Description
When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world. Focusing on the four most popular Unix variants today--Solaris, Mac OS X, Linux, and FreeBSD--this book contains new information on PAM (Pluggable Authentication Modules), LDAP, SMB/Samba, anti-theft technologies, embedded systems, wireless and laptop issues, forensics, intrusion detection, chroot jails, telephone scanners and firewalls, virtual and cryptographic filesystems, WebNFS, kernel security levels, outsourcing, legal issues, new Internet protocols and cryptographic algorithms, and much more. Practical Unix & Internet Security consists of six parts: * Computer security basics: introduction to security problems and solutions, Unix history and lineage, and the importance of security policies as a basic element of system security. * Security building blocks: fundamentals of Unix passwords, users, groups, the Unix filesystem, cryptography, physical security, and personnel security. * Network security: a detailed look at modem and dialup security, TCP/IP, securing individual network services, Sun's RPC, various host and network authentication systems (e.g., NIS, NIS+, and Kerberos), NFS and other filesystems, and the importance of secure programming. * Secure operations: keeping up to date in today's changing security world, backups, defending against attacks, performing integrity management, and auditing. * Handling security incidents: discovering a break-in, dealing with programmed threats and denial of service attacks, and legal aspects of computer security. * Appendixes: a comprehensive security checklist and a detailed bibliography of paper and electronic references for further reading and research. Packed with 1000 pages of helpful text, scripts, checklists, tips, and warnings, this third edition remains the definitive reference for Unix administrators and anyone who cares about protecting their systems and data from today's threats.
About the Author
Simson Garfinkel is a journalist, entrepreneur, and international authority on computer security. Garfinkel is Chief Technology Officer at Sandstorm Enterprises, a Boston-based firm that develops state-of-the-art computer security tools. Garfinkel is also a columnist for Technology Review Magazine and has written for more than 50 publications, including Computerworld, Forbes, and The New York Times. He is also the author of Database Nation, PGP: Pretty Good Privacy, and eight other books. Garfinkel earned a Master's degree in Journalism at Columbia University in 1988 and holds three undergraduate degrees from MIT. He is currently a working on his doctorate at MIT's Laboratory for Computer Science. Gene Spafford is an internationally renowned scientist and educator who has been working in areas of information security, policy, cybercrime, and software engineering for nearly two decades. He is a professor at Purdue University, and Director of CERIAS, the world's premier multidisciplinary academic center for information security and assurance. Professor Spafford and his students have pioneered a number of technologies and concepts well-known in security today, including the COPS and Tripwire tools, two-stage firewalls, and vulnerability databases. Spaf, as he is widely known, has achieved numerous professional honors recognizing his teaching, his research, and his professional service. This includes being named as a Fellow of the AAAS, the ACM, and the IEEE; receiving the National Computer Systems Security Award; receiving the William Hugh Murray Medal of the NCISSE; election to the ISSA Hall of Fame; and receiving the Charles Murphy Award at Purdue. He was named as a CISSP, honoris causa in 2000. In addition to over 100 technical reports and articles on his research, Spaf is also the coauthor of Web Security, Privacy & Commerce, and was the consulting editor for Computer Crime: A Crimefighters Handbook (both from O'Reilly). Alan Schwartz is an assistant professor of clinical decision-making in the Department of Medical Education at the University of Illinois at Chicago. He is the author of Managing Mailing Lists and the coauthor of Stopping Spam (both from O'Reilly). In his spare time, he develops and maintains the PennMUSH MUD server and brews beer and mead with his wife. As mail administrator for a number of organizations, he deals with unsolicited email on a daily basis; as the moderator of the rec.games.mud.announce USENET newsgroup, and a NoCeM issuer for rec.games.mud.admin, he gleefully fights back against netnews spam. Turn-ons for Alan include sailing, programming in Perl, playing duplicate bridge, and drinking Anchor Porter. Turn-offs include spam (obviously!) and watery American lagers.
Reviews
"It's almost impossible to criticize such a venerable work as this, and there can be little doubt that backed up by online resources, this will form a solid foundation and reference work for years to come." - Martin Howse, LinuxUser & Developer, Issue 30 "If you know nothing about Linux security, and only have time for one book, you should start with Practical Unix and Internet Security." - Charlie Stross, Linux Format, September
Book Information
ISBN 9780596003234
Author Simson Garfinkel
Format Paperback
Page Count 986
Imprint O'Reilly Media
Publisher O'Reilly Media
About the Author
Simson Garfinkel is a journalist, entrepreneur, and international authority on computer security. Garfinkel is Chief Technology Officer at Sandstorm Enterprises, a Boston-based firm that develops state-of-the-art computer security tools. Garfinkel is also a columnist for Technology Review Magazine and has written for more than 50 publications, including Computerworld, Forbes, and The New York Times. He is also the author of Database Nation, PGP: Pretty Good Privacy, and eight other books. Garfinkel earned a Master's degree in Journalism at Columbia University in 1988 and holds three undergraduate degrees from MIT. He is currently a working on his doctorate at MIT's Laboratory for Computer Science. Gene Spafford is an internationally renowned scientist and educator who has been working in areas of information security, policy, cybercrime, and software engineering for nearly two decades. He is a professor at Purdue University, and Director of CERIAS, the world's premier multidisciplinary academic center for information security and assurance. Professor Spafford and his students have pioneered a number of technologies and concepts well-known in security today, including the COPS and Tripwire tools, two-stage firewalls, and vulnerability databases. Spaf, as he is widely known, has achieved numerous professional honors recognizing his teaching, his research, and his professional service. This includes being named as a Fellow of the AAAS, the ACM, and the IEEE; receiving the National Computer Systems Security Award; receiving the William Hugh Murray Medal of the NCISSE; election to the ISSA Hall of Fame; and receiving the Charles Murphy Award at Purdue. He was named as a CISSP, honoris causa in 2000. In addition to over 100 technical reports and articles on his research, Spaf is also the coauthor of Web Security, Privacy & Commerce, and was the consulting editor for Computer Crime: A Crimefighters Handbook (both from O'Reilly). Alan Schwartz is an assistant professor of clinical decision-making in the Department of Medical Education at the University of Illinois at Chicago. He is the author of Managing Mailing Lists and the coauthor of Stopping Spam (both from O'Reilly). In his spare time, he develops and maintains the PennMUSH MUD server and brews beer and mead with his wife. As mail administrator for a number of organizations, he deals with unsolicited email on a daily basis; as the moderator of the rec.games.mud.announce USENET newsgroup, and a NoCeM issuer for rec.games.mud.admin, he gleefully fights back against netnews spam. Turn-ons for Alan include sailing, programming in Perl, playing duplicate bridge, and drinking Anchor Porter. Turn-offs include spam (obviously!) and watery American lagers.
Reviews
"It's almost impossible to criticize such a venerable work as this, and there can be little doubt that backed up by online resources, this will form a solid foundation and reference work for years to come." - Martin Howse, LinuxUser & Developer, Issue 30 "If you know nothing about Linux security, and only have time for one book, you should start with Practical Unix and Internet Security." - Charlie Stross, Linux Format, September
Book Information
ISBN 9780596003234
Author Simson Garfinkel
Format Paperback
Page Count 986
Imprint O'Reilly Media
Publisher O'Reilly Media
