In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks--and the need to protect both business and personal data--have never been greater. We've updated Building Internet Firewalls to address these newer risks.What kinds of security threats does the Internet pose Some, like password attacks and the exploiting of known security holes, have been around since the early days of networking. And others, like the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, are in current headlines.Firewalls, critical components of today's computer networks, effectively protect a system from most Internet security threats. They keep damage on one part of the network--such as eavesdropping, a worm program, or file damage--from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down.Like the bestselling and highly respected first edition, Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes:Firewall technologies: packet filtering, proxying, network address translation, virtual private networks Architectures such as screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewallsIssues involved in a variety of new Internet services and protocols through a firewallEmail and NewsWeb services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo)File transfer and sharing services such as NFS, SambaRemote access services such as Telnet, the BSD "r" commands, SSH, BackOrifice 2000Real-time conferencing services such as ICQ and talkNaming and directory services (e.g., DNS, NetBT, the Windows Browser)Authentication and auditing services (e.g., PAM, Kerberos, RADIUS);Administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics)Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP)Database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server)About the AuthorsD. Brent Chapman is a consultant in the San Francisco Bay Area, specializing in Internet firewalls. He has designed and built Internet firewall systems for a wide range of clients, using a variety of techniques and technologies. He is also the manager of the Firewalls Internet mailing list. Before founding Great Circle Associates, he was operations manager for a financial services company, a world-renowned corporate research lab, a software engineering company, and a hardware engineering company. He holds a Bachelor of Science degree in electrical engineering and computer science from the University of California, Berkeley. In his spare time, Brent is a volunteer search and rescue pilot, disaster relief pilot, and mission coordinator for the California Wing of the Civil Air Patrol (the civilian auxiliary of the United States Air Force). Elizabeth Zwicky is a senior system administrator at Silicon Graphics and the president of SAGE (the System Administrators Guild).Simon Cooper is a computer professional currently working in Silicon Valley. He has worked in different computer-related fields ranging from hardware through operating systems and device drivers to application software and systems support in both commercial and educational environments. D. Brent Chapman is a consultant in the San Francisco Bay Area, specializing in Internet firewalls. He has designed and built Internet firewall systems for a wide range of clients, using a variety of techniques and technologies.