Linux (Hacking Exposed)
By admin • Nov 3rd, 2008 • Category: Uncategorized •
•
Linux (Hacking Exposed)
Linux (Hacking Exposed)
By Brian Hatch, James B. Lee, George Kurtz
Publisher: Osborne/McGraw-Hill
Number Of Pages: 566
Publication Date: 2001-03-27
ISBN-10 / ASIN: 0072127732
ISBN-13 / EAN: 9780072127737
Binding: Paperback
Tighten holes and maintain security on your Linux system!From one of the authors of the international best-seller, Hacking Exposed: Network Security Secrets & Solutions, comes a must-have security handbook for anyone running Linux. This cutting-edge volume shows you how to think like a Linux hacker in order to beat the Linux hacker. You’ll get detailed information on Linux-specific hacks, both internal and external, and how to stop them.
Amazon.com Review:
“Throw up a Linux box,” comes the chorus whenever there’s a need to provide some network service or other without impinging upon the boss’s martini budget. Fair enough, but by doing so are you opening security holes you don’t know how to find or fix? The newest edition of Hacking Linux Exposed helps you answer that question and solve many of the security problems you find. To a certain extent this book is a recipe collection in that it describes weaknesses in Linux (calling attention to specific distributions where appropriate). The authors stop short of explicitly showing you how to wage most kinds of attacks, a reasonable thing to do from an ethical point of view even though the instructions can be found easily on the Internet. Rather than do that, they give step-by-step instructions on how to defend against the attacks they catalog. The point is not, “Here’s precisely how to bring down a server by means of an ACK storm,” but rather, “Here’s how to defend against such problems.” They do demonstrate plenty of weaknesses, though, as in their coverage of the conversation that goes back and forth between an FTP server and its client.
This book covers pretty much everything you’d want to do with a Linux machine as a network server. Read it and see some of the weaknesses in your system–and do something about them before someone else does. –David Wall
Topics covered: Security best practices, approached from the perspective of what can go wrong and what can be done about the problems. Specific coverage goes to all major services, including user management, FTP, HTTP, and firewalling.
Summary: Ding, Ding, We have a winner.
Rating: 5
First, this book does _NOT_ have a installation walk through…YES!!!
You will not find another book this comprehensive in the length in HLE has accomplished. i found the book to be on point, and not overdrawn on any specific topic. The authors usage of gender is something of a mystery aswell. For the first 10 chapters or so the cracker is a woman, then in later chapters it becomes a man, then in even later chapters a woman, then back to a man :-).
i found the book to be very well written, it feels like a very good naration. There is only a few plugs of direct humor (1 about using word for the publisher, another about the shortest sentence using all letters) but these few are lightening.
Technically this book is sound. it does very good in keeping the basics of security alive through the book (chattr i, only use what you need, upgrade, etc…). This is very helpful to a beginer for reinforced learning. The software packages it mentions for firewalls, logging, etc. are very nice and descriptive.
All around great book. BTW, did i mention that is does _NOT_ cover a Linux installation from CD/DVD? That alone should be enough to buy it.
Summary: Must-Read Info For Linux Admins
Rating: 5
The Hacking Exposed books have set the bar for this genre of security book. Hacking Linux Exposed - 2nd Edition doesn’t fail in meeting that bar as well. If you’ve read Hacking Exposed - 4th Edition and think this book can’t tell you anything you don’t already know- think again. For those who administer Linux boxes this book provides an in-depth look at specific hacks and vulnerabilities unique to the Linux operating system and the accompanying fixes and workarounds to protect yourself. The book is overflowing with examples and sample commands that users can immediately put to use to better understand the risks and how to mitigate them. Hacking Exposed is a must-read for security- this book is a must-read for Linux security.
(…)
Summary: Don’t have this book? You’re BEGGING for trouble…
Rating: 5
When I first starting using Linux systems and putting them online I had NO idea what sort of grief I was in for. The reason for that grief: I had NO clue how to ‘harden’ a system or what that term even meant. By not knowing that I put up systems that were quickly exploited by script kiddies and SPAM houses looking for open relays to use for SPAM and for ‘zombies’ to use in Distributed Denial of Service (DDoS) attacks. I bought this book, read it, and haven’t had those problems since. If you are going to do *anything* with Linux on the internet then GET THIS BOOK NOW. Unless, of course, you *want* to have your computers destroyed on a weekly basis…
Summary: The best hands-on Linux security book just got better
Rating: 5
I’m a big fan of the Hacking Exposed style of writing. All offensive theory is backed up by command line examples, followed by defensive countermeasures. Hacking Exposed: Linux, 2nd Ed (HE:L2E) follows this tradition, updating the content of the first edition and adding 200 pages of new content. Although I reviewed the first edition in Sep 01, reading the second edition reminded me of the challenges posed by securely configuring and deploying Linux systems.
The best way to learn while reading HE:L2E is to try the sample commands. I also recommend visiting the links mentioned and installing many of the tools described by the authors. I found programs like raccess, nsat (ch. 3), sslsniff (ch. 7), nstx, and httptunnel (ch. 15) particularly interesting from an attacker’s point of view. From a system administration standpoint, coverage of passlogd (ch. 2), lilo and grub (ch. 5), and X (ch. 6) were very helpful.
The authors share many novel ways to abuse Linux systems, but counter those exploits with little-known features or third-party tools. I never knew I could use bash’s HISTCONTROL feature to selectively remove entries from shell history files. HE:L2E goes the extra mile to help secure your system, such as including sample C code in ch. 13 to allow one to compile TCP Wrappers support into one’s own programs. Other clear, concise defensive measures were introduced in excellent chapters on keeping the kernel and packages current (appendix B) and pro-active security measures (ch. 2). The last appendix gives a short yet powerful description of the damage an intruder can perform, showing how he hid unauthorized programs and how those programs were discovered.
If you use Linux, you’ll find HE:L2E indispensable. I even applied many of the tools and techniques to my FreeBSD system, showing that that good security advice can be a cross-platform endeavor.
Summary: Great book.
Rating: 5
I just finished going through the entire book line by line. I am extreemly new to Linux and security, and this book made it all very clear. I only wish I realized that there was a second edition out when I bought this one. Everything in this original edition was still completely correct and appropriate, three years later.
Please Login or Register to read the rest of this content.
Related Posts
