Network Security Hacks (Paperback)

by Andrew Lockhart (Author)
Key Phrases: network intrusion detection, wireless security, password set, Unix Host Security, Network Security, Secure Tunnels (more...)

Editorial Reviews

Product Description
This information-packed book provides over 100 quick, practical, and clever things to do to help make your Linux, UNIX, or Windows networks more secure today. It goes beyond securing TCP/IP-based services by providing intelligent, host-based security techniques. Loaded with concise but powerful examples of applied encryption, intrusion detection, logging, trending, and incident response, Network Security Hacks demonstrates effective methods for defending your servers and networks from a variety of devious and subtle attacks. Learn how to detect the presence (and track every keystroke) of network intruders, new methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be system crackers. Important security tools are presented, as well as clever methods for using them to reveal real, timely, useful information about what is happening on your network. The devilishly effective security hacks in this book will keep your 12-hour days from becoming all-nighters.

About the Author
Andrew is originally from South Carolina, but currently resides in northern Colorado where he spends his time trying to learn the black art of auditing disassembled binaries and trying to keep from freezing to death. He holds a BS in computer science fr

Product Details

• Paperback: 304 pages
• Publisher: O'Reilly Media, Inc.; 1st edition (April 1, 2004)
• Language: English
• ISBN-10: 0596006438
• ISBN-13: 978-0596006433
• Product Dimensions: 9 x 5.9 x 0.8 inches
• Shipping Weight: 15.2 ounces (View shipping rates and policies)
• Average Customer Review: 4.0 out of 5 stars See all reviews (21 customer reviews)
• Amazon.com Sales Rank: #577,402 in Books (See Bestsellers in Books)

Customer Reviews

Most Helpful Customer Reviews

23 of 24 people found the following review helpful:

4.0 out of 5 stars A handy guide when trying unfamiliar tools or techniques, June 30, 2004

By	Richard Bejtlich "TaoSecurity.com" (Metro Washington, DC) - See all my reviews (TOP 500 REVIEWER)    (REAL NAME)

"Network Security Hacks" (NSH) has something for nearly everyone, although it focuses squarely on Linux, BSD, and Windows, in that order of preference. Administrators for commercial UNIX variants (Solaris, AIX, HP-UX, etc.) should be able to apply much of the book's advice to their environments, but they are not the target audience. NSH is written for admins needing quick-start guides for common security tools, and in this respect it delivers.

I found NSH to be most rewarding when it avoided discussing the same topics everyone else has covered. Lesser known tools like authpf, ftester, sniffdet, SFS, rpcapd, and Sguil caught my interest (especially as I write Sguil installation docs). Even some ways to use familiar tools were helpful, like the -f (fork) and -N (no command) switches for SSH forwarding. In some cases it made sense to mention well-worn topics like BIND or MySQL, with an eye towards quickly augmenting the security of those servers.

Elsewhere I questioned the need to cover certain tools. With the number of Snort titles approaching double digits, and O'Reilly's own Snort books in the wings, was it really necessary to devote several hacks to Snort? In the same respect, I felt mention of Nmap, Nessus, swatch, and ACID was not needed, nor was advice on implementing certain Windows security features.

In some cases the descriptions were too brief to really explain the technologies at hand. For example, the "Secure Tunnels" chapter discusses a very specific IPSec scenario (wireless client to gateway) without informing the reader of the other sorts of tunnels that are possible. I also questioned some of the content, like p. 47's statement that Windows lacks "robust built-in scripting." Brian Knittel's "Windows XP Under the Hood" would quickly change the author's mind. Also, the anomaly detection preprocessor SPADE is described, even though the last version (Spade-030125.1.tgz, released Jan 03) is only available on a Polish student's Web server and no longer cleanly integrates with Snort past version 2.0.5, released in Nov 03.

Despite these comments, I still found NSH a great addition to my security bookshelf. I found the coverage of Windows more than adequate, given that true security innovation in the public sphere is being done in the open source world and not in Redmond's labs. The writing tends to be clear and the descriptions concise. I guarantee you will find a handful of hacks which pique your curiosity and ultimately help secure your enterprise.

32 of 36 people found the following review helpful:

4.0 out of 5 stars Not for the amateur, July 28, 2004

By	Jack D. Herrington "engineer and author" (Silicon Valley, CA) - See all my reviews (TOP 500 REVIEWER)    (REAL NAME)

It's important to understand who this book is for. It's not for the amateur looking to configure their firewall. The book starts with locking up UNIX filesystems and doesn't turn back the complexity clock as it winds through all the way to advanced topics like Honeypots and various SSH tunneling schemes. I highly recommend this book for network administrators and security professionals looking to make sure they have all of their bases covered. However, for the personal computer user looking to make sure their DSL doesn't get hacked I cannot recommend this book.

13 of 14 people found the following review helpful:

5.0 out of 5 stars Excellent book on security., September 8, 2004

By	swallbridge (Canada) - See all my reviews

This book took me a long time to read, but for a good reason, I kept implementing
the various hacks in the book on a server I had started setting up.

The book is mostly Unix related, but there is some Windows related `hacks' as well.
I think the Windows coverage was lacking a bit though. For Unix, it talks about
Linux, the BSD's and a bit on Mac OS X and Solaris. Most of the topics are
general enough to apply to any Unix based Operating System, but some are specific
to an operating system.

One of the great things about the Hacks series of books by O'Reilly is that the
information is presented in nice small chunks that you can read in a few minutes
if you have some spare time.

The hacks are all `hyperlinked' to each other, if a hack mentions something that
relates to another hack, it is highlighted in blue and the hack that it
references is listed. I did find a few places where this wasn't done
(#84 Real-Time Monitoring, first mentions Barnyard but doesn't provide any
information on it or mention that it is one of the later hacks).

Lots of the hacks in the book could be found by doing some reading on the
internet, but finding such a variety of topics all in one place, with enough
information to get you started is really nice. Even though I consider myself to
be fairly security conscious, I still found quite a few things in this book that
I hadn't thought of, or plain didn't realize were possible or even existed. I
would recommend this book to anyone that is interested in security or anyone
responsible for maintaining a server (whether or not it is on the internet).