Page 1 of 2 “Hacking Exposed Linux” by ISECOM (Institute for Security and Open Methodologies) is a guide to help you secure your Linux environment. This book does not only help improve your security it looks at why you should. It does this by showing examples of real attacks and rates the importance of protecting yourself from being a victim of each type of attack.
Date: August 2008
Vitals:
| Title: |
| |
| Author: |
ISECOM (Institute for Security and Open Methodologies) |
| Pages: |
613 |
| ISBN-10: |
978-0-07-226257-5 |
| Publisher: |
McGraw Hill |
| Edition: |
3nd Edition |
| Purchase: |
Hacking Linux Exposed |
Overview
“Hacking Exposed Linux” by ISECOM (Institute for Security and Open Methodologies) is a guide to help you secure your Linux environment. This book does not only help improve your security it looks at why you should. It does this by showing examples of real attacks and rates the importance of protecting yourself from being a victim of each type of attack.
The reader will gain a better understanding of the types of attacks that are out there, and learn new ways to protect their system. Those who are thinking about using this book should have a Linux machine that needs to be secured. However, anyone that is interested in computer security will learn more about the different types of threats which are there. Now that you have a introduction on what this book is about I will look deeper into each part of it.
Review Summary
Part 1 titled “Security and Controls” starts with a section that outlines the building blocks of computer security; visibility, access, and trust. Then it looks at authentication, indemnification, subjugation, continuity, and resilience. The author goes into detail how indemnification is controlling the value of resources through law or insurance to reclaim the real value of loss. I also goes into detail of subjugation which is local control over the protection and restrictions of interactions by the asset responsible. Then the author discusses that continuity is a control of assuring service is still available after a disaster and to assure that a service fails securely. Those five interactive controls are important parts to security and are discussed in detail in this part of the book. Then it goes into detail about process controls to improve the user's security assets on their system.
Part 2 is titled “Hacking the System” and starts with a section on local access control. It outlines some configuration changes and add-ons that can help physical security. It looks at examples of physical attacks which attackers can use. This part answers the question “how can I limit the damage that can be caused by this type of attack?” In the next section of this book the author talks about data network security. It looks at strategies which users can implement to increase the security of their network. The main idea in this section is to add security from the start by setting up least access. But this part also answers the question “what should I do if I get attacked?” It shows the user some forensic techniques any Linux user can use. How to recover from an attack quickly is also covered. The real strength of this section is showing the user a variation of different types of attacks for example, software vulnerability exploitation and password login attacks.
Part 3 is titled “Hacking the Users”, which is the one that I found most interesting. It looks at three services that are vulnerable to attack; web application, Email and DNS. First this part looks at threats to web applications. It goes into detail about the different types of threats, for example, insufficient data validation and how to help prevent them. Also it looks at some new security risks like Web 2.0 threats particularly AJAX attacks. The author makes a good point that web application security is more than just border security like firewalls. It's also important to protect your application from man-in-the-middle attacks. I found the man-in-the-middle examples to be a good way to learn why users need to protect themselves and how to prevent this type of attack. The next service looked at in this part is Email, which is one of the most important services to make secure. With virus, trojans, phishing and other attacks which all can be quickly spread via Email, it's a service that the author goes into detail about the threats and how to help prevent them. This section stresses the importance of implementing controls to this service. The author states threats to Email which are common to all services but also goes into detail on how to prevent them with Email specific security techniques like graylists. Since most email is sent in clear text this section sheds light on encryption implementation, for example, OpenPGP. The last service that the author looks at is the name service or DNS. This section stresses the importance of DNS to the Internet as a whole and the types of attack that are out there which are a threat to this service. Also the author looks at attacks against users of DNS. One security idea that I found interesting was DNS and encryption. We all know that encryption is used to protect important data but I did not know that it can be used in DNS too. With the increasing threat to the DNS service this section does a good jobs at explaining what that threat is and the importance to secure it.
The last part of this book is called “Care and Maintenance” which looks at C code security and Linux kernel security. If you are interested in kernel security tweaks, this is the section for you. It starts at the bottom with ways to improve the security of C code. Programmers know that C code needs special attention when it comes to making it secure. The author shows the user how make their C programs more secure. One way this section explains how to secure ones code is by using code analysis tools. The next section looks at security in the Linux kernel. The author does not go into a lot of detail on the security features of the kernel but, does give the reader enough information to know what each features role is.
In conclusion, if you or anyone you know is interested in Linux security and the threat of attack then “Hacking Exposed Linux, Third Edition” is a valuable resource to read and add to your Linux book collection. You will find in this book many examples of computer attacks and ways to improves ones own Linux security.
|
