Visit Jeremy's Blog.
Go Back > Reviews
User Name


» Number of reviews : 8 - viewing 10 Per Page

Last Review by Mara - posted: 08-04-2007 10:21 AM [ Post a Review

Views: 42846

It is always interesting to check how other people are solving the fame problems you face. You can learn new tricks or a different approach. That's the role the book 'Linux Appliance Design' would play for the developers of embedded Linux devices. It's also worth reading for developers with experience on different platforms, so they can see what can be Linux used for and what tools are available. It would be also a good addition for those starting with embedded devices to learn to think about design, before it's too late. But let's start from the beginning. When I first opened the book, I wasn't sure what to expect. At first, I was disappointed, because the book really starts (after two short intro chapters) from a chapter (3) about PostgreSQL-based protocol and access library (called RTA) for all user interfaces. What's bad in that? Well, nothing if you think about PCs, but for many devices it'd be simply too bloated and may lead to slow responses. Apart from the performance issues, the interface fits well with the rest of the design the authors present. When you read further, it makes sense. Many developers would drop the book at that point, however. The chapter should be moved to a later part of the book, especially as the later chapters do not make big use of the RTA library. After such an intro, the next chapter pleased me, as it is about secure daemons. Not very long, but covers everything that should be covered. The next three chapters (5 to 7) cover the appliance itself (simple alarm system) with a well-written hardware part, logging (syslog) and event handling. From that point the book moves to user interfaces. That makes more than a half of book, but the number of interfaces is impressive: web, command-line, front panel, framebuffer, infrared and SNMP. That's also the place where single access for all the interfaces (RTA) shows its' strength. The chapter about web interface starts from choosing the right daemon. Then it moves to the interface implementation, using PHP, JavaScript and AJAX. The performance of such design on an embedded system may be questionable, again. It certainly simplifies the design, however. The next interface presented is command line. The authors present a simple, yet powerful one. The next three chapters, about front panel, framebuffer and infrared include some hardware stuff. Again, done well and easy to understand even to those with only limited electronics background. The chapters also show how the process of development look like, what may be a big plus for novice readers. For the remaining three chapters the authors move to SNMP. The first one is one of the best introductions to the protocol I have read. It makes the protocol seem quite simple, quite the contrary to the reality (that's not a critique of the authors!). The next chapter shows how to create your own MIB (from getting an enterprise number). Finally, the last chapter shows an implementation of MIB using Net-SNMP. The book finishes with references (RTA library, SNMP, framebuffer driver installation, tbl2filed daemon), an review of the cd contents and an index. What should be added is that one of the good points of that book is that the authors use already-written code when possible and do not try to reinvent the wheel. The accompanying cd, that allows to look into the source code or just try and run the applications, is a good addition.

Rating: 9
Product Details: "Linux Appliance Design" by Mara - posted: 08-04-2007 - Rating: ********* 9.00

Last Review by Mara - posted: 02-12-2007 03:35 PM [ Post a Review

Views: 23336

Abstract: It's quite a good book about Python usages, but not for beginners to programming. Could be a bit smaller. I started that book without no previous contact with Python, but with experience with a number of different programming languages. I had no problems with reading the numerous examples from that book, so I think that experienced programmers can use it for their first contact with Python. Important note here: experienced programmers. It's not an introduction-to-programming type of book. The book is not a Python syntax reference, but rather a reference for possible usage. In my opinion it's a good thing, because it allows to see the language actually work and do some practical stuff. It's a very big book, but it's not hard for me to find the needed fragment. With such approach, it works nicely. I have mentioned the book size... After some time it became more and more annoying; it's simply too hard to keep easily. To add to that, there are many paragraphs that could be easily removed without loosing the content. The author attempted to write for a person with no programming experience (he introduces basic concepts), still requiring basic knowledge of Python. That may work in one case: when that book is your second programming book and the first one was some kind of Python reference or programming introduction with Python. For an experienced programmer, or even somebody who has limited experience, most of the introductionary sections are simply not needed, like standard input/output discussion , nine pages about bacis concepts on networking and sockets etc. Removing them would make the book have a reasonable size, what would be a plus. The author's style is lively and it's an interesting read. You can jump in to read a section of special interest, however. There are many examples (some could be probably shorter), so everything can be found in the code. The author gives detailed explanations, also including external links when needed. To sum up, the book is a good Python intro for an experienced programmer, who does not require introductions into topics like shell, networking, GUI and so on. It should be also OK for beginners, as long as they start from a book on programming basics (probably using Python) and are ready to read more about certain concepts, because they may not find the inf found in the book detailed enough. To ecide if it's for you you should browse it to see if the content satisfies you.

Rating: 8
Product Details: "Programming Python, Third Edition" by Mara - posted: 02-11-2007 - Rating: ********* 8.50

Last Review by Mara - posted: 09-29-2006 03:25 PM [ Post a Review

Views: 23801

[INDENT]It's a description of lower levels of the network stack. Covers layers up to 3 (IP etc + ICMP). Not much about layer 4+ and socket interface. Detailed. Requires (basic) knowledge of kernel internals and at least general idea how the networking protocols work.[/INDENT] I wish I had that book long time ago when I was starting digging in Linux networking code... What's hard when staring reading networking code is the amount of it. There are really many (often complicated) structures and the code uses many functions from different places. That makes the process of learning how the things work exactly quite a time-consuming one. "Understanding Linux Networking Internals" makes the first days (weeks?) much easier. It gives a solid background and prepares the reader to his or her own studies of the Linux networking code. The book shows many concepts which would take long time to understand. It also shows the reasons. The book starts with general networking and kernel introduction (not enough if that's the reader's first contact with one or both). Then it goes through layers, staring from the bottom (ie. close to hardware): network devices. Then it covers bridging. Next part covers IP protocol in version 4 (with one chapter about ICMP), with advanced topics like fragmentation. Then there comes neighboring subsystem (with ARP protocol) and the book finishes with routing. The choice of topics is good (but lacks certain things, see below). Popular (and, at the same time, important) protocols are shown. Descriptions are very detailed and that is visible in the size of the book: 1000 pages long. The text is clearly written, with enough examples. There are also many diagrams (for nearly all more complicated algorithms presented in the book) making it easier to follow the descriptions. One warning here: when it comes the IP code, knowledge of the protocol is important That part may be hard to understand without it. I highly recommend a book about protocols first. The discussion is detailed and also not so well-known features are discussed. Book structure is logical and clean, it's quite easy to find an interesting topic. Index helps, too. It'd be nice, however, to know from which version of the kernel comes the code and which version is described in the book, it's not clearly stated. It's a very valuable resource, but you always want more. So... To be a complete guide to Linux networking stack the book lacks certain important pieces, however. Level 4 protocols are not shown. This is not a very serious issue, as IP description is detailed and TCP would take no less than 300 pages (UDP, on the other hand, would fit just fine). What's more important for me is the lack of chapters about sockets. It's an important interface, its' internals are not that simple and show some important concepts and tricks. Understanding sockets is also important when adding a new protocol. I'd like more about topics like locking and performance. The lack of IPv6, IPSec, QoS (Quality of Service) is understandable, as they're all quite complicated. The content of the book makes it easier to understand their code. It's a book I recommend (with a more general kernel and protocol books and/or specifications) to everyone beginning with networking code. In fact, the book is also valuable for those who're approaching *BSD network stacks - there are differences, but the general ideas and design are more or less the same. Good for developers or students who want to get familiar with a state-of-art network stack.

Rating: 10
Product Details: "Understanding Linux Network Internals" by Mara - posted: 09-29-2006 - Rating: ********** 10.00

Last Review by Mara - posted: 01-19-2006 05:41 PM [ Post a Review

Views: 29861

The biggest question I had when reading this book was 'What's the target audience?' To read it without problems you should have at least basic knowledge of networking, security (cryptography) and IT in general. If you have it, you know most of what's shown in chapters 5, 6 and 8 (the technical ones). Without any of them the whole book would be hard to read. Part one is about Infosec and getting the job. It starts with a chapter that tries to define InfoSec and jobs of that field. Chapter 2 shows how to search. Then comes chapter 3 about education and making your name (mailing lists, forums, conferences). All the three chapters are very US-specific, many abbreviations may be unclear for someone from outside. Part I of the book ends with chapter 4. It's about writing resume and interviews. In the resume part, a number of hints are given (you may agree with them or not), you should still check if there are special requirements in the company you're applying. Later the chapter covers interview. There are valuable fragments (like the things you should look into when you have the offer), but an advice on how to dress and how to behave is too much for me. Part II is most technical of the three. It starts with a chapter about 'laws of security'. Somebody going into security should already know most of them (maybe in a different form). It's good to have them listed, however. They have deep reasoning and you should look carefully if you really understand them. Chapter 6 shows how to build your own home lab. It discusses different OSes, hardware platforms and so on. Sometimes in too much details (example: what's in a certain software package - it takes more than a page), but many topics are not covered at all (line routers/switches). Disclosure is the topic of the next chapter. It covers all the common models, but is very theoretical and has a number of graphs and number with no info what it really means and where is it taken from. Chapter 8 is filled with a nice discussion about the classes of attacks, most of them with examples (it could be clearer what's important at the screenshots, however). Part III assumes you already have the job and now want to advance your career or improve skills. The authors try to cover many topics. The result is not very deep and shows what you should know, no matter what position you have. Chapter 9 covers basic project management (software engineering approach) with more security--related issues than there are usually in such texts, social issues (eg. when to talk and when leave your opinions to yourself) and time management. Next chapter lists ideas how to use your skills and give back (to your local community, to the InfoSec community and at your workplace). Chapter 11 covers incident response. It's about plans and security software. There are too many tools mentiones, however, and most on them are covered by one paragraph only. And finally, the last chapter covers basic things you should consider if you want to become independent consultant. Overall, it's a nice thing. It could be much better, however, after defining the target audience and required knowledge. It means covering not as many topics, but in greater detail.

Rating: 8
Product Details: "InfoSec Career Hacking: Sell Your Skillz, Not Your Soul" by Mara - posted: 12-31-2005 - Rating: ******** 8.00

Last Review by Mara - posted: 02-20-2005 02:17 PM [ Post a Review

Views: 28872

Abstract It's a good description of new PHP5. Shows its object-oriented capabilities, but it's also about databases, web programming, performance etc. In the preface the authors write that the book is for PHP programmers moving to PHP5 and that short tutorial may be enogh for people who know other high-level languages. I don't have much PHP experience, but the book was clear for me without more reading. It's definitelly NOT for people who start programming. The book starts with a short intorduction to PHP5 features. It's more a list than description, but it gives the general knowledge what's the whole thing about. Second chapter is about PHP basics. People who know PHP may want to miss it. Others should read it. If you know C, C++, probably also Java or any other high-level language it should be enough to see differences and similarities between PHP and languages you know. The next chapter describes PHP5 OO model. It's about classes, constructors and destructors, polymorphism, exceptions and other things. Differences between PHP and different popular programming languages are shown, so you won't miss them. The fifth chapter shows more about OO programming in PHP. Overloading and iterators are discussed. There's also an interesting part about design patterns. Four of them are discussed and it's shown (strategy, singleton, factory and observer) which one is best for certain situations. At this point OO description finishes. Chapter 5 shows how to write a web application using PHP. Of couse, embedding HTML and forms are discusses, but this book discusses security aspect in more details than other books about PHP I've seen. Volnurabilities and methods to handle them are shown clearly. This chapter also discusses cookies and sessions and script architecture (one script or many). Next chapter shows databases usage with PHP. MySQL, SQLite and PEAR DB interfaces are discussed in details. For me, PostgreSQL description is missing. Chapter 7 is about errors. What's described? Types of errors (inlcuding PEAR errors) are discussed in great detail. There's even a passage about portability problems. Next chapter describes XML with PHP. I must say it's enough to start using XML in your PHP programs even when you don't know about XML. It's really very valuable. Chapter 9 is less useful than the previous one for me. It describes common extensions. It's a nice reference, but very detailed and hard if you want to simply read it and not dig for specific info. In chapter 10 you'll finally learn what's PEAR. The term is often used in the book, but not explained before this chapter (or I've just missed it). The chapter is about installation and configuration of PEAR installer in different configurations (UNIX/Linux and Windows). Next chapter dicusses popular PEAR packages: templates, authentication, form handling. It's rather useful. Chapter 12 tells you all you want to know about building and releasing your PEAR package. It covers also coding standards. Very useful chapter if you plan to write your own package. Next chapter shows the differences between PHP 4 and PHP 5, so it's for people who want to port their apps. Then there comes the chapter I like very much - performance. Design, queries caches, benchmarking and profiling is discusses. Then comes another very valuable part of the book - about PHP extension and writing them in C. Lots of useful info. Last chapter describes PHP shell scripting. Then there's appendix with PEAR and PECL package index - not very useful, as it's rather an index that should be on a CD or online and takes nearly 100 pages, so it's hard to find one interesting package. There's also decription of Zend Studio and code for 90-day trial version. But the book is a little too much pro-Zend Studio for me. At the end of book there's nice index. The language used is rather clear, all terms are explained when needed, but the number of abbreviations is overwhelming at times. Examples are short and to the point. Not yet another online store. That's a big plus. Overall, it's a good book and should be very useful for both programmers moving their apps from PHP4 to PHP5 and those who program in different languages and want to try PHP and all it new features.

Rating: 9
Product Details: "PHP 5 Power Programming" by Mara - posted: 11-23-2004 - Rating: ********* 9.00

Last Review by Mara - posted: 06-14-2004 05:02 PM [ Post a Review

Views: 26720

Abstract: Overall, it's a good book. It shows many configuration file examples you can simply implement in your network. In fact it's not a Samba book - it's rather a book about networking solution using Samba (CUPS, DHCP, OpenLDAP and Bind configuration is also discussed). Let mi first write who is this book for. It's rather not for a person who'd like to just share files between two machines. Solution for such a configuration can be found, but the book is about something else. It's rather about big networks. It may be also hard to read for someone with no networking knowledge (need to know something about: IP addresses, UDP, routing). If you're not using RedHat or SuSE, you need to know how to install software in your distribution and how to find what you need to install. The author shows step-by-step installation instructions for RH or SuSE (depending on the chapter), but nothing about compiling from source. The book starts from an interesting (but a bit out of place) chapter showing raw network traffic when using Samba (may be really hard to read for someone who doesn't know what's IP, UDP and broadcast). Then a simple configuration (filesharing, anonymous and with passwords, with printer access) is shown. In third chapter there's about Samba with DHCP, 4th one adds DNSes and so on. The books ends with a network for hundreds of users using Samba with LDAP and Kerberos. Many people may find the chapter about NT4 to Samba migration useful. Every chapter has a clear structure. After a short passage showing what will be covered, a problem is presented. The whole book uses an example of a growing company (too big growth, probably not to be found in the real life ;-) ). The author shows a number of user the configuration will work for. Other limitations (not only hardware/software, but also those like: 'it has to be exactly like before') are also presented. Then a networking topology is shown, explained and discussed. I really like the discussion parts - you can learn *why* the decision was made this way. After the discussion, implementation description starts. It's step-by-step. Certain parts are repeated in more than one chapter, but I think it's a good thing - the book can work as a reference when you just want a working configuration fast. All configuration files are also available on a CD-ROM. For me it's also nice that client (Windows client) configuration is described in detail. At the end of most chapters you can find a short summary ('Key Points Learned') and a FAQ. I really like the approach, it's not a 'describe-every-option' type of book. If an option is important for the solution presented - it's explained. But the book is more about Samba-based solutions. It shows Samba configuration, but not in a wider context. Example: using Samba for Squid authentication. There are also small, nice things like (probably off-topic) short discussion about DHCP and static IPs, bandwith discussion when talking about roaming profiles. There are many more. Of course, not everything is perfect. I don't like the quality of networking topologies (and also other schemes) quality. What's interesting is that screenshots look well. The second thing is very small. The book covers RedHat and SuSE (package installation part). The author explains his decision and I understand the reasons. It's probably a good way to make the installation/configuration easier for people with not big Linux experience (package names and commands used to install them are shown). But I still don't like it. As the author clearly states, the book is not about security. So the solutions are not as secure as they could be. You need to make them better on your own. But the decision is fully understandable for me. It's long (more than 300 pages) book and with secure solutions it would be much longer (and probably harder to read). To sum up, it's a good book. I've learned many things and will for sure make a use of it during my next Samba implementation.

Rating: 10
Product Details: "Samba-3 by Example" by iainr - posted: 04-16-2004 - Rating: ********** 9.50

Last Review by Mara - posted: 04-10-2004 06:21 PM [ Post a Review

Views: 30387

To sum up this book in one sentence: 'if you want someone's password, it's easiest to phone and ask for it'. It shows many situatins that can happen in every company allowing an attacker to get access to files, network etc with 'help' of people working in the company. Techniques are presened that help the attacker to prentend he/she is someone from 'inside' and ask for informations that shouldn't get outside. Well written, good examples but I became a bit bored near the end - all the techniques are very similar to each other. The book makes you aware about the problem, but there's not enough about protection against such attacks, IMHO (the chapter about procedures is too short for me).

Rating: 8
Product Details: "The Art of Deception: Controlling the Human Element of Security" by Astro - posted: 03-12-2004 - Rating: ******** 8.00

Last Review by Mara - posted: 04-10-2004 06:10 PM [ Post a Review

Views: 88377

Nice book, telling much about Linus and his view on Linux. If you're searching for a book that describes WHY everything happened, that's not the right book for you. If you'd like to know more about Linus and why he started writing what was later called Linux and have a good time, read it. What may be annoying for some people, narration goes back and forth, but years are mentioned. Warning: there are serious mistakes like calling Apache a disto.

Rating: 8
Product Details: "Just for Fun" by jeremy - posted: 02-06-2004 - Rating: ******** 7.75


All times are GMT -5. The time now is 11:27 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration