Practical Unix and Internet Security

The second edition of this book was my security vade mecum for the last 8 years. For what I can foresee, this third edition, will play the same role for (at least) the next three years.When you are required as an security expert, several tasks are usually to be faced: New scenarios to analyze?, checklists to recommend?, good firewall architectures to suggest?, logs to watch? (and so on). Don't worry, with the only help of this Garfinkel, Spafford and Schwartz 'little giant' book, you are done.Excellent book. A Must for security people.

If you have anything to do with network administration, security or management, this is a "must read" book. Common (and not-so-common) security situations are explained clearly, with good background and examples. Even the most basic sysadmin to the haughtiest guru can learn something from this book.

The best beginners guide to UNIX security and computer security in general I have ever read. In fact the only technical book I have read and enjoyed! This book explains first principles in computer security in an understandable way. This is particularly useful for computer auditors, who may not be technically competent in UNIX. I used this book to develop security audit programs for backup and recovery, incident management, basic UNIX security review and risk management. Consequently I was haled as a hero and a guru by management! New computer auditors should buy this now!

This is a superb discussion of networked-system security, in general. It doesn't pretend to be an up-to-the-minute shopping list of security flaws: that job is better left to web sites. Instead, the text educates readers with a conceptual idea of Computer Security that can be applied successfully to existing systems, and to systems not yet built. It's exactly the sort of educational value that we'd expect from simsong and spaf.But it does go beyond theoretical education, to explain with great clarity fundamental issues in system security. Covering everything from physical security to filesystem quirks, this tome is fascinating in its scope. I have found the special section on writing solid network applications (CGI programs, and the like) to be of great value.In short, this book provides the Common Body of Knowledge in computer security. Start here, and you'll have the basis for a comprehensive understanding of related issues -- one that transcends the individual bugs to see the bigger picture.

This book is the textbook for a UNIX and Network Security course given by Victor Hazelwood at the San Diego Supercomputer Center. It presents important and immediate security issues a UNIX System Administrator or IT manager must face, and clearly shows how to protect your systems from unwanted intrusion. Worth having for the security references alone. This is a MUST HAVE reference for ALL UNIX System Administrators.