Rating: 

On the Windows front, the authors fail to provide any substantial documentation (a few screen shots might have been nice) showing how to enable and use WEP (which they correctly recommend in spite of its flaws). The entire section devoted to securing a Windows workstation is only three pages long! I know that general topic O'Reilly titles favor the *NIX world but this is really an imbalance, especially given the number of Windows desktops and laptops out there.

On the SSH front, a scant two pages (seven paragraphs) are devoted to what is arguably one of the cheapest and most effective ways to secure TCP application data - Secure Shell port forwarding. The authors write:

"This (port forwarding) can be useful for accessing one particular service, but is not practical for tunneling many different types of traffic."

Not so. There are a variety of tools, especially on the Windows and Mac OS X platforms that make it extremely easy to configure multiple port forward assignments that are automatically invoked after login and authentication. As I said above, I'm certainly biased on this note... my company makes two clients for the Windows platform that make this a "set-it-and-forget-it" proposition. I forward IMAP, SMTP, a mail pooling application, a corporate calendar, and a bug tracking application all day, every day. Using WiFi both at work and at home (over a cable connection), I have no worries about any of may data being intercepted and/or mangled.

SSH provides a high degree of interoperability between platforms, open source, freeware, and commercial clients and servers, and a high degree of ubiquity compared to other protocols offering the same security (OpenSSH ships with virtually every Linux distribution, Mac OS X, and Solaris). I'd really like to see a few more pages devoted to this topic (including SSL which is given equally brief discussion) in the next edition of this book.