Hacking Exposed Linux, 2nd Edition (Hacking Exposed)

The "Hacking Exposed" series is known for its unique example-driven style. Rather than telling the reader about a technique or problem, the authors demonstrate the issue using command-line examples. I find myself reading with book and laptop at hand, ready to duplicate the authors' sample commands. This process reinforces the authors' message, while the reader learns if a specific problem applies to his situation. Furthermore, by showing exactly how to execute certain commands, the authors impart bits of wisdom and trickery not found elsewhere.

For example, chapter 11 describes attacks and defenses for FTP servers. To explain active and passive FTP sessions, the authors demonstrate running an FTP client with the -d switch to illustrate raw instructions sent by the client over the FTP command channel. I had never seen this switch in use, but as an intrusion detector I constantly see raw FTP instructions like those revealed by the -d switch. These and other tidbits, like using the chattr -i command or setting the "sticky bit", make HLE exceptional.

Beyond these benefits, readers will enjoy clear, thorough explanations of Linux security issues. HLE gives first-rate descriptions of ssh and web man-in-the-middle attacks, race conditions, and FTP data hijacking. HLE also provides great illustrated examples of FTP bounce attacks, giving intrusion detectors the minutiae we need to recognize these techniques. I had heard of most of the compromise methods offered by HLE, but never seen them discussed in such practical detail.

If the material in chapters 1-13 of HLE don't prompt you to verify your Linux host's integrity, then the case studies in appendix D will. The security community needs more of these narratives. These stories, based on true events, show the lengths to which some attacks will go to penetrate target machines.

"Hacking Linux Exposed" is another strong addition to the "Hacking Exposed" series, and the security community will benefit as a result.

(Disclaimer: I received a free review copy from the publisher.)

Rating:
Summary: Excellence through examples
Review: I am a senior engineer for network security operations. I read "Hacking Linux Exposed" (HLE) to learn how adversaries compromise Linux hosts. HLE impressed me at every level. I highly recommend system administrators and security personnel read and heed this book's recommendations.

The "Hacking Exposed" series is known for its unique example-driven style. Rather than telling the reader about a technique or problem, the authors demonstrate the issue using command-line examples. I find myself reading with book and laptop at hand, ready to duplicate the authors' sample commands. This process reinforces the authors' message, while the reader learns if a specific problem applies to his situation. Furthermore, by showing exactly how to execute certain commands, the authors impart bits of wisdom and trickery not found elsewhere.

For example, chapter 11 describes attacks and defenses for FTP servers. To explain active and passive FTP sessions, the authors demonstrate running an FTP client with the -d switch to illustrate raw instructions sent by the client over the FTP command channel. I had never seen this switch in use, but as an intrusion detector I constantly see raw FTP instructions like those revealed by the -d switch. These and other tidbits, like using the chattr -i command or setting the "sticky bit", make HLE exceptional.

Beyond these benefits, readers will enjoy clear, thorough explanations of Linux security issues. HLE gives first-rate descriptions of ssh and web man-in-the-middle attacks, race conditions, and FTP data hijacking. HLE also provides great illustrated examples of FTP bounce attacks, giving intrusion detectors the minutiae we need to recognize these techniques. I had heard of most of the compromise methods offered by HLE, but never seen them discussed in such practical detail.

If the material in chapters 1-13 of HLE don't prompt you to verify your Linux host's integrity, then the case studies in appendix D will. The security community needs more of these narratives. These stories, based on true events, show the lengths to which some attacks will go to penetrate target machines.

"Hacking Linux Exposed" is another strong addition to the "Hacking Exposed" series, and the security community will benefit as a result.

(Disclaimer: I received a free review copy from the publisher.)

Rating:
Summary: Should have been "Hacking Unix Exposed"
Review: I am in charge of network security for a large firm. We use largely FreeBSD and OpenBSD machines instead of Linux whenever possible. One of the junior folks was trying to convince us that Linux isn't all that bad, and pointed to this book as proof that it can be secured.

Well, we're not about to switch. However this book covered so many unexpected issues that affected our *BSD boxen that we spent a solid week implementing changes on all our systems. The detail of this book was superb, and it was easy to figure out the differences between their Linux-specific solutions and what was needed on our *BSD systems when they weren't exactly the same.

Got Unix? Buy this book.

Rating:
Summary: An excellent security book, excellent Linux book
Review: I am very new to Linux. I've got a lot of windows experience and an MCSE, but recently my job has included a few Linux machines when other guys were downsized. Our Linux machines are the ones on the Internet, so security is relly important. I picked this book up after looking at four or five, and am really happy with my choice.The solutions they provide are clear enough that even a guy like me who is intimidated by Bash can make them all work. The desciptions of the attacks are very complete, and I learned a lot of network attacks that would affect windows machines, but were never explained in my MCSE training -- probably because only Linux has ways to defeat them.This book taught me a lot of Linux tips along the way too. I even followed along and have compiled a Linux kernel from scratch -- something I never expected to get from a security book in such easy to follow instructions.I recommend this book to any Linux user, new or experienced.

Rating:
Summary: Hands down one of the best technology books I have ever read
Review: I bought this book after my site got hacked. I was looking for information that I could use to protect myself, and this book delivered the goods in a huge way. I've probably read 60 or 70 technical manuals over the years and am a former DBA and sysadmin, and very few have affected me as profoundly as this one did. If you have an e-commerce site or are responsible for maintaining Linux systems, you will never view your system the same way again after reading this book - I started to read this book and whenever I saw something that I could apply to my system to make it more secure, I wrote it down on an 8.5 x 11 pad... When I'd gotten 3/4 of the way down the sheet I stopped taking notes, because I realized that I was writing something down every two pages! Another reason why this book is so useful is because IT TELLS YOU HOW TO PROTECT YOURSELF. The authors are not lightweights and give specific instructions for defending against every attack they describe. Often they make multiple suggestions, indicating when different approaches would be preferable. Despite the high level of detail, the book is well-organized, well-indexed, and surprisingly well written. Even if you think you know net security well, I would recommend checking this book out because it is so well written and easy to understand that even a script-kiddie hacker wannabe could use it to root your box...

Rating:
Summary: Recommended for *NIX too
Review: I bought this book after reading the 2nd ed. of Hacking Exposed. I wanted to learn more about security and hack attacks/exploits in the Unix environment (the original HckngXpsd has about 100 pages on Unix). I run Linux at home, and I support Solaris at work. This book while geared more towards Linux, is a very good source for general Unix security and hacks. I'd love to see one specifically for Solaris (more CDE and X stuff) but for now I can say that I've learned quite a bit from this version of the book. The one thing I wish this book included (which the original does) is real life example or stories of how an exploit was created.

Rating:
Summary: Under attack!
Review: I got a copy of this book three weeks ago, and have only really gone through the first two chapters -- it's that packed with information.

I have a network with several windows and linux machines, with firewall software on the PCs. According to my firewall logs, they haven't been probed more than once ever few days. Since I didn't have anything protecting my linux machines I followed some of the examples from this book and installed some scan detectors. I was seeing at least ten probes a day. I thought this was funny, since my PC firewalls weren't picking anything up, so I skipped ahead to chapter 6 where it talks about sniffing, and I can see that my PCs are in fact being targeted, but the firewalls don't log anything!

Now I'm extreemly paranoid. I've unhooked my PCs, and am going to only let the linux machines on the net -- with this book at least they can be secured for real.

Rating:
Summary: A Must for nix Admin or User
Review: I haven't finished the book right now but keep reading it. It is the best computer book I have ever read. Plain text keep user to understand more easily. The topic is well organized that you will really want to read the next chapter after you have finished one. Since it is interesting if you like security.

The stuff covered maybe not enough, but it give much of the reference that you can find it on the web. Also, I think the level is very suitable for experienced nix user or admin who want to know security about their OS.

If you want to learn how to secure your nix system, read this!!