Linux and Unix Security Portable Reference 69
| HackNotes Linux and Unix Security Portable Reference | |
| author | Nitesh Dhanjani |
| pages | 224 |
| publisher | McGraw-Hill Osborne Media |
| rating | 9 |
| reviewer | Michael Reynolds |
| ISBN | 0072227869 |
| summary | HackNotes(tm) Linux and Unix Security Portable Reference is a great security reference for IT professionals. |
The intended audience for this book is primarily IT professionals who have some experience in systems administration and security. The book is organized into logical sections: Part 1 deals with hacking techniques and defenses, Part 2 deals with host hardening, and Part 3 contains special topics. Each part is divided into chapters that follow a logical progression.
Part 1 starts with footprinting, which includes basic information gathering about potential targets. The chapters then proceed further into the stages of an attack (port scanning, obtaining a shell, privilege escalation) and finishes by discussing some of the techniques hackers use to cover their tracks. The services covered in this section include FTP, Telnet, SSH, SMTP, HTTP, HTTPS, R-services, NFS, Samba, POP, IMAP, MySQL, X, and VNC. An interesting point here is that these services are listed in ascending order with respect to their port numbers.
Part 2, Host Hardening, examines some vulnerabilities common to most systems and includes remedies. Choosing good passwords is discussed, as well as how to set password policies. Though the author warns of the dangers of weak passwords, I would have liked to see a more thorough explanation of how to choose passwords. The section goes on to explain how to disable unnecessary services and harden remote services. At the end of this section are chapter on good practices related to user and system privileges, as well as logging.
Part 3 contains some interesting material, including a whole chapter on the Nessus Attack Scripting Language (NASL), wireless hacking, hacking with the Sharp Zaurus PDA. The section on wireless networks contains some fairly standard material (WEP is insecure, using AirSnort, etc.) but nevertheless serves as a good reminder to use caution when deploying wireless networks. The final chapter, Hacking with the Sharp Zaurus PDA, is especially interesting and details all sorts of fun things you can do with this handheld device, including scanning for wireless networks, connecting to remote machines via SSH, and using VNC to control remote machines.
The Good
This book does an excellent job of presenting information in a clear and easy-to-understand manner. It avoids theories and concepts and delivers just the facts that a systems administrator needs to evaluate and protect a Unix or Linux system. It also makes use of helpful icons throughout the book which draw attention to key points. For example, hacking techniques have a sword icon next to them while defense techniques are listed with a shield. This visual feedback makes it easy to focus in on specific techniques and helps organize the material in a more usable manner. The content of the book is especially good, and the author does a thorough job of covering the basic hacking techniques as well as methods of defense against these techniques.
Another great feature of this book is the inclusion of a reference center in the middle of the book. This section, marked by easy-to-find blue pages, contains a wealth of relevant reference information, such as common commands, common ports, IP addressing, online resources, useful netcat commands, an ascii table, HTTP codes, and important files.
Suggestions
It's hard to find much wrong with this book. However, I felt that a few things were glossed over. For example, the section on passwords was extremely brief and gave no suggestions for choosing good passwords or for how long to set password expirations. In addition to the discussion on TCP Wrappers, I would have also liked to see some mention of using iptables for creating a software firewall.
Summary
HackNotes(tm) Linux and Unix Security Portable Reference is an excellent security reference for IT professionals and systems administrators. The clear, concise presentation of the book makes it easy to digest and use as a practical resource. It is well-organized and thorough and covers a wide range of situations. If you maintain one or more Unix or Linux machines, this book belongs on your shelf.
You can purchase HackNotes Linux and Unix Security Portable Reference from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Flaws with the book (Score:4, Funny)
First, lets start with the title. "HackNotes Linux and Unix Security Portable Refrence." The title is far too long. A much nicer title would have been an unpronounceable vowelless abbreviation such as HNLUSPR. Also the title is ambiguous - Is hacknotes the author/publisher or is it a description of what the book is about? And if you ask your local B&N service rep for books by HackNotes, is it one word or two?
Now, more on to the book. It is far from portable. Sure, you can move it around but don't try sticking it in your pocket. Perhaps they should have included a handle on the spline.
The book is also missing GNU/'s all over the place. I mean, what is linux? I've always been severely beaten with a UNIX manual by a guy with a huge beard everytime I said linux without a GNU/ infront of it. And yes, you *MUST* pronounce the
The advice the book gives is fairly standard. Close all ports, don't use windows etc... Not too special for a "pocket" guide. A far more usefull guide would have included all ports to forward for games. I can't count the times I've had to research what ports a game uses in order to get it to work through my NAT.
Now, more about the book itself. Its made of paper! I attempted to test its easy-to-digestness but gave up around chapter 3. I seriously doubt that this is production quality digestableness. However, the copy I received may have been a pre-release so that might not apply to the final book.
The book itself is strewn with DMCA violations as well. In the forward, the editors openly admit to using the shift key while writing it -- a known security circumvention device. Also, the authors signature on the back jacket appears to be made with a Sharpie marker. Don't be supprised if the FBI raids your local bookstore. (Disclaimer: all uppercase letters in this post were made with the CAPS LOCK key. All extended characters such as * and () were made with thier ASCII code equivilants.)
All in all, this book doesn't live up to the hype. It will most likely be placed on the same shelf with all the other security guides. However if it will end up on the Unix or GNU/Linux shelf still remains a mystery.
I hacked your title - U is a vowel (Score:2)
Hacking Exposed Linux much much much better. (Score:2, Informative)
Bullshit (Score:1)
I bet you haven't even read this one (Score:1)
Easy (Score:3, Funny)
Re:Security? (Score:1)
<flame>The simple fact that it is NOT windows makes it more secure than windows.</flame>
Re:Security? (Score:1, Interesting)
* They want to tell the world that Linux is more secure.
* They want to target 'the world', because the world is actually using Windows rather than Linux.
* The default Windows-user is not aware of what security risks are involved with having a PC 'on the net'
Re:Security? (Score:1)
Well, I can think of a few reasons a Linux system is more desirable.
Re:Security? (Score:2)
* it's more of a challenge (ergo more prestige)
* most web servers run Apache
* they want to be different for its own sake
Re:Security? (Score:1)
* They want to tell the world that Linux is more secure.
It's clear you think this can't be true. Okay, here's a test I performed: Load one RH 9 server with Apache, and throw it raw on the net (no firewalls, that would be cheating!). Load one 2000 boxen with IIS, dump on the net. How long did it take the Linux server to get hacked? Didn't happen within one month. Ended test. Windows? Three hours before the box was compromised. To be
You cheated at the Security test (Score:2)
MSWindows2000 was released on February 17, 2000. [osdata.com]
RedHat 9.0 was released on March 31, 2003 [owlriver.com] (All release dates for RedHat are from this link.)
So Redhat had over 3 years to fix holes in the distribution, while crackers had 3 more years to find holes in MSWindows2000. If you want to play fair,
- use Windows2003 released April 24, 2003 [wininformant.com] and RedHat9.0 (24 days between the releases), or
- use RedHat 6.2 (released March 8, 2000) (19 days difference from MSWindows2000) or maybe RedHat 7.0 (released
Re:You cheated at the Security test (Score:1)
Excellent point, I hadn't even considered that. Man, what slop on my part.
Well, I'll rerun the test on 2003 server with most recent IIS version. I didn't have the license, but will go ahead and splurge.
Thanks for keeping me honest!
Re:Security? (Score:1)
Re:Security? (Score:1)
You can check this old slashdot news.
http://slashdot.org/article.pl?sid=03/10/0
or the original link: http://www.theregister.co.uk/content/56/33226.htm
It is about virus, but virus problems are a big X when talking about security.
Ernesto.
Good Explaination (Score:1)
There was an article [theregister.co.uk] in the The Register [theregister.co.uk] last week that was mentioned here [slashdot.org] that does a really good job of answering your question.
Cheers,
Fuzzy The Quantum Duck
=0)
save $9 on this book (Score:2, Funny)
Spend $4 more to get free shipping.
Re:save $9 on this book (Score:1)
Re:save $9 on this book (Score:1)
- $20.99 + shipping www.amazon.com
- $29.99 + shipping www.bn.com
- $18.89 + shipping www.walmart.com
- $17.69 + shipping www.overstock.com
Conclusion: price depends on your individual shipping and sales tax charges, but Amazon is likely not the best price unless you are buying something else to get free shipping.For a topic such as this (Score:1)
Re:For a topic such as this (Score:2)
Passwords (Score:2)
Translation:
Despite years of reading that everyone needs alpha numeric and special characters, phrases not words, at least 8 characters, mandatory changes every 30 minutes, etc... I still feel someone should tell me all that USELESS shit again.
Make people's passwords hard to remember and they will
Re:Passwords (Score:1)
But teach them to how to remember more complex passwords and they can eat for life!
(i.e. complex passwords like "slash^#$dot" which aren't hard to remember)
Re:Passwords (Score:4, Funny)
KFG
Re:Passwords (Score:2)
Re:Passwords (Score:1)
/dev/random -> base64 (Score:1)
Yes (Score:1)
Yes, yes, yes and yes.
Other Hacknotes + Sample Chapter (Score:2, Informative)
(3) Other Hacknotes titles [osborne.com]
Disclosure: I am not a paid endorser for hacknotes products.
..clear, concise, easy-to-digest manner ... (Score:4, Funny)
Re:..clear, concise, easy-to-digest manner ... (Score:1)
You're thinking of a different [amazon.com] technical reference book.
Re:..clear, concise, easy-to-digest manner ... (Score:2)
You're thinking of a different [amazon.com] technical reference book.
That's the super secret MCSE networking class textbook!
Re:Grumpy old man! (Score:1)
Re:Grumpy old man! (Score:2)
Re:Grumpy old man! (Score:2, Informative)
http://www.djcj.org/LAU/guide/sysreq.html [djcj.org]
This reminds me of the fun I used to have in TFC or Counter Strike when someone named "Player" would always ask "I pressed Windows key, how do I get my sound to work again?". I would tell them, "alt+F4 should do the trick". "Player has left the game" would flash across my screen much to my satisfaction. Sure I feel bad about that now =),
Re:Grumpy old man! (Score:2)
Sys Admin Robots (Score:1, Funny)
Great! We can now admin Unix and Linux as mindlessly as MCSE's do MS Windows.
Theories? We don't need no stinkin' theories!
Re:Sys Admin Robots (Score:1)
Anything *new* in this book? (Score:3, Informative)
The whole review spoke of shit I have in half a dozen other books already. If I pick up a security book and it has crypto basics or passwd basics in it I'm tempted to just toss it right then and there, especially since most of these tomes are >$40.
Very few security books find their way to my shelf nowadays since most are redundant. Awesome exceptions include:
Incident Response (McGraw Hill)
Practical Unix & Internet Security (OReilly...like you didn't know)
Network Intrusion Detection (New Rider)
Building Internet FWs (OReilly)
There are others of course but these all share the characteristic of actually *adding knowledge to the field*.
Re:Anything *new* in this book? (Score:1)
More? (Score:2)
Am I the only person sick of security books having yet another diatribe about password quality? How about a two page summary of recommended settings and the appropriate configuration files/menus? Security theory is nice, but dammit, if I had time to worry about the theories, I'd just read "Practical UNIX and Internet Security" and "Secrets and Lies," before writing a
All prevention no response... (Score:1)
is tantamount to wishful thinking.
Looking back at the number and severity of vulnerabilities exposed in the past 18 months or so (across many platforms) I am becoming increasingly pessimistic about the effectiveness of preventative measures. The rate at which I need to be patching/updating software to plug the holes has become simply unmanageable. Meanwhile, crackers have access to increasingly effective tools like the new Nmap [insecure.org] with version detection.
I'm beginning to question whether the
Print + Security Reference? (Score:2)