Linux Security Cookbook and over one million other books are available for Amazon Kindle. Learn more

Vous voulez voir cette page en français ? Cliquez ici.

Sign in to turn on 1-Click ordering.
Amazon Prime Free Trial required. Sign up when you check out. Learn More
More Buying Choices
Have one to sell? Sell yours here
Start reading Linux Security Cookbook on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Linux Security Cookbook [Paperback]

Daniel J. Barrett , Richard E. Silverman , Robert G. Byrnes
4.0 out of 5 stars  See all reviews (10 customer reviews)
List Price: CDN$ 41.99
Price: CDN$ 39.85 & FREE Shipping. Details
You Save: CDN$ 2.14 (5%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 1 left in stock (more on the way).
Ships from and sold by Gift-wrap available.
Want it delivered Thursday, September 4? Choose One-Day Shipping at checkout.


Amazon Price New from Used from
Kindle Edition CDN $17.27  
Paperback CDN $39.85  
Save Up to 90% on Textbooks
Hit the books in's Textbook Store and save up to 90% on used textbooks and 35% on new textbooks. Learn more.
Join Amazon Student in Canada

Book Description

June 12 2003 0596003919 978-0596003913 1

Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes--short, focused pieces of code that administrators can use to improve security and perform common tasks securely.The Linux Security Cookbook includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure.Some of the "recipes" you'll find in this book are:

  • Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more
  • Monitoring your network with tcpdump, dsniff, netstat, and other tools
  • Protecting network connections with Secure Shell (SSH) and stunnel
  • Safeguarding email sessions with Secure Sockets Layer (SSL)
  • Encrypting files and email messages with GnuPG
  • Probing your own security with password crackers, nmap, and handy scripts
This cookbook's proven techniques are derived from hard-won experience. Whether you're responsible for security on a home Linux system or for a large corporation, or somewhere in between, you'll find valuable, to-the-point, practical recipes for dealing with everyday security issues. This book is a system saver.

Frequently Bought Together

Linux Security Cookbook + Linux iptables Pocket Reference
Price For Both: CDN$ 51.80

Customers Who Bought This Item Also Bought

Product Details

Product Description


"I really enjoyed this book. I think my machine is more secure than before I read this book. The advice is good and pitched at, for me, the right level. References were up-to-date ad far as I could see. I would certainly recommend this book to anyone wanting to secure, or test the esisting security, of a Linux system." - Mick Farmer, Linux Security Cookbook - news@UK, September 2003

About the Author

Dan Barrett has been immersed in Internet technology since 1985. Currently working as a software engineer, Dan has also been a heavy metal singer, Unix system administrator, university lecturer, web designer, and humorist. He has written several O'Reilly books, as well as monthly columns for Compute! and Keyboard Magazine. Dan and his family reside in Boston.

Richard E. Silverman has a B.A. in computer science and an M.A. in pure mathematics. Richard has worked in the fields of networking, formal methods in software development, public-key infrastructure, routing security, and Unix systems administration. He is the co-author of SSH, The Secure Shell: The Definitive Guide.

Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Customer Reviews

4.0 out of 5 stars
4.0 out of 5 stars
Most helpful customer reviews
5.0 out of 5 stars Good book for quick reference... Aug. 28 2003
I read this book from cover to cover and consider it a great effort by the authors to cover many security issues related to not just Linux, but most *nix operating systems. Here's a chapter by chapter review of what I've observed in the book:
Chapter 1 - System Snapshots with Tripwire
I liked the discussion of Tripwire and its configuration options. The sections on "Ultra-Paranoid Integrity Checking" were great! A decent introduction to Tripwire and some of its features.
Chapter 2 - Firewalls with iptables and ipchains
The difference between "Drop versus Reject" targets was good. So many books have info on iptables, but none discusses these issues. Also the point made about dropping ICMP messages was good. Quick to learn and implement recipes presented in this chapter.
Chapter 3 - Restricting Access by Remote Users
Recipe 3.7 was very neat. Allowing users to access a service only by port-forwarding over ssh allows the administrator to restrict access by user names. A smart way of imposing restrictions!
Also, in recipe 3.9, I liked the authors' approach to finding if xinetd is compiled with libwrap support.
All recipes regarding tweaking xinetd were good. It isn't always possible to look at all the configurable options with xinetd, and the authors did a good job in mentioning a few useful options.
Chapter 4 - Authentication Techniques and Infrastructures
Quick tips with PAM, openssl and kerberos. I couldnt get some of the recipes to work on my machine, but got most openssl stuff to work.
Chapter 5 - Authorization Controls
I liked this chapter the best. The discussion on sudo was enlightening, and I was able to effectively tweak most recipes to my needs.
Read more ›
Was this review helpful to you?
5.0 out of 5 stars Great springboard for Linux security July 23 2003
As the title suggests, LSC is a series of different Linux security "recipes." I found the cookbook-style of presentation both good and bad. Some recipes were a breeze to follow (such as the gpg recipes). Other recipes were difficult, but not impossible to follow.
As a "desktop" Linux user who only administers a desktop machine and notebook the chapters I found most useful were those on intrusion detection systems (Chapter 1) and GPG (Chapters 7 & 8). That said, LSC contains dozens of useful recipes for administrators from PAM authentication to monitoring who is doing what on your system. Some of the programs covered are programs I've never heard of before, John the Ripper for example. Other recipes cover those programs I know I should check out, like Snort, but have never taken the time to.
LSC is for the most part very easy to follow. The authors have been very careful to mention when software (snort for example) might or might not be included and how to find and install it. I got tripped up a little in the first chapter (which covers tripwire), because I tried downloading and compiling the tripwire source found at the tripwire web site. I obtained the source from a couple of recommended sites. In one instance tripwire failed to compile correctly, in another it compiled but kept segfaulting when I tried to initialize the database. It wasn't until after I emailed O'Reilly that I saw mention further in Chapter 1 that tripwire is included with Red Hat Linux. One of the authors, Daniel J. Barrett, also emailed me to tell me that it was on the third CD - doh! The upside of this little tale is that I got to know aide (another intrusion detection system) a little better after I installed it on my Debian-based notebook.
... it is certainly money well spent.
Read more ›
Was this review helpful to you?
4.0 out of 5 stars Understandable and concise July 16 2003
Given the increasing frequency of attacks against computers, by virus writers, spammers and others, any sysadmin needs to pay careful attention to securing your system. All the more so if the computer acts as a server, rather than just a desktop leaf on a network. On the server side, you often have unix or linux systems.
This recent book by OReilly is hence timely. Concise, with a good contents and index. The authors write clearly, in what may be considered a "standard" cookbook style. Each problem is summarised, and a brief but entirely adequate how-to answer is then given. It is part of this style that they do not go into the theory of public/private key encryption, for example. But they readily provide references to fuller discussions on many topics.
Checking the index for comprehensiveness revealed one curious omission. There is no entry for "virus". While it seems like a glaring oversight, I think the authors are correct in doing so. Antivirus software exists, and you would merely have to run it against a set of files. And this software is not usually part of an operating system. Also, most viruses are written for Microsoft desktops. Thus far, linux viruses are actually pretty rare.
The title says "Linux". Actually, if you are running any major unix (Solaris, HPUX...), don't take that title too literally. The problems you face will often be the same as those described here. The solutions will often likewise be the same. Most unixes now have many utilities in common with each other and linux. You may be able to map an answer given here to a similar approach on your machine.
Was this review helpful to you?
Want to see more reviews on this item?
Most recent customer reviews
5.0 out of 5 stars Pensacola LUG review book
The Linux Security Cookbook is a good hands-on guide to the major aspects of securing your Linux box. Read more
Published on April 14 2004 by Lloyd R.
5.0 out of 5 stars Excellent resource on Linux security
At fewer than 300 pages, the initial size of the Linux Security Cookbook may seem to be meager to cover such a broad subject. Read more
Published on Dec 8 2003 by Ben Rothke
2.0 out of 5 stars Not up to par
I've been reading "Linux Security Cookbook". I fully understand the goal of this book is to provide lots of little bits of wisdom, not a full fledged security book. Read more
Published on July 28 2003 by Alan Karonen
5.0 out of 5 stars Worth it
A very cool collection of recipes for common, daily, security of Linux
systems. Some of the other reviewers missed the point... Read more
Published on July 27 2003 by Al Abrams
2.0 out of 5 stars Not what I was looking for
The topics that are covered in this book are interesting, but they're not sufficient to secure your machine. Read more
Published on July 23 2003 by Hanno Hentschel
2.0 out of 5 stars Sporatic security coverage
This book was more like a bunch of short articles. Nothing was sufficiently fleshed out, and it certainly wasn't cohesive enough to allow you to secure a machine. Read more
Published on July 22 2003 by Geoffrey Nguyen
5.0 out of 5 stars Very useful security cookbook
Enjoyable and useful. I didn't really expect to learn a whole lot from this, but surprisingly (and happily), I did. Read more
Published on July 12 2003 by Anthony Lawrence
Search Customer Reviews
Only search this product's reviews

Look for similar items by category