Hacking Linux Exposed





Our Goals

Our goals for Hacking Linux Exposed, Second Edition were lofty: create a Second Edition that was still standalone, that covers the latest and greatest tools and abuses, and provides the groundwork to make it possible to understand vulnerabilities that will arive in the future. We didn't want a book that was simply a list of bugs in software packages - that would be out of date before it went to print. Instead Hacking Linux Exposed, Second Edition shows you how to understand vulnerabilities in software and configuration that can affect you at anytime, providing numerous explicit examples through both our discussions and functional code.

What's new in the Second Edition?

We've compressed, trimmed, tightened, or in some cases deleted old material to make room for almost 200 pages of new content and three new chapters. We've taken out some sections of the first edition and are making them available on our web page to make way for additional material without sacrificing quality. We have also done some significant rearranging of material. We've placed some of the more common threads of the book, such as buffer overflows and format string attacks earlier in the book. We now have an entire chapter covering Denial of Service attacks, and an entirely new section devoted to actions an attacker will take after compromising your machine. Of course we discuss all the new features available in newer editions of classic hacking tools, as well as coverage of new tools and attacks.

If you have a Linux system, you can't afford to be in the dark about security.

Ten second overview

We can't list everything that we cover in Hacking Linux Exposed, Second Edition, but here's a pretty bulleted list to get you started:

  • The proven Hacking Exposed methodology to locate and fix vulnerable points in networks and Linux software.
  • Details on security features of all Linux distributions -- including Red Hat, Debian, SuSE, and Slackware.
  • How to successfully use vulnerability scanning tools, intrusion detection systems, honeypots, and log analysis software.
  • Latest attack methods involving Trojaned programs, back doors, kernel hacks, and password cracks.
  • Best practices for using whois databases, ping sweeps, DNS zone transfers, OS detection, and port scans.
  • Detect Trojan horses, backdoors, password cracking, IP spoofing, session hijacking, and trail hiding.
  • Common mail server bugs, tips for email encryption and spam prevention.
  • Ways to protect against local and network based Denial of Service and Distributed Denial of Service and wireless network attacks.
  • Implement Log analysis tools such as the Advanced Intrusion Detection Environment (AIDE) and advanced kernel security patches, including the Linux Intrusion Detection System (LIDS).
  • Prevent local users from getting root privileges.
  • Configure FTP sites, DNS servers, and other daemons securely.
  • Plug common and obscure security holes in Sendmail, Qmail, Postfix, Exim, POP, and IMAP servers.
  • Defend against Web server attacks using secure scripting techniques, user verification, and secure Apache Server configurations.
  • Design, position, and test secure firewalls and other network access restrictions.



Sample Chapter
A PDF of Chapter 1.

Appendix A
Available on LinuxWorld

Why did we pick Linux?

Why Linux is Secureable

Linux Overview

Hackers vs Crackers

Doesn't this book apply to all Unix-like systems?

'HLE' or 'HEL'?

HLE Translations

Tidbits gleaned from our Apache logs

Windows vs Linux Security Challenge