Customer Reviews

Practical Unix and Internet Security, 2nd Edition

5 star:		(20)
4 star:		(8)
3 star:		(2)
2 star:		(3)
1 star:		(1)

 

 

Somewhat outdated -- two years old in a very dynamic field, Rootkit is not even mentioned, Bugtraq mentioned only in supplement, etc. Far from being practical and can be used only as an introductory text in Unix security. Not recommended for Internet security (superficial and incomplete). Good style --  Simson Garfinkel of The UNIX-Haters Handbook fame  is a really talented journalist (but now only a journalist, see his interview with Amazon.com).  The main problem with the book is that instead of relying on tools as any Unix author should, the authors use a cookbook/reference approach giving recipes about improving security. References to important RFCs, FAQ and CERT advisories are absent. For example RFC1244 (now superseded by RTC2196) is not mentioned in index(and probably in the text as well) although Ch.2 and Ch.24 mirror its content. No attempts were made to explain what tools can be used for checking/fixing particular class of problems or to present a bigger picture in which the flaw exists. Typesetting is very primitive. Although one of the authors is a (former) programmer judging by just the book content it is difficult to believe that he is able to spell PERL :-). The book is not updated enough to compete with newer books on Internet Security. For corporate users possible alternatives are combinations of one book on Unix security (for example, Unix System Security by David A. Curry) and one book on Internet security (for example Actually Useful Internet Security Techniques by Larry J. Hughes). The last is recommended as an alternative for readers who cannot afford two books. Often books written by a specialist in particular areas can be a better deal than books from security folks. For example TCP/IP Network Administration by Craig Hunt contains a lot more information about how properly configure TCP/IP than this book and in Ch.12 has a very decent overview of security in just 40 pages.

As a Linux administrator, I ordered this book hoping to find out how hackers typically gain access to systems and neat little tricks for locking down my system, as well as detecting and dealing with intruders. While Practical Unix & Internet Security did cover these topics, it covered little I didn't already know.

Significant time is spent explaining how unix-based systems work. The book covers things such as file systems, partition structure, file ownership/permissions, users and groups, inodes, ssh, backups, etc. Each command, utility, procedure or feature is detailed over several pages followed by an explanation of what you should be doing with said topic.

There are also a few real-world examples here and there; stories most of us have heard before, like the admin who had . in his path.

Unlike many computer books, this one is well written and an easy read, and it's certainly a lot more friendly than some unix geek's advice which consists of RTFM.

I think this book would be great for someone who has a very basic understanding of unix-based systems but has never administrated one before, but for those of us who've already had some experience running unix there's probably not anything new here for you.

This books is a very thorough hands-on guide to the subject of security for unix computers connected to the Internet.

It starts with basic subjects, such as passwords, backups, security auditing & logging, and physical security, and then continues with networking subjects, such as modems, TCP/IP, NFS, kerberos, firewalls, proxies, etc. important issues and terms are interwined - such as what is the rainbow series and legal issues.

The subject of computer & Internet security is changing quickly, and as other reviewers have written a book written a couple of years ago (I have the 1996 edition) is no longer up to date.

But I think it's a minor issue.

First, because one must still learn and protect against older attacks - an intruder will not shy away from trying to use an old security hole just because it's two months old. Hacks are not cheese, and cant be thrown out after two weeks.

Second, a sysadmin should get the basic information, terms, ways of thought, etc - and this book will teach this well - and then continuously look for new information and information sources.

This includes finding out about bugtraq, ntbugtraq, phrack, and any other new mailing lists and web sites regularily.

So I highly recommend this book to anyone who deals with the subject of unix & internet security.

The best beginners guide to UNIX security and computer security in general I have ever read. In fact the only technical book I have read and enjoyed! This book explains first principles in computer security in an understandable way. This is particularly useful for computer auditors, who may not be technically competent in UNIX. I used this book to develop security audit programs for backup and recovery, incident management, basic UNIX security review and risk management. Consequently I was haled as a hero and a guru by management! New computer auditors should buy this now!

The second edition of this book was my security vade mecum for the last 8 years. For what I can foresee, this third edition, will play the same role for (at least) the next three years.

When you are required as an security expert, several tasks are usually to be faced:

New scenarios to analyze?, checklists to recommend?, good firewall architectures to suggest?, logs to watch? (and so on). Don't worry, with the only help of this Garfinkel, Spafford and Schwartz 'little giant' book, you are done.

Excellent book. A Must for security people.

This is a superb discussion of networked-system security, in general. It doesn't pretend to be an up-to-the-minute shopping list of security flaws: that job is better left to web sites. Instead, the text educates readers with a conceptual idea of Computer Security that can be applied successfully to existing systems, and to systems not yet built. It's exactly the sort of educational value that we'd expect from simsong and spaf.

But it does go beyond theoretical education, to explain with great clarity fundamental issues in system security. Covering everything from physical security to filesystem quirks, this tome is fascinating in its scope. I have found the special section on writing solid network applications (CGI programs, and the like) to be of great value.

In short, this book provides the Common Body of Knowledge in computer security. Start here, and you'll have the basis for a comprehensive understanding of related issues -- one that transcends the individual bugs to see the bigger picture.

I am responsible for a 50+ person intrusion detection mission, and this was the first book I ever read on computer security. I started reading it in early 1998 while assigned to a HQ planning unit, after a UNIX instructor in England recommended it as "the Bible" of security. Back then the book was two years old. Now, four years on, some may argue the material is getting dated. Anyone interested in building a training program for a mostly UNIX shop would find the underlying structure and most material of the book extremely useful. While works dealing with standards tend to weather well, like Richard Stevens' "TCP/IP Illustrated" series, this book may be showing its age. Nevertheless, until you hear that edition three is in the wings, I still recommend this volume. Any news on the next edition, Simson and Spaf?

I hate to repeat the cliche, but if you can only buy one security book this year and you are a *nix geek, this should be it, hands down. As some point out, you can probably find everything in this book online, but then again you can find anything online, so why buy any books at all? I don't like giving 5 stars; this book left me no choice.

The strength of this book lies in several areas. First, the authors probably have 50+ years experience between them and it shows. You really get the impression that they've "been there, done that". But they don't try and "wow" you with their intelligence and they aren't condescending, in fact they write quite clearly.

The "mile wide" crack I made in the title refers to the fact that this book covers everything from physical security and social engineering, to how to setup up integrity checking with tripwire and use PAM. Basically I found this book to be invaluable because while I could breeze through certain sections, there was a ton of material that I needed more knowledge about, but either never got around to it, or didn't even know I was lacking. An example is NFS. I knew I needed more background about NFS because I work in infosec, but every place I've ever worked has banned NFS outright, which makes it a little more difficult to learn.... Another 2 technologies pop into my mind: LDAP and PAM. I knew what they were, but now I know how to set up the basics and can branch out on my own.

In our infosec world it's simply not possible to know everything. This book gives the reader a solid grounding in a ton of stuff, which enables him to go out and Google around intelligently for more advanced information. In a pinch it can also be used as an anti-theft device since it weighs in at 900+ pages and is quite heavy.

Practical UNIX and Internet Security by Garfinkel and Spafford is a fundamental work on the subject. The authors not only are widely respected professionals in the field, but good writers as well (or is this O'Reilly's editors? :-). Anyway, this book despite its size is readable, still has lots of information, and comes highly recommended. As one of the other reviewers of this book has written, the details of systems and software may change, but the underlying security and good management practices will not. The reason I give it 4 out of 5 stars is because it is published a while ago.

A very good introduction to UNIX and Security. There is valuble information even for experts, however you have to dig for it. In general the book reads like a story book and is very easy to understand. This is a disadvantage sometimes when you just want to refer to something and you have to go through pages and pages of not so useful information.