Comments about oreilly Linux Security Cookbook:

Not just networking, the book is full of recipes and neat tricks that I use everyday. With examples for both debian based and redhat based distro, it's easy to relate to the examples.

From Installation, service management, to stuff like Asterisk, the book is simply a must have for all linux sysadmins.

Comments about oreilly Linux Security Cookbook:

USA Linux Users Group

Book Review

Reviewer: Germ

Book: Linux Security Cookbook

Authors: Daniel J. Barrett, Richard Silverman, Robert G. Byrnes

Publisher: O'Reilly

Pages: 311

ISBN: 0-596-00391-9

Edition: 1st Edition June, 2003

Intended Audience: intermediate level user

The Book: http://www.oreilly.com/catalog/linuxsckbk/index.html

Sample Recipes:

http://www.linuxdevcenter.com/pub/a/linux/excerpt/lsckbk_chap1/index1.html

Security, one of the most important words in computing today. A standard install of a modern distro is relatively secure "out of the box". With all the bad guys out there, certain extra steps should be taken towards increasing the security of your Linux box. There is also a fine line between good enough, too strict, convenience, and other variables. The authors have taken all this into consideration. The situations encountered by the home desktop user all the way to the veteran System Admin are covered. Be sure to read the Preface to this book. It could be a real eye-opener.

Linux Security Cookbook will not teach you everything you need to know about security. In the tradition of the cookbook format, the authors have provided concise, bloat free, and easy to understand recipes. The pros and cons of each recipe are carefully explained. With over 150 file configurations and scripts, there is something for everyone.

In Chapter 1 the focus is on system security and Tripwire, one of the best known system integrity checkers. Tripwire takes a snapshot of you system files that can be compared to the current state of the system. You'll learn how to setup the policy and database, and how to keep Tripwire itself from being compromised.

Chapters 2, 3, and 4 cover internet and network security from firewalls, to network authorisation, to user policies, authentication, and permissions. you will also learn how to protect your email and web site.

Chapters 5 and 6 give a more indepth treatment of user permissions regarding sudo, file sharing, SSH, and associated tools.

Chapters 7 and 8 should be given special consideration by home users. The main topics coverd in the two chapters are email and file security. You will learn about setting the correct permissions and encrypting files and email using GPG. There are also some great recipes for securing several different email clients.

Chapter 9 should be paid careful attention by every user. Now that you have secured your Linux box and network, you should regularly monitor and test it. Tools and techniques in the following areas are covered: logins and passwords, filesystems, networking, and logging. This chapter finishes with information on recovering a hacked system and filing a incident report with the appropriate authorities. Chapter 9 can be downloaded as a PDF file: http://www.oreilly.com/catalog/linuxsckbk/chapter/ch09.pdf The authors have done a great job providing security recipes covering a wide range of tools and techniques. In today's computing environment securing your system and network is a must. The Linux Security Cookbook is highly recommended and once you obtain a copy it will become your standard reference for security matters.

Many thanks to O'Reilly for providing a copy of Linux Security Cookbook to USALUG's Book Review Group.

Originally Posted: http://usalug.org/phpBB2/viewtopic.php?t=5281

Comments about oreilly Linux Security Cookbook:

The Linux Security Cookbook is a good hands-on guide to the major aspects of securing your Linux box. This book offers many quick reference guides to pieces of software for securing or testing your system and goes through many different means of fortifying your box including:

-controlling system access with firewalls

-monitoring your network

-using SSH and SSL

-intrusion detection systems

-authentication and cryptographic keys

-encrypting files and email messages

-system security probing

The recipes in this book allows administrators to learn quick and easy ways to secure their systems including over 150 ready-to-use scripts and configuration files without having to look up or research specific syntax.

This book is definitely a quick hands-on guide to securing and monitoring your system and would recommend it to anyone looking for a good source of guides and ready-to-use scripts and configurations.

Comments about oreilly Linux Security Cookbook:

Linux Security Cookbook has so much to offer: from setting up Tripwire to simple authentication, to setting up Linux firewall such as the popular ipchain or iptable, to using IDS snort for monitoring, this book has plenty of examples. In addition to the tips on how to encrypt files with GuPgP, it also shows our readers how to set up openSSH for remote access, as well as how to make email secure with IMAP/POP with SSL.

Not only does this book provide readers with an overview of what Linux security has to offer, it also provides readers with a very practical hands-on implementation. I also liked about this book is that the authors will tell you about which packages come with SuSE Linux but not with Red Hat Linux, as an example. This helps the reader a lot when you need to decide what features to implement, or settle on what Linux distributions to use.

Job well done!

James Ko

OAM & Security, Data Network Engineering

Comments about oreilly Linux Security Cookbook:

Very easy to read and follow. Great book.

Comments about oreilly Linux Security Cookbook:

Linux Security Cookbook is a very useful book for quick reference. It covers a wide range of security topics and issues related to not just Linux but most Unices. The recipes provided here are well written and ready to use. I have found many tips related to sudo, SSH, xinetd, encryption and network security extremely useful. Some of the recipes show the true hacker spirit in the authors - they teach how to be creative, rather than merely explaining facts and methodologies. Full credit to the authors for bringing out such a comprehensive book on Linux Security.

Comments about oreilly Linux Security Cookbook:

As the title suggests, LSC is a series of different Linux security "recipes." I found the cookbook-style of presentation both good and bad. Some recipes were a breeze to follow (such as the gpg recipes). Other recipes were a bit more challenging in part because of my lack of experience and because they are designed to be implemented on systems larger than my 2 node network.

As a "desktop" Linux user who only administers a desktop machine and notebook the chapters I found most useful were those on intrusion detection systems (Chapter 1) and GPG (Chapters 7 & 8). That said, LSC contains dozens of useful recipes for administrators from PAM authentication to monitoring who is doing what on your system. Some of the programs covered are programs I've never heard of before, John the Ripper for example. Other recipes cover those programs I know I should check out, like Snort, but have never taken the time to. LSC isn't distribution-specific but contains some useful hints for particular distributions.

LSC is easy to follow. The authors have been very careful to mention when software may or may not be included in a distribution and how to find and install it. I got tripped up a little in the first chapter (which covers tripwire), because I tried downloading and compiling the tripwire source found at the tripwire web site. I obtained the source from a couple of recommended sites. In one instance tripwire failed to compile correctly, in another it compiled but kept segfaulting when I tried to initialize the database. It wasn't until after I emailed O'Reilly that I saw mention further in Chapter 1 that tripwire is included with Red Hat Linux. One of the authors, Daniel J. Barrett, also emailed me to tell me that it was on the third CD – doh! The upside of this little tale is that I got to know aide (another intrusion detection system) a little better after I installed it on my Debian-based notebook.

LSC is certainly money well spent. I now use gpg and check my systems for intrusions on a regular basis. I've also finally found a spring board for learning more about Linux security. Reading O'Reilly's LSC made it easier to follow the ipchains-HOWTO and learn more about Linux security from other sources. If you're new to Linux security LSC is a great springboard for learning about a wide range of Linux security issues.

I've saved what is actually covered in LSC for the end of this review. My intention in this review has been mainly to present my experience with LSC so that other Linux users who are also still desktop users, or have never really been concerned with Linux security issues can take away the fact that despite a few sticking points I found this book to be a great source for information on different Linux security issues. For those concerned with the meat of the book, here's how it breaks down:

1. System Snapshots with Tripwire

2. Firewalls with iptables and ipchains

3. Network Access Control (xinetd, inetd, preventing DOS attacks)

4. Authentication Techniques and Infrastructures (PAM, SSL, Kerberos)

5. Authorization Controls (su and sudo)

6. Protecting Outgoing Network Connections (OpenSSH)

7. Protecting Files (permissions, GPG)

8. Protecting Email (all popular mail user agents, SSL and SSH)

9. Testing and Monitoring (Jack the Ripper, Cracklib, Snort, tcpdump, syslog)

You really need to have a good look at the table of contents to get an idea of all this book covers. I have written about it from a desktop-user standpoint, but there are so many recipes that I couldn't cover everything. There are many great code snippets that more advanced users would find useful.

If you don't have an intrusion detection system, need to grant some of your users limited root privileges, have been using the default firewall rules (or don't have a clue about iptables/ipchains), haven't checked your system for root kits or insecure protocols, then the Linux Security Cookbook should be at the top of your reading list.