NEW BOOMS AND MULTIMEDIA
overflow, weaknesses of the languages
used in developing Web applications,
and so on. Augmentcd,hy a cornucopia
of automated tools aiding the attackers,
it is clear that a person on the defense
needs min-depth technical discussion of
the design and architectural issues, and
this is what the authors of the book
attempt to do. The content is a mix of
eye-opening presentation to convince
even seasoned site managers that a close
look and audit into their applications
and systems is worth the (re)try. Clearly
the hook provides plenty of information
on what not to do, providing examples
of what to avoid, while not necessarily
dealing with how to build secure systems
in the first place. In fact, one has t o
wonder if by using certain off;the-shelf
products the compromises don’t start at
the very first step. Until a hook is writ-
ten on how to write secure Web applica-
tions in a multilanguage, multi-OS,
multiplatform environment, it is good
for an application developer to keep this
book handy.
Practical TCP/IP, Designing,
Using and Troubleshooting
TCP/IP Networks on h u x
and Windows
Niall Mansfield, 2003, Addison-Wes-
ley, ISBN 0-201-75078-3,851 pages,
softcover
Linux servers and Windows clients
machines are an increasingly familiar
sight in corporate environments; despite
both being able to speak TCPIIP, each
OS comes with its own set of “natural”
tools to perform networking tasks. Niall
Mansfield’s book is for anyone wishing
to configure and operate a TCPiIP net-
work in a mixed UNIXlWindows envi-
ronment. The defining element of this
book is that it attempts to describe both
the how and why t o a widely ranging
audience in terms of a computer net-
working background. However, its read-
abiliq is not compromised. All chapters
are modular, and special effort has been
put into collocating text and correspond-
ing figures. In fact, the book is heavily
and (stylistically) consistently illustrated.
With the wide variety of tools and con-
figurations +cussed, hardly a page goes
by without an example. Its four-part
structure roughly corresponds t o the
four different themes undcr which it can
he used. Part 1, “How and Why Packets
Move on the Network,” is a nine-chapter
introduction that avoids the mundanc by
introducing tools (packet sniffers) and,
to heighten the reader’s interest, illus-
trating what the captured packets stand
for. The first part adds a review of rout-
6 IEEE Nehvork -1ulylAugust 2003
ing (the mechanisms, not the routing
protocols) and an excellent three-chap-
ter exposition of DNS. The second part,
“End-User and System Applications,”
follows, as expected, the popular appli-
cations, SMTP, POP3, IMAP, HTTP,
DHCP, and telnet. However, the appli-
cations a r e used as a good excuse t o
introduce more troubleshooting tools
(ethereal, ngrep), present the TCP statc
machine as well as UDP, and talk about
presentation formats and MIME. The
third part crosses thc river to find Win-
dows in its own idiosyncratic world of
NetBIOS, and its subsequent name reso-
lution quirks: NT domains, the browse
server, and all the rest of Windows-spe-
cific components and terminology.
Samba is covered well hut not hcavily, as
there are other hooks dcvoted specifical-
ly to Samba. The last part, “Connecting
to the Internet and Internet Security,”
extends beyond basics of installing dialup
(and other) Internet connectivity
options, to a detailed description of what
precautions are necessary for living with
Internet connectivity: firewalls, NAT
boxes, VPNs, and so on. A rich set of
appendices (26) provides reference
material: RFCs, response codes for dif-
ferent protocols, toolkit suggestions, key
tool man pages, and experience-related
system management topics (organizing
downloads, etc.).
Network Processor Design,
Issues and Practices: Volume I
Patrick Crowley, Mark A. Franklin,
Haldun Hadimioglu, and Peter Z.
Onufryk, 2003, Morgan Kaufmann,
ISBN 155860-875-3, 338 pages,
softcover
The gap between the speed of com-
munication links, in the range of multi-
ple gigabits per second, and processor
speeds created ample opportunity to
rethink the value of peripheral proces-
sors’dedicated to network protocol pro-
cessing and to come up with innovative
architectures.in the guise of network
processors (NPs). Today’s applications,
such as firewallsl encwtion, accounting,
and load balancing, necessitate substan-
tial per-packet andlor per-session pro-
cessing. T h e result is NPs that differ
from “classical” embedded processors in
that they have to be both flexible (pro-
grammable) in anticipation of as yet
unknown future applications, and at the
same time be capable of sustaining real-
time performance under worst-case traf-
fic loading. While the primary audience
are researchers and developers of NPs,
the book is valuable to any researcher
contemplating protocol extensions (e.g.,
fanciful per-packet processing) who seek
to implement elaborate algorithms at
routers and gateways. As such, reading
the book could calibrate one’s expecta-
tions (and bring them down to earth, for
what it’s worth). Content-wise the book
is a successful synthesis of academic top-
ics (mostly in the first seven chapters,
the “Design Principles” part of the hook)
and practical implementation issues (the
second part, eight chapters total), the
latter mostly by industrial contributors.
The design part covers a good deal of
benchmarking, modeling, and simulation
methodologies; plus design space explo-
ration (really, scheduling) and compiler
back-end optimization. The “practical”
part is introduced by a short review of
industry’s take on NPs, contributed by
John Freeman (“Analyst’s Perspective of
NPs”) and is followed by the presenta-
tion of an array of NP designs, recogniz-
able by their brand names: PayloadPlus
(Agere), Toaster 2 (Cisco), PowerNP
(IBM), IXP2400 (Intel), C5e (Motoro-
la), ClassiPI (PMC-Sierra), ASPEN
(Transswitch).
Wireless Securiv and Priva-
cy, Best Practices and Design
Techniques
Tara M. Swaminatha and Charles R.
Elden, 2003, Addison-Wesley, ISBN
0-201-76034-7, 276 pages, softcover
‘The fairly recent WEP security deha-
cle and subsequent fixes illustrated that
not only is it necessary to include secu-
rity aspects into protocols and stan-
dards, but also t o carefully study the
limitations of proposed schemes before
standards are released and markets
shaped accordingly. It is worse to pos-
sess a false sense of security than to be
aware of the lack of, security. Convinc-
ing the reader from the very first page
of the foreward by providing a list of 10
major news stories on wireless security
that reached the mass media, the book
subsequently takes a direction of pre-
senting wireless networks, their inher-
cnt vulnerabilities due the nature of the
medium, and.the vulnerabilities exposed
by both lower-layer protocols and appli-
cations. As stated in the book‘s inten-
tions, it is meant to educate the reader
and filter away the hype. I t is not a
book that proposes specific technical
answers, but rather a broader “aware-
ness” book, positioned to appeal to a
wide audience, including the general
public, business professionals, and end
consumers. In the fundamentals, the
first two chapters, its author introduces
what he calls t h e Identify Analyze
Define Design (I-ADD) process. The
more technically rich material begins in