Slashdot Mirror
Linux and Unix Security Portable Reference
The intended audience for this book is primarily IT professionals who have some experience in systems administration and security. The book is organized into logical sections: Part 1 deals with hacking techniques and defenses, Part 2 deals with host hardening, and Part 3 contains special topics. Each part is divided into chapters that follow a logical progression.
Part 1 starts with footprinting, which includes basic information gathering about potential targets. The chapters then proceed further into the stages of an attack (port scanning, obtaining a shell, privilege escalation) and finishes by discussing some of the techniques hackers use to cover their tracks. The services covered in this section include FTP, Telnet, SSH, SMTP, HTTP, HTTPS, R-services, NFS, Samba, POP, IMAP, MySQL, X, and VNC. An interesting point here is that these services are listed in ascending order with respect to their port numbers.
Part 2, Host Hardening, examines some vulnerabilities common to most systems and includes remedies. Choosing good passwords is discussed, as well as how to set password policies. Though the author warns of the dangers of weak passwords, I would have liked to see a more thorough explanation of how to choose passwords. The section goes on to explain how to disable unnecessary services and harden remote services. At the end of this section are chapter on good practices related to user and system privileges, as well as logging.
Part 3 contains some interesting material, including a whole chapter on the Nessus Attack Scripting Language (NASL), wireless hacking, hacking with the Sharp Zaurus PDA. The section on wireless networks contains some fairly standard material (WEP is insecure, using AirSnort, etc.) but nevertheless serves as a good reminder to use caution when deploying wireless networks. The final chapter, Hacking with the Sharp Zaurus PDA, is especially interesting and details all sorts of fun things you can do with this handheld device, including scanning for wireless networks, connecting to remote machines via SSH, and using VNC to control remote machines.
The Good
This book does an excellent job of presenting information in a clear and easy-to-understand manner. It avoids theories and concepts and delivers just the facts that a systems administrator needs to evaluate and protect a Unix or Linux system. It also makes use of helpful icons throughout the book which draw attention to key points. For example, hacking techniques have a sword icon next to them while defense techniques are listed with a shield. This visual feedback makes it easy to focus in on specific techniques and helps organize the material in a more usable manner. The content of the book is especially good, and the author does a thorough job of covering the basic hacking techniques as well as methods of defense against these techniques.
Another great feature of this book is the inclusion of a reference center in the middle of the book. This section, marked by easy-to-find blue pages, contains a wealth of relevant reference information, such as common commands, common ports, IP addressing, online resources, useful netcat commands, an ascii table, HTTP codes, and important files.
Suggestions
It's hard to find much wrong with this book. However, I felt that a few things were glossed over. For example, the section on passwords was extremely brief and gave no suggestions for choosing good passwords or for how long to set password expirations. In addition to the discussion on TCP Wrappers, I would have also liked to see some mention of using iptables for creating a software firewall.
Summary
HackNotes(tm) Linux and Unix Security Portable Reference is an excellent security reference for IT professionals and systems administrators. The clear, concise presentation of the book makes it easy to digest and use as a practical resource. It is well-organized and thorough and covers a wide range of situations. If you maintain one or more Unix or Linux machines, this book belongs on your shelf.
You can purchase HackNotes Linux and Unix Security Portable Reference from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Sample Chapter:ch03-enumeration(pdf)
(3) Other Hacknotes titles
Disclosure: I am not a paid endorser for hacknotes products.
Why is it that everyone wants to write a security book nowadays without any regard to whether the book actually adds anything to the realm of infosec? Do the authors prize the idea of being viewed as subject matter experts so they will get invited to speak at cons, thereby further inflating their reputations/egos?
The whole review spoke of shit I have in half a dozen other books already. If I pick up a security book and it has crypto basics or passwd basics in it I'm tempted to just toss it right then and there, especially since most of these tomes are >$40.
Very few security books find their way to my shelf nowadays since most are redundant. Awesome exceptions include:
Incident Response (McGraw Hill)
Practical Unix & Internet Security (OReilly...like you didn't know)
Network Intrusion Detection (New Rider)
Building Internet FWs (OReilly)
There are others of course but these all share the characteristic of actually *adding knowledge to the field*.
I strongly suggest that you don't waste your money. Go with Hacking Linux Exposed. Same publisher, better book.
Well that's a mean little joke. For all you who are still curious, it will reboot your system on the spot, without syncing .
http://www.djcj.org/LAU/guide/sysreq.html
This reminds me of the fun I used to have in TFC or Counter Strike when someone named "Player" would always ask "I pressed Windows key, how do I get my sound to work again?". I would tell them, "alt+F4 should do the trick". "Player has left the game" would flash across my screen much to my satisfaction. Sure I feel bad about that now =), but it did get them there sound back.