Internet Site Security

Keeping an Internet server safe from bad guys is a serious undertaking. For one thing, the server's very mission--providing access to information to legitimate users across the Internet--makes it hard to provide security transparently. On top of that, the hacker universe is extremely large and diligent and can devote all kinds of time to devising new attacks. Just keeping up with software publishers' patches and recommended procedures can be a serious drain on your time. Internet Site Security aims to make the server security mission a little easier by briefing its readers on general risks and recommended security strategies. The team of three authors focuses on TCP/IP generically, with a little bit of extra information on HTTP and SNMP. Other Web services, such as mail transport, FTP, and distributed applications, aren't well covered.

The authors--all engineers from the same security consultancy, one of whom has his Certified Information Security Systems Professional (CISSP) rating--do a good job of explaining some of the ways in which nefarious types come after your servers. Readers learn what a denial-of-service attack is, and how a man-in-the-middle scheme works. It's all accurate and fairly comprehensive, though there's nothing really revolutionary about it. This is just solid coverage of the security issues surrounding servers that provide Internet services to a wide and generally unsecured audience. If you've not read about that before, this book is a decent choice. --David Wall

Topics covered: The sorts of attacks to which Internet-connected servers are subject, explained in a TCP/IP-centric and generally operating-system-neutral way.