PrevTOCNext

Reviews


Word 2000 in a Nutshell, 2nd Edition

Walter Glenn
O'Reilly & Associates, Inc., August 2000
507 pages , $29.95
ISBN 1-56592-489-4

( Reviewed by Mike Daw)

Subtitled "A Power User's Quick Reference", this book has obviously decided that flattery is the way to win readers. Dummies not welcome here, only Power Users. Yes, I like that. Very macho. The flattery stops with a picture of a macaw on the front (or some such tropical bird). Rather disappointingly, there is no explanation in the book for why this animal represents us Power Users. At least we didn't get the chimp that is on the cover of Managing the Windows NT Registry.

However, this seems to be about the only thing that's not in this book. Possibly everything you'd want to know about Word 2000 is spelled out here in great (if often laborious) detail. For example, did you know that the menu item File/Print Preview shows, '...a document as it would look if you printed it'? Well, you do now, because part 2 of the book covers every menu item available in Word 2000. Unfortunately, structuring a large portion of the book in this manner is no better (and in some ways, a lot worse) than hitting the F1 button whilst using the software. It also means that it's difficult to use the book to answer 'How do I do...?' questions. Each time I asked a question like this of the book, it failed me. (For example, the question 'How do I insert a tab within a table?' isn't answered, but Clippit, annoying though he is, had no trouble.)

Whilst some of the book is simplistic, the first and last sections go to the other extreme. In the first part, Walter Glenn takes us 'under the hood' of Word. I'm not sure that reading this section has helped me use the software, but maybe I'm one of the users he chastises for thinking they know it all. Maybe I don't know it all, but I don't think that reading about Word's different document layers is helpful either. My text boxes and pictures still obstinately refuse to go where I put them despite this newfound knowledge.

The subject of the last section, which is about writing macros and working with VBA, are probably more worthy of a separate book in themselves rather than the rushed treatment they get here. Perhaps the author could have left out some of the more banal menu items in the second section and given this area a little more attention.

I am uncertain how this book might best be used, or by whom. Whilst I use Word extensively for my job, it's role is not central enough to spend the days customizing it which this book demands. Yes, some of the tips are pretty good, but not good enough to justify buying it. If your job involves creating templates for large numbers of other people, or training other people to use Word, then maybe this is the book for you. However, I suspect that for these people there are more suitable alternatives. Perhaps if I was a dummy...

Mike Daw works for Logica, but probably has better things to do with his time.


ASP in a Nutshell, 2nd Edition

A. Keyton Weissinger
O'Reilly & Associates, Inc., July 2000
492 pages , $29.95
ISBN 1-56592-843-1

( Reviewed by Andrew Dytham)

I sort of grew up with Unix. I have recently worked on the development of the server side of an Internet Banking product and created a simple golf club website. I have yet to dabble in server side applications.

The Book

The aim of the book is to provide a useful reference material for web application developers. A basic level of understanding of web technology is required but anyone with a decent grounding in simple HTML and Windows should find little not immediately intelligible. It focuses on how features are used in a real application and highlights little-known or undocumented features. The writing style is clear and concise. Abbreviations, acronyms and new terms are explained on first use. The index is fair and of a good size, and the cross referencing is adequate. There is no table of figures but there are few figures in the book. Similarly there is no list of tables of which there are many throughout the book.

After reading the whole book I would recommend that section one is read by those new to server side development or wanting a refresher. It introduces you to the concepts of server-side coding with simple examples, also available in a zip file from the O'Reilly website. The reference sections two and three, some eighty percent of the book, cover in depth the ASP Object model and Installable Components. In these sections it is virtually impossible to open the book without being presented with some sample code developed by the author. Finally the appendixes briefly embraces items of secondary interest; converting from CGI, alternate platforms and configuring ASP in Internet Information Server (IIS).

Section two details the intrinsic objects that make up the object model; ASP is realised as a DLL (ASP.DLL) in the IIS. This book also includes an overview of the interaction between the latest release of IIS 5.0 and ASP 3.0. The examples shown throughout the book are illustrated using VBScript (as the scripting language employed along side the ASP code). Other aspects of Web Technology get covered along the way, including: cookies, digital certificates, EMCA Scripting, forms, Platform for Internet Content Selection (PICS) and Type Libraries. An excellent characteristic of the book's style is the explanation given of what happens if you don't get things correct. This gives you confidence the author has tried things for real and maybe learnt some things the hard way so you don't have to. Each object is detailed with comments/troubleshooting, properties, collections, methods, and events.

Section three moves onto the Installable Components that come with IIS 4.0 and its structure follows that of section two. Firstly it covers Active X Data Objects (ADO) with numerous examples so that creating an ADO enabled application that interfaces to a server side data source is made a fairly painless task. It then moves onto the component that supports website adverts, 'AdRotator'. Some of these components require books in their own right so only an overview is given and examples of the most immediately useful features. It also covers Browser Capabilities, Collaboration Data Objects, Content Linking, Content Rotator, Counters, File Access, Logging Utility, MyInfo, Page Counter, Permissions Checker and Tools components.

The appendixes give brief guidance on converting from CGI to ASP, alternate platforms for ASP, and how to configure ASP on IIS.

Like others in the 'In a Nutshell' series this book offers the facts, critical background information, in a straight forward manner that users will find useful. It is a detailed reference that enables even experienced web developers to advance their ASP skills. Alternately any novice web developer should gain the necessary knowledge and understanding to produce a technically sound site and to move from client to server side development. I am now off to add some real dynamism to my own site!


Securing Windows NT/2000 Servers for the Internet

Stefan Norberg
O'Reilly & Associates Inc., January 2001
200 pages , £20
ISBN 1-56592-768-0

( Reviewed by Richard Ibbotson)

Chapter List

  1. Windows NT/2000 Security
  2. Building a Windows NT Bastion Host
  3. Setting up Secure Remote Administration
  4. Backing up and Restoring Your Bastion Host
  5. Auditing and Monitoring Your Perimeter Network
  6. Maintaining Your Perimeter Network

Appendices

  1. Well known ports used by Windows NT/2000
  2. Security related knowledge base articles
  3. Build instructions for Open SSH on Cygwin

Network security and security of untrusted networks is something that all computer users should know about. The latest addition to the O'Reilly stable sets out to point this out and even tries to make the Microsoft products appear to be secure.

The first chapter goes on about Windows NT/2000 security. It even manages to explain in a few words that there may be a problem with connecting a computer to an untrusted network. This is often referred to as the internet. Some of the introductory stuff is quite good but it's a little bit brief for my tastes. Nice diagrams and it's easy to understand.

Chapter two goes into building a windows NT bastion host. Do people really do that kind of thing ? The third paragraph starts with "First, remember that a chain is only as strong as its weakest link". Some simple examples are given that show how to install some Microsoft software. It's at this point that the idea of a security policy is first mentioned in the shape of setting privileges and rights. The next chapter goes into building a Windows 2000 bastion host. There's an introduction to the differences between the systems. The fact that both of them blue screen a lot isn't mentioned. Something of a novelty in this book is that the disabling of Net BIOS is actually mentioned. Bit unusual for an MS Windows publication. IPsec is shown next and the chapter finishes with some easy to understand GUIs that mislead the operator into thinking that they are using a quality product.

Setting up secure remote administration is the stuff of chapter four. Even some introductory ideas about SSH are shown. Restoring your bastion host is shown at chapter five. This is important for MS Windows machines if they are plugged into the internet. They fall over every few hours because yet another script kiddie is having another happy hour inside your computer. Tripwire is mentioned at chapter six. The final chapter gives a brief mention of maintaining your perimeter network.

This is without a doubt one of the most incredibly and screamingly funny books that I have read for a long time. Certain parts of the book almost had me falling off the chair that I was sitting in.

What really worried me about this rather nice looking book is that someone would be allowed to publish a book that suggested that a Microsoft product could be put anywhere near the internet. Come off it Mr Gates who are you trying to fool mate ? A couple of friends of mine who are Phds in computing science have thoroughly tested the firewalls that are available with NT4 and Win 2000. Both of them agreed that a Microsoft product couldn't be used for security purposes. One of them said "the windows firewalls that I've tested are as much use as a chocolate teapot". Another thing that worried me was that the covers were a sort of nice coffee table sort of design instead of the traditional Microsoft blue colour that so many of us are used to. And, where are the error messages and the warning about the fact that using Unix may result in the loss of your job? Something else that I would like to ask at this point is where are the other 500 pages that show the real problems that are to do with network security?


Understanding the Linux Kernel

Daniel P. Bovet and Marco Cesati
O'Reilly & Associates, Inc., October 2000
702 pages , $39.95
ISBN 0-596-00002-2

( Reviewed by Richard Ibbotson)

This book contains 19 chapters and three appendices in 627 pages. Here are the contents.

  1. Introduction
  2. Memory Addressing
  3. Processes
  4. Interrupts and Exceptions
  5. Timing Measurements
  6. Memory Management
  7. Process Address Space
  8. System Calls
  9. Signals
  10. Process Scheduling
  11. Kernel Synchonisation
  12. The Virtual Filesystem
  13. Managing I/O Devices
  14. Disk Caches
  15. Accessing Regular Files
  16. Swapping: Methods for Freeing Memory
  17. The EXT2 Filesystem
  18. Process Communication
  19. Program Execution
  1. System Startup
  2. Modules
  3. Source Code Structure, BibliographySource Code Index

Synopsis

Kernel code is only understandable to those people who know what to do with it. Most of us - like myself - haven't a clue what it means. Understanding the Linux Kernel gives a useful introduction to the 2.2 kernel and signposts us towards the newly released 2.4 kernel.

Review

If you have reached the point where you have learned a few simple ideas about programming in Linux and you would like to know more about kernels then this book is probably for you. Each chapter finishes with a section which is called "Anticipating Linux 2.4". So, it's not much use for 2.4 kernels but if you do want to know more you could start with this and build up to the new kernel as you go along. There are some very helpful features throughout the book which you may not find elsewhere. Of course, there are several other books on this subject which may be of more use for the kind of thing you are doing just now?

On the front cover it says "From I/O ports to process management". The introduction starts by giving you a Linux v Other UNIX-like kernels argument. Useful for those of us who only know Linux or MS Windows. After the first thirty-odd pages chapter two goes into memory addressing and paging. At chapter three the main onslaught into eternity begins when processes are introduced. Chapter four goes into interrupts and exceptions and Chapter five goes into timing measurement. Memory management at chapter six looks like the kind of completely innocent thing that you might not need to know about. In fact memory management keeps more than a few Linux programmers tied up in argument with each other for years on end. So it's much more important than you might think.

Process address space is all about the ins and outs of ins and outs. System calls starts out with POSIX APIs and System Calls. It's a short section. You might need to read more from somewhere else ? Chapter nine is also a very short chapter which goes on about signals. The rest of the chapters provided not too many surprises except for chapter 17 which explains EXT2. This is pretty much out of date now since EXT3 and Reiser FS are quickly replacing the old standards. As always the various appendices provide invaluable help with things that aren't normally found anywhere else. O'Reilly like to explain that they like to breathe new life into dry old subjects. They certainly do try to do that with their books.


Broadcast 2000 for Linux

(A non-linear editing system)

( Reviewed by Andrew Lack)

Camera! Lights! Linux!

Having been a committed Sun user for the past 12 years, the advent of Linux and its ability to run on "commodity hardware" has opened up new opportunities that either didn't exist on the Sun platform, or were simply far too expensive.

One excellent example of this is video. Ever wanted to create your own Epic or just tidy-up those holiday videos? Well now you can, and what's more you can do all on Linux.

All you need is a TV card for your PC (a cheap Hauppage WinTV card costs just £35.00), a copy of Broadcast 2000 obtainable from http://heroinewarrior.com/index.php3 and away you go!

Linux and Video

Linux has supported video cards for sometime now. There are several TV viewers around, like kwintv, which allow you to watch TV channels in a small window on your desktop, or in full-screen mode. Sound is also available if your PC has a Linux supported sound card.

Broadcast 2000 takes this a stage further by turning your Linux/PC into a digital video recorder, complete with a scriptable command interface for unattended recording of TV programs.

Broadcast 2000

I found Broadcast 2000 about a year ago while searching for an audio editor for Linux. When I first visited the website I frankly couldn't believe the claims made for the package, and dismissed it. After downloading and trying about four other editors which either wouldn't compile or usefully tried loading an entire 300MB WAV file into memory for editing (a neat trick to try on a notebook with only 64MB of RAM), I went back to Broadcast 2000 and took another look. Amazing! A 300MB WAV file loaded in seconds, played perfectly and I could record, cut, paste, fade and save without a single crash.

At the time I wasn't interested in video work, but about 2 months ago I fitted the WinTV card and started experimenting with Broadcast 2000's video features. With it you can create movies by assembling them from bits of previously recorded material. You can choose to encode the final video into low bitrate MPEG-2 streams for storage on CD or for downloading from the Internet.

Broadcast 2000 is written by Adam Williams. Considering the complexity and the stability he's obtained, it's a great credit to him. Broadcast 2000 is licensed under the GPL.

If I'm allowed one criticism, it's that the documentation is terse and leaves me asking so many follow-up questions. I've created the web page http://www.staff.city.ac.uk/afl/bcast.html to explain how I'm using the package in the hope other beginners may find it helpful.

It's all about Power

Whereas recording and editing audio is a fairly low-powered activity, recording video is just the opposite. You'll need a really big PC to do this well. Broadcast 2000 is multi-threaded and so multiple processors are a real benefit.

I have a 550MHz AMD K6-2 with 128MB of RAM. With this I can capture video at a maximum of 300x225 pixels at 24 frames per second (fps). PAL TV runs at 25 fps, but my PC is just not capable of that. You should also use the new 2.4 kernel as this has significant performance benefits. [I'm using Caldera's Linux Technology Preview which has a pre-release 2.4 kernel.]

The files produced by the recording process are huge. Depending on the format used to save the video data, you could end up with 200MB per minute. I use JPEG with 45% compression which yields files of about 16MB per minute.

Edit, Render, Encode, View

Having captured some video clips with Broadcast 2000, these are loaded for editing. Each separate file which forms part of project is called an asset. The video track of an asset shows tiny thumbnails of the frames and the sound track is displayed as a wave-form. Multiple assets can be loaded into a project and accurately positioned along the time-line. By using "fade autos" you can dissolve the picture and sound between one asset and another. Numerous other effects are also possible via a large selection of plugins which can be attached to the video and audio streams. Edits never touch the source data which remains intact. Instead your edit decisions are saved in an edit decision list (edl) file. It also means that editing is fast and completely undoable.

Once the assets are arranged correctly, the whole movie is rendered out to a new file. Broadcast 2000 is a non-linear editor, meaning that the original data is kept on disc and is copied directly from the source files, so that the quality of your video data is preserved. Broadcast's native video file format is Quicktime.

If you want to encode the Quicktime output file into MPEG-1 or 2 (the Windows98 media player can only handle MPEG-1) you'll need to download Adam Williams's MPEG2 tools. But be warned, encoding is very very slow. Like with Broadcast 2000, these tools are multi-threaded and will take advantage if run on multi-processor boxes. The final Quicktime movie can be played back directly using a Windows Quicktime player. Under Linux you should install Adam Williams's XMovie player, available from his Home Page. XMovie can also handle MPEG-1 and MPEG-2 video streams, including non-standard low frame rates, so you say goodbye to MPEG TV's shareware package.


Windows System Policy Editor

Stacey Anderson-Redick
O'Reilly & Associates, Inc., June 2000
446 pages , £34.95
ISBN 1-56592-649-8

( Reviewed by Joel Smith)

System policies are one of those subjects I feel I ought to know more about. The holy grail of being able to restrict users sufficiently to prevent them from customising their machines out of existence, whilst still allowing them to do the things they need to do is a tempting prospect. But it has always been one of those tasks I have put off until more pressing matters have been resolved. As the book mentions in chapter 1, "System policies provide a powerful, though infrequently used tool."

Stacey Anderson-Redick starts off with a discussion of the hidden cost of computers, covering the total cost of ownership (TCO), and how this is increased by the changes users introduce to "customise" their workstations. She then discusses user profiles and policies and how they relate to each other.

Chapters 3 and 4 cover preparation and planning, and building the policy file, which are the more useful parts of the book. They represent a basic run through of the process of building a basic system policy.

The next two chapters covers why system policies do not work as they should (why doesn't this surprise me with a Microsoft product?), and how the different Microsoft products can ignore or conflict with parts of the policies.

Chapters 7 covers standalone Win9x boxes, while Chapter 8 deals with building custom templates to control changes to any part of the registry. This adds a lot of flexibility, as it allows control over any program which makes changes to the registry.

The rest of the book is not only an exhaustive list of the policies available in the 47 most common templates, but also a listing of their respective registry keys and value names. All I can ask is why? Two thirds of the book is filled with information which is highly detailed, presumably quite likely to date quickly, and which would be far better served from a web page.

In fact, this is my biggest criticism of this book. It does not live up to the O'Reilly standard - it is not particularly readable, and goes into far too much depth about particular registry keys, even in the supposedly introductory chapters. The book drowns in detail which is of little immediate benefit, but which is not easily located when you come to need that particular nugget of information.

Stacey has a webpage devoted to the System Policy Editor http://www.elkantler.net/security/security.htm (the link in the book is wrong). This seems to cover much of the useful information in the book, but I find easier to digest. It does not cover NT or W2k systems in any detail, but then the book is heavily biased towards Win9x workstations, and does not cover Win2k systems at all. The webpage also does not have the mammoth Chapter 9, with details of all the registry values for the templates, but it does have the templates themselves. It suggests that you buy the book to get this information.

I would not recommend buying the book unless you know that you need it. Rather, check out the website. If you find that you really do need something from the book, buy it then. I am sure the website will let you know when you need it. Sites with public access machines, such as university labs, would find this book the most use. Sites implementing W2k should steer clear of it altogether.

Joel Smith is the Internal Systems Manager for First Software UK Ltd.


PrevTOCNext