Robert Bruen's review of "E-Mail Virus Protection Handbook" by Brian Bagnall, Chris Broomes and Ryan Russell. Syngress 2000. IEEE Cipher, E41 February 20, 2001."

E-Mail Virus Protection Handbook
by Brian Bagnall, Chris Broomes, and Ryan Russell
Syngress 2000
476 pages, index, appendix
ISBN 1-918994-23-7. $39.95

Reviewed by Robert Bruen February 14, 2001

Given the recent growth in virus problems, Melissa, I Love You and the Anna Kournikova picture, for example, I suspect that more people ought to have been reading the E-Mail Virus Protection Handbook. This book is comprehensive in its approach, explaining the background to each topic in clear enough terms for the average user who will read it. A Microsoft bias shows through the text, but Unix is addressed. This is appropriate given the number of MS related virus attacks vs. Unix related attacks, in spite of Ramen attacking Linux boxes.

The first chapter does a good job explaining the basics, covering worms and viruses, trojans, spamming and the early history starting with the 1989 Morris Worm. Since this is a new book, chapter two is devoted to securing Outlook 2000. Since I have occasion to use Outlook 2000, I experimented with the suggestions for securing it. The suggestions were on target, as were the suggestions they made to increase the user awareness on how to approach implementing the suggestions. I find that MS explanations are generally incomplete, so it was helpful to know what the settings actually do. Chapter three covers Outlook Express 5.0 and Eudora 4.3 in the same manner. PGP recommended in both chapters, along with a brief introduction to public key encryption.

The next chapter deals with web based mail, unfortunately the book was published before the layers problem was publicized, making the chapter a bit dated as soon as it hit the streets. Nevertheless, issues such as cookies, the old PHF bug and SSL are well presented. Sniffers are explained with example HTTP packets and several sniffers are mentioned. Web based mail is very popular, but many users do not seem to understand the dangers involved. This chapter would be useful for them.

"Client-Side AntiVirus Applications" is a very useful chapter because the authors do a little consumer reports style writing. I especially liked the registry key and configuration settings changes that each produces when installed. The following chapter covers mobile code, the code that travels within the body of the mail, not an attachment. It could also be that the code resides somewhere else with just the reference to it within the email, probably Active-X controls or Java applets. Executable code connected in any way with email is a serious danger to your machine. The convenience of cool, dynamic email needs to be carefully weighed against that cool email deleting all your files.

Firewalls are no longer new technologies, but personal firewalls are still growing in popularity, which makes chapter seven another helpful review of several products, free and otherwise. Although firewalls do no solve all our security problems, they are an important part of a complete package to protect you and your PC from those who lower moral standards than you. Some of the products covered are BlackICE, eSafe and Norton Personal Firewall. Firewalls these days do more than filter packets, some do content filtering and include anti-virus capabilities.

The rest of the book is geared towards servers, Exchange Server, 2000 Advanced Server and even RedHat Linux 6.2. The Linux section is real limited and placed in relation to 2000 Advanced Server.

Overall, the book is well constructed with useful technical information that should be understandable by average users. It is one of the better books I have seen on the the topic, which is clearly important today. I recommend reading it if you think you need to learn more about protecting yourself from email, and who doesn't.