Loading
Hardening Linux by John Terpstra, Paul Love, Ronald P. Reck and Tim Scanlon
A lot of good advice for novice administrators, plus a few tips and tricks for more advanced users.
Hardening Linux sets out to show average users how to secure a Linux server or desktop in a step-by-step manner. From the outset the book assumes you have installed a Red Hat or SuSE Linux server product. Users of other flavors of Linux need not fret, though; they still can implement the security suggestions in the book.
The bulk of the book is spent describing how to implement preventive measures to avoid being attacked. The first step is to secure all networking before connecting to the Internet. The rest of the book goes about installing and configuring firewalls, logging and monitoring tools, encrypted filesystems and so on. The information presented is well detailed, and screenshots are provided when needed.
In a number of instances, however, the authors don't seem to respect the reader's intelligence; as a result, the information sometimes seems a little too dumbed down. I suppose more information is better than less, though. Many example configurations are included, such as one for the iptables firewall. However, configuration files are not provided on-line or on a CD, which means readers have to type them in manually.
The book is littered with tips and tricks for discovering whether your system has been attacked and what to do if it has been. Thanks to the book, I now am able to understand better a lot of the log files on my server. I also implemented a much tighter firewall scheme. My configuration is trimmer now, because I have removed unnecessary services and software, as recommended in the book. Overall, I am much happier with the security of my server.
The material in Hardening Linux is tailored to a corporate environment, and two chapters are devoted to working with management to implement and enforce a security policy. Almost all chapters remind you of costs and real-world concerns.
Hardening Linux is a good, comprehensive book, but like a lot of technical books, it may suffer from a short shelf life because it focuses on two specific distributions, Red Hat Enterprise and SuSE. I would recommend this book to a novice administrator who would like to learn how to deal with the gamut of confusing and overwhelming security issues. However, an advanced administrator also would benefit by discovering new ways of securing Linux and making sure all bases are covered.
______________________
- Fun with ethtool
- Parallel Programming with NVIDIA CUDA
- 100% disappointed with the decision to go all digital.
- Readers' Choice Awards 2011
- Linux-Based X Terminals with XDMCP
- Validate an E-Mail Address with PHP, the Right Way
- You Need A Budget
- Why Python?
- The Linux powered LAN Gaming House
- Python for Android
- BeOS was the best
49 min 34 sec ago - I use Wireshark on a daily
5 hours 20 min ago - buena información
10 hours 26 min ago - One important "bucket" that I didn't note (désolé si qqun deja d
11 hours 27 min ago - Gnome3 is such a POS. No one
20 hours 54 min ago - Gnome 3 is the biggest POS
21 hours 5 min ago - I didn't knew this thing by
1 day 3 hours ago - Author's reply
1 day 6 hours ago - Link to modlys
1 day 7 hours ago - I use YNAB because of the
1 day 7 hours ago
Comments
Hardening Grammer?
I bought this book thinking that it would be a good tool for mid-level administration of security. What I got was low to mid-level which I am not even complaining about. I found the subject matter and execution of the book to be fairly effective BUT what I am totally disappointed about is the fact that the editor (if you can even call him that) did one of the grossest editing jobs on a professional release I have ever come across. I have seen traslated texts done better. There are four grammatical errors on the first page of the foreward alone! Please keep in mind that I am not simply talking about a missed comma and such. I am referring to errors that litterally make the reading of the text difficult from time to time. I haven't yet had a chance to implement any of the code in the book but I sure hope that whomever edited the text of the book didn't edit the code or everything will have an exit code above 3! Maybe I am being overly critical but I seriously doubt it. Are the days of one expecting to get a professional book release with proper grammer in it gone? I sure hope that our standards haven't sunk to that level.../peter
News flash
The word 'grammer' is actually spelled 'grammar'.
Hardening Linux - Kernel Suggestions
I disagree with the author's suggestion of a prebuilt kernel is more secure than compiling it yourself. I can see his point, but as an administrator, I want to know what is compiled in my kernel. By compiling your own kernel, then you know what you have and what you don't. Its very obvious that this book is for the extreme Linux novice, but it didn't merit a purchase for me. Much of the suggestions are obvious for the experienced.
prebuilt/custom kernels
> I can see his point, but as an administrator, I want to know what is compiled in my kernel. By compiling your own kernel, then you know what you have and what you don't.
? How is this different than just examining the .config file (or doing make menuconfig) and seeing what's in that prebuilt kernel? How is one different than the other so far as knowing what's inside?
oh bless you great guru of co
oh bless you great guru of computer wisdom
You guys are all retards.
You guys are all retards. It's just a book. Get over it.