Tighten holes and maintain security on your Linux system! From one of the authors of the international best-seller, Hacking Exposed: Network Security Secrets & Solutions, comes a must-have security handbook for anyone running Linux. This cutting-edge volu

Average Customer Review: ( 41 customer reviews )
Write an online review and share your thoughts with other customers.

The "Hacking Exposed" series is known for its unique example-driven style. Rather than telling the reader about a technique or problem, the authors demonstrate the issue using command-line examples. I find myself reading with book and laptop at hand, ready to duplicate the authors' sample commands. This process reinforces the authors' message, while the reader learns if a specific problem applies to his situation. Furthermore, by showing exactly how to execute certain commands, the authors impart bits of wisdom and trickery not found elsewhere.

For example, chapter 11 describes attacks and defenses for FTP servers. To explain active and passive FTP sessions, the authors demonstrate running an FTP client with the -d switch to illustrate raw instructions sent by the client over the FTP command channel. I had never seen this switch in use, but as an intrusion detector I constantly see raw FTP instructions like those revealed by the -d switch. These and other tidbits, like using the chattr -i command or setting the "sticky bit", make HLE exceptional.

Beyond these benefits, readers will enjoy clear, thorough explanations of Linux security issues. HLE gives first-rate descriptions of ssh and web man-in-the-middle attacks, race conditions, and FTP data hijacking. HLE also provides great illustrated examples of FTP bounce attacks, giving intrusion detectors the minutiae we need to recognize these techniques. I had heard of most of the compromise methods offered by HLE, but never seen them discussed in such practical detail.

If the material in chapters 1-13 of HLE don't prompt you to verify your Linux host's integrity, then the case studies in appendix D will. The security community needs more of these narratives. These stories, based on true events, show the lengths to which some attacks will go to penetrate target machines.

"Hacking Linux Exposed" is another strong addition to the "Hacking Exposed" series, and the security community will benefit as a result.

(Disclaimer: I received a free review copy from the publisher.)

47 of 48 found the following review helpful:

Buy two of theseMay 30, 2001

I wasn't a fan of Hacking Exposed, largely because its Unix section was a mere 50 pages of superficial, outdated, and obvious fluff. Hacking Linux Exposed makes up for that lack by digging into Unix in much more depth.Though it is modeled after the attack/countermeasure style of the original HE, this book includes a whole chapter of security measures at the beginning that you can implement instantly to get your machine locked down before getting into the nitty-gritty detail about other things in the hacker's arsenal.I was particularly enthralled with chapter 10, which talks about what the hacker will do after they have gained root access, from simple things like adding accounts to complicated issues like kernel modules, complete with source code. Chapter 7 includes some really wonderful examples of how the hacker can abuse networking protocols themselves, something I haven't seen covered in such depth before.The book is logically organized. The first part covers the way the hackers find and probe your machine. The second talks about getting in from the outside, be it network or physical. The third part talks about gaining additional priveleges, and the last part of the book is dedicated to mail, ftp, web, and firewalls. The appendicies are actually useful. They seem to have dropped the small 1-page case studies from the original book and replaced them with longer hacker-eye-views of real attacks which are an interesting read, and really tie the book together.This book is Linux specific in it's countermeasures, but I'd recommend this to any unix user. They do a good job of discussing differences between Linux variants as well, they don't just assume everyone has a RedHat box on their desk. Very refreshing.This book is great for both the theory and practical uses. I could spend weeks implementing all the suggestions they have, but they seem to have thought of this because their risk ratings let you know where you should concentrate as you secure your systems.Like Hacking Exposed, this book also has a website, (...) but it seems more up-to-date -- for example when the ptrace bug in older kernels came out, they posted a kernel module you could compile to protect your system until you could upgrade -- and includes all the source code contained in the book.I bought two of these, one for home and one for the office, and I suggest you do the same.

28 of 29 found the following review helpful:

Should have been "Hacking Unix Exposed"Jul 08, 2001

I am in charge of network security for a large firm. We use largely FreeBSD and OpenBSD machines instead of Linux whenever possible. One of the junior folks was trying to convince us that Linux isn't all that bad, and pointed to this book as proof that it can be secured.

Well, we're not about to switch. However this book covered so many unexpected issues that affected our *BSD boxen that we spent a solid week implementing changes on all our systems. The detail of this book was superb, and it was easy to figure out the differences between their Linux-specific solutions and what was needed on our *BSD systems when they weren't exactly the same.

Got Unix? Buy this book.

15 of 15 found the following review helpful:

The best hands-on Linux security book just got betterMar 10, 2003
By Richard Bejtlich "TaoSecurity"
I'm a big fan of the Hacking Exposed style of writing. All offensive theory is backed up by command line examples, followed by defensive countermeasures. Hacking Exposed: Linux, 2nd Ed (HE:L2E) follows this tradition, updating the content of the first edition and adding 200 pages of new content. Although I reviewed the first edition in Sep 01, reading the second edition reminded me of the challenges posed by securely configuring and deploying Linux systems.

The best way to learn while reading HE:L2E is to try the sample commands. I also recommend visiting the links mentioned and installing many of the tools described by the authors. I found programs like raccess, nsat (ch. 3), sslsniff (ch. 7), nstx, and httptunnel (ch. 15) particularly interesting from an attacker's point of view. From a system administration standpoint, coverage of passlogd (ch. 2), lilo and grub (ch. 5), and X (ch. 6) were very helpful.

The authors share many novel ways to abuse Linux systems, but counter those exploits with little-known features or third-party tools. I never knew I could use bash's HISTCONTROL feature to selectively remove entries from shell history files. HE:L2E goes the extra mile to help secure your system, such as including sample C code in ch. 13 to allow one to compile TCP Wrappers support into one's own programs. Other clear, concise defensive measures were introduced in excellent chapters on keeping the kernel and packages current (appendix B) and pro-active security measures (ch. 2). The last appendix gives a short yet powerful description of the damage an intruder can perform, showing how he hid unauthorized programs and how those programs were discovered.

If you use Linux, you'll find HE:L2E indispensable. I even applied many of the tools and techniques to my FreeBSD system, showing that that good security advice can be a cross-platform endeavor.

13 of 13 found the following review helpful:

Good intro to Linux securityMay 17, 2002
By Dr Anton Chuvakin "Dr. Anton Chuvakin"
Hacking Linux Exposed by Brian Hatch, James Lee and George Kurtz, is a nice follow-up to their bestselling Hacking Exposed . While not as groundshaking as its predecessor, the new book does provide a good reference for people just starting with Linux. Anyone who is setting up or planning to set up a Linux network should consider owning it, together with the appropriate Linux administration manuals.

Hacking Linux Exposed covers security administration issues such as FTP, sendmail (but for some reason, not POP3/IMAP servers) and web server setup; it also discusses local user security issues and touches lightly on Linux firewalling and other network access controls (TCP wrappers).

The book includes a big section on keeping your system updated, which outlines methods used by several popular Linux distributions (rpm from RedHat, apt-get from Debian and pkgtool from Slackware). This information is essential to the security of any Linux machine, whether a home workstation or company server.

The focus is Linux, but the book also covers some other important security areas. It attempts to offer a total solution for Linux security, starting with general infosec philosophy (such as proactive security), and moving on to physical security, social engineering, Trojan programs, access control, user security and server setup. Each security problem is rated for global risk on a 1 to 10 scale, factoring in frequency, simplicity and impact. In general, the book is more encyclopedia than detailed guide, as it strives toward breadth over depth.

See all 41 customer reviews on Amazon.com