Computer security is an ongoing process, a relentless contest
between system administrators and intruders. A good administrator
needs to stay one step ahead of any adversaries, which often
involves a continuing process of education. If you're grounded
in the basics of security, however, you won't necessarily want
a complete treatise on the subject each time you pick up a book.
Sometimes you want to get straight to the point. That's exactly
what the new Linux Security Cookbook does. Rather than provide a
total security solution for Linux computers, the authors present a
series of easy-to-follow recipes--short, focused pieces of code
that administrators can use to improve security and perform common
The Linux Security Cookbook includes real solutions to a wide range
of targeted problems, such as sending encrypted email within Emacs,
restricting access to network services at particular times of day,
firewalling a webserver, preventing IP spoofing, setting up
key-based SSH authentication, and much more. With over 150
ready-to-use scripts and configuration files, this unique book
helps administrators secure their systems without having to look up
specific syntax. The book begins with recipes devised to establish
a secure system, then moves on to secure day-to-day practices, and
concludes with techniques to help your system stay secure.
Some of the "recipes" you'll find in this book are:
Controlling access to your system from firewalls down to individual
services, using iptables, ipchains, xinetd, inetd, and more
Monitoring your network with tcpdump, dsniff, netstat, and other
tools Protecting network connections with Secure Shell (SSH) and
stunnel Safeguarding email sessions with Secure Sockets Layer (SSL)
Encrypting files and email messages with GnuPG Probing your own
security with password crackers, nmap, and handy scripts.
This cookbook's proven techniques are derived from hard-won
experience. Whether you're responsible for security on a home
Linux system or for a large corporation, or somewhere in between,
you'll find valuable, to-the-point, practical recipes for
dealing with everyday security issues. This book is a system saver.
"I really enjoyed this book. I think my machine is more secure than before I read this book. The advice is good and pitched at, for me, the right level. References were up-to-date ad far as I could see. I would certainly recommend this book to anyone wanting to secure, or test the esisting security, of a Linux system." - Mick Farmer, Linux Security Cookbook - news@UK, September 2003
Dan Barrett has been immersed in Internet technology since 1985. Currently working as a software engineer, Dan has also been a heavy metal singer, Unix system administrator, university lecturer, web designer, and humorist. He is the author of O'Reilly's Linux Pocket Guide, and he is the coauthor of Linux Security Cookbook, and SSH, The Secure Shell: The Definitive Guide. He also writes monthly columns for Compute! and Keyboard Magazine, and articles for the O'Reilly Network.
Robert G. Byrnes, Ph.D., has been hacking on Unix systems for twenty years, and has been involved with security issues since the original Internet worm was launched from Cornell University, while he was a graduate student and system administrator. He is currently a software engineer at Curl Corporation, and has worked in the fields of networking, telecommunications, distributed computing, financial technology, and condensed matter physics.
Richard E. Silverman has a B.A. in computer science and an M.A. in pure mathematics. Richard has worked in the fields of networking, formal methods in software development, public-key infrastructure, routing security, and Unix systems administration. He is the co-author of SSH, The Secure Shell: The Definitive Guide.