Practical UNIX and Internet Security, 3rd Edition

Larger Cover

By Simson Garfinkel, Gene Spafford, Alan Schwartz

Publisher: O'Reilly Media

Released: February 2003

Pages: 992

When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world.

Focusing on the four most popular Unix variants today--Solaris, Mac OS X, Linux, and FreeBSD--this book contains new information on PAM (Pluggable Authentication Modules), LDAP, SMB/Samba, anti-theft technologies, embedded systems, wireless and laptop issues, forensics, intrusion detection, chroot jails, telephone scanners and firewalls, virtual and cryptographic filesystems, WebNFS, kernel security levels, outsourcing, legal issues, new Internet protocols and cryptographic algorithms, and much more.

Practical Unix & Internet Security consists of six parts:

Computer security basics: introduction to security problems and solutions, Unix history and lineage, and the importance of security policies as a basic element of system security.
Security building blocks: fundamentals of Unix passwords, users, groups, the Unix filesystem, cryptography, physical security, and personnel security.
Network security: a detailed look at modem and dialup security, TCP/IP, securing individual network services, Sun's RPC, various host and network authentication systems (e.g., NIS, NIS+, and Kerberos), NFS and other filesystems, and the importance of secure programming.
Secure operations: keeping up to date in today's changing security world, backups, defending against attacks, performing integrity management, and auditing.
Handling security incidents: discovering a break-in, dealing with programmed threats and denial of service attacks, and legal aspects of computer security.
Appendixes: a comprehensive security checklist and a detailed bibliography of paper and electronic references for further reading and research.

Packed with 1000 pages of helpful text, scripts, checklists, tips, and warnings, this third edition remains the definitive reference for Unix administrators and anyone who cares about protecting their systems and data from today's threats.

Computer Security Basics
1. Chapter 1 Introduction: Some Fundamental Questions
  1. What Is Computer Security?
  2. What Is an Operating System?
  3. What Is a Deployment Environment?
  4. Summary
2. Chapter 2 Unix History and Lineage
  1. History of Unix
  2. Security and Unix
  3. Role of This Book
  4. Summary
3. Chapter 3 Policies and Guidelines
  1. Planning Your Security Needs
  2. Risk Assessment
  3. Cost-Benefit Analysis and Best Practices
  4. Policy
  5. Compliance Audits
  6. Outsourcing Options
  7. The Problem with Security Through Obscurity
  8. Summary
Security Building Blocks
1. Chapter 4 Users, Passwords, and Authentication
  1. Logging in with Usernames and Passwords
  2. The Care and Feeding of Passwords
  3. How Unix Implements Passwords
  4. Network Account and Authorization Systems
  5. Pluggable Authentication Modules (PAM)
  6. Summary
2. Chapter 5 Users, Groups, and the Superuser
  1. Users and Groups
  2. The Superuser (root)
  3. The su Command: Changing Who You Claim to Be
  4. Restrictions on the Superuser
  5. Summary
3. Chapter 6 Filesystems and Security
  1. Understanding Filesystems
  2. File Attributes and Permissions
  3. chmod: Changing a File’s Permissions
  4. The umask
  5. SUID and SGID
  6. Device Files
  7. Changing a File’s Owner or Group
  8. Summary
4. Chapter 7 Cryptography Basics
  1. Understanding Cryptography
  2. Symmetric Key Algorithms
  3. Public Key Algorithms
  4. Message Digest Functions
  5. Summary
5. Chapter 8 Physical Security for Servers
  1. Planning for the Forgotten Threats
  2. Protecting Computer Hardware
  3. Preventing Theft
  4. Protecting Your Data
  5. Story: A Failed Site Inspection
  6. Summary
6. Chapter 9 Personnel Security
  1. Background Checks
  2. On the Job
  3. Departure
  4. Other People
  5. Summary
Network and Internet Security
1. Chapter 10 Modems and Dialup Security
  1. Modems: Theory of Operation
  2. Modems and Security
  3. Modems and Unix
  4. Additional Security for Modems
  5. Summary
2. Chapter 11 TCP/IP Networks
  1. Networking
  2. IP: The Internet Protocol
  3. IP Security
  4. Summary
3. Chapter 12 Securing TCP and UDP Services
  1. Understanding Unix Internet Servers and Services
  2. Controlling Access to Servers
  3. Primary Unix Network Services
  4. Managing Services Securely
  5. Putting It All Together: An Example
  6. Summary
4. Chapter 13 Sun RPC
  1. Remote Procedure Call (RPC)
  2. Secure RPC (AUTH_DES)
  3. Summary
5. Chapter 14 Network-Based Authentication Systems
  1. Sun’s Network Information Service (NIS)
  2. Sun’s NIS+
  3. Kerberos
  4. LDAP
  5. Other Network Authentication Systems
  6. Summary
6. Chapter 15 Network Filesystems
  1. Understanding NFS
  2. Server-Side NFS Security
  3. Client-Side NFS Security
  4. Improving NFS Security
  5. Some Last Comments on NFS
  6. Understanding SMB
  7. Summary
7. Chapter 16 Secure Programming Techniques
  1. One Bug Can Ruin Your Whole Day . . .
  2. Tips on Avoiding Security-Related Bugs
  3. Tips on Writing Network Programs
  4. Tips on Writing SUID/SGID Programs
  5. Using chroot( )
  6. Tips on Using Passwords
  7. Tips on Generating Random Numbers
  8. Summary
Secure Operations
1. Chapter 17 Keeping Up to Date
  1. Software Management Systems
  2. Updating System Software
  3. Summary
2. Chapter 18 Backups
  1. Why Make Backups?
  2. Backing Up System Files
  3. Software for Backups
  4. Summary
3. Chapter 19 Defending Accounts
  1. Dangerous Accounts
  2. Monitoring File Format
  3. Restricting Logins
  4. Managing Dormant Accounts
  5. Protecting the root Account
  6. One-Time Passwords
  7. Administrative Techniques for Conventional Passwords
  8. Intrusion Detection Systems
  9. Summary
4. Chapter 20 Integrity Management
  1. The Need for Integrity
  2. Protecting Integrity
  3. Detecting Changes After the Fact
  4. Integrity-Checking Tools
  5. Summary
5. Chapter 21 Auditing, Logging, and Forensics
  1. Unix Log File Utilities
  2. Process Accounting: The acct/pacct File
  3. Program-Specific Log Files
  4. Designing a Site-Wide Log Policy
  5. Handwritten Logs
  6. Managing Log Files
  7. Unix Forensics
  8. Summary
Handling Security Incidents
1. Chapter 22 Discovering a Break-in
  1. Prelude
  2. Discovering an Intruder
  3. Cleaning Up After the Intruder
  4. Case Studies
  5. Summary
2. Chapter 23 Protecting Against Programmed Threats
  1. Programmed Threats: Definitions
  2. Damage
  3. Authors
  4. Entry
  5. Protecting Yourself
  6. Preventing Attacks
  7. Summary
3. Chapter 24 Denial of Service Attacks and Solutions
  1. Types of Attacks
  2. Destructive Attacks
  3. Overload Attacks
  4. Network Denial of Service Attacks
  5. Summary
4. Chapter 25 Computer Crime
  1. Your Legal Options After a Break-in
  2. Criminal Hazards
  3. Criminal Subject Matter
  4. Summary
5. Chapter 26 Who Do You Trust?
  1. Can You Trust Your Computer?
  2. Can You Trust Your Suppliers?
  3. Can You Trust People?
  4. Summary
Appendixes
1. Appendix Unix Security Checklist
  1. Preface
  2. Chapter 1: Introduction: Some Fundamental Questions
  3. Chapter 2: Unix History and Lineage
  4. Chapter 3: Policies and Guidelines
  5. Chapter 4: Users, Passwords, and Authentication
  6. Chapter 5: Users, Groups, and the Superuser
  7. Chapter 6: Filesystems and Security
  8. Chapter 7: Cryptography Basics
  9. Chapter 8: Physical Security for Servers
  10. Chapter 9: Personnel Security
  11. Chapter 10: Modems and Dialup Security
  12. Chapter 11: TCP/IP Networks
  13. Chapter 12: Securing TCP and UDP Services
  14. Chapter 13: Sun RPC
  15. Chapter 14: Network-Based Authentication Systems
  16. Chapter 15: Network Filesystems
  17. Chapter 16: Secure Programming Techniques
  18. Chapter 17: Keeping Up to Date
  19. Chapter 18: Backups
  20. Chapter 19: Defending Accounts
  21. Chapter 20: Integrity Management
  22. Chapter 21: Auditing, Logging, and Forensics
  23. Chapter 22: Discovering a Break-In
  24. Chapter 23: Protecting Against Programmed Threats
  25. Chapter 24: Denial of Service Attacks and Solutions
  26. Chapter 25: Computer Crime
  27. Chapter 26: Who Do You Trust?
  28. Appendix A: Unix Security Checklist
  29. Appendix B: Unix Processes
  30. Appendixes C, D, and E: Paper Sources, Electronic Sources, and Organizations
2. Appendix Unix Processes
  1. About Processes
  2. Signals
  3. Controlling and Examining Processes
  4. Starting Up Unix and Logging In
3. Appendix Paper Sources
  1. Unix Security References
  2. Other Computer References
4. Appendix Electronic Resources
  1. Mailing Lists
  2. Web Sites
  3. Usenet Groups
  4. Software Resources
5. Appendix Organizations
  1. Professional Organizations
  2. U.S. Government Organizations
  3. Emergency Response Organizations

Colophon

Title:

Practical UNIX and Internet Security, 3rd Edition

By:

Simson Garfinkel, Gene Spafford, Alan Schwartz

Publisher:

O'Reilly Media

Formats:

Print
Ebook
Safari Books Online

Print:

February 2003

Ebook:

May 2011

Pages:

992

Print ISBN:

978-0-596-00323-4

| ISBN 10:

0-596-00323-4

Ebook ISBN:

978-1-4493-8654-2

| ISBN 10:

1-4493-8654-7

Simson Garfinkel

Simson Garfinkel, CISSP, is a journalist, entrepreneur, and international authority on computer security. Garfinkel is chief technology officer at Sandstorm Enterprises, a Boston-based firm that develops state-of-the-art computer security tools. Garfinkel is also a columnist for Technology Review Magazine and has written for more than 50 publications, including Computerworld, Forbes, and The New York Times. He is also the author of Database Nation; Web Security, Privacy, and Commerce; PGP: Pretty Good Privacy; and seven other books. Garfinkel earned a master's degree in journalism at Columbia University in 1988 and holds three undergraduate degrees from MIT. He is currently working on his doctorate at MIT's Laboratory for Computer Science.

View Simson Garfinkel's full profile page.
Gene Spafford

Gene Spafford, Ph.D., CISSP, is an internationally renowned scientist and educator who has been working in information security, policy, cybercrime, and software engineering for nearly two decades. He is a professor at Purdue University and is the director of CERIAS, the world's premier multidisciplinary academic center for information security and assurance. Professor Spafford and his students have pioneered a number of technologies and concepts well-known in security today, including the COPS and Tripwire tools, two-stage firewalls, and vulnerability databases. Spaf, as he is widely known, has achieved numerous professional honors recognizing his teaching, his research, and his professional service. These include being named a fellow of the AAAS, the ACM, and the IEEE; receiving the National Computer Systems Security Award; receiving the William Hugh Murray Medal of the NCISSE; election to the ISSA Hall of Fame; and receiving the Charles Murphy Award at Purdue. He was named a CISSP, honoris causa in 2000. In addition to over 100 technical reports and articles on his research, Spaf is also the coauthor of Web Security, Privacy, and Commerce, and was the consulting editor for Computer Crime: A Crimefighters Handbook (both from O'Reilly).

View Gene Spafford's full profile page.
Alan Schwartz

Alan Schwartz, Ph.D. is an assistant professor of clinical decision making in the Departments of Medical Education and Pediatrics at the University of Illinois at Chicago. He is also the author of Managing Mailing Lists and the coauthor of Stopping Spam (both from O'Reilly). He serves as a consultant on Unix system administration for several ISPs. In his spare time, he develops and maintains the PennMUSH MUD server and brews beer and mead with his wife, with whom he also develops and maintains their son. Turn-ons for Alan include sailing, programming in Perl, playing duplicate bridge, and drinking Anchor Porter. Turn-offs include spam and watery American lagers.

View Alan Schwartz's full profile page.

Colophon

Our look is the result of reader comments, our own experimentation, and feedback from distribution channels. Distinctive covers complement our distinctive approach to technical topics, breathing personality and life into potentially dry subjects. The image on the cover of Practical Unix and Internet Security, Third Edition, is a safe. The concept of a safe has been with us for a long time. Methods for keeping valuables safely have been in use since the beginning of recorded history. The first physical structures that we think of as safes were developed by the Egyptians, Greeks, and Romans. These early safes were simply wooden boxes. In the Middle Ages and Renaissance in Europe, these wooden box safes started being reinforced with metal bands, and some were equipped with locks. The first all-metal safe was developed in France in 1820. Matt Hutchinson was the production editor and proofreader for Practical Unix and Internet Security, Third Edition. Emily Quill, Jane Ellin, and Claire Cloutier provided quality control. Genevieve d'Entremont, Sue Willing, David Read, and Mary Brady provided production assistance. Angela Howard wrote the index.

Edie Freedman designed the cover of this book, using a 19th-century engraving from the Dover Pictorial Archive. Emma Colby produced the cover layout with Quark-XPress 4.1 using Adobe's ITC Garamond font.

Bret Kerr designed the interior layout, based on a series design by David Futato. This book was converted by Joe Wizda to FrameMaker 5.5.6 with a format conversion tool created by Erik Ray, Jason McIntosh, Neil Walls, and Mike Sierra that uses Perl and XML technologies. The text font is Linotype Birka; the heading font is Adobe Myriad Condensed; and the code font is LucasFont's TheSans Mono Condensed. The illustrations that appear in the book were produced by Robert Romano and Jessamyn Read using Macromedia FreeHand 9 and Adobe Photoshop 6. The tip and warning icons were drawn by Christopher Bing. This colophon was written by Matt Hutchinson.

Description

Table of Contents

Product Details

About the Author

Colophon

Recommended for You

Recently Viewed

MySQL and mSQL

By Tim King, George Reese, Randy Yarger

July 1999

Mac OS X: The Missing Manual, 2nd Edition

By David Pogue

October 2002

Open Government

Collaboration, Transparency, and Participation in Practice

By Daniel Lathrop, Laurel Ruma

February 2010

Ebook: $19.99

Print & Ebook: $27.49

Print: $24.99

Customer Reviews

REVIEW SNAPSHOT®

by PowerReviews

oreilly Practical UNIX and Internet Security, Third Edition

5.0

(based on 2 reviews)

Reviews

Reviewed by 2 customers

Sort by

Displaying reviews 1-2

2/21/2009

(0 of 1 customers found this review helpful)

5.0

Only the good die young.

By Anonymous

from Undisclosed

Comments about oreilly Practical UNIX and Internet Security, Third Edition:

It forms forms the knowledge-base required of anyone in the security profession, and everyone in legislation. It defines what is meant by the term "security". The content is still ahead of the curve. USAJobs, Monster -- every employee running a network that stores so much as a URL we visit ought to read it until someone with a conscience eats and breathes the attitiude of its writers. It contains what every citizen out to KNOW is a security minimum, before they vote back into office people who do not pass enforcing legislation. We cannot afford to dismiss security as we have been unless we do not give darn about our freedom, or about the rights to privacy our children will be expected to concede, if we remain complacent today. Security has *everything* to do with privacy.

8/21/2003

(3 of 3 customers found this review helpful)

5.0

Practical Unix & Internet Security, 3rd Edition Review

By Charles McColm

from Undisclosed

Comments about oreilly Practical UNIX and Internet Security, Third Edition:

At just under 1,000 pages the 3rd edition of Practical Unix & Internet Security might look intimidating on the shelf, but a quick glance through the pages reveals that it is both practical and entertaining. With Slammer and Blaster making their way into the news it seemed like a good time to brush up on security. Already considered a classic reference, the 3rd edition of Practical Unix & Internet Security provides extensive updated information about topics like PAM (Pluggable Authentication Modules), LDAP, forensics, intrusion detection, wireless devices, and cryptography.

Practical Unix & Internet Security is divided up into six sections:

The first sections covers the basics of computer security, tracing the history of Unix and security, as well as providing details of what should be in a good security policy.

The second section covers the building blocks of security, authentication, users and groups, filesystems, cryptography, physical security for servers, and personnel security.

Network and Internet security are focused on in the third section with emphasis on modems and dialup security, TCP/IP networks, securing TCP and UDP services, Sun RPC, NIS, Kerberos, LDAP, NFS, SAMBA, and finishing up with a chapter dedicated to secure programming techniques.

Day to day operations are the focus of the fourth section. Keeping up to date, making backups, defending accounts, using integrity checking tools, and auditing, logging, and forensics are all expanded upon in detail over 5 chapters.

The fifth section rounds off the main part of the book by describing how to handle security incidents. Special focus is given to discovering a break-in, protecting against programmed threats, Denial of Service Attacks (& DDoS), legal options, and a chapter on who you can trust.

The Appendixes make up the sixth and final section. Not a spot is wasted in the appendixes which begin with a Unix security checklist, and then outline Unix processes, provide both extensive paper and electronic resources, and conclude with a sub-section on security organizations.

Among the topics I found most interesting were: Access Control Lists (ACL), Pluggable Authentication Modules (PAM), the section about 128-bit keys and dictionary-based passwords, connection laundering, honeypots, the false syslog example, and the example detailing a call to Microsoft's anti-piracy help line. The real-life examples scattered throughout Practical Unix & Internet Security keep the security sections from seeming overwhelming. This is one of the few books that I've found ever chapter of the appendix useful, so don't overlook them as simple reference pages.

Normally one-liners are reserved for movie discussions but for those who've already delved into Practical Unix & Internet Security here are a few of my favorite one-liners:

"...we do believe that making files readable and writable by everyone leads to many evil deeds." - talking about the octal mode 666.

"Humidity is your computer's friend." - just before static discharge kills your entire system.

"Beware of Key Employees." - warning against making one person so key that their departure could cause your company irreparable harm.

"You mean, you don't really have a copy? [of Windows 98]" - the last part of a conversation with Microsoft's Anti-Piracy line. The company which called Microsoft's was tracing some intruders who had uploaded a copy of Windows 98 to the company's web site and was using the site to peddle warez. Microsoft was just about to launch Windows 98. The example shows just how clueless some help desks can be.

There are a few spelling mistakes and grammatical flaws but not enough to take away from the bulk of the information and no glaring omissions. UUCP coverage was dumped because UUCP simply is not a practical anymore now that more advanced alternatives like sendmail exist. I started glazing over material by the middle of the NIS chapter but it probably had more to do with the fact that I was thinking about the other 400 or so pages I had to read before I finished the main section of the book rather than the topic itself.

One of the great things about Practical Unix & Internet Security is that it is appropriate for a wide audience. There is relevant material for system administrators, security, company decision makers, even the guy sitting at the accounting terminal. Despite its massive size Practical Unix & Internet Security is entertaining enough to be read cover to cover. (It's good for the arm muscles too) Though it is easy to read beginners should probably reread their system manual before plunging headlong into this book. All in all Practical Unix & Internet Security continues to be one of those must have books for any Linux user.

Displaying reviews 1-2

Save a Tree - Go Digital what is this?

Ebook: $43.99

Formats: DAISY, ePub, Mobi, PDF

Print & Ebook: $60.45

Print: $54.95

Safari Books Online - Read now >

Computer Security Basics

Chapter 1 Introduction: Some Fundamental Questions

Chapter 2 Unix History and Lineage

Chapter 3 Policies and Guidelines

Security Building Blocks

Chapter 4 Users, Passwords, and Authentication

Chapter 5 Users, Groups, and the Superuser

Chapter 6 Filesystems and Security

Chapter 7 Cryptography Basics

Chapter 8 Physical Security for Servers

Chapter 9 Personnel Security

Network and Internet Security

Chapter 10 Modems and Dialup Security

Chapter 11 TCP/IP Networks

Chapter 12 Securing TCP and UDP Services

Chapter 13 Sun RPC

Chapter 14 Network-Based Authentication Systems

Chapter 15 Network Filesystems

Chapter 16 Secure Programming Techniques

Secure Operations

Chapter 17 Keeping Up to Date

Chapter 18 Backups

Chapter 19 Defending Accounts

Chapter 20 Integrity Management

Chapter 21 Auditing, Logging, and Forensics

Handling Security Incidents

Chapter 22 Discovering a Break-in

Chapter 23 Protecting Against Programmed Threats

Chapter 24 Denial of Service Attacks and Solutions

Chapter 25 Computer Crime

Chapter 26 Who Do You Trust?

Appendixes

Appendix Unix Security Checklist

Appendix Unix Processes

Appendix Paper Sources

Appendix Electronic Resources

Appendix Organizations

Colophon

Simson Garfinkel

Gene Spafford

Alan Schwartz

About O'Reilly

Community

More O'Reilly Sites

Partner Sites

Shop O'Reilly