When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world.Focusing on the four most popular Unix variants today--Solaris, Mac OS X, Linux, and FreeBSD--this book contains new information on PAM (Pluggable Authentication Modules), LDAP, SMB/Samba, anti-theft technologies, embedded systems, wireless and laptop issues, forensics, intrusion detection, chroot jails, telephone scanners and firewalls, virtual and cryptographic filesystems, WebNFS, kernel security levels, outsourcing, legal issues, new Internet protocols and cryptographic algorithms, and much more.Practical Unix & Internet Security consists of six parts: Computer security basics: introduction to security problems and solutions, Unix history and lineage, and the importance of security policies as a basic element of system security. Security building blocks: fundamentals of Unix passwords, users, groups, the Unix filesystem, cryptography, physical security, and personnel security. Network security: a detailed look at modem and dialup security, TCP/IP, securing individual network services, Sun's RPC, various host and network authentication systems (e.g., NIS, NIS+, and Kerberos), NFS and other filesystems, and the importance of secure programming. Secure operations: keeping up to date in today's changing security world, backups, defending against attacks, performing integrity management, and auditing. Handling security incidents: discovering a break-in, dealing with programmed threats and denial of service attacks, and legal aspects of computer security. Appendixes: a comprehensive security checklist and a detailed bibliography of paper and electronic references for further reading and research. Packed with 1000 pages of helpful text, scripts, checklists, tips, and warnings, this third edition remains the definitive reference for Unix administrators and anyone who cares about protecting their systems and data from today's threats.
How secure is your network? The best way to find out is to attack it, using the same tactics attackers employ to identify and exploit weaknesses. With the third edition of this practical book, you’ll learn how to perform network-based penetration testing in a structured manner. Security expert Chris McNab demonstrates common vulnerabilities, and the steps you can take to identify them in your environment. System complexity and attack surfaces continue to grow. This book provides a process to help you mitigate risks posed to your network. Each chapter includes a checklist summarizing attacker techniques, along with effective countermeasures you can use immediately. Learn how to effectively test system components, including: Common services such as SSH, FTP, Kerberos, SNMP, and LDAP Microsoft services, including NetBIOS, SMB, RPC, and RDP SMTP, POP3, and IMAP email services IPsec and PPTP services that provide secure network access TLS protocols and features providing transport security Web server software, including Microsoft IIS, Apache, and Nginx Frameworks including Rails, Django, Microsoft ASP.NET, and PHP Database servers, storage protocols, and distributed key-value stores
"Essential System Administration,3rd Edition is the definitive guide for Unix system administration, covering all the fundamental and essential tasks required to run such divergent Unix systems as AIX, FreeBSD, HP-UX, Linux, Solaris, Tru64 and more. "Essential System Administration provides a clear, concise, practical guide to the real-world issues that anyone responsible for a Unix system faces daily. The new edition of this indispensable reference has been fully updated for all the latest operating systems. Even more importantly, it has been extensively revised and expanded to consider the current system administrative topics that administrators need most. "Essential System Administration,3rd Edition covers: DHCP, USB devices, the latest automation tools, SNMP and network management, LDAP, PAM, and recent security tools and techniques. "Essential System Administration is comprehensive. But what has made this book the guide system administrators turn to over and over again is not just the sheer volume of valuable information it provides, but the clear, useful way the information is presented. It discusses the underlying higher-level concepts, but it also provides the details of the procedures needed to carry them out. It is not organized around the features of the Unix operating system, but around the various facets of a system administrator's job. It describes all the usual administrative tools that Unix provides, but it also shows how to use them intelligently and efficiently. Whether you use a standalone Unix system, routinely provide administrative support for a larger shared system, or just want an understanding of basic administrative functions, "Essential SystemAdministration is for you. This comprehensive and invaluable book combines the author's years of practical experience with technical expertise to help you manage Unix systems as productively and painlessly as possible.
By its very nature, Unix is a " power tools " environment. Even beginning Unix users quickly grasp that immense power exists in shell programming, aliases and history mechanisms, and various editing tools. Nonetheless, few users ever really master the power available to them with Unix. There is just too much to learn! Unix Power Tools, Third Edition, literally contains thousands of tips, scripts, and techniques that make using Unix easier, more effective, and even more fun. This book is organized into hundreds of short articles with plenty of references to other sections that keep you flipping from new article to new article. You'll find the book hard to put down as you uncover one interesting tip after another. With the growing popularity of Linux and the advent of Mac OS X, Unix has metamorphosed into something new and exciting. With Unix no longer perceived as a difficult operating system, more and more users are discovering its advantages for the first time. The latest edition of this best-selling favorite is loaded with advice about almost every aspect of Unix, covering all the new technologies that users need to know. In addition to vital information on Linux, Mac OS X, and BSD, Unix Power Tools, Third Edition, now offers more coverage of bcash, zsh, and new shells, along with discussions about modern utilities and applications. Several sections focus on security and Internet access, and there is a new chapter on access to Unix from Windows, addressing the heterogeneous nature of systems today. You'll also find expanded coverage of software installation and packaging, as well as basic information on Perl and Python. The book's accompanying web site provides some of the best software available to Unix users, which you can download and add to your own set of power tools. Whether you are a newcomer or a Unix power user, you'll find yourself thumbing through the gold mine of information in this new edition of Unix Power Tools to add to your store of knowledge. Want to try something new? Check this book first, and you're sure to find a tip or trick that will prevent you from learning things the hard way.
UNIX: The Textbook, Third Edition provides a comprehensive introduction to the modern, twenty-first-century UNIX operating system. The book deploys PC-BSD and Solaris, representative systems of the major branches of the UNIX family, to illustrate the key concepts. It covers many topics not covered in older, more traditional textbook approaches, such as Python, UNIX System Programming from basics to socket-based network programming using the client-server paradigm, the Zettabyte File System (ZFS), and the highly developed X Windows-based KDE and Gnome GUI desktop environments. The third edition has been fully updated and expanded, with extensive revisions throughout. It features a new tutorial chapter on the Python programming language and its use in UNIX, as well as a complete tutorial on the git command with Github. It includes four new chapters on UNIX system programming and the UNIX API, which describe the use of the UNIX system call interface for file processing, process management, signal handling, interprocess communication (using pipes, FIFOs, and sockets), extensive coverage of internetworking with UNIX TCP/IP using the client-server software, and considerations for the design and implementation of production-quality client-server software using iterative and concurrent servers. It also includes new chapters on UNIX system administration, ZFS, and container virtualization methodologies using iocage, Solaris Jails, and VirtualBox. Utilizing the authors’ almost 65 years of practical teaching experience at the college level, this textbook presents well-thought-out sequencing of old and new topics, well-developed and timely lessons, a Github site containing all of the code in the book plus exercise solutions, and homework exercises/problems synchronized with the didactic sequencing of chapters in the book. With the exception of four chapters on system programming, the book can be used very successfully by a complete novice, as well as by an experienced UNIX system user, in both an informal and formal learning environment. The book may be used in several computer science and information technology courses, including UNIX for beginners and advanced users, shell and Python scripting, UNIX system programming, UNIX network programming, and UNIX system administration. It may also be used as a companion to the undergraduate and graduate level courses on operating system concepts and principles.
OpenBSD is widely used as the basis for critical DNS servers, routers, firewalls, and more. With this book, you'll learn the intricacies of the platform, the technical details behind certain design decisions, and best practices. This edition has been updated for OpenBSD 5.3, including new coverage of OpenBSD's boot system, security features like W^X and ProPolice, and advanced networking techniques. You'll also learn how to: manage network traffic with VLANs, trunks, IPv6, and the PF packet filter; make software management quick and effective using the ports and packages system; give users only the access they need with groups, sudo, and chroots; configure OpenBSD's secure implementations of SNMP, DHCP, NTP, hardware sensors, and more; and customize the installation and upgrade processes for your network and hardware, or build a custom OpenBSD release.
O'Reilly's bestselling book on Linux's bash shell is at it again. Now that Linux is an established player both as a server and on the desktop Learning the bash Shell has been updated and refreshed to account for all the latest changes. Indeed, this third edition serves as the most valuable guide yet to the bash shell.As any good programmer knows, the first thing users of the Linux operating system come face to face with is the shell the UNIX term for a user interface to the system. In other words, it's what lets you communicate with the computer via the keyboard and display. Mastering the bash shell might sound fairly simple but it isn't. In truth, there are many complexities that need careful explanation, which is just what Learning the bash Shell provides.If you are new to shell programming, the book provides an excellent introduction, covering everything from the most basic to the most advanced features. And if you've been writing shell scripts for years, it offers a great way to find out what the new shell offers. Learning the bash Shell is also full of practical examples of shell commands and programs that will make everyday use of Linux that much easier. With this book, programmers will learn: How to install bash as your login shell The basics of interactive shell use, including UNIX file and directory structures, standard I/O, and background jobs Command line editing, history substitution, and key bindings How to customize your shell environment without programming The nuts and bolts of basic shell programming, flow control structures, command-line options and typed variables Process handling, from job control to processes, coroutines and subshells Debugging techniques, such as trace and verbose modes Techniques for implementing system-wide shell customization and features related to system security
Author: Elizabeth D. Zwicky,Simon Cooper,D. Brent Chapman
Publisher: "O'Reilly Media, Inc."
The Most Complete, Easy-to-Follow Guide to Ubuntu Linux The #1 Ubuntu server resource, fully updated for Ubuntu 10.4 (Lucid Lynx)-the Long Term Support (LTS) release many companies will rely on for years! Updated JumpStarts help you set up Samba, Apache, Mail, FTP, NIS, OpenSSH, DNS, and other complex servers in minutes Hundreds of up-to-date examples, plus comprehensive indexes that deliver instant access to answers you can trust Mark Sobell's A Practical Guide to Ubuntu Linux®, Third Edition, is the most thorough and up-to-date reference to installing, configuring, and working with Ubuntu, and also offers comprehensive coverage of servers--critical for anybody interested in unleashing the full power of Ubuntu. This edition has been fully updated for Ubuntu 10.04 (Lucid Lynx), a milestone Long Term Support (LTS) release, which Canonical will support on desktops until 2013 and on servers until 2015. Sobell walks you through every essential feature and technique, from installing Ubuntu to working with GNOME, Samba, exim4, Apache, DNS, NIS, LDAP, g ufw, firestarter, iptables, even Perl scripting. His exceptionally clear explanations demystify everything from networking to security. You'll find full chapters on running Ubuntu from the command line and desktop (GUI), administrating systems, setting up networks and Internet servers, and much more. Fully updated JumpStart sections help you get complex servers running--often in as little as five minutes. Sobell draws on his immense Linux knowledge to explain both the "hows" and the "whys" of Ubuntu. He's taught hundreds of thousands of readers and never forgets what it's like to be new to Linux. Whether you're a user, administrator, or programmer, you'll find everything you need here--now, and for many years to come. The world's most practical Ubuntu Linux book is now even more useful! This book delivers Hundreds of easy-to-use Ubuntu examples Important networking coverage, including DNS, NFS, and Cacti Coverage of crucial Ubuntu topics such as sudo and the Upstart init daemon More detailed, usable coverage of Internet server configuration, including Apache (Web) and exim4 (email) servers State-of-the-art security techniques, including up-to-date firewall setup techniques using gufw and iptables, and a full chapter on OpenSSH A complete introduction to Perl scripting for automated administration Deeper coverage of essential admin tasks-from managing users to CUPS printing, configuring LANs to building a kernel Complete instructions on keeping Ubuntu systems up-to-date using aptitude, Synaptic, and the Software Sources window And much more...including a 500+ term glossary Includes DVD! Get the full version of Lucid Lynx, the latest Ubuntu LTS release!
Computer and Information Security Handbook, Third Edition, provides the most current and complete reference on computer security available in one volume. The book offers deep coverage of an extremely wide range of issues in computer and cybersecurity theory, applications, and best practices, offering the latest insights into established and emerging technologies and advancements. With new parts devoted to such current topics as Cloud Security, Cyber-Physical Security, and Critical Infrastructure Security, the book now has 100 chapters written by leading experts in their fields, as well as 12 updated appendices and an expanded glossary. It continues its successful format of offering problem-solving techniques that use real-life case studies, checklists, hands-on exercises, question and answers, and summaries. Chapters new to this edition include such timely topics as Cyber Warfare, Endpoint Security, Ethical Hacking, Internet of Things Security, Nanoscale Networking and Communications Security, Social Engineering, System Forensics, Wireless Sensor Network Security, Verifying User and Host Identity, Detecting System Intrusions, Insider Threats, Security Certification and Standards Implementation, Metadata Forensics, Hard Drive Imaging, Context-Aware Multi-Factor Authentication, Cloud Security, Protecting Virtual Infrastructure, Penetration Testing, and much more. Written by leaders in the field Comprehensive and up-to-date coverage of the latest security technologies, issues, and best practices Presents methods for analysis, along with problem-solving techniques for implementing practical solutions
Steven Pritchard,Bruno Gomes Pessanha,Nicolai Langfeldt,James Stanger,Jeff Dean
Author: Steven Pritchard,Bruno Gomes Pessanha,Nicolai Langfeldt,James Stanger,Jeff Dean
Publisher: "O'Reilly Media, Inc."
LPI Linux Certification in a Nutshell,Second Edition is an invaluable resource for determining what you needto practice to pass the Linux Professional Institute exams. This bookwill helpyou determine when you're ready to take the exams, which aretechnically challenging and designed to reflect the skills thatadministrators needin real working environments. As more corporations adopt Linux as the networking backbone for theirIT systems, the demand for certified technicians will becomeeven greater. Passing the LPI exams will broaden your career optionsbecause the LPICis the most widely known and respected Linux certification program intheworld. Linux Journal recognized the LPI as the bestTraining andCertification Program. The exams were developed by the LinuxProfessional Institute,an international, volunteer-driven organization with affiliates in adozen countries. The core LPI exams cover two levels. Level 1 tests a basic knowledge ofLinux installation, configuration, and command-lineskills. Level 2 goes into much more depth regarding systemtroubleshooting andnetwork services such as email and the Web. The second edition of LPILinuxCertification in a Nutshell is a thoroughly researchedreference to these exams. The book is divided into four parts, one foreach of theLPI exams. Each part features not only a summary of the core skills youneed, but sample exercises and test questions, along with helpful hintsto letyou focus your energies. Major topics include: GNU and Unix commands Linux installation and package management Devices, filesystems, and kernel configuration Text editing, processing, and printing The X Window System Networking fundamentals and troubleshooting Security, including intrusion detection, SSH, Kerberos, andmore DNS, DHCP, file sharing, and other networking infrastructure Email, FTP, and Web services Praise for the first edition: "Although O'Reilly's Nutshell series are intended as 'DesktopReference' manuals, I have to recommend this one as a goodall-round read; not only as a primer for LPI certification, but as anexcellent introductory text on GNU/Linux. In all, this is a valuableaddition toO'Reilly's already packed stable of Linux titles and I look forward tomore from the author."--First Monday
This text moves away from the 'multi-level' security approach to compare and evaluate design alternatives in computer security. It provides technology-proof insights, and covers the technical issues of computer security in the network environment.
Author: Evi Nemeth,Garth Snyder,Scott Seebass,Trent Hein
Publisher: Pearson Education
Now covers Red Hat Linux! Written by Evi Nemeth, Garth Snyder, Scott Seebass, and Trent R. Hein with Adam Boggs, Rob Braun, Ned McClain, Dan Crawl, Lynda McGinley, and Todd Miller "This is not a nice, neat book for a nice, clean world. It's a nasty book for a nasty world. This is a book for the rest of us." –Eric Allman and Marshall Kirk McKusick "I am pleased to welcome Linux to the UNIX System Administration Handbook!" –Linus Torvalds, Transmeta "This book is most welcome!" –Dennis Ritchie, AT&T Bell Laboratories This new edition of the world's most comprehensive guide to UNIX system administration is an ideal tutorial for those new to administration and an invaluable reference for experienced professionals. The third edition has been expanded to include "direct from the frontlines" coverage of Red Hat Linux. UNIX System Administration Handbook describes every aspect of system administration–from basic topics to UNIX esoterica–and provides explicit coverage of four popular UNIX systems: This book stresses a practical approach to system administration. It's packed with war stories and pragmatic advice, not just theory and watered-down restatements of the manuals. Difficult subjects such as sendmail, kernel building, and DNS configuration are tackled head-on. Examples are provided for all four versions of UNIX and are drawn from real-life systems–warts and all. "This book is where I turn first when I have system administration questions. It is truly a wonderful resource and always within reach of my terminal." –W. Richard Stevens, author of numerous books on UNIX and TCP/IP "This is a comprehensive guide to the care and feeding of UNIX systems. The authors present the facts along with seasoned advice and numerous real-world examples. Their perspective on the variations among systems is valuable for anyone who runs a heterogeneous computing facility." –Pat Parseghian, Transmeta "We noticed your book on the staff recommendations shelf at our local bookstore: 'Very clear, a masterful interpretation of the subject.' We were most impressed, until we noticed that the same staff member had also recommended Aunt Bea's Mayberry Cookbook." –Shannon Bloomstran, history teacher
Everything you need to know about modern network attacks and defense, in one book Clearly explains core network security concepts, challenges, technologies, and skills Thoroughly updated for the latest attacks and countermeasures The perfect beginner’s guide for anyone interested in a network security career ¿ Security is the IT industry’s hottest topic–and that’s where the hottest opportunities are, too. Organizations desperately need professionals who can help them safeguard against the most sophisticated attacks ever created–attacks from well-funded global criminal syndicates, and even governments. ¿ Today, security begins with defending the organizational network. Network Defense and Countermeasures, Second Edition is today’s most complete, easy-to-understand introduction to modern network attacks and their effective defense. From malware and DDoS attacks to firewalls and encryption, Chuck Easttom blends theoretical foundations with up-to-the-minute best-practice techniques. Starting with the absolute basics, he discusses crucial topics many security books overlook, including the emergence of network-based espionage and terrorism. ¿ If you have a basic understanding of networks, that’s all the background you’ll need to succeed with this book: no math or advanced computer science is required. You’ll find projects, questions, exercises, case studies, links to expert resources, and a complete glossary–all designed to deepen your understanding and prepare you to defend real-world networks. ¿ Learn how to Understand essential network security concepts, challenges, and careers Learn how modern attacks work Discover how firewalls, intrusion detection systems (IDS), and virtual private networks (VPNs) combine to protect modern networks Select the right security technologies for any network environment Use encryption to protect information Harden Windows and Linux systems and keep them patched Securely configure web browsers to resist attacks Defend against malware Define practical, enforceable security policies Use the “6 Ps” to assess technical and human aspects of system security Detect and fix system vulnerability Apply proven security standards and models, including Orange Book, Common Criteria, and Bell-LaPadula Ensure physical security and prepare for disaster recovery Know your enemy: learn basic hacking, and see how to counter it Understand standard forensic techniques and prepare for investigations of digital crime ¿
This complete guide to setting up and running a TCP/IP network is essential for network administrators, and invaluable for users of home systems that access the Internet. The book starts with the fundamentals -- what protocols do and how they work, how addresses and routing are used to move data through the network, how to set up your network connection -- and then covers, in detail, everything you need to know to exchange information via the Internet.Included are discussions on advanced routing protocols (RIPv2, OSPF, and BGP) and the gated software package that implements them, a tutorial on configuring important network services -- including DNS, Apache, sendmail, Samba, PPP, and DHCP -- as well as expanded chapters on troubleshooting and security. TCP/IP Network Administration is also a command and syntax reference for important packages such as gated, pppd, named, dhcpd, and sendmail.With coverage that includes Linux, Solaris, BSD, and System V TCP/IP implementations, the third edition contains: Overview of TCP/IP Delivering the data Network services Getting startedM Basic configuration Configuring the interface Configuring routing Configuring DNS Configuring network servers Configuring sendmail Configuring Apache Network security Troubleshooting Appendices include dip, ppd, and chat reference, a gated reference, a dhcpd reference, and a sendmail reference This new edition includes ways of configuring Samba to provide file and print sharing on networks that integrate Unix and Windows, and a new chapter is dedicated to the important task of configuring the Apache web server. Coverage of network security now includes details on OpenSSH, stunnel, gpg, iptables, and the access control mechanism in xinetd. Plus, the book offers updated information about DNS, including details on BIND 8 and BIND 9, the role of classless IP addressing and network prefixes, and the changing role of registrars.Without a doubt, TCP/IP Network Administration, 3rd Edition is a must-have for all network administrators and anyone who deals with a network that transmits data over the Internet.
An ideal tutorial and reference for both novice and experienced UNIX users, this new edition brings Sobell's bestseller up-to-date in several key areas, including graphical user interfaces and networking with electronic mail.
Introduces more than one hundred effective ways to ensure security in a Linux, UNIX, or Windows network, covering both TCP/IP-based services and host-based security techniques, with examples of applied encryption, intrusion detections, and logging.
"Digital Evidence and Computer Crime" provides the knowledge necessary to uncover and use digital evidence effectively in any kind of investigation. This completely updated edition provides the introductory materials that new students require, and also expands on the material presented in previous editions to help students develop these skills.