Linux Security (Craig Hunt Linux Library)
||Author: Ramon J. Hontanon, Craig Hunt, Ramon J. Hontaanon|
List Price: $49.99
Our Price: Click to see the latest and low price
Publisher: Sybex (14 June, 2001)
Sales Rank: 177,525
Average Customer Rating: 3.5 out of 5
Customer ReviewsRating: 3 out of 5
I was a tad bit disappointed with this book. I was hoping for a more in depth presentation of Linux specific security options, but the majority of the book is a superficial treatment of installing various open source security packages.
The book is also a bit dated. The latest reference to Redhat is for version 7.0 (Redhat is up to 7.3 now); it refers to the "next generation inetd" regarding xinetd.conf; and also refers to TCP-Wrappers as a Linux add-on (both components have been included and installed in a default Linux install for close to 2 years now).
The book is good for an overview of Linux security, but if you're "looking for the beef" it's better to look elsewhere.
Rating: 4 out of 5
Very useful addition to your Linux (Unix) security library
This is the first book I have bought from the Craig Hunt Linux library and judging by this volume I will be buying more.
It's an excellent book covering all aspects of Linux security
from physical site security to VPN's. It's up to date: a good section with clear examples on iptables is included.
For each section the author selects a few (or as in the case of file integrity just one product like tripwire) products and explains with good examples how to install and configure from scratch (including installing the rpm's). The language is clear and the author explains both why and how. There is an excellent section on nessus and the tripwire part really shows what a cumbersome beast tripwire now has become ... The focus is almost 100% on freely available tools in true Linux spirit.
It's not without minor faults however - but so far I have only found one major one. The section on "Starting Network Services from /etc/rc.d" is weak: it messes up the runlevels (1 is single user and 5 is X11), it does not mention the fact that Kill scripts are run before the Start script when _entering_ a new run level and there is no mention of ntsysv (or chkconfig).
I do like the fact that Hontanon is not at all afraid of giving strong recommendations - i.e. "Among the password auditing tools ... John the Ripper stands out as the clear winner because of its performance and ease of use".
This is not a beginners book - it assumes general Linux and networking knowledge.
If you are looking for a source for overall Linux security, Unix security tools and how to use these tools look no further. This book should be on your bookshelf along with the 2nd edition of "Maximum Linux Security" and (the now slightly out of date) "Practical Unix&Internet Security".
· Linux Sendmail Administration (Craig Hunt Linux Library)
· Linux Network Servers (Craig Hunt Linux Library)
· Linux System Administration, Second Edition (Craig Hunt Linux Library)