Network Security with OpenSSL and over one million other books are available for Amazon Kindle. Learn more

Quantity:


	Amazon Prime Free Trial required. Sign up when you check out. Learn More

Kindle Edition Read the Kindle edition on Kindle, iPhone, iPad, Android, BlackBerry, PC and Mac.

Sell Back Your Copy

For a $3.49 Gift Card

Learn more

More Buying Choices

Have one to sell? Sell yours here

Share your own customer images

Search inside this book

Start reading Network Security with OpenSSL on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Network Security with OpenSSL [Paperback]

John Viega (Author), Matt Messier (Author), Pravir Chandra (Author)

4.4 out of 5 stars See all reviews (15 customer reviews) |

List Price:	$39.95
Price:	$26.50 & this item ships for FREE with Super Saver Shipping. Details
Deal Price:
You Save:	$13.45 (34%)
	o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o

In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.

Want it delivered Monday, January 30? Choose One-Day Shipping at checkout. Details

	Amazon Price	New from	Used from
Kindle Edition	$17.27	--	--
Paperback	$26.50	--	--
See # more paperbacks
Show fewer paperbacks

Like this book? Find similar titles from O'Reilly and Partners in our O'Reilly Bookstore.

› See more product promotions

Book Description

Publication Date: June 15, 2002

Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.

The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.

Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, instead of bogging you down in the technical details of how SSL works under the hood, this book provides only the information that is necessary to use OpenSSL safely and effectively. In step-by-step fashion, the book details the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges.

As a system or network administrator, you will benefit from the thorough treatment of the OpenSSL command-line interface, as well as from step-by-step directions for obtaining certificates and setting up your own certification authority. As a developer, you will further benefit from the in-depth discussions and examples of how to use OpenSSL in your own programs. Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included.

OpenSSL may well answer your need to protect sensitive data. If that?s the case, Network Security with OpenSSL is the only guide available on the subject.

#outer_postBodyPS { display: none; } #psGradient { display: none; } #psPlaceHolder { display: none; } #psExpand { display: none; }

OpenSSL may well answer your need to protect sensitive data. If that?s the case, Network Security with OpenSSL is the only guide available on the subject.

Frequently Bought Together

SSL and TLS: Designing and Building Secure Systems

Price For All Three: $95.91

Show availability and shipping details

Buy the selected items together

This item: Network Security with OpenSSL by John Viega Paperback $26.50

In Stock.
Ships from and sold by Amazon.com.
This item ships for FREE with Super Saver Shipping. Details
SSL and TLS: Designing and Building Secure Systems by Eric Rescorla Paperback $36.62

In Stock.
Ships from and sold by Amazon.com.
This item ships for FREE with Super Saver Shipping. Details
Implementing SSL / TLS Using Cryptography and PKI by Joshua Davies Paperback $32.79

In Stock.
Ships from and sold by Amazon.com.
This item ships for FREE with Super Saver Shipping. Details

Customers Who Bought This Item Also Bought

Implementing SSL / TLS Using Cryptography and PKI by Joshua Davies
5.0 out of 5 stars (3)

$32.79
SSL and TLS: Designing and Building Secure Systems by Eric Rescorla
4.2 out of 5 stars (24)

$36.62
SSH, The Secure Shell: The Definitive Guide by Daniel J. Barrett
4.1 out of 5 stars (35)

$29.69
Secure Programming Cookbook for C and C++: Recipes... by John Viega
4.2 out of 5 stars (12)

$62.48
LDAP System Administration by Gerald Carter
3.7 out of 5 stars (23)

$26.37
Kerberos: The Definitive Guide (Definitive Guides) by Jason Garman
4.0 out of 5 stars (7)

$26.52

Editorial Reviews

Review

"If you have struggled with OpenSSL and the supplied documentation then you will regret the amount of time that you have wasted before finding this book. If you are planning to use OpenSSL then you need to buy a copy - it's essential reading. What is more surprising is that even if you don't plan to use OpenSSL, then downloading it and trying out the examples in the book could be the education in practical cryptography you really need. What more can I say of any book, other than that I certainly won't be lending it to anyone else? It's going to remain firmly chained to my bookshelf for the foreseeable future - and no, you can't borrow it." - Mike James, VSJ, October 2003

About the Author

John Viega, Founder and Chief Scientist of Secure Software (www.securesoftware.com), is a well-known security expert, and coauthor of Building Secure Software (Addison-Wesley) and Network Security with OpenSSL (O'Reilly). John is responsible for numerous software security tools, and is the original author of Mailman, the GNU mailing list manager. He holds a B.A. and M.S. in Computer Science from the University of Virginia. Mr. Viega is also an Adjunct Professor of Computer Science at Virginia Tech (Blacksburg, VA) and a Senior Policy Researcher at the Cyberspace Policy Institute, and he serves on the Technical Advisory Board for the Open Web Applications Security Project. He also founded a Washington, D.C. area security interest group that conducts monthly lectures presented by leading experts in the field. He is the author or coauthor of nearly 80 technical publications, including numerous refereed research papers and trade articles.

Matt Messier, Director of Engineering at Secure Software, is a security authority who has been programming for nearly two decades. Besides coauthoring Network Security with OpenSSL, Matt coauthored the Safe C String Library, RATS, and EGADS, an Entropy Gathering and Distribution System used for securely seeding pseudo-random number generators. Prior to joining Secure Software, Matt worked for IBM and Lotus, on source and assembly level debugging techniques, and operating system concepts.

Pravir Chandra, Research Scientist at Secure Software Solutions, is an expert in language-level security. Most recently, he co-authored the DARPA-funded "catscan" tool for static security analysis of C source code. Pravir holds a B.S. in Computer Science from Case Western Reserve University, and wants you to know that Cleveland rocks!

Product Details

Paperback: 384 pages
Publisher: O'Reilly Media; 1st edition (June 15, 2002)
Language: English
ISBN-10: 059600270X
ISBN-13: 978-0596002701
Product Dimensions: 9.2 x 7 x 0.9 inches
Shipping Weight: 1.1 pounds (View shipping rates and policies)

Average Customer Review: 4.4 out of 5 stars See all reviews (15 customer reviews)

Amazon Best Sellers Rank: #294,911 in Books (See Top 100 in Books)
- #57 in Books > Computers & Technology > Programming > Algorithms > Cryptography

Would you like to update product info or give feedback on images?

More About the Author

› Visit Amazon's John Viega Page

John Viega is CTO of the Software-as-a-Service Business Unit at McAfee, and was previously Vice President, Chief Security Architect at McAfee. John started out writing fiction in high school and college, but Randy Pausch (of Last Lecture Fame) convinced him to make a career in technology.

John lives in Boston, and has two daughters.

Customer Reviews

15 Reviews

5 star:		(8)
4 star:		(6)
3 star:		(0)
2 star:		(1)
1 star:		(0)

Average Customer Review

4.4 out of 5 stars (15 customer reviews)

Share your thoughts with other customers:

Create your own review

Most Helpful Customer Reviews

24 of 24 people found the following review helpful:

5.0 out of 5 stars openssl programming cleanly explained, October 11, 2004

H. Wang (Santa Clara, CA USA) - See all my reviews
(VINE VOICE) (REAL NAME)

This review is from: Network Security with OpenSSL (Paperback)

The book starts with a general introduction of encryption in general, then SSL protocol in general. Then openssl command line interface is introduced with some easy to follow examples. Later openssl programming is explained in detail.

As the only free SSL programming library with source code available, openssl is notorious for its undocumented/underdocumented/misdocumented manuals. Starting a software project using openssl without prior experience is often a painful experience if you simply rely on the manuals coming with the source code. Given thousands of interfaces/data structures, it is an overwhelming job to understand openssl in depth. Your best bet is usually reading the sample source code that comes with package, but often it leaves lots of questions - what does this api do? Why use this one? Under what circumstances should I use this one? You may rely on openssl mailing list, but answer is not guaranteed and you have to do your own home work first.

So come this book finally. It explains (using many examples) most interfaces a typical openssl programmer would use in reality. It is a really easy to read from chapter to chapter since the authors apparently try to explain most api using a short and clear example.

I wish when the next version comes out, it can do:

1. fix typos. Yeah, it does contain some typos. Good proofreading is needed.

2. Include topics in openssl 0.9.7. Like CRL.

3. What's going on under hood. How openssl code is organized, how interface control of flow goes. This helps understand the openssl library and debugging as well.

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

9 of 9 people found the following review helpful:

4.0 out of 5 stars Great Book to Use When Writing an SSL app., May 27, 2005

M. Behur (Atlanta,GA) - See all my reviews
(REAL NAME)

This review is from: Network Security with OpenSSL (Paperback)

If you have little or no experience with SSL, or OpenSSL, get this book. It explains the principles behind SSL, and then goes on to cover OpenSSL. The companion website opensslbook.com contains the latest examples.

The only drawbacks to the book are the way that the authors cover random number generators for windows, (totally excludes the MS crypto function cryptgenrand(), in favor of the Author's own entropy collection system), and the creation of certificates could have been covered a little better. I also kept having to consult the Openssl API documentation for clarification on certain things, but overall this is a great book.

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

14 of 17 people found the following review helpful:

5.0 out of 5 stars Excellent!, November 22, 2002

Antonio A. Rodriguez "taserian" (Columbia, SC United States) - See all my reviews
(REAL NAME)

This review is from: Network Security with OpenSSL (Paperback)

OpenSSL is a terrific programming resource, but the online documentation on it
is hard to understand and index. This book brings most of it all together, and
provides enough examples to answer most of your questions.

One thing that it lacks is tie-ins with Java; most of its examples are in Perl
and Python. I'm currently trying to see if certain ideas can be implemented in Java.

A great book, and great read!

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment (1)

Share your thoughts with other customers: Create your own review

› See all 15 customer reviews...

Most Recent Customer Reviews

5.0 out of 5 stars Best book in SSL and OpenSSL
The best book on SSL and OpenSSL ....Period. Explains all important OpenSSL APIs and also has discussions on PKI apart from OpenSSL libraries in Perl and Python and how to use... Read more

Published 13 months ago by Book Guy

5.0 out of 5 stars Excellent book on OpenSSL
As a software developer writing both client and server based SSL code, this book helped a lot. There are a lot of details that are missing from the OpenSSL documentation that are... Read more

Published 15 months ago by John Hanley

4.0 out of 5 stars Gets the job done
I needed to use the SSL library for an isolated project at work, and the book worked out well as a roadmap. Read more

Published 19 months ago by Michael A. Gaul

5.0 out of 5 stars Happy with my purchase
I purchased this book in an effort to quickly get up speed with creating self-signed certificates for both client and server. I was able to use examples in this book to do so. Read more

Published on August 31, 2009 by Jeffrey Z. Wolf

2.0 out of 5 stars Another example of how NOT to write a technical book
Although I haven't finished reading the book yet, my level of frustration with it warrants a review. I'll update the review if I change my mind. Read more

Published on July 20, 2009 by Patrick Goetz

4.0 out of 5 stars O'Reilly's OpenSSL Book needs updating
This is a great book on cryptography, OpenSSL utilities and its API. The copyright is 2002 and no second edition was ever done. Read more

Published on June 10, 2009 by B. Gemeny

4.0 out of 5 stars If it weren't for this book, I don't know where I would be...
Everything I needed to know to write code supporting certificates, multi-threading and error reporting was explained in the first five chapters. Read more

Published on July 29, 2008 by Another Amazon Customer (TM)

4.0 out of 5 stars good for programmers
Contents: intro, openssl command line, PKI, then programming: support infrastructure, ssl, symmetric keys, hashes, public keys, and openSSL for Perl, Python, and PHP... Read more

Published on February 27, 2008 by Eric J. Wu

4.0 out of 5 stars SSL programming
This book was a valuable resource in implementing Secure Sockets, it would have been difficult to finish my product without it.

Published on January 9, 2007 by Jeffrey W. Leinbach

5.0 out of 5 stars SSL made Clear
I worked on a LAMP project with 'C' switching application behind it. This book clearly described what I needed and how to do it. Very good resource.

Published on January 9, 2007 by Greg W. Arnold

› See all 15 customer reviews...

Inside This Book (learn more)

Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
public key algorithms, abstract input, symmetric cryptography, server division, loading private key, return from this function, ssl object, mixed certificate, cipher context, verify callback, int lineno, unsigned int len, ssl write, cipher object, sealed data, loading certificate, goto err, return ctx, error queue, verifying utility, peer certificate, certificate resource, extra certificates, int inl, buffer that will

Key Phrases - Capitalized Phrases (CAPs): (learn more)
Certification Authority, Public Key Infrastructure, Advanced Programming, Programming Example, Other Languages, Digital Signature Algorithm, Support Infrastructure, Command-Line Interface, Public Key Interface, Internal Error Handling, Microsoft Internet Explorer, Constant Description, Advanced Encryption Standard, Using Engines, Certification Authorities, Random Number Generation, John Wiley, Securing Third-Party Software, Multithread Support, Arbitrary Precision Math, Cipher List, Certificate Request, Message Digest Algorithm

Citations (learn more)

4 books cite this book:

Real 802.11 Security: Wi-Fi Protected Access and 802.11i by Jon Edney on page 384, and Back Matter
Mac OS X Security by Bruce Potter in Back Matter
Public Key Infrastructure: Second European PKI Workshop: Research and Applications, EuroPKI 2005, Canterbury, UK, June 30- July 1, 2005, Revised ... Computer Science / Security and Cryptology) by David Chadwick on page 190
Open Source Solutions For Small Business Problems (Charles River Media Networking/Security) by John Locke on page 357

What Other Items Do Customers Buy After Viewing This Item?

Implementing SSL / TLS Using Cryptography and PKI by Joshua Davies Paperback
5.0 out of 5 stars (3)

$32.79

SSL and TLS: Designing and Building Secure Systems by Eric Rescorla Paperback
4.2 out of 5 stars (24)

$36.62

SSH, The Secure Shell: The Definitive Guide by Daniel J. Barrett Paperback
4.1 out of 5 stars (35)

$29.69

Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More by John Viega Paperback
4.2 out of 5 stars (12)

$62.48

› Explore similar items

Tags Customers Associate with This Product

(What's this?)

Click on a tag to find related items, discussions, and people.

ssl(4)

network security(3)

cryptography(2)

networking(2)

security(2)

encryption(1)

network administration(1)

ssh(1)

unix system administration(1)

Agree with these tags?

See all 14 tags...

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jqOnDisplayBlock { display: none; } .jqOnDisplayInline { display: none; } .jqOnVisibility { visibility: hidden; } .jqOnDisplayNoneBlock { display: block; } .jqOnDisplayNoneInline { display: inline; }

Customer Discussions

This product's forum

Discussion	Replies	Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight

Start a new discussion

Topic:

First post:

Receive e-mail when new posts are made

Prompts for sign-in

Guidelines

Active discussions in related forums

Discussion	Replies	Latest Post
Textbook Buyback forum Returned book in bad condition/Sent as new	2	3 hours ago
Textbook Buyback forum Ebooks	5	18 hours ago
Textbook Buyback forum Books containing highlights	7	2 days ago
Textbook Buyback forum Is it OK if I used it to nudge several people towards Death Valley with it?	2443	2 days ago
Textbook Buyback forum Book's condition	13	2 days ago
Textbook Buyback forum Pre-paid shipping label help	4	2 days ago
Textbook Buyback forum textbook trade in	4	5 days ago
Textbook Buyback forum shipping - texts	2	5 days ago