Sponsored links

Valid XHTML 1.0!
Valid CSS!

Product: Book - Paperback
Title: Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition
Publisher: Addison-Wesley Professional
Authors: William R. Cheswick, Steven M. Bellovin, Aviel D. Rubin
Rating: 3/5
Customer opinion - 3 stars out of 5
Exceptional authors, but not an exceptional book

I wish I could give "Firewalls and Internet Security, 2nd Edition" (FAIS:2E) more stars. I eagerly awaited the next edition of this security classic with the rest of the community. However, like many sequels, it fails to live up to expectations. Nine years ago the first edition was revolutionary. In 2003, despite the addition of skilled practitioner Avi Rubin, the authors make few original contributions to the security scene. The book's strengths include sharing certain keen insights and summarizing key technical data. They repeat the conclusion that frequent password changes tend to decrease security, rather than improve it. They succinctly describe BGP and IPv6. They accurately explain that TCP sequence numbers count bytes of data, not packets -- unlike many other authors. Their case studies, while dating from the early 1990s, are the most enjoyable parts of FAIS:2E. Like Avi Rubin's "White Hat Security Arsenal" (a better book), they cite scholarly work. Attention is paid to the firewall software of my favorite OS, FreeBSD, in ch 11. On the negative side, the book is a mix of simplistic and advanced material. In some areas the authors start with basics, while in others they use terms like "black-hole" (p. 249) with little regard for newbies. The book seems disorganized; readers will find it hard to separate key points from normal text. The "forensics" advice, admittedly labeled as "crude" in ch 17, gives incomplete recommendations which do not reflect best forensic live response practices. (The "best thing to do" is "run ps and netstat" and then "turn the computer off"?) The authors are also very negative about the Windows OS, saying on p. 255 "We do not know how to secure them, or even if it is possible." While Windows is admittedly difficult to configure and operate securely, this statement is a cop-out. Better to direct readers to "Securing Windows NT/2000 Servers for the Internet" by Stefan Norberg. Examples with IPChains in ch 11 should have been updated with IPTables, or at least IPTables should not have been dismissed as being the same except for syntax.
FAIS:2E does contain useful information. I just think books like O'Reilly's "Building Internet Firewalls, 2nd Edition" and New Riders' "Linux Firewalls, 2nd Edition" are more helpful. Addison-Wesley's "White Hat Security Arsenal" is more enlightening, as well. Review FAIS:2E in a store before you commit to buying it -- you might find it helpful.

Product: Book - Paperback
Title: Dreamweaver MX: The Missing Manual
Publisher: Pogue Press
Authors: David McFarland
Rating: 5/5
Customer opinion - 5 stars out of 5

I purchased Dreamweaver MX a couple of weeks ago and needed a book to fill in the 'blanks' that the manual doesn't cover or explain to the depth that I wanted. This book is a perfect addition to learning the features of this application.
The fact that this book is published by O'Reilly was an added bonus.
Great job by David McFarland!

Product: Book - Paperback
Title: Beginning Programming for Dummies
Publisher: For Dummies
Authors: Wally Wang, Wallace Wang
Rating: 5/5
Customer opinion - 5 stars out of 5
A Great Book for Learning Programming from Scratch

First of all, every sample program in this book ran perfectly for me except for one (at the bottom of p. 264), and the JavaScript programs at the very end (for some reason, JavaScript did not work on the system I was using). Everything else - hundreds of examples - worked great, and required no reference to any outside source. The quality of the 'Dummies' books is variable, but this one is a winner. It is very well organized, and answered a lot of questions I have had about general programming for years, clearly and concisely. Wang is not only a talented programmer. He is a talented programmer who can communicate effectively to a general (but serious) audience, in English. The sample code is very clear and illustrates the topics under discussion beautifully. This is a great book for learning about programming in general, from scratch.

Product: Book - Paperback
Title: Effective STL: 50 Specific Ways to Improve Your Use of the Standard Template Library
Publisher: Addison-Wesley Professional
Authors: Scott Meyers
Rating: 4/5
Customer opinion - 4 stars out of 5
Interesting and educational

As with the earler EFFECTIVE C++ books, this book was pleasant to read and informative. It gave a lot of good tips that were not obvious from reading THE C++ PROGRAMMING LANGUAGE. It was well worth the time and money to read this.
I did not agree with everything in this book. The advice to avoid constant iterators seemed very shortsighted. The same arguments Mr. Meyers give could be applied to any const type, and basically amount to giving up type safety. Also, for some of the recommended optimizations, I would have liked more emperical evidence (timings) to go along with the theoretical arguments. However the useful information far outweighs these minor shortcomings.