Slashdot Mirror

← Back to Domains

Domain: hackinglinuxexposed.com

Stories and comments across the archive that link to hackinglinuxexposed.com.

Comments · 44

  1. Re:NSA security policies by Reziac · · Score: 1 · on Reuters: RSA Weakened Encryption For $10M From NSA

    Same for the usual alternative.
    http://www.hackinglinuxexposed.com/

    In the original Hacking Exposed book, the only section that was THIN was the Netware chapter.

  2. The script in question... by Brian+Hatch · · Score: 1 · on Stealing the Network: How to Own an Identity
    If you want to translate Dvorak to/from Qwerty, go snag this decrypt script I wrote a long time ago. It's NOT what was used for the chapter. (You'd know why if you read the chapter.)

    The quick way to switch your actual keyboard is to use setxkbmap, or loadkeys, but if then you'd need to type in all the comments here to have them translate. This script would work as a filter, which is more convienient.

    Also, if you want to switch back and forth, or are on an old system that doesn't have alternate keyboards available in X11, I use tod/toq, from the Tools section of Hacking Linux Exposed website.

    If you're wondering why there aren't many posts by the other authors, that's because they're all in or recovering from Las Vegas....

  3. The script in question... by Brian+Hatch · · Score: 1 · on Stealing the Network: How to Own an Identity
    If you want to translate Dvorak to/from Qwerty, go snag this decrypt script I wrote a long time ago. It's NOT what was used for the chapter. (You'd know why if you read the chapter.)

    The quick way to switch your actual keyboard is to use setxkbmap, or loadkeys, but if then you'd need to type in all the comments here to have them translate. This script would work as a filter, which is more convienient.

    Also, if you want to switch back and forth, or are on an old system that doesn't have alternate keyboards available in X11, I use tod/toq, from the Tools section of Hacking Linux Exposed website.

    If you're wondering why there aren't many posts by the other authors, that's because they're all in or recovering from Las Vegas....

  4. A different solution by Pros_n_Cons · · Score: 4, Informative · on Port Knocking in Action

    there is another similar idea written by Brian Hatch author of Hacking Linux Exposed. Instead of 'knocking' ports which as I understand it can be vulnerable to brute force like attacks Hatch's solution uses dns queries to dynamicly open up ports through the firewall, using the dns query as a password. There is no 'service' listening but there is a sniffer waiting for a key string on port 53 that it will take action on. The best thing is it is OS agnostic since DNS query tools are already on all OS's no client software, or technical know-how is needed. And easily customizable if you're fluent in perl.
    These kind of things are not ment for full access, only by allowing you access to the daemon which still has its own acl. When you travel sometimes you're not aware of what IP address your laptop will have so you set a dns query to your home machine which opens the SSH port for you. The whole point is to prevent random attacks from people scanning vulnerable daemons. The following are links to Brian Hatches explinations and code.

    Part 1
    Part 2
    Part 2

  5. A different solution by Pros_n_Cons · · Score: 4, Informative · on Port Knocking in Action

    there is another similar idea written by Brian Hatch author of Hacking Linux Exposed. Instead of 'knocking' ports which as I understand it can be vulnerable to brute force like attacks Hatch's solution uses dns queries to dynamicly open up ports through the firewall, using the dns query as a password. There is no 'service' listening but there is a sniffer waiting for a key string on port 53 that it will take action on. The best thing is it is OS agnostic since DNS query tools are already on all OS's no client software, or technical know-how is needed. And easily customizable if you're fluent in perl.
    These kind of things are not ment for full access, only by allowing you access to the daemon which still has its own acl. When you travel sometimes you're not aware of what IP address your laptop will have so you set a dns query to your home machine which opens the SSH port for you. The whole point is to prevent random attacks from people scanning vulnerable daemons. The following are links to Brian Hatches explinations and code.

    Part 1
    Part 2
    Part 2

  6. A different solution by Pros_n_Cons · · Score: 4, Informative · on Port Knocking in Action

    there is another similar idea written by Brian Hatch author of Hacking Linux Exposed. Instead of 'knocking' ports which as I understand it can be vulnerable to brute force like attacks Hatch's solution uses dns queries to dynamicly open up ports through the firewall, using the dns query as a password. There is no 'service' listening but there is a sniffer waiting for a key string on port 53 that it will take action on. The best thing is it is OS agnostic since DNS query tools are already on all OS's no client software, or technical know-how is needed. And easily customizable if you're fluent in perl.
    These kind of things are not ment for full access, only by allowing you access to the daemon which still has its own acl. When you travel sometimes you're not aware of what IP address your laptop will have so you set a dns query to your home machine which opens the SSH port for you. The whole point is to prevent random attacks from people scanning vulnerable daemons. The following are links to Brian Hatches explinations and code.

    Part 1
    Part 2
    Part 2

  7. I still do not see the advantage by stealth.c · · Score: 4, Insightful · on Microsoft: Patches, Patches Everywhere!

    ...in announcing regular times when you WONT be issuing patches. What if a new flaw is discovered? Shouldn't you get the patch out ASAP? Wouldn't that be best for customers if a big security hole was discovered that needed to be FIXED NOW? (Pre-SP1 XP, anybody?)

    If sysadmins wanted a monthly patch schedule, they're smart enough to do it themselves. Check WindowsUpdate every month, get all the new stuff, rinse & repeat every 30.4375 days.

    I fail to see the advantage in Microsoft deliberately delaying fixes to problems that, for some, can be very very immediate.

    This almost reminds me of a time when Konqueror and IE had an SSL security hole. While Microsoft buried its head in the sand, the Konq guys just solved the damn problem (in a matter of hours, if memory serves).

    Maintaining important software is only hindered when some buraucratic colossus feels the need to babysit the process.

  8. Hacking Exposed Linux much much much better. by Destimony · · Score: 2, Informative · on Linux and Unix Security Portable Reference
    My big question is why this book is out there at all? It's published by McGraw-Hill, who is the same company that published Hacking Exposed Linux, 2nd Edition. HEL (or HLE, or whatever) is very comprehensive. It covers all the topics in this book, but with enough space that you can actually learn from it and apply it today. This book is a half-hearted attempt at a security book. It reads more like someone started to write a book, realized they'd bitten off more than they could chew, and tried to get out as fast as possible.

    I strongly suggest that you don't waste your money. Go with Hacking Linux Exposed. Same publisher, better book.

  9. Bastille + books better by Ubl · · Score: 5, Informative · on Linux Security Cookbook
    Bastille is a great tool, but it's no match for understanding what you're doing. It has really nice explanations of all the things it could do, but it doesn't actuall yshow you how to do them. Also, it doesn't do well with non-recent installs, and if you end up installing software later that could have been modified by bastille, it's too late to change the config.

    If you want to do it right, you want to learn about how to secure your machine yourself. That means not being scared by coniguration files, and knowing how to use netstat on the command line to find the servers you're running, knowing what inetd or xinetd do, etc. bastille won't teach you that.

    (I'm not dissing Bastille - it does exactly what it is supposed to do, but it's not a teacher, it's a tool.)

    The only linux security books out there that are worth their salt are hacking linux exposed, 2nd edition, followed by the Linux Firewalls, 2nd edition book. The former doesn't have enough space to cover firewalls in enough depth, while the later fills that need perfectly.

    If you want a lot of disjointed hacks, the recent O'Reilly hacks books are good fun. I learned a lot from the google hacks book, for example. However they are far from comprehensive (that's not their mandate) and this cookbook really should have been in the *hacks line. Their building secure servers with linux book falls into the same hole - it was based on linux journal entries, and is not a comprehensive security book.

    If you want to learn about linux security in a complete fashion, HLE and LF are the only contenders.

    (I'd also vote for the Linux Security newsletter which was meantioned below by an AC. Very good. Of course, it falls into the small tidbits of wisdom camp, rather than being a complete solution/education, but that's what you expect in a mailing list.)

  10. Bastille + books better by Ubl · · Score: 5, Informative · on Linux Security Cookbook
    Bastille is a great tool, but it's no match for understanding what you're doing. It has really nice explanations of all the things it could do, but it doesn't actuall yshow you how to do them. Also, it doesn't do well with non-recent installs, and if you end up installing software later that could have been modified by bastille, it's too late to change the config.

    If you want to do it right, you want to learn about how to secure your machine yourself. That means not being scared by coniguration files, and knowing how to use netstat on the command line to find the servers you're running, knowing what inetd or xinetd do, etc. bastille won't teach you that.

    (I'm not dissing Bastille - it does exactly what it is supposed to do, but it's not a teacher, it's a tool.)

    The only linux security books out there that are worth their salt are hacking linux exposed, 2nd edition, followed by the Linux Firewalls, 2nd edition book. The former doesn't have enough space to cover firewalls in enough depth, while the later fills that need perfectly.

    If you want a lot of disjointed hacks, the recent O'Reilly hacks books are good fun. I learned a lot from the google hacks book, for example. However they are far from comprehensive (that's not their mandate) and this cookbook really should have been in the *hacks line. Their building secure servers with linux book falls into the same hole - it was based on linux journal entries, and is not a comprehensive security book.

    If you want to learn about linux security in a complete fashion, HLE and LF are the only contenders.

    (I'd also vote for the Linux Security newsletter which was meantioned below by an AC. Very good. Of course, it falls into the small tidbits of wisdom camp, rather than being a complete solution/education, but that's what you expect in a mailing list.)

  11. Re:an ok book by Hazel+Catlover · · Score: 1 · on Linux Security Cookbook

    The Debian security manual is indeed excellent. I'd strongly vote against the Maximum Security books - they are usually nothing more than a list of tools and their man pages. If you just want a list of tools, go to LinuxSecurity and look them up yourself. If you are looking for a book that will guide you through hardening your linux machine, the best book out there is undoubtably Hacking exposed Linux.

  12. PPP over SSH/SSL/etc by Brian+Hatch · · Score: 4, Informative · on SSH or IPSec?
    PPP (I haven't used PPPoE) over SSH or SSL/TLS (Stunnel) works like a charm. The problem is correctly configuring the authentication (you want to have both machines authenticate the other) and locking it down (you don't want the user to be able to do *anything* except create the network connection) and automating the route additions and any other changes (easiest to handle via ppp's up/down script support.)

    I've written up step-by-step instructions and scripts that will do the whole durned thing, no brain required, that are in Building Linux VPNs, but was unable to convince NewRiders that one of these chapters should be the one put online. (Instead they picked chapter 1 which, while fine, doesn't provide any instantly-usable information for someone trying to actually build a VPN.

    There are a few examples on stunnel.org for setting one up with Stunnel (3.x). You may also want to learn how to correctly use and restrict passwordelss SSH ability here including using authprogs to restrict commands. (You do use command="",no-port-forwarding,no-x11-forwarding,no -agent-forwarding,from="" in all your .ssh/authorized_keys don't you? )

    Eventually, the TCP over TCP factor will kick in, and your VPN will be slow. But with a simple ping timer, you can kill/restart connections pretty painlessly via cron.

    Plus, no kernel recompilation is required.

  13. PPP over SSH/SSL/etc by Brian+Hatch · · Score: 4, Informative · on SSH or IPSec?
    PPP (I haven't used PPPoE) over SSH or SSL/TLS (Stunnel) works like a charm. The problem is correctly configuring the authentication (you want to have both machines authenticate the other) and locking it down (you don't want the user to be able to do *anything* except create the network connection) and automating the route additions and any other changes (easiest to handle via ppp's up/down script support.)

    I've written up step-by-step instructions and scripts that will do the whole durned thing, no brain required, that are in Building Linux VPNs, but was unable to convince NewRiders that one of these chapters should be the one put online. (Instead they picked chapter 1 which, while fine, doesn't provide any instantly-usable information for someone trying to actually build a VPN.

    There are a few examples on stunnel.org for setting one up with Stunnel (3.x). You may also want to learn how to correctly use and restrict passwordelss SSH ability here including using authprogs to restrict commands. (You do use command="",no-port-forwarding,no-x11-forwarding,no -agent-forwarding,from="" in all your .ssh/authorized_keys don't you? )

    Eventually, the TCP over TCP factor will kick in, and your VPN will be slow. But with a simple ping timer, you can kill/restart connections pretty painlessly via cron.

    Plus, no kernel recompilation is required.

  14. List of Luminaries by Werner+Deitel · · Score: 1 · on Linuxfest Northwest
    I can't believe I haven't heard about this yet! I live in Tacoma, and admittedly I've never managed to make it to the LUG meeting here. You'd hope that some local papers, etc, would have meantioned this, but we are in the Microsoft Municipality here, so what can you expect.

    I was looking at the list of speakers, and damn, it's impressive.

    This promises to be a really cool - I look forward to going up there this weekend!

  15. Yes, EFF donations for OSWB as well. by Brian+Hatch · · Score: 4, Informative · on Open Source Web Development With LAMP
    (I'm answering for James because he's out on vacation right now. At least I think he still is, he was yesterday.)

    Yes, the Amazon and B&N links that are on OSWB uses the same HTML as the Hacking Linux Exposed books page (and the Building Linux VPNs books page too, since you're asking.)

    So by all means, go out and buy bunches of copies of Open Source Web Development with LAMP and help the Electronic Frontier Foundation at the same time. Or, if you don't like to buy online, go to your favorite book store and buy it there, and send any money you saved on shipping to the EFF yourself.

  16. Donation to the EFF for this one too? by ftlstl · · Score: 5, Informative · on Open Source Web Development With LAMP
    I remember reading that any sales of Hacking Linux Exposed are donating online procedes to the Electronic Frontier Foundation. (See their Books Purchasing Page. They list a lot of other great books too.)

    Is this the case for Open Source Web Development with LAMP? Since James Lee is an author on both, I'd think that'd be the case, but I don't see anything meantioned on the OSWB Book Purchasing Page.

  17. Donation to the EFF for this one too? by ftlstl · · Score: 5, Informative · on Open Source Web Development With LAMP
    I remember reading that any sales of Hacking Linux Exposed are donating online procedes to the Electronic Frontier Foundation. (See their Books Purchasing Page. They list a lot of other great books too.)

    Is this the case for Open Source Web Development with LAMP? Since James Lee is an author on both, I'd think that'd be the case, but I don't see anything meantioned on the OSWB Book Purchasing Page.

  18. Couldn't find, but found some gold by candycrusher · · Score: 2, Informative · on Build Your Own Database-Driven Website
    I went to my local Barnes and Noble and Borders to see if I could find this book, given the great review. No luck.

    However I picked up a copy of Open Source Web Development with LAMP that's by the same guys that wrote Hacking Linux Exposed and it is really great. It has an extensive PHP chapter, but the real juice is in how it covers all of apache setup, perl, php, mysql, and even mason, HTML::embperl, and WML in one place. I'd never heard of it, but when I flipped through it on the shelf I couldn't put it down. I highly recomend it.

  19. Re:How does it stack up against... by ThirdEdition · · Score: 2, Insightful · on Firewalls and Internet Security, 2nd Ed.
    I don't think any one book is a good way to have an overall picture of security. Just like you need defense in depth, you need investigation/learning in depth.

    This second edition super does a job of updating the original, and it's about time. For unix security people I'd suggest you also read Hacking Linux Exposed because it has very in depth coverage of everything from a Linux standpoint. (Unix really, but they focus on Linux for their answers about how you fix things. Pathnames may differ for other Unix systems, like BSD.)

    O'Reilly's BIF is good, but I'd suggest a Linux-specific firewall book too, like Linux Firewalls, Second Edition.

    For those people not familiar with Hacker's Challenge (1st and 2nd editions) it's a book chock full of real-world (presumably sanitized) cracking examples where they tell you what happened, copies of of log data, and you try to figure out what happened. Very good book.

    I'd also like to note that Hacker's Challenge (and Hacking Linux Exposed, for that matter) are not Foundstone books. Hacker's Challenge's lead author is Mike Schiffman, director of security at @stake, which is definately not Foundstone. Foundstone is doing poorly, going so far as to patent port scanning.

  20. Good books you could use instead. by Hackit+Crackit · · Score: 5, Interesting · on Hack Attacks Revealed, Second Edition
    I purchased all of the Hack Attacks books when they were in the first edition, and was extreemly dissapointed. The second edition promised to be better and fix all the errors and dependencies on pages of code listings, so I got Hack Attacks Revealed only. This time HAR promised all the Windows and Unix hacks you could shake a stick at.

    Well, the windows stuff is pretty lame. It has lots of pages dedicated to it, but mostly describes things that were old before they started compiling (not writing) the book.

    The linux part is laughable. Lists of cracks that are worthless on any machine that was installed in the last five years. Does anyone run WU-FTPD from before 1995 now? I don't think so. Why waste the space? Besides, we want to understand how to hack/crack systems, not how to run an outdated exploit. If he took time to teach how an exploit worked, that'd be one thing, but as is this book is really really lame on the unix side. THe windows readers probably don't care, since they'd best be able to be script kiddies anyway.

    My recomendations are as follows:

    Hacking Linux Exposed second edition for all thing Linux/Unix. Can't be beat.

    Hacking Windows 2000 Exposed. Do not get Hacking exposed, it tries to cover everything, and does them all poorly. The Windows 2000 edition is the only one you should get if you need windows information. (Applies to older and XP also in many cases.)

    Hack Proofing your Network, edited by Blue Boar. Covers many of the same topics of the two books above, but by different experts. Multiple voices is good...

    Any of the SANS books put out by NewRiders, most of which are written in part by Steven Northcutt. Lots of IDS and security titles by that publisher.

    And you can't go wrong with Building Internet Firewalls, now out in a second edition.

    I'd recommend any of the books above - they are accurate, informaaive, and either up to date or timeless. Any of these is worth 500 copies of Hack Attacks Revealed.

  21. Never underestimate the stupidity of the public... by Brian+Hatch · · Score: 1 · on Swiss Researchers Find A Hole In SSL
    Hatch assumes the public has a brain!

    No, I never assume the public has a brain. Your comments are completely correct. However I was addressing a vulnerability in SSL and HTTPS in particular, rather than a vulnerability of the user sitting in front of their computer.

    I've written many times about how blindly clicking "YES" is a great way to defeat your security. SSL is not a magic bullet, SSH MITM Attack "Challenge" writeup, and a good section in HLEv2 which is unfortunately not availble online. I'm sure you can find a few of my rants in the Stunnel mailing list archives as well.

    Do I trust that users will possess a brain and use it? Hell no. But that wasn't the original question.

  22. Never underestimate the stupidity of the public... by Brian+Hatch · · Score: 1 · on Swiss Researchers Find A Hole In SSL
    Hatch assumes the public has a brain!

    No, I never assume the public has a brain. Your comments are completely correct. However I was addressing a vulnerability in SSL and HTTPS in particular, rather than a vulnerability of the user sitting in front of their computer.

    I've written many times about how blindly clicking "YES" is a great way to defeat your security. SSL is not a magic bullet, SSH MITM Attack "Challenge" writeup, and a good section in HLEv2 which is unfortunately not availble online. I'm sure you can find a few of my rants in the Stunnel mailing list archives as well.

    Do I trust that users will possess a brain and use it? Hell no. But that wasn't the original question.

  23. Never underestimate the stupidity of the public... by Brian+Hatch · · Score: 1 · on Swiss Researchers Find A Hole In SSL
    Hatch assumes the public has a brain!

    No, I never assume the public has a brain. Your comments are completely correct. However I was addressing a vulnerability in SSL and HTTPS in particular, rather than a vulnerability of the user sitting in front of their computer.

    I've written many times about how blindly clicking "YES" is a great way to defeat your security. SSL is not a magic bullet, SSH MITM Attack "Challenge" writeup, and a good section in HLEv2 which is unfortunately not availble online. I'm sure you can find a few of my rants in the Stunnel mailing list archives as well.

    Do I trust that users will possess a brain and use it? Hell no. But that wasn't the original question.

  24. Good Challenges/Case Studies by ThirdEdition · · Score: 4, Interesting · on Hacker's Challenge 2
    I've read this book too, and it's really good. The problem is that they don't have enough space to really misdirect you, they really only provide the information that is relevant. In a real world environment, you'd need to sift through everything (irrelivant logs, user history files, timestamps) to see what is and is not helpful. But HC does a good job with what they can offer.

    I was first intrigued by case studies when I read hacking linux exposde, which has excellent real-world case studies. Turn them on their heads and they are useful as challenges too. Since HLE was based on Hacking Exposed I thought I'd get it for those case studies, but they are lame 1-2 page things.

    You can get the case studies for HEL online now, which is cool.

    Does anyone else have good case studies / challenge pointers that are available online?

  25. Recomendation: Onsight, Internal Training Depts. by aguasch · · Score: 3, Informative · on Seeking Hands-on Training Programs?
    I worked for Morotola for many years, and had quite a few training classes through them. I imagine many other big companies have internal classes that are very hands on. Ours were 10-20 people, each with their own machine, which worked out really well. Lots of coding/experimenting/lab time is a must.

    Most of the instructors were using stock Motorola class stuff, some of which wasn't great, but if you have a good instructor that can make up for it.

    The best instructor was James Lee from Onsight.com who had a bunch of custom Perl (beginning and advanced), CGI, TCL, and a few others, all of which were outstanding. These are the guys that wrote Hacking Linux Exposed and I recently got Open Source Web Development with LAMP that is just excellent, and really mirrors their training skills.

    I don't know if they do classes outside of Motorola (their web page seems to indicate they do), but I'd highly recommend them.

    In general, if you work at a big enough company, they probably have good internal training classes available, or can send you to classes that are good outside.

    I'd be wary trying to pick one on your own, though. I had very bad luck with some "big names" like Learning Tree which seem to just cobble together classes quickly, and try to debug them with you as the guinea pigs at hundreds of dollars a pop.

  26. Context: Windows vs Linux Security standard inst. by Brian+Hatch · · Score: 2 · on Hacking Linux Exposed, Second Edition
    The context of this thread is for my proposed Windows vs Linux Security Challenge which is meant to model what a normal user would need to go through to create a secure install from scratch. Sure, I can set up a very detailed list of packages and specific application configuration for a big web farm and install with kickstart. I could even set up a disk and clone it with 'dd' and a few shell scripts to change IP addresses. But that's not going to help teach new Linux users what the securing process looks like.

    So I do not dissagree with you -- your solution is definately optimal for creating lots of good machines -- but the goal was to show how to install and secure one machine in a standalone environment with a set suite of server software.

    As to the actual time I'd take to do the install and lockdown, I think 2 hours is plenty, given the proposed packages that must be installed and configured:

    Including the (secured) operating system itself, the final server configuration must support (as secure as possible)

    • A Web Server, preferably with dynamic-content generating capabilities, such as ASP or mod_perl. No documents need be installed, however all default-install documents/programs must be deleted. In other words, every possible request should return a 404.

    • Anonymous FTP Server (read-only)

    • Mail Server (able to accept email for itself and send to other Internet machines)

    • DNS Server (able to act as a primary for 'OS.example.com' and as a cache for the local network)

    • Firewall rules that allow only the above protocols, and any other packets necessary for system administration and normal functionality. (Inbound SSH, DNS Replies, etc.)

    The software I'd probably choose would be Apache (mod_perl), DJB's publicfile for anon FTP access, Postfix for the mail server, and DJBDNS for the DNS server/caching server.

    Now that 2 hours includes keeping a log of what I'm doing, or at least explaining it to someone who can keep a good running log, includes download time of updates (like I said, this should be like an end user, so the packages should be out of date on the install CD) and time to go get and consume a grande non-fat extra carmel carmel macchiato from starbucks.

  27. Re:How does the EFF donation apply? by Brian+Hatch · · Score: 2 · on Hacking Linux Exposed, Second Edition
    See the original /. comment as well as our website for our reasoning behind giving money to the EFF.

    In short, yes, the donation will apply to any books that get credited to our affiliate accounts. You can go through the book links on any of the following sites:

    Going through any of those links will work. If you prefer, you can just send money to the EFF directly and cut out the middle man.

  28. Re:How does the EFF donation apply? by Brian+Hatch · · Score: 2 · on Hacking Linux Exposed, Second Edition
    See the original /. comment as well as our website for our reasoning behind giving money to the EFF.

    In short, yes, the donation will apply to any books that get credited to our affiliate accounts. You can go through the book links on any of the following sites:

    Going through any of those links will work. If you prefer, you can just send money to the EFF directly and cut out the middle man.

  29. Re:How does the EFF donation apply? by Brian+Hatch · · Score: 2 · on Hacking Linux Exposed, Second Edition
    See the original /. comment as well as our website for our reasoning behind giving money to the EFF.

    In short, yes, the donation will apply to any books that get credited to our affiliate accounts. You can go through the book links on any of the following sites:

    Going through any of those links will work. If you prefer, you can just send money to the EFF directly and cut out the middle man.

  30. Price increase by Brian+Hatch · · Score: 5, Informative · on Hacking Linux Exposed, Second Edition
    I didn't even notice that the price increased until right now. I have nothing to do with the price of the book. I have no idea how they set it. Maybe the higher price means we will make minimum wage for our troubles this time...

    In actuality, there are about 200 new pages, since we cut out a lot of older stuff, condensed things that are not as relevant that still deserve a good nod, and put the original three case studies online instead.

    Chapter 10 grew to be three chapters all told. Chapter 11 needed to be split because it was too big for both Mail and FTP in one chapter. We covered many new attack methods and tools. Everything grew substantially, in spite of trimming out the old and tightening up what we had.

    And we fixed a bunch of errors and added completely new ones.

    Everything in HLEv1 is still valid. If you own the first, I'd suggest you compare the contents of the two books to decide if you want it or not. Or browse it at the store. Unfortunately, the sample chapter is again chapter 1, which is one of the least modified chapters, so it doesn't give you the best indication of what's new.

    This is my best stab at a response. I am so much not a marketing guy, I'm a geek.

  31. Price increase by Brian+Hatch · · Score: 5, Informative · on Hacking Linux Exposed, Second Edition
    I didn't even notice that the price increased until right now. I have nothing to do with the price of the book. I have no idea how they set it. Maybe the higher price means we will make minimum wage for our troubles this time...

    In actuality, there are about 200 new pages, since we cut out a lot of older stuff, condensed things that are not as relevant that still deserve a good nod, and put the original three case studies online instead.

    Chapter 10 grew to be three chapters all told. Chapter 11 needed to be split because it was too big for both Mail and FTP in one chapter. We covered many new attack methods and tools. Everything grew substantially, in spite of trimming out the old and tightening up what we had.

    And we fixed a bunch of errors and added completely new ones.

    Everything in HLEv1 is still valid. If you own the first, I'd suggest you compare the contents of the two books to decide if you want it or not. Or browse it at the store. Unfortunately, the sample chapter is again chapter 1, which is one of the least modified chapters, so it doesn't give you the best indication of what's new.

    This is my best stab at a response. I am so much not a marketing guy, I'm a geek.

  32. Re:Donations to EFF - How Much? by Brian+Hatch · · Score: 5, Informative · on Hacking Linux Exposed, Second Edition
    We set up amazon and barnes and noble afilliate accounts. If books (be they HLEv2 or others) get credited to us through that, those are the monies that get donated to EFF. To do that, you need to click on the links on our books page and add it to your cart from their. Amazon also credits books purchased if you came from our site originally, even if you didn't see them on our page.

    For the last quarter I think we got $150 from Amazon and about $10 from B&N which we'll be sending to EFF. Not much, but it's a good way to funnel money their way. I particularly like the irony of having Amazon, creators of some pretty questionable patents, paying EFF.

    An even better way to support the EFF is for you to find the cheepest copy of HLEv2 you can get at a local book store (save on shipping) and then donate the difference to EFF directly. Or don't get HLEv2 and send the whole schebang to EFF.

    Become an EFF member or donate at www.eff.org.

    No, I'm not affiliated with them, other than being a paying member, but I endorse them. And some day I may need them to defend me, given that HLEv2 can be considered a tool that could be illegal under the DMCA.

  33. Donations to EFF - How Much? by Anonymous Coward · · Score: 0 · on Hacking Linux Exposed, Second Edition
    The article says that the book authors are donating any money they get to the Electronic Frontier Foundation. (Reference here.

    How much have you raised thus far?

  34. Yes, I'm the author by Brian+Hatch · · Score: 2, Interesting · on Hacking Linux Exposed, Second Edition

    Ok, I don't use sigs or anything to plug my books. I like to be a normal /. person. But in case you're suspicious (you probably have a good future in computer security...) I'll post my /. id to our website so you know it's me.

  35. Linux versus Windows Challenge by schaftmstr · · Score: 3, Informative · on Hacking Linux Exposed, Second Edition
    One thing I forgot to put in my review is this:

    The HLE authors have a Windows vs Linux Security Challenge where they want to have a Linux security team and a Windows security team install and secure a Linux and Windows machine at the same time, documenting what they do and how long their machines are vulnerable. I'd love to see this. It'd be a great way to see exactly how bad Windows machines for both generic installation (imagine counting the number of reboots for one vs the other as you update service pack after service pack, a reboot after installing IIS, another when you change your password ;-) and security (locking down the machine so that IIS doesn't have a billion holes from the default installation).

    I'd pay good money to see this.

  36. Beating a dead horse. by Brian+Hatch · · Score: 5, Informative · on Hacking Linux Exposed, Second Edition
    Ok, I knew the hacking vs cracking thing would come up. Go read our response to this.

    For a quick bulleted list:

    • I tried to get them to call it 'cracking linux exposed'. I lost.

    • Much of the "cracking" process requires good "hacking" skills, so it's not actually a bad title anyway.

    • Each and every time we use "hacking" in the book it's used as the purists would (and I'm one of the purists)

    • When it's hacking with a malicious intent, we call it "cracking", "attacking", or "malicious hacking" as best fits the situation.

    The only exceptions to this rule are the front and back cover, on which we were either overruled, or gave up the good fight.

  37. Re:Disappointing article by Slaven+Reitmeier · · Score: 4, Insightful · on Linux Security: Reflections on 2002, Eye on 2003
    The predictions here were consistant with his '7 deadliest sins' which he frequently quotes. In fact, the article is in many ways just a more verbose version of them, with a few specific vulnerabilities thrown in for good measure.

    Most of the predictions were "more of the same". I seriously doubt we'll be seeing "a major Cyberterrorism event" though -- I usually expect to hear this from sensationalists, not legitimate security experts. Think Steve Gibson. In fact, the theorized cause of these massive DDoS attacks is supposed to be windows systems, and the Raw Sockets are Evil thread is brought back to mind.

    One big unforgivable mistake in the article: there was no bug in DNS -- there was a bug with BIND. Anyone using nameservers or libraries that were not part of BIND were unaffected. The fact that he assumes BIND is the only DNS server in the world is a big mistake, and one of the reasons DJBDNS doesn't get enough airtime.

    Overall, I didn't see anything in the article that I didn't already see a hundred other places.

    Personally, I'd like to hear what the authors of Hacking Linux Exposed have to say. Their book has a lot more grit and less soft-shoeing over the topics. Real World Linux Security has always been too full of stories and not enough answers for me. (Of course I bought the 2nd edition anyway.)

  38. qualified? by Anonymous Coward · · Score: 0 · on Real World Linux Security, 2nd Edition
    Sounds like the guy has BSD, but what does he do in the Linux world? I've never heard of him.


    Other Linux security book authors, on the other hand, clearly are in it for more than just books. Brian Hatch of hacking linux exposed writes a free hacking newsletter every week (archives)
    as well as Security Focus stuff. Michael Bauer of
    Building Secure Servers with Linux writes articles for O'Reilly and is the security editor for Linux Journal.


    Especially in the area of Linux, I expect to have experts. I've read RWLS 1, and was very dissapointed in the amount of fear mongering vs useful security info.

  39. qualified? by Anonymous Coward · · Score: 0 · on Real World Linux Security, 2nd Edition
    Sounds like the guy has BSD, but what does he do in the Linux world? I've never heard of him.


    Other Linux security book authors, on the other hand, clearly are in it for more than just books. Brian Hatch of hacking linux exposed writes a free hacking newsletter every week (archives)
    as well as Security Focus stuff. Michael Bauer of
    Building Secure Servers with Linux writes articles for O'Reilly and is the security editor for Linux Journal.


    Especially in the area of Linux, I expect to have experts. I've read RWLS 1, and was very dissapointed in the amount of fear mongering vs useful security info.

  40. Hacking Linux Exposed 2nd edition much better by MarkOlszewski42 · · Score: 4, Informative · on Real World Linux Security, 2nd Edition
    I got both Hacking Linux Exposed 2nd edition and Real world Linux Security 2nd Edition this year, and hacking Linux Exposed is infinitely better. Most of the new things in RWLS seem to be to make it as good as HEL 1st edition, but they fail to live up. If you want to read good case studies about linux, the ones in HLE are great command-line stuff. THe ones in RWLS are ages old - -the coocoo's egg stuff isa great story, but the guy who was there wrote all about it in much better style than RWLS can do.

    WHat I noticed about the new editions of both books is that HLE took out stuff that's no longer relevant and/or put it online instead, while RWLS just added (often repetitive) stuff. You get a much better bang for your buck with hacking linux.

    Also, hacking linux is donating any money they make from sales to the EFF. See their site for more info.

  41. Re:Other books? by Anonymous Coward · · Score: 0 · on Building Open Source Network Security Tools

    You really need to get a copy of "Building Secure Software' by Viega and McGraw. Very complete. Of course for less program-specific security, I'd suggest Hacking Linux Exposed (Hatch/Lee). I wouldn't bother with the other Hacking Exposeds though. Pretty low on grit.

  42. Amazon, Barnes and Noble, Fatbrain, etc by Anonymous Coward · · Score: 0 · on Hacking Linux Exposed

    they've got links to the major online booksellers that sell it here

  43. Password-protected source downloads? by JoshuaDFranklin · · Score: 1 · on Hacking Linux Exposed
    Anyone else thing the
    From
    password-protected source downloads
    is a bit silly?

    Accessing the pages below requires a username/password.

    Username: The name of the network scanning software shown on page 123.
    Password: The kernel module listed on the first line of page 353. (begins with the lower case letter 'i')

    Sheesh, I just wanted to see what their spam.txt was.
  44. Re:Hacking? by Brian+Hatch · · Score: 1 · on Hacking Linux Exposed
    Who will be the first to complain about the title? That'd be Brian Hatch and James Lee. (George had already fought this battle with HE).

    You can't win against the publisher/editor. We tried. We fought for almost the whole time we were writing. We lost.

    See our take on it at hackers_vs_crackers on our website.

    Trust me, we were not pleased either.