Practical UNIX and Internet Security and over 2 million other books are available for Amazon Kindle . Learn more


or
Sign in to turn on 1-Click ordering.
Trade in Yours
For a 1.27 Gift Card
Trade in
More Buying Choices
Have one to sell? Sell yours here
Start reading Practical UNIX and Internet Security on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Practical UNIX and Internet Security [Paperback]

Simson Garfinkel , Gene Spafford , Alan Schwartz
4.8 out of 5 stars  See all reviews (5 customer reviews)
RRP: 35.50
Price: 34.14 & FREE Delivery in the UK. Details
You Save: 1.36 (4%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 2 left in stock (more on the way).
Dispatched from and sold by Amazon. Gift-wrap available.
Want it Tuesday, 15 July? Choose Express delivery at checkout. Details
‹  Return to Product Overview

Table of Contents

Preface; Unix “Security”?; Scope of This Book; Which Unix System?; Conventions Used in This Book; Comments and Questions; Acknowledgments; A Note to Would-Be Attackers; Computer Security Basics; Chapter 1: Introduction: Some Fundamental Questions; 1.1 What Is Computer Security?; 1.2 What Is an Operating System?; 1.3 What Is a Deployment Environment?; 1.4 Summary; Chapter 2: Unix History and Lineage; 2.1 History of Unix; 2.2 Security and Unix; 2.3 Role of This Book; 2.4 Summary; Chapter 3: Policies and Guidelines; 3.1 Planning Your Security Needs; 3.2 Risk Assessment; 3.3 Cost-Benefit Analysis and Best Practices; 3.4 Policy; 3.5 Compliance Audits; 3.6 Outsourcing Options; 3.7 The Problem with Security Through Obscurity; 3.8 Summary; Security Building Blocks; Chapter 4: Users, Passwords, and Authentication; 4.1 Logging in with Usernames and Passwords; 4.2 The Care and Feeding of Passwords; 4.3 How Unix Implements Passwords; 4.4 Network Account and Authorization Systems; 4.5 Pluggable Authentication Modules (PAM); 4.6 Summary; Chapter 5: Users, Groups, and the Superuser; 5.1 Users and Groups; 5.2 The Superuser (root); 5.3 The su Command: Changing Who You Claim to Be; 5.4 Restrictions on the Superuser; 5.5 Summary; Chapter 6: Filesystems and Security; 6.1 Understanding Filesystems; 6.2 File Attributes and Permissions; 6.3 chmod: Changing a File’s Permissions; 6.4 The umask; 6.5 SUID and SGID; 6.6 Device Files; 6.7 Changing a File’s Owner or Group; 6.8 Summary; Chapter 7: Cryptography Basics; 7.1 Understanding Cryptography; 7.2 Symmetric Key Algorithms; 7.3 Public Key Algorithms; 7.4 Message Digest Functions; 7.5 Summary; Chapter 8: Physical Security for Servers; 8.1 Planning for the Forgotten Threats; 8.2 Protecting Computer Hardware; 8.3 Preventing Theft; 8.4 Protecting Your Data; 8.5 Story: A Failed Site Inspection; 8.6 Summary; Chapter 9: Personnel Security; 9.1 Background Checks; 9.2 On the Job; 9.3 Departure; 9.4 Other People; 9.5 Summary; Network and Internet Security; Chapter 10: Modems and Dialup Security; 10.1 Modems: Theory of Operation; 10.2 Modems and Security; 10.3 Modems and Unix; 10.4 Additional Security for Modems; 10.5 Summary; Chapter 11: TCP/IP Networks; 11.1 Networking; 11.2 IP: The Internet Protocol; 11.3 IP Security; 11.4 Summary; Chapter 12: Securing TCP and UDP Services; 12.1 Understanding Unix Internet Servers and Services; 12.2 Controlling Access to Servers; 12.3 Primary Unix Network Services; 12.4 Managing Services Securely; 12.5 Putting It All Together: An Example; 12.6 Summary; Chapter 13: Sun RPC; 13.1 Remote Procedure Call (RPC); 13.2 Secure RPC (AUTH_DES); 13.3 Summary; Chapter 14: Network-Based Authentication Systems; 14.1 Sun’s Network Information Service (NIS); 14.2 Sun’s NIS+; 14.3 Kerberos; 14.4 LDAP; 14.5 Other Network Authentication Systems; 14.6 Summary; Chapter 15: Network Filesystems; 15.1 Understanding NFS; 15.2 Server-Side NFS Security; 15.3 Client-Side NFS Security; 15.4 Improving NFS Security; 15.5 Some Last Comments on NFS; 15.6 Understanding SMB; 15.7 Summary; Chapter 16: Secure Programming Techniques; 16.1 One Bug Can Ruin Your Whole Day . . .; 16.2 Tips on Avoiding Security-Related Bugs; 16.3 Tips on Writing Network Programs; 16.4 Tips on Writing SUID/SGID Programs; 16.5 Using chroot( ); 16.6 Tips on Using Passwords; 16.7 Tips on Generating Random Numbers; 16.8 Summary; Secure Operations; Chapter 17: Keeping Up to Date; 17.1 Software Management Systems; 17.2 Updating System Software; 17.3 Summary; Chapter 18: Backups; 18.1 Why Make Backups?; 18.2 Backing Up System Files; 18.3 Software for Backups; 18.4 Summary; Chapter 19: Defending Accounts; 19.1 Dangerous Accounts; 19.2 Monitoring File Format; 19.3 Restricting Logins; 19.4 Managing Dormant Accounts; 19.5 Protecting the root Account; 19.6 One-Time Passwords; 19.7 Administrative Techniques for Conventional Passwords; 19.8 Intrusion Detection Systems; 19.9 Summary; Chapter 20: Integrity Management; 20.1 The Need for Integrity; 20.2 Protecting Integrity; 20.3 Detecting Changes After the Fact; 20.4 Integrity-Checking Tools; 20.5 Summary; Chapter 21: Auditing, Logging, and Forensics; 21.1 Unix Log File Utilities; 21.2 Process Accounting: The acct/pacct File; 21.3 Program-Specific Log Files; 21.4 Designing a Site-Wide Log Policy; 21.5 Handwritten Logs; 21.6 Managing Log Files; 21.7 Unix Forensics; 21.8 Summary; Handling Security Incidents; Chapter 22: Discovering a Break-in; 22.1 Prelude; 22.2 Discovering an Intruder; 22.3 Cleaning Up After the Intruder; 22.4 Case Studies; 22.5 Summary; Chapter 23: Protecting Against Programmed Threats; 23.1 Programmed Threats: Definitions; 23.2 Damage; 23.3 Authors; 23.4 Entry; 23.5 Protecting Yourself; 23.6 Preventing Attacks; 23.7 Summary; Chapter 24: Denial of Service Attacks and Solutions; 24.1 Types of Attacks; 24.2 Destructive Attacks; 24.3 Overload Attacks; 24.4 Network Denial of Service Attacks; 24.5 Summary; Chapter 25: Computer Crime; 25.1 Your Legal Options After a Break-in; 25.2 Criminal Hazards; 25.3 Criminal Subject Matter; 25.4 Summary; Chapter 26: Who Do You Trust?; 26.1 Can You Trust Your Computer?; 26.2 Can You Trust Your Suppliers?; 26.3 Can You Trust People?; 26.4 Summary; Appendixes; Unix Security Checklist; Preface; Chapter 1: Introduction: Some Fundamental Questions; Chapter 2: Unix History and Lineage; Chapter 3: Policies and Guidelines; Chapter 4: Users, Passwords, and Authentication; Chapter 5: Users, Groups, and the Superuser; Chapter 6: Filesystems and Security; Chapter 7: Cryptography Basics; Chapter 8: Physical Security for Servers; Chapter 9: Personnel Security; Chapter 10: Modems and Dialup Security; Chapter 11: TCP/IP Networks; Chapter 12: Securing TCP and UDP Services; Chapter 13: Sun RPC; Chapter 14: Network-Based Authentication Systems; Chapter 15: Network Filesystems; Chapter 16: Secure Programming Techniques; Chapter 17: Keeping Up to Date; Chapter 18: Backups; Chapter 19: Defending Accounts; Chapter 20: Integrity Management; Chapter 21: Auditing, Logging, and Forensics; Chapter 22: Discovering a Break-In; Chapter 23: Protecting Against Programmed Threats; Chapter 24: Denial of Service Attacks and Solutions; Chapter 25: Computer Crime; Chapter 26: Who Do You Trust?; Appendix A: Unix Security Checklist; Appendix B: Unix Processes; Appendixes C, D, and E: Paper Sources, Electronic Sources, and Organizations; Unix Processes; About Processes; Signals; Controlling and Examining Processes; Starting Up Unix and Logging In; Paper Sources; Unix Security References; Other Computer References; Electronic Resources; Mailing Lists; Web Sites; Usenet Groups; Software Resources; Organizations; Professional Organizations; U.S. Government Organizations; Emergency Response Organizations; Colophon;

‹  Return to Product Overview