Hacking Exposed Linux, 2nd Edition (Hacking Exposed)
||Author: Brian Hatch, James Lee|
List Price: $49.99
Our Price: Click to see the latest and low price
Publisher: McGraw-Hill Osborne Media (04 December, 2002)
Sales Rank: 12,812
Average Customer Rating: 4.89 out of 5
Customer ReviewsRating: 5 out of 5
Don't have this book? You're BEGGING for trouble...
When I first starting using Linux systems and putting them online I had NO idea what sort of grief I was in for. The reason for that grief: I had NO clue how to 'harden' a system or what that term even meant. By not knowing that I put up systems that were quickly exploited by script kiddies and SPAM houses looking for open relays to use for SPAM and for 'zombies' to use in Distributed Denial of Service (DDoS) attacks. I bought this book, read it, and haven't had those problems since. If you are going to do *anything* with Linux on the internet then GET THIS BOOK NOW. Unless, of course, you *want* to have your computers destroyed on a weekly basis...
Rating: 5 out of 5
The best hands-on Linux security book just got better
I'm a big fan of the Hacking Exposed style of writing. All offensive theory is backed up by command line examples, followed by defensive countermeasures. Hacking Exposed: Linux, 2nd Ed (HE:L2E) follows this tradition, updating the content of the first edition and adding 200 pages of new content. Although I reviewed the first edition in Sep 01, reading the second edition reminded me of the challenges posed by securely configuring and deploying Linux systems.
The best way to learn while reading HE:L2E is to try the sample commands. I also recommend visiting the links mentioned and installing many of the tools described by the authors. I found programs like raccess, nsat (ch. 3), sslsniff (ch. 7), nstx, and httptunnel (ch. 15) particularly interesting from an attacker's point of view. From a system administration standpoint, coverage of passlogd (ch. 2), lilo and grub (ch. 5), and X (ch. 6) were very helpful.
The authors share many novel ways to abuse Linux systems, but counter those exploits with little-known features or third-party tools. I never knew I could use bash's HISTCONTROL feature to selectively remove entries from shell history files. HE:L2E goes the extra mile to help secure your system, such as including sample C code in ch. 13 to allow one to compile TCP Wrappers support into one's own programs. Other clear, concise defensive measures were introduced in excellent chapters on keeping the kernel and packages current (appendix B) and pro-active security measures (ch. 2). The last appendix gives a short yet powerful description of the damage an intruder can perform, showing how he hid unauthorized programs and how those programs were discovered.
If you use Linux, you'll find HE:L2E indispensable. I even applied many of the tools and techniques to my FreeBSD system, showing that that good security advice can be a cross-platform endeavor.
Rating: 5 out of 5
I just finished going through the entire book line by line. I am extreemly new to Linux and security, and this book made it all very clear. I only wish I realized that there was a second edition out when I bought this one. Everything in this original edition was still completely correct and appropriate, three years later.
· Hacking Exposed Windows 2000
· Hacking Exposed: Network Security Secrets & Solutions, Fourth Edition
· Linux Server Hacks
· Hacking Exposed (TM) Web Applications