Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Other Sellers on Amazon
+ $3.99 shipping
+ $3.99 shipping
Linux (Hacking Exposed) Paperback – March 27, 2001
The Amazon Book Review
Author interviews, book reviews, editors picks, and more. Read it now
I read security books as reference materials, and this book is an awesome reference. Although the authors' primary focus is Linux, many of the terms, techniques, tools and discussions apply across all aspects of information security. (Security Bookshelf) (Computerworld 2001-05-21)
From the Back Cover
From the publisher who brought you the international best-seller, Hacking Exposed: Network Security Secrets & Solutions...
Learn how to think like a hacker in order to secure your Linux network
In the ever-changing world of global data communications, inexpensive Internet connections, and fast-paced software development, security is constantly being compromised. Linux has always been considered the digital playground for hackers. Many hacks, exploits, and network security tools are written on Linux because it's readily available. Hacking Linux Exposed: Linux Security Secrets & Solutions shows you, step-by-step, how to defend against the latest Linux attacks by understanding the hacker's methods and sinister thought processes. You'll learn how your adversaries gather information, acquire targets, escalate privilege, gain control, plant back doors, and cover their tracks. Each chapter is divided into bite-sized chunks, covering highly publicized and little-known break-ins, tips on why they occurred, and detailed countermeasures that no Linux professional can afford to be without.
- Get details on the security features of each Linux distribution, including Red Hat Linux, SuSE, Debian, and Slackware.
- Zero in on vulnerable systems using whois, traceroute, DNS zone transfers, OS detection, ping sweeps, and port scans
- Detect Trojan horses, backdoors, password cracking, IP spoofing, session hijacking, and trail hiding
- Implement Log analysis tools such as the Advanced Intrusion Detection Environment (AIDE) and advanced kernel security patches, including the Linux Intrusion Detection System (LIDS)
- Learn how to prevent local users from getting root privileges
- Prevent Denial of Service and other network attacks
- Configure FTP sites, DNS servers, and other daemons securely
- Plug common and obscure security holes in Sendmail, Qmail, Postfix, POP, and IMAP servers
- Defend against Web server attacks using secure scripting techniques, user verification, and secure Apache Server configurations
- Design, position, and test secure firewalls and other network access restrictions
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
I really enjoyed the format of the book. The authors don't waste time on security theories, or explaining what Linux is. They know the reader is already familiar with these, and wants to know, in concrete terms, how a hacker sees your server, and will systematically breach its security until they get root access. The authors waste no time in revealing the tools of the trade, and the security-conscious would do well to read this book from cover to cover. It is not enough to just apply patches, and turn off unnecessary services (and surprisingly few admins even do this right). One must fully understand the mindset of the hacker, and see the server from the outside.
I truly believe that no other book right now can deliver such honesty and such useful information on Linux security. If you hope to secure your servers or go into the security field, definitely read this book. You will not be sorry. :)
The best way to learn while reading HE:L2E is to try the sample commands. I also recommend visiting the links mentioned and installing many of the tools described by the authors. I found programs like raccess, nsat (ch. 3), sslsniff (ch. 7), nstx, and httptunnel (ch. 15) particularly interesting from an attacker's point of view. From a system administration standpoint, coverage of passlogd (ch. 2), lilo and grub (ch. 5), and X (ch. 6) were very helpful.
The authors share many novel ways to abuse Linux systems, but counter those exploits with little-known features or third-party tools. I never knew I could use bash's HISTCONTROL feature to selectively remove entries from shell history files. HE:L2E goes the extra mile to help secure your system, such as including sample C code in ch. 13 to allow one to compile TCP Wrappers support into one's own programs. Other clear, concise defensive measures were introduced in excellent chapters on keeping the kernel and packages current (appendix B) and pro-active security measures (ch. 2). The last appendix gives a short yet powerful description of the damage an intruder can perform, showing how he hid unauthorized programs and how those programs were discovered.
If you use Linux, you'll find HE:L2E indispensable. I even applied many of the tools and techniques to my FreeBSD system, showing that that good security advice can be a cross-platform endeavor.
The "Hacking Exposed" series is known for its unique example-driven style. Rather than telling the reader about a technique or problem, the authors demonstrate the issue using command-line examples. I find myself reading with book and laptop at hand, ready to duplicate the authors' sample commands. This process reinforces the authors' message, while the reader learns if a specific problem applies to his situation. Furthermore, by showing exactly how to execute certain commands, the authors impart bits of wisdom and trickery not found elsewhere.
For example, chapter 11 describes attacks and defenses for FTP servers. To explain active and passive FTP sessions, the authors demonstrate running an FTP client with the -d switch to illustrate raw instructions sent by the client over the FTP command channel. I had never seen this switch in use, but as an intrusion detector I constantly see raw FTP instructions like those revealed by the -d switch. These and other tidbits, like using the chattr -i command or setting the "sticky bit", make HLE exceptional.
Beyond these benefits, readers will enjoy clear, thorough explanations of Linux security issues. HLE gives first-rate descriptions of ssh and web man-in-the-middle attacks, race conditions, and FTP data hijacking. HLE also provides great illustrated examples of FTP bounce attacks, giving intrusion detectors the minutiae we need to recognize these techniques. I had heard of most of the compromise methods offered by HLE, but never seen them discussed in such practical detail.
If the material in chapters 1-13 of HLE don't prompt you to verify your Linux host's integrity, then the case studies in appendix D will. The security community needs more of these narratives. These stories, based on true events, show the lengths to which some attacks will go to penetrate target machines.
"Hacking Linux Exposed" is another strong addition to the "Hacking Exposed" series, and the security community will benefit as a result.
(Disclaimer: I received a free review copy from the publisher.)
Most recent customer reviews
You will not find another book this comprehensive in the length in HLE has accomplished.Read more