Customer Reviews

Network Security First-Step

5 star:		(12)
4 star:		(3)
3 star:		(0)
2 star:		(3)
1 star:		(2)

 

 

We are currently using this book as a text in school. The book is more like an overview (hence the title) but it's so over the entire view that it's hard to get any real substance out of it. I'd rather have just read a glossary that told me what VPNs, DMZs, firewalls and encryption are. The mispellings and other typos are enough to make me want to throw this book out of the window. Did the editor actually proofread this thing? This is an alright reference as an addition to another book but it fails to stand on it's own as a text. Big disappointment.

I have been buying books/other items on Amazon since Amazon's inception and this is the first review I've written. I feel compelled to warn others.

I would have given this book four stars if it weren't for the errors. The intent and content are very good for beginners. Also, good writing style and easy read. However, there are so many critical errors, it drops the value of the book tremendously. As placed in an example by another reviewer, simply leaving out a word like 'not' can have a huge difference in meaning w/in a given context. This book does it over and over again.

Luckily, I have experience and know what is an error, but this is a beginner's guide so it is unacceptable to have so many of these types of errors. Since I don't know everything, there were a few occasions where I had to research what was stated to find correct information (knowing it was wrong, but not knowing the exact answer).

Unfortunately, if you are new to the subject matter this book covers, you will have problems as the book is simply inaccurate in so many vital areas. I would recommend you steer clear of this text.

If you know the material, it is a decent refresher that is a quick read.

Network Security First-Step
(Your first step into the world of network security)
Reviewer Name: Steve Owen Scheiderer, Network Administrator
Reviewer Certification: MCSE NT 4.0, CCNA

ISBN: 1-58720-099-6

If you've ever been victimized by a hacker you're left standing there asking "How'd they do this?" and "What could we have done to prevent it?" One of the most valuable insights of Network Security First-Step by Tom Thomas is that you don't have to be a rocket scientist to begin fighting hacker attacks. Thomas introduces the reader to the techniques - often strikingly simplistic or scripted via readily available tools - of the hacker with a "It takes one to fight one!" tactic.

Although there is plethora of technical information, there is plenty of non-technical information to consider. There is something for network administrators, security experts, CEOs and average Jane and Joe user at the office (or at home). Even the most non-technical user learns the importance of and the role they play in protecting the network with a "loose lips sink ships" approach. CEOs and policy-makers learn to lead by example as they submit to best practices and written policies. This may be one of the greatest feature of the book for the more technically savvy network professional who absolutely needs to enlist the cooperation of both CEO and the average user if the network security war is to be won.

Thomas builds on years of experience to show how hackers not only are interested in "targets of choice" but also "targets of opportunity". The goal is to protect the network on various levels to guard against either type of attack from the extremely sophisticated to those inflicted on sitting ducks ("targets of opportunity"). An entire chapter (Two) is dedicated to written security polices and each chapter is full of tools to use in this quest.

Thomas' expertise simultaneously shines (especially in the "Secure IOS Template" pp. 216-228) and presents a challenge to the novice in the area of network security. At times terminology is presented prior to its definition (like "social engineering" on page 4 and definition on page 5; "choke point" on page 192 and definition on page 193). Patience will be a virtue for the reader when coming upon new terminology throughout the book. So many tools are presented that at times the reader can be left wondering "what does this tool do?" The "Acceptable Use Policy" of Granite Systems is offered "if you want to reuse this policy" (p. 54) but the reader was never told where the text (template) could be downloaded. Finally, at times chapter outlines, figures and flow of the text were hard to follow. Nevertheless, Thomas' expertise and insight make these minor challenges worth enduring and certainly this is a complex topic which a book such as this can only begin to explore.

I would definitely read other titles by this author and his team of technical editors. I give Network Security First-Step a 4.5 rating on a scale of 1 to 5. An on-line errata page would greatly assist the reader in filling in some of gaps, typos, etc. missed by the author and editors.

I recently read Network Security First-Step (ISBN 1-58720-099-6) as the literal first step in my self-education on network security. I've done a little work with firewalls and ACLs, but due to some major security projects on the horizon, and also on my selfish desire to beef up my resume in that area, I've decided to dedicate some time to furthering my knowledge of network security. The book was written by Tom Thomas, who has authored or co-authored 17 books on networking and has also worked as an instructor. He also has a high level of experience in the industry. This experience shows in the quality of this book, which is advertised as an easy introduction into the world of network security. As such, it seemed like a natural place to start my security studies. Having read the book now, I'd have to say that it definitely lives up to the advertising. It is an introduction for the security novice, with just enough technical material to whet the appetite of even experienced networking guy like myself. When the material does get technical, the author uses real-world examples to explain the concepts and does so to great effect, making the book understandable for network novices.

The book itself is 400 pages and consists of 10 chapters which cover a wide variety of topics. Chapter 1 is an introduction into the mind and tools of hackerdom. Chapter 2 covers basic security policies and practices. Chapter 3 is a basic overview of security technologies and their uses and benefits. Chapters 4 through 9 go more in-depth into the various security technologies introduced earlier (protocols, firewalls, router security, VPNs, wireless, and intrusion detection) and how they are used. Chapter 10 discusses tools for hacking and security auditing. I can't say enough about how valuable I found the information provided in this book. The author sprinkles the book with URLs which not only reinforce the topic he's covering, but also allow the reader to continue researching on their own. I now have a folder full of web bookmarks which I'm only beginning to delve into. This book doesn't just spoon feeding information to the reader, but also sets them up for a much deeper understanding on networking, depending upon their desire to go deeper. Another feature I like about the book is how the author laid out the advantages and limitations of each network security technology. He also doesn't try to sell any one technology as the Panacea for network security. Rather, he advocates a much more practical layered approach to network security.

In conclusion, I recommend this book for anyone wanting to get started in network security. It stands as a springboard into a whole new area of study for my career. I've already come up with a few projects that must be implemented in our network just from reading this introductory book. In the coming months, I plan to read as many security and hacking titles as I can and use that information to better secure our network. I can tell it's going to be a busy year.

On my 5 ping rating scale, I give this book an emphatic 5.
!!!!!

I got this book after reading the superb "Computer Networking First-Step" entry in this series. Alas, this text doesn't begin to approach the easy comprehension and economy of writing that I found so helpful in that first book. Part of my job involves making decisions about network infrastructure and handling network incidents that have significant impact on business operations; I am not, however, deeply knowledgeable about networking (coming from more of a programming/database background). The "Computer Networking" book gave me an excellent grounding in the few days it took to read it. I now know what fundamental questions to ask even though I may never have seen how things were implemented at the nuts-and-bolts level.

This book spends a lot of time telling the reader that network security is important and worth doing. Fine. Except that it does this over and over. Hey, I bought the book, so I'm already halfway convinced of that and by the 100th repetition of the importance and necessity of security, I'm thinking "there's some space taken up by blahblahblah that should have held some content". Mostly, the chapters read like non-alphabetized lists of definitions and bullet points with little flow or tie-in to an overall conceptual model or context. The examples and how-to's of implementing security are explained using commented snippets of code(!). The comments explain what the code does, but I'm being made to read page after page of code when what I really need is a well-thought, consistent, higher-level explanation.

I was hoping to get a good high-level model of all the main security pieces (policy, firewalls, encryption, DMZs..), how they fit together, and some overall models of security set-ups appropriate for home networks, small businesses, enterprises, and super-secure systems. I was also hoping to understand what trade-offs were being made in going from one level to another. I think that information can be had from this book, but only by re-organizing the pieces myself and sifting through a lot of repetitive, vague, and irrelevant filler. And the frequency of typos doesn't help in comprehension either. Disappointing. I'm going to need to carefully preview other books in this series before purchase given the disparity in quality between this book and the Computer Networking volume.

Some recent IT Security headlines include:
"Dutch trio hacked 1.5m personal computers" (October 20, 2005)
"Hacker accesses 5,300 personal student records" (November 16, 2005)
"NMCI gets hacked" (November 11, 2005)
In 2002, CERT reported 82,094 security incidents; the 2003 number jumped to 134,529 reported security incidents (CERT website)

Obviously, threats to network security are growing more pervasive as hackers and crackers become bolder. Any IT professional, whether responsible for network infrastructure, servers, desktops, systems, web design, or database administration needs to be familiar with not only understanding network security, but also the tools and designs to develop a secure IT infrastructure. Network security is everyone's responsibility, from end-users, to IT staff, to CIOs and CTOs. Tom Thomas "Network Security First-Step" (ISBN 1587200996) provides a wonderful, readable introduction to Network Security design and best practices.

"Network Security First-Step" is not only a great primer for those new to network security, but also a great reference for those who already have industry experience. I chose to add this book to my CCIE-Security reading list as my first step toward the written exam and CCIE recert. The book's opening chapters discusses the fundamentals of network security design, why a security policy for an organization underpins these fundamentals, and then describes the core security technologies and protocols. Subsequent chapters cover the basics of router security, firewalls, VPNs, Intrusion Detection, and Wireless Security. My personal favorite chapter was the one that discusses hacker and cracker "Tools of the Trade".

The entire book is written in a style that is very fluid and conversational. Unlike many IT books, this one balances technical jargon with real-world examples and explanations. This volume would be a great addition to the bookshelf of both the IT engineer in the trenches as well as the CIO in his penthouse office. I highly recommend!

Mark Reyero
CCIE 12932

This book is awesome from cover to cover. I rate it 10 stars... I even received a free mouse pad with the book. The first chapter is a must read for anyone involved in the security field. In the first chapter Tom takes you through the steps and mindset of both the serious hacker and the script kiddies. You will learn what tools are used and how they are deployed against various targets. I found this chapter to be one of the best ones I have ever read. Also included in the very first chapter is a list of common exploits, it doesn't get any better then that. After reading the very first chapter I wanted to see if I could hack, I didn't though. Tom understands that in order to win a war, you must know your enemy and he does his best to help the reader.

The book continues with security policy and how to respond to these. This chapter helps with the dreaded task of creation of and administration of good security polices and practices. While this chapter was not my favorite, it is necessary in understanding what makes a complete network security policy. The author continues to provide great information throughout this book. One chapter is devoted to router security, which includes a detailed template on what should be configured on the router. I have looked for a long time to find just a few of the valuable commands and their definitions. You're introduced to firewalls and DMZ's the core devices that are used to implement security or both private and corporate networks. Then you are taken on a journey into the world of IPSec and VPNs. The chapter helped to introduce a relatively new technology in the data world. Security protocols are also explained in this book. This provides the user with a good introduction to the commonly used protocols that are popular n today's networks. Just when you think you're knowledgeable he introduces intrusion detection, which is rapidly becoming the talk of the security world.

This book is filled with so many websites on every, and I mean every aspect of network security. The tools used by both the good guys and the bad guys are presented in almost every chapter. I like the fact that the author tries to provide information on the areas of network security. One can argue that too much information or references are provided. However I feel that you need to be aware of what you're up against in order to provide effective security for your network. You can't defend against tools or methods if you don't know about them. This book provides a very liberal approach to learning network security.
Bottom line is this book is a MUST have for anyone that is interested in learning or joining the network security field. You will find the solid foundation you need, but don't worry there are tons of website links that you can find within these pages that can further your knowledge. I have to say if you don't read this book you're not serious on network security. If the book doesn't get you interested in this field nothing will. BUY IT TODAY!!!

Brion
Senior VOIP Engineer,
Telepacket, Inc

Network Security First Step is a welcome addition to Cisco Press First Step series. I read this book in 2 days as I couldn't put it down. I am working in Network Security arena for over 3 years but still learnt lot from this book. Network Security is a huge and ever expanding area of networking but author was able to summarize it in 400 pages (bravo). Obviously you cannot expect detailed treatment of different security technologies but enough was covered to get one going. Infact in certain areas like wireless security,honeypots and vulnerability scanning, author covered more than I expected from a beginner level book.

Though I liked the entire book but my favourite chapters are chapter 1 (Here There are Hackers), Chapter 8 (Wireless Security), Chapter 9 (Honeypots) and Chapter 10 (Tools of the trade). Starting with chapter 1, author set the tone by describing process of an attack.All crucial and free available tools in hacker's arsenal are shown in action. He also explained why network security is needed? He answered why anyone can be a victim though he don't have anything "valuable". Social Engineering also got some coverage as human stupidity is infinite and all technical security controls are useless without humans adhering to security policy.

Router Security, Firewalls, IPSec VPN, AAA, IDS, IPS all got adequate coverage. Wireless security got great attention and topics like wardriving and warchalking are also covered. IPS/IDS are covered along with their types and limitations. Author also described different kind of DOS attacks and their mitigation techniques. Overall I'll recommend it as a must have for any aspiring security professional and a good reference for veterans. I'll recommend Ed Skoudis Counter Hack once you are done reading this book.

Shahid Shafi
CCIE#12665, CISSP#42091

Great book for security newbies. Also a great resource for those with more experience in network security. Well written and easy to read. The technologies and terminology used, were explained so that even the beginner could follow along. Nicely done Mr. Thomas.

the book looks as described on the advert. The shipping was also timely. Greatly appreciated.