Michael W. Lucas has two bits of mostly-BSD-centric publishing news. One is that a physical version of his DNSSEC Mastery book is now available through Amazon.
The other bit is that, having just released an Absolute OpenBSD update, his Absolute FreeBSD book will not see an update… until the FreeBSD installer gets more coherent.
(If you manage DNS in any fashion, buy DNSSEC Mastery.)
Michael W. Lucas recently wrote and self-published a new book, DNSSEC Mastery. He asked me to review it, and I’ve been reading it in bits and starts over the past few very busy weeks.
First, the background: If you’re not familiar with the acronym, it’s a method of securing DNS information so that you can trust that domain name information is actually from the machine that’s supposed to provide it. DNS information is basic to Internet operation, but it traditionally has been provided without any mechanisms to deal with misinformation or malicious use. This seems to happen with protocols that have been around for many years, as any mail administrator can tell you…
In any case, ‘DNS poisoning’ (or as Wikipedia calls it, ‘DNS Spoofing‘) attacks such a basic part of how the Internet works that it will completely bypass any security methods that assume name information is correct. DNSSEC is a way to deal with that. It introduces public-key encryption into the process of sharing and updating DNS information. The idea has been around for a while, but it’s only been completely implemented recently.
DNSSEC Mastery goes over this history, and through the setup required to get (recent) BIND working with DNSSEC. Lucas seems to be starting a series of ‘Mastery’ books, where he covers all the territory around a specific topic. This one, like his previous title, is exactly what it says. As long as you have some existing clue around zone files and DNS, the book will take you from no DNSSEC at all to fully implemented in less than 100 pages. (well, at least in the PDF version, but that gives you an idea of the size.)
Use it to learn, or use it as a quick reference – either way will work. If you have any DNS server(s) to manage, you’re the target audience. I expect DNS without these security extensions will go the way of telnet vs. ssh.
A book covering things like new encrypted hash zone record types is going to be a bit dry, but there’s an appropriate sprinkling of humor through the book. I’ve reviewed other Lucas books before, and I’ve got another on my plate right now, but this is the same: there’s plenty of funny to make the lessons go down easier.
DNSSEC Mastery: Securing the Domain Name System with BIND is available on Amazon, Barnes & Noble, Smashwords, and his self-publishing site. Also see Peter N. M. Hansteen’s review of the book.
As seen on Author Michael W. Lucas’s blog: Absolute OpenBSD 2nd edition is 50% off in a sort of ‘flash deal’. Grab it today if you are interested, cause I think it’s only for today.
Ivan Uemlianin expressed a desire to read about the boot process, and how BSD works in general. I made a short list of suggestions.
Michael W. Lucas posted about his results selling an early edition of his recent DNSSEC book through Leanpub. He lays out all the numbers in detail, the sort of thing I love to see. The idea of self-publishing and open source go hand in hand, but the idea of that selling is often talked about in speculative terms rather than concrete. He’s now opening his own direct sales store, which hopefully means more direct BSD material.
If you are a BSD Magazine subscriber (meaning you provided your email to download a free issue), you can get a 20% discount on a security e-book from Craig Wright. As the promtional email said, ‘Write to editors@bsdmag.org with “BSD ebook” in the title of message to get the special code’. I have no idea of the contents; just the existence of the sale.
Michael W. Lucas has announced his next two books are coming out in April: Absolute OpenBSD 2nd Edition, from No Starch Press, and DNSSEC Mastery, self published.
Michael W. Lucas needs people who know DNSSEC, BIND, have some time, and are willing to criticize him. He’s finished his first draft of DNSSEC Mastery, and needs reviewers.
Or is it ‘statii’? English is wonderfully inconsistent. Anyway, Michael W. Lucas has posted an update on his two upcoming publications: the second edition of Absolute OpenBSD and DNSSEC Mastery. Both are in progress, and you can download the ‘pre-release’ version of DNSSEC Mastery now.
No theme evolved this week, but that’s OK.
Your unrelated link of the week: MeTube: August sings Carmen ‘Habanera’. Might be NSFW, probably will make you mildly confused or uncomfortable. Here’s the ‘making of’ video which is all in German, I think. If that’s too much, try a recent Cyriak-animated video. I never thought I’d recommend a Cyriak video as the less disturbing thing to watch.
Michael W. Lucas is working on a DNSSEC book that he’s self-publishing, similar to SSH Mastery. He’s making an early draft available for purchase, at a discount. You get access to the updates, so you effectively get the book for less, plus you can offer feedback before the publishing date.
This is a familiar concept for software, where early purchasers get access to a ‘beta’ version of software for testing… It’ll be interesting to see how it works for a book.
Whee!
Your unrelated comics link of the week: Kyle Baker comics, available as PDFs for free. Go, read.
Michael W. Lucas has a coupon code for his new edition of Absolute OpenBSD, so jump on it now. I haven’t read his first edition, but his other books are certainly good.
Michael W. Lucas announced his next book will be about DNSSec, which is good. It’s also self-published, which I like to see. I don’t know if it necessarily makes him more money, but I like to see more exploration of this new way of publishing.
If you look at his announcement, there’s a link to something else: vendor-free SSL certificates. These are possible? That’s one of those things I didn’t even realize I wanted; having to deal with a certification authority is annoying.
Michael Lucas’s worthwhile book, SSH Mastery, is currently having one of those sudden price cuts on Amazon – for the paperback version, about 25%. Now it a good time to nab it before the price bounces back up.
This is the version that the OpenBSD Project is selling, so the profit goes to the people who made OpenSSH. It’s an excellent idea.
I’ve reviewed Michael Lucas’s book here before, so when he offered a chance to read his newest, SSH Mastery, I jumped at the chance. Michael Lucas has published a number of technical books through No Starch Press, and started wondering out loud about self-publishing. This is, I think, his first self-published technical volume.
It’s a very straightforward book. The introduction opens with a promise not to waste space showing how to compile OpenSSH in text. Chapter 2 ends with the sentence, “Now that you understand how SSH encryption works, leave the encryption settings alone.” This stripping-down of the usual tech-book explanations gives it the immediacy of extended documentation on the Internet. Not the multipage how-to articles used as vehicles for advertising, but an in-depth presentation from someone who used OpenSSH to do a number of things, and paid attention while doing it.
It’s a fun read, and there’s a good chance it covers an aspect of SSH that you didn’t know. In my case, it’s the ability to attach a command to a public key used for login. It even covers complex-but-oh-so-useful VPN setups via SSH.
If you’re looking for philosophical reasons to buy it, how about the lack of DRM?
The physical version is not available yet, but the electronic version is available at Amazon (Kindle), Barnes & Noble (Nook), or from Smashwords (every other format ever, including .txt). The Smashwords variety of formats means that you’ll be able to read it on your phone, one way or another; I’d like to see more books that way in the future.
I received an em
ail from No Starch Press about reviewing this book, and my first reaction was to say no. I assumed this was essentially a book about using Bash, and therefore probably not useful to people reading the Digest.
I read it despite my knee-jerk reaction, and I didn’t need to reject it so suddenly. Almost all of the book will apply to any Unix-like system.
My first real experience with something that wasn’t Windows or a Mac was at a summer job during college, sitting in front of a SparcStation 5 editing files and processing data for real estate. Much of my muscle memory about vi and file manipulation dates from then. This book, even though it’s technically for a different operating system, would have been just what I needed. There’s no system administration in the book, just making your way around a filesystem and the tools you need to get results. It’s the kind of skills I think people lose out on when they boot to a graphical interface in Ubuntu, for example, and then never experience these tools.
Negatives: a few areas won’t be of use to most BSD users, like the section on packaging, or the bash-centric instructions in the shell programming area. There’s the occasional off comment, like that OpenSSH originates from “the BSD project”. There’s surprisingly little of this however, and I had to think a bit to write this negative paragraph.
Positives: The book puts the proper focus on some complex but rewarding aspects of command line use, like using vi (alright, vim) and understanding regular expressions. Much of what it covers is the same material I’ve learned to use over time, and explained to others.
There’s clearly two areas to the book; the first half is about using the command line to accomplish work, and the second is about shell programming. Making it at least through the first half will result in being able to work at a prompt with little issue, with the shell programming a nice bonus. It’s not the normal mix of admin tasks and introductory text; it’s about working at the command line. I imagine giving it to new software testers in a lab, or to a Windows user that has to deal with the occasional unfamiliar environment. There isn’t an equivalent BSD-centric book like this, so it wouldn’t hurt a BSD user, either.
It’s available now at the No Starch website.
Background: You may remember some time ago, I posted a review of Michael Lucas’s Network Flow Analysis. He’s written several BSD books and so I figured it was worth reading further, knowing that this network-specific book would be BSD-friendly. Also, he made it easier by sending me a copy.
No Starch Press, the company that published all the books linked in the previous paragraph, asked if I’d read/review another book from them. This would be Practical Packet Analysis, 2nd edition. (Review continues after the break…)
Michael Lucas sent me a copy of his newest book, Network Flow Analysis, on the grounds that I read it and write what I thought. While book reviews aren’t usual fare for this site, it’s appealing to write something different from my usual brief summaries.
(more after the jump…)
Dru Lavigne’s excellent book ‘BSD Hacks’ is available at Scribd, and a chunk of it is readable through the preview at that site. A good chunk of what’s in there applies to DragonFly.
My copy is sitting on the shelf near by, inbetween ‘Perl Best Practices‘ and ‘The Mythical Man-Month‘.
Dru Lavigne has a review of The Book of PF up. PF, for those late to the party, is the stateful packet filter that originated in OpenBSD but is also used in DragonFly.
Undeadly.org has a review of “The OpenBSD Packet Filter Book“, which is Jeremy C. Reed’s version of the PF FAQ and other material, in printed form. It’s available through Lulu.com print-on-demand. DragonFly is mentioned in there, as we (along with I think pretty much every other BSD) also use PF.
