Slashdot Mirror

← Back to Stories (view on slashdot.org)

Practical Unix & Internet Security

Posted by timothy on from the updated-classic dept.

Charles McColm writes "At just under 1,000 pages the 3rd edition of Practical Unix & Internet Security might look intimidating on the shelf, but a quick glance through the pages reveals that it is both practical and entertaining. With Slammer and Blaster making their way into the news it seemed like a good time to brush up on security. Already considered a classic reference, the 3rd edition of the book provides extensive updated information about topics like PAM (Pluggable Authentication Modules), LDAP, forensics, intrusion detection, wireless devices, and cryptography." Read on for the rest of McColm's impressions of the book. Practical Unix & Internet Security author Simson Garfinkel, Gene Spafford & Alan Schwartz pages 954 publisher O'Reilly & Associates rating 8/10 reviewer Charles McColm ISBN 0596003234 summary The 3rd edition of Practical Unix & Internet Security adds much-needed updated information to an already classic security text. It's very comprehensive but a little dry in parts.

Practical Unix & Internet Security is divided up into six sections:

The first section covers the basics of computer security, tracing the history of Unix and security, as well as providing details of what should be in a good security policy.

The second section covers the building blocks of security, authentication, users and groups, filesystems, cryptography, physical security for servers, and personnel security.

Network and Internet security are focused on in the third section, with emphasis on modems and dialup security, TCP/IP networks, securing TCP and UDP services, Sun RPC, NIS, Kerberos, LDAP, NFS, and SAMBA, and finishing up with a chapter dedicated to secure programming techniques.

Day-to-day operations are the focus of the fourth section. Keeping up to date, making backups, defending accounts, using integrity checking tools, and auditing, logging, and forensics are all expanded upon in detail over five chapters.

The fifth section rounds off the main part of the book by describing how to handle security incidents. Special focus is given to discovering a break-in, protecting against programmed threats, Denial of Service Attacks (& DDoS), legal options, and a chapter on who you can trust.

The Appendixes make up the sixth and final section. Not a spot is wasted in the appendixes, which begin with a Unix security checklist, and then outline Unix processes, provide extensive links to both paper and electronic resources, and conclude with a sub-section on security organizations.

Among the topics I found most interesting were: Access Control Lists (ACL), Pluggable Authentication Modules (PAM), the section about 128-bit keys and dictionary-based passwords, connection laundering, honeypots, the false syslog example, and the example detailing a call to Microsoft's anti-piracy help line. The real-life examples scattered throughout Practical Unix & Internet Security keep the security sections from seeming overwhelming. This is one of the few books that I've found ever chapter of the appendix useful, so don't overlook them as simple reference pages.

Normally one-liners are reserved for movie discussions but for those who've already delved into Practical Unix & Internet Security here are a few of my favorite one-liners:

  • "...we do believe that making files readable and writable by everyone leads to many evil deeds." - talking about the octal mode 666.

  • "Humidity is your computer's friend." - just before static discharge kills your entire system.

  • "Beware of Key Employees." - warning against making one person so key that their departure could cause your company irreparable harm.

  • "You mean, you don't really have a copy? [of Windows 98]" - the last part of a conversation with Microsoft's Anti-Piracy line. The company which called Microsoft's was tracing some intruders who had uploaded a copy of Windows 98 to the company's web site and was using the site to peddle warez. Microsoft was just about to launch Windows 98. The example shows just how clueless some help desks can be.

There are a few spelling mistakes and grammatical flaws but not enough to take away from the bulk of the information and no glaring omissions. UUCP coverage was dumped because UUCP simply is not a practical anymore now that more advanced alternatives like sendmail exist. I started glazing over material by the middle of the NIS chapter, but it probably had more to do with the fact that I was thinking about the other 400 or so pages I had to read before I finished the main section of the book rather than the topic itself.

One of the great things about Practical Unix & Internet Security is that it is appropriate for a wide audience. There is relevant material for system administrators, security, company decision makers, even the guy sitting at the accounting terminal. Despite its massive size Practical Unix & Internet Security is entertaining enough to be read cover to cover. (It's good for the arm muscles too.) Though it is easy to read, beginners should probably reread their system manual before plunging headlong into this book. All in all Practical Unix & Internet Security continues to be one of those must-have books for any Linux user.

You can purchase Practical Unix & Internet Security from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

9 of 123 comments (clear)

  1. Practical UNIX... by Anonymous Coward · · Score: 5, Funny

    The companion book seems, uh, interesting too. :)

  2. Get for just $27! by Anonymous Coward · · Score: 5, Interesting

    Thanks to froogle price check

  3. UUCP by Medievalist · · Score: 5, Informative
    UUCP coverage was dumped because UUCP simply is not a practical anymore now that more advanced alternatives like sendmail exist.
    Um, I think you meant "UUCP is not necessary anymore now that PPP, NNTP and SMTP are widely supported".

    Sendmail (a program) is not an alternative to UUCP (a protocol). Even if you are talking about the UUCP software and not the protocol, the alternative is pppd, not sendmail.

    Sendmail still supports UUCP, but most distros do not enable that support, and hardly anyone uses UUCP anymore.
  4. Re:the thing i always want to know by Dr+Caleb · · Score: 5, Insightful
    What does this book offer that I can't easily find by asking google or google groups?

    No power requirements and need to connect to the Internet. Very handy feature.

    --
    "History doesn't repeat itself, but it does rhyme." Mark Twain
  5. Simson Garfinkel... by ravind · · Score: 5, Funny

    ...I love their music :D

  6. Hey... by blueforce · · Score: 5, Funny

    One of the great things about Practical Unix & Internet Security is that it is appropriate for a wide audience

    I resemble that remark.

    --
    If you do what you always did, you get what you always got.
  7. Re:viruses by jdludlow · · Score: 5, Funny
    boot-sector infector

    Sounds like a nerd garage band.

  8. Sample Chapters by Anonymous Coward · · Score: 5, Informative

    Sample chapters of the book can be found here and here. I read this first one (the one on TCP/IP) and found that it was an excellent introducation to it. The other is on "secure programming techniques." Gotta read that.

  9. Re:Mode 666? by Anonymous Coward · · Score: 5, Informative

    ummmm...back to unix school for you...

    777 is rwxrwxrwx : Read, Write & Excutable for all

    666 is rw-rw-rw- : Read, Write for all

    remember octal? r=4; w=2; x=1

    r + w = 4 + 2 = 6

    rho