Download Ebook VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader
Learn the method of doing something from many resources. One of them is this publication qualify VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader It is an extremely well understood book VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader that can be recommendation to read currently. This suggested publication is one of the all excellent VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader collections that remain in this website. You will likewise discover other title and also themes from different authors to look here.
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader
Download Ebook VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader
VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader. In what case do you like checking out so much? Exactly what about the sort of guide VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader The needs to read? Well, everybody has their own reason should check out some e-books VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader Mostly, it will certainly connect to their need to obtain understanding from guide VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader and also intend to review merely to get amusement. Books, story book, and also other entertaining e-books become so popular today. Besides, the clinical publications will also be the best need to decide on, particularly for the pupils, educators, doctors, business owner, and other occupations that are warm of reading.
When some individuals looking at you while checking out VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader, you could really feel so happy. However, rather than other people feels you have to instil in on your own that you are reading VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader not because of that reasons. Reading this VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader will provide you greater than people appreciate. It will overview of know more than the people looking at you. Already, there are numerous sources to knowing, checking out a publication VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader still becomes the front runner as an excellent means.
Why need to be reading VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader Once again, it will rely on how you really feel and also think about it. It is definitely that people of the benefit to take when reading this VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader; you can take a lot more lessons directly. Even you have actually not undertaken it in your life; you can get the experience by reviewing VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader As well as currently, we will introduce you with the on the internet book VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader in this web site.
What kind of publication VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader you will like to? Now, you will certainly not take the printed publication. It is your time to obtain soft data publication VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader instead the published files. You could appreciate this soft file VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader in whenever you anticipate. Even it remains in anticipated place as the other do, you could check out guide VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader in your device. Or if you desire much more, you can read on your computer system or laptop to get complete display leading. Juts discover it right here by downloading and install the soft file VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader in web link page.
Virtual private networks (VPNs) based on the Internet instead of the traditional leased lines offer organizations of all sizes the promise of a low-cost, secure electronic network. However, using the Internet to carry sensitive information can present serious privacy and security problems. By explaining how VPNs actually work, networking expert Jon Snader shows software engineers and network administrators how to use tunneling, authentication, and encryption to create safe, effective VPNs for any environment.
Using an example-driven approach, VPNs Illustrated explores how tunnels and VPNs function by observing their behavior "on the wire." By learning to read and interpret various network traces, such as those produced by tcpdump, readers will be able to better understand and troubleshoot VPN and network behavior.
Specific topics covered include:
- Block and stream symmetric ciphers, such as AES and RC4; and asymmetric ciphers, such as RSA and EIGamal
- Message authentication codes, including HMACs
- Tunneling technologies based on gtunnel
- SSL protocol for building network-to-network VPNs
- SSH protocols as drop-in replacements for telnet, ftp, and the BSD r-commands
- Lightweight VPNs, including VTun, CIPE, tinc, and OpenVPN
- IPsec, including its Authentication Header (AH) protocol, Encapsulating Security Payload (ESP), and IKE (the key management protocol)
Packed with details, the text can be used as a handbook describing the functions of the protocols and the message formats that they use. Source code is available for download, and an appendix covers publicly available software that can be used to build tunnels and analyze traffic flow.
VPNs Illustrated gives you the knowledge of tunneling and VPN technology you need to understand existing VPN implementations and successfully create your own.
- Sales Rank: #374864 in eBooks
- Published on: 2015-01-09
- Released on: 2015-01-09
- Format: Kindle eBook
From the Back Cover
Virtual private networks (VPNs) based on the Internet instead of the traditional leased lines offer organizations of all sizes the promise of a low-cost, secure electronic network. However, using the Internet to carry sensitive information can present serious privacy and security problems. By explaining how VPNs actually work, networking expert Jon Snader shows software engineers and network administrators how to use tunneling, authentication, and encryption to create safe, effective VPNs for any environment.
Using an example-driven approach, VPNs Illustrated explores how tunnels and VPNs function by observing their behavior "on the wire." By learning to read and interpret various network traces, such as those produced by tcpdump, readers will be able to better understand and troubleshoot VPN and network behavior.
Specific topics covered include:
- Block and stream symmetric ciphers, such as AES and RC4; and asymmetric ciphers, such as RSA and EIGamal
- Message authentication codes, including HMACs
- Tunneling technologies based on gtunnel
- SSL protocol for building network-to-network VPNs
- SSH protocols as drop-in replacements for telnet, ftp, and the BSD r-commands
- Lightweight VPNs, including VTun, CIPE, tinc, and OpenVPN
- IPsec, including its Authentication Header (AH) protocol, Encapsulating Security Payload (ESP), and IKE (the key management protocol)
Packed with details, the text can be used as a handbook describing the functions of the protocols and the message formats that they use. Source code is available for download, and an appendix covers publicly available software that can be used to build tunnels and analyze traffic flow.
VPNs Illustrated gives you the knowledge of tunneling and VPN technology you need to understand existing VPN implementations and successfully create your own.
About the Author
Jon C. Snader is a TCP/IP and VPN expert whose background includes work in communications, networking, compiler development, operating systems, and radio network controllers.
Excerpt. © Reprinted by permission. All rights reserved.
Introduction
There is a revolution going on in enterprise networking. Until very recently, enterprises that needed to link computers in geographically dispersed locations had to build their own wide area networks (WANs). Usually this meant renting expensive and, by today's Internet standard, relatively slow frame relay circuits. A typical 56 Kb/s circuit could cost several hundred, or even over a thousand, dollars a month.
Today, the typical home computer user enjoys a broadband Internet connection having a 5 Mb/s download speed for a cost of about $40 per month. Commercial variants of this service, offering higher speeds and other amenities, are available for between $100 and $200 per month. Obviously, this significant increase in speed and decrease in cost represent a tremendous opportunity for enterprises, but they do introduce new problems.
The Internet is an open environment and, compared to leased lines, dreadfully insecure. Increases in bandwidth and decreases in cost are worthless if they mean that an enterprise's vital data can be intercepted by competitors, or that financial transactions are subject to manipulation by outsiders. This book discusses ways to overcome these problems by recreating the security of leased lines in a public medium such as the Internet.
The fundamental mechanism that allows us to have secure communications in the Internet is the notion of a tunnel. As we'll see, tunnels are a way of overlaying a logical or virtual network on top of a physical network. Once we have such a tunnel, we can secure it by encrypting and authenticating the network traffic that flows through it, thus recreating the security of private leased lines.
Of course, this simple description hides a substantial set of details and problems. We'll see that it's actually quite difficult to endow such tunnels with robust security. Much of the book is concerned with exploring solutions to these problems,and seeing why the successful solutions work and where the unsuccessful ones fail.
Source Code and Errata AvailabilitySource code discussed in the text and other supporting material are available on my Web site athttp://home.netcom.com/~jsnader. The networking libraries and skeletons from Effective TCP/IPProgramming, which I mention and use occasionally in the text, are also available on the Web site.
My readers, it turns out, are much better at finding mistakes than I am. Although I go over the text carefully, checking that every i is dotted and every t crossed, errors still manage to evade me. Fortunately, most of these are caught by the careful and fastidious professionals at Addison-Wesley. Still, some errors will no doubt escape into the final published text. As these are discovered--usually by careful readers--I add them to an errata list for the book. This list is always available at my Web site.
ColophonAs with my previous book, I produced camera-ready copy for this text using James Clark's splendid Groff typesetting suite (now maintained by Ted Harding and Werner Lemberg) and Rich Stevens' modified ms macros.I used the gpic, gtbl, and geqn preprocessors for the figures, tables, and mathematical notation, respectively. Some of the figures use gpic macros from Rich Stevens and Gary Wright. Indexing tools from Jon Bentley and Brian Kernighan were a huge help in the production of the index. I included the source code for the programming examples directly from their source files with Dave Hanson's loom utility. The text is set in the Palatino typeface.
As always, I welcome readers' comments, suggestions, and corrections. Please feel free to email me at the address below.
Jon C. Snader
jsnader@ix.netcom.com
http://home.netcom.com/~jsnader
Tampa, Florida
October 2005
032124544XP10122005
Most helpful customer reviews
6 of 6 people found the following review helpful.
Packet-oriented, detail-rich book on VPNs
By Richard Bejtlich
VPNs Illustrated is a great book for those wishing to understand network traffic at the packet level. Author Jon C. Snader was inspired by the earlier TCP/IP Illustrated volumes, and tries to reproduce the Tcpdump-style material found in Stevens' classics. The level of detail found in VPNs Illustrated easily outweighs any problems this book might suffer, so I recommend you read it for in-depth knowledge of VPN traffic.
The book is divided into three parts. Of these, I found Part I ("Background") to be of questionable value. The introduction (ch 1) should not have been a chapter, and ch 2 ("TCP/IP Overview") should be replaced by a reference to existing volumes on TCP/IP. The crypto overview (ch 3) could also be replaced by a reference to other books, although as a non-crypto guy I found it a helpful refresher. The last chapter in part 1 finally gets to more subject-specific information, covering PPP, IP-in-IP, PPPoE, GRE, PPTP, L2TP, and MPLS tunnels. I really liked reading the author's criticisms of certain protocols like PPTP and L2TP. He should have included Tcpdump traces of MPLS, since the other protocols featured packet data.
Part II included chapters on VPNs (ch 5), SSL (ch 6), SSH (ch 7), and "lightweight" VPNs (ch 8) like VTun, CIPE, Tinc, and OpenVPN. Some of this material is very deep and probably unnecessary for most readers. The author explains messages exchanged by almost all of these protocols, which is information I've not seen elsewhere. Some may consider these descriptions obscure, while others (probably researchers and developers) will appreciate the analysis.
Part III covers IPSec. Ch 9 ("IPSec") should be part of ch 10 ("IPSec Architecture"). The remaining sections thoroughly address IPSec (11: AH; 12: ESP; 13: IKE; 14: the future of IPSec). I think chapters 10-13 are the best IPSec material I've read. They made more sense than others I've seen, although the complexity of IKE made ch 14 difficult to follow.
Throughout VPNs Illustrated, the author is not shy about sharing criticisms of various protocols. This is extremely valuable. He also repeats sound advice on practices to avoid (like static preshared keys) or measures to consider (defeating replay attacks). Because he illustrates so many protocols, he compares and contrasts them to emphasize key points. He also frequently cites authoritative sources like Schneier and Ferguson.
To achieve a fifth star in a second edition, I would like to see the author incorporate my previous suggestions. I would love to see configuration files for all of his examples in the appendices. He can move existing examples out of the main text to improve readability. Every protocol should have a corresponding network trace analysis, and the traces should be posted on a Web site. I would also like to see a summary of his thoughts on what makes a great VPN protocol, and then his ratings for various implementations.
You won't necessarily be able to implement the VPN software discussed in VPNs Illustrated by simply reading the text. You will gain a great understanding of how they work, or sometimes, don't work!
7 of 8 people found the following review helpful.
why I don't like this book
By Oliver
I bought this book aiming to gain indepth understanding of VPN technology, but I was disappointed. The key chapter 4, for example, try to explain tunnel concept left and right, but it mixed the general encapsulation and tunnel, and the verbose wording didn't make it any clear. Using tcpdump trace to explain some of the field is both a blessing and curse, depending on how you look at it - I think the book is sort of strong in specific details but weak in overall conceptual pictures - however most of those details have been better documented in the RFCs.
Another example - when talking about generic tunnel skeleton using FreeBSD as example (ch 4.8), where some code snippets are presented, I feel some background and detailed illustration of flow/drawing is necessary to clear up the concept and why it correlates prevoius sections, but none given.
It may sound a bit harsh: though the author try to emulate Rich Steven's style and dedicate the book to him, but it is hard for me to say the end product can really live up to Steven's standard.
9 of 11 people found the following review helpful.
Advanced, takes networking books to the next level
By Stephen Northcutt
NOTE: This book is not for everyone, if you have not invested at least 40 hours looking at network traffic, I would recommend you pass.
This book is zero fluff, it makes you want to spin up your scratch boxes and follow along. In fact I did just that, I have to switch to a new ISP that requires PPoE and I was always curious how that worked, the book gave me just enough of a clue to interpret what was passing in and out of my house.
The world has a new grandmaster of tcpdump and I have seem some pretty good ones over the years. Once I designed a T-shirt for a SANS conference with the hexadecimal output from a tcpdump; only we flipped it so it was running down the shirt and rendered in green, to resemble the matrix.
The packet was a DNS reply. In the additional records we said good things about SANS; after all, gotta market to eat. There was an error intentionally placed into the shirt and we designated a prize for the first attendee to find the error. A student walked by wearing the shirt and the "4500" in the hex field caught one of the instructor's eye. She followed him around murmuring, it is sideways, UDP, DNS, a reply, there are additional records, wait a minute that pointer entry is wrong. We watched in amazement, when she was done and looked up, the entire SANS faculty bowed to her. Because a mal-formatted packet can kill a packet analyzer the world needs people like Judy and Jon.
This is not a beginner book and Jon expects you to catch the 4500 stuff pretty fast. However, if you have followed the discipline of tcpdump instead of some packet analysis tool that spells out everything this book can take you to the next level.
VPNs Illustrated is rich in diagrams, including packet headers and state diagrams, examples of network traffic, and cartoons that explain the architecture of the system, or network. It is amazingly well edited, my only nit is on page 93, line 1 spacing off by one character.
The book has a strong linux bias, if you are a Windows person, you will be able to follow along for about 60% of the book using Windump, but you will not be able to use the tools or source.
This is the perfect reference for the person that knows networking and wants to really invest in taking it to the next level.
Finally, the dedication to Rich Stevens was over the top and heartfelt appreciated. I will never forget the man who taught me how to read a packet.
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader PDF
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader EPub
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader Doc
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader iBooks
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader rtf
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader Mobipocket
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader Kindle
Tidak ada komentar:
Posting Komentar