Cover V08, I03


Books: A User's Report

Elizabeth Zinkann

With each column, I endeavor to review books that are not only interesting, but also current and helpful. This issue's selections feature a hardware and review book, a security topic, a consumer's aid to software, and a beginning administration textbook. The specific reviewed books include: Tom's Hardware Guide by Dr. Thomas Pabst with Michael Desmond, Larry Barber, and Frederick Gross (Que Corporation, Sams Publishing); Protecting Networks with SATAN by Martin Freiss (O'Reilly & Associates, Inc.); Bad Software: What to Do When Software Fails by Cem Kaner and David Pels (John Wiley & Sons, Inc., Professional Trade Division); and the UNIX System Administrator's Interactive Workbook by Joe Kaplenk (Prentice Hall Interactive). I believe that each of these selections will assist UNIX administrators and users.

Tom's Hardware Guide
By Dr. Thomas Pabst with Michael Desmond,
Larry Barber, and Frederick Gross
Que Corporation
Sams Publishing
ISBN 0-7897-1686-0
603 Pages

The computer user in search of a new system, component, or peripheral has recently encountered lower prices. This welcome trend allows experienced users to upgrade to more powerful machines with state-of-the-art features and also encourages previously cautious consumers to purchase their first systems. Deciding what choices will produce the optimum performance can be a confusing and difficult task. The Web site that inspired this book ( consistently provides product information and reviews beyond the flurry of four-color advertisements and industry rumors. Similarly, the book presents reviews and benchmark results of hardware comparisons and independent tests. The authors also illustrate how computers work and describes how the individual components and peripherals interact with their respective interfaces.

Tom's Hardware Guide discusses concepts and practices through eight major sections: the Overview, On Board, Storage Devices, Graphic & Audio Systems, Getting Connected, Completing Your System, Tom's Dream Machine, and the Appendices. Each segment addresses several related hardware topics, displaying the user's current choices and highlighting the benefits and disadvantages of each option. The Overview features The Guide Guide, a Hardware Primer, and Operating Systems. The first chapter, The Guide Guide (Note: that is the title and not my typing error - this time), explains what Tom's Hardware is, outlines the book's topics, and describes the chapter format. The following chapters briefly present the various issues that hardware design include and examines some aspects to consider before selecting an operating system. The second part, On Board, surveys the necessary elements of a system motherboard: CPU Guide, Chipset Guide, BIOS Guide, Motherboards, RAM Guide, and an Overclocking Guide, which includes a step-by-step procedure for overclocking. (I consider this section, particularly the Chipset Guide, one of the most valuable elements in the book. The wrong chipset can severely limit future upgrading attempts.) In the third section, Storage Devices, Pabst examines Disk Controllers and provides a Hard Disk Guide, a Tape Backup Guide, a Near-Disk Storage Guide, and an Optical Storage Guide. Graphic & Audio Systems, the fourth section, encompasses a Graphics Board Guide, a Display Guide, and a Sound Card Guide; the following division, Getting Connected, features a Modem Guide and a Network Hardware Guide. Completing Your System, Part Six, reviews Input Devices, Cases and Power Supplies, while Part Seven reveals Tom's Dream Machine. The Appendices cover (A) Benchmarking and (B) Future Casting.

Tom's Hardware Guide furnishes an important and valuable hardware reference. Pabst, with Desmond, Barber, and Gross, appraises both new hardware and new types of hardware, from motherboards, RAM, and processors to AGP (Accelerated Graphics Port) graphics adapters and DVD (Digital Versatile Disk or Digital Video Disk) drives. As both new and experienced users endeavor to understand the relatively new interfaces, the authors describe them clearly and distinctly. Many authors assume that the reader already knows the differences between 1:1 and 2:1 interleaving (explained on page 146) or how to upgrade a Flash BIOS successfully (detailed on page 148). Pabst, Desmond, Barber, and Gross, discuss the concepts and itemize the steps necessary to complete the task successfully. Designed to complement (and not replace) the popular Web site, the primary objective of this book is to provide the reader and user with a printed reference of information, reviews, and advice about products before he or she purchases a new component or peripheral. It is enlightening (and occasionally surprising) to discover, for example, that:

"...too many systems today ship with no free IRQs, limiting your upgrade options." [ Page 14]

A consumer report specifically designed for computers, Tom's Hardware Guide is a superb and well-written resource for every computer user, administrator, and programmer. Read this book before you shop!

Protecting Networks with SATAN
By Martin Freiss
O'Reilly & Associates, Inc.
ISBN 1-56592-425-8
112 Pages

Security and, more importantly, the lack of security remains a primary issue of concern for system administrators, programmers, and users. The possibility of intrusion, invasion, and eavesdropping permeates daily tasks and routines. In Protecting Networks with SATAN (Security Administrator's Tool for Analyzing Networks), Freiss describes SATAN's purpose and capabilities and informs the reader how to obtain the software program. He also discusses installation procedures, specific configuration details, using SATAN, and protection techniques. SATAN, written by Wietse Venema and Dan Farmer, analyzes a host computer for configuration errors and also diagnoses recognized problems in familiar programs, protocols, and utilities. It discovers and documents possible problems and explains the potential hazards. (Friess also notes in chapter two that if the administrator prefers SANTA to SATAN, he or she may change it by running the repent command. This transforms the program to the Security Analysis Network Tool for Administrators (SANTA)).

Following the Preface, which introduces SATAN, explains what it is and also describes what it isn't, Freiss divides the topics into seven basic chapters. They address Security, Installing SATAN, Security Audits, Scan Results and Countermeasures, Extending and Adapting SATAN, Detecting and Repelling SATAN Attacks, and Beyond SATAN. The Appendix, Further Reading, provides related references and sources on computer security. The author explains the topics procedurally, beginning with the first chapter, Security, which reviews some fundamental concepts of both security and network security. Installing SATAN, the following chapter, informs the reader how to obtain SATAN, necessary system requirements, and how to compile and install SATAN. (The site that I checked ( \
) for those who have not visited it, is intriguing for utilities, hoax and virus information, as well as documentation purposes. One of the more prophetic statements in this book refers to Windows NT-related security risks and concerns prior to Remote Explorer).

The author also identifies some problems that may occur, their solutions, and special considerations that a Linux installation requires. The Security Audits chapter demonstrates how to configure SATAN correctly, without scanning systems that are not within your immediate jurisdiction, such as your Internet Service Provider or the Internet itself. (Scanning the Internet could also be slightly time-consuming.) Following a system scan, the administrator can then process the results and determine what corresponding actions, if any, should be initiated. In the fourth chapter, Scan Results and Countermeasures, Freiss demonstrates what the test results indicate, their potential danger to the system, the criteria for assessing their danger, and some feasible solutions. The succeeding section, Extending and Adapting SATAN, could also be named Advanced or Intermediate SATAN. With a fundamental knowledge of Shell Programming and Perl, an administrator can tailor SATAN to include tests or exercises specific to his or her situation, location, and environment. The author next focuses on Detecting and Repelling SATAN Attacks and details how to determine whether someone is using SATAN to reveal weaknesses within your system. He also presents tools to protect your system from an intrusion. The concluding chapter identifies SATAN's limitations. In Beyond SATAN, Freiss highlights what SATAN does not and cannot safeguard or prevent. He also stresses the importance of a security policy: procedures to follow and consider should someone attempt to invade the system. The Appendix, Further Reading, contains both Publications and Online Resources, as well as Wietse Venema's PGP (Pretty Good Privacy) key.

Protecting Networks with SATAN by Martin Freiss is a straightforward, well-written, and practical guide to obtaining, installing, configuring, and using SATAN. The author demonstrates exactly how to set up the SATAN program and utilize it without involving other systems. He also details how to diagnose the results, correct most problems, and customize SATAN for an individual environment. This is an excellent handbook for every UNIX system administrator concerned with system or network security.

Bad Software: What to Do When Software Fails
By Cem Kaner and
David Pels
John Wiley & Sons, Inc.
Professional Trade Division
ISBN 0-471-31824-4
365 Pages

Whether you are an experienced computer professional or a beginning computer user, you have most certainly experienced some variation of software failure or disappointment. Perhaps an installation caused a conflict, slowed your formerly fast machine to a crawl, or refused to recognize the modem or mouse. Maybe it just didn't perform like the box claimed that it would. With any luck, your machine will recover without any major damage. Most users either just accept it as a bad investment or call the manufacturer. When technical support answers, the friendly representative informs you that this has never happened before and that it's most likely your computer's fault. The program ends up somewhere on a shelf, collecting dust. In the interest of all of us who have accepted the standard excuses, authors Kaner and Pels have written an assertive consumer's guide to poor software, inadequate documentation, and how to obtain elusive customer satisfaction.

Bad Software: What to Do When Software Fails illustrates techniques to use when a product is not what the customer expected. The authors address the consumer's options through the following chapters: Read This First, Introduction, Preparing to Make the Call, Knowing What to Ask For, Making the Call, Consumer Protection Agencies, Software Quality and the Law, Overview of a Lawsuit, Lawyers, Small Claims Court, and Safe Shopping. The Appendix describes A New Threat to Customers' Rights: Proposed Revisions to the Uniform Commercial Code.

Anyone who has experienced any type of problem with a software program or a device driver (which is still a software concern) or excuses from vendors will thoroughly enjoy the first half of this book. (Yes, this type of thing DOES happen to other people!) A knowledgeable friend with a new printer and an installation problem (pages of postscript code without any pictures) was brusquely dismissed and redirected to her computer's manufacturer. That manufacturer in turn redirected her to the operating system company. This is one of the many standard operating procedures described by the authors. Kaner and Pels demonstrate how to secure refunds, additional support, and upgrades to the malfunctioning or disappointing product.

This extraordinary book provides a combination of consumer awareness and assertiveness guidelines, a humorous narrative, and demonstrates how to effectively deal with companies without raising your blood pressure. Kaner and Pels have performed a community service for computer users. Every computer user should read this book, practice its guidelines for talking or writing to the manufacturer and obtaining fair recompense for lost time and effort. This is an excellent book, which I thoroughly enjoyed. Bad Software: What to Do When Software Fails should be required reading for every computer owner.

UNIX System Administrator's Interactive Workbook
By Joe Kaplenk
Prentice Hall Interactive
ISBN 0-13-081308-7
588 Pages
CD-ROM Included

System administration usually becomes an on site, on the job training experience. Even if the student has access to a system, other users do not appreciate a system crash just to practice solving problems. However, with Prentice Hall's latest interactive series, it's possible to learn the primary concepts of administration through a variety of ways. Each workbook has its own site with project solutions, an author's corner, practice questions with immediate feedback, and a message board. (When I tried each of the site's sections, the message board was the only item that wasn't practical. At the time, there weren't any students, which I am sure has changed. However, the rest of the site worked well.)

Kaplenk addresses the topics in the following order: System Security, The Bourne Shell User, The Korn Shell User, The C Shell User, User Accounts, Startup Processes, Reboot, Disks and Filesystems, Backup and Restore, and Solaris Filesystems. The Appendices contain (A) Answers to Self-Review Questions, (B) Important UNIX Commands, (C) Running Yggdrasil Linux, (D) Linux Information Sheet, (E) Linux Installation and Usage Tips, (F) PC-Based UNIX Systems, (G)Multi-Boot PC UNIX/DOS/Linux Systems, and (H) SCSI Interfaces. (For current Linux users, the Bourne Again Shell (BASH) is covered in Chapter 2.) The accompanying CD-ROM includes the computer-based training (CBT) course module Solaris 2.5.1 System Administration: System Configuration.

The book is organized into separate lab sessions. Each session has the objectives, an introduction, exercises, exercise answers, and self-review questions. A "Test Your Thinking" section in each chapter ties the labs in the chapter together. The UNIX System Administrator's Interactive Workbook is a good way for a student to learn administration principles and practices or for an administrator to review them. The exercise answers within each lab plus the instructor's notes provide most of the important material. The Workbook utilized in conjunction with the Web site can simulate the desired situations for the beginning student. Although I am most comfortable with a more traditional and comprehensive approach to learning, Prentice Hall's Interactive Workbook Series provides an effective way to quickly learn (or recall) essential subject concepts and techniques.

About the Author

Elizabeth Zinkann has been involved in the UNIX and C environment for the past 12 years. She is currently a UNIX and C consultant, and one of her specialties is UNIX education. In addition to her computer science background, she also has a degree in English. Elizabeth can be reached via America Online (