Linux (Hacking Exposed) Paperback – March 27, 2001

Good info.

Given the complexity of Linux systems, and the years spent hardening such systems against would-be intruders, it is amazing how a simple, clever idea can still translate into a full-blown security exploit.
I really enjoyed the format of the book. The authors don't waste time on security theories, or explaining what Linux is. They know the reader is already familiar with these, and wants to know, in concrete terms, how a hacker sees your server, and will systematically breach its security until they get root access. The authors waste no time in revealing the tools of the trade, and the security-conscious would do well to read this book from cover to cover. It is not enough to just apply patches, and turn off unnecessary services (and surprisingly few admins even do this right). One must fully understand the mindset of the hacker, and see the server from the outside.
I truly believe that no other book right now can deliver such honesty and such useful information on Linux security. If you hope to secure your servers or go into the security field, definitely read this book. You will not be sorry. :)

The book pulls you into a hackers/crackers mind! no boring bla-bla text that puts you to sleep in 3 minutes! the only reason I gave it 4 stars is that it didn't come with a CD! Most of the books I've read came with the programs they discussed in the book, This was my only let down. I've contacted the authors about some questions and I received a fast and curtious reply. Hats off to you Gents, and I must thank Brian for his reply,about to much security, your one of the reasons I've switched from windows to linux. Try and contact Bill if ya got a question about windows!

It covers most important topic these days. Excellent examples/cases, software recommendaitions, solutions.... I do higly recommned this book.

The Hacking Exposed books have set the bar for this genre of security book. Hacking Linux Exposed - 2nd Edition doesn't fail in meeting that bar as well. If you've read Hacking Exposed - 4th Edition and think this book can't tell you anything you don't already know- think again. For those who administer Linux boxes this book provides an in-depth look at specific hacks and vulnerabilities unique to the Linux operating system and the accompanying fixes and workarounds to protect yourself. The book is overflowing with examples and sample commands that users can immediately put to use to better understand the risks and how to mitigate them. Hacking Exposed is a must-read for security- this book is a must-read for Linux security.

(...)

Hacking Linux comes in six parts, each of which is worth the price of the book in whole. Part one: security overview covers all the basics like file permissions, setuserid problems, buffer overflows/format string attacks, tools to use before you go online, and mapping tools like nmap. Part two comes in from more of the hacker angle with social engineering and trojans, attacks from the console, and then concludes with two excellent chapters about netowrk attacks and TCP/IP vulnerabilities.
All the stuff to this point assumes the hacker is on the outside. Part three takes over and shows you what the hacker will do once they've gotten on, such as attacking other local users including root, and cracking passwords. It becomes obvious that you need to protect things from insiders as much as from the outsider, because the outsider will usually get in as a normal user first, and if you can prevent him or her from getting root access, the damage cannot be nearly as severe. A lot of books don't cover this angle at all, and it's done superbly here.
Part four covers common problems in internet services. First they discuss mail servers. Sendmail, Qmail, Postfix, and Exim each get covered in detail - it's nice to see more than just Sendmail discussed in a security book. Of course, it'd be even nicer to see something other than Sendmail installed on a Linux machine by default. Next they cover problems with FTP software and problems with the FTP protocol. I'd never seen "beneath the hood" and realized how wierd FTP really was, and why it's not supported by firewalls very well, and the authors show you the inner workings of it so anyone can understand the problems. They continue with Apache and CGI/mod_perl/PHP/etc problems, both from a coding standpoint and how to secure against outsiders and your own web developers. Next it's on to Firewalls (iptables and TCP wrappers) and lastly (distributed) denial of service attacks. The countermeasures for the DOS problems are excellent, and a must for anyone with a server.
Part five covers everything a hacker can do once they've broken in. They describe trojan programs, trojan kernel modules, and configuration changes that can be used to keep root access, or hide the hacker activity, or let them get back in should the computer be partially fixed. This was not only complete, but scary in how many different things they showed. It works both as a blueprint for what you need to defend against, how to clean up after a hacker has gotten in, and also how you could back door a machine if you get in. I'll leave the ethics up to you.
Lastly we have part six, which is the appendicies. While most times I ignore appendicies, these are really an integral part of the book, and are referenced throughout the book all over. (This very good, because it keeps the book from having too much repeated countermeasures.) They discuss post-breakin cleanup, updating your software and kernel, and turning off daemons (both local and network ones) and a new case study. The book is good about covering Linux from a distribution-agnostic standpoint (it doesn't assume you use RedHat, unlike everything else out there) but in these appendicies they cover the differences you may encounter. They show you how to use dpkg/apt-get as much as RPM as much as .tgz packages, discuss both inetd and xinetd, and even svscan/supervise. They are extreemly complete.
Hacking Linux Exposed 2nd Edition is required reading for anyone with a Linux machine, period.