Buy Used
+ £2.80 UK delivery
Used: Very Good | Details
Condition: Used: Very Good
Comment: Expedited shipping available on this book. The book has been read, but is in excellent condition. Pages are intact and not marred by notes or highlighting. The spine remains undamaged.
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Hacking Linux Exposed Paperback – 1 Apr 2001

5.0 out of 5 stars 4 customer reviews

See all formats and editions Hide other formats and editions
Amazon Price
New from Used from
"Please retry"
£18.00 £3.05
click to open popover

Special Offers and Product Promotions

Enter your mobile number below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
Getting the download link through email is temporarily not available. Please check back later.

  • Apple
  • Android
  • Windows Phone

To get the free app, enter your mobile phone number.

Product details

  • Paperback: 608 pages
  • Publisher: Osborne/McGraw-Hill (1 April 2001)
  • Language: English
  • ISBN-10: 0072127732
  • ISBN-13: 978-0072127737
  • Product Dimensions: 19 x 3.5 x 22.9 cm
  • Average Customer Review: 5.0 out of 5 stars  See all reviews (4 customer reviews)
  • Amazon Bestsellers Rank: 453,477 in Books (See Top 100 in Books)
  • See Complete Table of Contents

Product Description

Amazon Review

Linux, like every other networkable OS, is vulnerable to a variety of local and remote attacks. Hacking Linux Exposed seeks to do two jobs: explain where the vulnerabilities lie and provide ways to minimise or eliminate the risks.

The authors' slightly breathless hands-on approach--coupled with the wealth of relevant technical detail--produces an unusually pacey read. Much of the spiciness comes from the emphasis on exploiting Linux's weaknesses. This is helped with lots of case studies of successful intrusions. You won't be in any doubt that you should be taking security seriously.

Much of the advice is common sense: use secure passwords, shadow password files, turn off unwanted services, set up an efficient firewall, apply security patches and so on. But the devil is in the detail. Successfully hardening a Linux system is non-trivial (as with other OS's). It's also an ongoing process. What really sets Hacking Linux Exposed apart is the way it walks you through each vulnerability and then explains the technical aspects of implementing a defense against it--converting to shadow password files, setting up IPChains, automating log file checking, testing your own security and more are all detailed.

Linux sysadmins will love this book. However, any Linux user with the confidence to edit a configuration file and a copy of Hacking Linux Exposed to hand can also have the hardest machine on the block. --Steve Patient


"A comprehensive overview of Linux security in the popular Hacking-Exposed style. -- (Rain Forest Puppy (RFP), web server security authority and discoverer of the IIS MSADC vulnerability)

"Hacking Linux Exposed covers tried and true techniques to cutting-edge hacks and everything in between. If you are serious about Linux and security, buy this book. Period." -- Simple Nomad, author of The Hack FAQ and Pandora

"Hacking Linux Exposed is a highly organized and modular book that teaches the reader what to do before, during, and after an incident. It consolidates years of security administration experience into a single reference guide. It illustrates a procedure for securing a new installation, shows the reader how to recover from a break-in on an existing machine and presents a methodology for ongoing monitoring. Each chapter contains well-illustrated examples from real installations along with real solutions. Hacking Linux Exposed has taken a complex subject and broken it down into a format as useful for front-line Linux users as for corporate IT managers." -- Allen Leibowitz, CEO Anzen Computing, Inc. & Developer of the Anzen Flight Jacket Intrusion Detection System

"Knowing how attackers work and how a system can be broken into is the key to preventing unwanted break-ins. Hacking Linux Exposed strips away the 'black magic' image of hacking and sheds light on the prevention techniques that protect Linux systems from the ravages of attackers. This security book is a valuable asset for Linux administrators. You may find it frequently borrowed by fellow members of your staff and difficult to keep on your bookshelf." -- Christopher Klaus, Founder & Chief Technology Officer, Internet Security Systems -ISS

"The rapidly expanding number of Linux machines on our campus combined with the open network of a university makes us an ideal target for hackers. The full disclosure policy of Hacking Linux Exposed allows security professionals and others who are interested in maintaining the security of their systems to observe how hackers penetrate a system and how to raise the bar to counter the attacks. If the sysadmins on our campus take advantage of this book, they will save themselves and our security team hours of work recovering from break-ins." -- Bob Bartlett, Assistant Director, Network Security & Enterprise, Network Server Administration of the University of Chicago, Illinois

See all Product Description

Customer Reviews

5.0 out of 5 stars
5 star
4 star
3 star
2 star
1 star
See all 4 customer reviews
Share your thoughts with other customers

Top Customer Reviews

Format: Paperback
From A to Z, this book covers Linux security. It goes into more depth than any security book I've read (and that's about twenty at last count) including the biggies like Hacking Exposed itself. The authors really took the time to research the latest-greatest tools and attacks. They included a lot of the old standards, but mostly in passing, focusing on things that are still problems, not things that are old news like so many books. No Sendmail 8.8 exploits here, and good riddance.
I'd highly recommend this book for anyone who wants to see what a hacker actually does, down to the keystrokes themselves. Most importantly, you get clear easy steps to fix the problems. When there are multiple tools that you could use, they cover them in enough depth to let you know which is best for you and your skill level.
If you want to keep others off of your machine, this is the book to buy.
Comment 16 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
By A Customer on 10 Mar. 2003
Format: Paperback
Just got second edition, can't put it down. Huge number of changes, all of them good. More backdoors, more network hacks, more sample code, more depth. Didn't think the first one could get better, I was very wrong.
Comment 3 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
This is the book I always wanted when I would search the Internet for ways to learn how people get into computer systems and protect them. I have "Hacking Exposed" and with the migration from Windows 95 some time ago, I got this! I now enjoy using it as a very good reference and a kind of tool box. If your into Linux, you'll need this!
The price tag is good too!
Steven Simpson
Comment 5 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
This book is fantastic, it has everything for hackers and crackers. The easy to read nature and example packed nature of the book makes it a must for everyone! ... Buy it! go-on!
Comment 4 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse

Most Helpful Customer Reviews on (beta) HASH(0x906a3384) out of 5 stars 41 reviews
57 of 58 people found the following review helpful
HASH(0x9051a00c) out of 5 stars Excellence through examples 26 Sept. 2001
By Richard Bejtlich - Published on
Format: Paperback
I am a senior engineer for network security operations. I read "Hacking Linux Exposed" (HLE) to learn how adversaries compromise Linux hosts. HLE impressed me at every level. I highly recommend system administrators and security personnel read and heed this book's recommendations.
The "Hacking Exposed" series is known for its unique example-driven style. Rather than telling the reader about a technique or problem, the authors demonstrate the issue using command-line examples. I find myself reading with book and laptop at hand, ready to duplicate the authors' sample commands. This process reinforces the authors' message, while the reader learns if a specific problem applies to his situation. Furthermore, by showing exactly how to execute certain commands, the authors impart bits of wisdom and trickery not found elsewhere.
For example, chapter 11 describes attacks and defenses for FTP servers. To explain active and passive FTP sessions, the authors demonstrate running an FTP client with the -d switch to illustrate raw instructions sent by the client over the FTP command channel. I had never seen this switch in use, but as an intrusion detector I constantly see raw FTP instructions like those revealed by the -d switch. These and other tidbits, like using the chattr -i command or setting the "sticky bit", make HLE exceptional.
Beyond these benefits, readers will enjoy clear, thorough explanations of Linux security issues. HLE gives first-rate descriptions of ssh and web man-in-the-middle attacks, race conditions, and FTP data hijacking. HLE also provides great illustrated examples of FTP bounce attacks, giving intrusion detectors the minutiae we need to recognize these techniques. I had heard of most of the compromise methods offered by HLE, but never seen them discussed in such practical detail.
If the material in chapters 1-13 of HLE don't prompt you to verify your Linux host's integrity, then the case studies in appendix D will. The security community needs more of these narratives. These stories, based on true events, show the lengths to which some attacks will go to penetrate target machines.
"Hacking Linux Exposed" is another strong addition to the "Hacking Exposed" series, and the security community will benefit as a result.
(Disclaimer: I received a free review copy from the publisher.)
48 of 49 people found the following review helpful
HASH(0x9051a060) out of 5 stars Buy two of these 30 May 2001
By A Customer - Published on
Format: Paperback
I wasn't a fan of Hacking Exposed, largely because its Unix section was a mere 50 pages of superficial, outdated, and obvious fluff. Hacking Linux Exposed makes up for that lack by digging into Unix in much more depth.Though it is modeled after the attack/countermeasure style of the original HE, this book includes a whole chapter of security measures at the beginning that you can implement instantly to get your machine locked down before getting into the nitty-gritty detail about other things in the hacker's arsenal.I was particularly enthralled with chapter 10, which talks about what the hacker will do after they have gained root access, from simple things like adding accounts to complicated issues like kernel modules, complete with source code. Chapter 7 includes some really wonderful examples of how the hacker can abuse networking protocols themselves, something I haven't seen covered in such depth before.The book is logically organized. The first part covers the way the hackers find and probe your machine. The second talks about getting in from the outside, be it network or physical. The third part talks about gaining additional priveleges, and the last part of the book is dedicated to mail, ftp, web, and firewalls. The appendicies are actually useful. They seem to have dropped the small 1-page case studies from the original book and replaced them with longer hacker-eye-views of real attacks which are an interesting read, and really tie the book together.This book is Linux specific in it's countermeasures, but I'd recommend this to any unix user. They do a good job of discussing differences between Linux variants as well, they don't just assume everyone has a RedHat box on their desk. Very refreshing.This book is great for both the theory and practical uses. I could spend weeks implementing all the suggestions they have, but they seem to have thought of this because their risk ratings let you know where you should concentrate as you secure your systems.Like Hacking Exposed, this book also has a website, (...) but it seems more up-to-date -- for example when the ptrace bug in older kernels came out, they posted a kernel module you could compile to protect your system until you could upgrade -- and includes all the source code contained in the book.I bought two of these, one for home and one for the office, and I suggest you do the same.
30 of 31 people found the following review helpful
HASH(0x9062600c) out of 5 stars Should have been "Hacking Unix Exposed" 8 July 2001
By A Customer - Published on
Format: Paperback
I am in charge of network security for a large firm. We use largely FreeBSD and OpenBSD machines instead of Linux whenever possible. One of the junior folks was trying to convince us that Linux isn't all that bad, and pointed to this book as proof that it can be secured.
Well, we're not about to switch. However this book covered so many unexpected issues that affected our *BSD boxen that we spent a solid week implementing changes on all our systems. The detail of this book was superb, and it was easy to figure out the differences between their Linux-specific solutions and what was needed on our *BSD systems when they weren't exactly the same.
Got Unix? Buy this book.
16 of 16 people found the following review helpful
HASH(0x9302f108) out of 5 stars The best hands-on Linux security book just got better 10 Mar. 2003
By Richard Bejtlich - Published on
Format: Paperback
I'm a big fan of the Hacking Exposed style of writing. All offensive theory is backed up by command line examples, followed by defensive countermeasures. Hacking Exposed: Linux, 2nd Ed (HE:L2E) follows this tradition, updating the content of the first edition and adding 200 pages of new content. Although I reviewed the first edition in Sep 01, reading the second edition reminded me of the challenges posed by securely configuring and deploying Linux systems.

The best way to learn while reading HE:L2E is to try the sample commands. I also recommend visiting the links mentioned and installing many of the tools described by the authors. I found programs like raccess, nsat (ch. 3), sslsniff (ch. 7), nstx, and httptunnel (ch. 15) particularly interesting from an attacker's point of view. From a system administration standpoint, coverage of passlogd (ch. 2), lilo and grub (ch. 5), and X (ch. 6) were very helpful.
The authors share many novel ways to abuse Linux systems, but counter those exploits with little-known features or third-party tools. I never knew I could use bash's HISTCONTROL feature to selectively remove entries from shell history files. HE:L2E goes the extra mile to help secure your system, such as including sample C code in ch. 13 to allow one to compile TCP Wrappers support into one's own programs. Other clear, concise defensive measures were introduced in excellent chapters on keeping the kernel and packages current (appendix B) and pro-active security measures (ch. 2). The last appendix gives a short yet powerful description of the damage an intruder can perform, showing how he hid unauthorized programs and how those programs were discovered.

If you use Linux, you'll find HE:L2E indispensable. I even applied many of the tools and techniques to my FreeBSD system, showing that that good security advice can be a cross-platform endeavor.
13 of 13 people found the following review helpful
HASH(0x9051a468) out of 5 stars Good intro to Linux security 17 May 2002
By Dr Anton Chuvakin - Published on
Format: Paperback
Hacking Linux Exposed by Brian Hatch, James Lee and George Kurtz, is a nice follow-up to their bestselling Hacking Exposed . While not as groundshaking as its predecessor, the new book does provide a good reference for people just starting with Linux. Anyone who is setting up or planning to set up a Linux network should consider owning it, together with the appropriate Linux administration manuals.
Hacking Linux Exposed covers security administration issues such as FTP, sendmail (but for some reason, not POP3/IMAP servers) and web server setup; it also discusses local user security issues and touches lightly on Linux firewalling and other network access controls (TCP wrappers).
The book includes a big section on keeping your system updated, which outlines methods used by several popular Linux distributions (rpm from RedHat, apt-get from Debian and pkgtool from Slackware). This information is essential to the security of any Linux machine, whether a home workstation or company server.
The focus is Linux, but the book also covers some other important security areas. It attempts to offer a total solution for Linux security, starting with general infosec philosophy (such as proactive security), and moving on to physical security, social engineering, Trojan programs, access control, user security and server setup. Each security problem is rated for global risk on a 1 to 10 scale, factoring in frequency, simplicity and impact. In general, the book is more encyclopedia than detailed guide, as it strives toward breadth over depth.
Were these reviews helpful? Let us know