Linux System Security: The Administrator's Guide to Open Source Security Tools [Textbook Binding]

Scott Mann (Author), Ellen L. Mitchell (Author)

Book Description

Series: Prentice Hall Series in Computer Networking and Distributed Systems | Publication Date: December 20, 1999

More and more companies are depending on Linux to run their mission critical networks and store their most important data. This expert guide shows Linux system administrators exactly how to protect those resources and networks, using the powerful open source tools the Linux community has developed. Start by learning how to prepare your Linux system for a production environment, including identifying system vulnerabilities, planning for day-to-day security administration; implementing firewalls, and more. Review the key steps involved in securing filesystems, email, web servers, and other key applications; then learn how to protect applications running in a mixed Linux/Unix and Windows NT environment. Linux System Security book contains invaluable "rules of thumb" that can help any Linux sysadmin leverage the security expertise that usually earned only through hard-won experience. It's informal and witty -- but when it comes to protecting your systems and resources, this book is deadly serious! For all Linux sysadmins familiar with the basics of system administration and TCP/IP network administration.

Editorial Reviews

Amazon.com Review

The introduction of Linux System Security acknowledges that there's no magic bullet as far as security is concerned. Security-minded system administration is a process of constant revision. It promises, though, that "[i]f you follow the procedures outlined in this book, you will certainly reduce your level of vulnerability." The book delivers on that promise in spades.

Using Red Hat Linux as the demonstration environment, the authors explain how to use a suite of publicly available tools to analyze, protect, and monitor your machines and networks. They approach the subject from a practical standpoint, emphasizing software and its use while referring the reader (using copious bibliographic notes) to more specialized works for detailed information on cryptography, firewall configuration, and other subjects.

Scott Mann and Ellen Mitchell have done excellent work in combining explanations of the "soft" aspects of security management with the particulars of using software. In a typical section, they explain how to acquire, install, and run Crack, a password breaker. First they show how a bad guy would use Crack to get unauthorized access to a machine over a network; then they explore the "white hat" applications of the program as a security tool for preemptively weeding out weak passwords. More detailed coverage goes to tiger and Tripwire, a pair of powerful auditing and monitoring tools. Along with Maximum Linux Security (which covers more offensive and defensive weapons in less detail), this is one of the two best Linux security books you can own. --David Wall

Topics covered: Linux security practices and tools, as demonstrated under Red Hat Linux 5.2 and 6. Software and commands include Pluggable Authentication Modules (PAM), OPIE, syslog, sudo, xinetd, Secure Shell (SSH), Crack, tiger, Tripwire, The Cryptographic File System (TCFS), and ipchains. The authors discuss administrative policies and procedures along the way.

From the Back Cover

Maximize Linux security, hands-on-with today's best open source tools

If you depend on Linux to run mission-critical networks or store business-critical data, are you sure you can protect your Linux systems from intruders? You'd better be-and with Linux System Security, you can be!

Long-time Linux sysadmins Scott Mann and Ellen Mitchell demonstrate exactly how to protect your vital resources, using today's most powerful open source security tools. Linux System Security makes you an expert fast, with insiders' coverage of the "gotchas," "rules of thumb," and undocumented tricks you'd otherwise have to learn the hard way. Coverage includes:

* Preparing Linux systems for a production environment
* Identifying vulnerabilities, and planning for security administration
* Configuring Linux-based firewalls, authentication, and encryption
* Intrusion detection on Linux systems
* Securing filesystems, email, web servers, and other key applications
* Protecting mixed Linux/Unix and Windows NT environments

You'll find hands-on introductions to the Linux community's most important security tools, including sudo, TCP, wrappers, xinetd, SSH, tiger, Tripwire, ipchains, PAM, crack, and many others.

If you want the benefits of Linux without the security risks, you want Linux System Security!

See all Editorial Reviews

Product Details

• Textbook Binding: 800 pages
• Publisher: Prentice Hall; 1st edition (December 20, 1999)
• Language: English
• ISBN-10: 0130158070
• ISBN-13: 978-0130158079
• Product Dimensions: 9.2 x 7.3 x 1.9 inches
• Shipping Weight: 2.9 pounds
• Average Customer Review: 4.8 out of 5 stars  See all reviews (8 customer reviews)
• Amazon Best Sellers Rank: #3,593,589 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

12 of 13 people found the following review helpful:

5.0 out of 5 stars Practical and Thorough, February 2, 2000

By 

William Klemm "BKlemm" (Houston, TX) - See all my reviews
(REAL NAME)   

This review is from: Linux System Security: The Administrator's Guide to Open Source Security Tools (Textbook Binding)

Among the many other books on the shelves with similar titles, this book spans the gamut of security. No one book can claim to be "The Book" on Linux/Unix security, but this one is an essential for library of the budding "sys-admin." Aside, from the detailed instructions for plugging security holes, Mann and Mitchell explain how and why it works. I found this book very helpful.

BK

8 of 8 people found the following review helpful:

5.0 out of 5 stars A Wide Breadth of Practical In-Depth Information, April 22, 2000

By 

Howard Holm - See all my reviews

This review is from: Linux System Security: The Administrator's Guide to Open Source Security Tools (Textbook Binding)

This is the best of the books I've seen on Linux system security. It focuses almost exclusively on freely available tools, and therefore should appeal to those poorly funded installations that use Linux because of its low cost. The authors cover many tools in the detail needed to obtain, install, and use them in an intelligent way. I was very impressed with the scope of coverage, from system policies to the use and configuration of crack, and everything in between. Although not everything within that scope can be covered in complete detail, the book also includes many useful references for additional information.

Among my few complaints would be that the authors tended to present the tools within the context of a network utilizing firewalls, a DMZ, and limited service servers. In practice many installations will not be so well constructed. In fairness, the utility of the information presented was usually unaffected by the assumed architecture. Although the presentation is relatively distribution neutral, the examples and specifics referred almost exclusively to RPM based RedHat 5 and 6. I would have been interested in seeing parallel details for Debian based distributions, if for nothing else than to gain a sense of the differences that might be encountered based on packaging.

13 of 15 people found the following review helpful:

5.0 out of 5 stars Probably the best book on open source security tools, July 20, 2000

By 

Nikolai N Bezroukov "kievite" (Budd Lake, NJ) - See all my reviews

This review is from: Linux System Security: The Administrator's Guide to Open Source Security Tools (Textbook Binding)

Actually all tools described are not Linux specific and can be used for any Unix including FreeBSD and Solaris.

The authors seems to know the subject and really used tools that they are writing about. For several popular tools the book provides some useful info that is difficult to find elsewhere. Pretty decent typography, although it's a little bit too academic and does not use icons on margins that IMHO simplify reading. 

As for the classic open security tools, the book covers PAM(36 pages), Sudo(20 pages), TCP Wrappers(24 pages), SSH(55 pages), Tripwire(24 pages), CFS and TCFS (30 pages), and ipchains.

From the first reading it looks like the chapters are *not* a rehash of existing online documentation. In addition to the chapters about classic open source security tools I like chapters about logs: a chapter on syslog (Ch.8) and a chapter on log file management (Ch.17). 

Now about weaknesses. The chapter on Tiger is rather weak. Moreover regrettably Tiger is a legacy tool, but actually information is not completely useless -- it's not difficult to switch to another tool after one understands how Tiger works. Actually Perl is superior for writing Unix vulnerability scanners in comparison with shell. May be hardening scripts like Bastille would be a better choice for this chapter in the second edition of the book.

Book is incomplete in a sense that neither Snort (or any similar intrusion detection tool), nor open source network scanners (Saint, Sara, etc.) are covered.

Of course there are some typos, but generally not that many. But what is really bad is that the Prentice Hall book page currently is pretty basic with no errata or additional links. The authors do not provide a WEB site for the book.

This book can probably be used for studying Unix security at universities along with somewhat outdated Practical Unix and Internet Security and this combination can somewhat compensate deficiencies of the latter (non tool oriented descriptive approach).