Linux System Security
Linux System Security

 Scott Mann and Ellen L. Mitchell Prentice Hall
 18 Chapters and two appendices in 566 Pages.  Costs about   £35

Contents

Chapters
            
            1      Vulnerability Survey 
            2      Security Policies
            3      Background Information
            4      User's, Permissions, and Filesystems  
            5      Pluggable Authentication Modules
            6      One Time Passwords
            7      System Accounting   
            8      System Logging
            9      Superuser Do (sudo)
              10    Securing Network Services:  TCP_wrappers, portmap, and xinetd
            11    The Secure Shell
            12    Crack
            13    Auditing Your System with tiger
            14    Tripwire
            15    The Cryptographic and Transparent Cryptographic Filesystems
            16    Packet Filtering with ipchains
            17    Log File Management
            18    Implementing and Managing Security

            Appendix A ......   Keeping up to Date
            Appendix B ......    Tools not covered
            Glossary
            Index

    Synopsis

    System and network security are an all important part of running any computer regardless of what kind of software it actually is running.  This particular volume explains some simple and basic facts about Red Hat Linux security and administration.  If you want something similar for Debian you might well find the Debian security listt to be more useful.  There are similar online help forums for the other distributions of Linux as well such as Slackware and the SuSE distribution.  It is very important that you do use the appropriate forum for your choice of Linux.

    Review

   What is it that this particular book has to offer you ?  On the back cover there is a short list of the what's inside.....


*  Preparing Linux systems for a production environment
*  Identifying vulnerabilities, and planning for security administration 
*  Configuring Linux-based firewalls, authentication, and encryption
*  Intrusion detection on Linux systems 
*  Securing filesystems, email, web servers, and other key applications
*  Protecting mixed Linux/Unix and Windows NT environments

Some of this is little bit dated now but if you are that person who will use Red Hat Linux and you are slightly new to the world of Linux security issues then you will most likely want to get hold of this book.  If you are not then there's little point in reading further into this review.  It might just be that some parts of the book relate to other distributions of Linux and you may find it to be useful as a general reference.

As we all know it's best not to connect one computer to another one unless you have properly installed it and made sure that all things are as they should be.  In the case of the MS WindowsTM computer it is simply not possible to do that even with Windows TM XP and Win2K and so this is why Linux and Unix systems are widely used to run the internet and why they also make up large parts of corporate organisations.

The first part of the book goes into an introduction into a few basic concepts about security risks and how to assess them and minimize them.  This is how things should be and the basic idea here is one that is known to most system administrators - know your enemy as well as you know yourself.  Both of the first two chapters give some useful ideas for people who haven't so far discovered how to use a computer properly and then the third chapter goes into things that are known to most people but not the newbies ... such as ... setting permissions on /etc/lilo.conf.  A lot of systems are cracked due to poor administration methods.  The title of chapter three is "This 'n That" which is a good way of describing the kind of birds nest problem that computer security represents.  There is also the General Public Licence which is reproduced here.   Licences are also an important part of network security.  Who is it that is snooping the data on your system ?  Chapter four is rather aptly entitled "Of Course I trust my Users !".  This kind of thing is usually brought about by NT4 admins who haven't read a book yet.  Perhaps you may need to shove this book or this chapter into their face ?

Chapter five goes into the often heard thing at most sensible IT places ... "Been Cracked ?  Just put PAM on it !".  No .... PAM isn't the really attractive intellectual lady of our dreams.  Pluggable Authentication Modules are useful for places where the usual crowd of lunatics are allowed access to the system that you run.  It can help with external crackers as well as the more usual internal ones.  Part six goes into one time passwords.  Very useful for most networks.  System accounting at chapter seven is one of those invaluable bits of paper that you should try to get hold of.  If your system is attacked or misused in some way then you should have a log somewhere that will tell you who it was and what it was about.  If you haven't then your system is not yet configured properly.  Chapter eight also goes into logging things properly.  One of the awful truths about Unix systems of which Linux is one of the later developments is that the greatest security risk comes from running a system as root user.  Many large companies and Linux developers have developed software that will disable root priveledges so that an attacker cannot gain entry to a system.  It's from this point of view that Chapter nine starts with the title of "want to be Root"...  it's all relevant stuff and anyone who wants to use Linux should read it.

The tenth chapter goes into securing network services.  This was the subject of a lecture by Dr Owen le Blanc at our October 2001 meeting.  Network security raises many complex issues which can only really be understood after a certain amount of practical experience.  To gain that practical experience you first of all have to read a book.  Linux System Security can provide some very helpful pointers.  The secure shell at chapter eleven just about finishes off the roundness and completeness of the entire book.  As a complete technical reference it is very useful.  You think you've got a good password at chapter twelve goes into the simple fact that it pays to be aware of what it is that may or may not be possible.  The use of crack on your own system can determine whether or not you should change your password.  Chapters thirteen and fourteen go into system auditing and the use of tripwire for detection.  I think that a bit more could have been useful here.

Of the latter parts of the book chapter sixteen would seem to be the most helpful.  There is an excellent section on the use of ipchains.  There are people out there who insist that ipchains is now dead and buried.  If that's so then why are so many commercial organisations using it ?  The final chapter starts with "This is an awful lot of work!".  This may be so but if that's the case and you are a lazy person then why did you buy a computer ?  Wouldn't you be much better off with a notepad and pen ?  There's some useful info in this part of the book.  The kind of thing that you can get off the net but  can't easily find without help from anyone else.

You have zipped up your fly and tied up your shoe laces properly haven't you ?  If you are a lady computer user then you will have properly arranged your hair.    Good ... now we can switch on your machine :)

Review by Richard Ibbotson

Prentice-Hall ... the best Linux books