Linux Security Cookbook

Linux Security Cookbook

4.5 2
by Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes
     
 

View All Available Formats & Editions

Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you

Overview

Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes—short, focused pieces of code that administrators can use to improve security and perform common tasks securely.The Linux Security Cookbook includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure.Some of the "recipes" you'll find in this book are:

  • Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more
  • Monitoring your network with tcpdump, dsniff, netstat, and other tools
  • Protecting network connections with Secure Shell (SSH) and stunnel
  • Safeguarding email sessions with Secure Sockets Layer (SSL)
  • Encrypting files and email messages with GnuPG
  • Probing your own security with password crackers, nmap, and handy scripts
This cookbook's proven techniques are derived from hard-won experience. Whether you're responsible for security on a home Linux system or for a large corporation, or somewhere in between, you'll find valuable, to-the-point, practical recipes for dealing with everyday security issues. This book is a system saver.

Product Details

ISBN-13:
9780596003913
Publisher:
O'Reilly Media, Incorporated
Publication date:
06/09/2003
Edition description:
New Edition
Pages:
336
Product dimensions:
7.12(w) x 9.14(h) x 0.89(d)

Meet the Author

Dan Barrett has been immersed in Internet technology since 1985. Currently working as a software engineer, Dan has also been a heavy metal singer, Unix system administrator, university lecturer, web designer, and humorist. He has written several O'Reilly books, as well as monthly columns for Compute! and Keyboard Magazine. Dan and his family reside in Boston.

Richard E. Silverman has a B.A. in computer science and an M.A. in pure mathematics. Richard has worked in the fields of networking, formal methods in software development, public-key infrastructure, routing security, and Unix systems administration. He is the co-author of SSH, The Secure Shell: The Definitive Guide.

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >

Linux Security Cookbook 4.5 out of 5 based on 0 ratings. 2 reviews.
Guest More than 1 year ago
The Linux Security Cookbook is a good hands-on guide to the major aspects of securing your Linux box. This book offers many quick reference guides to pieces of software for securing or testing your system and goes through many different means of fortifying your box including: -controlling system access with firewalls -monitoring your network -using SSH and SSL -intrusion detection systems -authentication and cryptographic keys -encrypting files and email messages -system security probing The recipes in this book allows administrators to learn quick and easy ways to secure their systems including over 150 ready-to-use scripts and configuration files without having to look up or research specific syntax. This book is definitely a quick hands-on guide to securing and monitoring your system and would recommend it to anyone looking for a good source of guides and ready-to-use scripts and configurations.
Guest More than 1 year ago
Given the increasing frequency of attacks against computers, by virus writers, spammers and others, any sysadmin needs to pay careful attention to securing your system. All the more so if the computer acts as a server, rather than just a desktop leaf on a network. On the server side, you often have unix or linux systems. This recent book by OReilly is hence timely. Concise, with a good contents and index. The authors write clearly, in what may be considered a 'standard' cookbook style. Each problem is summarised, and a brief but entirely adequate how-to answer is then given. It is part of this style that they do not go into the theory of public/private key encryption, for example. But they readily provide references to fuller discussions on many topics. Checking the index for comprehensiveness revealed one curious omission. There is no entry for 'virus'. While it seems like a glaring oversight, I think the authors are correct in doing so. Antivirus software exists, and you would merely have to run it against a set of files. And this software is not usually part of an operating system. Also, most viruses are written for Microsoft desktops. Thus far, linux viruses are actually pretty rare. The title says 'Linux'. Actually, if you are running any major unix (Solaris, HPUX...), don't take that title too literally. The problems you face will often be the same as those described here. The solutions will often likewise be the same. Most unixes now have many utilities in common with each other and linux. You may be able to map an answer given here to a similar approach on your machine.