Linux machines serve scores of purposes on networks but their very integration with networked environments means they're constantly exposed to attack. Maximum Linux Security: A Hacker's Guide to Protecting Your Linux Server and Network
provides a comprehensive picture of Linux's strengths and weaknesses when it comes to protecting your systems from bad guys. The author offers explicit advice (e.g., replace sendmail with Qmail)and general recommendations (e.g., be on the lookout for unused services and disable them). In case you're wondering which Anonymous this is, he's the same guy who wrote the very highly regarded Maximum Security
In Maximum Linux Security, readers become familiar with scores of offensive and defensive weapons, including Crack, Tripwire, linux_sniffer, mendax and many more. For each program, the author documents the required infrastructure (such as C or Perl), the required permissions and a URL from which the program can be downloaded. Most valuably, he walks you through the use of each program (using Red Hat Linux 5.1 and Caldera Open Linux 1.3 on his test bed machines). Readers can follow along as the author performs various hacks, including an IP spoofing attack. He lists hundreds of hacking tools in an appendix and includes a lot of software (Linux security products, code examples, technical documents, system logs and utilities) on the companion CD-ROM. --David Wall
Topics covered: Sniffers, scanners, firewalls, auditing tools, intrusion detectors and denial-of-service software.
About the Author
The author is an experienced computer hacker who now works as a writer, trainer, Internet and Unix site manager, and security consultant in California.