Features
- Cover Type: Paperback with 992 pages
- Published by: O'Reilly Media
- Edition: 3rd Edition February 21, 2003
- Written in: English
- ISBN 10 Number: 0596003234
- ISBN 13 Number: 978-0596003234
-
Book Dimensions:
9.1 x 7 x 2 inches
- Weighs: 3 pounds
Amazon.com Review
The world's most business-critical transactions run on Unix machines, which means the machines running those transactions attract evildoers. Furthermore, a lot of those machines have Internet connections, which means it's always possible that some nefarious remote user will find a way in. The third edition of
Practical Unix & Internet Security contains--to an even greater extent than its favorably reputed ancestors--an enormous amount of accumulated wisdom about how to protect Internet-connected Unix machines from intrusion and other forms of attack. This book is fat with practical advice on specific defensive measures (to defeat known attacks) and generally wise policies (to head off as-yet-undiscovered ones).
The authors' approach to Unix security is holistic and clever; they devote as much space to security philosophy as to advice about closing TCP ports and disabling unnecessary services. They also recognize that lots of Unix machines are development platforms, and make many recommendations to consider as you design software. It's rare that you read a page in this carefully compiled book that does not impart some unusual nugget of knowledge, or remind you to implement some important policy. Plus, the authors have a style that reminds their readers that computing is supposed to be about intellectual exercise and fun, an attitude that's absent from too much of the information technology industry lately. Read this book if you use any flavor of Unix in any mission-critical situation.
--David Wall Topics covered: Security risks (and ways to limit them) under Linux, Solaris, Mac OS X, and FreeBSD. Coverage ranges from responsible system administration (including selection of usernames and logins) to intrusion detection, break-in forensics, and log analysis.
Reader Reviews
This review is from: Practical Unix and Internet Security, 2nd Edition (Paperback)
Somewhat outdated -- two years old in a very dynamic field, Rootkit is not even mentioned, Bugtraq mentioned only in supplement, etc. Far from being practical and can be used only as an introductory text in Unix security. Not recommended for Internet security (superficial and incomplete). Good style -- Simson Garfinkel of The UNIX-Haters Handbook fame is a really talented journalist (but now only a journalist, see his interview with Amazon.com). The main problem with the book is that instead of relying on tools as any Unix author should, the authors use a cookbook/reference approach giving recipes about improving security. References to important RFCs, FAQ and CERT advisories are absent. For example RFC1244 (now superseded by RTC2196) is not mentioned in index(and probably in the text as well) although Ch.2 and Ch.24 mirror its content. No attempts were made to explain what tools can be used for checking/fixing particular class of problems or to present a bigger picture in which the flaw exists. Typesetting is very primitive. Although one of the authors is a (former) programmer judging by just the book content it is difficult to believe that he is able to spell PERL :-). The book is not updated enough to compete with newer books on Internet Security. For corporate users possible alternatives are combinations of one book on Unix security (for example, Unix System Security by David A. Curry) and one book on Internet security (for example Actually Useful Internet Security Techniques by Larry J. Hughes). The last is recommended as an alternative for readers who cannot afford two books. Often books written by a specialist in particular areas can be a better deal than books from security folks. For example TCP/IP Network Administration by Craig Hunt contains a lot more information about how properly configure TCP/IP than this book and in Ch.12 has a very decent overview of security in just forty pages.
Back To Top
Search for books at
