Slashdot Mirror

← Back to Stories (view on slashdot.org)

Best Linux Security Books?

Posted by Cliff on from the resources-for-locking-down-Linux dept.

RyuMaou asks: "I'm about to move a small company from an old, ailing Windows server to some flavor of Linux and I want to make sure they're proprietary information is safe. Here's the problem: I've only run Linux as an application server, behind the firewall, in a Novell environment. Time is short and I have limited resources and want to read at least one really great book on Linux security, then follow that up with some good reinforcement. I know the information is mostly available on the Internet for free, but I like reading actual books, not printouts. So, if you had to pick five books, or fewer, on Linux security, what would you read?"

2 of 33 comments (clear)

  1. Real World Linux Security by jimpop · · Score: 5, Informative

    I recommend Bob Toxen's Real World Linux Security, it's a year or two old but still chock-full of goodness.

  2. Try looking at Benchmarks by Jim+Robinson+Jr. · · Score: 5, Informative

    While books are good, you will have to wade through a lot of verbiage to find the gems. Although they won't provide the historical and technical backgrounds, you should seriously consider beginning with industry benchmarks rather than trying to make up your own.

    Try these for starters:

    Center for Internet Security
    http://www.cisecurity.org/

    SANS Step-By-Step Guides
    https://store.sans.org/store_category.php?category =stepxstep&portal=d3e56294b582309b0d88a6990e8621ce

    Both will provide you with a checklist to secure your systems, and although neither will be "all inclusive" they will give you a foundation to build your security program on.

    In large enterprises subject to regulatory oversight and external auditing they use these as a starting point.

    Hope this helps,

    Jim Robinson Jr., CISSP