This is my first review and this is a very rough draft. I need input, I'm still half in the dark. This is literally the first thing that spewed from my fingers, so don't hold back, give me all comments, negative or positive! Though leave grammar and spelling for the final draft, many things are bound to change anyway. [size=24][b]Linux Security Cookbook[/b][/size] [b]Author(s):[/b] Daniel J. Barrett, Richard E. Silverman & Robert G. Byrnes [b]Publisher:[/b] O'Reilly [url]http://www.oreilly.com/[/url] [b]Date Published:[/b] 2003 [b]Book Specifications:[/b] Softcover, 311 pages [b]Category:[/b] Security and System Administration [b]Publisher's Suggested User Level:[/b] Intermediate [b]Reviewer's Recommended User Level:[/b] Intermediate [b]Suggested Publisher Price:[/b] $39.95 US / $61.95 CDN / £28.50 UK [b]ISBN:[/b] 0-596-00391-9 [b]Amazon.com:[/b] Book Title US (Include /securitforums-20/) [b]Amazon.co.uk:[/b] Book Title UK (Include /securityforum-21/) [img]http://www.oreilly.com/catalog/covers/linuxsckbk.s.gif[/img] [b]Blurb from back cover:[/b] Computer security is a complex process, but our easy-to-follow recipes can help improve the security of any Linux system. Need a quick way to send encrypted email within Emacs? Want to restrict access to your network services at particular times of the day? Firewall your web server? Sniff your network? Set up public-key authentication for SSH? [i]Linux Security Cookbook[/i] reveals the exact commands and configuration-file entries to accomplish these vital tasks, one step at a time, so you don't have to wade through dozens of manpages. This book is filled with practical, security-related recipes for intermediate-level Linux users and system administrators. [size=18][b]Introduction[/b][/size] Computer security can be a daunting subject. You have to think of everything, or someone else will. If you administer any Linux systems, following the recipes in this book can avert a potential disaster. This book is for someone who's asking the question "How do I...". It's separated into chapters of related recipes which answer very specific and very small questions. The book designed so you can pick up the book, flip to a random page and begin reading; recipes can be read independently, they don't rely on anything learned from past recipes to show you how to do something. It's important to note that these recipes only skim the surface of the subject they cover, they don't even pretend to be in-depth articles. They do, however, do an excellent job of making sure you know where to get more information and always have a list of related man pages. [size=18][b]Content and Overview[/b][/size] The book is organized into nine chapters of related recipes: [b] 1. System Snapshots with Tripwire 2. Firewalls with iptables and ipchains 3. Network Access Control 4. Authentication Techniques and Infrastructures 5. Authorization Controls 6. Protecting Outgoing Network Connections 7. Protecting Files 8. Protecting Email 9. Testing and Monitoring [/b] Each chapter is composed of an introductory section which gives a broad overview of the subject then each following section is a recipe which solves a problem or accomplishes a task. The first three chapters are intended to be read entirely as they cover subjects the authors deem the most important. Each of the chapters start with the most mundane, simple tasks and progress gradually to complex, often extreme, solutions for the truly paranoid. For example, the first chapter, System Snapshots with Tripwire, starts off by showing you how to make the initial database of file attributes and progresses slowly to the creation of a bootable CDROM to run checks on your possibly compromised system safely. Many of the recipes in this book will not be needed for the average user, but since none of the following chapters will rely on the information in any of the previous, it's perfectly safe to skip or skim them. The first chapter, System Snapshots with Tripwire, will take you through the installation and configuration of Tripwire, the initial creation of tripwire's database files, and other basic tasks such as checking for alterations, updating the database and safe storage of the database and configuration files. Also covered are issues with VFAT filesystems, alternatives to tripwire using rsync and RPM, and as mentioned before, several extreme solutions for the ultra-paranoid. The second chapter covers firewalls with either iptables or ipchains. The complex syntax of these programs is handled nicely to present the needed information, and the recipes cover the most common uses for firewalls, but goes out of its way to make sure you know that the subject is broad and you should seek more information. Chapter three covers inetd and xinetd almost exclusively. Common tasks like adding or removing a service, as well as uncommon tasks like redirecting a service to another port are covered. Chapter four covers PAM, SSL and Kerberos. Chapter five covers techniques for sharing root privileges between a group of users, sharing files between users, and covers sudo nicely. Chapter six deals with SSH almost exclusively. Chapter seven covers file permissions and encryption with gpg. Chapter eight tells how to use pgp or gpg with a variety of email clients, as well as how to decrypt and authenticate signed email messages by hand. Chapter nine is the largest with 42 recipes and ranges from log watchers to snort to what you should do if you are hacked. [size=18][b]Style and Detail[/b][/size] Each section stays on topic and the recipes are short, precise and easy to follow. In-depth information is lacking, but references to in-depth information are abundant. Each recipe is broken into Problem, Solution and Discussion section and the longest are all of 3 pages. The information is quite dry, there are no cute jokes or word play as the intent is to keep the recipes short and to the point, and this works well. There are not many tips or warnings around, this helps to keep each recipe in its own small section, but there are a few page long side notes that shed a little light on some things you may be scratching your head about. There are not many tables, but there's plenty of very useful code. Plenty of stones are left unturned in the recipes, but they hit all the big ones. [size=18][b]Conclusion[/b][/size] The intent of this book is to provide solutions to common problems and tasks without digging through pages of documentation. At this, it succeeds admirably, but it could have covered more ground. Mail filtering to keep your mail server from getting hammered by Windows viruses and physical security would be a good addition. An apache section couldn't hurt either, adding and removing modules, enabling and disabling features, starting in a chroot and setting secure PHP variables would have fit perfectly. Even a section on desktop-oriented activities would have fit well, things like cookie management with common browsers and X Windows security and access control. In the end, the book is good, it does a good job at everything it covers, but it's a bit light, after I finished reading it, I was left wanting more. This book receives an honored SFDC Rating of [b]7/10[/b]. [img]http://www.security-forums.com/forum/images/ranks/globes/globes_5.gif[/img][img]http://www.security-forums.com/forum/images/ranks/globes/globes_2.gif[/img] - Michael Morin [size=1]Keywords: Linux, Security, System Administration, Review, UziMonkey[/size] [color=red][size=10]This review is copyright 2004 by the author and [i]Security-Forums Dot Com[/i], and may not be reproduced in any form in any media without the express permission of the author, or [i]Security-Forums Dot Com[/i].[/color][/size]