Product Description: Cracker attacks are costing leading e-Businesses millions -- and spotlighting the dangers intruders pose to every participant in the new dot-com economy. If you rely on Linux, this is your systematic, comprehensive guide to protecting yourself. Security guru Bob Toxen uses real-world case studies from his own consulting career to show exactly how network and Internet security breaches can happen, what they look like when they do happen, and what you must do now to prevent them. The book is organized into four sections: securing your system, preparing for an intrusion, detecting an intrusion, and recovering from an intrusion. Toxen even provides at-a-glance icons and tables rating the severity and likelihood of each type of attack. Along the way, you'll learn how to configure systems so they alter themselves to lock out a cracker -- and notify the sysadmin immediately -- at the first sign of attack. You'll discover virtually cracker-proof techniques for protecting credit card databases, even if your web server and network are compromised. Toxen also presents 100+ pages of techniques for ensuring that, if a break-in does occur, damage will be minimal and a full recovery can happen fast. The accompanying CD-ROM includes a complete Linux security software library -- including powerful tools written by the author to detect cracker servers, and identify running cracker programs, even if they've been deleted from disk.
The best linux security book, bar none This book is simply outstanding. It gives a thorough coverage of all the topics you need to secure your Linux system. The book also gives a number of practical case studies, and covers common hacking techniques. This is important since one cannot defend against attacks if you are not aware of how those attacks are executed.
If you are a Linux administrator, you simply must have this book. Its that simple. Not reading it would, in my opinion, constitute professional negligence for any Linux administrator.
Simple, concise, easy to read Bob Toxen came out with a valuable book which is easy to comprehend, and can be implemented immediately into production systems. His examples are clear and direct to the point, which makes reading and understanding a breeze.
Whether you've been working with internet security or just starting, this book is a must have!
The best on the subject; practical and thorough Real World Linux Security (2nd ed.) far exceeded my already-high expectations, having known the author and his expertise for a long time. Computer security is one of my secondary fields of expertise, as is Linux, yet I learned a lot from this book that I had previously overlooked -- and it helped me repair a system that crackers had attacked.
Bob writes in a very readable way that manages to be simultaneously entertaining and informative, a very rare combination.
He clearly realizes that a lot of readers will be in a hurry, looking for advice when there's already trouble brewing, so he starts with a very terse overview, going immediately to chapter 2 "Quick Fixes for Common Problems. Chapters 4 and 5 cover the most commonly attacked subsystems and how they're attacked.
That's already book-length; over 250 pages. It goes on to Advanced Security Issues, Security Policies, Case Studies (wherein I'm mentioned :-) scanning and monitoring your system, regaining control, repairing damage, and much much more than I can mention in the max 1000 words here.
Extremely extensive, and both the table of contents and index are well done, something important to me for quick reference.
Security that works! This book is at the top of my list when it comes to Linux security books. It has more information on securing Linux than any other I've read. And when I say Linux, I mean Linux not the plethora of applications and servers that run on Linux. Granted, it touches on some of the more "standard" servers, like Apache, Sendmail, and Samba. But the majority of the book is dedicated to securing Linux, servers, and applications in general. So, if you are looking for a book to tell you how to lock-down ProFTPD, this isn't it. Because of this limited scope, unlike other Linux security books that try to cover everything imaginable, it manages to cover the topic thoroughly.
The book starts off with "quick fixes" and then moves on to more advanced security issues. This is done so that you can get your system relatively secure as soon as possible, and deal with securing some of the more obscure and complex things in a progressive nature. It deals with just about
everything from making your users choose hard to crack passwords, to defining a written security policy, to collecting information about break-ins and getting law enforcement involved. This is a real well rounded and robust book.
Two things make this an awesome addition to any Linux user or administrator's collection. First, the author knows Linux inside and out. I was quite surprised to see security solutions that include kernel modifications as an option. In addition to his knowledge of Linux, the author has a very jovial writing style that you seldom find in books of a technical nature. I felt no need to force myself to read this book, because the author's writing style was engaging kept my attention. Second, the author (and Prentice Hall) included a CD with the book that contains software that the author wrote or modified (to extend its functionality and/or usefulness). The CD itself is worth the price of the book alone.
This book is a good buy and I would recommend picking up a copy of this book if you are running Linux in a business or home environment.
Should get a better focus Too much of this book that is supposed to be about Linux Security is instead about paperwork, or general computer security, as opposed to linux/unix security. There are many books out there that do a far better job helping you create user policies and all that paperwork that the folks in HR want to have for legal purposes. SANS has a wealth of this stuff, and it's better to just read/copy it from online if you need that stuff. Instead, I'd prefered that this book had more Linux security 'grit'.
I'm not displeased with what is here, but the amount of the book that covers topics that are not useful or on point is dissapointing.
Anything Goes Trivia
Megaton Man
Trevor
