzing
22.10 Fuzzing or Not Fuzzing
23. Binary Reverse Engineering
23.1 Interactive Disassembler
23.2 Sysinternals
23.3 OllyDbg
23.4 Other Tools

A first I was a bit skeptical on a book that is supposed to cover such a thing like "security". But in the end, I found this book to be valuable and well-balanced between defensive technologies, and their attack/audit counterparts. I also appreciated the balance between open source/closed source and free/commercial tools.

Of course any single topic cannot compare to a dedicated book (read: if you want to do firewalling on Pix, go get a CCSP rather than buying a book on "security"). Yet every chapter give a broad view of underlying technologies and clues on how to operate them.

BTW, if you are a big fan of the Scapy network auditing tool, you can consider this book as the missing documentation.

I haven't quite digested all 800+ pages yet, but I've found this book to be a useful reference and I believe this book is useful for beginners and experts alike.

Beginners will like the logical structure, beginning with ethical issues and progressing through Reconnaissance, Penetration, Control, Defense, Monitoring and Discovery. This is a logical sequence that closely follows how a new security analyst would actually learn security topics. In particular I thought part II, Reconnaissance, was well-written and clear, covering all the major tools and explaining the complex topics in a way that should be very clear to the newbie.

Experts will like it as a good, and very up-to-date, survey of all the major tools and techniques. I learned quite a bit in the Penetration section that I didn't know before, such as the section on MOSDEF and Canvas. The index is very good, so even if you don't read through this cover-to-cover it's a good reference on tools and common techniques.

The book is edited well and meets my high expectations for an O'Reilly book. Graphics and screenshots are liberally shown throughout, and callout boxes explain advanced topics in many sections. Although there are a bunch of authors the editorial style is pretty consistent and it doesn't feel like a mishmash.

Overall this is a great book for security researchers at any level, and it compares well with my favorite O'Reilly security book, the venerable Building Internet Firewalls.

If you like this book you'd probably also like the excellent Network Warrior by Gary Donahue. This book is a good general survey of everything in security, while Gary's book is a more of a personal testimonial from a professional security researcher about how he does his job. Both are useful in their own way.

Sorry, but this book is actually quite bad!
I bought it just this friday assuming it would be a good update and inspiration. I own quite a number of security books, since I make my living doing security consulting for enterprise customers.

I just read chapter 13 Proactive Defense: Firewalls, which is by Dave Killion. It sucks! I might be biased since I have used firewalls on UNIX since early 1990's, but the chapter completely misses the target. Let me point out some things I think Dave missed.

He said that firewalls match packets to rules and then decides what to do with the packet. Errrrrr, wrong! First match firewalls does so, but what about last match - explain that both types exist.

He also says that firewalls should block everything, which I agree that is the common best practice, but really I think he should at least mention that there are two possibilities: block all and then allow something, or pass everything and then block something. Every other book I have about firewalls does that pretty early on when describing firewalls.

When listing the "tools" he shows his inept level of understanding in this subject from an overall level - or didn't care to research anything? He lists ipfw/natd for Berkeley Systems Distribution UNIX (BSD-Unix)?! And he lists the members: FreeBSD, NetBSD, OpenBSD, SunOS Mac OS X, and others.

Sorry, I was at EuroBSDCon2007 while buying this book and I can tell you that:
Yes, FreeBSD includes ipfw/natd - along with two other firewalls implementations ... PF (from OpenBSD) and IPF(IPFilter)
Mac OS X includes ipfw
SunOS and ipfw? hmmm, probably he means Solaris since SunOS is the old name for the Sun UNIX? Then again SunOS which was based on BSD is dead and buried since the last release in 1994, and Solaris is based on SysV release 4, and includes IPF (IPFilter), not ipfw ... not really clear what he meant.

OpenBSD does NOT include ipfw, includes PF and does NAT from PF. PF is included in all the major open source BSDs like FreeBSD, NetBSD and OpenBSD. They deserve a mentioning. Actually there is also PF implementation for Windows, and since he does mention the obscure fact that you can run ipfw on Windows he should at least include PF somewhere.

So he based the information on FreeBSD and Linux, fair enough - but gets most of the others completely wrong.

He could perhaps also list that a lot of commercial firewalls DO actually exist, not everything is open source. (He only mentions the built-in Windows firewall, which to me was just a lot of screen dumps which I browsed over without reading.)

To be fair I can read between the lines, but if you don't know about firewall this chapter does not in ANY way help you. For the next version, skip a lot of the discussion about NAT, treat the subject about types and policies for firewalls and then list the common firewalls found, being Linux firewall netfilter/iptables, FreeBSD, OpenBSD, Checkpoint Cisco PIX etc. and let the reader investigate more in depth what they want to try out.

The current level of this firewall chapter is silly.

I immediately browsed onto another chapter, 15.1-15.8 Securing Communication, various sections about SSH. It starts out pretty OK and get onto technical settings almost immediately. Various times you can recognize the openssh letters, in commands and package names - but nothing about Tatu Ylönen they guy who invented SSH. Nothing about OpenSSH which is being used in more than 100 distributions and operating systems?

Actually I like the idea of presenting (Open)SSH immediately, summarizing that you want Protocol version 2, there are three layers transport, user authentication and connection - and getting right into settings. But, wouldn't it be a bit nice to hear more about how to get the tool? that this is in fact a single implementation? that this actually made it into RFC?

Later of course the chapter points to Putty and WinSCP - but SSH is a bit more. To summarize, the chapter does not give an overview of SSH, what it is and does, but jumps right into configuring OpenSSH - without mentioning that it is what happened. Then it presents the features pretty good until it comes to the Windows part, where everybody is mentioned, except the SSH Communications Security product, why?

To get an overview of SSH I suggest that you save your money and go to wikipedia instead. I have spent the money, so I will search the book for a chapter that is worth my money and time - the two chapters out of 23 has disappointed me so far :-(

I will probably pick up a few good things, which is why I did give it two stars, instead of just one.