The following book reviews are the copyright of their respective authors and no part should be reproduced without the express permission of the author. Publishers and Authors of the books reviewed may reproduce the whole or extracts of a review for their book. To request copyright permission please email email@example.com.
All the reviews herein are the opinions of the reviewer and are not necessarily the views of Birmingham Perl Mongers and its members. If you feel a review or comment has been made in error, please contact firstname.lastname@example.org to rectify the situation.
Static Link: http://birmingham.pm.org/reviews/25
|Title:||Linux Security Cookbook|
|Author(s):||Daniel J. Barrett, Richard Silverman, Robert G. Byrnes|
This is a book of examples, each short, sometimes terse but always straight to the point. I found all recipes to be clear and easy to follow. Because of the quick short burst approach of short question 'how do I do such and such' followed by a brief and to the point answer, I found myself using the books recipes with minimum effort and very little reading. This book is a real speed tool. All of the recipes are based on Linux but some are still useful to the UNIX administrator regardless of what UNIX flavour you favour.
Tripwire is featured in the opening pages for example. This application is available to many UNIX users. Where the Linux officianado can safely, for the moment, remain smug is in the knowledge that LINUX has such excellent kernel support for firewall technologies in the form of 'ipchains' and more recently 'iptables'.
Firewalls using both iptables and ipchains are featured immediately after Tripwire. The reasons for this are obvious - start with Tripwire when you build your system and BEFORE you even connect to the Internet. Then configure your firewall. Now, connect to the net. Once your system is secured from a 'metal up' build in this manner, the text progresses to other aspects of security, building from a known base.
Local 'system security', in the form of OS file permissions and secure data encryption using GPG to mention but two categories covered give us no excuse to not to arrange for our private data to stay private. We are even encouraged to backup 'private keys' in a way that is not only safe but also easily recoverable in the event of severe system failure.
Network connections both to and from your system using hosts.allow through to SSH are explained and demonstrated very concisely and as always, by example. SSH can of course be used to do much more than just interactively open a shell to another system in a more secure manner than Telnet can. I really like one of the recipes that shows how to set up secure SSH tunnels through which you can run 'insecure' applications and protocols - plain text NNTP for example and then using tin through the tunnel to actually read News. This is easily applied to other applications - mail readers, X forwarding etc.
The book is a bit on the thin side if compared to say, the Perl Cookbook. If this is republished at a later date, it would be nice to think that the existing examples could be kept up to date and new ones added to expand this into a definitive text that no one would want to be without.
This said, I have spent far too little time writing down what I think of this book as I have been far too busy USING it. If you are in any doubt that you don't know everything there is to know on Linux Security, do not hesitate to buy this book. If you don't use Linux and are predominately a UNIX user, buy this book - it will convince you to try out Linux for it's advanced security features and to use more fully the tools already at your disposal by virtue of the Open Source movement.
I think that you are paying for this book to have lot's of very short, very well written 'how-to's'. Its a book for the very busy administrator that needs answers fast. This claim has been used by other titles I have seen in the past but few have given such comprehensive and useful information as effectively as this does.
This text is not for you though if, for example, you were to pick it up not knowing what a firewall is and expecting to learn all about iptables. To benefit from this title, you need to have a basic grounding of what such tools do, else, the ability to find out more and then return to the book to find out just 'how to' do things with them.
It is true to say that any or all of the information in this book is on line already, somewhere. That's the clinch though, rarely will you find such cogent arguments for best security practice and corresponding HowTos in one place and in such a condensed form.
- Jon Brookes, Nov 2003
We are one of the UK's largest Perl user groups, representing Birmingham UK to the international Perl community since 2000. We hold monthly social and technical presentations, and several of our members are now regular attendees and speakers at the YAPC::Europe Perl Conferences.
For further information about Birmingham.pm, please read our Frequently Asked Questions page.
For details about joining our mailing list, please Click Here for more details.
No meeting currently scheduled
14th Dec - Brum.pm Social
Download the Birmingham.pm ICalendar
or subscribe to our Google Calendar
Aberdeen Perl Mongers
Bath Perl Mongers
Birmingham Perl Mongers
Bristol Perl Mongers
Devon & Cornwall Perl Mongers
Edinburgh Perl Mongers
Glasgow Perl Mongers
London Perl Mongers
Milton Keynes Perl Mongers
North of England Perl Mongers
Nottingham Perl Mongers
Southampton Perl Mongers
Thames Valley Perl Mongers
• Linux System Programming
• Mastering Perl
• GIMP 2 for Photographers
• Minimal Perl
• Wicked Cool Perl Scripts
• Red Hat Linux 9 Unleashed
• IRC Hacks - 100 Industrial-Strength Tips & Tools
• eBay Hacks - 100 Industrial-Strength Tips & Tools
• Exploiting Software - How To Break Code
• Mac OS X Unleashed, 2nd Edition
* New Reviews
.. More Reviews