In the years since publication of the first edition of this classic reference, Internet use has exploded and e-commerce has become a daily part of business and personal life. As Internet usage has grown, so have the security threats. Some threats, like password attacks and the exploiting of known security holes, have been around since the early days of networking. Others, like password sniffers, IP forgery, and various types of hijacking and replay attacks, are newer. And still others, like the defacement of web sites, and the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, come from today's headlines. Firewalls are a very effective way to protect a system from most Internet security threats and are a critical component of today's computer networks. Firewalls in networks keep damage on one part of the network (e.g., eavesdropping, a worm program, file damage) from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down. Like the first edition of Building Internet Firewalls, this second edition is a practical and detailed guide to designing and building firewalls and to configuring Internet services to work with firewalls. This much expanded edition covers Linux and Windows NT, as well as Unix. It describes a variety of firewall technologies (packet filtering, proxying, network address translation, virtual private networks) and architectures (e.g., screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewalls). It also contains a new set of chapters describing the issues involved in a variety of new Internet services and protocols through a firewall. Building Internet Firewalls covers more than 100 Internet services and protocols, including email and News; Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo); file transfer and sharing services (e.g., NFS, Samba); remote access services (e.g., Telnet, the BSD "r" commands, SSH, BackOrifice 2000); real-time conferencing services (e.g., ICQ, talk); naming and directory services (e.g., DNS, NetBT, the Windows Browser); authentication and auditing services (e.g., PAM, Kerberos, RADIUS); administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics); intermediary protocols (e.g., RPC, SMB, CORBA, IIOP); and database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server). The book also contains chapters on security policies, cryptography, maintaining firewalls, and responding to security incidents, as well as a complete list of resources, including the location of many publicly available firewall construction tools.

Malicious mobile code is a new term to describe all sorts of destructive programs: viruses, worms, Trojans, and rogue Internet content. Until fairly recently, experts worried mostly about computer viruses that spread only through executable files, not data files, and certainly not through email exchange. The Melissa virus and the Love Bug proved the experts wrong, attacking Windows computers when recipients did nothing more than open an email. Today, writing programs is easier than ever, and so is writing malicious code. The idea that someone could write malicious code and spread it to 60 million computers in a matter of hours is no longer a fantasy. The good news is that there are effective ways to thwart Windows malicious code attacks, and author Roger Grimes maps them out in Malicious Mobile Code: Virus Protection for Windows. His opening chapter on the history of malicious code and the multi-million dollar anti-virus industry sets the stage for a comprehensive rundown on today's viruses and the nuts and bolts of protecting a system from them. He ranges through the best ways to configure Windows for maximum protection, what a DOS virus can and can't do, what today's biggest threats are, and other important and frequently surprising information. For example, how many people know that joining a chat discussion can turn one's entire computer system into an open book? Malicious Mobile Code delivers the strategies, tips, and tricks to secure a system against attack. It covers: The current state of the malicious code writing and cracker community How malicious code works, what types there are, and what it can and cannot do Common anti-virus defenses, including anti-virus software How malicious code affects the various Windows operating systems, and how to recognize, remove, and prevent it Macro viruses affecting MS Word, MS Excel, and VBScript Java applets and ActiveX controls Enterprise-wide malicious code protection Hoaxes The future of malicious mobile code and how to combat such code. These days, when it comes to protecting both home computers and company networks against malicious code, the stakes are higher than ever. Malicious Mobile Code is the essential guide for securing a system from catastrophic loss

In addition to the above, my library contains at least fifty other books covering the subjects of TCP/IP, Internet Security, Operating Systems, Viruses and Spam. The following selection represents additional recommendations I'd like to offer.

	This exclusive, one-volume guide concentrates on the basic technology behind the Internet. And unlike technical dictionaries, it makes terms and protocols more useful by organizing them according to what they do--and accompanying them with in-depth descriptions.
	Schwartz explores spam--unwanted e-mail messages and inappropriate news articles--and what users can do to prevent it, stop it, or even outlaw it. "Stopping Spam" provides information of use to individual users (who don't want to be bothered by spam) and to system, news, mail, and network administrators (who are responsible for minimizing spam problems within their organizations or service providers).
	Essential information for anyone wanting to protect Internet-connected computers from unauthorized access. Includes: ­thorough discussion of security-related aspects of TCP/IP; ­step-by-step plans for setting up firewalls; ­hacking and monitoring tools the authors have built to rigorously test and maintain firewalls; ­pointers to public domain security tools on the net; ­first-hand step-by-step accounts of battles with the "Berferd" hackers; and practical discussions of the legal aspects of security.
	This value-packed book/disk combo describes a variety of low-cost, workable solutions PC users and local area network managers can use to keep their vital data and equipment safe from hackers, viruses, logic bombs, power failures, industrial spies, and more. Includes a disk stuffed with useful data security utilities.
	Now that mixed environments are the network norm, network administrators need to ensure that security is not sacrificed for the sake of interoperability. Expert author Dan Blacharski provides all the details one needs to incorporate to ensure that security goals are met. The CD-ROM contains critical utilities and third-party solutions.
	This book tells you how to plan and build a virtual private network, a collection of technologies that creates secure connections or "tunnels" over regular Internet lines. Written by Internet Service Providers who offer VPNs to their customers and thoroughly know the technology.