Ebook VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader
As one of the home window to open up the brand-new world, this VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader supplies its fantastic writing from the writer. Released in one of the preferred authors, this publication VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader turneds into one of the most desired publications just recently. Really, guide will certainly not matter if that VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader is a best seller or otherwise. Every book will certainly constantly give ideal sources to obtain the reader all finest.
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader
Ebook VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader
VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader. Reviewing makes you much better. That says? Several wise words claim that by reading, your life will be better. Do you believe it? Yeah, prove it. If you require guide VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader to review to prove the smart words, you could visit this page perfectly. This is the site that will certainly supply all the books that most likely you require. Are the book's compilations that will make you feel interested to review? Among them here is the VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader that we will suggest.
Yet below, we will certainly show you incredible point to be able always review the publication VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader anywhere and whenever you happen as well as time. Guide VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader by only could aid you to recognize having guide to read every time. It will not obligate you to always bring the thick publication anywhere you go. You could just maintain them on the kitchen appliance or on soft documents in your computer to always review the space at that time.
Yeah, spending time to review guide VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader by on-line can additionally offer you good session. It will relieve to stay connected in whatever condition. In this manner can be a lot more appealing to do as well as simpler to read. Now, to obtain this VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader, you could download and install in the web link that we supply. It will help you to get simple way to download and install the e-book VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader.
The books VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader, from straightforward to difficult one will certainly be a really helpful jobs that you can require to alter your life. It will not provide you unfavorable declaration unless you do not obtain the meaning. This is certainly to do in checking out an e-book to get over the definition. Generally, this e-book entitled VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader is checked out due to the fact that you really such as this sort of e-book. So, you could get less complicated to understand the perception as well as significance. Once longer to consistently keep in mind is by reviewing this e-book VPNs Illustrated: Tunnels, VPNs, And IPsec, By Jon C. Snader, you can fulfil hat your inquisitiveness begin by finishing this reading e-book.
Virtual private networks (VPNs) based on the Internet instead of the traditional leased lines offer organizations of all sizes the promise of a low-cost, secure electronic network. However, using the Internet to carry sensitive information can present serious privacy and security problems. By explaining how VPNs actually work, networking expert Jon Snader shows software engineers and network administrators how to use tunneling, authentication, and encryption to create safe, effective VPNs for any environment.
Using an example-driven approach, VPNs Illustrated explores how tunnels and VPNs function by observing their behavior "on the wire." By learning to read and interpret various network traces, such as those produced by tcpdump, readers will be able to better understand and troubleshoot VPN and network behavior.
Specific topics covered include:
- Block and stream symmetric ciphers, such as AES and RC4; and asymmetric ciphers, such as RSA and EIGamal
- Message authentication codes, including HMACs
- Tunneling technologies based on gtunnel
- SSL protocol for building network-to-network VPNs
- SSH protocols as drop-in replacements for telnet, ftp, and the BSD r-commands
- Lightweight VPNs, including VTun, CIPE, tinc, and OpenVPN
- IPsec, including its Authentication Header (AH) protocol, Encapsulating Security Payload (ESP), and IKE (the key management protocol)
Packed with details, the text can be used as a handbook describing the functions of the protocols and the message formats that they use. Source code is available for download, and an appendix covers publicly available software that can be used to build tunnels and analyze traffic flow.
VPNs Illustrated gives you the knowledge of tunneling and VPN technology you need to understand existing VPN implementations and successfully create your own.
- Sales Rank: #374864 in eBooks
- Published on: 2015-01-09
- Released on: 2015-01-09
- Format: Kindle eBook
From the Back Cover
Virtual private networks (VPNs) based on the Internet instead of the traditional leased lines offer organizations of all sizes the promise of a low-cost, secure electronic network. However, using the Internet to carry sensitive information can present serious privacy and security problems. By explaining how VPNs actually work, networking expert Jon Snader shows software engineers and network administrators how to use tunneling, authentication, and encryption to create safe, effective VPNs for any environment.
Using an example-driven approach, VPNs Illustrated explores how tunnels and VPNs function by observing their behavior "on the wire." By learning to read and interpret various network traces, such as those produced by tcpdump, readers will be able to better understand and troubleshoot VPN and network behavior.
Specific topics covered include:
- Block and stream symmetric ciphers, such as AES and RC4; and asymmetric ciphers, such as RSA and EIGamal
- Message authentication codes, including HMACs
- Tunneling technologies based on gtunnel
- SSL protocol for building network-to-network VPNs
- SSH protocols as drop-in replacements for telnet, ftp, and the BSD r-commands
- Lightweight VPNs, including VTun, CIPE, tinc, and OpenVPN
- IPsec, including its Authentication Header (AH) protocol, Encapsulating Security Payload (ESP), and IKE (the key management protocol)
Packed with details, the text can be used as a handbook describing the functions of the protocols and the message formats that they use. Source code is available for download, and an appendix covers publicly available software that can be used to build tunnels and analyze traffic flow.
VPNs Illustrated gives you the knowledge of tunneling and VPN technology you need to understand existing VPN implementations and successfully create your own.
About the Author
Jon C. Snader is a TCP/IP and VPN expert whose background includes work in communications, networking, compiler development, operating systems, and radio network controllers.
Excerpt. © Reprinted by permission. All rights reserved.
Introduction
There is a revolution going on in enterprise networking. Until very recently, enterprises that needed to link computers in geographically dispersed locations had to build their own wide area networks (WANs). Usually this meant renting expensive and, by today's Internet standard, relatively slow frame relay circuits. A typical 56 Kb/s circuit could cost several hundred, or even over a thousand, dollars a month.
Today, the typical home computer user enjoys a broadband Internet connection having a 5 Mb/s download speed for a cost of about $40 per month. Commercial variants of this service, offering higher speeds and other amenities, are available for between $100 and $200 per month. Obviously, this significant increase in speed and decrease in cost represent a tremendous opportunity for enterprises, but they do introduce new problems.
The Internet is an open environment and, compared to leased lines, dreadfully insecure. Increases in bandwidth and decreases in cost are worthless if they mean that an enterprise's vital data can be intercepted by competitors, or that financial transactions are subject to manipulation by outsiders. This book discusses ways to overcome these problems by recreating the security of leased lines in a public medium such as the Internet.
The fundamental mechanism that allows us to have secure communications in the Internet is the notion of a tunnel. As we'll see, tunnels are a way of overlaying a logical or virtual network on top of a physical network. Once we have such a tunnel, we can secure it by encrypting and authenticating the network traffic that flows through it, thus recreating the security of private leased lines.
Of course, this simple description hides a substantial set of details and problems. We'll see that it's actually quite difficult to endow such tunnels with robust security. Much of the book is concerned with exploring solutions to these problems,and seeing why the successful solutions work and where the unsuccessful ones fail.
Source Code and Errata AvailabilitySource code discussed in the text and other supporting material are available on my Web site athttp://home.netcom.com/~jsnader. The networking libraries and skeletons from Effective TCP/IPProgramming, which I mention and use occasionally in the text, are also available on the Web site.
My readers, it turns out, are much better at finding mistakes than I am. Although I go over the text carefully, checking that every i is dotted and every t crossed, errors still manage to evade me. Fortunately, most of these are caught by the careful and fastidious professionals at Addison-Wesley. Still, some errors will no doubt escape into the final published text. As these are discovered--usually by careful readers--I add them to an errata list for the book. This list is always available at my Web site.
ColophonAs with my previous book, I produced camera-ready copy for this text using James Clark's splendid Groff typesetting suite (now maintained by Ted Harding and Werner Lemberg) and Rich Stevens' modified ms macros.I used the gpic, gtbl, and geqn preprocessors for the figures, tables, and mathematical notation, respectively. Some of the figures use gpic macros from Rich Stevens and Gary Wright. Indexing tools from Jon Bentley and Brian Kernighan were a huge help in the production of the index. I included the source code for the programming examples directly from their source files with Dave Hanson's loom utility. The text is set in the Palatino typeface.
As always, I welcome readers' comments, suggestions, and corrections. Please feel free to email me at the address below.
Jon C. Snader
jsnader@ix.netcom.com
http://home.netcom.com/~jsnader
Tampa, Florida
October 2005
032124544XP10122005
Most helpful customer reviews
6 of 6 people found the following review helpful.
Packet-oriented, detail-rich book on VPNs
By Richard Bejtlich
VPNs Illustrated is a great book for those wishing to understand network traffic at the packet level. Author Jon C. Snader was inspired by the earlier TCP/IP Illustrated volumes, and tries to reproduce the Tcpdump-style material found in Stevens' classics. The level of detail found in VPNs Illustrated easily outweighs any problems this book might suffer, so I recommend you read it for in-depth knowledge of VPN traffic.
The book is divided into three parts. Of these, I found Part I ("Background") to be of questionable value. The introduction (ch 1) should not have been a chapter, and ch 2 ("TCP/IP Overview") should be replaced by a reference to existing volumes on TCP/IP. The crypto overview (ch 3) could also be replaced by a reference to other books, although as a non-crypto guy I found it a helpful refresher. The last chapter in part 1 finally gets to more subject-specific information, covering PPP, IP-in-IP, PPPoE, GRE, PPTP, L2TP, and MPLS tunnels. I really liked reading the author's criticisms of certain protocols like PPTP and L2TP. He should have included Tcpdump traces of MPLS, since the other protocols featured packet data.
Part II included chapters on VPNs (ch 5), SSL (ch 6), SSH (ch 7), and "lightweight" VPNs (ch 8) like VTun, CIPE, Tinc, and OpenVPN. Some of this material is very deep and probably unnecessary for most readers. The author explains messages exchanged by almost all of these protocols, which is information I've not seen elsewhere. Some may consider these descriptions obscure, while others (probably researchers and developers) will appreciate the analysis.
Part III covers IPSec. Ch 9 ("IPSec") should be part of ch 10 ("IPSec Architecture"). The remaining sections thoroughly address IPSec (11: AH; 12: ESP; 13: IKE; 14: the future of IPSec). I think chapters 10-13 are the best IPSec material I've read. They made more sense than others I've seen, although the complexity of IKE made ch 14 difficult to follow.
Throughout VPNs Illustrated, the author is not shy about sharing criticisms of various protocols. This is extremely valuable. He also repeats sound advice on practices to avoid (like static preshared keys) or measures to consider (defeating replay attacks). Because he illustrates so many protocols, he compares and contrasts them to emphasize key points. He also frequently cites authoritative sources like Schneier and Ferguson.
To achieve a fifth star in a second edition, I would like to see the author incorporate my previous suggestions. I would love to see configuration files for all of his examples in the appendices. He can move existing examples out of the main text to improve readability. Every protocol should have a corresponding network trace analysis, and the traces should be posted on a Web site. I would also like to see a summary of his thoughts on what makes a great VPN protocol, and then his ratings for various implementations.
You won't necessarily be able to implement the VPN software discussed in VPNs Illustrated by simply reading the text. You will gain a great understanding of how they work, or sometimes, don't work!
7 of 8 people found the following review helpful.
why I don't like this book
By Oliver
I bought this book aiming to gain indepth understanding of VPN technology, but I was disappointed. The key chapter 4, for example, try to explain tunnel concept left and right, but it mixed the general encapsulation and tunnel, and the verbose wording didn't make it any clear. Using tcpdump trace to explain some of the field is both a blessing and curse, depending on how you look at it - I think the book is sort of strong in specific details but weak in overall conceptual pictures - however most of those details have been better documented in the RFCs.
Another example - when talking about generic tunnel skeleton using FreeBSD as example (ch 4.8), where some code snippets are presented, I feel some background and detailed illustration of flow/drawing is necessary to clear up the concept and why it correlates prevoius sections, but none given.
It may sound a bit harsh: though the author try to emulate Rich Steven's style and dedicate the book to him, but it is hard for me to say the end product can really live up to Steven's standard.
9 of 11 people found the following review helpful.
Advanced, takes networking books to the next level
By Stephen Northcutt
NOTE: This book is not for everyone, if you have not invested at least 40 hours looking at network traffic, I would recommend you pass.
This book is zero fluff, it makes you want to spin up your scratch boxes and follow along. In fact I did just that, I have to switch to a new ISP that requires PPoE and I was always curious how that worked, the book gave me just enough of a clue to interpret what was passing in and out of my house.
The world has a new grandmaster of tcpdump and I have seem some pretty good ones over the years. Once I designed a T-shirt for a SANS conference with the hexadecimal output from a tcpdump; only we flipped it so it was running down the shirt and rendered in green, to resemble the matrix.
The packet was a DNS reply. In the additional records we said good things about SANS; after all, gotta market to eat. There was an error intentionally placed into the shirt and we designated a prize for the first attendee to find the error. A student walked by wearing the shirt and the "4500" in the hex field caught one of the instructor's eye. She followed him around murmuring, it is sideways, UDP, DNS, a reply, there are additional records, wait a minute that pointer entry is wrong. We watched in amazement, when she was done and looked up, the entire SANS faculty bowed to her. Because a mal-formatted packet can kill a packet analyzer the world needs people like Judy and Jon.
This is not a beginner book and Jon expects you to catch the 4500 stuff pretty fast. However, if you have followed the discipline of tcpdump instead of some packet analysis tool that spells out everything this book can take you to the next level.
VPNs Illustrated is rich in diagrams, including packet headers and state diagrams, examples of network traffic, and cartoons that explain the architecture of the system, or network. It is amazingly well edited, my only nit is on page 93, line 1 spacing off by one character.
The book has a strong linux bias, if you are a Windows person, you will be able to follow along for about 60% of the book using Windump, but you will not be able to use the tools or source.
This is the perfect reference for the person that knows networking and wants to really invest in taking it to the next level.
Finally, the dedication to Rich Stevens was over the top and heartfelt appreciated. I will never forget the man who taught me how to read a packet.
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader PDF
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader EPub
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader Doc
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader iBooks
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader rtf
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader Mobipocket
VPNs Illustrated: Tunnels, VPNs, and IPsec, by Jon C. Snader Kindle
Tidak ada komentar:
Posting Komentar