Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "The TCP/IP Guide", Charles M. Kozierok

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "The TCP/IP Guide", Charles M. Kozierok
Date: Thu, 13 Jul 2006 09:59:47 -0800 
BKTCPIGD.RVW   20060702

"The TCP/IP Guide", Charles M. Kozierok, 2005, 1-59327-047-X,
U$79.95/C$107.95
%A   Charles M. Kozierok www.tcpipguide.com tcpipguide@tcpipguide.com
www.pcguide.com ixl@fearn.pair.com
%C   555 De Haro Street, Suite 250, San Francisco, CA   94107
%D   2005
%G   1-59327-047-X
%I   No Starch Press
%O   U$79.95/C$107.95 415-863-9900 fax 415-863-9950 info@nostarch.com
%O  http://www.amazon.com/exec/obidos/ASIN/159327047X/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/159327047X/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/159327047X/robsladesin03-20
%O   Audience i+ Tech 3 Writing 3 (see revfaq.htm for explanation)
%P   1539 p.
%T   "The TCP/IP Guide"

In the introduction, the author states that he has tried to write a
guide to the TCP/IP (Transmission Control Protocol/Internet Protocol)
protocol suite (the set of networking protocols that are the currently
preferred form of networking, and also underlie the Internet) that is
complete, readable, logical in structure, and also provides for quick
reference overviews with an option for the reader to get full details
when necessary.  The scope involves the principles behind the
protocols (rather than system-specific minutia or even the Internet
itself), currently used protocols (instead of proposed), and (where
examples are necessary) a bias in favour of small systems.  (One
aspect that I found understandable, but personally disappointing, was
the avoidance of security issues and technologies, other than IPSec).

With eighty-eight chapters, the book is divided not only into parts,
but also sections.  Section one covers TCP/IP overview and background
information.  Part I-1 deals with networking fundamentals, starting
with a chapter that introduces networks, with types and
characteristics.  Kozierok has done a good job.  In a short space the
most fundamental aspects of networking are outlined and clearly
explained.  The quick reference promise is fulfilled by "key concept"
text boxes, that provide a concise but effective summary of central
ideas that otherwise may take pages to fully explain.  Extraneous
detail is at a minimum: additional particulars are dealt with as
specific topics are raised later in the work.  The individual chapters
are short, contained, logical, and readable.  Chapters two to four
review network performance factors, standards and standards groups,
and data representation (with a side foray into some basic boolean
operations).  The three chapters of part I-2 define the OSI (Open
System Interconnection) reference model, while part I-3 takes a single
chapter to provide an overview of TCP/IP itself. (Chapter six outlines
the seven layers of the OSI model: chapter seven is a determined, and,
for educators, very useful attempt to ensure that readers and students
remember the layers and what they do.)

Section two looks at the core protocols at the lower layers.  Part
II-1 examines the network interface (data link) layer, concentrating
primarily on the PPP (Point-to-Point Protocol) suite.  Address
Resolution Protocol (ARP) and its reverse (RARP) are reviewed in part
II-2 as the glue between the network interface layer and the network
layer.  Part II-3 begins a string of five parts dealing with the
network layer and IP (Internet Protocol) itself: these cover the
basics of IPv4 (addressing, subnetting, datagrams, and the beginning
of routing), IPv6 (addressing and datagrams), related protocols
(Network Address Translation/NAT, IPSec, and mobile IP), ICMP (for
both versions 4 and 6, including the new Neighbour Discovery/ND in 6),
as well as routing and gateway protocols.  The transport layer
protocols, TCP (Transmission Control Protocol) and UDP (User Datagram
Protocol) are outlined in part II-8.

Various application layer operations and protocols are dealt with in
section three.  Part III-1 reviews DNS (Domain Name System) in fair
detail (and eight chapters).  NFS (Network File System) is in the one
chapter of part III-2.  Host configuration, in part III-3, is mostly
concerned with DHCP (Dynamic Host Configuration Protocol).  Part III-4
explains SNMP (Simple Network Management Protocol) and related
protocols.  Part III-5 starts to move towards user tools, dealing with
addressing and Universal Resource Identifiers, Locators, and Names
(URI, URL, URN).  It's a bit hard to say why chapter seventy one
belongs in this part.  On the other hand, while it introduces parts
III-6, -7, -8, and -9, it doesn't belong in any of them, either. 
These pieces cover file transfer, email, the Web, news, and gopher. 
Part III-10 handles the basic administrative, informational, and
troubleshooting utilities.

Kozierok's intention is ambitious: has he achieved his purpose?  Well,
the work is complete, with all the bases (and basics) covered, and
some trivia thrown in besides.  I noted the absence of a few items on
the way through that made me wonder, but, given the excellent coverage
elsewhere I'm starting to think I should research my own understanding
before suggesting that he's made an error.  (The one shortcoming I
definitely did note was the lack of further references in any areas.) 
The text is readable, and any intermediate computer user should be
able to understand it.  The book has a logical structure and flows
well.  As noted, the provision for quick overview reference works
well.

This is a valuable reference for anyone charged with managing a TCP/IP
network, or even a connection to the Internet.  Those who wish, either
as students or for personal satisfaction, to understand the protocol
suite would be hard pressed to find any better source of information. 
(And, for my colleagues in security, the lack of specific attention to
security issues is no hindrance: the technology is presented in a
lucid manner that will make the safety issues clear to anyone with an
information assurance background.)

copyright Robert M. Slade, 2006   BKTCPIGD.RVW   20060702


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca     slade@victoria.tc.ca     rslade@computercrime.org
Dictionary Information Security   www.syngress.com/catalog/?pid=4150
Dictionary of Information Security  www.syngress.com/catalog/?pid=4150
http://victoria.tc.ca/techrev/rms.htm


 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [CISSP-D] Do Symmetric Key Algorithms provide authenticity?, bennettwang
Next by Date:  Re: [CISSP-D] Do Symmetric Key Algorithms provide authenticity?, PennGwyn
Previous by Thread:  [CISSP-D] What is your weakest link?, Dan Swanson
Next by Thread:  Re: [CISSP-D] REVIEW: "The TCP/IP Guide", Charles M. Kozierok, Terrence Davis
Indexes:  [Date] [Thread] [Top] [All Lists]