Books (Building Internet Firewalls, 2nd Edition)

A.9. Books

This section describes a number of books that are useful as references or for further understanding of particular topics.

Albitz, Paul and Cricket Liu. DNS and BIND. Third Edition. Sebastopol, CA: O'Reilly and Associates, 1998.

This book provides an explanation of the details of how Internet name service works on Unix systems.

Albitz, Paul, Matt Larson, and Cricket Liu. DNS on Windows NT. Sebastopol, CA: O'Reilly and Associates, 1998.

This version of the book provides an explanation of the details of how Internet name service works on Windows NT.

Cheswick, Bill and Steve Bellovin. Firewalls and Internet Security. Reading, MA: Addison-Wesley, 1994.

This was the first book published on firewalls, describing the authors' experiences building a series of firewalls for AT&T Bell Labs. The book tends to be strong on theory and background but weak on implementation details; it tells you how they build firewalls, but you probably can't duplicate their tools and methods without the same kind of backing they have (AT&T Bell Labs). Even so, it's a classic in the field.

Comer, Douglas E. Internetworking with TCP/IP Volume I: Principles, Protocols, and Architecture. Third Edition. Englewood Cliffs, NJ: Prentice Hall, 1995.

This book provides a helpful introduction to the nuts and bolts of TCP/IP networking. It discusses the basics about what packets look like and how routing works, etc. Later volumes include introductions to some of the higher-level protocols such as SMTP and FTP.

Garfinkel, Simson. PGP: Pretty Good Privacy. Sebastopol, CA: O'Reilly & Associates, 1994.

This is an excellent guide to the very popular program, PGP, which lets you encrypt and apply digital signatures to your messages. In addition to technical details, it contains the fascinating, behind-the-scenes stories of Phil Zimmermann's development of PGP, electronic privacy, and cryptography export and patents in the United States.

Garfinkel, Simson and Gene Spafford. Practical UNIX & Internet Security. Second Edition. Sebastopol, CA: O'Reilly & Associates, 1996.

This is a very good guide to Unix host security. Simson Garfinkel is also the author of PGP: Pretty Good Privacy. Gene Spafford is now one of the principals of the CERIAS center at Purdue University.

Hunt, Craig. TCP/IP Network Administration. Second Edition. Sebastopol, CA: O'Reilly & Associates, 1998.

This book provides an excellent system administrator's overview of TCP/IP networking. It focuses on Unix systems and includes a very useful reference to major Unix networking services and tools such as BIND (the standard Unix DNS server) and Sendmail (the standard Unix SMTP server).

Hunt, Craig, and Robert Bruce Thompson. Windows NT TCP/IP Network Administration. Sebastopol, CA: O'Reilly & Associates, 1998.

This book provides an excellent system administrator's overview of TCP/IP networking. It focuses on Windows NT systems.

Nemeth, Evi, Garth Snyder, Scott Seebass, and Trent R. Hein. Unix System Administration Handbook. Second Edition. Englewood Cliffs, NJ: Prentice Hall, 1995.

This is the standard reference guide to practical Unix system administration issues. It includes good, real-world coverage of thorny issues like backups.

Schneier, Bruce. Applied Cryptography: Protocols, Algorithms, and Source Code in C. Second Edition. New York: John Wiley & Sons, 1995.

This is an extremely comprehensive book about cryptography algorithms and techniques. It covers the Data Encryption Standard (DES), the RSA algorithm, and all of the other private and public key algorithms, with mathematical details for all of them. Source code is available.

Stevens, Richard W. TCP/IP Illustrated, Volume 1: The Protocols. Reading, MA: Addison-Wesley, 1994.

This is a good guide to the nuts and bolts of TCP/IP networking. Its main strength is that it provides traces of the packets going back and forth as the protocols are actually in use and uses them to illustrate the discussions of the protocols.

Stoll, Cliff. The Cuckoo's Egg. Garden City, NJ: Doubleday, 1989.
This is a fascinating true story about a hunt for crackers on the Internet. It gives you an appreciation of the time and effort it takes to track an attack against your site, and it also includes a good chocolate chip cookie recipe.