BKLNSCCB.RVW 20031019 "Linux Security Cookbook", Daniel J. Barrett/Richard E. Silverman/Robert G. Byrnes, 2003, 0-596-00391-9, U$39.95/C$61.95 %A Daniel J. Barrett dbarrett@oreilly.com %A Richard E. Silverman res@oreilly.com %A Robert G. Byrnes byrnes@oreilly.com %C 103 Morris Street, Suite A, Sebastopol, CA 95472 %D 2003 %G 0-596-00391-9 %I O'Reilly & Associates, Inc. %O U$39.95/C$61.95 707-829-0515 fax: 707-829-0104 nuts@ora.com %O http://www.amazon.com/exec/obidos/ASIN/0596003919/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0596003919/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0596003919/robsladesin03-20 %P 311 p. %T "Linux Security Cookbook" In the introduction, the authors state that this is not a security text, but a list of practical and individual pointers for improving security in specific areas. Chapter one covers how to take system snapshots with Tripwire, in order to detect changes that might indicate an intrusion or a virus. The establishment of a firewall, using the iptables and ipchains utilities, is dealt with in chapter two. Chapter three examines the control of access to various network services. Authentication techniques and infrastructures are detailed in chapters four and five. Protecting outgoing network connections, files, and email are described in chapters six, seven, and eight respectively. The material on testing and monitoring, in chapter nine, is the most extensive in the book, and provides a good introduction to Snort as well. This is good, practical advice, and makes an excellent reference for anyone dealing with the security of Linux in a networked environment. In one sense the authors are right, for they stick to the nuts and bolts, without discussing security frameworks or theories. In another sense they are wrong: this text does what the "hacking" books only pretend to do. The authors of the genre of "Teach Total Idiots How to Hack and They Will Automatically Turn Into Security Experts" texts all imagine that they teach you how to harden/secure a system, but don't. This does. copyright Robert M. Slade, 2003 BKLNSCCB.RVW 20031019