Cover V05, I02


Books: A User's Report

Elizabeth Zinkann

This month I read and reviewed Building Internet Firewalls, by D. Brent Chapman and Elizabeth D. Zwicky; AIX 6000 System Guide, by Frank Cervone; The Essential Web Surfer Survival Guide, by Jenny Fristrup; The World Wide Web Complete Reference, by Rick Stout; and C Programming FAQs: Frequently Asked Questions, by Steve Summit.

Building Internet Firewalls
by D. Brent Chapman and Elizabeth D. Zwicky
O'Reilly & Associates, Inc.
ISBN 1-56592-124-0

The proliferation of the Internet unleashes immediate (we hope) and convenient communication, easily accessed information, and also the possibility of unwelcome intrusion. Every technological advance possesses new and unique risks; the Internet is no exception. Although an unprotected connection provides users with access to sites all over the world, it also allows the knowledgeable, the malicious, or the merely curious entrance to your system. The most effective security measure is a firewall. Simply defined, a firewall permits control between the Internet and your network. It both stops intruders from entering and prevents users from unwittingly sending private information to the world. However, the firewall should not be the only safeguard for your system, but an integral part of your security plan.

Chapman and Zwicky discuss security problems, present a practical guide to building firewalls, and demonstrate how to implement a security policy. A successful plan is the result of careful examination, thorough investigation, and analysis. The administrator must recognize what he/she wants to protect and from whom, which Internet services the users need, and the benefits and disadvantages of available security tools. The authors address these concerns in four parts: Network Security, Building Firewalls, Keeping Your Site Secure, and Appendices.

The introductory section, Network Security, begins with Why Internet Firewalls, a glimpse at the different types of invasion and attackers and at the advantages and disadvantages of firewalls. It also includes Internet Services, a consideration of the benefits and associated risks of an Internet connection, as well as a chapter on the basic security strategies currently available. The second section, Building Firewalls, demonstrates how to build firewalls and implement the concomitant services. The individual topics include Firewall Design, Bastion Hosts, Packet Filtering, Proxy Systems, Configuring Internet Services, Two Sample Firewalls, and Authentication and Inbound Services. Keeping Your Site Secure describes how to develop a security policy, maintain the firewall, and handle any security problems as they occur. This section includes chapters discussing security policies, firewall maintenance, and responses to security incidents. The Appendices feature Resources, Tools, and TCP/IP Fundamentals.

Chapman and Zwicky write very well, presenting the facts, explaining them when necessary, and using examples for clarification. They frequently employ figures, tables, and lists to aid the reader. Several books discuss the theory of firewalls, but few describe their practical implementation. Building Internet Firewalls addresses the fundamentals of firewalls, as well as the design of a general security policy. This is an excellent addition to the library of both Internet and security books. Every system, Internet, and network administrator should read it.

AIX 6000 System Guide
by Frank Cervone
J. Ranade Workstation Series
ISBN 0-07-024129-5

When the AIX system debuted, no third-party books existed to help administrators or users with the IBM documentation. As AIX became a more permanent fixture in the UNIX world, it received a little more coverage, in the form of individual chapters in select books. Finally, a few books were devoted primarily either to its use or to its administration. AIX 6000 System Guide, the latest addition to this select group, addresses both administrators and users.

Cervone divides the book into three parts: An AIX Overview, Basic Operating System Usage, and User Interface Topics. Part One includes Introduction to the RS/6000, Introduction to AIX/6000, and the AIX/6000 Architecture. Part Two, which is addressed to the system administrator, contains Starting and Stopping the System; Files and Directories; File Systems, Logical Volumes, and Physical Volumes; Processes and Subsystems; Printing; Users, Groups, and Security Considerations; Hardware Management; and Networking and Communications. In Part Three, Cervone covers topics for the AIX/6000 user: vi, the Korn Shell, and Miscellaneous Commands. The Appendices provide Basic Problem Solving Tools, Error Log Identifiers, and LED Indicators.

Throughout the book, the text is supported and enhanced by tables, figures, diagrams, and screen outputs. Cervone's approach to complex concepts is logical and straightforward; he provides a step-by-step progression in a clear writing style. This is a superb book for anyone using an AIX/6000 machine, whether as an administrator or a user.

The Essential Web Surfer Survival Guide
by Jenny Fristrup
Hewlett-Packard Company
Prentice Hall
ISBN 0-13-442971-0
$29.95 Disk Included

Specifically written for the nontechnical PC user, The Essential Web Surfer Survival Guide provides "a friendly introduction" to the World Wide Web. Experienced users often explain internet concepts quickly and in acronyms, giving the impression that the Internet works by magic. Fristrup dispels the smoke and mirrors and explains these concepts simply. She identifies the different sections of the Internet, defines the terms and presents examples. The book is organized into three sections Part One: The Overview; Part Two: How To Do It; and the Appendices.

The Overview includes Meet the Web; The Web's Commodity; Hypertext, HTML, and Why It Is Called the Web; and People Who Have Information. The introductory chapter, Meet the Web, answers some basic questions and discusses what the Web is, its information, its diverse elements and how it works. (This chapter contains a one-line definition of cyberspace that is understandable, accurate, and not overly simplistic.) The Web's Commodity examines the various formats in which information may be stored, Hypertext, HTML and Why It Is Called the Web details HTML (Hypertext Markup Language), the design principles of the Web, and what an HTML document looks like. The final chapter in the overview selects some actual Web pages to view.

The accompanying disk provides a copy of NetCruiser software. The first chapter in the second section discusses how to install and use NetCruiser. The rest of the section includes Internet Tools, URLs (Uniform Resource Locaters) and How to Navigate, a Directory of URLs, Key Things to Know How to Do, How to Create Your Own Home Page, Putting Information on the Web, Advice From Austin Technology, and Using the Web to Learn More about the Web. The Essential Web Surfer Survival Guide is approximately 600 pages long; the first two sections occupy 226 pages , and the rest of the book provides several useful Appendices. These include Entering the World Wide Web: A Guide to Cyberspace; World Wide Web Frequently Asked Questions (Parts I and II); HTML Source Files; Useful E-Mail Addresses; How to Use Netscape Navigator; How to Get and Use Adobe Acrobat Reader; Recommended Reading; and a Glossary.

Fristrup has written an informative, readable introduction to the Web, examining its fundamental design and implementation. This book offers a valuable foundation for any Web user; the appendices extend its appeal to intermediate and advanced surfers. The Essential Web Surfer Survival Guide will be an asset to any user's library.

The World Wide Web Complete Reference
by Rick Stout
Osborne McGraw-Hill
ISBN 0-07-882142-8

The World Wide Web provides many different services: it furnishes instant communication via electronic mail, features access to research tools among databases all over the world, and it also can be a marketing tool for businesses. The Web has become so popular that it deserves a reference book of its own, independent of Internet references. In general Internet texts, the information about the Web consists of a description of the Web and an explanation of how to use it. Stout has written a resource that not only tells you how to use the Web, but also demonstrates how to create a Web page. The World Wide Web Complete Reference is divided into three sections: Getting Started with the Web, Creating Web Pages, Advanced Web Topics, and Appendices.

Getting Started describes the Web and the essential equipment any user needs to access the Web. The author also tackles Getting Connected, Turnkey Solutions for Connecting to the Internet, Web Access through Online Services, and using Web Browsers. The second section discusses Weaving a Better Web; The Language of the Web HTML; Defining an HTML Page; Formatting Text and Displaying Special Characters; What's New with HTML 3; Anchors: The Hypertext Cross-Reference; Working with Multimedia Objects; and Gateway Interfaces and Forms. Advanced Web Topics include Tools for Authoring HTML Pages, Finding a Home for Your Pages, Networking with the Internet, High-Speed Connections to the Internet, Web Servers, Doing Business on the Web, and a catalog A Guide to Business on the Web. The Appendices contain HTML codes and free software. Essentially, the three parts address what kind of Internet connection the user needs and how to choose one, assigning and creating a Web page, and miscellaneous topics from applications to security.

The writing style here is logical and clear, and a number of figures and diagrams supplement the text. The catalog illustrates the variety of different businesses currently on the Web. This is an excellent book for users of all levels: I highly recommend it.

C Programming FAQs: Frequently Asked Questions
by Steve Summit
ISBN 0-201-84519-9

The C programming language is a powerful and permissive language; it allows the programmer to do many things at various levels. However, whether a statement works the way the programmer intended is an entirely different matter. Generally, if a problem arises, a programmer new to C will complain that the language permitted the originator to cause it. The language allowed it, and the program performed in exactly the way the programmer commanded. This behavior usually leads to a question or series of questions about the way C behaves. If one person has a question, others usually have the same question. Steve Summit has collected a group of the most frequently asked questions (and, thankfully, the answers) and put them in print.

These questions are clearly answered and often illustrated through code examples. They are organized in 20 chapters, each covering a different topic. The topics attempt to follow a procedural order, in the same way that a program would be written. After the first table of contents, a second table of contents appears consisting of the individual questions, making them easy to locate. The answers are easily found, well organized, and clearly written. This is an excellent book, and one that any programmer will value.

About the Author

Elizabeth Zinkann has been involved in the UNIX and C environment for the past 11 years. She is currently a UNIX and C consultant, and one of her specialties is UNIX education. In addition to her cmoputer science background, she also has a degree in English. Elizabeth can be reached via CompuServe at 71603,2201 (Internet format:, or at America Online (