Re:You should be kissing the author's feet
on
JavaScript Cookbook
·
· Score: 1
Yvan256 gave the exact answer I had. Writing a cookbook for solutions using technologies that are not fully-baked and agreed-upon is risking delivering answers that may not work when the real world catches up. I much prefer having solutions that can be implemented now, rather than waiting for years for the various browsers to support the technologies. After all, how many copies of IE6 and IE7 are still operational across the web, compared to how long IE8 has been available (and now IE9)? Writing about these techniques now only creates a vision of a tantalizing future that may be years off (in which case this book will probably be in a new edition) or may never come-to-be as envisioned.
Chapter 6 (Using Tools for Security Testing) goes into NMAP and Nessus in depth, then mentions a few additional tools at the end. dsniff, Ethereal, Ettercap, LIDS, Netcat, SARA, Snort, tcpdump, and Titan each have a one-paragraph writeup, with links to the websites for the tools.
SELinux is mentioned in a single paragraph on page 75. A link to the web site (http://www.nsa.gov/selinux/) is given, with a brief description likening it to grsecurity.
chroot jails are discussed for the FTP server vsftpd, and for BIND. vsftpd has a couple of parameters (chroot_local_user=YES|NO, chroot_list_enable=YES|NO, chroot_list_file=<filename>) to make it easy to set up the jail. Chrooting BIND follows the more traditional format of creating the duplicate tree for the new root, and is explained in detail in Chapter 11: Hardening DNS and BIND.
The original review had the backticks. For some reason, during the translation to HTML, they got converted to simple single quotes. My bad. I should have read the HTML more carefully.
Marcel did not give any specific instructions for installing Linux from the Knoppix CD, but he did give very clear instructions from the three I mentioned. Building your initial installation is, for many users, simpler when the files are readily in hand. Then they can use apt-get, Kpackage, or whatever to customize, expand, and tweak their system. It's simpler from the user's point of view to have the CDs than to have to use apt-get to troll the Internet for the files they want.
My own personal opinion: the Knoppix supplied on CD is more for playing with Linux than for installation. The difference is that other books will supply a 2- or 3-disk set with the complete distro, source and binary, specifically for installation. This book's Knoppix CD was specifically for getting used to Linux. That was the distinction I tried to make.
Slashdot Mirror
Yvan256 gave the exact answer I had. Writing a cookbook for solutions using technologies that are not fully-baked and agreed-upon is risking delivering answers that may not work when the real world catches up. I much prefer having solutions that can be implemented now, rather than waiting for years for the various browsers to support the technologies. After all, how many copies of IE6 and IE7 are still operational across the web, compared to how long IE8 has been available (and now IE9)? Writing about these techniques now only creates a vision of a tantalizing future that may be years off (in which case this book will probably be in a new edition) or may never come-to-be as envisioned.
Two minor corrections: (1) The downloadable content is available. The publisher's had a glitch on their web site that has since been corrected (but not until after I had finished the review - oh well!) If you go to http://www.informit.com/title/0672330970 and click the Download tab, you'll get it. (2) The link for purchasing goes to the 7th edition. This is the 8th edition, and the link to that book is http://www.amazon.com/Sams-Teach-Yourself-Hours-Coverage/dp/0672330970/ref=sr_1_1?ie=UTF8&qid=1265061056&sr=8-1.
Chapter 6 (Using Tools for Security Testing) goes into NMAP and Nessus in depth, then mentions a few additional tools at the end. dsniff, Ethereal, Ettercap, LIDS, Netcat, SARA, Snort, tcpdump, and Titan each have a one-paragraph writeup, with links to the websites for the tools.
SELinux is mentioned in a single paragraph on page 75. A link to the web site (http://www.nsa.gov/selinux/) is given, with a brief description likening it to grsecurity.
chroot jails are discussed for the FTP server vsftpd, and for BIND. vsftpd has a couple of parameters (chroot_local_user=YES|NO, chroot_list_enable=YES|NO, chroot_list_file=<filename>) to make it easy to set up the jail. Chrooting BIND follows the more traditional format of creating the duplicate tree for the new root, and is explained in detail in Chapter 11: Hardening DNS and BIND.
The original review had the backticks. For some reason, during the translation to HTML, they got converted to simple single quotes. My bad. I should have read the HTML more carefully.
Marcel did not give any specific instructions for installing Linux from the Knoppix CD, but he did give very clear instructions from the three I mentioned. Building your initial installation is, for many users, simpler when the files are readily in hand. Then they can use apt-get, Kpackage, or whatever to customize, expand, and tweak their system. It's simpler from the user's point of view to have the CDs than to have to use apt-get to troll the Internet for the files they want.
My own personal opinion: the Knoppix supplied on CD is more for playing with Linux than for installation. The difference is that other books will supply a 2- or 3-disk set with the complete distro, source and binary, specifically for installation. This book's Knoppix CD was specifically for getting used to Linux. That was the distinction I tried to make.