Apologies for the duplicate sent out yesterday.
(Also, for the question/comment last Thursday about whether I liked *any*
books, yes, occasionally I do
BKLNSCCB.RVW 20031019
"Linux Security Cookbook", Daniel J. Barrett/Richard E.
Silverman/Robert G. Byrnes, 2003, 0-596-00391-9, U$39.95/C$61.95
%A Daniel J. Barrett dbarrett.DeleteThis@oreilly.com
%A Richard E. Silverman res.DeleteThis@oreilly.com
%A Robert G. Byrnes byrnes.DeleteThis@oreilly.com
%C 103 Morris Street, Suite A, Sebastopol, CA 95472
%D 2003
%G 0-596-00391-9
%I O'Reilly & Associates, Inc.
%O U$39.95/C$61.95 707-829-0515 fax: 707-829-0104 nuts.DeleteThis@ora.com
%O
http://www.amazon.com/exec/obidos/ASIN/0596003919/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/0596003919/robsladesinte-21
%O
http://www.amazon.ca/exec/obidos/ASIN/0596003919/robsladesin03-20
%P 311 p.
%T "Linux Security Cookbook"
In the introduction, the authors state that this is not a security
text, but a list of practical and individual pointers for improving
security in specific areas.
Chapter one covers how to take system snapshots with Tripwire, in
order to detect changes that might indicate an intrusion or a virus.
The establishment of a firewall, using the iptables and ipchains
utilities, is dealt with in chapter two. Chapter three examines the
control of access to various network services. Authentication
techniques and infrastructures are detailed in chapters four and five.
Protecting outgoing network connections, files, and email are
described in chapters six, seven, and eight respectively. The
material on testing and monitoring, in chapter nine, is the most
extensive in the book, and provides a good introduction to Snort as
well.
This is good, practical advice, and makes an excellent reference for
anyone dealing with the security of Linux in a networked environment.
In one sense the authors are right, for they stick to the nuts and
bolts, without discussing security frameworks or theories. In another
sense they are wrong: this text does what the "hacking" books only
pretend to do. The authors of the genre of "Teach Total Idiots How to
Hack and They Will Automatically Turn Into Security Experts" texts all
imagine that they teach you how to harden/secure a system, but don't.
This does.
copyright Robert M. Slade, 2003 BKLNSCCB.RVW 20031019
--
======================
rslade.DeleteThis@vcn.bc.ca slade.DeleteThis@victoria.tc.ca rslade.DeleteThis@sun.soci.niu.edu
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
============= for back issues:
[Base URL] site
http://victoria.tc.ca/techrev/
or mirror
http://sun.soci.niu.edu/~rslade/
CISSP refs: [Base URL]mnbksccd.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent:
http://groups.yahoo.com/group/techbooks/
Security Educ.:
http://groups.yahoo.com/group/comseced/
Review mailing list: send mail to techbooks-subscribe.DeleteThis@egroups.com
FAQ
Search
Profile
Private Messages
Log in
