![[UKUUG Logo]](/images/ukuug.gif)
Copyright © 1995-2004 UKUUG Ltd
Copyright © 1995-2004 UKUUG Ltd ![[Back]](/images/back.gif)
Despite the great success of the Apache
web server, relatively few books about it
have been published. This one, written by
one of the program's developers, therefore
has the advantage of scarcity as well as
authority. For many readers, Apache will
be their first web server so the first chapter
describes what the program does, how to
obtain it, and how to compile it. The
CD-ROM contains two versions of the
program (1.1 and 1.2beta) which are
suitable for experimentation. However the
authors recommend that anyone running a
live web site should take time to obtain the
latest release from the Internet. This is
good advice, as both of the versions on the
CD have bugs which have since been
fixed.
Compiling Apache is usually
straightforward, so the next stage is to
configure the program. A web server is
best developed in stages, and this is the
approach taken by the book. A series of
complete web sites is described (and
included on the CD) with each one
introducing a few new facilities. The
configuration files are printed and
discussed, but would be clearer if the new
lines added at each stage were highlighted
in some way. Each section closes with
brief definitions of the new configuration
directives which have been used; this
material is similar to the reference web
pages provided with the Apache server
distribution. These tutorial chapters guide
the novice webmaster from the simplest
possible web server, through setting up
multiple virtual web sites, controlling
access to pages, and publishing dynamic
information using server side includes,
indexes, CGI scripts and content
negotiation. There are also sections on
redirection and Apache's proxy server,
though these are too brief to be useful to
anyone who is not already familiar with
these functions. Progress is generally
smooth except for the appearance of
passwords in the access control section
before they have been described.
Apache includes several additional modules as well as the basic server. Two modules which provide information about the server's operation and status are described in detail in the book; there is also a brief catalogue of others, which were available at the time of printing. More modules are likely to be developed, since Apache has a programming interface to which suitable C subroutines may be added. This interface is described in two chapters and illustrated
by an example of a debugging module.
This should be of considerable use to
programmers who want to extend the
functionality of their server, but is not for
the faint of heart.
The final chapters cover security and
contain a good introduction to the
possibilities and risks. There are also clear
instructions for adding Secure Sockets
Layer (SSL) support to the server: this
cannot be included in the standard
distribution without breaking US export
restrictions.
The instructions for testing web servers
make some assumptions about the user's
environment which may cause confusion.
The most important of these is that the
server is run with the FreeBSD operating
system. Anyone who is using some other
flavour of UNIX should either be familiar
with it, or else have a friend on hand who
is. The book is also very keen to get a
server up and running, before discussing
the security implications. It might be safer
to carry out early experiments on a
machine disconnected from the Internet, to
avoid the possibility of hacking.
This would certainly be a useful book for
anyone learning about the Apache web
server, as it gives a good introduction to
most of the program's facilities.
Programmers developing additional
modules for the server should also find it
very helpful. Existing webmasters may be
disappointed to find little information,
either about converting from other server
programs, or the daily administration of a
site.
The reference material is scattered through
the book and is very similar to the on-line
documentation. It also omits at least one
useful directive (
ErrorDocument
), which
should not happen in a definitive guide.
Andrew Cormack works in Information Systems
Support at the University of
Wales, Cardiff.
ATM – the very sight of the initials are
enough to bring most people out in a cold
sweat! This book will do nothing to
change this as it helps perpetuate the
commonly held belief that you need a
brain the size of a small planet to 'do
ATM'. This is no “Dummies Guide to
ATM” – it is a serious book in serious
typefaces with serious looking diagrams.
The main problem lies in the title. You are
led to believe that finally here is a book
that will deal with a technology that is
quite different from the collision-based
Ethernet from an operational viewpoint,
but this is not the case.
There is the standard introduction to the
history of ATM followed by a clear
breakdown of the cell architecture.
After a chapter that asks what we might
want to be able to manage, it tells us what
management information the respective
packets within ATM carry. This is
repeated for performance, accounting, and
security.
The deployment chapters do deliver some
light relief, with the chapter on VLAN
implementation likely to deliver a familiar
note to operational staff.
Overall the book is too dry, too general,
asks too many questions of the reader, and
there are far too many references to the
authors' own publications in the
bibliographies. This book would not have
greatly helped our ATM customers before
or after they made their leap to ATM.
Raza Rizvi (
raza.rizvi@red.net
) is technical
support manager at REDNET, a very busy network
integration company and medium sized ISP. He is
still recruiting networking staff so that he can have
the odd day off sometime.
(Reviewed by Roger Mitton)
It is some measure of the success of the
World Wide Web that facilities which
seemed amazing just a few years ago –
viewing pages of text from computers all
over the world at the click of a mouse –
are now taken for granted. The providers
of web pages are tiring of displaying static
pages of text and want to incorporate
interactive features, taking input from the
user and generating tailor-made output on
the fly. This changes the metaphor. The
web site is not so much a page, more a
gateway. The web server needs to
communicate with other programs at the
server site, passing on the users' input on
the one hand and passing back the
programs' output on the other. Hence the
Common Gateway Interface.
If you were designing, from scratch, a
system to do this, I doubt if you would
come up with CGI. It is not a new system.
It is rather a bundle of facilities tacked on
to an old system to get it to do this new
job.
So there's not much structure to it; it's
more like a bag of tricks. Programming
tricks. You need to be a programmer with
a taste for backslashes and curly brackets
or you won't get far.
Given that the subject matter is a bit of a
mullock, the author has done a good job of
presenting it in a reasonably orderly way.
Early chapters cover getting data in and
out of a CGI program. (A CGI program is
one that uses CGI; CGI is not a
programming language. CGI programs are
written in a standard programming
language – the ones in this book are
written in Perl.) There is good coverage of
forms and hypermedia and more advanced
applications such as generating a pie chart
and interrogating a relational database.
The book is written with enthusiasm and clarity, and the editing and presentation are excellent. It is liberally sprinkled with examples – great if you know Perl, rather heavy-going if you don't. I don't know
enough about CGI to say if he's covered
everything but it looks pretty thorough to
me. It's not a light read but if you want to
get to grips with CGI, I'd recommend it.
Roger Mitton is a lecturer in the Department of
Computer Science, Birkbeck College, University of
London.
Right from the outset, this book reminds
me somewhat of Adrian Cockcroft's “Sun
Performance and Tuning” – similar topic,
and obligitary “fast car” graphic on the
front cover!
The book aims to help systems
administrators through the sometimes mind
boggling tasks of optimising existing
Solaris systems, or planning new ones. As
well as the expected formulae and
performance graphs, the book is refreshing
in its use of excellent case studies. These
include sections covering typical Solaris
installations for the Internet (showing
typical configurations as Mail, WWW,
DNS, News servers, etc), NFS, Database
and Application server environments.
The second half of the text provides
detailed technical material on a variety of
subjects related to configuration planning
in real-world environments. Versions of
Solaris from 1.x to 2.5.1 are covered, with
a whole chapter put aside to explain the
added “features” available in Solaris 2.x.
However, because this section covers
industry-standards, such as SCSI and
RAID, it is not necessarly specific to Sun
products.
I found the book easy to pick up and read,
although it's the sort of book you would
refer to, rather than read from cover to
cover. The examples and case studies are
well presented, and most systems
administrators would find at least one
section of relevance in their particular
environment. I feel that the book would
be especially useful if you are trying to
specify a system for a pre-defined number
of users/processes. The only real downfall
of the book, as with all technical
references, is that it will start to go out of
date as soon as new versions of Solaris are
released.
Elliott Atkins is the UNIX Systems Administrator for
REDNET, an Internet Provider and Network
Integrator based in High Wycombe. He drinks coffee,
white, with one sugar.
All of us who use the Internet make use of the Domain Name System (DNS), most without realising it, to translate from names to addresses and vice versa. DNS and BIND provides a full description of both the DNS and BIND (Berkeley Internet Name Domain) the most frequently used implementation of DNS Server software. The book deals with version 4.9.4 of BIND
but mentions the earlier versions 4.9.3 and
4.8.3 where necessary.
The front cover states 'Help for System
Administrators', but the book provides help
for more than just system administrators.
The initial chapters give general
background information on the history and
theory of the DNS which, together with a
later chapter on '
nslookup
' the tool for
interrogating the DNS, are of use to
anyone who uses the Internet, (I wish I
could get all our users to read at least this
much). Other chapters are aimed at
Postmasters, Programmers and of course
systems administrators. To aid the reader
in finding the sections most relevant to
them the authors have provided an
excellent roadmap in the preface section.
Having explained how the DNS works in
the first two chapters the authors work
through choosing a domain name, getting
the BIND software and setting up your
first server in the next two chapters. For
those who wish to compile BIND from
source there is an appendix giving details
of how this is done on a Sun. This is also
where the reader is introduced to Movie
University the fictitious college the authors
use in examples throughout the book. This
helps to pull things together giving the
reader a better picture of how the DNS &
BIND work.
With the server set up, chapters five and
six show how MX (Mail Exchanger)
records are used to route electronic mail
and how to configure a host's BIND
resolver, the software libraries responsible
for querying the DNS on behalf of
application programs. This chapter also
includes notes on the idiosyncrasies of
some versions of UNIX (SunOS 4.x,
Solaris 2.x, HP-UX and IBM AIX) and
Windows 95 and NT (a beta version of 4.0
?) also get a mention.
Chapters seven and eight move the focus
back to the server dealing with periodic
maintenance to keep things running
smoothly, how many servers are enough,
how to add new servers and how to plan
for and cope with a disaster.
Parenting, the creation of subdomains and
the delegation of authority for that part of
the DNS to the child (subdomain) has a
chapter (nine) devoted to it. This chapter
should be a must for all system
administrators because of the trouble
incorrect or broken delegation can cause.
Advanced features and security are dealt
with in chapter 10. This chapter only
applies to BIND 4.9.3 and 4.9.4. The
advanced features such as multihomed
hosts and load sharing are probably only of
interest to a few, whilst the security
features such as restricting/controlling who
may take copies of your DNS data, zone
transfers, will be of interest to a wider
audience.
As mentioned earlier
nslookup,
the tool
for interrogating the DNS, gets a chapter
(11) to its self. This goes into quite some
detail, showing the reader how to carry out
both common tasks, such as name to
address and MX lookups; and less common
tasks, such as turning debug mode on to
see query and responses.
Should you need to, chapter 12 shows you
how to turn on debugging on the BIND
server and how to read the output
produced. Chapter 13, Trouble Shooting
DNS and BIND, pulls together what has
been shown in the last two chapters to
show how to diagnose some real world
problems the reader might encounter.
For those who like to or find they have to,
chapter 14 looks at programming, shell
with
nslookup
and C with the resolver
library routines. The chapter includes a
number of examples which, to save the
reader having to type in, can be
downloaded from
ftp.uu.net
or
ftp.ora.com
along with other tools
written in Perl. Finally, chapter 15 ties up
the loose ends looking at special cases
such as wild card entries and working
through a firewall.
Overall the book is nicely presented
making it pleasant to read. If it has any
disadvantages it is the one that afflicts all
computing books: namely that the
software version on which the book is
based has been superseded. In fact, in the
case of BIND, version 4.9.x is now
deprecated other than for security patches
and the most up to date version is now
version 8.x. Don't let this put you off
though; if you want to learn about the
DNS and BIND this book is highly
recommended.
Huw Gulliver is a member of the Service
Communications Group at Computing Centre,
University of Wales, Cardiff.
(Reviewed by Chris Cook)
(The CD-ROM contains a complete set of
Free Software Foundation tools, with
binaries supplied by Cygnus Support Inc.)
There is little doubt that the Free Software
Foundation's GNU project has made a
significant contribution to the availability
of high-quality, publicly available software.
In providing a good standard across
platforms, it facilitates far easier porting of
software between differing operating
systems. That significance has become
even greater as vendors unbundle their own
compilers, making it an expensive pastime
if you just need to compile the occasional
binary, or as they point out, if you are a
student or home user.
This nutshell book aims to introduce the
experienced (principally C/C++)
programmer to the GNU development tools
in a UNIX environment. It also tries to act
as emissary to the corporate world where
free products can often be instantly
dismissed as being amateur, second class
and unsupported. It begins by describing
the FSF's philosophy and comparing it
with the different levels of “free” software.
It also tries to dispel the myth that the use
of free software, even under one of the
GNU licences, implies the inability to
charge for any piece of software produced
by it. There are good words put in for the
contributors to the included CD-ROM,
Cygnus Support Inc. and Cyclic Software,
two companies that have answered
corporate fears that no price means
valueless, by providing professional quality
support contracts to institutions.
The main thrust of the book is the creation,
compilation, tuning and debugging of
programs using GNU tools. To ease the
progress of the novice who might have
come from a non-UNIX fiefdom, it begins
with an introduction to the operating
system. Starting with logging in (and out,
I'm glad to say), it conveys adequately all
the usual details about how to run
commands, their flags, the filesystem
structure and permissions. It is perhaps
more succinct than many similar primers,
but with justification as the audience can
be assumed to already be reasonably
computer literate and able to quickly
assimilate these facts. It goes on to cover
topics more appropriate for the future
“power user” – redirection, pipes, job
control, shell programming and
customisation.
Chapter three covers source code creation
and manipulation using that old stalwart,
Emacs. This is an editor that I have never
much liked; this chapter left me feeling
what a shame it was that I hadn't thrown
my lot in with Emacs all those years ago,
as at least by now my main reluctance to
learn it, all those funny control sequences,
would have been overcome.
They do a good job of easing the reader
into Emacs' peculiar way of doing things,
balancing the idiosyncrasies with the
simple power of the animal. After the
basics of text entry and manipulation, they
cover the features most useful to a
programmer, automatic formatting,
multiple portholes in a non-windowing
environment, and multi-file source code
tags.
Chapter four describes the GNU C
compiler,
gcc
. The command line options
of major importance are explained, with
brief individual sections devoted to
constant definition and the all important
library flags. The interrelation between the
pre-processor, compiler, assembler and
linker is discussed, along with the output
filenames at the various stages of the
process. The use of the assembler and
linker are described and the topics of
cross-compilation and embedded systems
are touched upon.
In the next chapter, the book transcends
one of its stated limitations, by actually
giving some C tuition. This is fair, and
perhaps necessary, as the subjects covered,
time structures, signal handling and error
handling, are likely to be new and
unsuspected by many experienced
programmers coming from other operating
systems. They finish this section by
revisiting the subject of programming for
embedded systems, giving advice on
prototyping for them, and reinforcing the
book's view that these tools are as much
for commercial applications as for
geek-ware.
Surprisingly, the chapters on debugging
and profiling straddle two more on Make
and source code management. I would
have expected these two to be more closely
entwined as a debugger is as useful a tool
for a working program as for a broken one.
The versatility and power of
gdb
and
gprof
are explored at length, enabling the
reader to quickly trace problems as well as
performance bottlenecks in an application.
There is advice on which options are likely
to slow a program intolerably and
suggestions of how to work around the
problem.
Bar the chapter on profiling and the
various appendices describing the Cygnus
Support, the CD-ROM contents, data
representation and the GPL, the book
closes with a couple of chapters on source
code maintenance. I got the feeling that
the section on RCS may have been lifted
from another text; a recycling practise
which I'm not against as long as lame
references are tidied up. Nevertheless, the
chapters on code compilation and
management are typically practical with a
warning printed that whilst it is trivial to
circumvent RCS safeguards using standard
shell commands, such clever-dicks may as
well not use it at all.
The book could only ever be an
introduction to its subject matter but in
each short chapter, it manages to take the
reader quite far into the topic without
marooning the reader out of their depth.
Whilst the back cover claim to turn the
reader into a power user is a little
ambitious, the text is littered with
suggestions for further reading and there is
plenty of detail to whet the appetite. Once
again, the CD-ROM clearly adds a good
deal to the price, but I concede that at least
it overcomes for some people the
chicken-and-egg problem of how to
compile a compiler when you have no
compiler. I would strongly recommend
this book to professional and amateur
programmers alike.
Chris Cook is the Postmaster and a System
Administrator at Cardiff University.
(Reviewed by Michael Jorgenson)
This book contains a very detailed
description of ATM and how it can be
integrated with legacy LAN technologies.
Before I started reading it my knowledge
of ATM was restricted to “fast hardware
switching of small data packets” with no
knowledge of any of the protocols
associated with ATM – now I understand
much more.
The book uses very technical language that
is littered with abbreviations. Fortunately
there is an extensive (and well thumbed)
glossary at the back of the book. The
authors also provide many clear diagrams
that are useful in explaining the more
complicated aspects.
This book builds on (and expects) a detailed knowledge of “legacy” LAN technology and the seven layer OSI model. This is described very briefly in
the first chapter, which also provides a
concise introduction to ATM. The next
chapters cover the integration of ATM and
legacy LANs, with LAN emulation (Lane)
and multi-protocol over ATM (Mpoa).
Later chapters build on this information
and cover frame relay integration, IP
support, IPv6 and switched virtual
networks. Many appendices include very
detailed specifications for ATM protocols.
The introductory chapter begins by
highlighting the size of problem that ATM
was designed to resolve. Ever-increasing
numbers of networks and ever-faster
networks need greater bandwidth at
network interconnection devices, and as the
data throughput increases, so the time to
process each packet of data decreases.
Fixed size data packets permit hardware
switching which is faster than routing the
data through a processor. This is
equivalent to (network) layer 3 and (data-
link) layer 2 in legacy LANs. ATM is
presented as the best solution to the
problem presented, both for linking
networks and the technology for new
LANs.
The chapters on Lane and Mpoa describe
two techniques for interfacing legacy
LANs with ATM networks. Lane provides
protocols and servers that make the ATM
network appear to be a network using the
same technology as the rest of the legacy
LAN, with servers providing address
resolution services and storing
configuration information. Lane emulates
layer 2 (data-link) and so works
transparently for layer 3 (network)
protocols. The aim of Mpoa is to take full
advantage of the new features of ATM,
such as guaranteed bandwidth and latency.
At the time the book was written, version
1.0 of Mpoa was being finalised, with the
expected date of the approved specification
in April 1997. The design of Mpoa was
initially focused on IP, with support for
IPX, AppleTalk and advanced peer to peer
networking (Appn, see next paragraph)
being provided later. Mpoa allows
subnetworks to exist transparently through
the ATM cloud, so different physical parts
of the network are part of the same logical
group. Mpoa uses Lane to link to legacy
LANs.
Three of the authors are employed by
IBM, and the book was written with
assistance from many members of IBM, so
the book has a definite slant. For example,
the fourth chapter covers IBMAEs Appn,
a technology that the reviewer had never
heard of before! The special notes at the
end of the book state that IBM products
were used as the reference when writing
the book, but are not necessarily the only
products that will work in the situations
described.
This book was very informative, especially for readers who want to learn about ATM and related technologies. The reviewer found the book useful, as an introduction to ATM and the likely future course of technology integration and migration. Readers with limited experience of networks will find the book has a steep learning curve. The reviewer would therefore recommend this book to anyone with experience of legacy LAN
technology who seeks to broaden their
horizon.
Michael Jorgenson is a recent graduate of Cardiff
University of Wales, and is about to embark on a
PhD in conjunction with the Defence Evaluation &
Research Agency, studying robust network
architectures.
(Reviewed by Huw Gulliver)
This is an ambitious book covering in 16
chapters, plus an appendix, a broad
spectrum of network design areas from the
basic categories of network and network
technologies through to hardware devices
and how to use them.
The book starts off by looking at the
development of the LAN (Local Area
Network) and the ISO (International
Standards Organisation) OSI (Open
Systems Interconnection) reference model.
It then introduces the more important LAN
standards: CSMA/CD (Ethernet), Token
Ring and FDDI, and then their main
interconnection components: repeaters,
bridges and routers.
The author then shows how, using the
fictitious United Barbie Dolls company, a
network can be developed to meet the
changing needs of the company. And all
in the first two chapters.
The next four chapters take a detailed look
at bridges and bridging, covering Ethernet,
Token Ring and FDDI environments. The
last chapter of this section includes
information on the problems of bridging
between different MAC types e.g. Ethernet
to FDDI or Token Ring. This is where we
learn of the author's other interest, as the
examples all use names of places and
characters from “Asterix the Gaul”.
Chapter 7 describes what, where and how
to use LAN Switches. These can be
considered as multiport bridges in essence.
The chapter also includes some useful help
when considering a product or network
design.
The next three chapters look at router
types and function, routing protocols
including theTCP/IP family, OSI, DECnet
and Netware. And how to use routers and
routing in a structured network.
ATM comes under the microscope in
chapter 11. How ATM works, its cell
structure and LANE (LAN Emulation) are
described. This is followed by a
discussion of multiprotocol operation. The
chapter is completed with a look at the
state of development and includes a check
list for anyone considering investing in
ATM.
Virtual LANs (VLANs) are covered in the
next chapter. The author puts forward the
view that they may provide a way to
manage, in a cost effective manner, the
difficulties presented by frequent staff
moves, but that a VLAN standard has not
been produced although it is under
development. Once again, though, for
those interested in implementing this
technology a check list of
features/functions is provided.
LANs are increasingly being interconnected using Wide Area Networks (WANs); this area is covered in chapter
13. X.21 and X.25 standards are examined
first before moving onto newer standards
that offer higher capacity transmission such
as ISDN, Frame Relay and encapsulation
using the Point to Point Protocol (PPP).
Chapter 14 takes a slight departure to look
at examples of vendors' products, the chip
sets used, and how functions such as
VLANs are implemented. Whilst this is
interesting to read it will date the book in
such a rapidly changing field.
Chapter 15, entitled “Deployment and
Operation”, mainly deals with management
aspects both of the devices themselves and
network management platforms giving
some useful check lists and evaluation
criteria.
Chapter 16 compares and contrasts bridge
and router major functional differences. It
also presents the responses from five
vendors to provide a multi-protocol
backbone for an enterprise with several
locations and heterogeneous computer
systems.
The book is rounded off by Chapter 17,
which is really an appendix containing
three sections: references, directory of
manufacturers and networking
abbreviations.
For those who look after our networks,
independent guidance on structuring our
networks to meet present and future needs
can be invaluable. This book goes some
way to provide that guidance, particularly
the check lists and examples, but is let
down by a number of instances of strange
sentences “mostly of these PCs ...” which
made reading hard work at times. [
Ed: an
indication that the original was written in
German
]. The one concern is the book
was first published in 1996 by
DATACOM-Verlag. During the last two
years we have seen FastEthernet
(100MBps) established as a standard
product and GigaBit Ethernet just around
the corner, plus other technologies which
are currently proprietary or pre-standard
which will affect the way we design our
networks.
Huw Gulliver is a member of the Service
Communications Group at the Computing Centre
University of Wales, Cardiff.
(Reviewed by Lindsay F Marshall)
It's quite amazing what a pile of Java
books does for your popularity! “Lindsay,
can I borrow one of these?” “Have you got
a book on Java I can read?” etc. etc. I've
had the pile for some time now and a lot
of people have looked at them and mostly
their opinions about them were very
similar. In fact I've had them so long that
some of the books are now in their second
and even third editions. This is what comes
of trying to write books about a moving
target like the Java language! (I've even
seen a book about JDK 1.1.1 which is in
its second edition - but I haven't seen any
Java books in remainder piles yet. Odd.)
So, where to start? Well, lets start with the
best ones and then you don't actually have
to read the whole article (unless you feel
you need to know about what to avoid!).
For serious Java programmers, that is
people who are wanting more than just an
introduction to the language, then at the
moment there is only one choice: The
O'Reilly Java Series. There are several
titles available now:
*
Exploring Java
*
Java Threads
*
Java Network Programming
*
Java Virtual Machine
*
Java AWT Reference
*
Java Language Reference
*
Java Fundamental Classes
Reference
I am not even going to say anything about
these individually. They are the business
(even if they aren't “authorised”) and since
they are O'Reilly books you can probably
get them at a reduced price through the
UKUUG! You won't do better than these.
Of the introductory books, the number one
favourite and most requested is Core Java
by Gary Cornell and Cay S. Horstmann,
Prentice-Hall ISBN 0-13-565755-5
Heck, even I liked this one (with
reservations naturally!). As its title
suggests this gives a comprehensive
coverage of the whole of the Java language
and its main libraries and if you just want
to write straightforward Java programs
then this is the only book you need. It is
particularly pleasing because the authors
have a sensible attitude to the language –
good in parts, utterly dreadful elsewhere –
and they detest the hype. There are scads
of good worked examples and explanations
are clear. Also featured are notes that
relate Java features to those found in C++
and Visual Basic (whatever that is). One
of the best shows that for one example
program, the C++ version is 50 times
faster than the equivalent Java program...
Since everything you need to know is here,
what's wrong with it? Well it is far too
long – 622 pages of it. It does a very
good impersonation of a brick. Like many
of these books it falls between two stools.
For experienced C++ programmers there is
far too much background and programming
related information, whilst for novices
there is probably not enough. A book half
the size would be perfect; but even at this
size, this is still my pick of the bunch.
Oh, there's a CD with it too – what a
surprise. Just the usual stuff – you can
get fresher off the Net.
Writing Java Applets by John Rodley,
Coriolis Group Books, ISBN
1-883577-78-0
From the slightly better than ordinary to
the ridiculous. This has to be one of the
worst books I have ever had the misfortune
to come across.
Mastering the art of creating distributed Internet programs, Way-cool applets, and even Battle of the Java Sea, which is a game in Java that shows you how to create animated explosions (to be fair the latter is not in the book, just on the CD. Yes, another CD). Practically everything you can possibly think of is wrong with this book. It jumps straight in at the deep end and then flounders around trying to save itself. Absolutely the worst thing about it is the set of examples. These are formatted using a particularly unreadable indentation scheme, which is inconsistently applied, and some of them stretch for over 20 pages. Imagine 20 pages of someone else's badly presented Java? Now imagine that several times throughout the book.
The author is also sometimes an I and
sometimes a we – presumably something
to do with Threads. (Actually the example
he builds – an agent delivery system – is
quite good. It's spoilt by being
incomprehensible.)
Did I mention the CD? Great for making
bird scarers. This book would make great
kindling and would have made an even
better tree.
Instant Java by John A. Pew,
Prentice-Hall, ISBN 0-13-565821-7
100 pages of Java listings (decently
formatted though), 200 pages of
manual-style information, and yet another
CD. The cover tells you everything you
need to know about this one – Create
sizzling hot web pages with this Java
cookbook – instantly.
Apart from being illiterate (I don't blame
the author for the cover – would I judge
a book by its cover? (Yes)), you know that
anything that uses the words hot, sizzling
and web in the same sentence has got to
be a waste of time. It is exactly what it
says, a cookbook for applets. You can pull
them off the CD and reuse them to make
your web pages look exactly like those of
everyone else who has bought the book.
If you think that having an animated Java
applet on your web page is the acme of
cool (or should I say k3Wl) then you are
probably 16 years old and like Iron
Maiden. But if it's what you want, then
this book probably is good value. The
applets do provide some interesting effects
(for about 2 minutes that is) and the code
is sound. But, you can poke around the
net and find pretty similar stuff just lying
around. (You can also do a lot of the
tricks with animated gifs just as
effectively.)
Why are the CD enclosures in books so
hard to get into? When I got this one out
I stuck it in my Mac to see what was on it.
No attempt to add nice icons or anything.
Boring Mac application icons and self
extracting archives containing examples
from all the Sunsoft Java series and the
JDK. There's also a Readme that says that
the programs haven't been tested on a Mac
so might not work. I thought Java was
supposed to be portable?
Just Java by Peter van der Linden,
Prentice-Hall, ISBN 0-13-565838-X
Are you bored yet? Have a look at this CD. Oops, it's exactly the same as the last one. Sorry. Being written by someone from Sun this is a bit of a hymn to the wonders of Java, so you can skip the first couple of chapters right away. (van der Linden also appears to be the author of The Official Handbook of Practical Jokes, according to the blurb. He doesn't seem to be directly involved in the development of Java, but one wonders...) There are lots of witty asides (well, they would have been witty if I'd made them), cartoons and jokes as well as lots of irrelevant information - did you know the Crays at the Met office were referred to as Ronnie and Reggie? The Java content is OK - all the usual stuff about applets and networking and the
AWT - but calling it Just Java is a bit rich
- Java and a lot of other stuff that you
don't need to know besides would be a
better title. However when compared with
Core Java, apart from being half the size,
it is not really that great. I wouldn't
bother.
Java by example by Jerry R. Jackson and
Alan L.McLellan, Prentice-Hall, ISBN
0-13-565763-6
You want a cheap Java CD? I've got
several. Time for a cup of coffee... (and I
had to see what was wrong with my
leaking roof too). This one is pretty much
like all the others - they start to blur after
a while. There are some simple, well
constructed examples here, though it also
has the problem of examples that take up
several pages. It is really hard to read
code in the context of a book and it breaks
up the flow of the text so you start to lose
track of what you are reading about.
The worst feature of this book is the fact
that it relegates Object Oriented
programming to an appendix and even then
it is simply a list of the features in Java
that support OOP. There is nothing on
how you might go about designing an
object oriented program, or about the
principles you need to understand to do it.
Fine if you are an experienced OO
programmer, but awful if you are not.
This is a problem from which many Java
books suffer. Basically, in order to get a
Java book into a manageable size (which
publishers seem to think is around 600 to
900 pages - personally I would prefer 200
to 300, but never mind) you either have to
do all of the language, with no in-depth
coverage of OO, or you have to write a
book on Object Oriented programming
using Java, which really can't cover the
whole language. The problem from the
publishers point of view is that most
people don't want to shell out £40 for a
book that they are going to use once, so
they have to provide something that will
be of use in the long term. This is made
even worse by the fact that the language is
a moving target; books on Java are bit like
PCs – if it's on your desk it's obsolete!
Java Programming for the Internet by
Michael D. Thomas, Pratik R. Patel, Alan
D. Hudson and Donald A. Ball Jr.,
Ventana ISBN 1-56604-355-7
Four authors and 780 pages...and a CD
(but a different one this time). Patronising
is how one of my team of guinea pigs
described this one, though it gets better
towards the end. Considering that it's
written by four different people this one is
not too bad, though they do definitely talk
down to the reader. Again lots of
examples and chunks of uncommented
hard-to-read code. The examples are
pretty reasonable though and if you are
looking for some specific nugget of
information then you might very well find
it in one of the them. The section on the
networking interface is probably the best in
the book and it manages to get the
coverage about right. I found the
typefaces used in this book hard on the
eye, particularly the rather thin,
fixed-width sans-serif used for code. This
book claims never to go out of date
because it has an online companion.
I'll just pop over and have a look at
it...well, the Updates and Errata section
contains one correction and nothing at all
about any of the recent changes to the Java
language. There is not a lot that is useful
here at all (apart from the usual links you
get everywhere). It is also rather
discouraging to see that of all the Online
Companions that Ventana provide, only
three of them are still being updated (this
book, one on Photoshop and one on
Quake), so “Never Out-of-date” does not
look like a promise that they keep.
As to the CD, I reckon the person who
designs cardboard milk cartons designs the
plastic CD packets found in books. When
I finally got it out and tried it on the Mac,
I found the JDK, code samples and a
rather nicely produced (but ultimately
useless) multi-media Ventana browser
which was all advertising, apart from an
index for the code examples. (These people
have got Kai's Power Tools – you can
tell because they use the ubiquitous Page
Curl filter on some of their graphics). This
is not really a great value addition to the
package.
Teach yourself Java in 21 days by Laura
Lemay and Charles L. Perkins, Sams Net
ISBN 1-57521-030-4
Well, blow me! Another CD! Beer mats
anyone? This describes itself as a
“National Bestseller”, though neglects to
say which nation. Unfortunately I find it
hard to be objective about this book - I am
not a fan of Laura Lemay's books and I
find this one especially unappealing. The
presentation is ugly and the whole idea of
learning a new programming language in
21 days (and expecting fluency as the
result) to be ridiculous. My team of
guinea-pigs had a look at this one – “It's
OK”, “You can learn from it”, “Does the
job”. You get the picture. Don't waste
your money, get one of the good books!
Lindsay Marshall is a lecturer in the Department of
Computing Science at the University of Newcastle
upon Tyne. He has some UNIX DECtapes and a
paper tape machine in his office.
(Reviewed by Andrew Cormack)
I had hoped that this book might persuade
me that JavaScript was worth learning, but
it was not to be. There are just too many
flaws in both the language and the book.
The text suffers from a mass of spelling
errors and, in a bizarre printing accident,
some of the sample programs have been
line-wrapped and hyphenated. This is
particularly unfortunate when an example
demonstrating single line comments is
wrapped, or a hyphen is inserted into a
function name!
The first section of the book gives the
history of JavaScript and provides a gentle
introduction the language. Objects are
mentioned only as having a hierarchical
name structure so it comes as something of
shock to be told to “treat strings like the
objects they are”. Turning the page, and
with no further explanation, the reader is
expected to make sense of constructs such
as
"bubba".indexOf("b",3)
.
Apparently these are called functions,
except when they are called string methods
(there is a similar confusing mix of the
terms “member” and “property” later on).
One particularly clever string method is
escape(),
which apparently converts the
string
"Bugs Bunny"
to
"Al%20Bundy"
.
The
unescape()
method can retrieve the
original string, presumably using either
telepathy or global variables. Some of this
confusion is the fault of the language,
which itself is half-hearted about objects,
but would-be learners are likely to give up
around this point.
Those who struggle on will find little
improvement. The second section
describes how JavaScript can access
information within the browser and the
HTML page. The arrangement of chapters
seems strange and confusing. First come
the History and Location objects which
belong to the browser, grouped in a
chapter with the Link and Anchor objects
which are part of the HTML document.
The Document object itself – “the most
important object in the JavaScript arsenal”
according to the introduction – is
separated from these by a chapter on event
handlers. The organisation within chapters
is also confusing with some topics
interrupting others. A few sentences make
no sense at all and can only be ignored.
Many examples of JavaScript programs are
included as illustrations, indeed so many
that one example is not referenced in the
text and only a selection appear on the
accompanying CD-ROM. The printed
program listings use a very wide line
spacing leaving only twenty or so lines per
page. This spreads even simple programs
over several pages making their structure
hard to follow. The meaning could have
been made much clearer by including only
relevant fragments of code in the book
with the full programs available on the
CD. Even casual examination reveals
many bugs in the printed programs:
variable names change during the program
or have inconsistent case, blocks of code
have been copied incorrectly and a
program supposed to show how to avoid
memory leaks contains a fine example of
exactly that error.
The last two sections of the book contain reference material on working with Netscape plug-ins and an alphabetical appendix giving details of all JavaScript reserved words, objects and functions. This appendix would be more useful as separate lists, rather than having the different parts of the language mixed together, and has a few obvious contradictions between text and tables. The plug-in section is probably the best in the book but is based on a pre-release version of Netscape 3. Other versions and other browsers may well have different features from those described. This
highlights a fundamental problem in
writing a book on JavaScript: Versions 2
and 3 of Netscape and Internet Explorer
each have their own unique version of the
language. There are further subtle
variations in bugs and supported features
depending on the underlying operating
system. Keeping up with this variety
makes things hard for both author and
publisher; if a standard version of the
language ever appears it should be possible
to write a book which can be
recommended. This one is not it.
Andrew Cormack works in Information Systems
Support at the University of Wales, Cardiff.
(Reviewed by Huw Gulliver)
The first thing you notice about this book
is that the title is a bit misleading. The
text in the top left hand corner of the front
cover “Comprehensive coverage of
implementing TCP/IP with Windows NT
4” would have been more appropriate.
Although Windows95 (WIN95), Window
for Workgroups and MS-DOS/Windows
3.1 (WIN-3.x) do get covered, it is only
from the point of view of installing TCP/IP
client software which equates to one
chapter of 18 pages.
The book is split into two parts: TCP/IP
Concepts (six chapters) and Implementing
Microsoft TCP/IP (eleven chapters), with a
single appendix dealing with number
representation in binary, decimal, and
hexadecimal.
In “TCP/IP Concepts” the author
introduces the reader to basic
communications concepts, and the TCP/IP
protocol suite. This is really just a flying
visit to the subject, designed to give
someone unfamiliar with TCP/IP enough
understanding to be able to make sense of
Part 2. The main criticism is, having
described IP, TCP and UDP, the author
moves onto “The Process/Application
layer”, where he takes a US-centric look at
the Domain Name Service and WHOIS.
Then proceeds to walk the user through
using FTP, TELNET on Windows NT and
finishes off with a very brief description
(nine pages) of SMTP, SNMP and NFS.
But in all this the author only briefly
mentions TCP or UDP port numbers,
mainly to refer the reader to RFC1700
(Assigned Numbers). I feel this is an
important part of TCP/IP, particularly in
respect of security which is dealt with in
Part 2 of the book and should have
received greater coverage.
Part 2, “Implementing Microsoft TCP/IP”, is what the book will really be bought for. The book's Chapter 7 starts the section off with a general overview of what protocols Windows NT (WIN-NT) 4 supports and the RFCs supported by Microsoft's TCP/IP implementation. Plus noting a few things not supported, such as standard SMTP, Dynamic routing and NFS. Two things that struck me about this chapter – was Drew Heywood an alias for Bill Gates? and, I must tell my management that we need at least one WIN-NT server to provide automatic IP address assignment. Silly me has been using, quite successfully,
a couple of UNIX boxes running CMU's
BOOTP/DHCP server to do the job.
Chapter eight goes through the steps of
installing and basic testing of TCP/IP on
WIN-NT computers. No distinction is
made between WIN-NT Server and
Workstation installations. The figures used
in the chapter relate to the installation on
WIN-NT Server, with no mention of this
fact. I know this is a small point but it is
something that could be misleading or
confusing to a reader with limited
experience.
Having installed TCP/IP on the WIN-NT
computer, the author moves on in the next
chapter to show the reader how to use
WIN-NT to build a routed IP network
using WIN-NT servers as routers. The
interesting feature of WIN-NT for someone
with a UNIX background, is the lack of a
routed
or
gated
daemon equivalent as
standard to dynamically update WIN-NT's
routing tables. The result is that
everything has to be done with static
routes and default gateways.
Chapter 10 covers “Dynamic Host
Configuration Protocol DHCP” – how it
works and how to set up and manage a
DHCP server on WIN-NT. For those who
may not know, DHCP allows the network
manager to assign IP addresses and supply
other necessary information, for example,
the DNS servers to and default gateway to
clients. It can be considered a
development of the older boot strap
protocol
Bootp
.
Chapter 11 deals with the Microsoft
Networking specific question of NetBIOS
naming in a TCP/IP environment, the
setting up of a Windows Internet Name
Service (WINS) server and its
management. It would appear that you
only need this service if you are using
Microsoft Networking heavily as opposed
to, say, Netware or PCNFS. If the former
is the case, there are hooks to link WINS
to a Microsoft DNS server, allowing
dynamic updating of the DNS indirectly
via the WINS server. This is supported
only for NetBIOS clients, thus restricting
its use to WIN-3.x, WIN95 and WIN-NT
systems.
Chapter 12, “Managing the Microsoft DNS
server” first covers whether to implement
DNS for your site and whether all or some
of your hosts need to be DNS registered.
Then it shows how to set up Primary and
Secondary DNS servers. There are a
number of errors in the figures dealing
with setting up the Domain Database Files
(Name to IP address), where there is use of
non fully-qualified names and/or the
omission of trailing periods in NS, MX
and CNAME resource records. This is
surprising since the author draws the
reader's attention to the improper use of
trailing periods in a “Warning” in this
section. These errors are not repeated
however in the following section on
Reverse-Matching Database Files. The
author's advice is probably best followed:
“consult the book DNS and Bind, written
by Paul Albitz and Cricket Liu, from
O'Reilly & Associates”.
Having set-up a TCP/IP network based on
WIN-NT the author looks at the question
of installation and configuration of client
TCP/IP software for WIN95 and
WIN-3.x/MS-DOS.
Chapter 14 takes a look at “Managing
Microsoft TCP/IP”. The majority of the
chapter is a general guide to using
Microsoft's Network Monitor –
Microsoft's tool for protocol analysis.
There are also short sections on Trouble
Shooting utilities ARP,
tracer
(
traceroute
),
netstat
,
nbstat
(NetBIOS version of
netstat
), and how
to activate SNMP agents on WIN-NT and
WIN95.
Chapter 15, “Connecting to the Internet”
first examines some of the issues
surrounding connecting a site to the
Internet, including the type of connection:
dial-up, ISDN, leased line and security.
The last is covered only as far as outlining
a few simple configurations to isolate a
private network from the threats on the
Internet. There is no mention of the
demilitarised zones model, or references to
other sources of information. This is
surprising, since the author on a number of
occasions draws the reader's attention to
how potentially dangerous connection to
the Internet can be. The remainder of the
chapter is taken up with a description of
the dial-out component of the Remote
Access Service (RAS), to provide a
connection to the Internet, with a short
section on Point-to-Point Tunnelling
Protocol (PPTP), which can be used to
create virtual private networks (VPNs).
Chapter 16, “Introduction to the Internet
Information Server” takes the reader
through the steps to set-up Internet
Information Server (IIS) (Microsoft's
combined FTP, Gopher and Web server
product) on a WIN-NT server. The
emphasis is on setting up ISS for a private
network i.e. an intranet. The chapter
appears to have been written based on an
earlier version of ISS, since there are a
number of subtle changes, such as: the
default path where files being served are
placed, is given as
C:\WINNT\SYSTEM32\INETSRV\WW
WROOT
, but on servers I have set up the
default has been
C:\INETPUB\WWWROOT
. Luckily these
are small points and would not seriously
affect someone installing IIS for the first
time.
The final chapter 17, “Using Front Page”
seems out of place in this book. Front
Page is Microsoft's Web authoring tool.
The only reason I can see for including it
is that Front Page allows collaborative
creation and management of a Web site's
contents over the network, provided the
Web server has the Front Page extensions
installed – a rather tenuous link.
Overall I found the book readable and reasonably well laid out, though it did prove irritating in places, either because of
a heavy US or Microsoft bias, or the
author's habit of referring you to another
New Riders book for a more detailed
presentation of a particular topic. That
said, I did find a number of useful things
about TCP/IP on WIN-NT scattered
throughout the book. But I might have
missed them had I not forced myself to
read cover to cover, and I feel that these,
collated together, would have made a more
appropriate appendix than the one
included.
Huw Gulliver is a member of the Service
Communications Group at Computing Centre,
University of Wales, Cardiff.
When I first used the Internet, finding your
way around was a slow and frustrating
progress through unavailable sites, broken
links and word of mouth recommendations.
Songline Guides aim to help today's net
newcomers through this stage with a
mixture of advice, recommended sites and
stories from those who have been there
before. Each of the guides concentrates on
a particular theme. This one covers travel:
a subject where the Internet's global
coverage and timeliness are of particular
benefit.
Simple lists of web sites are unlikely to be
useful to someone new to the Internet.
Instead of these, each chapter discusses the
kinds of resources which are available,
illustrated with frequent screen shots.
Detailed references – URLs, e-mail
addresses and newsgroup names – are
given in the margins and are also collected
in an appendix as a more concise
reference. The layout is attractive and
easy to read: the only slight inconsistency
is in the typeface used for quotations.
These stories from experienced (and not so
experienced) travellers give a good
impression of the many ways in which the
Internet can be used.
The early chapters cover the basic
requirements of any journey: transport and
accommodation. As well as providing
information, an increasing number of web
sites take reservations and may even offer
special deals which are not available
elsewhere. Some services are dedicated to
business travel, allowing an organisation to
construct travel planners for its staff.
Small, specialist travel sites can reach a
global audience across the Internet, and
two chapters give examples of the kinds of
adventure holidays which can result. The
Internet is often equated to the World
Wide Web but in travel planning, human
contact through newsgroups and mailing
lists can often be even more valuable.
These sources are given due credit, and
readers are encouraged to contribute their
own experiences in return.
Finally, there is a section on accessing the
Internet while travelling, either from your
own portable computer or using cybercafes
and other local installations. The AOL
subscription CD inside the back cover is
presumably intended to help with this,
though it is not mentioned in the book.
Similar disks are available on magazine
covers and in junk mail. The web site on
how to protect your modem from foreign
power and telephone systems may be more
relevant.
The selection of sites included in the book
reflects American travel requirements.
There is far more information on air travel
than rail, with none of the major European
rail networks represented. Even the
German Railways web site
(
http://www.bahn.de/
), which has
timetables and information for most of the
continent, is missing. The only trains
mentioned in the UK are the Great Little
Trains of Wales! While there is certainly
less information available on line in
Europe than the USA, the situation is not
as bad as the reader might imagine.
Several of the sites in the book accept
credit card payments, but there is no
comment on the privacy of a card number
sent over the open network. Again, this
may reflect the American situation where
stronger cryptography is available:
elsewhere more caution may be required.
The book is a good introduction to the
possibilities of the Internet for planning
and arranging travel, especially for
destinations in North America. No
previous experience is required, as there is
a good introduction to e-mail and the web
in an appendix. For European travel it is
of more limited use, though anyone
searching for similar information over here
may be pleasantly surprised by what they
find.
Andrew Cormack works in Information Systems
Support at the University of Wales, Cardiff.
Many advertisements for the Internet
proclaim the huge amount of information
available, but fail to mention how hard it
can be to find. Some books try to
overcome the network's lack of structure
by grouping sites by topic, but the size of
these directories can often be as
overwhelming as the network itself.
NetResearch takes a different approach,
teaching the reader how to find
information for themselves rather than
simply listing its current location.
The book is aimed at newcomers, so begins by describing the fundamental services which the Internet offers: web, e-mail, usenet, gopher and FTP. The web has the best developed search tools, but
these have their own problems, illustrated
by searching for a Sherlock Holmes
mystery involving a snake. Using
“Sherlock Holmes” as the query returns
too many matches to be useful: adding
“snake” is unlikely to return any. The
limitations of simple queries can often be
overcome by a better understanding of how
search engines build their indexes and the
different types of queries which can be
used. These are well covered in the next
chapter. Web search engines are not
always the best way to find information.
Examples are given of specialist sites,
Frequently Asked Questions (FAQ) lists
and discussion groups which may provide
quicker answers to some kinds of enquiry.
Although the web can be used without
understanding its addresses, it is often
useful to know a little more about how
they, and other Internet names, are
constructed. When searching for e-mail
addresses this is usually essential. The
author gives a clear explanation of the
hierarchical naming of domains, and this
may be used to guess the names of
particular machines such as “Microsoft's
web site”. He also gives hints on guessing
e-mail addresses, which may worry some
postmasters, but does stress the importance
of being polite in case of accidents. It is a
small step from individual e-mail to using
discussion groups, so the next chapter
explains how to find an appropriate group
and how to behave once there. Here, and
in the following section on FTP and
Archie, there are only limited instructions
for using programs since these will vary
greatly between sites.
The final section discusses ways of
contributing to the Internet by answering
questions, maintaining web pages or FAQs,
or helping to moderate a discussion list.
This is a good idea, but unfortunately the
detailed instructions will only work for
some readers. Most people would be
better using the documentation provided
with their own Internet connection.
Throughout the book the emphasis is on
searching as a practical skill and each
chapter has a set of useful exercises for the
reader. Sidebars within the chapters
describe how different individuals solved
particular problems, to show the range of
approaches which can be taken. There are
no magic solutions to information overload
on the Internet, but the newcomer will find
plenty of good and reassuring advice in
this book. It is easy to read and better
value, in time and money, than most
Internet Yellow Pages; furthermore its
lessons should be much more durable.
Andrew Cormack works in Information Systems
Support at the University of Wales, Cardiff.
(Reviewed by Adrian Cummings)
This second edition of an excellent work
has resulted in a gain of over three
hundred pages – so what's new? The
authors' claim that this edition is a
complete rewrite would appear to be the
case, with sections being updated as new
features have been incorporated into
Oracle. Furthermore new advice has been
added covering disc striping and mirrors,
RAID, distributed databases and MPPs.
Particularly welcome are the chapters on
tuning the backup process.
It should be borne in mind that the
performance of an Oracle (or, for that
matter, any) database is also greatly
influenced by the applications
programmers. Simple changes in the SQL
used by the application can produce large
changes in the execution times of the
program.
This substantial work starts with an
overview of the general problems and the
major differences between versions. The
next section covers the areas of tuning that
planners can influence along with more
general advice on the use of standards.
The authors then turn their attention to the
needs of designers and analysts, followed
closely by the programmers and their use
of SQL, PL/SQL and locking. Naturally
the DBA and system administrators do not
escape attention, with these sections
occupying about half of the book.
Appendices cover features in versions 7.0,
7.1, 7.2 and 7.3, tuning tips, tuning Oracle
Financials, the Oracle performance pack,
tuning forms versions 4.0 and 4.5, case
studies and the dynamic perfomance tables.
Also included is a floppy diskette (in PC
format); this contains the examples from
the book. A listing of the dynamic
performance tables can also be found on
the diskette (this is not in the book), along
with a number of shell and SQL scripts for
analysing the performance of the database.
This is another welcome addition to the
bookshelf from O'Reilly. The examples
on the disc even work – something which
is not always true of such additions to
books.
Adrian Cummings can often be found tending his flock
of Oracle databases.
Following on from
Oracle PL/SQL
Programming
(same author and publisher,
ISBN 1-56592-142-9) this book takes a
detailed look at one particular aspect of the
language which, as the title suggests, is the
package. For the uninitiated, a package is
what most procedural languages call a
module.
So, you ask, why is such a large book needed to describe modules? The answer is soon revealed ... enter PL/Vision. PL/Vision is a collection of SQL*Plus
scripts and PL/SQL packages written by
the author. On the included diskette is
PL/Vision Lite software and an online
reference. As is so depressingly familiar
these days, this is for Windows 3.1, 3.11,
95 and NT; for those of us that choose to
run an operating system on our hardware
there is a website “for some other
environments”. However, I have to say
that it wasn't apparent
which
other
environments when I looked
(
http://www.revealnet.com/
).
PL/Vision consists of various building
block, developer utility and (the
ubiquitous) plug-and-play packages. The
various packages are described clearly and
in great detail. The back cover claims that
this is much more than a book – this is
true, it is more of manual. That said, the
author has a clear, if rather verbose, style
and doesn't hesitate to share his philosophy
of life with you.
This book is primarily a manual for
PL/Vision. Whether PL/Vision will be of
use to you will depend on your
environment. I suggest that you look at the
website before choosing this book. If you
need a book on PL/SQL, I would suggest
either the other O'Reilly mentioned earlier
or the Oracle Press
ORACLE PL/SQL
Programming
by Scott Urman (ISBN
0-07-882176-2).
Adrian Cummings is curator of a collection of
databases
.
Given the large numbers of books available
about databases, there are very few that
tackle the important topic of how to create
the best design. This is particularly strange,
given that a poor design is unlikely to run
well, even on the fastest hardware with the
best tuned database. For Oracle this
glaring hole in the market has been filled
by
Oracle Design
. Why design just for
Oracle? What about relational database X?
I hear you ask. The authors explain the
reason by drawing our attention to the
features and characteristics of Oracle.
The first topic to be covered is data
modelling. As one would expect this
includes designing the database, deciding
when to denormalize, choosing datatypes,
keys and indexes. There is a clear
disusssion of normalisation, including how
(and why) one might go beyond the much
vaunted “third normal form”. Further
chapters cover temporal data, loading and
unloading data, data placement along with
storage and safeguarding the data.
Having thoroughly covered the basics of
design, the authors move on to designing
for specific architectures; client/server,
distributed databases, data warehouses and
parallel processing.
The later chapters cover designing the code
modules. This includes where to locate the
processing, the various locking strategies,
plus how to select appropriate tools for
screens, reports and batch processing.
The appendices cover off-the-shelf
packages, and the reasons for and against
choosing that particular route. Finally a
few tricks of the trade covering mutating
tables (where the table is being altered by
the current statement), the year 2000
problem and providing user extensibility.
While much of this work applies equally to
any relational database system, the authors
do go into the processes that the Oracle
RDBMS will use to perform the task at
hand. For this reason alone, this book
should be a welcome addition to the
bookshelf of any Oracle programmer,
system analyst or administrator. If you
don't know how a tool works, how can
you expect to make best use of it?
Highly recommended.
Adrian Cummings is the curator of collection of
several exotic species of database.
This book is aimed at Oracle system
designers, already experienced in Oracle7,
rather than programmers. It may provide
good background reading for the latter who
wish to extend and deepen their knowledge
of the subject. The main emphasis of the
book is on the design aspects of an Oracle
system; anyone wishing to embark on
Oracle programming for the first time
should look elsewhere for more suitable
literature.
The structure of the book is well organised
and is very accessible to those who simply
wish to “dip in” and explore certain Oracle
topics.
Extensive examples of both PL/SQL and
SQL*Plus are presented throughout to
illustrate topics. I did find a few
syntactical errors, however. Another slight
irritant is that although the book claims to
be for the experienced Oracle user, it does
spend a lot of time explaining what should
be second nature to such people, for
example, explaining the use of “'Indexes”.
While this is obviously done for the sake
of completeness, it does seem to contradict
the stated intentions of the book.
One useful feature of the book is the use of “side bars”. These are used to either discuss certain topics in more detail rather than disrupt the normal flow of the chapter, or offer tips relating to the current subject being explored by the text. “Designing for Client/Server”, for example, gives a tip concerning the 'authentication
of server-side applications and how to
ensure that servers present the correct
software version.
This is a useful reference book for the
serious Oracle7 designer. My main
reservation is in the book's life expectancy.
Oracle8 is on the horizon and while there
will undoubtedly be vast similarities,
investment in a book which may very soon
contain out-of-date information may be
questionable.
Robert Pitchford has worked at the University of
Manchester for the past 12 year and is involved in the
maintenance of an Oracle financial software package.
This “Llama book” has introduced many
people to Perl and the new edition brings
it right up-to-date with version 5.004. The
major changes to the language – packages
and object-oriented constructs – are too
advanced for an introductory text, so this
revision is less dramatic than its
companion volume
Programming Perl
which required a complete re-write. There
is a new final chapter, which gives hints of
the new features, and a useful appendix
listing the functions available in the
standard library, but other changes are
mostly corrections and updates.
The book is described as a tutorial, but this
is only partly true. Some previous
experience of programming in other
languages is assumed, so that variables,
control structures and I/O can be
summarised briefly. A few things are
skipped, such as the ability to include
underscores as punctuation in long
numbers and the upper/lower case
operators in strings. These may cause a
shock when they are used later without
comment.
Perl's special features are introduced more
gently and there are good descriptions of
simple regular expressions, functions,
formatted output and sorting. The chapter
on hashes (formerly known as associative
arrays) is surprisingly short for one of the
most useful features of the language.
Some more explanation and examples
would be helpful. The chapters on system
calls and file handling list the functions
which are available but rely on the UNIX
man
pages for details. Since Perl is
already spreading to other operating
systems, future editions of the book may
need to give more detail here. The final
chapter illustrates some of Perl 5's new
abilities in a program for handling World
Wide Web forms. Security is vital in
writing server scripts, yet there is no
mention of tainted variables which can
help to detect problems. Creating
world-writable files, as suggested, is a
dangerous short-cut.
Each chapter finishes with some programming exercises. These are well chosen and the sample solutions and explanations are worth studying. A nice
touch is that later solutions are more
concisely written, using many of the short
cuts familiar to experienced (i.e. lazy) Perl
programmers. One good habit, which
beginners are unlikely to pick up from the
book, is using a
#!
line in scripts to
invoke the Perl interpreter. This is only
mentioned in the introduction and is
missing from later examples and solutions.
The examples suffer from a few misprints
which may confuse learners, though most
will be spotted by the Perl interpreter. In
addition, Chapter 4 has fewer solutions
than questions!
This book still provides a good
introduction to the Perl language and
culture. Readers need to have some
experience of programming and a sense of
humour. Bad jokes are pervasive in the
Perl world (even infecting the
man
pages),
though Larry Wall's foreword is an
extreme case. The language has grown
since the first edition, and the teaching
chapters no longer cover all of it. There is
little help with using Perl objects, even
though many of the standard libraries have
now been recast in object-oriented form.
Anyone completing the first edition of the
Llama book was ready to move onto the
corresponding Camel book; with the
second editions the progression may not be
so smooth.
(Reviewed by Chris Cook)
Let me begin with my gripe, as it's preying on my mind and spoiling my perspective of this book. I am getting tired of seeing computing texts with CD-ROMs inside the back cover. At first glance they appear to add value for money. The problem is that very often all they contain is programs and data that are freely available from the network or other sources, or even pre-installed in the case of many Linux distributions, whilst at the same time adding between £10 and £20 to the price of the book. I appreciate that for some people, this may be the only way they can obtain a source distribution or associated documents but surely there is a case for unbundling these CDs in the same way that the Running Linux CD set is sold separately? The extra cost can sometimes as much as double the price of a book and in any event, quite possibly push it out of the affordable range for students and the hobbyist. Programming Python includes such a CD containing examples and pre-compiled distributions for a number of operating systems. Whilst useful as a free gift, this could probably best be substituted for a floppy or, better still, the good old O'Reilly FTP server, in favour of reducing
the price. In fact, the preface admits that
the book nearly escaped the encumbrance
but that the CD was added at a late stage.
I await your slingshots and arrows.
The book is large but not unnecessarily so.
It is divided into three principal sections,
“Introducing Python”, “Language
fundamentals” and “Tools and
Applications”. The first section is 75
pages of a quick dash through what
Python can do and how it accomplishes it.
The author presents a number of examples
illustrating the language's strengths and
provides a good overview of what the
reader can expect of the language and the
book. It concludes with a brief chapter on
installation and configuration of the main
distribution, plus how to install the
extensions referred to in the book.
Part two highlights the practical nature of
the language by introducing a real
application that the author needed to throw
together when blizzards prevented him
from getting to work. It starts with a very
simple file packing/unpacking program that
allowed the quick transfer of many text
files along a primitive dial-up connection.
Having demonstrated the language's
suitability for rapid, concise development,
the book slowly improves this application
over the next 200 pages, extending it to
make it more flexible and robust.
Gradually, all the major aspects of the core
language are introduced so that the reader
is able to see the impact of different
philosophies being used. The two chapters
devoted to Object-Oriented Programming
are a little hard going but well worth
persevering with.
Part three looks at advanced concepts using
practical examples and case studies. It
opens with a lengthy chapter on GUI
programming using the Tk extension. It
briefly indulges “Hello World” enthusiasts,
but rapidly moves to more practical ground
by extending the file packer/unpacker to
present itself graphically. There are plenty
of screen shots with good accompanying
explanations of what transpired, such as
key and button presses, to get the resultant
display.
Python's interoperability is an important
feature, and two large chapters are given
over to it. The first addresses extending
the language, principally in C. The second
is really the same territory from the
opposite viewpoint, the various ways of
embedding Python within C. There are
also smaller chapters on more minor
subjects such as text processing, and object
implementation, i.e. stacks and sets.
Throughout the section, the relative merits
of Python, C, built-in and home-brewed
routines are addressed, along with the
development cycle that the language
supports: “Get it running quickly then
optimise it, often dramatically”.
The book proper finishes with an analysis of where the language is and where it's going, along with a comparison of usability with other well known languages. The author rounds it all up with a reasonable ten-page treatise, justifying the choice of
Python for application development. There
then follows 140 pages of appendices,
pointers to resources, future (by now
current) predictions, a condensed tutorial
and a mini-reference. This last appendix
was one of the main disappointments of
the book. Thoughout, the author exhorts
you to read the comprehensive on-line
documentation that comes with a Python
distribution. However, I would far rather
have seen the CD displaced by nicely
formatted, printed versions of the reference
manuals, still preferring properly bound
books to reading documentation on a
screen or sheaves of laser printed manual
pages in sub-standard folders. Maybe in
version two, or perhaps they may appear as
a separate publication.
The standard of writing throughout is high
and the style is fairly informal, without
being sloppily so, although some of the
section titles were painfully punny. The
presentation is of a high quality, as you
would expect with an O'Reilly publication.
Because of the development cycle of the
language, program listings could benefit
from some form of change bar to highlight
which sections had been modified from the
previous generation. In spite of my quarrel
with the inclusion of the CD-ROM, this
book still represents good value for money.
Chris Cook described elsewhere.
(Reviewed by Andrew Cormack)
This is the kind of book which made
O'Reilly famous: quirky, expert, and
dealing with an obscure subject. Not that
regular expressions are particularly obscure
any more: as well as their traditional
hiding places in
grep
,
awk
and
emacs
,
they are fundamental to Perl and well
supported by other languages such as TCL
and Python. Users of any of these
programs should find the book of interest
although, since its main concern is with the
efficiency of regular expressions,
programmers will have most to gain.
The book introduces regular expressions
through the problems they can solve and
the basic matching operations which are
needed for these tasks. To postpone
discussion of the differences between
systems, this description is at a fairly
abstract level and most readers will find it
helpful to have a real implementation in
mind.
With this knowledge of what a regular expression processor must do, the next step
is to learn how it does it. There are two
basic methods – deterministic finite
automata (DFA) and non-deterministic
finite automata (NFA). DFAs offer little
opportunity for fine tuning, so the rest of
the book concentrates on NFAs, where the
detail of the regular expression can have a
dramatic effect on the speed of execution.
A well-designed regular expression should
find matches and non-matches both
correctly and rapidly and the book has
suggestions for achieving accuracy and
avoiding inefficiency. Some of the speed
penalties, such as excessive backtracking,
should be obvious, but others are only
found by careful benchmarking or, in the
last resort, examining the source code of
the regular expression parser.
When the time comes to put this
knowledge into practice, it soon becomes
apparent that every application has its own
variant form of regular expression. Often
there are even differences between versions
of the same application. These are clearly
summarised in text and tables; one chapter
discusses
awk
, TCL and EMACS, while
another is dedicated to Perl. This
concentrates on version 5 of the language,
but there are frequent endnotes for features
which have changed or been added since
version 4. Perl's rich collection of regular
expression primitives is described and
there are also useful sections on the
context in which expressions are used.
These include the match, substitute and
split operators as well as regular
expression compilation and the best
description of scope I have come across.
Some primitives have a severe effect on
performance; the book not only advises on
how to avoid them in your own code, but
even lists the standard library routines
which are affected.
I have only minor quibbles with the book.
The author clearly takes great delight in
computerised typesetting and the resulting
fireworks can occasionally distract from
the content. There is also a tendency to
stretch good analogies too far. However,
it can be strongly recommended to anyone
who has used regular expressions and
wants, or needs, to know how they really
work. In the Perl menagerie this Owl fully
deserves its place alongside the Llama and
Camel.
Andrew Cormack works in Information Systems
Support at the University of Wales, Cardiff.
and
http://www.ssc.com
)
(Reviewed by Andrew Cormack)
sed
and
awk
are the Swiss army knives of
the UNIX toolkit: suitable for a wide
variety of tasks, few of which their
designers imagined. Both programs are
now the subject of POSIX standards which
have added some new features and
clarified others. These changes have
prompted new editions of two of the best
known books on
awk
and, in one case,
sed
.
Effective Awk Programming is the official
book of GNU
awk
so describes the GNU
program's superset of the POSIX language.
The author maintains the source code of
this version, so can even provide definitive
rulings on parts of the standard which are
unclear or undefined. GNU
awk
includes
modes which emulate its POSIX and
“traditional” predecessors so the book also
covers those versions. The different
behaviours are described in the course of
the text, which can occasionally be slightly
confusing; it might have been better to
concentrate on a single version with the
variations collected in an appendix. After
an introduction to
awk
, including some
typical one-line
awk
utilities, each feature
of the language is given a chapter to itself.
The explanations are clear and
comprehensive, ideal for a reference
manual, but the structure is likely to make
life hard for learners. Reading through the
book they will find everything there is to
know about regular expressions, input and
output, before reaching the chapters on
expressions and variables. There are
plenty of illustrative programs, but most
use features which are not described until
later chapters.
By contrast
sed and awk
is written in
tutorial style, with the emphasis on writing
useful programs as soon as possible. Each
utility has an introductory chapter covering
simple programming tasks, followed by
other chapters which develop the more
complex aspects of the language. This
structure, along with much of the text, is
taken from the highly successful first
edition. Typefaces and layout now match
O'Reilly's current house style and the book
is easier to read as result though there are
a few inconsistencies in the use of
printable characters to show spaces and
tabs in the examples. The index is also
improved from the original. The new
edition describes
awk
according to the
POSIX standard, but also has a chapter on
other flavours, including useful suggestions
for working around some of their
omissions. Another change is that the
“three hurdles to mastering
sed
and
awk
”
have increased to four! The extra one –
how to interact with the shell – is
necessary because the book tends to avoid
discussion of shell quoting and variable
expansion.
Both books have appendices giving quick
references to the languages;
Effective Awk
Programming
also includes a tear-out
awk
reference card. Both contain a lot of
well-explained sample code, though most
the programs in the O'Reilly book date
from 1990 when processing
troff
markup
was probably more familiar and more
relevant to the average reader. Many of the
examples in
Effective Awk Programming
are re-implementations of standard POSIX
utilities such as
cut
and
egrep
. These are
intended as examples of the power of the
language, rather than for practical use.
These are two successful updates of classic
books. There are few major changes in
content and owners of earlier editions may
decide not to upgrade until their existing
copies wear out. The text of
Effective Awk
Programming
is part of the GNU
awk
distribution so may be sampled before
buying. Anyone who does not already
have an Awk book should be well satisfied
with either; beginners will be better served
by
Sed and Awk
while
Effective Awk
Programming
is essential reading for
gurus.
Andrew Cormack works in Information Systems
Support at the University of Wales, Cardiff.
(Reviewed by Chris Cook)
If you want to know all about Sendmail,
the classic mail delivery agent, you need
to get hold of
Sendmail
, also published by
O'Reilly & Associates. The fact is that,
on most occasions at least, few people
actually need to know “all” about
Sendmail. Frequently, the last thing any
budding Postmasters and System
Administrators want is to have to search
through the whole scoop on this large and
complicated program.
True, it can be valuable to have this
thousand page, 1.5kg monster in your
possession; in hairy situations where your
mail server is bleating at you that there's a
problem, you may require the level of
detail provided here, but for other times,
when you just want to check or tweak an
option, I'd prefer to use this desktop
reference. Incidentally, if this is the
“desktop” reference, then perhaps the
obvious inference is that the full size
version is the “mini-tower”. When it
makes it to the “mainframe” size volume,
it's time for the world to surrender and
seriously consider going back to using
paper mail.
This reference consists of five chapters:
“How to Run”, “The
sendmail.cf
file”,
“Databases”, “Configuring with m4”, and
“Additional Information Sources”, although
in a larger book the last chapter would be
considered an appendix and an extremely
small one at that.
“How to Run” gives the command line
options, an abridged list of useful
debugging switches and the commands
available in rule-testing mode. It also lists
the other names that Sendmail can be
invoked as and describes its behaviour.
Predictably, the largest chapter, over half
of this small book, is reserved for the
sendmail.cf
configuration file. There
are sections on the various flags, rules,
macros and options. There are flow
diagrams to demonstrate the sequence of
rewriting and a few, but not abundant
number of, examples to walk you through
a rewriting sequence. A list of options is
given but sorted by the new,
multi-character names. The older
single-character names are included in the
individual option descriptions, but if you
want to find out what such a single
character option does, you will have to
plough through the list until you see “was
the X option”.
The “Databases” chapter concerns itself with the support for files, internal tables
and database hooks. These include the
aliases file and the
.forward
file.
Configuration of the
Makefile
prior to
building Sendmail is covered, to enable
support for various external databases.
There is a small section describing
Makemap, the DBM database creation tool,
and another on utilising the databases
within rewriting rules.
For those people who use
m4
to generate
sendmail.cf
files, there are ten pages
describing its function and configuration.
The book finishes with a page of other
sources of information, almost all of which
are included in the program's source
distribution.
The authors declare this to be a companion
to the second edition of
Sendmail
, so it is
no surprise that most of the information
can be found in the larger volume. In fact,
the text is interspersed with section
numbers, showing the relevant passage in
the main book. In addition, scattered
throughout the book are worthy little hints
and suggestions such as how to check a
distribution list for undeliverable members
(I already knew that one) and how to
persuade
mailq
to show the number of
queued messages, even on a heavily loaded
machine (useful, I didn't know about that).
Even if you don't own a copy of the
Sendmail
book, this is a worthy addition to
your bookshelf if you have to infrequently
tangle with Sendmail.
Chris Cook is the Postmaster at Cardiff University.
For the inquisitive, Sendmail Desktop Reference
weighs 77 grams.
(Reviewed by Adrian Cummings )
Few programs can avoid using operating
system functions. This book documents
the operating system services of AT&T's
release of System V Release 4 (SVR4). In
addition SVR4 forms the basis of the
recent UNIX systems from Sun (Solaris
2.x), Hewlett-Packard (HPUX 10.x) and
Silicon Graphics (IRIX 5.x), all of which
are given special attention. There are also
notes covering the porting of software
from BSD UNIX to SVR4.
The book starts with a historical
introduction to SVR4, the
manufacturer-supplied C compilers and
gcc. History lesson completed, the author
moves on to cover the utility routines
(character manipulation, dynamic memory,
command line arguments). The low-level
I/O routines are covered in some detail
leading on to the standard I/O library.
The next chapter discusses the UNIX
filesystem, including memory-mapped files
(used for shared libraries), special purpose
file operations, time of day operations,
users and groups, system configuration and
resource limits.
Presumably to make the system
programmer's life interesting, SVR4
provides four different mechanisms for the
handling of signals (software interrupts).
Fortunately the author explains all of them
in a clear manner.
The book then moves on to describes
processes, terminal control, interprocess
communications via pipes, UNIX-domain
sockets, SVR4 IPC (queues, semaphores
and shared memory), networking with
sockets and TLI. At the risk of sounding
like a shopping list, the rest of the book
covers other systems routines including
error logging, searching, sorting,
environment variables and regular
expressions.
The appendices cover the significant
changes between K&R and ANSI C,
accessing filesystem data structures, the
/proc
filesystem, pseudo-terminals and
the network at the data-link provider
inteface (DLPI) level.
For anyone who either has to port
applications or develop new code this book
is a “must have” for the bookshelf. The
author's style is clear, with plenty of code
examples. "UNIX Systems Programming"
should also prove a useful reference for
students of operating systems.
Another excellent work from O'Reilly.
Adrian Cummings whiles away the time tending a
mixed flock of BSD and SVR4 UNIX machines.
(Reviewed by Raza Rizvi)
An Ethernet switch just works. You plug
it in and away you go – so why do you
need a 500 page book about switching
technology? Well, if you are a network
manager that is not interested in knowing
the background of the technology you
employ on your network then you will not
need this book. If however you want a
well written, easily readable and yet
authoritative discourse on a quite specific
topic then look no further.
After some well measured initial introduction to Ethernet signalling and cabling (for Thin, Thick, UTP, and Fibre) including some excellent comparisons of the transmission overhead within differing packet sizes, the authors move onto the pros and cons of cabling topologies. At chapter five we start to climb the ISO model with very good descriptions of the roles within LANs for 10Mbs and 100Mbs repeaters, bridges, and routers. The authors have not skimmed over routing technology to divert your attention to the main focus of the book, rather they present a truthful picture of the relative merits of
bridging and routing.
Thus far we have what could quite easily
be a standard text for GCSE Ethernet
Networking (if such a course existed) but
this is no bad thing as one has to enjoy the
starter to appreciate the main course.
When the main course arrives we are
suprised to find that it consists of two
chapters spanning 300 pages. We are
taken through the reasons why we need
switching to cope with the demands that
are now placed on LANs and the “how
they do it” approach to describe the
differences in switch architectures. Here
the book excels in explaining simply what
is often just a throw-away piece of
technical information in a product data
sheet. The analysis of the design of
switches leads to criteria for selection of,
and perhaps far more interestingly,
debunking of cost per port quotations.
Even if you work in a company supplying
networking equipment, this section cannot
fail to get you thinking about the merits of
one product over another.
Migration from 10Mbs to 100Mbs
networks together with the requirements
for fault tolerance and management are
covered well (not suprising since the
authors were also responsible for a set text
on SNMP). Although the initial section
about LAN Emulation within ATM is
brief, it is as clear as anything I have seen
in any other book, having as many
diagrams as pages.
A generous side order of Virtual LAN
technology is described with clarity before
the book makes perhaps its sole mistake
(ignoring the odd typo) with the inclusion
of a great deal of largely unnecessary very
low-level Fast Ethernet standards
description before returning to ATM.
A good bibliography and focused glossary
with a topping of the spanning tree
protocol round off an unexpectedly
pleasing hitherto description of this stable
constituent of networking.
Raza Rizvi is technical support manager at REDNET,
a very busy network integration company and medium
sized ISP. He is still recruiting networking staff.
( Reviewed by Keith Mannock)
The established means for obtaining
interaction with web pages has been via
programs running on the server
communicating with the client web
browser using the Common Gateway
Interface (CGI). The present trend is
towards a migration of these programs
from the server to the client, leading to
what is known as client-side processing.
Client-side processing for web browsers can make web pages more interactive, and improve the performance of a web site because some of the processing is carried out at the client's end. This movement of
the processing to the client can be
achieved by one of two main methods:
*
the use of Java, a byte compiled
language which utilises a virtual
machine within the browser;
*
the use of a text-based, interpreted
language that is downloaded to the
browser, embedded within the
HTML stream.
The second approach has all the benefits
associated with an interpreted language
(ease of development, easy to learn, etc.)
but also exhibits the disadvantages of such
a language (poor performance, lack of
flexibility/extensibility).
For the majority of web applications a
scripting approach is more than adequate,
allowing easy manipulation of graphical
components and validation of input.
If a “real” programming language is
required (e.g. for database processing) then
the web designer can resort to Java or CGI
scripts. Having made the decision that a
scripting language is adequate for our
requirements we are then left with two
main alternatives:
*
JavaScript from Netscape;
*
VBScript from Microsoft.
JavaScript actually only has a superficial
resemblance to Java; it has a similar C-like
syntax but otherwise the class-based nature
of Java is missing from JavaScript.
VBScript (Visual Basic Scripting Edition)
is based upon the Visual Basic
programming language common to
Microsoft operating environments. It
utilises an Object Linking and Embedding
(OLE) Automation server interface, which
has several advantages over the JavaScript
approach to scripting, mainly the
integration with Microsoft's desktop
environment through the ability to
download ActiveX controls. This enables
the web designer to embed existing
applications with a web page (e.g. a
spreadsheet application). The disadvantage
of this approach is that it tightly couples
the web pages to the underlying operating
system; an opposing philosophy to that of
Java. It also ties the developer to a
particular type of browser (Internet
Explorer – although “plug-ins” are
available for Netscape Navigator to
interface with VBScript code).
Learning VBScript, is a thorough introduction to the use of scripting languages in the development of web sites. In the tradition of O'Reilly texts, it is clearly written with many illustrative examples and is accompanied by the ubiquitous CD containing the code examples described within the text. The author is enthusiastic about his subject matter, which is clearly conveyed within the text – my major reservation with any text of this type, is that it is all to easy to fall into the “blinkered” approach to the language, effectively glossing over the
shortfalls of the language. I think this is
the case with Learning VBScript; there is
little discussion of the possible interaction
with Java and a belated discussion of the
problems in using VBScript outside of a
Microsoft-based environment. (It is
noticeable that Microsoft's own pages
associated with Internet Explorer 4 for
UNIX are, in the main, written using Java
and JavaScript rather than VBScript.)
Despite these reservations I can thoroughly
recommend this book to anyone who is
using Microsoft-based technology and has
a background in Visual Basic. The text
clearly shows how to develop applications
which control the behaviour of the browser
and generate HTML pages dynamically.
The discussion of the ActiveX Control Pad
is extremely clear; a tool which is essential
for the development of OLE/ActiveX
pages. This clearly shows the true power
of VBScript; the ability to use the OLE
services of the underlying operating
system.
The problem with any review of this type
is putting aside any natural prejudice to the
underlying language (in this case Visual
Basic). I think Learning VBScript
convinced me of the validity of this
approach to client-side scripting, and
illustrated many techniques which are not
clearly described in the vendors'
documentation; but I am still left
wondering whether it as suitable an
approach as Java/JavaScript for web
applications.
Keith Mannock is a lecturer in the Department of
Computer Science at Birkbeck College, University of
London.
(Reviewed by Andrew Cormack)
Mosaic, Netscape and Internet Explorer are
big web clients: this book is about little
clients. Small is often beautiful and a
dedicated program can do many things
which a fully interactive browser cannot.
The most familiar small clients are the
robots and spiders which index documents
on the web but even simpler programs can
perform useful tasks by retrieving pages
from web servers.
Clients must use the Hypertext Transfer Protocol (HTTP) to communicate with servers, so this protocol is the first topic in the book. One chapter illustrates the exchange of messages between browser and server in common situations: downloading a text document or graphic, following a hyperlink or filling in a form. The next builds on this gentle introduction, describing all the requests, headers and responses which client programs are likely to encounter. These are grouped by function from simple status headers to those involved in caching, authorisation and maintaining state (cookies). An appendix contains a complete list of all headers used by versions of HTTP up to
the current v1.1 (the draft on which the
book is based has since been adopted as
the official standard). The cookie headers,
which are not yet in the standard, are those
used by Netscape.
Once the protocol is understood, the next
stage is to write programs to use it. The
reader is assumed to be familiar with Perl
programming, and anyone who is not
comfortable with the object-oriented
features of version 5 should consult the
Camel book first. Network programming
is not assumed so there is a chapter on the
sockets interface which UNIX programs
can use to access a TCP/IP network. This
concentrates on the client side of the
interface and shows the development of a
complete client program; server routines
such
bind()
,
listen()
and
accept()
are only mentioned briefly.
It is possible to write web clients using the
sockets interface, but higher-level libraries
exist which make the process simpler. A
version of the same program using LWP
(the Library for Web programming in Perl)
is followed by a complete description of
the classes and functions provided by this
library. These are then used in three
examples of real client programs: to fetch
a web page and extract its hyperlinks; to
track the delivery of a parcel by Federal
Express; and to check a web site for
broken hyperlinks. This last example is a
recursive client, of a type which can place
an unacceptable load on a server, so is
accompanied by guidelines for good client
design and behaviour including a
description of the Robot Exclusion
Standard. Each program is well
documented and its operation clearly
explained. The final chapter extends the
small client further by adding a graphical
user interface using another high-level
library (Tk for Perl). The FedEx client
acquires a windows front-end while other
examples look up words on a dictionary
server and monitor the health of a
collection of web servers. These programs
show the possibilities of small clients but
some knowledge of GUI construction
would help inunderstanding how they
work.
It is a pleasure to read a book which has
identified a subject and covered it in full.
The author does not get sidetracked into
teaching programming, HTML, or Perl, but
provides a very clear description of HTTP
and its use.
By their nature small clients are specialised
so the book does not attempt to offer
programs to meet all applications. Instead
it provides an excellent source of ideas and
the information needed to put them into
practice.
Andrew Cormack works in Information Systems
Support at the University of Wales, Cardiff.
(Reviewed by Chris Cook)
The World Wide Web has grown somewhat in the last few years (understatement alert) and the business of the teeming millions of little people has finally attracted the attention of that pensive monster, Commerce. Now awakened, its constituent companies, large, small and fledgling, are determined to “improve” this phenomenon by transforming it from purely usable to
profitable (though not always both). Of
course, not only is Commerce stirring but,
immediately in its wake, follows the
criminal brotherhood. This book is an
attempt to inform the unwary of the
potential and actual problems existing on
the web at the moment. It aims to
concentrate on information not readily
available elsewhere. Again, because of the
pedigree of the authors, the resulting
collection of facts, anecdotes, and
predictions, whilst not always surprising,
certainly covers more ground than many
writers could manage.
The book is compartmentalised into a short
introduction, five main sections plus
appendices. The introduction briefly
covers the basics of security of computers
connected to the Internet. This is
important as the book points out – using
military-grade encryption to transmit data
between systems is valueless if the
receiving system is electronically, or
worse, physically insecure.
The section on User Safety covers the
known risks and weaknesses of specific
web browsers. Here, as throughout the
book, it would be impossible to be
exhaustive but predictably, Internet
Explorer and Netscape Navigator are given
much attention. They also devote several
chapters to the difficulties with securing
Java, JavaScript and Active-X. There are
lots of good real-world examples of how
the security models have been
compromised and some of the real howlers
that the big players really oughtn't to have
released. Nevertheless, the authors'
approach is not to simply ridicule and
throw rocks. They examine the strengths
and weaknesses in an informed and
impartial manner, although they do go as
far as to specifically name Netscape
plug-ins and Microsoft's Active-X as
potential methods to introduce Trojan
horses.
Two of the sections are dedicated to the
still emerging technologies that are
attempting to secure commercial
transactions on the web, Digital
Certificates and Cryptography. These
sections cover the reality of the topics,
such as digitally signed plug-ins that only
guarantee they were signed, not that they
are actually safe to run. Again, there are
fully documented examples of how to
obtain and use a certificate. It's important
that so much space has been reserved for
these topics. Many people in the field
know of their existence but fewer actually
understand how they work and why they
sometimes may not.
The section on cryptography details the history and current state of the main algorithms currently employed on the web. This includes a discussion of the issue of patents and export law, and how they have affected the development and roll-out of good encryption and certification. The authors are in no doubt that, amongst others, US export and patent laws have harmed the progress of this area of computer privacy and security. The section finishes with an introduction to SSL and TLS, protocols available for
securely transmitting data between web
clients and servers.
This leads nicely into the last two sections,
Web Server Security and ultimately,
Commerce and Society. Many pages are
given over to the security, primarily of
UNIX and NT machines, the principal
servers of the web. There are references to
the variety of tools available to the system
administrator in order to ease the task of
securing their system or, if needs be, detect
a possible security breach. Obviously, this
can only ever be an introduction and the
authors quite rightly plug their previous
book
Practical Unix & Internet Security
for further reading.
The final section covers the real world
security and privacy aspects that commerce
and the user are going to be interested in,
those of digital payments and content
certification, enabling parents and the like
to set some restrictions as to what may or
may not be browsed, even in mail
messages.
Various forms of digital payment are
described, with careful attention given to
the likely recourse, in the event of fraud by
either party, and anonymity, which is
important for some cyber-customers.
The appendices contain all the information
you might expect from such a book, such
as creating web server certificates, the SSL
protocol and how to install the freely
available SSLeay version.
The specification for the PICS content
certification standard is included, with the
final appendix listing references, resources
and further reading, although one glaring
omission was a source of Kerberos for
non-US users.
The most curious of all these was the
appendix that detailed Simson Garfinkel's
creation of the Martha's Vineyard Internet
service provider,Vineyard.NET. Initially it
was difficult to see precisely how the tale
related to the subject matter but gradually
it became clear that in order to make the
enterprise viable, Simson had to quickly
learn about many of the topics covered in
this book. He credits the inception of the
ISP with the creation of this book.
The anticipated audience is those who have
sufficient technical expertise to install and
maintain a networked computer. However,
they insist that it has been made readable
by anyone who has a working knowledge
of computers and the web, not just
“propeller-heads” and “geeks”. They
achieved this easily, as the book is
extremely readable and contains many
good examples of real accounts to illustrate
points. They employ persuasive arguments
and well thought out scenarios to
demonstrate potential security nightmares.
Nevertheless, the text is filled with
side-bars and footnotes to alert those who
haven't had their propeller fitted yet, to the
real meaning behind some of the inevitable
jargon. This is a must for anyone
considering setting up business in
cyberspace and a good read for all web
masters too.
Chris Cook is a System Administrator at Cardiff University. Of course, as he's also the Postmaster,
mail any one of the 60,000 addresses and he's bound
to read it sooner or later.
(Reviewed by Andrew Cormack)
This is a particularly varied issue of the
Web Journal, including standards, tutorials
and even politics. The overall quality is as
high as would be expected from the
impressive list of contributors. The articles
start from the premise that existing
technology allows a single message to be
signed and encrypted securely; the next
problem is to establish the identity of the
sender and recipient. In the real world,
different levels of proof are required,
depending on the action which is being
requested (for example, the value of a
financial transaction), but traditional
models of computer networks seldom
include this level of discrimination. This
is the subject of Trust Management, which
is well introduced in a paper by Khare and
Rifkin. Trust can only be established
through the exchange of signed statements
(such as a bank card); passing these
statements across the network is the
subject of the Digital Signature initiative
and its proposed DSig standard. DSig
messages are based on PICS (Platform for
Internet Content Selection), so readers
should be familiar with that standard (in
Volume 1, Issue 4 of the journal) before
moving on to the two DSig papers. There
are concrete examples of how DSig might
be used in a paper on REFEREE, a trust
management program with a truly awful
acronym, but more guidance will be
needed before individual users can make
well-informed decisions.
Readers overwhelmed by cryptography
acronyms should turn to the paper by
Garfinkel and Spafford which translates
most of them. This is a summary of two
chapters in their book
Web Security and
Commerce
; unfortunately during the
transfer, Figure 2 has lost its title – it
actually shows a brute-force attack and not
a message digest function. A second
excerpt from the same book covers CGI
programs, one of the main sources of
insecurity on the web. The guidelines
given should be familiar to everyone
writing scripts for their web server, but
apparently are not. The original book lists
a selection of relevant web sites, but
unfortunately these are not included in this
Journal.
The name of a computer should provide some evidence of its identity, but the original Domain Name Service (DNS) is easily fooled. Some improvements in recent versions of the software are described in two papers by Liu and Gilbert. The former, extracted from DNS and BIND , explains the checks which can now be performed within a server to detect information which is inconsistent; the latter
shows how a future secure DNS will use
cryptographic signatures to protect the
exchange of information between servers.
Cryptography may already be used to sign
and encrypt web traffic using SSL (also
known as TLS) which is the subject of a
tutorial by Hirsch. This explains how to
use the public domain package SSLeay to
generate and exchange certificates between
an Apache server and Netscape browser.
Microsoft's Internet Explorer also supports
SSL, but the author was unable to get this
to work.
Talk of certificates and encryption keys
soon turns to the thorny subject of key
escrow. Many governments would like to
ban all encrypted traffic unless they have
the ability to decrypt it, and have proposed
various systems for keys to be lodged with
trusted third-parties. In emergencies, with
the appropriate authority, keys could be
disclosed rapidly and secretly by the third
party. However, any encryption key can
also be used to forge digital signatures and
building a system with sufficient
safeguards to hold these keys is likely to
be hugely complex and expensive. A
galaxy of encryption experts argue that
such a large system would inevitably have
fatal flaws, and in any case would not
meet the requirements of the companies
which are likely to have to fund it. These
are far more interested in recovering
information from encrypted disk files,
perhaps left by a departing employee, than
secretly listening to encrypted network
traffic.
In his reply to this article, Clint Smith
argues that the needs of industry and
government are in fact similar, and that it
is possible to build a key escrow system
with “an acceptable level of security”.
However, he seems to be only concerned
with encryption keys, not with signatures.
If digital signatures are ever to be accepted
as legally binding (as written signatures
are), it is essential that their authenticity be
unchallengeable.
This is an excellent issue of the Web
Journal, which should be read (on paper or
soon on the web at
www.w3j.com
) and
discussed by anyone interested in the
future of electronic communication. The
issues it raises are much too important to
be left to politicians.
Andrew Cormack works in Information Systems
Support at the University of Wales, Cardiff.
(Reviewed by Phil Docking)
The preface to this book starts very well,
explaining the intended readership (anyone
who works with Windows in one form or
another) and pointing out that the job of an
operating system, in this modern age,
should be to augment the user rather than
to constrain the user into a particular way
of doing things. The reader is immediately
given some pointers to a dedicated
web-site for updates and information on
specific parts of the book.
The format of the book is also explained
well. It's not a book that's meant to be
read linearly, but rather “dipped into” to
solve specific problems. This process is
aided by a pretty comprehensive and well
thought-out index at the end of the book.
Linear readers should note that there's
sometimes a strange sense of déjà vu when
reading sections which have obviously
been cut and pasted from earlier sections.
The main part of the book itself is based
on a set of web pages (at
http://www.annoyances.org
), so if
you are already able to browse this site,
there's very little point in owning the book,
unless you want a handy package for
reading on your journey to or from work.
However, the web-site and book structures
do differ significantly enough to show that
the book was not just printed from a browser
and glued together.
One of the main problems with the transfer
from Web-page content to a book is that the
book format makes referencing other
sections a little harder than on the
web-pages. The in-text references now
point to vague sections of the book rather
than specific paragraphs, which is annoying
in what is basically a reference book. What
we really need is a set of symbols that say,
“now go to paragraph (Chapter.Paragraph)”,
rather more like a web-page type reference.
Chapter one starts by pointing the reader to
the Glossary, where terms are described for
new users of Windows. The history of
Windows is then described without being
over-indulgent in any particular version,
which gives a good context for the reader
using Windows 95/NT. A short discussion
of the differences between 95 and NT
follows, and then the expected future
directions of the Windows operating system
is outlined.
The important proviso, that the book is
intended for users with the original shipping
version of 95/NT, appears at the end of
chapter one, when it really ought to be in the
preface – most people with new computers
will have bought it with 95/NT pre-installed,
and for Windows 95, this will probably be
the OEM (OSR2) version, which differs
significantly in some areas relevant to this
book.
Chapter two tells the user how to customise various parts of the user interface, starting with explorer mouse activity and continuing with an explanation of how to remove such things as the start-up and shutdown bitmaps, and how to put Windows' virtual folders into the start menu (this is where the proviso in chapter one starts to tell, as some things just won't work on all systems). The chapter ends with an explanation of how to get rid
of the explorer as the system shell
altogether, and how to install Windows
several times to enable users to use different
language versions.
Many interesting points arise here in
relating the quirks of the Explorer, such as
the differences between dragging and
dropping within a drive or between a drive,
which the author puts down to poor design.
Chapter three is a pivotal chapter in the
book, where Windows 95 Registry structure
and the methods of editing it are explained
in good detail. The “for-the-web” design
problems show through most markedly here,
where references are given but are pointless
without a page number. Otherwise what is
shown in this chapter is a good overview of
shell settings in the registry and how to
customise them.
Chapter four covers more advanced
customisations which can be made in the
registry, with sections on how to change
icons for folders and changing Windows
stock text, including changing the “Start
Menu” text from “Start” to something else
using a hex editor. The latter part of the
chapter deals with systems administration
shortcuts, such as changing printer timeouts
and transferring windows 95 to another hard
disk.
Chapter five is really slightly out of place in
a book about Windows annoyances, since
it's actually a discussion of how to improve
the speed and efficiency of just about
everything, from the way you work with
Windows, to upgrading your computer;
unless you allow that a lack of speed is one
of the annoyances about Windows. The
author starts with the ergonomics of a good
working position and goes on to changing
and removing drivers, through replacing
parts of the computer and finally onto
keyboard short-cuts, just to make your
working life easier.
Chapter six is a relatively thorough
discussion of how to fix both software and
hardware if it doesn't work. This is a nicely
methodical treatment of what to do if
software fails, and how to fix resource
conflicts. How to recover lost data, and how
to make sure you don't lose data is covered,
with good emphasis on preventive
maintenance, rather than post-disaster
recovery. A good section on “Getting things
to work” covers hardware devices that can
be plugged into the computer. A section on
software configuration, and why
CONFIG.SYS and AUTOEXEC.BAT files
are still lying around, deals with loading
drivers for DOS applications: which brings
us back to annoyances again, in the form of
how to boot directly into DOS and how to
configure boot menus.
Chapter seven is about networking the
computer. It deals with the simplest
scenario of a dual computer single co-axial
network, and covers setting up the network
in hardware and software terms, and how to
configure Windows for basic network
operation. The second section, on dial-up
networking, deals with setting up dial-up
networking; what drivers to install, and how
to configure it for first use. The author even
deals with methods for selecting an ISP,
which is a useful addition. Finally, the
author goes back to the annoyances of
dial-up networking and how to solve them.
There are four appendices to this book.
Appendix A is a “Frequently asked
questions” section, revised and re-organised
from the FAQ on the
www.annoyances.org
web-site, which
has, unfortunately, not been fully
proof-read. However, it still provides a
good basis for dealing with problems which
may arise from Windows 95 or NT,
particularly if you don't have access to the
web-site. Appendix B is a crash course in
DOS prompt utilities, which is a useful
addition for new users who may have only
used GUI type front-ends before. Appendix
C is a glossary – something which ought to
be in any book on such a complex topic –
my congratulations go to the author for
including it! Appendix D is a guide to what
can be found in the MSDOS.SYS file –
another useful addition for people who want
to try things out for themselves.
In summary, this is a useful and
well-organised book, with a good attempt to
provide adequate information for new users.
Sadly, because the book deals largely with
the “original” Windows 95 build, some of
the Windows 95 “annoyance-fixes” will not
work, due to the widespread take-up of
Windows 95 (OSR2) version sold with new
machines. There are some inconsistencies
in places within the book, sometimes even
on the same page, where the author states
that you should get the latest drivers for
everything, and then says that you shouldn't
fix things that aren't broken, even to the
extent of saying that the “latest drivers”
might highlight incompatibilities if installed.
There are many, almost subliminal,
references to the shareware product “Route1
Pro”, throughout the book. Whether the
author has anything to do with the software
is not entirely clear, although the proximity
of the book to the software on the “creative
element” web-site is too close for comfort.
As the majority of the content of the book
is available on the web, there seems little
point in buying the book, unless you prefer
reading hard-copy. If you do buy the
book, I can recommend it, even if all you
want to do is admire its well-designed
structure.
Phil Docking is in Computer Science at Birkbeck
College, University of London.
![[Forward]](/images/forward.gif)
|
Tel: 01763 273 475 Fax: 01763 273 255 Web: Webmaster Queries: Ask Here |
Join UKUUG Today! |
UKUUG Secretariat PO BOX 37 Buntingford Herts SG9 9UQ |