- Paperback: 544 pages
- Publisher: O'Reilly Media; Second edition (January 28, 2005)
- Language: English
- ISBN-10: 0596006705
- ISBN-13: 978-0596006709
- Product Dimensions: 7 x 1.1 x 9.2 inches
- Shipping Weight: 1.6 pounds (View shipping rates and policies)
- Average Customer Review: 10 customer reviews
- Amazon Best Sellers Rank: #833,928 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Linux Server Security: Tools & Best Practices for Bastion Hosts Second Edition
Use the Amazon App to scan ISBNs and compare prices.
Fulfillment by Amazon (FBA) is a service we offer sellers that lets them store their products in Amazon's fulfillment centers, and we directly pack, ship, and provide customer service for these products. Something we hope you'll especially enjoy: FBA items qualify for FREE Shipping and Amazon Prime.
If you're a seller, Fulfillment by Amazon can help you increase your sales. We invite you to learn more about Fulfillment by Amazon .
The Amazon Book Review
Author interviews, book reviews, editors picks, and more. Read it now
About the Author
Michael D. (Mick) Bauer, CISSP, is Network Security Architect for alarge financial services provider. He is also Security Editor forLinux Journal Magazine, and author of its monthly "Paranoid Penguin" security column. Mick's areas of expertise include Linux security and general Unix security, network (TCP/IP) security, security assessment, and the development of security policies and awareness programs.
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
For instance, for a book that introduces FTP servers, web servers, mail (imap/smtp), dns - they are like separate entities. They do not complete the picture by showing a complete network diagram with IDS / VPN, -- showing an example of all of their advice coming together in a working solution. And Kerberos isn't even mentioned.
They were extremely specific in some areas like talking about rpm example/debian/ make options and specific .conf options ad nauseum - which detracted from the whole picture. Is someone securing bind 4 really reading this book? Also, maybe a mention of apt-get - - but don't tell me how to install each package on every architecture - it just inflates the word count.
I don't think this book was focused enough in the 'big picture' of trying to piece together all of the tiny pieces into a coherant whole, while at the same time it gets cought up in the minute details of certain packages making for a tough read.
Perhaps they could have included an actual example company or two showing possible layouts of ldap in action with:
Anyone for OpenBSD?
First off is the reason I got a copy of this book. (thank god it was used) I am experimenting with options to lock down linux, I wanted to know about, and set up a wide range of technologies to get a good feeling for how much security linux can provide.
I was quite happy to see a section covering how to be a small time CA. (found at the beginning of the stunnel section) This section is so bad, it doesn't even use the right options to say sign a cert from a different server. That is right a book I paid money for didn't even bother to look up the correct options to sign a cert, to be a small time CA? The kerberos section was ok, but it reads like a hobbyist wrote the chapter, and not an experienced admin. I found myself taking notes to follow along, just to redo the instructions to fit my own needs. Lastly ldap. This chapter is simply so awful it inspired me to write this review. I was testing the chapters of this book against the current Debian stable. The only thing this book is good for, is to let you know what other books you should buy instead. I just placed orders for dedicated books, on the chapters from this book I was interested in learning more about.
To recap: The instructions are wrong, the book is inconsistent. I am ashamed o'reilly let this book pass as they have some of the best books.
He deprecates cleartext network communication, in favour of ssh and SSL for remote access. The book has concise explanations of various intrusion detection systems like Nesses and Vlad. Though perhaps if you do decide on using Nessus, you may also want to consult books devoted to it.
Overall, the book is a sobering and cautionary tale of current computing. With the best practices recommended here, you can remain reasonably secure.
Though certainly not all encompassing, the book touches on several key elements of server security, including DNS, Email, File Servers, Web Services, IDS methods and more. People new or just curious about Linux server security will gain the most. More experienced system administrators will find a few implementation tips and useful background information for presentation or training purposes.
Unlike many server security books, this one includes some notes on alternatives to the most popular software packages. For example, the chapter on securing Internet email includes excellent tips on securing both Sendmail and Postfix while the IDS chapter covers the popular Tripwire package and some lesser-known integrity checkers. References and the end of each chapter are provided to point you to even more solutions.
This book certainly will not replace a dedicated reference volume, but I find it to be a good summary of major security practices for bastion hosts. Note that the book focuses primarily on host hardening. Though there are some sections on network security, most of the chapters focus on locking down your server. So if you are mainly interested in network clusters, network surveillance, or honeypots, you will probably want to find another reference. Also, if you have several years of experience, you may not find too much new information, but the book is a handy reference volume that can point you in the right direction. If, however, you are new to Linux server security or just simply want a concise summary of common security practices, then this will be a welcomed addition to your technical library.
Most recent customer reviews
By Michael D. Bauer
Second Edition January 2005
544 pages, $44.95 US
A lot of people think Linux is bullet proof, but its not.Read more