Customer Reviews

Linux System Security: The Administrator's Guide to Open Source Security Tools

5 star:		(7)
4 star:		(0)
3 star:		(1)
2 star:		(0)
1 star:		(0)

 

 

Among the many other books on the shelves with similar titles, this book spans the gamut of security. No one book can claim to be "The Book" on Linux/Unix security, but this one is an essential for library of the budding "sys-admin." Aside, from the detailed instructions for plugging security holes, Mann and Mitchell explain how and why it works. I found this book very helpful.

BK

This is the best of the books I've seen on Linux system security. It focuses almost exclusively on freely available tools, and therefore should appeal to those poorly funded installations that use Linux because of its low cost. The authors cover many tools in the detail needed to obtain, install, and use them in an intelligent way. I was very impressed with the scope of coverage, from system policies to the use and configuration of crack, and everything in between. Although not everything within that scope can be covered in complete detail, the book also includes many useful references for additional information.

Among my few complaints would be that the authors tended to present the tools within the context of a network utilizing firewalls, a DMZ, and limited service servers. In practice many installations will not be so well constructed. In fairness, the utility of the information presented was usually unaffected by the assumed architecture. Although the presentation is relatively distribution neutral, the examples and specifics referred almost exclusively to RPM based RedHat 5 and 6. I would have been interested in seeing parallel details for Debian based distributions, if for nothing else than to gain a sense of the differences that might be encountered based on packaging.

Actually all tools described are not Linux specific and can be used for any Unix including FreeBSD and Solaris.

The authors seems to know the subject and really used tools that they are writing about. For several popular tools the book provides some useful info that is difficult to find elsewhere. Pretty decent typography, although it's a little bit too academic and does not use icons on margins that IMHO simplify reading. 

As for the classic open security tools, the book covers PAM(36 pages), Sudo(20 pages), TCP Wrappers(24 pages), SSH(55 pages), Tripwire(24 pages), CFS and TCFS (30 pages), and ipchains.

From the first reading it looks like the chapters are *not* a rehash of existing online documentation. In addition to the chapters about classic open source security tools I like chapters about logs: a chapter on syslog (Ch.8) and a chapter on log file management (Ch.17). 

Now about weaknesses. The chapter on Tiger is rather weak. Moreover regrettably Tiger is a legacy tool, but actually information is not completely useless -- it's not difficult to switch to another tool after one understands how Tiger works. Actually Perl is superior for writing Unix vulnerability scanners in comparison with shell. May be hardening scripts like Bastille would be a better choice for this chapter in the second edition of the book.

Book is incomplete in a sense that neither Snort (or any similar intrusion detection tool), nor open source network scanners (Saint, Sara, etc.) are covered.

Of course there are some typos, but generally not that many. But what is really bad is that the Prentice Hall book page currently is pretty basic with no errata or additional links. The authors do not provide a WEB site for the book.

This book can probably be used for studying Unix security at universities along with somewhat outdated Practical Unix and Internet Security and this combination can somewhat compensate deficiencies of the latter (non tool oriented descriptive approach).

I read most every security book that is released and this one is so exceptional in quality that I felt impelled to add a review. It covers all aspects of Linux security and has tons of practical tools and techniques for achieving security. All of the techniques and installations are well-explained and very detailed. Excellent book!

This book is well-written, thorough, and practical rather than academic. I particularly found the chapter on securing network services to be helpful, and was able to identify some potential security problems on the systems I support as a result of information provided in that chapter.

This book is incredibly thorough, and up to date. For example, Red Hat Linux 7 has just come out, and does now has xinetd as a replacement for inetd. Well, you guessed it, this book has about 27 pages on xinetd!

Want info on ipchains? This book has at least 50 pages on the subject!

I could go on and on about this book it is so good!

This book is written by experienced people, not just an author who was assigned another book to write.

You will not regret buying this book!

Anyone involved in securing computers and networks usually has several security texts on their bookshelf. No one text can have all the answers for every security problem out there, and one of the best things going for this book is that it doesn't claim to do so. But it does contain information on some excellent tools and resources you can use to secure not just your Linux system, but systems with a lot of other flavors of UNIX. The book talks about the most common security vulnerabilities and various open source packages which do everything from detecting these problems to blocking them out as completely as possible. The beginning of the book has some very useful lists of Examples, Tables, and Figures which give you easy access to important concepts. Appendixes give excellent Internet resources usually only known to hackers and other security experts along with tools not covered by the book (but pointers to where to find more info). The style the book is typeset in is very similar to the Stevens books on UNIX Programming and TCP/IP, which makes it easy to read. I would say this book makes an excellent companion to Maximum Security, by Anonymous. Maximum Security gives you the information blast, and this book expands on some of the important tools like tiger, xinetd, and Tripwire. All in all, a good one to add to your security library.

Linux System Security: The Administrator's Guide to Open Source Security Tools, Second Edition
by Scott Mann has advice on starting from scratch when you are setting up a machine to make it secure from attack from the outside.

It looks at everything from the filesystem upwards, and will give you a good starting point for looking at this.