In their introduction, the authors of Linux System Security
acknowledge that there's no magic bullet as far as security is concerned. Security-minded system administration is a process of constant revision. They promise, though, that "if you follow the procedures outlined in this book, you will certainly reduce your level of vulnerability". They deliver on that promise in spades. Using Red Hat Linux as their demonstration environment, the authors explain how to use a suite of publicly available tools to analyse, protect and monitor your machines and networks. They approach their subject from a practical standpoint, emphasising software and its use while referring the reader (with copious bibliographic notes) to more specialised works for more detailed information on cryptography, firewall configuration and other subjects.
Scott Mann and Ellen Mitchell have done excellent work in combining explanations of the "soft" aspects of security management with the particulars of using software. In a typical section, they explain how to acquire, install and run Crack, a password breaker. They first show how a bad guy would use Crack to gain unauthorised access to a machine over a network, then get into the "white hat" applications of the program as a security tool for pre-emptively weeding out weak passwords. More detailed coverage goes to tiger and Tripwire, a pair of powerful auditing and monitoring tools. Along with Maximum Linux Security (which covers more offensive and defensive weapons in less detail), this is one of the two best Linux security books you can own. --David Wall
Topics covered: Linux security practices and tools, as demonstrated under Red Hat Linux 5.2 and 6.0. Covered software and commands include Pluggable Authentication Modules (PAM), OPIE, syslog, sudo, xinetd, Secure Shell (SSH), Crack, tiger, Tripwire, The Cryptographic Filesystem (TCFS), and ipchains. The authors discuss administrative policies and procedures along the way.
From the Back Cover
Maximize Linux security, hands-on-with today's best open source tools
If you depend on Linux to run mission-critical networks or store business-critical data, are you sure you can protect your Linux systems from intruders? You'd better be-and with Linux System Security, you can be!
Long-time Linux sysadmins Scott Mann and Ellen Mitchell demonstrate exactly how to protect your vital resources, using today's most powerful open source security tools. Linux System Security makes you an expert fast, with insiders' coverage of the "gotchas," "rules of thumb," and undocumented tricks you'd otherwise have to learn the hard way. Coverage includes:
- Preparing Linux systems for a production environment
- Identifying vulnerabilities, and planning for security administration
- Configuring Linux-based firewalls, authentication, and encryption
- Intrusion detection on Linux systems
- Securing filesystems, email, web servers, and other key applications
- Protecting mixed Linux/Unix and Windows NT environments
You'll find hands-on introductions to the Linux community's most important security tools, including sudo, TCP, wrappers, xinetd, SSH, tiger, Tripwire, ipchains, PAM, crack, and many others.
If you want the benefits of Linux without the security risks, you want Linux System Security!