Rating: 
Summary: Excellent book on security.
Review: This book took me a long time to read, but for a good reason, I kept implementing
the various hacks in the book on a server I had started setting up.
The book is mostly Unix related, but there is some Windows related `hacks' as well.
I think the Windows coverage was lacking a bit though. For Unix, it talks about
Linux, the BSD's and a bit on Mac OS X and Solaris. Most of the topics are
general enough to apply to any Unix based Operating System, but some are specific
to an operating system.
One of the great things about the Hacks series of books by O'Reilly is that the
information is presented in nice small chunks that you can read in a few minutes
if you have some spare time.
The hacks are all `hyperlinked' to each other, if a hack mentions something that
relates to another hack, it is highlighted in blue and the hack that it
references is listed. I did find a few places where this wasn't done
(#84 Real-Time Monitoring, first mentions Barnyard but doesn't provide any
information on it or mention that it is one of the later hacks).
Lots of the hacks in the book could be found by doing some reading on the
internet, but finding such a variety of topics all in one place, with enough
information to get you started is really nice. Even though I consider myself to
be fairly security conscious, I still found quite a few things in this book that
I hadn't thought of, or plain didn't realize were possible or even existed. I
would recommend this book to anyone that is interested in security or anyone
responsible for maintaining a server (whether or not it is on the internet).
Rating: 
Summary: Good simple reference
Review: When I first got this little book, I was unimpressed by its idea: a seemingly random collection of network security tips, combined under the same cover. However, when I started reading, more and more often I exclaimed "ah, that is how it is done", etc. The book is one cool collection of tips, ranging from mundane ('how to configure iptables on Linux') to fairly esoteric ('how to use MySQL as an authenticating backend for an FTP server'). Always wanted to use 'grsecurity' or 'systrace', but thought it is too complicated - grab the book and give it a shot. Want to set up a fancy encrypted tunnel between two networks - it covers that too. Admittedly, a lot of advice given in the book can be found on Google, but it is nice to find it in one place. The book covers selected topics in host security, SSH and VPNs, IDS, monitoring and even touches upon forensics. I also liked its multi-platform coverage, with a slight, but unmistakable UNIX/Linux bias. Overall, it is a great simple book, provided you don't try to find in it something it isn't: a neat collection of simple network security tips. I somewhat disliked that many tips don't go beyond 'how to install a tool' and stop short of discussing 'how to use it best'. Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major security information management company. He is the author of the book "Security Warrior" (O'Reilly, 2004) and contributor to "Know Your Enemy II" by the Honeynet Project (AWL, 2004)). His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org
|
