从这本经典参考书的第一版出版以来，Internet经历了爆炸式的增长，而电子商务也成为企业运作和个人生活不可或缺的一部分。随着Internet的飞速膨胀，安全方面的危机也在飞速扩大：从密码嗅探到IP欺骗，从篡改网站首页到导致流行站点死机的分布式拒绝服务攻击。
防火墙是保护系统免遭Internet安全威胁的一种十分有效的方式，防火墙已经成了当今计算机网络的关键组件。与第一版一样，本书（第二版）也是一本非常实用、非常详细的指南，能够帮助读者设计和构建Internet防火墙并将Internet服务配置为使用防火墙进行工作。相比上一版，本书在内容上进行了极大的扩展，覆盖WindowssNT和Linux系统，以及Unix系统。其中详细地介绍了各种防火墙技术（数据包过滤、代理、网络地址转换、虚拟专用网）和体系结构，以及100多种Internet服务，范围从电子邮件和文件传输，到Web服务和脚本语言，还有命名方式、认证方式和数据库协议。
本书还用了几章的篇幅专门介绍安全策略、加密方式、防火墙的维护，以及安全事件的应急响应，另外还总结了一些有用的防火墙工具和其他资源。
“我曾在1991年说过你需要从11页纸的《PracticallUnixxSecurity》中去了解防火墙。时过境迁，现在需要了解更多防火墙的知识。本书严谨地、完整地介绍了防火墙的所有知识，并且循序渐进地解释了防火墙的应用方式。如果你是在使用网络，那么你就不能离了这本书。”
—— Gene Spafford教授（普度大学信息安全教育与研究中心）
“设计一个安全的网络比网络部署之后再去纠正错误总是要更简单些。这本书介绍了防火墙的基础原理，并详细介绍了正确设计网络所需要的信息。这本书对于任何想安全地操作网络的人来说，都是一本不可缺少的参考书。”
—— David LeBlanc（微软公司ITG信息安全公司主管技术官）
“这简直包含了防火墙的所有内容！管理、危机、常规安全、防御设计、策略、检测、反击等等，这本书包含了高效地实现和维护一个实用防火墙所需要的所有知识。”
—— Greg Rose（QUALCOMM公司高级工程师）

书名：构建Internet防火墙（第二版，影印版）

作者：Elizabeth D. Zwicky, Simon Cooper, D. Brent Chapman 著

国内出版社：清华大学出版社

出版时间：2003年06月

页数：896

书号：7-302-06554-3

原版书出版商：O'Reilly Media

 

Elizabeth D. Zwicky is a director at Counterpane Internet Security, a managed
security services company. She has been doing large-scale Unix system administra-tion
and related work for 15 years, and was a founding board member of both the
System Administrators Guild (SAGE) and BayLISA (the San Francisco Bay Area sys-tem
administrators group), as well as a nonvoting member of the first board of the
Australian system administration group, SAGE-AU. She has been involuntarily
involved in Internet security since before the 1988 Morris Internet worm. In her
lighter moments, she is one of the few people who makes significant use of the
rand function in PostScript, producing PostScript documents that are different
every time they're printed.

 

 

 

Simon Cooper is a computer professional currently working in Silicon Valley. He
has worked in different computer-related fields ranging from hardware through
operating systems and device drivers to application software and systems support
in both commercial and educational environments. He has an interest in the activi-ties
of the Internet Engineering Task Force (IETF) and USENIX, is a member of the
British Computer Conservation Society, and is a founding member of the Com-puter
Museum History Center. Simon has released a small number of his own
open source programs and has contributed time and code to the XFree86 project.
In his spare time, Simon likes to play ice hockey, solve puzzles of a mathematical
nature, and tinker with Linux.

 

 

 

D. Brent Chapman is a networking professional in Silicon Valley. He has designed
and built Internet firewall systems for a wide range of organizations, using a vari-ety
of techniques and technologies. He is the founder of the Firewalls Internet
mailing list, and creator of the Majordomo mailing list management package. He is
the founder, principal, and technical lead of Great Circle Associates, Inc., a highly
regarded strategic consulting and training firm specializing in Internet networking
and security. Over the last 15 years, Brent has worked in a variety of consulting,
engineering, and management roles in information technology, operations, and
technology marketing for a wide range of employers and clients, including the
Xerox Palo Alto Research Center (PARC), Silicon Graphics, Inc. (SGI), and Covad
Communications Company.

 

 

Edie Freedman designed the cover of this book, using a 19th-century engraving
from Heck's Pictorial Archive of Art and Architecture. The cover layout was pro-duced
by Emma Colby with QuarkXPress 3.3 using the ITC Garamond font. When-ever
possible, our books use a durable and flexible lay-flat binding. If the page
count exceeds this binding's limit, perfect binding is used.