Join Epinions | Help | Sign In  

CarsBooksMoviesMusicComputersElectronicsGiftsHome and GardenKids and FamilyOffice SupplySportsTravelMore...
         
 
HomeMediaBooks
Hacking Linux Exposed: Network Security Secrets & Solutions   
Hacking Linux Exposed: Network Security Secrets & Solutions
Overall rating:  Product Rating: 5.0
Reviewed by 1 Epinions user - Write a review
  Compare Prices
  View Details
  Read Reviews
 
 
Subscribe to Reviews on this Product


Read Review of Hacking Linux Exposed: Network Security Secrets & Solutions  
Author's Review About the Author

Honey can I hack ya?
Apr 05 '02 (Updated Apr 05 '02)

Author's Product Rating
Product Rating: 5.0


Pros
Completely organized, well-written, complete, and as up to date as possible.

Cons
bad hackers can read it too, would have liked more case studies.

The Bottom Line
Hacking Linux Exposed is a book no Linux system administrator should be without.

Full Review

If you have a vulnerable computer attached to the BIG BAD INTERNET, sooner or later your box will be compromised. Notice I prefer the term compromised to hacked. Hacking is a benign activity. You hack out of curiosity and [hopefully] with prior permission. Can this be done? Can I get into this box? How is he trying to keep me out? What stone has he left unturned? Woops: He has a bulletproof firewall but he left this one vulnerable cgi script in his httpd directory: HA! I'M IN! At that point the correct thing to do is to stop and notify the hackee. But once a hacker gets in, (especially if he is there without permission) the temptation to quietly mess around and cover his guilty tracks is usually overwhelming. Then it has gone from hacking to compromising someone else's box.

You may ask: why hack? when everybody has their own box nowadays. I think it's for the challenge. Hacking is very similar to playing Riven or similar computer games where you gather information and use it to achieve a goal [usually root access in a Linux box.] But, after they root you, they may want to use your box at the very least as a free playground, and at the very worst, to steal your data or try to frame you for an attack on some other network.

If you don't mind contributing to the poor underprivileged script kiddies' Mbps fund, or having your hard drive scanned and changed at the whim of an adolescent, don't worry about security.

Otherwise, if you have a Linux box, read this book!! If you have a Windows box, you might want to skim it as well. Some of the cracks it discusses are launched from Linux space, but they can work in any network space. The same authors also have a Hacking Exposed title which is centered on Windows. I hope to review it soon.

The book is organized into five major sections--thirteen chapters and four appendices. The major sections are:

I. Locking into Linux: Provides a security overview, outlines proactive measures you can take to secure your box, disaster recovery procedures, and how to identify other types of vulnerabilities.

II. Getting in from the Outside: This is the type of compromise people fear the most: It discusses social engineering, physical access cracks, breaking in over the network, and network abuse.

III. Local User attacks: Discusses how a local and at least somewhat trusted user can jack up their status to do things they're not supposed to, password cracking, and backdoors, since once a cracker breaks in from outside, the first thing he or she does is make him/herself a highly privileged local user and install hidden playgrounds for him or herself.

IV. Server Security: How crackers abuse email and web servers in particular, and how to configure Linux firewalls to nip them in the bud.

V. Appendices: Mainly a reference section on where to go for patches, but the last appendix is a series of three case studies. I found the case studies in particular very interesting!!!

This book covers all the bases and goes into just the right amount of depth. It assumes some familiarity with CLI Linux. It gives you a basic understanding of each cracking technique with examples whenever possible. If the size or complexity of the example would be too voluminous, they refer you to the web where you can read the whole thing. All the websites I have referred to from this book so far have been up-to-date. The writing style is head and shoulders better than a lot of technical books I own.

Three warnings: These are things I had already heard, but after reading this book it is totally stark:

NEVER use telnet or FTP! It's child's play to sniff these
and there are encrypted alternatives that are just as easy to use.

NEVER trust anything coming into you from the web! It's also child play to put hacks into web form data.

NEVER tell anyone anything they don't need to know, such as hostnames, user names, tel no's, type of hardware, network layouts, IP numbers, database schemata, or what type of firewall you use. You may think this stuff is benign but a skilled hacker can use it against you.

So far I have hacked all the workstations on my own LAN. I have also discovered vulnerabilities on two external networks that I own as if I were an outsider (i.e. not using the admin password or internal knowledge)
I have hacked two friends with permission (one running Windows). Both of these friends were happy that it was I who found their Achilles heel and not some seventeen year old in Singapore.

[Disclaimer: This book is freely available. As with any tool, it can be abused. An axe can be used to split firewood, or for an axe murder. This book can be used constructively or otherwise. It is powerful stuff. Some of the things in it could easily land you in MAJOR hot water, as in hard time -- lots of it, and banning from computers. You have been warned.]

Recommended
Yes


Return to top
Back to all reviews

Comments on this Review
 Read all comments (2)
 Write your own comment
Epinions.com ID:
platypus55
Member: Colleen
Location: Pacific Northwest
Reviews written: 91
Trusted by: 73 members

"You have no mass appeal, Colleen. Only the intelligent will 'get it.'" Dang.

  View all reviews by platypus55
  View platypus55's profile

Compare Prices   
Showing 1-3 of 8 stores.  
Store Store Rating Product Info Price

Half.com


Store Rating: 4
232 store reviews

Format: Paperback
$12.86
Half.com
at
Half.com

Amazon


Store Rating: 4
315 store reviews

-
$27.99
Amazon
at
Amazon

Buy.com


Store Rating: 3
132 store reviews

Format: Paperback; In Stock
$25.19
Buy.com
at
Buy.com
Showing 1-3 of 8 stores.  

Featured Resources   
Additional information on Hacking Linux Exposed: Network Security Secrets & Solutions and other related products. 
2 for 1 Reformation CD Sale Ends Monday
Classic Reformation books by Calvin, Knox, Luther, Westminster Divines, Spurgeon and many others (with the Geneva Bible notes) on 62 CDs at greatly reduced prices until this coming Monday.

http://www.swrb.com
Extensive Selection of Books at Amazon
Find exactly the book you're searching for or browse our extensive selection online at Amazon.com, the Internet bookstore.

http://www.amazon.com
Ready to Buy? Buy it now at Buy.com
Looking for books? Buy now at Buy.com. With over 1 million products to choose from, and more than 8 million happy customers. Buy safely at Buy.com.

http://www.buy.com
 

Help | Member Center | Privacy Statement | Site Index  
About Epinions | Careers | Contact Epinions | Merchants and Advertising  
© 1999-2002 Epinions, Inc. Trademark Notice

Muze for Books:Copyright 1995 - 2002 Muze Inc. For personal non-commercial use only. All rights reserved.

Epinions.com periodically updates pricing and product information from third-party sources,
so some information may be slightly out-of-date. You should confirm all information before relying on it.