Linux Security: Craig Hunt Linux Library [Paperback]

Ramón J. Hontañón (Author)

Book Description

Publication Date: July 10, 2001 | ISBN-10: 078212741X | ISBN-13: 978-0782127416

Authoritative Answers to All Your Linux Security Questions—Specifically for Linux Administrators

This is the most complete, most advanced guide to Linux security you'll find anywhere. Written by a Linux security expert with over a decade of experience, Linux Security teaches you, step-by-step, all the standard and advanced techniques you need to know to keep your Linux environment safe from threats of all kinds. Hundreds of clear, consistent examples illustrate these techniques in detail†so you stay on track and accomplish all your goals. Coverage includes:

• Understanding information and system security procedures
• Developing a corporate security policy
• Designing and deploying an effective system and network monitoring strategy
• Managing the network services offered by Linux servers
• Understanding Sendmail security, including authentication and privacy
• Providing application-level mail security using PGP
• Designing and deploying an Apache HTTP server, including SSL extensions
• Securing your Samba server
• Building a network layer firewall using IPtables and Linux kernel v.2.4
• Using the NEC SOCKS5 transport layer firewall
• Deploying the TIS firewall toolkit
• Offering secure remote connectivity with IPsec and PPTP VPNs
• Adding strong user authentication to Linux servers using Kerberos
• Understanding the Linux Pluggable Authentication Modules (PAM)

Editorial Reviews

From the Back Cover

Authoritative Answers to All Your Linux Security Questions—Specifically for Linux Administrators

This is the most complete, most advanced guide to Linux security you’ll find anywhere. Written by a Linux security expert with over a decade of experience, Linux Security teaches you, step-by-step, all the standard and advanced techniques you need to know to keep your Linux environment safe from threats of all kinds. Hundreds of clear, consistent examples illustrate these techniques in detail -- so you stay on track and accomplish all your goals. Coverage includes:

• Understanding information and system security procedures
• Developing a corporate security policy
• Designing and deploying an effective system and network monitoring strategy
• Managing the network services offered by Linux servers
• Understanding Sendmail security, including authentication and privacy
• Providing application-level mail security using PGP
• Designing and deploying an Apache HTTP server, including SSL extensions
• Securing your Samba server
• Building a network layer firewall using IPtables and Linux kernel v.2.4
• Using the NEC SOCKS5 transport layer firewall
• Deploying the TIS firewall toolkit
• Offering secure remote connectivity with IPsec and PPTP VPNs
• Adding strong user authentication to Linux servers using Kerberos
• Understanding the Linux Pluggable Authentication Modules (PAM)

About the Author

Ramón J. Hontañón has worked for more than a decade in the UNIX, TCP/IP internetworking, and information security fields, serving as UNIX application developer, UNIX systems administrator, information security consultant, and most recently senior manager of security product engineering at UUNET Technologies. He has extensive experience conducting security audits for government agencies and financial institutions and designing UNIX-based security solutions aimed at both internal and customer security.

Product Details

• Paperback: 374 pages
• Publisher: Sybex (July 10, 2001)
• Language: English
• ISBN-10: 078212741X
• ISBN-13: 978-0782127416
• Product Dimensions: 9 x 7.6 x 1.2 inches
• Shipping Weight: 2 pounds
• Average Customer Review: 3.5 out of 5 stars  See all reviews (2 customer reviews)
• Amazon Best Sellers Rank: #1,146,887 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

14 of 15 people found the following review helpful:

4.0 out of 5 stars Very useful addition to your Linux (Unix) security library, September 10, 2001

By 

Halvard Halvorsen - See all my reviews

This review is from: Linux Security: Craig Hunt Linux Library (Paperback)

This is the first book I have bought from the Craig Hunt Linux library and judging by this volume I will be buying more.

It's an excellent book covering all aspects of Linux security
from physical site security to VPN's. It's up to date: a good section with clear examples on iptables is included.

For each section the author selects a few (or as in the case of file integrity just one product like tripwire) products and explains with good examples how to install and configure from scratch (including installing the rpm's). The language is clear and the author explains both why and how. There is an excellent section on nessus and the tripwire part really shows what a cumbersome beast tripwire now has become ... The focus is almost 100% on freely available tools in true Linux spirit.

It's not without minor faults however - but so far I have only found one major one. The section on "Starting Network Services from /etc/rc.d" is weak: it messes up the runlevels (1 is single user and 5 is X11), it does not mention the fact that Kill scripts are run before the Start script when _entering_ a new run level and there is no mention of ntsysv (or chkconfig).

I do like the fact that Hontanon is not at all afraid of giving strong recommendations - i.e. "Among the password auditing tools ... John the Ripper stands out as the clear winner because of its performance and ease of use".

This is not a beginners book - it assumes general Linux and networking knowledge.

If you are looking for a source for overall Linux security, Unix security tools and how to use these tools look no further. This book should be on your bookshelf along with the 2nd edition of "Maximum Linux Security" and (the now slightly out of date) "Practical Unix&Internet Security".

Recommended.

9 of 9 people found the following review helpful:

3.0 out of 5 stars Disappointing book, June 7, 2002

By A Customer

This review is from: Linux Security: Craig Hunt Linux Library (Paperback)

I was a tad bit disappointed with this book. I was hoping for a more in depth presentation of Linux specific security options, but the majority of the book is a superficial treatment of installing various open source security packages.

The book is also a bit dated. The latest reference to Redhat is for version 7.0 (Redhat is up to 7.3 now); it refers to the "next generation inetd" regarding xinetd.conf; and also refers to TCP-Wrappers as a Linux add-on (both components have been included and installed in a default Linux install for close to 2 years now).

The book is good for an overview of Linux security, but if you're "looking for the beef" it's better to look elsewhere.