Hacking Linux Exposed, Second Edition [Paperback]

Brian Hatch (Author), James Lee (Author)

Book Description

ISBN-10: 0072225645 | ISBN-13: 978-0072225648 | Publication Date: December 4, 2002 | Edition: 2

Tighten holes and maintain security on your Linux system! From the publisher of the international best-seller, Hacking Exposed: Network Security Secrets & Solutions, comes this must-have security handbook for anyone running Linux. This up-to-date edition shows you how to think like a Linux hacker in order to beat the Linux hacker. You'll get detailed information on Linux-specific hacks, both internal and external, and how to stop them.

Editorial Reviews

Amazon.com Review

"Throw up a Linux box," comes the chorus whenever there's a need to provide some network service or other without impinging upon the boss's martini budget. Fair enough, but by doing so are you opening security holes you don't know how to find or fix? The newest edition of Hacking Linux Exposed helps you answer that question and solve many of the security problems you find. To a certain extent this book is a recipe collection in that it describes weaknesses in Linux (calling attention to specific distributions where appropriate). The authors stop short of explicitly showing you how to wage most kinds of attacks, a reasonable thing to do from an ethical point of view even though the instructions can be found easily on the Internet. Rather than do that, they give step-by-step instructions on how to defend against the attacks they catalog. The point is not, "Here's precisely how to bring down a server by means of an ACK storm," but rather, "Here's how to defend against such problems." They do demonstrate plenty of weaknesses, though, as in their coverage of the conversation that goes back and forth between an FTP server and its client.

This book covers pretty much everything you'd want to do with a Linux machine as a network server. Read it and see some of the weaknesses in your system--and do something about them before someone else does. --David Wall

Topics covered: Security best practices, approached from the perspective of what can go wrong and what can be done about the problems. Specific coverage goes to all major services, including user management, FTP, HTTP, and firewalling.

Review

I read security books as reference materials, and this book is an awesome reference. Although the authors' primary focus is Linux, many of the terms, techniques, tools and discussions apply across all aspects of information security. (Security Bookshelf) (Computerworld ) --This text refers to an out of print or unavailable edition of this title.

See all Editorial Reviews

Product Details

• Paperback: 712 pages
• Publisher: McGraw-Hill Osborne Media; 2 edition (December 4, 2002)
• Language: English
• ISBN-10: 0072225645
• ISBN-13: 978-0072225648
• Product Dimensions: 9.1 x 7.4 x 1.6 inches
• Shipping Weight: 3 pounds
• Average Customer Review: 4.9 out of 5 stars  See all reviews (41 customer reviews)
• Amazon Best Sellers Rank: #1,301,309 in Books (See Top 100 in Books)

Customer Reviews

Most Helpful Customer Reviews

56 of 57 people found the following review helpful:

5.0 out of 5 stars Excellence through examples, September 25, 2001

By 

Richard Bejtlich "TaoSecurity" (Metro Washington, DC) - See all my reviews
(REAL NAME)   

This review is from: Linux (Hacking Exposed) (Paperback)

I am a senior engineer for network security operations. I read "Hacking Linux Exposed" (HLE) to learn how adversaries compromise Linux hosts. HLE impressed me at every level. I highly recommend system administrators and security personnel read and heed this book's recommendations.

The "Hacking Exposed" series is known for its unique example-driven style. Rather than telling the reader about a technique or problem, the authors demonstrate the issue using command-line examples. I find myself reading with book and laptop at hand, ready to duplicate the authors' sample commands. This process reinforces the authors' message, while the reader learns if a specific problem applies to his situation. Furthermore, by showing exactly how to execute certain commands, the authors impart bits of wisdom and trickery not found elsewhere.

For example, chapter 11 describes attacks and defenses for FTP servers. To explain active and passive FTP sessions, the authors demonstrate running an FTP client with the -d switch to illustrate raw instructions sent by the client over the FTP command channel. I had never seen this switch in use, but as an intrusion detector I constantly see raw FTP instructions like those revealed by the -d switch. These and other tidbits, like using the chattr -i command or setting the "sticky bit", make HLE exceptional.

Beyond these benefits, readers will enjoy clear, thorough explanations of Linux security issues. HLE gives first-rate descriptions of ssh and web man-in-the-middle attacks, race conditions, and FTP data hijacking. HLE also provides great illustrated examples of FTP bounce attacks, giving intrusion detectors the minutiae we need to recognize these techniques. I had heard of most of the compromise methods offered by HLE, but never seen them discussed in such practical detail.

If the material in chapters 1-13 of HLE don't prompt you to verify your Linux host's integrity, then the case studies in appendix D will. The security community needs more of these narratives. These stories, based on true events, show the lengths to which some attacks will go to penetrate target machines.

"Hacking Linux Exposed" is another strong addition to the "Hacking Exposed" series, and the security community will benefit as a result.

(Disclaimer: I received a free review copy from the publisher.)

47 of 48 people found the following review helpful:

5.0 out of 5 stars Buy two of these, May 30, 2001

By 

"slepp" (Atlanta, GA, USA) - See all my reviews

This review is from: Linux (Hacking Exposed) (Paperback)

I wasn't a fan of Hacking Exposed, largely because its Unix section was a mere 50 pages of superficial, outdated, and obvious fluff. Hacking Linux Exposed makes up for that lack by digging into Unix in much more depth.Though it is modeled after the attack/countermeasure style of the original HE, this book includes a whole chapter of security measures at the beginning that you can implement instantly to get your machine locked down before getting into the nitty-gritty detail about other things in the hacker's arsenal.I was particularly enthralled with chapter 10, which talks about what the hacker will do after they have gained root access, from simple things like adding accounts to complicated issues like kernel modules, complete with source code. Chapter 7 includes some really wonderful examples of how the hacker can abuse networking protocols themselves, something I haven't seen covered in such depth before.The book is logically organized. The first part covers the way the hackers find and probe your machine. The second talks about getting in from the outside, be it network or physical. The third part talks about gaining additional priveleges, and the last part of the book is dedicated to mail, ftp, web, and firewalls. The appendicies are actually useful. They seem to have dropped the small 1-page case studies from the original book and replaced them with longer hacker-eye-views of real attacks which are an interesting read, and really tie the book together.This book is Linux specific in it's countermeasures, but I'd recommend this to any unix user. They do a good job of discussing differences between Linux variants as well, they don't just assume everyone has a RedHat box on their desk. Very refreshing.This book is great for both the theory and practical uses. I could spend weeks implementing all the suggestions they have, but they seem to have thought of this because their risk ratings let you know where you should concentrate as you secure your systems.Like Hacking Exposed, this book also has a website, (...) but it seems more up-to-date -- for example when the ptrace bug in older kernels came out, they posted a kernel module you could compile to protect your system until you could upgrade -- and includes all the source code contained in the book.I bought two of these, one for home and one for the office, and I suggest you do the same.

28 of 29 people found the following review helpful:

5.0 out of 5 stars Should have been "Hacking Unix Exposed", July 7, 2001

By 

"the_ardvark" (Chicago, IL) - See all my reviews

This review is from: Linux (Hacking Exposed) (Paperback)

I am in charge of network security for a large firm. We use largely FreeBSD and OpenBSD machines instead of Linux whenever possible. One of the junior folks was trying to convince us that Linux isn't all that bad, and pointed to this book as proof that it can be secured.

Well, we're not about to switch. However this book covered so many unexpected issues that affected our *BSD boxen that we spent a solid week implementing changes on all our systems. The detail of this book was superb, and it was easy to figure out the differences between their Linux-specific solutions and what was needed on our *BSD systems when they weren't exactly the same.

Got Unix? Buy this book.