The high-end books published by Cisco Press are usually pretty good, but every now and then they manage to produce a masterpiece that has all the potential to become a legend. The “IPv6 Security” book by Scott Hogg and Eric Vyncke is definitely in this category and is a must-read for anyone who plans to deploy IPv6 in the future (that should include around 100% of the network engineers).
What I liked most about the book is the fine long-lost tradition of teaching the technology, its inner workings and relevant details before jumping to boxes or configuration commands. Even if you know enough IPv6 to pass the CCIE written test, you can still learn a lot about how it works, the internal packet structures, the design decisions and the inherent protocol vulnerabilities. Contrary to some other security books that look like a feature list from a Request for Proposal, this one manages to establish a delicate balance between technology description, vulnerability demonstrations and well-documented router configurations. The only problem I had with router configurations included in this book is that they tend to be long and complex, but that’s definitely a Cisco IOS problem, not a fault of the authors.
The other amazing feature is the book’s lack of Cisco-centrism. While it does cover only Cisco’s equipment on the network side (which is understandable), it also provides a thorough coverage of host operating systems and descriptions of a plethora of public-domain tools that can be used to hack, probe or protect IPv6 hosts or networks.
Most books reveal to a careful reader the tug-of-war struggle between the author and external (usually product marketing-driven) forces. Yet again, this book is an exception. There are no “extra” features, the coverage is consistent and the level of detail doesn’t fade as you get closer to the last chapters. The topics covered by the book are included because they are needed, not because someone wanted to sell his favorite features.
It doesn’t make sense for this review to describe each individual chapter in detail; you can always get the table of contents on Amazon.com. Let me just conclude by saying that this book will get a place of honor on my bookshelf.