Practical UNIX and Internet Security, 3rd Edition
Securing Solaris, Mac OS X, Linux & Free BSD
Publisher: O'Reilly Media
Final Release Date: February 2003
Pages: 988

When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world.Focusing on the four most popular Unix variants today--Solaris, Mac OS X, Linux, and FreeBSD--this book contains new information on PAM (Pluggable Authentication Modules), LDAP, SMB/Samba, anti-theft technologies, embedded systems, wireless and laptop issues, forensics, intrusion detection, chroot jails, telephone scanners and firewalls, virtual and cryptographic filesystems, WebNFS, kernel security levels, outsourcing, legal issues, new Internet protocols and cryptographic algorithms, and much more.Practical Unix & Internet Security consists of six parts:

  • Computer security basics: introduction to security problems and solutions, Unix history and lineage, and the importance of security policies as a basic element of system security.
  • Security building blocks: fundamentals of Unix passwords, users, groups, the Unix filesystem, cryptography, physical security, and personnel security.
  • Network security: a detailed look at modem and dialup security, TCP/IP, securing individual network services, Sun's RPC, various host and network authentication systems (e.g., NIS, NIS+, and Kerberos), NFS and other filesystems, and the importance of secure programming.
  • Secure operations: keeping up to date in today's changing security world, backups, defending against attacks, performing integrity management, and auditing.
  • Handling security incidents: discovering a break-in, dealing with programmed threats and denial of service attacks, and legal aspects of computer security.
  • Appendixes: a comprehensive security checklist and a detailed bibliography of paper and electronic references for further reading and research.
Packed with 1000 pages of helpful text, scripts, checklists, tips, and warnings, this third edition remains the definitive reference for Unix administrators and anyone who cares about protecting their systems and data from today's threats.
Table of Contents
Product Details
About the Author
Recommended for You
Customer Reviews


by PowerReviews
oreillyPractical UNIX and Internet Security, 3rd Edition

(based on 2 reviews)

Ratings Distribution

  • 5 Stars



  • 4 Stars



  • 3 Stars



  • 2 Stars



  • 1 Stars



Reviewed by 2 customers

Displaying reviews 1-2

Back to top

(1 of 4 customers found this review helpful)


Only the good die young.

By Anonymous

from Undisclosed

Comments about oreilly Practical UNIX and Internet Security, 3rd Edition:

It forms forms the knowledge-base required of anyone in the security profession, and everyone in legislation. It defines what is meant by the term "security". The content is still ahead of the curve. USAJobs, Monster -- every employee running a network that stores so much as a URL we visit ought to read it until someone with a conscience eats and breathes the attitiude of its writers. It contains what every citizen out to KNOW is a security minimum, before they vote back into office people who do not pass enforcing legislation. We cannot afford to dismiss security as we have been unless we do not give darn about our freedom, or about the rights to privacy our children will be expected to concede, if we remain complacent today. Security has *everything* to do with privacy.

(8 of 8 customers found this review helpful)


Practical Unix & Internet Security, 3rd Edition Review

By Charles McColm

from Undisclosed

Comments about oreilly Practical UNIX and Internet Security, 3rd Edition:

At just under 1,000 pages the 3rd edition of Practical Unix & Internet Security might look intimidating on the shelf, but a quick glance through the pages reveals that it is both practical and entertaining. With Slammer and Blaster making their way into the news it seemed like a good time to brush up on security. Already considered a classic reference, the 3rd edition of Practical Unix & Internet Security provides extensive updated information about topics like PAM (Pluggable Authentication Modules), LDAP, forensics, intrusion detection, wireless devices, and cryptography.

Practical Unix & Internet Security is divided up into six sections:

The first sections covers the basics of computer security, tracing the history of Unix and security, as well as providing details of what should be in a good security policy.

The second section covers the building blocks of security, authentication, users and groups, filesystems, cryptography, physical security for servers, and personnel security.

Network and Internet security are focused on in the third section with emphasis on modems and dialup security, TCP/IP networks, securing TCP and UDP services, Sun RPC, NIS, Kerberos, LDAP, NFS, SAMBA, and finishing up with a chapter dedicated to secure programming techniques.

Day to day operations are the focus of the fourth section. Keeping up to date, making backups, defending accounts, using integrity checking tools, and auditing, logging, and forensics are all expanded upon in detail over 5 chapters.

The fifth section rounds off the main part of the book by describing how to handle security incidents. Special focus is given to discovering a break-in, protecting against programmed threats, Denial of Service Attacks (& DDoS), legal options, and a chapter on who you can trust.

The Appendixes make up the sixth and final section. Not a spot is wasted in the appendixes which begin with a Unix security checklist, and then outline Unix processes, provide both extensive paper and electronic resources, and conclude with a sub-section on security organizations.

Among the topics I found most interesting were: Access Control Lists (ACL), Pluggable Authentication Modules (PAM), the section about 128-bit keys and dictionary-based passwords, connection laundering, honeypots, the false syslog example, and the example detailing a call to Microsoft's anti-piracy help line. The real-life examples scattered throughout Practical Unix & Internet Security keep the security sections from seeming overwhelming. This is one of the few books that I've found ever chapter of the appendix useful, so don't overlook them as simple reference pages.

Normally one-liners are reserved for movie discussions but for those who've already delved into Practical Unix & Internet Security here are a few of my favorite one-liners:

"...we do believe that making files readable and writable by everyone leads to many evil deeds." - talking about the octal mode 666.

"Humidity is your computer's friend." - just before static discharge kills your entire system.

"Beware of Key Employees." - warning against making one person so key that their departure could cause your company irreparable harm.

"You mean, you don't really have a copy? [of Windows 98]" - the last part of a conversation with Microsoft's Anti-Piracy line. The company which called Microsoft's was tracing some intruders who had uploaded a copy of Windows 98 to the company's web site and was using the site to peddle warez. Microsoft was just about to launch Windows 98. The example shows just how clueless some help desks can be.

There are a few spelling mistakes and grammatical flaws but not enough to take away from the bulk of the information and no glaring omissions. UUCP coverage was dumped because UUCP simply is not a practical anymore now that more advanced alternatives like sendmail exist. I started glazing over material by the middle of the NIS chapter but it probably had more to do with the fact that I was thinking about the other 400 or so pages I had to read before I finished the main section of the book rather than the topic itself.

One of the great things about Practical Unix & Internet Security is that it is appropriate for a wide audience. There is relevant material for system administrators, security, company decision makers, even the guy sitting at the accounting terminal. Despite its massive size Practical Unix & Internet Security is entertaining enough to be read cover to cover. (It's good for the arm muscles too) Though it is easy to read beginners should probably reread their system manual before plunging headlong into this book. All in all Practical Unix & Internet Security continues to be one of those must have books for any Linux user.

Displaying reviews 1-2

Back to top

Buy 2 Get 1 Free Free Shipping Guarantee
Buying Options
Immediate Access - Go Digital what's this?
Ebook:  $43.99
Formats:  DAISY, ePub, Mobi, PDF
Print & Ebook:  $60.45
Print:  $54.95