2013.10.24

[uclinux-h8/uClinux-dist.git] / freeswan / doc / biblio.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<HTML>
<HEAD>
<TITLE> Introduction to FreeS/WAN</TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
</HEAD>
<BODY>
<A HREF="toc.html">Contents</a>
<A HREF="glossary.html">Previous</a>
<A HREF="rfc.html">Next</a>
<HR>
<H1><A name="biblio">Bibliography for the Linux FreeS/WAN project</A></H1>
<P> For extensive bibliographic links, see the <A href="http://liinwww.ira.uka.de/bibliography/index.html">
Collection of  Computer Science Bibliographies</A></P>
<P> See our <A href="web.html">web links</A> for material available 
 online.</P>
<HR><A name="adams"> Carlisle Adams and Steve Lloyd <CITE>Understanding 
Public  Key Infrastructure</CITE>
<BR></A> Macmillan 1999 ISBN 1-57870-166-x
<BR> An overview, mainly concentrating on policy and strategic issues 
rather than the technical details. Both authors work for <A href="glossary.html#PKI">
PKI</A> vendor <A href="http://www.entrust.com/">Entrust</A>. 
<HR><A name="DNS.book"> Albitz, Liu &amp; Loukides <CITE>DNS &amp;  BIND</CITE>
 3rd edition
<BR></A> O'Reilly 1998 ISBN 1-56592-512-2
<BR> The standard reference on the <A href="glossary.html#DNS">Domain 
Name Service</A> and <A href="glossary.html#BIND">Berkeley Internet 
Name Daemon</A>. 
<HR><A name="puzzle"> Bamford <CITE>The Puzzle Palace, A report on NSA, 
 Americas's most Secret Agency</CITE>
<BR> Houghton Mifflin 1982  ISBN 0-395-31286-8</A>
<HR><A name="bander"> David Bander, <CITE>Linux Security Toolkit</CITE>
<BR> IDG Books, 2000, ISBN: 0764546902
<BR> This book has a short section on FreeS/WAN and includes Caldera 
Linux on CD. 
<HR><A name="CZR"> Chapman, Zwicky &amp; Russell <CITE>Building Internet 
 Firewalls</CITE>
<BR> O'Reilly 1995 ISBN 1-56592-124-0</A>
<HR><A name="firewall2"> Cheswick and Bellovin</A><CITE> Firewalls and 
 Internet Security: Repelling the Wily Hacker</CITE>
<BR> Addison-Wesley 1994 ISBN 0201633574
<BR> A fine book on firewalls in particular and security in general 
from two of  AT&amp;T's system adminstrators. 
<P> Bellovin has also done a number of <A href="web.html#papers">papers</A>
 on IPSEC and co-authored a <A href="intro.html#applied">paper</A> on a 
large FreeS/WAN application. </P>
<HR><A name="comer"> Comer <CITE>Internetworking with TCP/IP</CITE>
<BR> Prentice Hall</A>
<UL>
<LI>Vol. I: Principles, Protocols, &amp; Architecture, 3rd Ed. 1995 
 ISBN:0-13-216987-8</LI>
<LI>Vol. II: Design, Implementation, &amp; Intervals, 2nd Ed. 1994 
 ISBN:0-13-125527-4</LI>
<LI>Vol. III: Client/Server Programming &amp; Applications 
<UL>
<LI>AT&amp;T TLI Version  1994 ISBN:0-13-474230-3</LI>
<LI>BSD Socket Version 1996 ISBN:0-13-260969-X</LI>
<LI>Windows Sockets Version 1997 ISBN:0-13-848714-6</LI>
</UL>
</LI>
</UL>
<P>If you need to deal with the details of the network protocols, read 
 either this series or the <A href="#stevens">Stevens and Wright</A>
 series  before you start reading the RFCs. </P>
<HR><A name="diffie"> Diffie and Landau</A><CITE> Privacy on the Line: 
The Politics of Wiretapping and Encryption</CITE>
<BR> MIT press 1998 ISBN 0-262-04167-7 (hardcover) or 0-262-54100-9
<BR> An <A href="http://www-mitpress.mit.edu/news/diffie/">interview 
with the authors</A> is available on the web. 
<HR><A name="d_and_hark"> Doraswamy and Harkins <CITE>IP Sec: The New 
 Security Standard for the Internet, Intranets and Virtual Private 
 Networks</CITE>
<BR> Prentice Hall 1999 ISBN: 0130118982</A>
<HR><A name="EFF"> Electronic Frontier Foundation <CITE>Cracking DES: 
Secrets  of Encryption Research, Wiretap Politics and Chip Design</CITE>
<BR></A> O'Reilly 1998 ISBN 1-56592-520-3
<BR> To conclusively demonstrate that DES is inadequate for continued 
use, the <A href="glossary.html#EFF">EFF</A> built a machine for just 
over $200,000 that breaks DES  encryption in under five days on 
average, under nine in the worst case.
<P>The book provides details of their design and, perhaps even more 
 important, discusses why they felt the project was necessary. 
Recommended  for anyone interested in any of the three topics mentioned 
in the  subtitle.</P>
<P>See also the <A href="http://www.eff.org/descracker.html"> EFF page 
on  this project </A> and our discussion of <A href="politics.html#desnotsecure">
DES  insecurity</A>. </P>
<HR> Martin Freiss <CITE>Protecting Networks with SATAN</CITE>
<BR> O'Reilly 1998 ISBN 1-56592-425-8
<BR> translated from a 1996 work in German
<BR> SATAN is a Security Administrator's Tool for Analysing Networks. 
This book  is a tutorial in its use. 
<HR> Gaidosch and Kunzinger<CITE> A Guide to Virtual Private  Networks</CITE>
<BR> Prentice Hall 1999 ISBN: 0130839647 
<HR><A name="Garfinkel"> Simson Garfinkel <CITE>Database Nation: the 
death of  privacy in the 21st century</CITE>
<BR> O'Reilly 2000 ISBN 1-56592-653-6
<BR> A thoughtful and rather scary book.</A>
<HR><A name="PGP"> Simson Garfinkel <CITE>PGP: Pretty Good Privacy</CITE>
<BR> O'Reilly 1995 ISBN 1-56592-098-8
<BR> An excellent introduction and user manual for the </A><A href="glossary.html#PGP">
PGP</A> email-encryption package.  PGP is a good package with a complex 
and  poorly-designed user interface. This book or one like it is a must 
for  anyone who has to use it at length.
<P>The book covers using PGP in Unix, PC and Macintosh environments, 
plus  considerable background material on both the technical and 
political issues  around cryptography. The only shortcoming is that it 
does not cover recent  developments such as PGP 5 and Open PGP. </P>
<HR><A name="practical"> Garfinkel and Spafford <CITE>Practical Unix 
 Security</CITE>
<BR> O'Reilly 1996 ISBN 1-56592-148-8
<BR> A standard reference.
<BR> Spafford's web page has an excellent collection of <A href="http://www.cs.purdue.edu/coast/hotlist">
 crypto and security  links</A>. 
<HR><A name="Kahn"> David Kahn <CITE>The Codebreakers: the 
Comprehensive  History of Secret Communications from Ancient Times to 
the  Internet</CITE>
<BR> second edition Scribner 1996 ISBN 0684831309
<BR> A history of codes and code-breaking from ancient Egypt to the 
20th century.  Well-written and exhaustively researched. <STRONG>Highly 
recommended</STRONG>,  even though it  does not have much on computer 
cryptography.</A>
<HR> David Kahn <CITE>Seizing the Enigma, The Race to Break the German 
U-Boat  codes, 1939-1943</CITE>
<BR> Houghton Mifflin 1991 ISBN 0-395-42739-8 
<HR><A name="kirch"> Olaf Kirch <CITE>Linux Network Administrator's 
 Guide</CITE>
<BR> O'Reilly 1995 ISBN 1-56592-087-2
<BR> Now becoming somewhat dated in places, but still a good 
introductory book  and general reference.</A>
<HR><A name="RFCs"> Pete Lashin <CITE>Big Book of IPSEC RFCs</CITE>
<BR> Morgan Kaufmann 2000 ISBN: 0-12-455839-9</A>
<HR><A name="crypto"> Steven Levy <CITE>Crypto: How the Code Rebels 
Beat the Government -- Saving Privacy in the Digital Age</CITE></A>
<BR> Penguin 2001, ISBN 0-670--85950-8
<BR><STRONG> Highly recommended</STRONG>. A fine history of recent 
(about 1970-2000) developments in the field, and the related political 
controversies. FreeS/WAN project founder and leader John Gilmore 
appears several times. 
<P> The book does not cover IPSEC or FreeS/WAN, but this project is 
very much another battle in the same war.  See our discussion of the <A href="politics.html">
politics</A>. </P>
<HR><A name="GTR"> Matyas, Anderson et al. <CITE>The Global Trust 
 Register</CITE>
<BR> Northgate Consultants Ltd 1998 ISBN: 0953239705
<BR> hard cover edition due April 1999 MIT Press ISBN 0262511053
<BR> From <A href="http://www.cl.cam.ac.uk/Research/Security/Trust-Register">
 their web page</A>: <BLOCKQUOTE> This book is a register of the 
fingerprints of the world's most important  public keys; it implements 
a top-level certification authority (CA) using  paper and ink rather 
than in an electronic system.</BLOCKQUOTE>
<HR><A name="handbook"> Menezies, van Oorschot and Vanstone <CITE>
Handbook of  Applied Cryptography</CITE></A>
<BR> CRC Press 1997
<BR> ISBN 0-8493-8523-7
<BR> An excellent reference. Read <A href="#schneier">Schneier</A>
 before  tackling this. 
<HR><A name="Mourani"> Gerhard Mourani <CITE>Get Acquainted with Linux 
 Security and Optimization System</CITE></A>
<BR> Available online as a <A href="http://pages.infinit.net/lotus1/">
PDF  file</A>. It did not yet cover IPSEC when we last looked. 
<HR> Michael Padlipsky <CITE>Elements of Networking Style</CITE>
<BR> Prentice-Hall 1985 ISBN 0-13-268111-0 or 0-13-268129-3
<BR> Probably <STRONG>the funniest technical book ever written</STRONG>
, this is a vicious but  well-reasoned attack on the OSI &quot;seven layer 
model&quot; and all that went with  it. Several chapters of it are also 
available as RFCs 871 to 875. 
<HR><A name="matrix"> John S. Quarterman <CITE>The Matrix: Computer 
Networks  and Conferencing Systems Worldwide</CITE>
<BR> Digital Press 1990  ISBN 155558-033-5
<BR> Prentice-Hall ISBN 0-13-565607-9
<BR> The best general treatment of computer-mediated communication we 
have seen.  It naturally has much to say about the Internet, but also 
covers UUCP,  Fidonet and so on.</A>
<HR><A name="ranch"> David Ranch <CITE>Securing Linux Step by Step</CITE>
<BR> SANS Institute, 1999
<BR></A><A href="http://www.sans.org/"> SANS</A> is a respected 
organisation,  this guide is part of a well-known series, and Ranch has 
previously written  the useful <A href="http://www.ecst.csuchico.edu/~dranch/LINUX/TrinityOS.wri">
Trinity  OS</A> guide to securing Linux, so my guess would be this is a 
pretty good  book. I haven't read it yet, so I'm not certain. It can be 
ordered online  from <A href="http://www.sans.org/">SANS</A>. 
<HR><A name="schneier"> Bruce Schneier <CITE>Applied Cryptography, 
Second  Edition</CITE>
<BR> John Wiley &amp; Sons, 1996
<BR> ISBN 0-471-12845-7 hardcover
<BR> ISBN 0-471-11709-9 paperback
<BR> A standard reference on computer cryptography. For more recent 
essays, see  the <A href="http://www.counterpane.com/">author's 
company's web  site</A>. 
<HR><A name="secrets"> Bruce Schneier <CITE>Secrets and Lies</CITE>
<BR> Wiley 2000, ISBN 0-471-25311-1
<BR> An interesting discussion of security and privacy issues, written 
with more of an &quot;executive overview&quot; approach rather than a narrow 
focus on the technical issues. <STRONG>Highly recommended</STRONG>. 
<HR><A name="VPNbook"> Scott, Wolfe and Irwin <CITE>Virtual Private 
 Networks</CITE></A>
<BR> 2nd edition, O'Reilly 1999 ISBN: 1-56592-529-7
<BR> This is the only O'Reilly book, out of a dozen I own, that I'm 
disappointed  with. It deals mainly with building VPNs with various 
proprietary tools  -- <A href="glossary.html#PPTP">PPTP</A>, <A href="glossary.html#SSH">
SSH</A>, Cisco PIX, ... --  and touches only lightly on IPSEC-based 
approaches.
<P>That said, it appears to deal competently with what it does cover 
and it  has readable explanations of many basic VPN and security 
concepts. It may be  exactly what some readers require, even if I find 
the emphasis  unfortunate. </P>
<HR><A name="LASG"> Kurt Seifried <CITE>Linux Administrator's Security 
 Guide</CITE></A>
<BR> Available online from <A href="http://www.securityportal.com/lasg/">
Security Portal</A>. It has  fairly extensive coverage of IPSEC. 
<HR><A name="Smith"> Richard E Smith <CITE>Internet Cryptography</CITE>
<BR></A> ISBN 0-201-92480-3, Addison Wesley, 1997
<BR> See the book's <A href="http://www.visi.com/crypto/inet-crypto/index.html">
home page</A>
<HR><A name="neal"> Neal Stephenson <CITE>Cryptonomicon</CITE></A>
<BR> Hardcover ISBN -380-97346-4, Avon, 1999. 
<P> A novel in which cryptography and the net figure prominently. <STRONG>
Highly recommended</STRONG>: I liked it enough I immediately went out 
and bought all the author's other books. </P>
<P> There is also a paperback edition. Sequels are expected. </P>
<HR><A name="stevens"> Stevens and Wright <CITE>TCP/IP Illustrated</CITE>
<BR> Addison-Wesley</A>
<UL>
<LI>Vol. I: The Protocols 1994 ISBN:0-201-63346-9</LI>
<LI>Vol. II: The Implementation 1995 ISBN:0-201-63354-X</LI>
<LI>Vol. III: TCP for Transactions, HTTP, NNTP, and the UNIX Domain 
 Protocols 1996 ISBN: 0-201-63495-3</LI>
</UL>
<P> If you need to deal with the details of the network protocols, read 
either this series or the <A href="#comer">Comer</A> series before you 
start reading the RFCs. </P>
<HR><A name="Rubini"> Rubini <CITE>Linux Device Drivers</CITE>
<BR> O'Reilly &amp; Associates, Inc. 1998 ISBN 1-56592-292-1</A>
<HR><A name="Zeigler"> Robert Zeigler <CITE>Linux Firewalls</CITE>
<BR> Newriders Publishing, 2000 ISBN 0-7537-0900-9
<BR></A></A></A></A></A></A><HR>
<A HREF="toc.html">Contents</a>
<A HREF="glossary.html">Previous</a>
<A HREF="rfc.html">Next</a>
</BODY>
</HTML>