Cover V09, I07


Books: A User's Report

Elizabeth Zinkann

The criteria for reviewing books constantly changes. Unlike the classic works of fiction or non-fiction, technical books exist to provide information for their readers. A substantive part of that information has a short time span before it becomes outdated. Depending on an individual's specific interests, some books will always be intriguing. Some of the recent books that I've found valuable, intriguing, or entertaining include: Remote Access 24seven by Paul E. Robichaux (Sybex Network Press); Evil Geniuses in a Nutshell, A User Friendly Guide to World Domination by Illiad (O'Reilly & Associates, Inc.); The Concise Guide to Xfree86 for Linux by Aron Hsiao (Que Books); Linux Programmer's Reference, Second Edition by Richard Petersen (Osborne McGraw-Hill); Solaris Security by Peter H. Gregory, Foreword by Steven M. Bellovin (Sun Microsystems Press, Prentice Hall).

Remote Access 24seven
Paul E. Robichaux
Sybex Network Press
ISBN 0-7821-2531-X
423 Pages

The challenges and considerations of supporting a 24/7 network require careful planning, implementation, patience, and a little bit of tightrope walking. Maintenance must be scheduled without service interruption, and backup and recovery policies need to be established. Remote access adds another degree of complexity. As lifestyles become more mobile, with cell phones, notebook and hand-held computers, pagers, and telecommuting, a network's range has been extended to airports and airplanes, trains and train stations, homes, conferences, hotels, or wherever the user happens to be. (It is now possible to make a cross-country phone call between two people twenty-five feet away from one another.) In Remote Access 24seven, author Paul Robichaux addresses the concepts and issues that remote access procedures employ. He also discusses administration techniques to keep the network both available and secure. The author examines the essential facets within four major sections plus the Appendices: Planning and Deployment, Remote Access with Windows NT, Remote Access Clients and Servers, and My Network Has Fallen and Can't Get Up.

In the introductory section, Planning and Deployment, Robichaux describes the fundamental principles of remote access through Remote Access Concepts and Protocols and Planning Your Remote Access Solution. He discusses the assorted hardware, the various types of connections, protocols, services, and safety-net implementations. Remote Access with Windows NT, the second section, clarifies RAS (remote access service) with the Windows NT system through: Installing and Configuring the Remote Access Service, Installing and Configuring the Routing and Remote Access Service, Securing Your NT Environment, and Setting Up a VPN [Virtual Private Network] with NT. The following section, Remote Access Clients and Servers, analyzes remote access with the Linux, Windows, MacOS, and NetWare clients plus Linux servers. The individual chapters detail: Setting Up Linux PPP Servers, Setting Up Windows RAS Clients, Configuring Linux PPP Clients, MacOS Clients and Remote Access, and NetWare Clients and Remote Access. The concluding section, My Network Has Fallen and Can't Get Up, reviews Optimizing Remote Access, Troubleshooting, and Disaster Recovery. The Appendices contain A) Using Multimodem Cards, B) Using RAS Concentrators, C) Using A Dedicated VPN Router, and D) Remote Access Vendors.

Robichaux provides a practical source for installation, configuration, and troubleshooting remote access services. Each section begins with a list of topics discussed within the following chapters; each chapter presents a brief introduction and ends with a case study. These examples document actual problems and the methods used to resolve them. Robichaux clearly illustrates the concepts of remote access connections, the similarities and differences among the various operating systems, and successfully reduces the acronym alphabet soup to understandable terms. Remote Access 24seven by Paul Robichaux is an excellent, well-written book. It provides the administrator with the necessary information and techniques relevant to remote access implementations in a straightforward and readable style.

Evil Geniuses In A Nutshell
A User Friendly Guide to World Domination
O'Reilly & Associates, Inc.
ISBN 1-56592-861-X
122 Pages

In the sequel to User Friendly: The Comic Strip (O'Reilly & Associates, Inc. ISBN 1-56592-673-0, $12.95), the cast and crew of Columbia Internet is back with more laughter-provoking episodes provided by Illiad. The assortment of comic strips include something for everyone: tech support, programmers, system administrators, and gaming enthusiasts. Illiad's witty approach to topical subjects, such as technical news and press releases, as well as the daily routines of the Columbia Internet staff (including Dust Puppy, Erwin, and occasionally Matt and Tux), creates a reflection of the Open Source community which is unique, insightful, and side-splitting comic relief. Many of us start or end our days with User Friendly. For those of you who don't, you don't know what you are missing! Thanks to O'Reilly, we can enjoy our favorites again and again without an Internet connection. User Friendly is the Open Source comic strip!

The Concise Guide to XFree86 for Linux
Aron Hsiao
Que Books
ISBN 0-7897-2182-1
464 Pages

With the user-compatible windowing environments available with today's Linux distributions, many users don't realize the powerful capabilities of XFree86. However, if a video configuration becomes impossible to read or navigate, a shell prompt and the XFree86 configuration files can restore order within a few minutes and a little editing. The answers to many installation problems can be found within the XFree86 files. In The Concise Guide to XFree86 for Linux, Aron Hsiao provides the configuration and customization information to utilize the XFree86 utilities. He presents the information in six categories: X11R6, XFree86, and Linux, Starting and Using XFree86, Configuring the XFree86 Runtime, Integrated Linux Environments, Multiuser and Networked X, and the Appendixes. The introductory section, X11R6, XFree86, and Linux discusses X11R6 and the XFree86 Project plus Installing and Configuring XFree86.

The second section, Starting and Using XFree86, describes Launching XFree86, Standard XFree86 Programs and Utilities, and Linux/X Toolkit Particulars. Some of the utilities and toolkits in the latter two chapters highlight startx, xedit, xterm, xman, Gtk/Gtk+, Qt from Troll Tech, Motif, and OpenLook/Xview. The following section, Configuring the XFree86 Runtime, details Runtime Session Defaults, Runtime Server Configuration, Runtime Application Configuration, and Runtime Environment Configuration. Some of the topics with the previous chapters illustrate X Color Management, Adding Postscript and TrueType Fonts to X, The Standard Xt/Athena Command-Line Arguments, The Icon or Application Manager, The fvwm Window Manager, and the twm Window Manager. The fourth section, Integrated Linux Environments, describes the Integrated Environment Versus Window Manager, The KDE 1.1.1 Environment, The GNOME 1.0 Environment, and KDE/GNOME/X Issues and Other Linux Environments. In the fifth section, Hsiao examines Mulituser and Networked X through the Display Managers, Working on the Network, Tunneling X Through ssh (Secure Shell), and Heterogeneous Networks chapters. The concluding section contains the Appendixes: A) Sample Window Manager Configurations, B) XFree86 3.3.5 Details, and C) Supported Linux 2.2 Framebuffers.

The Concise Guide to XFree86 For Linux by Aron Hsiao provides a veritable wealth of knowledge about XFree86. In addition to installation and configuration instructions and options, the author offers tips, identifies accepted hardware, and explains how to change hardware settings through the configuration files. Hsiao presents the general concepts and principles and also illustrates their respective implementation specifics. This is a superb book and an excellent guide that every Linux administrator will appreciate and use often.

Linux Programmer's Reference
Second Edition
Richard Petersen
Osborne McGraw-Hill
ISBN 0-07-212355-9
443 Pages

Programmers often visualize a program's end result. They may know exactly what it will do and how fast it will execute without knowing what tools they want to use. The Linux Programmer's Reference presents the commands and syntax plus an overview of each utility. The overview includes a description of the command or program as well as its syntax. Petersen features chapters on the following topics: BASH Shell Programming, TCSH Shell Programming, Z-Shell Programming, Compilers and Libraries: gcc, g++, and gdb, Development Tools, GNOME Programming, and KDE Programming. The Appendices include A) Perl: Quick Reference, B) Tcl and Tk, and C) TeX and LaTeX. Petersen clearly explains each topic, command, and function. With the logical account of the tools and utilities, a Linux programmer can more easily judge which function will produce the desired result. This handy-sized volume is an excellent reference and a superb companion to Linux: The Complete Reference, Third Edition, (Osborne/McGraw Hill, ISBN 0-07-212164-5, $39.99) also by Petersen. His logical and readable writing style make them a dynamic duo for any Linux user, programmer, or administrator.

Solaris Security
Peter H. Gregory
Foreword by Steven M. Bellovin
Sun Microsystems Press
Prentice Hall
ISBN 0-13-096053-5
291 Pages

One of the primary definitions of security, according to the Random House College Dictionary, is “freedom from danger, risk, etc.; safety.” That assumes that the reader already knows what danger, risk, and safety entail. Physical safety is easily recognized; computer security remains much more elusive. Maintaining a secure computer operating system presents a challenge, even to the most proficient systems administrators. As Bellovin emphasizes in the Foreword, the host system must be secure before anything else can be relatively safe. (It's similar to delivering a package by armored truck to an unlocked house. It's safe until it gets there.) Through descriptions, examples, and detailed inspection of the Solaris system design and architecture, Gregory illustrates security problems and their respective solutions. He addresses the topics through five sections: the Introduction, The Standalone System, The Network-Connected System, Disaster and Recovery, and the Appendices. Part One: Introduction examines The Security Problem and The Security Paradigm. These two chapters give the systems administrator a place to begin thinking about system safeguards. Part Two: The Standalone System discusses: The PROM, OpenBoot, and Physical Security; The Filesystem; User Accounts and Environments; System Startup and Shutdown; cron and at; and System Logs.

In these chapters, Gregory explains each of the topics from a security analyst's viewpoint. He notes which files, processes, and habits invite unwanted intrusion and how to prevent it. In Part Three: The Network-Connected System, Gregory discusses Network Interfaces and Services, Network/System Architecture, Electronic Mail, Printing, Network Access Control, Name Services, and NFS and the Automounter. Anyone who has ever examined the inherent problems of email, DNS, or TCP/IP realizes the difficulties in protecting a system that utilizes them. This section presents some of the utilities available to better protect a networked system. The following section, Part Four: Disaster and Recovery, surveys System Recovery Preparation and reviews some common problems and their solutions. The concluding section, Part Five: Appendices, contains: A) Online Sources for Security Information, B) Online Sources for Public-Domain Security Tools, C) Obtaining and Applying Solaris Patches, D) Suggested Reading, E) Solaris Security Products, F) Implementing C2 Security, G) Verifying the Integrity of Public-Domain Software, a Glossary of Attacks, and a Secure System Checklist.

Solaris Security by Peter H. Gregory is an outstanding addition to any administrator's security library. The author demonstrates how to make your system more secure and the best ways to protect it. The information provided applies to most UNIX systems with the examples implemented on a Solaris system. Gregory presents detailed information, well-documented disadvantages (e.g., TCP/IP problems), and numerous references for further information. (The information in the Appendices alone is worth the price of the book.) This is a superb book on system security and how to achieve it, written in an excellent and detailed style. n

About the Author

Elizabeth Zinkann has been involved in the UNIX and C environment for the past 13 years. She is currently a UNIX and C consultant, and one of her specialties is UNIX education. In addition to her computer science background, she also has a degree in English. Her writing has also appeared in Linux Magazine, Performance Computing, and Network Administrator. Elizabeth can be reached at: