Hacking Linux Exposed Paperback – 1 Apr 2001
Customers Who Bought This Item Also Bought
Enter your mobile number below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
Getting the download link through email is temporarily not available. Please check back later.
To get the free app, enter your mobile phone number.
Linux, like every other networkable OS, is vulnerable to a variety of local and remote attacks. Hacking Linux Exposed seeks to do two jobs: explain where the vulnerabilities lie and provide ways to minimise or eliminate the risks.
The authors' slightly breathless hands-on approach--coupled with the wealth of relevant technical detail--produces an unusually pacey read. Much of the spiciness comes from the emphasis on exploiting Linux's weaknesses. This is helped with lots of case studies of successful intrusions. You won't be in any doubt that you should be taking security seriously.
Much of the advice is common sense: use secure passwords, shadow password files, turn off unwanted services, set up an efficient firewall, apply security patches and so on. But the devil is in the detail. Successfully hardening a Linux system is non-trivial (as with other OS's). It's also an ongoing process. What really sets Hacking Linux Exposed apart is the way it walks you through each vulnerability and then explains the technical aspects of implementing a defense against it--converting to shadow password files, setting up IPChains, automating log file checking, testing your own security and more are all detailed.
Linux sysadmins will love this book. However, any Linux user with the confidence to edit a configuration file and a copy of Hacking Linux Exposed to hand can also have the hardest machine on the block. --Steve Patient
"A comprehensive overview of Linux security in the popular Hacking-Exposed style. -- (Rain Forest Puppy (RFP), web server security authority and discoverer of the IIS MSADC vulnerability)
"Hacking Linux Exposed covers tried and true techniques to cutting-edge hacks and everything in between. If you are serious about Linux and security, buy this book. Period." -- Simple Nomad, author of The Hack FAQ and Pandora
"Hacking Linux Exposed is a highly organized and modular book that teaches the reader what to do before, during, and after an incident. It consolidates years of security administration experience into a single reference guide. It illustrates a procedure for securing a new installation, shows the reader how to recover from a break-in on an existing machine and presents a methodology for ongoing monitoring. Each chapter contains well-illustrated examples from real installations along with real solutions. Hacking Linux Exposed has taken a complex subject and broken it down into a format as useful for front-line Linux users as for corporate IT managers." -- Allen Leibowitz, CEO Anzen Computing, Inc. & Developer of the Anzen Flight Jacket Intrusion Detection System
"Knowing how attackers work and how a system can be broken into is the key to preventing unwanted break-ins. Hacking Linux Exposed strips away the 'black magic' image of hacking and sheds light on the prevention techniques that protect Linux systems from the ravages of attackers. This security book is a valuable asset for Linux administrators. You may find it frequently borrowed by fellow members of your staff and difficult to keep on your bookshelf." -- Christopher Klaus, Founder & Chief Technology Officer, Internet Security Systems -ISS
"The rapidly expanding number of Linux machines on our campus combined with the open network of a university makes us an ideal target for hackers. The full disclosure policy of Hacking Linux Exposed allows security professionals and others who are interested in maintaining the security of their systems to observe how hackers penetrate a system and how to raise the bar to counter the attacks. If the sysadmins on our campus take advantage of this book, they will save themselves and our security team hours of work recovering from break-ins." -- Bob Bartlett, Assistant Director, Network Security & Enterprise, Network Server Administration of the University of Chicago, Illinois
What Other Items Do Customers Buy After Viewing This Item?
Top Customer Reviews
I'd highly recommend this book for anyone who wants to see what a hacker actually does, down to the keystrokes themselves. Most importantly, you get clear easy steps to fix the problems. When there are multiple tools that you could use, they cover them in enough depth to let you know which is best for you and your skill level.
If you want to keep others off of your machine, this is the book to buy.
The price tag is good too!
Most Helpful Customer Reviews on Amazon.com (beta)
The "Hacking Exposed" series is known for its unique example-driven style. Rather than telling the reader about a technique or problem, the authors demonstrate the issue using command-line examples. I find myself reading with book and laptop at hand, ready to duplicate the authors' sample commands. This process reinforces the authors' message, while the reader learns if a specific problem applies to his situation. Furthermore, by showing exactly how to execute certain commands, the authors impart bits of wisdom and trickery not found elsewhere.
For example, chapter 11 describes attacks and defenses for FTP servers. To explain active and passive FTP sessions, the authors demonstrate running an FTP client with the -d switch to illustrate raw instructions sent by the client over the FTP command channel. I had never seen this switch in use, but as an intrusion detector I constantly see raw FTP instructions like those revealed by the -d switch. These and other tidbits, like using the chattr -i command or setting the "sticky bit", make HLE exceptional.
Beyond these benefits, readers will enjoy clear, thorough explanations of Linux security issues. HLE gives first-rate descriptions of ssh and web man-in-the-middle attacks, race conditions, and FTP data hijacking. HLE also provides great illustrated examples of FTP bounce attacks, giving intrusion detectors the minutiae we need to recognize these techniques. I had heard of most of the compromise methods offered by HLE, but never seen them discussed in such practical detail.
If the material in chapters 1-13 of HLE don't prompt you to verify your Linux host's integrity, then the case studies in appendix D will. The security community needs more of these narratives. These stories, based on true events, show the lengths to which some attacks will go to penetrate target machines.
"Hacking Linux Exposed" is another strong addition to the "Hacking Exposed" series, and the security community will benefit as a result.
(Disclaimer: I received a free review copy from the publisher.)
Well, we're not about to switch. However this book covered so many unexpected issues that affected our *BSD boxen that we spent a solid week implementing changes on all our systems. The detail of this book was superb, and it was easy to figure out the differences between their Linux-specific solutions and what was needed on our *BSD systems when they weren't exactly the same.
Got Unix? Buy this book.
The best way to learn while reading HE:L2E is to try the sample commands. I also recommend visiting the links mentioned and installing many of the tools described by the authors. I found programs like raccess, nsat (ch. 3), sslsniff (ch. 7), nstx, and httptunnel (ch. 15) particularly interesting from an attacker's point of view. From a system administration standpoint, coverage of passlogd (ch. 2), lilo and grub (ch. 5), and X (ch. 6) were very helpful.
The authors share many novel ways to abuse Linux systems, but counter those exploits with little-known features or third-party tools. I never knew I could use bash's HISTCONTROL feature to selectively remove entries from shell history files. HE:L2E goes the extra mile to help secure your system, such as including sample C code in ch. 13 to allow one to compile TCP Wrappers support into one's own programs. Other clear, concise defensive measures were introduced in excellent chapters on keeping the kernel and packages current (appendix B) and pro-active security measures (ch. 2). The last appendix gives a short yet powerful description of the damage an intruder can perform, showing how he hid unauthorized programs and how those programs were discovered.
If you use Linux, you'll find HE:L2E indispensable. I even applied many of the tools and techniques to my FreeBSD system, showing that that good security advice can be a cross-platform endeavor.
Hacking Linux Exposed covers security administration issues such as FTP, sendmail (but for some reason, not POP3/IMAP servers) and web server setup; it also discusses local user security issues and touches lightly on Linux firewalling and other network access controls (TCP wrappers).
The book includes a big section on keeping your system updated, which outlines methods used by several popular Linux distributions (rpm from RedHat, apt-get from Debian and pkgtool from Slackware). This information is essential to the security of any Linux machine, whether a home workstation or company server.
The focus is Linux, but the book also covers some other important security areas. It attempts to offer a total solution for Linux security, starting with general infosec philosophy (such as proactive security), and moving on to physical security, social engineering, Trojan programs, access control, user security and server setup. Each security problem is rated for global risk on a 1 to 10 scale, factoring in frequency, simplicity and impact. In general, the book is more encyclopedia than detailed guide, as it strives toward breadth over depth.
Look for similar items by category
- Books > Computing & Internet > Networking & Security > Network Topics
- Books > Computing & Internet > Networking & Security > Security
- Books > Computing & Internet > Programming > Languages & Tools
- Books > Computing & Internet > Programming > Network Programming
- Books > Computing & Internet > Software & Graphics
- Books > Computing & Internet > UNIX & Linux > Linux Distributions