BKSAFSEC.RVW 20051023

"Safe and Secure", Arman Danesh/Ali Mehrassa/Felix Lau, 2002,
0-672-32243-9, U$24.99/C$37.95/UK#17.99
%A Arman Danesh
%A Ali Mehrassa
%A Felix Lau
%C 201 W. 103rd Street, Indianapolis, IN 46290
%D 2002
%G 0-672-32243-9
%I Macmillan Computer Publishing (MCP)
%O U$24.99/C$37.95/UK#17.99 800-858-7674 317-581-3743 info@...
%O http://www.amazon.com/exec/obidos/ASIN/0672322439/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/0672322439/robsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASIN/0672322439/robsladesin03-20
%O Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation)
%P 359 p.
%T "Safe and Secure: Secure Your Home Network and Protect Your
Privacy Online"

The introduction states that the book is intended to help home
Internet users protect themselves.

Part one deals with Internet basics and threats. The material is
brief and simplistic. It is easily within the grasp of home users,
but it is difficult to say that the background provided is either
necessary or sufficient as a basis for security needs. Chapter one
briefly lists a few of the dangers you can encounter on the net. Even
more briefly, chapter two mentions some of the protective measures
that can address the reported hazards. An elementary overview of
aspects of TCP/IP makes up chapter three. Chapter four, the longest
in this section, contains material on networking hardware, topologies,
and application considerations that home users are extremely unlikely
to encounter.

Part two addresses the protection of a home computer. Chapter five
supposedly deals with the protection of a network-connected standalone
computer, which would seem to be a contradiction in terms. The text
deals with the Windows 98/ME operating system, which was current at
the time the book was published, but in such a lockstep fashion that
it is basically useless for anything else. Wireless LAN technology is
tersely reviewed in chapter six. Chapter seven prints the screenshots
for an installation of a version of the Zonealarm software personal
firewall. There are sloppy definitions of viruses, worms, and trojan
horse programs in chapter eight. Installation screenshots for a
couple of widely-sold virus scanning programs are in chapter nine.

Part three looks to the defence of a local area network in the home.
Chapter ten provides a high level overview of firewalls, with much of
the material being unsuitable for the needs of the home user.
Screenshots for the Windows settings required for a dual-homed (dual
network card) circuit-level proxy firewall (which seems to be an
awfully complicated setup for a home user) are printed in chapter
eleven. Setup screens for a few hardware packet filtering and address
translation firewalls are in chapter twelve. Telecommuting is
discussed in chapter thirteen, with some mentions of security factors.
Virtual private networks, probably not an issue for home users, are
considered in chapter fourteen: again, Windows software settings are
the major issue. Chapter fifteen ponders the risks of running servers
(such as private Web servers) on a home machine, primarily addressed
via port restriction.

Privacy and data security are addressed in part four. Most of the
material on human factors, in chapter sixteen, consists of standard
identity theft prevention advice. There is reasonable information
about cookies in chapter seventeen. The content about anonymous
browsing and email, in chapter eighteen, is brief, and of limited
value. Chapter nineteen, on encryption, gives severely limited
background and predominately includes PGP installation screenshots.

Part five looks at testing and recovery. Chapter twenty has a
plausible examination of port scanning. Twenty-one talks about logs,
but is not of much help in demonstrating how to use them. Some basic
steps when a problem becomes evident are listed in chapter twenty-two.
Chapter twenty-three essentially says to keep your software up to
date. Screenshots for the Microsoft Backup program are in chapter
twenty-five.

The home user requires basic information about computer and Internet
security. The content of this book never gets too deep for the
average person, and does provide some useful advice for many of the
most common problems. At the same time, there are vital issues that
the home user may see daily which are not addressed. In addition,
much of the content of the book is of almost no interest to those
outside of a commercial or corporate environment. Therefore, while
there is some value in the work, a great deal of extraneous text has
to be mined in order to find it. This means that you can't just give
this volume to your Mom in order to keep her computer safe.

copyright Robert M. Slade, 2005 BKSAFSEC.RVW 20051023


====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
Vizzini: You fell victim to one of the classic blunders! The most
famous is never get involved in a land war in Asia
- The Princess Bride
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade