OSDN | Our Network | Newsletters | Advertise | Shop     X 

Welcome to Slashdot Handhelds Technology Programming Censorship Microsoft
 faq
 code
 awards
 journals
 subscribe
 older stuff
 rob's page
 preferences
 submit story
 advertising
 supporters
 past polls
 topics
 about
 bugs
 jobs
 hof

Sections
apache
Jul 23

apple
Jul 26
(4 recent)

articles
Jul 26
(36 recent)

askslashdot
Jul 26
(9 recent)

books
Jul 26
(1 recent)

bsd
Jul 22

developers
Jul 26
(3 recent)

features
Jul 18

interviews
Jul 26
(3 recent)

radio
Jun 29

science
Jul 26
(8 recent)

yro
Jul 26
(6 recent)

Hacking Linux Exposed
LinuxPosted by timothy on Friday September 21, @10:15AM
Reader Bob Johnson wrote this detailed review of Hacking Exposed followup Hacking Linux Exposed -- especially in light of the various color-coded Windows viruses still on the loose, this might be a good present for your your local Windows administrator as well, but both Bob and the authors are clear: GNU/Linux systems may be more resistant, but are not immune to cracking.
Hacking Linux Exposed
author Bri Hatch, James Lee, George Kurtz
pages 566
publisher Osborne/McGraw-hill
rating 8.5
reviewer Bob Johnson.
ISBN 0072127732
summary The definitive Linux/Unix security and hacking text; follows in the full-disclosure footsteps of Hacking Exposed.

What it is

While the recent Code Red worms and their offspring have taken center stage, it is not time for Linux administrators to sit on their behinds and say 'told you so.' Yes, our Unix systems may have been immune, but let us not forget the flurry of worms that came after Ramen made the scene early this year.

Most folks have heard of Hacking Exposed, the ground-breaking security book that is now coming out with a 3rd edition. One of the HE authors, George Kurtz, teamed up with two leading security experts to bring us Hacking Linux Exposed which was released in April of this year.

Hacking Linux Exposed teaches you about security from the cracker's point of view. to give you all you need to know to protect your own systems. It is written by security experts who have seen these attacks in the wild and have been protecting their own systems from them. It gives many examples of attacks, but it also teaches you how attacks of various forms occur in general, giving you a true understanding of vulnerabilities current, future, and theoretical.

The book itself is organized into four parts, each discussing a specific aspect of system security in depth.

Contents

Part I begins with Unix permission models, such as passwords, file (user/group/other) modes, capabilities, limits, and other security features built into Linux. Though the authors claim this chapter is 'to get those Windows users up to speed' I found details about things I didn't know about, having been administering Linux systems for several years.

The authors then move onto proactive measures that can be taken to protect your system, under the theory that you shouldn't be reading the entire book before you start securing your systems. This section primes you with security procedures that will be referenced later in the book multiple times, and keeping it all contained seems a very logical organization. Topics include log analysis, system security scanners, hardening tools and patches. The chapter is ended with a step-by-step discussion of what to do should you suffer a break-in. While they strongly suggest a reinstall, and describe all the problems and pitfalls that brings, they acknowledge when business needs may conflict, and how to deal with differing requirements.

Rounding out the first part we move onto a chapter showing how crackers find out information about your machines and network. Naturally it includes the standard port-scanning tools, ping sweepers, and OS detection software, as well as network (in)security scanners such as SAINT, Nessus, and SARA. New administrators will learn a lot from discussions of information leakage through SNMP, DNS, whois, and even newsgroups. I believe this is the only book I have ever read to start a chapter with a piece of email Spam for educational purposes.

Part II talks about how crackers can get into your machine from the outside. We begin with a chapter entitled "Social Engineering, Trojans, and Other Hacker Trickery." This chapter is dedicated to various methods that are not necessarily code-related. The social-engineering angle is broken down into several categories, explaining the human insecurities that are most effective at getting people to give out inappropriate access or information, complete with frighteningly simple examples. The discussion of Trojans reminds us that everything may not be what it seems, such as the trojaned version of tcpd back in 1999, and explains how not to be taken advantage of by using checksums, pgp signatures, and the like. It ends with a discussion of worms. A discussion of the Ramen worm is included (the book was published very soon after this worm was released) as is a prediction that other worms may be on the horizon, which turned out to be all too true.

Next we move onto physical attacks that are used to gain access to systems, or helpful information. You are reminded how lax your office environment is (yes, we all have at least one sticky note with some password, somewhere) perhaps more than necessary. However when discussing console access, the authors return to instantly-implementable countermeasures to keep folks from walking up, rebooting, and dropping into single user mode, including a bit on encrypted filesystems.

Next comes a chapter devoted to attacks launched over the network. True to the overall style of the book, this isn't simply a list of the various POP/IMAP/Sendmail hacks over the years, but rather examples of different classes of attacks, such as wardialing, X servers, buffer overflows, denial of service attacks, sniffers, and automated password guessers. The information provided should help you prevent the known attacks and those that haven't been written yet that operate on similar principles.

The last chapter of Part II discusses attacks based on abuse of the network and network protocols themselves. We learn about abuses of DNS, routing protocols, and advanced sniffing and session hijacking that can be used to funnel your traffic through an attacker's machine without your knowledge, often without any loss in service. Man in the middle attacks against SSH and SSL are also well explained, and critical for anyone to understand before blindly clicking 'ok' to PKI-based warnings. The chapter ends with a discussion of the hazards IP-based trust relationships, and how to properly implement ingress and egress filtering.

All the topics to this point have been geared to keeping the attacker off of your system. In Part III, the authors move on to how an attacker that has already gotten onto your machine in some way will ultimately hack the root account.

We begin with PATH and permissions problems, insecurities with suid/sgid and custom root-run scripts, and common problems with poor sudo configuration (including a script you could use to allow limited editing of /etc/passwd via sudo safely.) It continues with local buffer overflow, format string vulnerabilities, race conditions, and hard/symbolic link problems. A very good chapter for anyone writing code, in addition to security administrators.

Chapter 9 is devoted to password cracking techniques and programs, such as Crack, John the Ripper, and pointers to useful word lists. Shadow passwords, including expiration information, is explained, as well as other systems that use passwords such as Apache .htpasswd files. Lastly, they describe good methods of choosing and enforcing strong passwords via PAM.

Chapter 10 shows you all the evils an attacker can do to your system after having cracked root. This chapter reads like a ringing wake-up call if you think a machine can be properly resecured once it has been compromised. The authors show some simplistic methods a hacker can use to maintain access, such as modifications of .rhosts, read/write nfs exports, and suid root shells, to more advanced methods such as the use of SSH authorized_keys which are suprisingly still not part of most script-kiddies arsenal. It then moves onto several methods of creating a network-accessible root shell (a wacky custom one is written in perl and netcat). The rest of the chapter is devoted to trojaning a system by replacing/recompiling new versions of system programs (netstat/ls/etc) which can be used to hide an attacker's activities. Loadable kernel modules which can do the same, but are potentially undetectable are discussed, complete with code. This chapter could have been titled 'How to build your own rootkit' given the detail they provide.

The last main part of the book discusses firewalls, web, mail, and ftp servers in detail. The server room is still where Linux is most often deployed, and the authors decided to give extensive detail about how to secure these commonly-provided services.

Chapter 11 discusses mail and ftp security, services that are most frequently run by the buggiest of software. However, the authors don't waste their time listing the insecurities that have existed in each product over the years (which would have taken several books) but instead look at current problems in implementations and the protocols themselves. For the mail section, it was refreshing to see that Postfix and Qmail were given equal air time along with Sendmail The authors described attacks that affect Sendmail, Postfix, and Qmail, showing the necessary fix for each mail server. The FTP section began the actual workings of the FTP protocol in both Active and Passive modes to allow you to understand the problems with the protocol itself and how it can be used for FTP bounce attacks, penetrating poorly-designed firewalls, and how data hijacking can occur.

Chapter 12 discusses both webserver configuration issues (Apache being the most prominent) and server-side dynamic content insecurities. The authors show you how to trim overly-permissive configuration options that are enabled by default, protect your HTTP authentication files, tighten proxy settings, decide where symlinks are appropriate, and more. The CGI (mod_perl, etc) section does a good job of showing you common pitfalls you or the programmers you support make every day that can lead to a compromise.

The last chapter of the book discusses how you can enable access controls and firewall rules to keep the bad guys off of your machine. They discuss TCP Wrappers along with inetd, xinetd, and even how to integrate them into your own daemons. They give detailed examples of how you can implement packet filters on your machine. It was nice to see iptables described as prominently as ipchains, especially since the 2.4 kernel was barely out when they released the book.

The last section of the book is the appendices. The first discusses the package management systems of various Linux distributions (RedHat, Debian, Slackware) and how to install/upgrade/verify your packages. The next details how to see what services you are running and how to turn them off, again describing distribution-specific methods where appropriate. The last appendix consists of three actual-hack case studies. If you've read Hacking Exposed then you're familiar with the 1-2 page case study at the beginning of each chapter. Here they included much lengthier case studies, including the code the attackers used. The increased length works much better, and provides a good view into these attacker's methods.

Presentation

This book is very well organized, and includes the right combination of discussion and code. They made frequent use of special 'Caution', 'Note' and 'Tip' graphics to emphasis specific issues, and each attack begins with a 'Risk Rating' that lets you understand which attacks should be secured first as you attempt to implement all the countermeasures they make. No issue was brought up without a specific countermeasure you can implement today.

Many security books out there focus on various tools available to attackers, and read like a shopping cart with occasional text interspersed. This book focuses on the attack methods themselves, rather than the tools. As such it contains information about cracking programs where appropriate, and reads more like an educational journey of hacking methods. When many similar tools are available, only a few are described in depth, and eliminating duplication when possible, leaving you with the right information to decide which tool or tools are best for you.

One of the things that I really appreciated about this book is how the authors will start off topics with home-grown examples before discussing advanced security tools. For example, the authors give you a simple shell script that could function as a crude file integrity checker to provide you a clear method of understanding the concept before going onto detailed configuration examples of tripwire, Aide, and others. While they do not take up much space for these primers, usually half a page or so, they are excellent examples of speaking through code, rather than magician wave-of-the-hand explanations.

Conclusion

Hacking Linux Exposed is a very good read. It does a great job of staying focused and interesting, without skimping on the actual details you need to secure your systems and understand the threats. The countermeasures are real and specific, allowing administrators to use this book as a tool to secure their own systems.

At many times I wished that the book were more Unix-centric than simply Linux centric. Many of the issues are similar, and the countermeasures would simply be broken down into *BSD vs Linux vs Solaris, etc. However that would have made reading the countermeasures a bit more difficult. As it is, many of the issues have similar or identical countermeasures, regardless of OS, so administrators should be able to extend what is said to their Unix OS of choice without too much trouble.

The Linux focus allows the authors to get much more in depth than they were able to in Hacking Exposed, which was disjointed at times, unable to really probe each issue. However the opposite is also true --- since they wanted to focus on Linux-specific attacks, they do not go into general attacks, such as JavaScript, cross site scripting, and other browser-related problems, for example. For these types of attacks you should look elsewhere. I think keeping the focus clean is very much worth it.

Beginning administrators may find some of the lead-up lacking in places. For example someone who is not very knowledgeable about IP may have trouble understanding some of the sophisticated network abuses and malformed packets described. However this is to be expected. This book is not standalone, nor should it be. If the HLE authors included enough information to adequately describe every nuance of IP packets then that'd be a disservice to those who already have a copy of W. Richard Stevens, and would needlessly add weight to a book that is supposed to stay focused on hacking.

The book has a website that includes all the source code in the book, released under the GPL, as well as some tools they wrote which they didn't feel belonged in the book itself. They also have book corrections on the website, as well as sections they had wished to put in the book that were rejected by the editor, such as their stance on the "Hacking vs Cracking" semantics debate, and why "Linux is Securable" (as opposed to Windows.) Needless to say, these folks won't be employed by Microsoft in the near future.

I highly recommend this book. You'll have ready-to-implement measures that can keep you busy for some time securing your systems. You'll learn a lot on the journey. And I look forward to seeing "Hacking Windows 2000 Exposed" later this year --- I can only assume it'll say "Install Linux."


You can purchase this book at FatBrain.

Blaming Encryption | MS FrontPage Restricts Free Speech II (It's True!)  >

 

 
Slashdot Login
Nickname:

Password:

[ Create a new account ]

Related Links
  • book has a website
  • purchase this book
  • More on Linux
  • Also by timothy
  • Book Reviews
    Slashdot readers can write, too -- and our book reviews section is brimming with reader-submitted commentary on books from serious (The Physics of Information Technology) to silly (The Root of All Evil). There are even a couple of kids' books, like The Space Child's Mother Goose. (And don't forget some Tolkein-inspired paintings, in Tolkein's World -- good to read in concert with The Atlas of Middle Earth.)

    Science fiction fans looking for new material can find and ponder both obscurities like Barrington Bayley's The Knights of the Limits and classics like Stanislaw Lem's Solaris.

    Programmers and Sysadmins will want to investigate nuts-and-bolts books like XML in a Nutshell, Programming Linux Games, the Solaris 8 Essential Reference and Hacking Linux Exposed.

    And if your primary interest is the business side of a high-tech endeavor, check out Managing Open Source Projects, Gonzo Marketing: Winning Through Worst Practices, and Web ReDesign: Workflow that Works.

    Want to contribute a review? Be sure to review our guidelines before you start.

    Update: 11/03 12:02 by timothy

    This discussion has been archived. No new comments can be posted.
    Hacking Linux Exposed | Login/Create an Account | Top | 106 comments | Search Discussion
    Threshold:
    The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
    Excellent Book (Score:1)
    by BiggestPOS on Friday September 21, @10:18AM (#2329974)
    (User #139071 Info | http://askadick.com/)
    I bought original Hacking Exposed a while back, and then the second edition came out and I felt shafted... But then I moved in with a new room-mate who had the second edition and all was well again. It will probably be a race to see which of us can get this one first....

    I love the previous books from these guys though, very detailed, and great info. Everyone should pick it up.

    Bad Title (Score:1, Insightful)
    by Anonymous Coward on Friday September 21, @10:35AM (#2330042)
    This gives all the Hackers in the world a bad name. Just because we right code for a living/hobby doesn't mean we are trying to break into your system.
    It should be Crackering Linux Exposed.

    Hacking Linux Exposed should be a book about how to modify the kernel or maybe how to make drivers in the linux kernel.

    ~Anonymous Coward
    Give it up! (was Re:Bad Title) (Score:1)
    by statusbar (jeff at statusbar dot com) on Friday September 21, @10:54AM (#2330136)
    (User #314703 Info | http://www.jdkoftinoff.com/)
    I think it is time to GIVE UP the hacker title. The original meaning is lost forever. Call yourself a 'Computer Programmer' instead and everyone will be happier and will not be confused anymore.

    Everyone knows that Hackers are all terrorists, anyways!

    --jeff
    Computer programmers? Bah! (Score:1)
    by roie_m (roie_m at bigfoot (for-profit company)) on Friday September 21, @11:03AM (#2330183)
    (User #260122 Info)
    Well, I don't know whether the "hacker" title is a lost cause, but the "computer programmer" title is just not a good idea. Hackers are not all computer programmers, nor are all computer programmers hackers!
    Re:Computer programmers? Bah! (Score:3, Funny)
    by SCHecklerX (slshdt@freefall.homeip.net) on Friday September 21, @11:18AM (#2330230)
    (User #229973 Info | http://freefall.homeip.net/)
    I've been a hacker for about a month and a half now.

    Damned allergies. *HACK* *COUGH* *HACK*
    Nomenclature. (Score:1)
    by saintlupus on Friday September 21, @01:55PM (#2331178)
    (User #227599 Info | http://www.roadflares.org/)
    Call yourself a 'Computer Programmer' instead and everyone will be happier and will not be confused anymore.

    Katzian as it sounds, I prefer "geek" as a replacement for the tarnished term "hacker." It conveys the same sense of fixity and focus on a subject to the exclusion of other things.

    --saint
    (who can't program too well.)
    Re:Nomenclature. (Score:1)
    by statusbar (jeff at statusbar dot com) on Friday September 21, @03:14PM (#2331701)
    (User #314703 Info | http://www.jdkoftinoff.com/)
    That works for me!

    --jeff
    Re:Give it up! (was Re:Bad Title) (Score:1)
    by jiheison on Friday September 21, @01:01PM (#2330946)
    (User #468171 Info | http://slashdot.org/?無)
    Unless you are compiling the code by hand, I fail to see the difference.
    Re:Give it up! (was Re:Bad Title) (Score:1)
    by PalmKiller on Friday September 21, @03:03PM (#2331621)
    (User #174161 Info)
    The difference is the ones that really worry about the distinction probably watched way to many hacker movies and feel as if the term matters. Real hackers (not the cracker type, though most hackers do reverse engineer and break security measures to figure out things) have more important things to worry about like food, sleep and hacking on their systems.
    Big prediction (Score:1)
    by almightyjustin (dopefish_justin AT yahoo DOT com) on Friday September 21, @10:38AM (#2330060)
    (User #518967 Info | http://dopefishjustin.tripod.com/)
    as is a prediction that other worms may be on the horizon, which turned out to be all too true.

    Wow, such prescience! I, for one, would never have guessed that! ;)

    Re:Big prediction (Score:2)
    by kilgore_47 (kilgore_47&yahoo,com) on Friday September 21, @01:05PM (#2330966)
    (User #262118 Info | http://www.slashdot.org/~kilgore_47/pubkey/)
    Well I for one am certain that the Nimda worm is the last worm we'll ever see. See, the president of my fine country has declared war on evil. As such, all evil will soon be destroyed. So just sit back, relax, and enjoy the ride.
    Hacking? (Score:3, Insightful)
    by Stormie on Friday September 21, @10:38AM (#2330062)
    (User #708 Info)

    So, who'll be the first to complain that it should have been called "Cracking Linux Exposed" ..?

    Re:Hacking? (Score:1)
    by Dexx (robertdexx@geocities.com) on Friday September 21, @10:42AM (#2330078)
    (User #34621 Info)
    It's been done - check the lower scored posts..
    Re:Hacking? (Score:1)
    by Stormie on Friday September 21, @10:44AM (#2330087)
    (User #708 Info)

    It's been done - check the lower scored posts..

    Indeed. Not only did I learn that it had been done, but also that the Empire State Building had been destroyed by a terrorist with a hugely distended rectum.

    Re:Hacking? (Score:1)
    by ethereal on Friday September 21, @02:43PM (#2331473)
    (User #13958 Info | http://sethf.com/fre...ys/censorwareorg.php)

    Oh no! Only federally-mandated key escrow can protect us from clicking on those diabolical links!

    It has been more-or-less a reign of terror, though - I'm terrified that my boss will accidentally see that guy's bum displayed on my screen and get the wrong idea about me :)

    Re:Hacking? (Score:1)
    by kubrick on Friday September 21, @10:46AM (#2330095)
    (User #27291 Info)
    So, who'll be the first to complain that it should have been called "Cracking Linux Exposed" ..?

    An Anonymous Coward 8 minutes before you. :)
    From the looks of it (Score:2)
    by wiredog (kitcase at home dot com) on Friday September 21, @10:52AM (#2330129)
    (User #43288 Info | Last Journal: Monday October 01, @06:53PM)
    You. ;-)
    Who'll be the first to read the article? (Score:1, Informative)
    by Anonymous Coward on Friday September 21, @11:16AM (#2330220)
    They also have book corrections on the website, as well as sections they had wished to put in the book that were rejected by the editor, such as their stance on the "Hacking vs Cracking" semantics debate, and why "Linux is Securable" (as opposed to Windows.)
    Re:Hacking? (Score:1)
    by asv108 on Friday September 21, @11:23AM (#2330252)
    (User #141455 Info | http://www.phataudio.org/)
    Maybe if they were trying to market this book for the slashdot crowd, but the fact is most mainstream IT people don't know about the whole "hacking vs. cracking debate" and I don't see anything changing soon. Hacking was picked up as a way to describe computer crime in the mid-80's by the media. If the book was titled "Cracking Linux Exposed" it would not sell nearly as well as "Hacking Linux Exposed."
    Re:Hacking? (Score:1)
    by Bri Hatch on Friday September 21, @11:58AM (#2330506)
    (User #523490 Info | http://www.ifokr.org/bri/)
    Who will be the first to complain about the title? That'd be Bri Hatch and James Lee. (George had already fought this battle with HE).

    You can't win against the publisher/editor. We tried. We fought for almost the whole time we were writing. We lost.

    See our take on it at hackers_vs_crackers [hackinglinuxexposed.com] on our website.

    Trust me, we were not pleased either.

    Re:Hacking? (Score:2)
    by moonboy on Friday September 21, @01:47PM (#2331121)
    (User #2512 Info | http://acolyte.org)


    Or...."Hacking GNU/Linux Exposed"? DOH!

    my favorite security book to come out lately (Score:1)
    by dfelznic (dfelznic(at)syr(with_an_educational_suffix)) on Friday September 21, @10:42AM (#2330079)
    (User #8812 Info | http://slashdot.org/)
    My favorite security book to come out lately has been:White-Hat Security Arsenal: Tackling the Threat [amazon.com] by Aviel Rubin
    I sawm mcclure and kurtz at usenix. They were doing a talk about network security. Not a whole lot of new info but they are a good team for presentations. The original Hacking Exposed [amazon.com] was pretty good too...
    Nimda (Score:3, Interesting)
    by kevin@ank.com on Friday September 21, @10:49AM (#2330114)
    (User #87560 Info | http://www.ank.com/~kevin)

    So I checked my web server error logs last night, and counted up how many times my box has been attacked. I have over two thousand individual hits from a single IP address (you'd think that the scanner would give up after one try.) About 170 distinct IP's have tried scanning me.

    Mailing abuse seems to be ignored these days; are all of the ISPs scaling back their security staff at the same time as more virulent attacks are released to the net? If anyone has any other suggestions of what to do with these attacks, I'd love to hear it.

    Lucky You! (Score:3, Funny)
    by MadCow42 (fanmail.REMOVE_CAPS@NOSPAM.mad-cow.tv) on Friday September 21, @11:34AM (#2330299)
    (User #243108 Info | http://www.fuckaway.com/)
    Lucky you... I've had over 17000 hits from 800+ unique IP's using Nimda.

    My Apache error log has gone from an average of 80k/week (mostly robot.txt hits) to 2.6MB in 1.5 days!

    Oh well, it could be worse, I could be running IIS.

    MadCow.
    Re:Nimda (Score:1)
    by belphegore on Friday September 21, @12:45PM (#2330860)
    (User #66832 Info | http://www.hughes-family.org/craig)
    2000 hits from a single IP is probably something like 200 machines, all infected, sitting behind a NAT box or something similar. Possibly a web farm of 200 odd boxen sharing an ip address... Remember that one IP address does not mean one computer.
    Re:Nimda (Score:1)
    by Col. Panic (Col.Panic@/dev/null) on Friday September 21, @01:36PM (#2331052)
    (User #90528 Info)
    If anyone has any other suggestions of what to do with these attacks, I'd love to hear it.

    Sure - post the attacker's ip address on alt.2600.hackerz and let the kiddies play around with it.

    Wait! Don't do that ... (Score:1)
    by Col. Panic (Col.Panic@/dev/null) on Friday September 21, @01:43PM (#2331093)
    (User #90528 Info)
    (appypolylogies for following my own post, but ...)

    *after* I hit "submit" I saw the heading on your message. If these are attacks from Nimba the people on the other end are sure to be clueless about the problem and advertising their IP address will, uh, do no good.

    You might try a phone call the the administrative contact for the host.

    Re:Nimda (Score:2)
    by kevin@ank.com on Friday September 21, @11:14AM (#2330216)
    (User #87560 Info | http://www.ank.com/~kevin)

    Well, that computer is my mail server and web server among other things, so it never gets turned off. On the other hand I don't exactly sit in front of it all day. It doesn't even have a keyboard or mouse attached to it.

    I do grok the need to spend time away from the keyboard though; my latest project is tearing walls out of an extension that was added to my house in the early 70's, and framing in a new wall for a wine cellar. Just pulled off the last of the old dry wall last night...

    Never the less, when I am online, I'd like to do something to get these viruses to stop propagating. I've tried messaging the operators through smbclient: smblookup -A [...] LOGIN smbclient -U security -I -M LOGIN This machine has been infected with a virus! Please get the latest updates for Microsoft IIS, and install some up to date virus checking software. Until then your machine is spreading that virus through the web, so please shut it off. ^D

    Hasn't had any effect so far. I doubt anyone ever looks at the consoles of these woefully unmaintained machines.

    Re:Nimda (Score:2)
    by kevin@ank.com on Friday September 21, @11:19AM (#2330236)
    (User #87560 Info | http://www.ank.com/~kevin)

    ...sorry about the formatting of the previous post. When was <pre> removed from the list of approved HTML tags?

    Well, that computer is my mail server and web server among other things, so it never gets turned off. On the other hand I don't exactly sit in front of it all day. It doesn't even have a keyboard or mouse attached to it.

    I do grok the need to spend time away from the keyboard though; my latest project is tearing walls out of an extension that was added to my house in the early 70's, and framing in a new wall for a wine cellar. Just pulled off the last of the old dry wall last night...

    Never the less, when I am online, I'd like to do something to get these viruses to stop propagating. I've tried messaging the operators through smbclient:

    smblookup -A <ipaddr>
    [...]
    LOGIN <03>
    smbclient -U security -I <ipaddr> -M LOGIN
    This machine has been infected with a virus!
    Please get the latest updates for Microsoft
    IIS, and install some up to date virus checking
    software. Until then your machine is spreading
    that virus through the web, so please shut it
    off.
    ^D

    Hasn't had any effect so far. I doubt anyone ever looks at the consoles of these woefully unmaintained machines.

    Cracking and Hacking (Score:3, Informative)
    by BierGuzzl (carl-@-heavy-bias.-com(remove-hyphens)) on Friday September 21, @10:50AM (#2330118)
    (User #92635 Info | http://www.heavybias.com/)
    I just think that people who have been using linux enough to write that book should be able to tell the difference between cracking and hacking. Then again, perhaps it was the publisher that forced this title? I mean, the word "hacking" has been so popularized, it's without a doubt going to generate more sales.
    Re:Cracking and Hacking (Score:4, Insightful)
    by SCHecklerX (slshdt@freefall.homeip.net) on Friday September 21, @11:14AM (#2330217)
    (User #229973 Info | http://freefall.homeip.net/)
    The accepted meanings and use of words change over time. Hacking is now used both to describe 'hacking on some code' and 'hacking into a computer'


    Deal with it.

    We're loosing this battle (Score:1)
    by Bri Hatch on Friday September 21, @12:02PM (#2330533)
    (User #523490 Info | http://www.ifokr.org/bri/)
    In case you haven't noticed, the media doesn't like making distinctions that may confuse them or their readers. Though we may think the subversion of 'hacker' into 'cracker/attacker/script kiddie/etc' is a genuine loss, they don't understand. And I don't know how to fix it, especially since most publishers aren't willing to make the distinction either.
    GPL? (Score:2, Insightful)
    by baalzebuth (baal[no_spam]zebuth@mad[no_spam]mail.com) on Friday September 21, @10:53AM (#2330134)
    (User #415360 Info)
    "The book has a website that includes all the source code in the book, released under the GPL,"

    Then why do I need a username and password to download the stuff? I think this is not very GPL-like...

    Baal
    Re:GPL? (Score:2)
    by dark_panda on Friday September 21, @11:20AM (#2330242)
    (User #177006 Info)
    i'm not 100% sure on this, but doesn't the GPL basically say that you need to distribute source and such to *your* users, and not necessarily every single computer user out there? if someone didn't buy the book or the accompanying software, then the publishers aren't required to distribute source code to them.

    it might not be GPL-like in spirit, but it's still GPL-like. unless, i'm totally wrong, in which case, i'll just add that IANAL or a GPL expert.

    J
    Re: GPL? (Score:1)
    by Bri Hatch on Friday September 21, @12:04PM (#2330557)
    (User #523490 Info | http://www.ifokr.org/bri/)
    2 words: External Requirements.

    Divining who made said requirements is left as an exercise to the reader.

    Re: GPL? (Score:2)
    by Chagrin on Friday September 21, @12:13PM (#2330630)
    (User #128939 Info | http://slashdot.org/)
    Who made that requirement? The publisher?
    Intelligent Banter (Score:1)
    by huckda (huckda@aol.com) on Friday September 21, @11:42AM (#2330373)
    (User #398277 Info | Last Journal: Friday September 14, @04:00PM)
    Great Review!
    I have read previous versions(In Portugese) and one of the main reasons I bought the book was because it had documentation via examples of issues I was trying to resolve on my own machine.
    So while in Brasil I saw a copy and snagged it...
    Oddly enough, all 'code examples' were in english while the explanations were in Portugese...anyhow, the book is a GREAT resource and your review definately did justice to the time and experience illustrated in the book.

    Kudos!

    Translations (Score:1)
    by Bri Hatch on Friday September 21, @12:24PM (#2330705)
    (User #523490 Info | http://www.ifokr.org/bri/)
    Sorry to hear about the mix of english/portugese. The original authors don't do the translations. If we did then we'd need to rely on Babelfish anyway, and who knows how nasty it'd end up. Hmmn, let's try a random line from chapter 10:

    English:
    Most script kiddies will not have the attention span or coding skills to successfully trojan all the programs that are necessary to hide themselves.

    Portugese via Babelfish:
    A maioria de kiddies do certificado não terão as habilidades da extensão ou do coding da atenção com sucesso a Trojan todos os programas que são necessários para se esconder.

    Back to English:
    The majority of kiddies of the certificate nao terao the abilities of extensao or coding of atencao successfully the Trojan all the necessarios programs that sao to hide itself.

    Yeah, that's bad.

    So uncalled for :) (Score:1)
    by Dog and Pony on Friday September 21, @12:19PM (#2330672)
    (User #521538 Info | http://slashdot.org/)

    And I look forward to seeing "Hacking Windows 2000 Exposed" later this year --- I can only assume it'll say "Install Linux."

    But of course, an easy way to score cheap points around here. :)

    Seems like a Really sweet book though, it goes straight up to top three on my wish list!

    Hacking is used correctly in this title (Score:1)
    by iplayfast (BangZoomToTheMoon@Alice) on Friday September 21, @01:37PM (#2331056)
    (User #166447 Info)
    A Hacker is someone who likes to dive into the guts of either hardware or software. This book does that, (and also looks at Cracker stuff as well).

    I for one am glad to see the word used correctly.

    ThinkGeek doesn't have it! (Score:2)
    by kilgore_47 (kilgore_47&yahoo,com) on Friday September 21, @01:48PM (#2331131)
    (User #262118 Info | http://www.slashdot.org/~kilgore_47/pubkey/)
    While reading a review for a hacking book on this VA-Linux-owned site, I saw a banner ad for hacking books at another VA-Linux-owned site (thinkgeek).

    While one might think ThinkGeek would be selling the book, they are not.
    Oh well, over to amazon I guess....
    Fatbrain does (Score:2)
    by macdaddy on Friday September 21, @02:17PM (#2331286)
    (User #38372 Info | http://slashdot.org/ | Last Journal: Saturday August 18, @12:31AM)
    and if you're an IEEE member you get an additional 5% discount. :) I have edition 1 already. I ordered Hacking Linux Exposed and Hacking Exposed: Network Security Secrets & Solutions edition 2 earlier this week. Excellent books.
    Password-protected source downloads? (Score:1)
    by JoshuaDFranklin (fra31503@nospam.obu.edu) on Friday September 21, @02:17PM (#2331285)
    (User #147726 Info)
    Anyone else thing the
    From
    password-protected source downloads
    [hackinglinuxexposed.com] is a bit silly?

    Accessing the pages below requires a username/password.

    Username: The name of the network scanning software shown on page 123.
    Password: The kernel module listed on the first line of page 353. (begins with the lower case letter 'i')

    Sheesh, I just wanted to see what their spam.txt was.
    Maximum Linux Secuity by Anonymous (Score:1)
    by fetta on Friday September 21, @02:39PM (#2331436)
    (User #141344 Info)
    Another good book in the same vein is "Maximum Linux Security" by Anonymous (ISBN: 0672316706 ). Lots of good, concrete desciptions of potential security holes, guides to using a variety of tools, etc.
    Fatbrain? (Score:2)
    by mjg on Friday September 21, @03:02PM (#2331615)
    (User #21046 Info)

    Take a look at Bookpool [www.bookpool.com], this book is going for $24.95 there, rather than the $31.95 from Fatbrain.

    I am not associated with Bookpool. I like to save money. So do others. Bookpool is cheaper. Their service is also excellent.

    Linux not vulnerable -- you're joking! (Score:1)
    by dhammabum (pcrooker@-- NOSPAM for OZ ;)--yahoo.com.au) on Saturday September 22, @02:36AM (#2333682)
    (User #190105 Info)
    GNU/Linux systems may be more resistant, but are not immune to cracking

    There is a steady flow of exploits from almost all platforms. It is quite misleading to treat non-Windows systems as monolithic -- or Windows even for that matter, they are composed of many subsystems which from time to time contain exploits.

    Linux, FreeBSD, HPUX, IRIX and the rest have heaps of explits out in the wild. Sure patches are developed, but there are quite a few lame users that just install *nix off the CD, just like they do with Windows.

    Please, please, please be more objective!

    Re:Cracking Linux Exposed (Score:1)
    by ackthpt (WildBillCatt@DeathTöngue.com) on Friday September 21, @10:48AM (#2330106)
    (User #218170 Info | http://www.dragonswest.com/)
    Here I was, reading the title of the article and thinking "Hacking Linux while nekkid...hmm" Not that a book on such would be a bad idea (Chap. 1: How to Keep Your Body Bits From Accidently Hitting Keys)
    Re:FUD (Score:1)
    by linuxelf (sgilbert@redcloud.org) on Friday September 21, @03:07PM (#2331647)
    (User #123067 Info | http://www.redcloud.org)
    Or perhaps they won't write it because, hey, who can't hack Windows 2000??
    It already exists. (Score:1)
    by zurmikopa on Saturday September 22, @05:20PM (#2335489)
    (User #460568 Info)
    It already exists. At least amazon says it does.

    http://www.amazon.com/exec/obidos/ASIN/0072192623/ qid=1001196177/sr=1-1/ref=sr_1_3_1/002-2092565-984 9639
      ... the HIGHWAY is made out of LIME JELLO and my HONDA is a barbequeued OYSTER! Yum!
    All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2002 OSDN.
    [ home | awards | contribute story | older articles | OSDN | advertise | self serve ad system | about | terms of service | privacy | faq ]