In the fast-moving world of computers, things are always changing. Since the first edition of this strong-selling book appeared two years ago, network security techniques and tools have evolved rapidly to meet new and more sophisticated threats that pop up with alarming regularity. The second edition offers both new and thoroughly updated hacks for Linux, Windows, OpenBSD, and Mac OS X servers that not only enable readers to secure TCP/IP-based services, but helps them implement a good deal of clever host-based security techniques as well.

This second edition of Network Security Hacks offers 125 concise and practical hacks, including more information for Windows administrators, hacks for wireless networking (such as setting up a captive portal and securing against rogue hotspots), and techniques to ensure privacy and anonymity, including ways to evade network traffic analysis, encrypt email and files, and protect against phishing attacks. System administrators looking for reliable answers will also find concise examples of applied encryption, intrusion detection, logging, trending and incident response.

In fact, this "roll up your sleeves and get busy" security book features updated tips, tricks & techniques across the board to ensure that it provides the most current information for all of the major server software packages. These hacks are quick, clever, and devilishly effective.

Average Customer Review: ( 21 customer reviews )
Write an online review and share your thoughts with other customers.

I found NSH to be most rewarding when it avoided discussing the same topics everyone else has covered. Lesser known tools like authpf, ftester, sniffdet, SFS, rpcapd, and Sguil caught my interest (especially as I write Sguil installation docs). Even some ways to use familiar tools were helpful, like the -f (fork) and -N (no command) switches for SSH forwarding. In some cases it made sense to mention well-worn topics like BIND or MySQL, with an eye towards quickly augmenting the security of those servers.

Elsewhere I questioned the need to cover certain tools. With the number of Snort titles approaching double digits, and O'Reilly's own Snort books in the wings, was it really necessary to devote several hacks to Snort? In the same respect, I felt mention of Nmap, Nessus, swatch, and ACID was not needed, nor was advice on implementing certain Windows security features.

In some cases the descriptions were too brief to really explain the technologies at hand. For example, the "Secure Tunnels" chapter discusses a very specific IPSec scenario (wireless client to gateway) without informing the reader of the other sorts of tunnels that are possible. I also questioned some of the content, like p. 47's statement that Windows lacks "robust built-in scripting." Brian Knittel's "Windows XP Under the Hood" would quickly change the author's mind. Also, the anomaly detection preprocessor SPADE is described, even though the last version (Spade-030125.1.tgz, released Jan 03) is only available on a Polish student's Web server and no longer cleanly integrates with Snort past version 2.0.5, released in Nov 03.

Despite these comments, I still found NSH a great addition to my security bookshelf. I found the coverage of Windows more than adequate, given that true security innovation in the public sphere is being done in the open source world and not in Redmond's labs. The writing tends to be clear and the descriptions concise. I guarantee you will find a handful of hacks which pique your curiosity and ultimately help secure your enterprise.

33 of 37 found the following review helpful:

Not for the amateurJul 29, 2004
By Jack D. Herrington "engineer and author"
It's important to understand who this book is for. It's not for the amateur looking to configure their firewall. The book starts with locking up UNIX filesystems and doesn't turn back the complexity clock as it winds through all the way to advanced topics like Honeypots and various SSH tunneling schemes. I highly recommend this book for network administrators and security professionals looking to make sure they have all of their bases covered. However, for the personal computer user looking to make sure their DSL doesn't get hacked I cannot recommend this book.

13 of 14 found the following review helpful:

Excellent book on security.Sep 09, 2004
By swallbridge
This book took me a long time to read, but for a good reason, I kept implementing
the various hacks in the book on a server I had started setting up.

The book is mostly Unix related, but there is some Windows related `hacks' as well.
I think the Windows coverage was lacking a bit though. For Unix, it talks about
Linux, the BSD's and a bit on Mac OS X and Solaris. Most of the topics are
general enough to apply to any Unix based Operating System, but some are specific
to an operating system.

One of the great things about the Hacks series of books by O'Reilly is that the
information is presented in nice small chunks that you can read in a few minutes
if you have some spare time.

The hacks are all `hyperlinked' to each other, if a hack mentions something that
relates to another hack, it is highlighted in blue and the hack that it
references is listed. I did find a few places where this wasn't done
(#84 Real-Time Monitoring, first mentions Barnyard but doesn't provide any
information on it or mention that it is one of the later hacks).

Lots of the hacks in the book could be found by doing some reading on the
internet, but finding such a variety of topics all in one place, with enough
information to get you started is really nice. Even though I consider myself to
be fairly security conscious, I still found quite a few things in this book that
I hadn't thought of, or plain didn't realize were possible or even existed. I
would recommend this book to anyone that is interested in security or anyone
responsible for maintaining a server (whether or not it is on the internet).

14 of 16 found the following review helpful:

Useful Tips, Limited on WindowsAug 01, 2004
By Joaquin Menchaca
Overall, I find this book to be an enjoyable read. I thumb through it time and time again, and come up with some useful hints and tips (not really necessarily hacks though). It's more oriented toward BSD Unix and Linux, but I did find some useful hints for Windows (the current topic of my studies). I really like the plug for ntsyslod (hack 56), which can take binary event logs and route them to syslogd service. Nice. Finally, logs in Windows are now open for business.

I found some material to be trivial, making problems from non-problems, or rather not practical to implement. For example, one hint advises Windows users to encrypt their temp directory (hack 28). However, there are easy workarounds to bypass EFS, and the temp directory is within a user's profile, and thus secured from other users anyhow. So encrypting it is unecessary, and not useful given users can drag a file to a floppy or non-NTFS filesystem to and bypass the encryption.

One hack recommended flush the page file as some important application data might be in there (hack 29). However, this requires delving into the registry, and to implement across all workstations is too taxing. However, there could be ways to automate this through group policy objects and scripts. There's no coverage on how to automate some of these chores, which is not always straightforward in Windows.

One a final note, I wish there was more coverage of Windows. There's could be equivelent coverage of things like time sychronization (hack 44) for Windows as well.

Overall though, I think there are enough useful tips to make this book valuable. I've already wrote my name on this one...

8 of 10 found the following review helpful:

Good simple referenceJun 10, 2004
By Dr Anton Chuvakin "Dr. Anton Chuvakin"
When I first got this little book, I was unimpressed by its idea: a seemingly random collection of network security tips, combined under the same cover. However, when I started reading, more and more often I exclaimed "ah, that is how it is done", etc. The book is one cool collection of tips, ranging from mundane (`how to configure iptables on Linux') to fairly esoteric (`how to use MySQL as an authenticating backend for an FTP server'). Always wanted to use `grsecurity' or `systrace', but thought it is too complicated - grab the book and give it a shot. Want to set up a fancy encrypted tunnel between two networks - it covers that too. Admittedly, a lot of advice given in the book can be found on Google, but it is nice to find it in one place. The book covers selected topics in host security, SSH and VPNs, IDS, monitoring and even touches upon forensics. I also liked its multi-platform coverage, with a slight, but unmistakable UNIX/Linux bias.

Overall, it is a great simple book, provided you don't try to find in it something it isn't: a neat collection of simple network security tips. I somewhat disliked that many tips don't go beyond `how to install a tool' and stop short of discussing `how to use it best'.

Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major security information management company. He is the author of the book "Security Warrior" (O'Reilly, 2004) and contributor to "Know Your Enemy II" by the Honeynet Project (AWL, 2004)). His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org

See all 21 customer reviews on Amazon.com