Updates
Latest Tweet
What's New?
Check out for latest innovation, a computer based training video collection
Like this Page
Linux Network Security (Administrator's Advantage Series) Review by Harold McFarland
One of the better books on this subject
If you are a network administrator who needs to get a quick handle on Linux security this would be a very good choice. It covers the basics of security in general (weak passwords, key logging, Trojans, network topology, etc.) as well as security issues that are specific to Linux.
It does a good job of explaining how Iptables are used in a firewall and how to tune the network. Linux Network Security does appear to thoroughly cover all the basic system security considerations including the passwd file, shadowing, enforcing security, using PAM, and SUDO security. The best part of the book is when the author gets to how to choose an appropriate distribution, use a chroot jail, and protect memory.
In addition to the basic Linux security common to all distributions the author discusses role based access control, the Linux Intrusion Detection System, and the secure Linux distribution SeLinux. The book ends with sections on securing the most common services for Linux - Apache, SSH, NFS, NIS, DNS, BIND, and FTP. It also includes a section on keeping your system secure using Tripwire.
If you need additional help on specific issues there are six appendixes which cover recompiling the kernel, kernel configuration for networking, firewall scripts, and cryptography. This book is obviously intended for the Linux network administrator, but the level of knowledge assumed is somewhat confusing. For some pieces it seems to assume no prior knowledge (like Chapters 1 and 2) and for other areas it seems to assume some basic prior understanding of Linux (although admittedly minimal). Keep in mind that there are whole books on some of these items (like securing Apache) so there is obviously much more detailed information available if you have a specific need. Linux Network Security is highly recommended to network administrators who are dealing with a basic file and print sharing network or who need a solid overview of Linux security and some of the security problems with common services.