Linux Exposed: Linux Security Secrets & Solutions
by Bri Hatch, James Lee, and George Kurtz
Osborne McGraw-Hill 2001
Review by Joe "Zonker" Brockmeier
I have one big gripe with this book: the misuse of the term "hacker."
For people who should know better to use the term "hacker" when describing
those who attack systems is very disappointing. The proper term is "cracker,"
which may seem like nitpicking, but to many people, it's like calling
an arsonist a "fireman." I've learned to tolerate this mistake and not
grit my teeth when it is made by marketing folks or reporters who don't
usually cover computer stories--but from security experts, I expect better.
However, overall, I like this book. It's a great beginner's book to Linux
security, and doesn't assume that you have a mastery of the system. The
book does have some flaws that keep it from being a great book, which
I imagine are due to the fast pace of technical publishing and the fact
that it's a product of a team of authors instead one or two authors. Other
than the hacker faux pas, I also noticed a number of small errors throughout
the book. For instance, in the discussion of package managers for Linux,
they refer to "TuxTops" as a distribution. This isn't critical, but it
is sloppy. (For those who aren't familiar, TuxTops was a company that
manufactured Linux laptops, and also made a go at customizing distros
for laptops. They don't, however, make a distinct Linux distro.)
On the plus side, I'm glad to see a book that discusses Linux security
without glossing over the basics or assuming that everyone in the world
knows what a buffer overflow is. Sure, if you've been using Linux for
a while, you already know how to turn off services and install packages,
and if you follow security, you've heard of buffer overflows. However,
the Linux community is growing at a rapid pace with newbies who want to
learn. This book will be of great help to them, despite its small flaws.
The chapter on turning off unneeded services is very useful for beginners,
and if I had my way, it would be included with every Linux distribution
on bright orange paper with "Read This First" stamped at the top. I do
wish the authors would have covered Slackware and Debian in this section
as well, but the basic concepts are the same.
The book covers tightening security on FTP and Mail, Web services, password
cracking and elevating privileges, social engineering, and much more.
Chapter 2 is dedicated to proactive maintenance and recovering from an
attack. For newbies, this chapter is essential, as it describes how to
tell you've been cracked and how to clean up. In many cases, new Linux
users may not even realize they've been rooted unless the cracker does
something obvious like deleting the filetree or defacing a Web site.
Chapter 4, "Social Engineering, Trojans, and Other Hacker Trickery,"
has some very good advice and examples of social engineering that have
allowed crackers access to systems without any special computer knowledge.
This is an often overlooked area of security that is just as important
as using secure services or updating programs. A major part of good security
is being able to think like a cracker, and this book does a great job
of describing the cracker mindset.
Admittedly, at times the book reads like a cookbook for crackers, but
that's as good a way as any to get into the mindset of a cracker. The
book provides a good overall understanding of Linux security and ways
to abuse it. Users who want a step-by-step approach to security will be
I liked the chapter on "Access Control and Firewalls," and was glad to
see that the authors covered
iptables as well as
ipchains, because many
new Linux users in the coming months may never use a 2.2.x-based kernel.
The chapter isn't comprehensive; you could write an entire book on using
iptables if you wanted to cover every possible permutation, but the
chapter is a good introduction.
A lot of folks think that if they have secure passwords and lock-down
services, they should be fine. However, Hacking Linux Exposed details
the physical attacks that someone can mount against a system, and how
to defend against them. Admins who are defining security policies for
their companies would do well to take the examples in this chapter into
account. If a system isn't under lock and key, physical security is just
as important as any other kind.
Appendix D covers case studies, which help to drive home exactly how
all of this information comes together. They're also interesting to read
in their own right, and add a human element to a subject that is usually
very dry and too technical for the non-hardcore computer user.
Overall, this is a good book. It has a few flaws, but it also makes security
a more accessible topic for beginners and non-gurus, and that's very welcome.
Hardcore Linux users are probably already familiar with most of the topics
covered in this book, but may enjoy it anyway. Linux home users and folks
who are new to administering Linux systems should definitely add Hacking
Linux Exposed to their collection. It is written in a style that's
very easy to follow, and it's light on the jargon.