By Mike Horton and Clinton Mugge
Published by Osborne
ISBN # 0-07-222783-4
Rating 9 out of 10
This book is best suited as an introductory overview to network security. Very little is covered in-depth. However, the book touches on pretty much the whole breadth of security topics. For people that are experienced with computer/network security topics, this book can be used to round out that knowledge and find weak areas.
It may sound like a problem that the book doesn't give all of the details, but if it did there is no way it could be a "Portable Reference". My favorite feature of the book is its small size. I can easily keep it in my laptop bag and reference it as needed. I can then use that as a springboard to look up more information such as man pages. It is important to understand though that one will not become a network security expert after reading this book alone.
The book starts off talking about the Asset and Risk Based INFOSEC Lifecycle Model (ARBIL). This is something that I've heard many times before, but the drawing of the process helped engrain that concept. It also visually demonstrates how security is not just a one-time activity, but a continual process that just keeps going. You analyze the system, find the weaknesses, fix them, and then start over again. In the same fashion the book covers the SMIRA risk assessment process in a highly graphic way.
Network Security Portable Reference is for people that have access to and are very familiar with both *nix systems and Windows. Depending on what tool or commands they are using both systems are used throughout the references. The book gives a list of tools they think you need, and basically say go to the site to learn about it. If you want detailed information on how to use these tools then this is not the book for you.
The book goes over different security aspects for *nix and Windows machines, it also talks about how the network itself can be compromised, including wired networks, and wireless. The authors also go over web applications and older technology such as phone PBX systems.
The assessment checklist at the end of the book provides a great check to determine your network security baseline and see what areas need work. Along with the assessment checklist there is a list of best practices. However, they are in the front of the book and while I can vaguely understand the difference, it seems to me that they should be together. As I believe when auditing a network you would check if best practices were implemented along with the rest of the checklist.
Another odd layout issue in the book is what they call the Reference Center . This is an area in the middle of the book, with a separate numbering system and the first page in the table of contents. There is no mention as to what this Reference Center is until you flip through the book and find the blue pages in the middle that begin with page rc1.
As I've mentioned before this book is a great springboard that will help point you in the right direction for information. One of the ways the authors do this is by having a Reference Center in the middle of the book and quite a few appendixes in the back of the book, there is also an index which is helpful for quick look ups.
When doing consulting work I've found that using the checklist in this book is a great way to begin looking at a company's network security. I have used this on two networks so far and have found it helpful, it is much better then trying to remember to check everything that you can think of at any particular moment. I have also found the Open Source Security Testing Methodology Manual at www.osstmm.org to be quite thorough.