Bell Labs book on building firewalls to thwart Internet hackers

READING, MASS. -- MARCH 15, 1994 -- More than 15 million people use the Internet global computer network today, and their numbers are growing rapidly.

The first book to explore the issue of Internet security, explaining the threats and detailing the strategies for dealing with them, will be published in June.

William R. Cheswick and Steven M. Bellovin, two AT&T Bell Laboratories researchers who helped break the infamous "Berford" hacker case, reveal their methods in Firewalls and Internet Security: Repelling the Wily Hacker, from Addison-Wesley Publishing Co.

The book shows readers how to evaluate the kinds of threats they face and how to put in place security measures that will thwart the most determined and sophisticated hackers.

In particular, the authors provide step-by-step instructions for building a "firewall" gateway, a dedicated machine equipped with safeguards that acts as a single, more easily defended Internet connection.

Cheswick and Bellovin are both senior researchers at AT&T Bell Laboratories, Murray Hill, N.J., where they have designed and maintain AT&T's Internet gateway.

They have published numerous papers in the field. Bellovin is also well known in the network community as one of the founders of Usenet.

The authors draw on this wealth of real-world experience for Firewalls and Internet Security. The book begins with a discussion of security policies, strategies, ethics, and an overview of Transmission Control Protocol/Internet Protocol (TCP/IP) from a security standpoint.

It features an in-depth presentation of firewall gateways, including a step-by-step description of the authors' own most recent gateway, the tools they used to build it, and the hacker attacks they devised to test it.

The authors also examine the classes of hacker attacks readers are likely to encounter.

They give a first-hand account of the notorious "Berferd" hacker, who in 1991 infiltrated computer networks worldwide. Cheswick and Bellovin relate how they recognized the presence of a hacker, strung him along, and eventually helped trace him. Their account includes an instructive and entertaining look at the logs.

They also cover the legal considerations of Internet security and how encryption can be used in high-threat environments, among other topics. The authors conclude with an appendix listing sources for free code from which readers can build their own code.

Firewalls and Internet Security will sell for $26.95. The 317-page paperback will carry ISBN number 0-201-63357-7. Ordering information may be obtained, toll-free, by phoning 1-800-822-6339.

Tiffany A. Moore - Addison Wesley Publishing Co.

Donna Cunningham - AT&T Bell Laboratories