|
 |
|
 |
 |
Linux (Hacking Exposed)
|
by Brian Hatch, James B. Lee, and George Kurtz
Sales Rank: 423969
|
List Price: $39.99
$31.19
At Amazon
|
|
Paperback: 566 pages
Publisher: Osborne/McGraw-Hill; 1st edition March 27, 2001
Language: English
ISBN-10: 0072127732
ISBN-13: 978-0072127737
Product Dimensions:
9.1 x 7.4 x 1.4 inches
Shipping Weight: 2.6 pounds
Product Review
"Throw up a Linux box," comes the chorus whenever there's a need to provide some network service or other without impinging upon the boss's martini budget. Fair enough, but by doing so are you opening security holes you don't know how to find or fix? The newest edition of Hacking Linux Exposed helps you answer that question and solve many of the security problems you find. To a certain extent this book is a recipe collection in that it describes weaknesses in Linux (calling attention to specific distributions where appropriate). The authors stop short of explicitly showing you how to wage most kinds of attacks, a reasonable thing to do from an ethical point of view even though the instructions can be found easily on the Internet. Rather than do that, they give step-by-step instructions on how to defend against the attacks they catalog. The point is not, "Here's precisely how to bring down a server by means of an ACK storm," but rather, "Here's how to defend against such problems." They do demonstrate plenty of weaknesses, though, as in their coverage of the conversation that goes back and forth between an FTP server and its client.
This book covers pretty much everything you'd want to do with a Linux machine as a network server. Read it and see some of the weaknesses in your system--and do something about them before someone else does. --David Wall
Topics covered: Security best practices, approached from the perspective of what can go wrong and what can be done about the problems. Specific coverage goes to all major services, including user management, FTP, HTTP, and firewalling.
--This text refers to the
Paperback
edition.
Book Description
Tighten holes and maintain security on your Linux system!
From one of the authors of the international best-seller, Hacking Exposed: Network Security Secrets & Solutions, comes a must-have security handbook for anyone running Linux. This cutting-edge volume shows you how to think like a Linux hacker in order to beat the Linux hacker. You'll get detailed information on Linux-specific hacks, both internal and external, and how to stop them.
Customer Reviews & Comments
I am a senior engineer for network security operations. I read "Hacking Linux Exposed" (HLE) to learn how adversaries compromise Linux hosts. HLE impressed me at every level. I highly recommend system administrators and security personnel read and heed this book's recommendations. The "Hacking Exposed" series is known for its unique example-driven style. Rather than telling the reader about a technique or problem, the authors demonstrate the issue using command-line examples. I find myself reading with book and laptop at hand, ready to duplicate the authors' sample commands. This process reinforces the authors' message, while the reader learns if a specific problem applies to his situation. Furthermore, by showing exactly how to execute certain commands, the authors impart bits of wisdom and trickery not found elsewhere. For example, chapter 11 describes attacks and defenses for FTP servers. To explain active and passive FTP sessions, the authors demonstrate running an FTP client with the -d switch to illustrate raw instructions sent by the client over the FTP command channel. I had never seen this switch in use, but as an intrusion detector I constantly see raw FTP instructions like those revealed by the -d switch. These and other tidbits, like using the chattr -i command or setting the "sticky bit", make HLE exceptional. Beyond these benefits, readers will enjoy clear, thorough explanations of Linux security issues. HLE gives first-rate descriptions of ssh and web man-in-the-middle attacks, race conditions, and FTP data hijacking. HLE also provides great illustrated examples of FTP bounce attacks, giving intrusion detectors the minutiae we need to recognize these techniques. I had heard of most of the compromise methods offered by HLE, but never seen them discussed in such practical detail. If the material in chapters 1-13 of HLE don't prompt you to verify your Linux host's integrity, then the case studies in appendix D will. The security community needs more of these narratives. These stories, based on true events, show the lengths to which some attacks will go to penetrate target machines. "Hacking Linux Exposed" is another strong addition to the "Hacking Exposed" series, and the security community will benefit as a result. (Disclaimer: I received a free review copy from the publisher.)
Comment | Permalink |
(Report this)
|
Linux (Hacking Exposed)
List Price: $39.99
Available from Amazon
Price: $31.19
| |
|
|
|
|
