diff options
Diffstat (limited to 'doc/biblio.html')
| -rw-r--r-- | doc/biblio.html | 274 |
1 files changed, 274 insertions, 0 deletions
diff --git a/doc/biblio.html b/doc/biblio.html new file mode 100644 index 000000000..d54af5cbf --- /dev/null +++ b/doc/biblio.html @@ -0,0 +1,274 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> +<HTML> +<HEAD> +<TITLE>Introduction to FreeS/WAN</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<STYLE TYPE="text/css"><!-- +BODY { font-family: serif } +H1 { font-family: sans-serif } +H2 { font-family: sans-serif } +H3 { font-family: sans-serif } +H4 { font-family: sans-serif } +H5 { font-family: sans-serif } +H6 { font-family: sans-serif } +SUB { font-size: smaller } +SUP { font-size: smaller } +PRE { font-family: monospace } +--></STYLE> +</HEAD> +<BODY> +<A HREF="toc.html">Contents</A> +<A HREF="glossary.html">Previous</A> +<A HREF="rfc.html">Next</A> +<HR> +<H1><A name="biblio">Bibliography for the Linux FreeS/WAN project</A></H1> +<P>For extensive bibliographic links, see the<A href="http://liinwww.ira.uka.de/bibliography/index.html"> + Collection of Computer Science Bibliographies</A></P> +<P>See our<A href="web.html"> web links</A> for material available + online.</P> +<HR><A name="adams"> Carlisle Adams and Steve Lloyd<CITE> Understanding + Public Key Infrastructure</CITE> +<BR></A> Macmillan 1999 ISBN 1-57870-166-x +<P>An overview, mainly concentrating on policy and strategic issues + rather than the technical details. Both authors work for<A href="glossary.html#PKI"> + PKI</A> vendor<A href="http://www.entrust.com/"> Entrust</A>.</P> +<HR><A name="DNS.book"> Albitz, Liu & Loukides<CITE> DNS & BIND</CITE> + 3rd edition +<BR></A> O'Reilly 1998 ISBN 1-56592-512-2 +<P>The standard reference on the<A href="glossary.html#DNS"> Domain Name + Service</A> and<A href="glossary.html#BIND"> Berkeley Internet Name + Daemon</A>.</P> +<HR><A name="anderson"> Ross Anderson</A>,<CITE> Security Engineering - + a Guide to Building Dependable Distributed Systems</CITE> +<BR> Wiley, 2001, ISBN 0471389226 +<P>Easily the best book for the security professional I have seen.<STRONG> + Highly recommended</STRONG>. See the<A href="http://www.cl.cam.ac.uk/~rja14/book.html"> + book web page</A>.</P> +<P>This is quite readable, but Schneier's<A href="#secrets"> Secrets and + Lies</A> might be an easier introduction.</P> +<HR><A name="puzzle"> Bamford<CITE> The Puzzle Palace, A report on NSA, + Americas's most Secret Agency</CITE> +<BR> Houghton Mifflin 1982 ISBN 0-395-31286-8</A> +<HR> Bamford<CITE> Body of Secrets</CITE> +<P>The sequel.</P> +<HR><A name="bander"> David Bander</A>,<CITE> Linux Security Toolkit</CITE> +<BR> IDG Books, 2000, ISBN: 0764546902 +<P>This book has a short section on FreeS/WAN and includes Caldera Linux + on CD.</P> +<HR><A name="CZR"> Chapman, Zwicky & Russell</A>,<CITE> Building + Internet Firewalls</CITE> +<BR> O'Reilly 1995 ISBN 1-56592-124-0 +<HR><A name="firewall.book"> Cheswick and Bellovin</A><CITE> Firewalls + and Internet Security: Repelling the Wily Hacker</CITE> +<BR> Addison-Wesley 1994 ISBN 0201633574 +<P>A fine book on firewalls in particular and security in general from + two of AT&T's system adminstrators.</P> +<P>Bellovin has also done a number of<A href="web.html#papers"> papers</A> + on IPsec and co-authored a<A href="intro.html#applied"> paper</A> on a + large FreeS/WAN application.</P> +<HR><A name="comer"> Comer<CITE> Internetworking with TCP/IP</CITE> +<BR> Prentice Hall</A> +<UL> +<LI>Vol. I: Principles, Protocols, & Architecture, 3rd Ed. 1995 + ISBN:0-13-216987-8</LI> +<LI>Vol. II: Design, Implementation, & Internals, 2nd Ed. 1994 + ISBN:0-13-125527-4</LI> +<LI>Vol. III: Client/Server Programming & Applications +<UL> +<LI>AT&T TLI Version 1994 ISBN:0-13-474230-3</LI> +<LI>BSD Socket Version 1996 ISBN:0-13-260969-X</LI> +<LI>Windows Sockets Version 1997 ISBN:0-13-848714-6</LI> +</UL> +</LI> +</UL> +<P>If you need to deal with the details of the network protocols, read + either this series or the<A href="#stevens"> Stevens and Wright</A> + series before you start reading the RFCs.</P> +<HR><A name="diffie"> Diffie and Landau</A><CITE> Privacy on the Line: + The Politics of Wiretapping and Encryption</CITE> +<BR> MIT press 1998 ISBN 0-262-04167-7 (hardcover) or 0-262-54100-9 +<BR> +<HR><A name="d_and_hark"> Doraswamy and Harkins<CITE> IP Sec: The New + Security Standard for the Internet, Intranets and Virtual Private + Networks</CITE> +<BR> Prentice Hall 1999 ISBN: 0130118982</A> +<HR><A name="EFF"> Electronic Frontier Foundation<CITE> Cracking DES: + Secrets of Encryption Research, Wiretap Politics and Chip Design</CITE> +<BR></A> O'Reilly 1998 ISBN 1-56592-520-3 +<P>To conclusively demonstrate that DES is inadequate for continued use, + the<A href="glossary.html#EFF"> EFF</A> built a machine for just over + $200,000 that breaks DES encryption in under five days on average, + under nine in the worst case.</P> +<P>The book provides details of their design and, perhaps even more + important, discusses why they felt the project was necessary. + Recommended for anyone interested in any of the three topics mentioned + in the subtitle.</P> +<P>See also the<A href="http://www.eff.org/descracker.html"> EFF page on + this project</A> and our discussion of<A href="politics.html#desnotsecure"> + DES insecurity</A>.</P> +<HR> Martin Freiss<CITE> Protecting Networks with SATAN</CITE> +<BR> O'Reilly 1998 ISBN 1-56592-425-8 +<BR> translated from a 1996 work in German +<P>SATAN is a Security Administrator's Tool for Analysing Networks. This + book is a tutorial in its use.</P> +<HR> Gaidosch and Kunzinger<CITE> A Guide to Virtual Private Networks</CITE> +<BR> Prentice Hall 1999 ISBN: 0130839647 +<HR><A name="Garfinkel"> Simson Garfinkel</A><CITE> Database Nation: the + death of privacy in the 21st century</CITE> +<BR> O'Reilly 2000 ISBN 1-56592-653-6 +<P>A thoughtful and rather scary book.</P> +<HR><A name="PGP"> Simson Garfinkel</A><CITE> PGP: Pretty Good Privacy</CITE> +<BR> O'Reilly 1995 ISBN 1-56592-098-8 +<P>An excellent introduction and user manual for the<A href="glossary.html#PGP"> + PGP</A> email-encryption package. PGP is a good package with a complex + and poorly-designed user interface. This book or one like it is a must + for anyone who has to use it at length.</P> +<P>The book covers using PGP in Unix, PC and Macintosh environments, + plus considerable background material on both the technical and + political issues around cryptography.</P> +<P>The book is now seriously out of date. It does not cover recent + developments such as commercial versions since PGP 5, the Open PGP + standard or GNU PG..</P> +<HR><A name="practical"> Garfinkel and Spafford</A><CITE> Practical Unix + Security</CITE> +<BR> O'Reilly 1996 ISBN 1-56592-148-8 +<P>A standard reference.</P> +<P>Spafford's web page has an excellent collection of<A href="http://www.cs.purdue.edu/coast/hotlist"> + crypto and security links</A>.</P> +<HR><A name="Kahn"> David Kahn</A><CITE> The Codebreakers: the + Comprehensive History of Secret Communications from Ancient Times to + the Internet</CITE> +<BR> second edition Scribner 1996 ISBN 0684831309 +<P>A history of codes and code-breaking from ancient Egypt to the 20th + century. Well-written and exhaustively researched.<STRONG> Highly + recommended</STRONG>, even though it does not have much on computer + cryptography.</P> +<HR> David Kahn<CITE> Seizing the Enigma, The Race to Break the German + U-Boat codes, 1939-1943</CITE> +<BR> Houghton Mifflin 1991 ISBN 0-395-42739-8 +<HR><A name="kirch"> Olaf Kirch</A><CITE> Linux Network Administrator's + Guide</CITE> +<BR> O'Reilly 1995 ISBN 1-56592-087-2 +<P>Now becoming somewhat dated in places, but still a good introductory + book and general reference.</P> +<HR><A name="LinVPN"> Kolesnikov and Hatch</A>,<CITE> Building Linux + Virtual Private Networks (VPNs)</CITE> +<BR> New Riders 2002 +<P>This has had a number of favorable reviews, including<A href="http://www.slashdot.org/article.pl?sid=02/02/27/0115214&mode=thread&tid=172"> + this one</A> on Slashdot. The book has a<A href="http://www.buildinglinuxvpns.net/"> + web site</A>.</P> +<HR><A name="RFCs"> Pete Loshin<CITE> Big Book of IPsec RFCs</CITE> +<BR> Morgan Kaufmann 2000 ISBN: 0-12-455839-9</A> +<HR><A name="crypto"> Steven Levy<CITE> Crypto: How the Code Rebels Beat + the Government -- Saving Privacy in the Digital Age</CITE></A> +<BR> Penguin 2001, ISBN 0-670--85950-8 +<P><STRONG>Highly recommended</STRONG>. A fine history of recent (about + 1970-2000) developments in the field, and the related political + controversies. FreeS/WAN project founder and leader John Gilmore + appears several times.</P> +<P>The book does not cover IPsec or FreeS/WAN, but this project is very + much another battle in the same war. See our discussion of the<A href="politics.html"> + politics</A>.</P> +<HR><A name="GTR"> Matyas, Anderson et al.</A><CITE> The Global Trust + Register</CITE> +<BR> Northgate Consultants Ltd 1998 ISBN: 0953239705 +<BR> hard cover edition MIT Press 1999 ISBN 0262511053 +<P>From<A href="http://www.cl.cam.ac.uk/Research/Security/Trust-Register"> + their web page:</A></P> +<BLOCKQUOTE> This book is a register of the fingerprints of the world's + most important public keys; it implements a top-level certification + authority (CA) using paper and ink rather than in an electronic system.</BLOCKQUOTE> +<HR><A name="handbook"> Menezies, van Oorschot and Vanstone<CITE> + Handbook of Applied Cryptography</CITE></A> +<BR> CRC Press 1997 +<BR> ISBN 0-8493-8523-7 +<P>An excellent reference. Read<A href="#schneier"> Schneier</A> before + tackling this.</P> +<HR> Michael Padlipsky<CITE> Elements of Networking Style</CITE> +<BR> Prentice-Hall 1985 ISBN 0-13-268111-0 or 0-13-268129-3 +<P>Probably<STRONG> the funniest technical book ever written</STRONG>, + this is a vicious but well-reasoned attack on the OSI "seven layer + model" and all that went with it. Several chapters of it are also + available as RFCs 871 to 875.</P> +<HR><A name="matrix"> John S. Quarterman</A><CITE> The Matrix: Computer + Networks and Conferencing Systems Worldwide</CITE> +<BR> Digital Press 1990 ISBN 155558-033-5 +<BR> Prentice-Hall ISBN 0-13-565607-9 +<P>The best general treatment of computer-mediated communication we have + seen. It naturally has much to say about the Internet, but also covers + UUCP, Fidonet and so on.</P> +<HR><A name="ranch"> David Ranch</A><CITE> Securing Linux Step by Step</CITE> +<BR> SANS Institute, 1999 +<P><A href="http://www.sans.org/">SANS</A> is a respected organisation, + this guide is part of a well-known series, and Ranch has previously + written the useful<A href=" http://www.ecst.csuchico.edu/~dranch/LINUX/index-linux.html#trinityos"> + Trinity OS</A> guide to securing Linux, so my guess would be this is a + pretty good book. I haven't read it yet, so I'm not certain. It can be + ordered online from<A href="http://www.sans.org/"> SANS</A>.</P> +<P>Note (Mar 1, 2002): a new edition with different editors in the + works. Expect it this year.</P> +<HR><A name="schneier"> Bruce Schneier</A><CITE> Applied Cryptography, + Second Edition</CITE> +<BR> John Wiley & Sons, 1996 +<BR> ISBN 0-471-12845-7 hardcover +<BR> ISBN 0-471-11709-9 paperback +<P>A standard reference on computer cryptography. For more recent + essays, see the<A href="http://www.counterpane.com/"> author's + company's web site</A>.</P> +<HR><A name="secrets"> Bruce Schneier</A><CITE> Secrets and Lies</CITE> +<BR> Wiley 2000, ISBN 0-471-25311-1 +<P>An interesting discussion of security and privacy issues, written + with more of an "executive overview" approach rather than a narrow + focus on the technical issues.<STRONG> Highly recommended</STRONG>.</P> +<P>This is worth reading even if you already understand security issues, + or think you do. To go deeper, follow it with Anderson's<A href="#anderson"> + Security Engineering</A>.</P> +<HR><A name="VPNbook"> Scott, Wolfe and Irwin<CITE> Virtual Private + Networks</CITE></A> +<BR> 2nd edition, O'Reilly 1999 ISBN: 1-56592-529-7 +<P>This is the only O'Reilly book, out of a dozen I own, that I'm + disappointed with. It deals mainly with building VPNs with various + proprietary tools --<A href="glossary.html#PPTP"> PPTP</A>,<A href="glossary.html#SSH"> + SSH</A>, Cisco PIX, ... -- and touches only lightly on IPsec-based + approaches.</P> +<P>That said, it appears to deal competently with what it does cover and + it has readable explanations of many basic VPN and security concepts. + It may be exactly what some readers require, even if I find the + emphasis unfortunate.</P> +<HR><A name="LASG"> Kurt Seifried<CITE> Linux Administrator's Security + Guide</CITE></A> +<P>Available online from<A href="http://www.securityportal.com/lasg/"> + Security Portal</A>. It has fairly extensive coverage of IPsec.</P> +<HR><A name="Smith"> Richard E Smith<CITE> Internet Cryptography</CITE> +<BR></A> ISBN 0-201-92480-3, Addison Wesley, 1997 +<P>See the book's<A href="http://www.visi.com/crypto/inet-crypto/index.html"> + home page</A></P> +<HR><A name="neal"> Neal Stephenson<CITE> Cryptonomicon</CITE></A> +<BR> Hardcover ISBN -380-97346-4, Avon, 1999. +<P>A novel in which cryptography and the net figure prominently.<STRONG> + Highly recommended</STRONG>: I liked it enough I immediately went out + and bought all the author's other books.</P> +<P>There is also a paperback edition. Sequels are expected.</P> +<HR><A name="stevens"> Stevens and Wright</A><CITE> TCP/IP Illustrated</CITE> +<BR> Addison-Wesley +<UL> +<LI>Vol. I: The Protocols 1994 ISBN:0-201-63346-9</LI> +<LI>Vol. II: The Implementation 1995 ISBN:0-201-63354-X</LI> +<LI>Vol. III: TCP for Transactions, HTTP, NNTP, and the UNIX Domain + Protocols 1996 ISBN: 0-201-63495-3</LI> +</UL> +<P>If you need to deal with the details of the network protocols, read + either this series or the<A href="#comer"> Comer</A> series before you + start reading the RFCs.</P> +<HR><A name="Rubini"> Rubini</A><CITE> Linux Device Drivers</CITE> +<BR> O'Reilly & Associates, Inc. 1998 ISBN 1-56592-292-1 +<HR><A name="Zeigler"> Robert Zeigler</A><CITE> Linux Firewalls</CITE> +<BR> Newriders Publishing, 2000 ISBN 0-7537-0900-9 +<P>A good book, with detailed coverage of ipchains(8) firewalls and of + many related issues.</P> +<HR> +<A HREF="toc.html">Contents</A> +<A HREF="glossary.html">Previous</A> +<A HREF="rfc.html">Next</A> +</BODY> +</HTML> |