Updates
Latest Tweet
What's New?
Check out for latest innovation, a computer based training video collection
Like this Page
Securing IM and P2P Applications for the Enterprise Review by Richard Bejtlich
Excellent guide to IM, P2P, and IRC networks and security
I had high hopes for Securing IM and P2P Applications for the Enterprise (SIAPAFTE), and thankfully this book delivers. SIAPAFTE is a modern, well-written, thorough guide to instant messaging (IM), peer-to-peer (P2P), and Internet Relay Chat (IRC) networks and related security issues. I recommend all network and security administrators read this book.
SIAPAFTE is helpful in many respects. First, the book is up-to-date. It covers events as recent as the fall of 2005. The book also takes a historical approach to describing technologies by describing when and how they were introduced. Readers learn of the evolution of various IM and P2P clients and networks, as IM network owners seek to shut out rival clients and industry groups shut down P2P infrastructure.
Second, SIAPAFTE takes a comprehensive look at IM, P2P, and IRC technologies. I believe the authors picked the right networks and clients to discuss. IM is fairly simple to understand, since the clients are closely tied to the networks. P2P is less clear, since people often refer to clients like KaZaA (or Kazaa) without understanding that FastTrack is the underlying network. I learned of many technologies for the first time reading this book. Distributed Hash Table (DHT) and Kademlia are two examples.
Third, SIAPAFTE is well-written. The text is clear and the authors communicate their points in an organized and coherent manner. This does not mean the book is without flaws. Although Zeveck's one-star review (after reading just 40 pages -- please) is ridiculous, he is correct about a bad figure reference on p 27. The bottom of p 235 features a similar problem, and some pages have large chunks of inexplicable white space. I also thought the large lists of IM threats was not needed, especially when some of them ran several pages.
I liked the protocol analysis of various networks, particularly those for P2P. It seemed some protocols got more attention than others, however. The inclusion of IPTables and Snort rules was a nice touch. I would have liked to see that for the IM and IRC parts too. The IRC section could have used an IRC command reference. Since this is a book about IM and such in the enterprise, it would have been helpful to learn how to set up a secure internal IM system like Jabber or even a local IRC server.
For those keeping track of Syngress' recent tendency to reprint chapters from other books, SIAPAFTE is no exception. The last 20 pages in Ch 7 are Ch 13 from Skype Me! Oddly, no credit is given in SIAPAFTE for that other book's material.
Overall, I think anyone involved with networks or security will find SIAPAFTE a great resource. I found the book to be highly informative, and I recommend you read it. Addressing the issues in this review would merit a five star review for a second edition.