diff options
Diffstat (limited to 'doc/src/biblio.html')
| -rw-r--r-- | doc/src/biblio.html | 354 |
1 files changed, 354 insertions, 0 deletions
diff --git a/doc/src/biblio.html b/doc/src/biblio.html new file mode 100644 index 000000000..d84e4c2cb --- /dev/null +++ b/doc/src/biblio.html @@ -0,0 +1,354 @@ +<html> +<head> + <meta http-equiv="Content-Type" content="text/html"> + <title>FreeS/WAN bibliography</title> + <meta name="keywords" + content="Linux, IPsec, VPN, security, FreeSWAN, bibliography"> + <!-- + + Written by Sandy Harris for the Linux FreeS/WAN project + Freely distributable under the GNU General Public License + + More information at www.freeswan.org + Feedback to users@lists.freeswan.org + + CVS information: + RCS ID: $Id: biblio.html,v 1.1 2004/03/15 20:35:24 as Exp $ + Last changed: $Date: 2004/03/15 20:35:24 $ + Revision number: $Revision: 1.1 $ + + CVS revision numbers do not correspond to FreeS/WAN release numbers. + --> +</head> + +<body> +<h1><a name="biblio">Bibliography for the Linux FreeS/WAN project</a></h1> + +<p>For extensive bibliographic links, see the <a +href="http://liinwww.ira.uka.de/bibliography/index.html">Collection of +Computer Science Bibliographies</a></p> + +<p>See our <a href="web.html">web links</a> for material available online.</p> +<hr> +<a name="adams">Carlisle Adams and Steve Lloyd <cite>Understanding Public Key +Infrastructure</cite><br> +</a>Macmillan 1999 ISBN 1-57870-166-x + +<p>An overview, mainly concentrating on policy and strategic issues rather +than the technical details. Both authors work for <a +href="glossary.html#PKI">PKI</a> vendor <a +href="http://www.entrust.com/">Entrust</a>.</p> +<hr> +<a name="DNS.book">Albitz, Liu & Loukides <cite>DNS & BIND</cite> 3rd +edition<br> +</a> O'Reilly 1998 ISBN 1-56592-512-2 + +<p>The standard reference on the <a href="glossary.html#DNS">Domain Name +Service</a> and <a href="glossary.html#BIND">Berkeley Internet Name +Daemon</a>.</p> +<hr> +<a name="anderson">Ross Anderson</a>, <cite>Security Engineering - a Guide to +Building Dependable Distributed Systems</cite><br> +Wiley, 2001, ISBN 0471389226 + +<p>Easily the best book for the security professional I have seen. +<strong>Highly recommended</strong>. See the <a +href="http://www.cl.cam.ac.uk/~rja14/book.html">book web page</a>.</p> + +<p>This is quite readable, but Schneier's <a href="#secrets">Secrets and +Lies</a> might be an easier introduction.</p> +<hr> +<a name="puzzle">Bamford <cite>The Puzzle Palace, A report on NSA, Americas's +most Secret Agency</cite><br> +Houghton Mifflin 1982 ISBN 0-395-31286-8</a> +<hr> +Bamford <cite>Body of Secrets</cite> + +<p>The sequel.</p> +<hr> +<a name="bander">David Bander</a>, <cite>Linux Security Toolkit</cite><br> +IDG Books, 2000, ISBN: 0764546902 + +<p>This book has a short section on FreeS/WAN and includes Caldera Linux on +CD.</p> +<hr> +<a name="CZR">Chapman, Zwicky & Russell</a>, <cite>Building Internet +Firewalls</cite><br> +O'Reilly 1995 ISBN 1-56592-124-0 +<hr> +<a name="firewall.book">Cheswick and Bellovin</a> <cite>Firewalls and +Internet Security: Repelling the Wily Hacker</cite><br> +Addison-Wesley 1994 ISBN 0201633574 + +<p>A fine book on firewalls in particular and security in general from two of +AT&T's system adminstrators.</p> + +<p>Bellovin has also done a number of <a href="web.html#papers">papers</a> on +IPsec and co-authored a <a href="intro.html#applied">paper</a> on a large +FreeS/WAN application.</p> +<hr> +<a name="comer">Comer <cite>Internetworking with TCP/IP</cite><br> +Prentice Hall</a> +<ul> + <li>Vol. I: Principles, Protocols, & Architecture, 3rd Ed. 1995 + ISBN:0-13-216987-8</li> + <li>Vol. II: Design, Implementation, & Internals, 2nd Ed. 1994 + ISBN:0-13-125527-4</li> + <li>Vol. III: Client/Server Programming & Applications + <ul> + <li>AT&T TLI Version 1994 ISBN:0-13-474230-3</li> + <li>BSD Socket Version 1996 ISBN:0-13-260969-X</li> + <li>Windows Sockets Version 1997 ISBN:0-13-848714-6</li> + </ul> + </li> +</ul> + +<p>If you need to deal with the details of the network protocols, read either +this series or the <a href="#stevens">Stevens and Wright</a> series before +you start reading the RFCs.</p> +<hr> +<a name="diffie">Diffie and Landau</a> <cite>Privacy on the Line: The +Politics of Wiretapping and Encryption</cite><br> +MIT press 1998 ISBN 0-262-04167-7 (hardcover) or 0-262-54100-9<br> + +<hr> +<a name="d_and_hark">Doraswamy and Harkins <cite>IP Sec: The New Security +Standard for the Internet, Intranets and Virtual Private Networks</cite><br> +Prentice Hall 1999 ISBN: 0130118982</a> +<hr> +<a name="EFF"> Electronic Frontier Foundation <cite>Cracking DES: Secrets of +Encryption Research, Wiretap Politics and Chip Design</cite><br> +</a> O'Reilly 1998 ISBN 1-56592-520-3 + +<p>To conclusively demonstrate that DES is inadequate for continued use, the +<a href="glossary.html#EFF">EFF</a> built a machine for just over $200,000 +that breaks DES encryption in under five days on average, under nine in the +worst case.</p> + +<p>The book provides details of their design and, perhaps even more +important, discusses why they felt the project was necessary. Recommended for +anyone interested in any of the three topics mentioned in the subtitle.</p> + +<p>See also the <a href="http://www.eff.org/descracker.html"> EFF page on +this project </a> and our discussion of <a +href="politics.html#desnotsecure">DES insecurity</a>.</p> +<hr> +Martin Freiss <cite>Protecting Networks with SATAN</cite><br> +O'Reilly 1998 ISBN 1-56592-425-8<br> +translated from a 1996 work in German + +<p>SATAN is a Security Administrator's Tool for Analysing Networks. This book +is a tutorial in its use.</p> +<hr> +Gaidosch and Kunzinger<cite> A Guide to Virtual Private Networks</cite><br> +Prentice Hall 1999 ISBN: 0130839647 +<hr> +<a name="Garfinkel">Simson Garfinkel</a> <cite>Database Nation: the death of +privacy in the 21st century</cite><br> +O'Reilly 2000 ISBN 1-56592-653-6 + +<p>A thoughtful and rather scary book.</p> +<hr> +<a name="PGP">Simson Garfinkel</a> <cite>PGP: Pretty Good Privacy</cite><br> +O'Reilly 1995 ISBN 1-56592-098-8 + +<p>An excellent introduction and user manual for the <a +href="glossary.html#PGP">PGP</a> email-encryption package. PGP is a good +package with a complex and poorly-designed user interface. This book or one +like it is a must for anyone who has to use it at length.</p> + +<p>The book covers using PGP in Unix, PC and Macintosh environments, plus +considerable background material on both the technical and political issues +around cryptography.</p> + +<p>The book is now seriously out of date. It does not cover recent +developments such as commercial versions since PGP 5, the Open PGP standard +or GNU PG..</p> +<hr> +<a name="practical">Garfinkel and Spafford</a> <cite>Practical Unix +Security</cite><br> +O'Reilly 1996 ISBN 1-56592-148-8 + +<p>A standard reference.</p> + +<p>Spafford's web page has an excellent collection of<a +href="http://www.cs.purdue.edu/coast/hotlist"> crypto and security +links</a>.</p> +<hr> +<a name="Kahn">David Kahn</a> <cite>The Codebreakers: the Comprehensive +History of Secret Communications from Ancient Times to the Internet</cite><br> +second edition Scribner 1996 ISBN 0684831309 + +<p>A history of codes and code-breaking from ancient Egypt to the 20th +century. Well-written and exhaustively researched. <strong>Highly +recommended</strong>, even though it does not have much on computer +cryptography.</p> +<hr> +David Kahn <cite>Seizing the Enigma, The Race to Break the German U-Boat +codes, 1939-1943</cite><br> +Houghton Mifflin 1991 ISBN 0-395-42739-8 +<hr> +<a name="kirch">Olaf Kirch</a> <cite>Linux Network Administrator's +Guide</cite><br> +O'Reilly 1995 ISBN 1-56592-087-2 + +<p>Now becoming somewhat dated in places, but still a good introductory book +and general reference.</p> +<hr> +<a name="LinVPN">Kolesnikov and Hatch</a>, <cite>Building Linux Virtual +Private Networks (VPNs)</cite><br> +New Riders 2002 + +<p>This has had a number of favorable reviews, including <a +href="http://www.slashdot.org/article.pl?sid=02/02/27/0115214&mode=thread&tid=172">this +one</a> on Slashdot. The book has a <a +href="http://www.buildinglinuxvpns.net/">web site</a>.</p> +<hr> +<a name="RFCs">Pete Loshin <cite>Big Book of IPsec RFCs</cite><br> +Morgan Kaufmann 2000 ISBN: 0-12-455839-9</a> +<hr> +<a name="crypto">Steven Levy <cite>Crypto: How the Code Rebels Beat the +Government -- Saving Privacy in the Digital Age</cite></a><br> +Penguin 2001, ISBN 0-670--85950-8 + +<p><strong>Highly recommended</strong>. A fine history of recent (about +1970-2000) developments in the field, and the related political +controversies. FreeS/WAN project founder and leader John Gilmore appears +several times.</p> + +<p>The book does not cover IPsec or FreeS/WAN, but this project is very much +another battle in the same war. See our discussion of the <a +href="politics.html">politics</a>.</p> +<hr> +<a name="GTR">Matyas, Anderson et al.</a> <cite>The Global Trust +Register</cite><br> +Northgate Consultants Ltd 1998 ISBN: 0953239705<br> +hard cover edition MIT Press 1999 ISBN 0262511053 + +<p>From<a href="http://www.cl.cam.ac.uk/Research/Security/Trust-Register"> +their web page:</a></p> + +<blockquote> + This book is a register of the fingerprints of the world's most important + public keys; it implements a top-level certification authority (CA) using + paper and ink rather than in an electronic system.</blockquote> +<hr> +<a name="handbook">Menezies, van Oorschot and Vanstone <cite>Handbook of +Applied Cryptography</cite></a><br> +CRC Press 1997<br> +ISBN 0-8493-8523-7 + +<p>An excellent reference. Read <a href="#schneier">Schneier</a> before +tackling this.</p> +<hr> +Michael Padlipsky <cite>Elements of Networking Style</cite><br> +Prentice-Hall 1985 ISBN 0-13-268111-0 or 0-13-268129-3 + +<p>Probably <strong>the funniest technical book ever written</strong>, this +is a vicious but well-reasoned attack on the OSI "seven layer model" and all +that went with it. Several chapters of it are also available as RFCs 871 to +875.</p> +<hr> +<a name="matrix">John S. Quarterman</a> <cite>The Matrix: Computer Networks +and Conferencing Systems Worldwide</cite><br> +Digital Press 1990 ISBN 155558-033-5<br> +Prentice-Hall ISBN 0-13-565607-9 + +<p>The best general treatment of computer-mediated communication we have +seen. It naturally has much to say about the Internet, but also covers UUCP, +Fidonet and so on.</p> +<hr> +<a name="ranch">David Ranch</a> <cite>Securing Linux Step by Step</cite><br> +SANS Institute, 1999 + +<p><a href="http://www.sans.org/">SANS</a> is a respected organisation, this +guide is part of a well-known series, and Ranch has previously written the +useful <a +href=" http://www.ecst.csuchico.edu/~dranch/LINUX/index-linux.html#trinityos">Trinity +OS</a> guide to securing Linux, so my guess would be this is a pretty good +book. I haven't read it yet, so I'm not certain. It can be ordered online +from <a href="http://www.sans.org/">SANS</a>.</p> + +<p>Note (Mar 1, 2002): a new edition with different editors in the works. +Expect it this year.</p> +<hr> +<a name="schneier">Bruce Schneier</a> <cite>Applied Cryptography, Second +Edition</cite><br> +John Wiley & Sons, 1996<br> +ISBN 0-471-12845-7 hardcover<br> +ISBN 0-471-11709-9 paperback + +<p>A standard reference on computer cryptography. For more recent essays, see +the <a href="http://www.counterpane.com/">author's company's web site</a>.</p> +<hr> +<a name="secrets">Bruce Schneier</a><cite> Secrets and Lies</cite><br> +Wiley 2000, ISBN 0-471-25311-1 + +<p>An interesting discussion of security and privacy issues, written with +more of an "executive overview" approach rather than a narrow focus on the +technical issues. <strong>Highly recommended</strong>.</p> + +<p>This is worth reading even if you already understand security issues, or +think you do. To go deeper, follow it with Anderson's <a +href="#anderson">Security Engineering</a>.</p> +<hr> +<a name="VPNbook">Scott, Wolfe and Irwin <cite>Virtual Private +Networks</cite></a><br> +2nd edition, O'Reilly 1999 ISBN: 1-56592-529-7 + +<p>This is the only O'Reilly book, out of a dozen I own, that I'm +disappointed with. It deals mainly with building VPNs with various +proprietary tools -- <a href="glossary.html#PPTP">PPTP</a>, <a +href="glossary.html#SSH">SSH</a>, Cisco PIX, ... -- and touches only lightly +on IPsec-based approaches.</p> + +<p>That said, it appears to deal competently with what it does cover and it +has readable explanations of many basic VPN and security concepts. It may be +exactly what some readers require, even if I find the emphasis +unfortunate.</p> +<hr> +<a name="LASG">Kurt Seifried <cite>Linux Administrator's Security +Guide</cite></a> + +<p>Available online from <a +href="http://www.securityportal.com/lasg/">Security Portal</a>. It has fairly +extensive coverage of IPsec.</p> +<hr> +<a name="Smith">Richard E Smith <cite>Internet Cryptography</cite><br> +</a>ISBN 0-201-92480-3, Addison Wesley, 1997 + +<p>See the book's <a +href="http://www.visi.com/crypto/inet-crypto/index.html">home page</a></p> +<hr> +<a name="neal">Neal Stephenson <cite>Cryptonomicon</cite></a><br> +Hardcover ISBN -380-97346-4, Avon, 1999. + +<p>A novel in which cryptography and the net figure prominently. +<strong>Highly recommended</strong>: I liked it enough I immediately went out +and bought all the author's other books.</p> + +<p>There is also a paperback edition. Sequels are expected.</p> +<hr> +<a name="stevens">Stevens and Wright</a> <cite>TCP/IP Illustrated</cite><br> +Addison-Wesley +<ul> + <li>Vol. I: The Protocols 1994 ISBN:0-201-63346-9</li> + <li>Vol. II: The Implementation 1995 ISBN:0-201-63354-X</li> + <li>Vol. III: TCP for Transactions, HTTP, NNTP, and the UNIX Domain + Protocols 1996 ISBN: 0-201-63495-3</li> +</ul> + +<p>If you need to deal with the details of the network protocols, read either +this series or the <a href="#comer">Comer</a> series before you start reading +the RFCs.</p> +<hr> +<a name="Rubini">Rubini</a> <cite>Linux Device Drivers</cite><br> +O'Reilly & Associates, Inc. 1998 ISBN 1-56592-292-1 +<hr> +<a name="Zeigler">Robert Zeigler</a> <cite>Linux Firewalls</cite><br> +Newriders Publishing, 2000 ISBN 0-7537-0900-9 + +<p>A good book, with detailed coverage of ipchains(8) firewalls and of many +related issues.</p> +</body> +</html> |