Rating:
(6 reviews)
Author: Jon C. Snader
ISBN : 032124544X
New from $46.49
Format: PDF
Download electronic versions of selected books Free VPNs Illustrated: Tunnels, VPNs, and IPsec: Tunnels, VPNs, and IPsec for everyone book with Mediafire Link Download Link
Virtual private networks (VPNs) based on the Internet instead of the traditional leased lines offer organizations of all sizes the promise of a low-cost, secure electronic network. However, using the Internet to carry sensitive information can present serious privacy and security problems. By explaining how VPNs actually work, networking expert Jon Snader shows software engineers and network administrators how to use tunneling, authentication, and encryption to create safe, effective VPNs for any environment.
Using an example-driven approach, VPNs Illustrated explores how tunnels and VPNs function by observing their behavior "on the wire." By learning to read and interpret various network traces, such as those produced by tcpdump, readers will be able to better understand and troubleshoot VPN and network behavior.
Specific topics covered include:
- Block and stream symmetric ciphers, such as AES and RC4; and asymmetric ciphers, such as RSA and EIGamal
- Message authentication codes, including HMACs
- Tunneling technologies based on gtunnel
- SSL protocol for building network-to-network VPNs
- SSH protocols as drop-in replacements for telnet, ftp, and the BSD r-commands
- Lightweight VPNs, including VTun, CIPE, tinc, and OpenVPN
- IPsec, including its Authentication Header (AH) protocol, Encapsulating Security Payload (ESP), and IKE (the key management protocol)
Packed with details, the text can be used as a handbook describing the functions of the protocols and the message formats that they use. Source code is available for download, and an appendix covers publicly available software that can be used to build tunnels and analyze traffic flow.
VPNs Illustrated gives you the knowledge of tunneling and VPN technology you need to understand existing VPN implementations and successfully create your own.
Direct download links available for Free VPNs Illustrated: Tunnels, VPNs, and IPsec: Tunnels, VPNs, and IPsec
- Paperback: 480 pages
- Publisher: Addison-Wesley Professional; 1 edition (November 5, 2005)
- Language: English
- ISBN-10: 032124544X
- ISBN-13: 978-0321245441
- Product Dimensions: 1.1 x 7.3 x 9.1 inches
- Shipping Weight: 1.8 pounds (View shipping rates and policies)
Free VPNs Illustrated: Tunnels, VPNs, and IPsec: Tunnels, VPNs, and IPsec
VPNs Illustrated is a great book for those wishing to understand network traffic at the packet level. Author Jon C. Snader was inspired by the earlier TCP/IP Illustrated volumes, and tries to reproduce the Tcpdump-style material found in Stevens' classics. The level of detail found in VPNs Illustrated easily outweighs any problems this book might suffer, so I recommend you read it for in-depth knowledge of VPN traffic.
The book is divided into three parts. Of these, I found Part I ("Background") to be of questionable value. The introduction (ch 1) should not have been a chapter, and ch 2 ("TCP/IP Overview") should be replaced by a reference to existing volumes on TCP/IP. The crypto overview (ch 3) could also be replaced by a reference to other books, although as a non-crypto guy I found it a helpful refresher. The last chapter in part 1 finally gets to more subject-specific information, covering PPP, IP-in-IP, PPPoE, GRE, PPTP, L2TP, and MPLS tunnels. I really liked reading the author's criticisms of certain protocols like PPTP and L2TP. He should have included Tcpdump traces of MPLS, since the other protocols featured packet data.
Part II included chapters on VPNs (ch 5), SSL (ch 6), SSH (ch 7), and "lightweight" VPNs (ch 8) like VTun, CIPE, Tinc, and OpenVPN. Some of this material is very deep and probably unnecessary for most readers. The author explains messages exchanged by almost all of these protocols, which is information I've not seen elsewhere. Some may consider these descriptions obscure, while others (probably researchers and developers) will appreciate the analysis.
Part III covers IPSec. Ch 9 ("IPSec") should be part of ch 10 ("IPSec Architecture").
NOTE: This book is not for everyone, if you have not invested at least 40 hours looking at network traffic, I would recommend you pass.
This book is zero fluff, it makes you want to spin up your scratch boxes and follow along. In fact I did just that, I have to switch to a new ISP that requires PPoE and I was always curious how that worked, the book gave me just enough of a clue to interpret what was passing in and out of my house.
The world has a new grandmaster of tcpdump and I have seem some pretty good ones over the years. Once I designed a T-shirt for a SANS conference with the hexadecimal output from a tcpdump; only we flipped it so it was running down the shirt and rendered in green, to resemble the matrix.
The packet was a DNS reply. In the additional records we said good things about SANS; after all, gotta market to eat. There was an error intentionally placed into the shirt and we designated a prize for the first attendee to find the error. A student walked by wearing the shirt and the "4500" in the hex field caught one of the instructor's eye. She followed him around murmuring, it is sideways, UDP, DNS, a reply, there are additional records, wait a minute that pointer entry is wrong. We watched in amazement, when she was done and looked up, the entire SANS faculty bowed to her. Because a mal-formatted packet can kill a packet analyzer the world needs people like Judy and Jon.
This is not a beginner book and Jon expects you to catch the 4500 stuff pretty fast. However, if you have followed the discipline of tcpdump instead of some packet analysis tool that spells out everything this book can take you to the next level.
-
Download Link 2