About the Book
This new edition of Practical UNIX and Internet Security provides detailed coverage of modern security and networking issues. It focuses on the four most popular Unix variants: Solaris, Linux, FreeBSD, and Mac OS X. It covers: computer security basics - introduction to security problems and solutions, Unix history and lineage, and the importance of security policies as a basic element of system security; security building blocks: fundamentals of Unix passwords, users, groups, the Unix file system, cryptography, physical security, and personnel security; network security - a detailed look at modem and dialup security, TCP/IP, securing individual network services, Sun's RPC, various host and network authentication systems (e.g., NIS, NIS+, and Kerberos), NFS and other file systems, and the importance of secure programming; secure operations - keeping up to date in today's changing security world, backups, defending against attacks, performing integrity management, and auditing; and incidents - discovering a break-in, dealing with programmed threats and denial of service attacks, and legal aspects of computer security. The book also includes a variety of helpful appendixes, including a comprehensive security checklist and a detailed bibliography of paper and electronic references for further reading and research. In addition to bringing the entire book up to date, the authors have added far more information about Linux, security policy, and cryptography, and have added new sections on embedded systems, biometrics, additional Internet protocols, new authentication systems such as LDAP and PAM, and anti-theft technologies. Packed with 1000 pages of helpful text, scripts, tips, and warnings, this third edition should be a useful reference for Unix administrators and anyone concerned about keeping their systems and networks secure.
"
Table of Contents:
Preface Part I. Computer Security Basics 1. Introduction: Some Fundamental Questions What Is Computer Security? What Is an Operating System? What Is a Deployment Environment? 2. Unix History and Lineage History of Unix Security and Unix Role of This Book 3. Policies and Guidelines Planning Your Security Needs Risk Assessment Cost-Benefit Analysis and Best Practices Policy Compliance Audits Outsourcing Options The Problem with Security Through Obscurity Part II. Security Building Blocks 4. Users, Passwords, and Authentication Logging in with Usernames and Passwords The Care and Feeding of Passwords How Unix Implements Passwords Network Account and Authorization Systems Pluggable Authentication Modules (PAM) 5. Users, Groups, and the Superuser Users and Groups The Superuser (root) The su Command: Changing Who You Claim to Be Restrictions on the Superuser 6. Filesystems and Security Understanding Filesystems File Attributes and Permissions chmod: Changing a File's Permissions The umask SUID and SGID Device Files Changing a File's Owner or Group 7. Cryptography Basics Understanding Cryptography Symmetric Key Algorithms Public Key Algorithms Message Digest Functions 8. Physical Security for Servers Planning for the Forgotten Threats Protecting Computer Hardware Preventing Theft Protecting Your Data Story: A Failed Site Inspection 9. Personnel Security Background Checks On the Job Departure Other People Part III. Network and Internet Security 10. Modems and Dialup Security Modems: Theory of Operation Modems and Security Modems and Unix Additional Security for Modems 11. TCP/IP Networks Networking IP: The Internet Protocol IP Security 12. Securing TCP and UDP Services Understanding Unix Internet Servers and Services Controlling Access to Servers Primary Unix Network Services Managing Services Securely Putting It All Together: An Example 13. Sun RPC Remote Procedure Call (RPC) Secure RPC (AUTH_DES) 14. Network-Based Authentication Systems Sun's Network Information Service (NIS) Sun's NIS+ Kerberos LDAP Other Network Authentication Systems 15. Network Filesystems Understanding NFS Server-Side NFS Security Client-Side NFS Security Improving NFS Security Some Last Comments on NFS Understanding SMB 16. Secure Programming Techniques One Bug Can Ruin Your Whole Day ... Tips on Avoiding Security-Related Bugs Tips on Writing Network Programs Tips on Writing SUID/SGID Programs Using chroot( ) Tips on Using Passwords Tips on Generating Random Numbers Part IV. Secure Operations 17. Keeping Up to Date Software Management Systems Updating System Software 18. Backups Why Make Backups? Backing Up System Files Software for Backups 19. Defending Accounts Dangerous Accounts Monitoring File Format Restricting Logins Managing Dormant Accounts Protecting the root Account One-Time Passwords Administrative Techniques for Conventional Passwords Intrusion Detection Systems 20. Integrity Management The Need for Integrity Protecting Integrity Detecting Changes After the Fact Integrity-Checking Tools 21. Auditing, Logging, and Forensics Unix Log File Utilities Process Accounting: The acct/pacct File Program-Specific Log Files Designing a Site-Wide Log Policy Handwritten Logs Managing Log Files Unix Forensics Part V. Handling Security Incidents 22. Discovering a Break-in Prelude Discovering an Intruder Cleaning Up After the Intruder Case Studies 23. Protecting Against Programmed Threats Programmed Threats: Definitions Damage Authors Entry Protecting Yourself Preventing Attacks 24. Denial of Service Attacks and Solutions Types of Attacks Destructive Attacks Overload Attacks Network Denial of Service Attacks 25. Computer Crime Your Legal Options After a Break-in Criminal Hazards Criminal Subject Matter 26. Who Do You Trust? Can You Trust Your Computer? Can You Trust Your Suppliers? Can You Trust People? Part VI. Appendixes A. Unix Security Checklist B. Unix Processes C. Paper Sources D. Electronic Resources E. Organizations Index
About the Author :
Simson Garfinkel is a journalist, entrepreneur, and international authority on computer security. Garfinkel is Chief Technology Officer at Sandstorm Enterprises, a Boston-based firm that develops state-of-the-art computer security tools. Garfinkel is also a columnist for Technology Review Magazine and has written for more than 50 publications, including Computerworld, Forbes, and The New York Times. He is also the author of Database Nation, PGP: Pretty Good Privacy, and eight other books. Garfinkel earned a Master's degree in Journalism at Columbia University in 1988 and holds three undergraduate degrees from MIT. He is currently a working on his doctorate at MIT's Laboratory for Computer Science. Gene Spafford is an internationally renowned scientist and educator who has been working in areas of information security, policy, cybercrime, and software engineering for nearly two decades. He is a professor at Purdue University, and Director of CERIAS, the world's premier multidisciplinary academic center for information security and assurance. Professor Spafford and his students have pioneered a number of technologies and concepts well-known in security today, including the COPS and Tripwire tools, two-stage firewalls, and vulnerability databases. Spaf, as he is widely known, has achieved numerous professional honors recognizing his teaching, his research, and his professional service. This includes being named as a Fellow of the AAAS, the ACM, and the IEEE; receiving the National Computer Systems Security Award; receiving the William Hugh Murray Medal of the NCISSE; election to the ISSA Hall of Fame; and receiving the Charles Murphy Award at Purdue. He was named as a CISSP, honoris causa in 2000. In addition to over 100 technical reports and articles on his research, Spaf is also the coauthor of Web Security, Privacy & Commerce, and was the consulting editor for Computer Crime: A Crimefighters Handbook (both from O'Reilly). Alan Schwartz is an assistant professor of clinical decision-making in the Department of Medical Education at the University of Illinois at Chicago. He is the author of Managing Mailing Lists and the coauthor of Stopping Spam (both from O'Reilly). In his spare time, he develops and maintains the PennMUSH MUD server and brews beer and mead with his wife. As mail administrator for a number of organizations, he deals with unsolicited email on a daily basis; as the moderator of the rec.games.mud.announce USENET newsgroup, and a NoCeM issuer for rec.games.mud.admin, he gleefully fights back against netnews spam. Turn-ons for Alan include sailing, programming in Perl, playing duplicate bridge, and drinking Anchor Porter. Turn-offs include spam (obviously!) and watery American lagers.
Review :
"It's almost impossible to criticize such a venerable work as this, and there can be little doubt that backed up by online resources, this will form a solid foundation and reference work for years to come." - Martin Howse, LinuxUser & Developer, Issue 30 "If you know nothing about Linux security, and only have time for one book, you should start with Practical Unix and Internet Security." - Charlie Stross, Linux Format, September
