Cover V10, I04


Books: A User's Report

Elizabeth Zinkann

This month's reviews cover a wider range of topics than usual. From FreeBSD to intrusion sluething to SQL to mod_perl to a visual UNIX book, the books for this column include: The FreeBSD Corporate Networker's Guide by Ted Mittelstaedt (Addison-Wesley), Intrusion Signatures and Analysis by Stephen Northcutt, Mark Cooper, Matt Fearnow, and Karen Frederick (New Riders Press); SQL In A Nutshell: A Desktop Quick Reference by Kevin Kline with Daniel Kline (O'Reilly & Associates, Inc.); mod_perl Pocket Reference by Andrew Ford (O'Reilly & Associates, Inc.); UNIX: Your Visual Blueprint to the Universe of UNIX by Michael Bellomo (maranGraphics and Hungry Minds Books, formerly IDG Books).

The FreeBSD Corporate Networker's Guide
Ted Mittelstaedt
ISBN 0-201-70481-1
401 Pages
CD-ROM Included

This impressive and practical guide to FreeBSD illustrates its advantages and capabilities and also demonstrates how to use this reliable and popular system. Mittelstaedt explores the FreeBSD/Windows co-existence, the Internet protocol perspective, and the FreeBSD installation and configuration options. He begins with FreeBSD Serving Windows Networks, which examines the functions of FreeBSD and Windows within the same system. Following the introduction, the author discusses DHCP, DNS, and TCP/IP on the Corporate LAN, exploring the TCP/IP protocol suite's varied services, setup for different platforms, and application programs. The next chapters describe FreeBSD Installation and FreeBSD System Administration. (The author mentions an interesting catch-22 in the Preface:

"You need to know how FreeBSD works before you can install it properly, but you need an installed FreeBSD system before you can learn how it works." [Preface, Page xvi]

In Internet Connectivity and Corporate WANs, the author analyzes Internet Service Providers, Security and Firewalling, and Proxy Serving and IP Address Translation. The succeeding chapters detail Web Serving, Fileserving with Samba, Printserving, and Electronic Mail. The final chapter presents an unusual assortment of topics: FreeBSD history, its relationship to Linux, FreeBSD Advocacy, The Microsoft Antitrust Trial, and Some Final Words About Open Source Software. The enclosed CD-ROM contains the base FreeBSD 4.2 operating system for Intel architecture plus Xfree86 3.3.6 for FreeBSD, as well as the most popular third-party packages for FreeBSD.

The FreeBSD Corporate Networker's Guide is a remarkable book in several ways. The topic discusses a seldom-addressed system and the details of its networking capabilities. The author's approach combines a logical and understandable description of the processes, protocols, and design issues involved. Mittelstaedt also contributes an historical perspective that presents an unique perspective to the system's development. The result is an outstanding book that every systems administrator, open source enthusiast, or knowledgeable user will want to read.

Intrusion Signatures and Analysis
Stephen Northcutt, Mark Cooper, Matt Fearnow, and Karen Frederick
New Riders Press
ISBN 0-7357-1063-5
408 Pages

Intrusion methods and their accompanying traces of invasion vary. The analyst's job is to recognize the unnoticeable and to reconstruct the events. Intrusion Signatures and Analysis begins with the analogy of a tracker, as portrayed through the myth and magic of Hollywood westerns. The science of intrusion detection utilizes various tools, each has its own way of recording events and retaining evidence. You have to recognize what tools you have, and where to look. Northcutt, Cooper, Fearnow, and Frederick demonstrate how to become an effective intrusion analyst. They present tools, threats, and responses through the following chapters: Reading Log Files, Introduction to the Practicals, The Most Critical Internet Security Threats (Parts 1 and 2), Non-Malicious Traffic, Perimeter Logs, Reactions and Responses, Network Mapping, Scans That Probe Systems for Information, Denial of Service-Resource Starvation, Denial of Service-Bandwidth Consumption, Trojans, Exploits, Buffer Overflows with Content, Fragmentation, False Positives, and Out-of-Spec Packets. The Appendix provides answers to questions posed throughout the text. Many of the topics and some of the material are closely related to the SANS Institute Global Incident Analysis Center (GIAC) and its certification program for a Certified Intrusion Analyst (GCIA). Further information can be found at:
This book encompasses security threats, and their respective solutions, attack descriptions, evidence, responses, and defense recommendations. An intruder may leave traces and evidence in a log file or through a pattern change, i.e. an increase in network traffic at a specific time. The analyst's task is to find whatever traces there may be and identify them. Although the signatures will differ with the various types of attacks, the systems involved, and the detection tools employed, the authors demonstrate how to analyze and recognize an intrusion, and illustrate the type of disruption to examine. Northcutt, Cooper, Fearnow, and Frederick have created a valuable resource for effective network protection, and they also define and detail an intrusion analysis methodology. Intrusion Signatures and Analysis provides administrators with an extraordinary defense against intrusion and a well-written and unparalleled examination of detection.

SQL In A Nutshell: A Desktop Quick Reference
Kevin Kline with Daniel Kline
O'Reilly & Associates, Inc.
ISBN 1-56592-744-3
214 Pages

Databases can offer efficient ways to organize data, from your Christmas card list to complete inventories including minute and individualized descriptions. However, they can also become disorganized nightmares without proper maintenance and query capabilities. Queries provide a way to extract data from a database, preferably the data and form that you need at the time. One of the most popular query languages is SQL (Structured Query Language), which can be used with a variety of database programs, including PostgresSQL, Oracle, MySQL, and Microsoft's SQL Server. Its commands and structures are relatively simple, depending on the complexity of the database and the varying syntax.

Kevin and Daniel Kline have summarized the syntaxes and presented an easy-to-use, quick reference guide. In this latest nutshell book (at least as I write this), the authors address SQL Vendor Implementations, and Some History, Foundational Concepts, SQL Statements Command Reference, SQL Functions, and Unimplemented SQL99 Commands. The Appendix features SQL99 and Vendor-Specific Keywords. The first chapter surveys the concepts and implementations of relational databases and the relational database model. Foundational Concepts, the second chapter, examines the SQL99 relational database model, the individual database datatypes, processing nulls, and some general syntax rules, keywords, and identifiers. In the following chapter, SQL Statements Command Reference, the authors provide the SQL commands and illustrate any differences in syntax among PostgresSQL, Oracle, MySQL, and Microsoft's SQL Server. This is the center of the book and the chapter that anyone doing database programming needs. Kline and Kline display tables showing keyword search patterns, limitations of the searches, comparisons, operators, and little known and sometimes undocumented facts about the commands. Functions are detailed in Chapter 4, SQL Functions, and the SQL99 Commands that may be implemented in the future.

This is an important resource for anyone using SQL queries in database programming. It includes all of the important commands and any differences among the PostgresSQL, Oracle, MySQL, and Microsoft's SQL Server programs. Additionally, the authors provide warnings and notes, describing problems or other facts to be considered before utilizing a command, query, or command option. I wish I would have had this book when I was using SQL to maintain and secure data from large databases. Everyone involved with creating, maintaining, or querying databases will value this book and wonder how they ever managed without it!

mod_perl Pocket Reference
Andrew Ford
O'Reilly & Associates, Inc.
ISBN 0-596-00047-2
82 Pages

Systems administrators are well acquainted with both Apache and Perl on a variety of platforms. Apache is the preferred Web server, and Perl provides accompanying Web scripting capabilities. The Apache mod_perl module allows programmers to implement and run Perl scripts within the Apache environment. The mod_perl fundamental configuration is relatively straightforward; however, finding a particular directive, handler function, or method quickly and easily can become a challenge. The mod_perl Pocket Reference by Andrew Ford features an efficient and valuable organization of frequently referenced functions, methods, and directives in a compact and portable volume. Ford addresses essential topic in the following order: What Is mod_perl?, Setting Up mod_perl, Migrating CGI Scripts to mod_perl, Embedding Perl in HTML Documents, Programming mod_perl, The mod_perl API, mod_perl Configuration Directives, Apache/Perl Modules, CGI Environment Variables, HTTP Status Codes, and HTTP Header Fields. He also includes two indexes: an Index of Modules and an Index of Methods.

This is an excellent and easily referenced guide to mod_perl. Ford provides essential information about mod_perl in a pragmatic and effective mini-nutshell. This reference about the popular Apache extension will furnish a superb supplement to any knowledgeable Apache text. Administrators and Perl programmers will appreciate Ford's mod_perl Pocket Reference and use it often.

UNIX: Your Visual Blueprint to the Universe of UNIX
Michael Bellomo
MaranGraphics Hungry Minds Books (formerly IDG Books)
ISBN 0-7645-3480-7
335 Pages
CD-ROM Included

During my computer science college days, one of my instructors emphasized that everyone thought in pictures. At the time, I wasn't totally convinced. However, the more I explain computer concepts and procedures, the more I recognize and appreciate the value of an applicable image. The newest series by MaranGraphics and Hungry Minds, Visual Blueprints, is written for experienced users, network professionals, and developers who prefer a visual approach. Michael Bellomo, an experienced visual author (Master Red Hat Visually, Linux Administration for Dummies, and both the Visual Blueprints books on Linux and UNIX) demonstrates UNIX concepts and processes through descriptions, illustrations, screen shots, and examples.

He begins his UNIX tour with Logging Into UNIX and The UNIX Desktop Environment. Some of the topics in these two chapters feature the Graphical User Interface (GUI), logging in and out of UNIX, shutdown procedures, and desktop customization. The following chapters discuss Working With Files And Directories, Working With UNIX File Permissions, Creating Text Files, Working With Text Files, Working With Processes, and Working With Shells And System Variables. The succeeding chapters address administration issues through: Basic Administration, Administrating Users and Groups, Working With Hard Disks and Printers, Network Connectivity, Using Netscape, E-mail In The Terminal, Working With Archived Files, Troubleshooting, Accessories, and Advanced System Administration. The Appendices contain A) vi Editor Commands and B) What's On The CD-ROM. The accompanying CD-ROM provides: Diskcheck, Logwatch, and Tripwire troubleshooting and monitoring programs, all of the code and examples from the book, and a searchable e-version of the book.

The format of the topic entries highlights a set of progressive screen displays, a step-by-step procedure for the specific task, a clear and informative explanation of the process, and either an Extra or an Apply It section. Extras provide additional information about the topic, either in a note or question and answer form; Apply Its present demonstrations or exercises that the reader can try on his or her own system. Throughout the book, Bellomo addresses a wide variety of topics from setting permissions, automating tasks using cron, e-mailing through Netscape or mailx, fixing device problems on reboot, setting calendar dates, and archiving and compression utilities, to mention a few of the entries. UNIX: Your Visual Blueprint to the Universe of UNIX by Michael Bellomo superbly illustrates how UNIX works for the computer user who wants to learn more about the UNIX system and its administration.

Elizabeth Zinkann has been involved in the UNIX and C environment for the past 15 years. She is currently a UNIX and C consultant, and one of her specialties is UNIX education. In addition to her computer science background, she also has a degree in English. Her writing has also appeared in Linux Magazine, Performance Computing, and Network Administrator. Elizabeth can be reached at: