Linux System Security: The Administrator's Guide to Open Source Security Tools

This book is incredibly thorough, and up to date. For example, Red Hat Linux 7 has just come out, and does now has xinetd as a replacement for inetd. Well, you guessed it, this book has about 27 pages on xinetd! Want info on ipchains? This book has at least 50 pages on the subject! I could go on and on about this book it is so good!This book is written by experienced people, not just an author who was assigned another book to write.You will not regret buying this book!

Actually all tools described are not Linux specific and can be used for any Unix including FreeBSD and Solaris. The authors seems to know the subject and really used tools that they are writing about. For several popular tools the book provides some useful info that is difficult to find elsewhere. Pretty decent typography, although it's a little bit too academic and does not use icons on margins that IMHO simplify reading. As for the classic open security tools, the book covers PAM(36 pages), Sudo(20 pages), TCP Wrappers(24 pages), SSH(55 pages), Tripwire(24 pages), CFS and TCFS (30 pages), and ipchains.From the first reading it looks like the chapters are *not* a rehash of existing online documentation. In addition to the chapters about classic open source security tools I like chapters about logs: a chapter on syslog (Ch.8) and a chapter on log file management (Ch.17). Now about weaknesses. The chapter on Tiger is rather weak. Moreover regrettably Tiger is a legacy tool, but actually information is not completely useless -- it's not difficult to switch to another tool after one understands how Tiger works. Actually Perl is superior for writing Unix vulnerability scanners in comparison with shell. May be hardening scripts like Bastille would be a better choice for this chapter in the second edition of the book. Book is incomplete in a sense that neither Snort (or any similar intrusion detection tool), nor open source network scanners (Saint, Sara, etc.) are covered.Of course there are some typos, but generally not that many. But what is really bad is that the Prentice Hall book page currently is pretty basic with no errata or additional links. The authors do not provide a WEB site for the book.This book can probably be used for studying Unix security at universities along with somewhat outdated Practical Unix and Internet Security and this combination can somewhat compensate deficiencies of the latter (non tool oriented descriptive approach).

This is the best of the books I've seen on Linux system security. It focuses almost exclusively on freely available tools, and therefore should appeal to those poorly funded installations that use Linux because of its low cost. The authors cover many tools in the detail needed to obtain, install, and use them in an intelligent way. I was very impressed with the scope of coverage, from system policies to the use and configuration of crack, and everything in between. Although not everything within that scope can be covered in complete detail, the book also includes many useful references for additional information.Among my few complaints would be that the authors tended to present the tools within the context of a network utilizing firewalls, a DMZ, and limited service servers. In practice many installations will not be so well constructed. In fairness, the utility of the information presented was usually unaffected by the assumed architecture. Although the presentation is relatively distribution neutral, the examples and specifics referred almost exclusively to RPM based RedHat 5 and 6. I would have been interested in seeing parallel details for Debian based distributions, if for nothing else than to gain a sense of the differences that might be encountered based on packaging.

I read most every security book that is released and this one is so exceptional in quality that I felt impelled to add a review. It covers all aspects of Linux security and has tons of practical tools and techniques for achieving security. All of the techniques and installations are well-explained and very detailed. Excellent book!

Among the many other books on the shelves with similar titles, this book spans the gamut of security. No one book can claim to be "The Book" on Linux/Unix security, but this one is an essential for library of the budding "sys-admin." Aside, from the detailed instructions for plugging security holes, Mann and Mitchell explain how and why it works. I found this book very helpful.BK