Network Security Hacks: Tips and Tools for Protecting Your Privacy (Hacks Series)


In the fast-moving world of computers, things are always changing. Since the first edition of this strong-selling book appeared two years ago, network security techniques and tools have evolved rapidly to meet new and more sophisticated threats that pop up with alarming regularity. The second edition offers both new and thoroughly updated hacks for Linux, Windows, OpenBSD, and Mac OS X servers that not only enable readers to secure TCP/IP-based services, but helps them implement...

See more details below
Paperback (Second Edition)
$27.88 price
(Save 30%)$39.99 List Price

Pick Up In Store

Reserve and pick up in 60 minutes at your local store

Other sellers (Paperback)
  • All (13) from $1.99   
  • New (8) from $21.46   
  • Used (5) from $1.99   
Network Security Hacks

Available on NOOK devices and apps  
  • NOOK Devices
  • NOOK HD/HD+ Tablet
  • NOOK
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK Study
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$17.99 price
(Save 43%)$31.99 List Price


In the fast-moving world of computers, things are always changing. Since the first edition of this strong-selling book appeared two years ago, network security techniques and tools have evolved rapidly to meet new and more sophisticated threats that pop up with alarming regularity. The second edition offers both new and thoroughly updated hacks for Linux, Windows, OpenBSD, and Mac OS X servers that not only enable readers to secure TCP/IP-based services, but helps them implement a good deal of clever host-based security techniques as well.

This second edition of Network Security Hacks offers 125 concise and practical hacks, including more information for Windows administrators, hacks for wireless networking (such as setting up a captive portal and securing against rogue hotspots), and techniques to ensure privacy and anonymity, including ways to evade network traffic analysis, encrypt email and files, and protect against phishing attacks. System administrators looking for reliable answers will also find concise examples of applied encryption, intrusion detection, logging, trending and incident response.

In fact, this "roll up your sleeves and get busy" security book features updated tips, tricks & techniques across the board to ensure that it provides the most current information for all of the major server software packages. These hacks are quick, clever, and devilishly effective.

This edition offers both new and thoroughly updated hacks for Linux, Windows, OpenBSD, and Mac OS X servers that not only enable readers to secure TCP/IP-based services, but helps them implement a good deal of clever host-based security techniques as well.

Read More Show Less

Product Details

  • ISBN-13: 9780596527631
  • Publisher: O'Reilly Media, Incorporated
  • Publication date: 11/28/2006
  • Series: Hacks Series
  • Edition description: Second Edition
  • Edition number: 2
  • Pages: 480
  • Sales rank: 1,449,058
  • Product dimensions: 6.03 (w) x 9.02 (h) x 1.07 (d)

Meet the Author

Andrew Lockhart is originally from South Carolina, but currently resides in northern Colorado where he spends his time trying to learn the black art of auditing disassembled binaries and trying to keep from freezing to death. He holds a BS in computer science from Colorado State University and has done security consulting for small businesses in the area. He currently works at a Fortune 100 company when not writing. In his free time he works on Snort-Wireless, a project intended to add wireless intrusion detection popular OpenSource IDS Snort.

Read More Show Less

Table of Contents

About the Author;
Why Network Security Hacks?;
How This Book Is Organized;
Conventions Used in This Book;
Safari Enabled;
Using Code Examples;
How to Contact Us;
Got a Hack?;
Chapter 1: Unix Host Security;
1 Secure Mount Points;
2 Scan for SUID and SGID Programs;
3 Scan for World- and Group-Writable Directories;
4 Create Flexible Permissions Hierarchies with POSIX ACLs;
5 Protect Your Logs from Tampering;
6 Delegate Administrative Roles;
7 Automate Cryptographic Signature Verification;
8 Check for Listening Services;
9 Prevent Services from Binding to an Interface;
10 Restrict Services with Sandboxed Environments;
11 Use proftpd with a MySQL Authentication Source;
12 Prevent Stack-Smashing Attacks;
13 Lock Down Your Kernel with grsecurity;
14 Restrict Applications with grsecurity;
15 Restrict System Calls with systrace;
16 Create systrace Policies Automatically;
17 Control Login Access with PAM;
18 Restrict Users to SCP and SFTP;
19 Use Single-Use Passwords for Authentication;
20 Restrict Shell Environments;
21 Enforce User and Group Resource Limits;
22 Automate System Updates;
Chapter 2: Windows Host Security;
23 Check Servers for Applied Patches;
24 Use Group Policy to Configure Automatic Updates;
25 List Open Files and Their Owning Processes;
26 List Running Services and Open Ports;
27 Enable Auditing;
28 Enumerate Automatically Executed Programs;
29 Secure Your Event Logs;
30 Change Your Maximum Log File Sizes;
31 Back Up and Clear the Event Logs;
32 Disable Default Shares;
33 Encrypt Your Temp Folder;
34 Back Up EFS;
35 Clear the Paging File at Shutdown;
36 Check for Passwords That Never Expire;
Chapter 3: Privacy and Anonymity;
37 Evade Traffic Analysis;
38 Tunnel SSH Through Tor;
39 Encrypt Your Files Seamlessly;
40 Guard Against Phishing;
41 Use the Web with Fewer Passwords;
42 Encrypt Your Email with Thunderbird;
43 Encrypt Your Email in Mac OS X;
Chapter 4: Firewalling;
44 Firewall with Netfilter;
45 Firewall with OpenBSD’s PacketFilter;
46 Protect Your Computer with the Windows Firewall;
47 Close Down Open Ports and Block Protocols;
48 Replace the Windows Firewall;
49 Create an Authenticated Gateway;
50 Keep Your Network Self-Contained;
51 Test Your Firewall;
52 MAC Filter with Netfilter;
53 Block Tor;
Chapter 5: Encrypting and Securing Services;
54 Encrypt IMAP and POP with SSL;
55 Use TLS-Enabled SMTP with Sendmail;
56 Use TLS-Enabled SMTP with Qmail;
57 Install Apache with SSL and suEXEC;
58 Secure BIND;
59 Set Up a Minimal and Secure DNS Server;
60 Secure MySQL;
61 Share Files Securely in Unix;
Chapter 6: Network Security;
62 Detect ARP Spoofing;
63 Create a Static ARP Table;
64 Protect Against SSH Brute-Force Attacks;
65 Fool Remote Operating System Detection Software;
66 Keep an Inventory of Your Network;
67 Scan Your Network for Vulnerabilities;
68 Keep Server Clocks Synchronized;
69 Create Your Own Certificate Authority;
70 Distribute Your CA to Clients;
71 Back Up and Restore a Certificate Authority with Certificate Services;
72 Detect Ethernet Sniffers Remotely;
73 Help Track Attackers;
74 Scan for Viruses on Your Unix Servers;
75 Track Vulnerabilities;
Chapter 7: Wireless Security;
76 Turn Your Commodity Wireless Routers into a Sophisticated Security Platform;
77 Use Fine-Grained Authentication for Your Wireless Network;
78 Deploy a Captive Portal;
Chapter 8: Logging;
79 Run a Central Syslog Server;
80 Steer Syslog;
81 Integrate Windows into Your Syslog Infrastructure;
82 Summarize Your Logs Automatically;
83 Monitor Your Logs Automatically;
84 Aggregate Logs from Remote Sites;
85 Log User Activity with Process Accounting;
86 Centrally Monitor the Security Posture of Your Servers;
Chapter 9: Monitoring and Trending;
87 Monitor Availability;
88 Graph Trends;
89 Get Real-Time Network Stats;
90 Collect Statistics with Firewall Rules;
91 Sniff the Ether Remotely;
Chapter 10: Secure Tunnels;
92 Set Up IPsec Under Linux;
93 Set Up IPsec Under FreeBSD;
94 Set Up IPsec in OpenBSD;
95 Encrypt Traffic Automatically with Openswan;
96 Forward and Encrypt Traffic with SSH;
97 Automate Logins with SSH Client Keys;
98 Use a Squid Proxy over SSH;
99 Use SSH As a SOCKS Proxy;
100 Encrypt and Tunnel Traffic with SSL;
101 Tunnel Connections Inside HTTP;
102 Tunnel with VTun and SSH;
103 Generate VTun Configurations Automatically;
104 Create a Cross-Platform VPN;
105 Tunnel PPP;
Chapter 11: Network Intrusion Detection;
106 Detect Intrusions with Snort;
107 Keep Track of Alerts;
108 Monitor Your IDS in Real Time;
109 Manage a Sensor Network;
110 Write Your Own Snort Rules;
111 Prevent and Contain Intrusions with Snort_inline;
112 Automatically Firewall Attackers with SnortSam;
113 Detect Anomalous Behavior;
114 Automatically Update Snort’s Rules;
115 Create a Distributed Stealth Sensor Network;
116 Use Snort in High-Performance Environments with Barnyard;
117 Detect and Prevent Web Application Intrusions;
118 Scan Network Traffic for Viruses;
119 Simulate a Network of Vulnerable Hosts;
120 Record Honeypot Activity;
Chapter 12: Recovery and Response;
121 Image Mounted Filesystems;
122 Verify File Integrity and Find Compromised Files;
123 Find Compromised Packages;
124 Scan for Rootkits;
125 Find the Owner of a Network;

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 2 Customer Reviews
  • Anonymous

    Posted June 17, 2012


    Should i read it? I know how. Not really.

    Was this review helpful? Yes  No   Report this review
  • Posted February 5, 2009

    Great For Sysadmins

    Network Security Hacks by Andrew Lockhart was a very fun and interesting read. While I do not recommend it for those that are just getting into the System Administration and Networking field, I do believe this book should not only sit on the shelves of System Administrators, but should be used frequently for reference. The book promises 100 industrial strength tips and tools, and it delivers that and more. The book is basically a learn-by-example book, which works best for me when studying this field. The examples are very well-written, and provide many example text outputs and screenshots. The book is divided into UNIX, Windows, and network security.<BR/><BR/>The first chapter covers UNIX security, which I already had a good background in, and taught me some lower-level kernel and file system security. The second chapter covers Windows security: The basics of encrypting folders, restricting users and checking for patches, and monitoring log files. In my opinion, this chapter was the weakest in the entire book. If you are looking for more in-depth Windows security, I suggest looking elsewhere. The rest of the book covers network security and its related components. This section is where the book really shines, covering everything from intrusion detection to logging and monitoring.<BR/><BR/>My favorite feature of this book is that it will present you with a potential security problem and then a possible solution, but then the book will ask: what if a hacker did this or that? Asking questions in this manner gives you the proper mindset you need to start securing your systems.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing all of 2 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)