Recent SCO/Linux News

From: Kathryn Barrett <kathrynb@oreilly.com>
Subject: "Practical Unix & Internet Security, 3rd Edition" Released by O'Reilly
Date: Mon, 23 Jun 2003 21:02:13 GMT

New Update of Classic Security Reference
O'Reilly Releases "Practical Unix & Internet Security, Third Edition"

Sebastopol, CA--When "Practical Unix Security" was first published more
than a decade ago, it became an instant classic, saving many a Unix
system administrator from disaster. The second edition added
much-needed internet security coverage and doubled the size of the
original volume. "Practical Unix & Internet Security, Third Edition" by
Simson Garfinkel, Gene Spafford, and Alan Schwartz (O'Reilly,
US $54.95) is a comprehensive update of this very popular book--a
companion for the Unix/Linux system administrator who needs to secure
his or her organization's system, networks, and web presence in an
increasingly hostile world.

"This book is a combination of reference material, tutorial, and
strategy," explains coauthor Gene Spafford. "It will be useful for
years because it teaches the fundamentals of security. It is meant to
be a keeper. You'll find other security books written by people who use
a 'handle' and whose only claim to fame is that they know how to run
hacker tools. 'Practical Unix & Internet Security' was written by
security professionals and educators--with more than 40 years'
experience among us--to provide fundamental knowledge on this subject."

Focusing on the four most popular Unix variants today--Solaris, Mac OS
X, Linux, and FreeBSD--this book contains new information on PAM
(Pluggable Authentication Modules), LDAP, SMB/Samba, anti-theft
technologies, embedded systems, wireless and laptop issues, forensics,
intrusion detection, chroot jails, telephone scanners and firewalls,
virtual and cryptographic filesystems, WebNFS, kernel security levels,
outsourcing, legal issues, new internet protocols and cryptographic
algorithms, and much more.

"Practical Unix & Internet Security" consists of six parts:

-Computer security basics: introduction to security problems and
solutions, Unix history and lineage, and the importance of security
policies as a basic element of system security.

-Security building blocks: fundamentals of Unix passwords, users,
groups, the Unix filesystem, cryptography, physical security, and
personnel security.

-Network security: a detailed look at modem and dialup security,
TCP/IP, securing individual network services, Sun's RPC, various host
and network authentication systems (e.g., NIS, NIS+, and Kerberos), NFS
and other filesystems, and the importance of secure programming.

-Secure operations: keeping up to date in today's changing security
world, backups, defending against attacks, performing integrity
management, and auditing.

-Handling security incidents: discovering a break-in, dealing with
programmed threats and denial of service attacks, and legal aspects of
computer security.

-Appendixes: a comprehensive security checklist and a detailed
bibliography of paper and electronic references for further reading and
research.

With nearly 1000 pages of helpful text, scripts, checklists, tips, and
warnings, "Practical Unix & Internet Security, Third Edition" remains
the definitive reference for Unix administrators and all others who
care about protecting their systems and data from today's threats.

Praise for the previous editions:
"If you know nothing about Linux security, and only have time for one
book you should start with 'Practical Unix & Internet Security.' It's a
fat book, but it's accessible, and it gives you a solid grounding in
the basics."--Charlie Stross, Linux Format, May 2002

"If you're a novice at computer security and want to learn, get this
book and set aside time to read some of it every day. The bookmark will
move slowly, but keep moving it. If you're already an expert, get this
book and keep it at hand as a reference--and read a chapter a month,
just to remind yourself of things you've forgotten."
--Jennifer Vesperman, linuxchix.org

"...replete with practical examples, including typescripts of console
command sessions, clear and easily understood diagrams...This classic,
indispensable volume is the right book to trust."
--Christopher Brown-Syed, "Library and Archival Security, Vol. 17,
Number 1," 2001

"Securing Unix systems and networks against crackers and other assorted
bad guys is a top priority for most organizations (or at least it
should be). In order to properly protect your systems, you need to have
the right information at your disposal: without this information you
can easily miss holes in your security implementation. The authors of
'Practical Unix & Internet Security,' Simson Garfinkel and Gene
Spafford, write in a very down-to-earth, simple fashion that never
leaves the reader wondering. Instead, the book is written for both
those new to the field and the professionals that need a good reference
manual lying on their shelves. 'Practical Unix & Internet Security' is
a very popular book, and has reached almost cult status in many
circles. The reason behind this is simple: there is a lot of
information, the information is easily readable, and topics are grouped
logically. What else can a reader ask for?"
--Dustin Puryear, 32bitsonline, December 2000

"To call this highly readable book comprehensive is an understatement.
The breadth is vast, from fundamentals (definitions of computer
security; the history of Unix) and commonsense but little-observed
security basics (making backups; physical and personnel security; buggy
software) to modern software (NFS, WWW, firewalls) and the handling of
security incidents. The section on users alone is 21 pages long--and
worth every pageThe Internet covers too much and moves too quickly for
any book to cover every security aspect of every piece of software, but
this book comes close. More importantly, it gives you a grounding in
the fundamental issues of security and teaches the right questions to
ask--something that will stay with you long after today's software is
obsolete."--amazon.com

"[A] keeper...the second edition of Garfinkel and Spafford's 1991
security book...has grown immensely, from barely over 500 pages to
nearly a thousand, but most of it is both worthwhile and
important....Security is a really important topic. Your users don't
understand it. Educators don't; nor does the medical profession. This
is a fine book on a difficult topic."
--Peter H. Salus, ;login:, August 1996

"Buy this book and save on aspirin."
--Cliff Stoll, author of "The Cuckoo's Egg and Silicon Snake Oil"

"This is exactly the type of practical, easy to follow book that system
administrators need to stay one step ahead of the system crackers--if
you have time to read only one security book, this should be
it."--Kevin J. Ziese, Captain, United States Air Force; Chief,
Countermeasures Development, AF Information Warfare Center


Additional Resources:

Chapter 11, "TCP/IP Networks," is available free online at:
http://www.oreilly.com/catalog/puis3/chapter/index.html

For more information about the book, including Table of Contents,
index, author bios, and samples, see:
http://www.oreilly.com/catalog/puis3/

For a cover graphic in JPEG format, go to:
ftp://ftp.ora.com/pub/graphics/book_covers/hi-res/0596003234.jpg

Practical Unix & Internet Security, Third Edition
Simson Garfinkel, Gene Spafford, and Alan Schwartz
ISBN 0-596-00323-4, 954 pages, $54.95 (US), $85.95 (CAN), 38.95 (UK)
order@oreilly.com
1-800-998-9938
1-707-827-7000
http://www.oreilly.com

About O'Reilly
O'Reilly & Associates is the premier information source for
leading-edge computer technologies. The company's books, conferences,
and web sites bring to light the knowledge of technology innovators.
O'Reilly books, known for the animals on their covers, occupy a
treasured place on the shelves of the developers building the next
generation of software. O'Reilly conferences and summits bring alpha
geeks and forward-thinking business leaders together to shape the
revolutionary ideas that spark new industries. From the Internet to
XML, open source, .NET, Java, and web services, O'Reilly puts
technologies on the map. For more information: http://www.oreilly.com

# # #

O'Reilly is a registered trademark of O'Reilly & Associates, Inc. All
other trademarks are property of their respective owners.

Index

Take Control of Sharing Files in Snow Leopard

Take Control of Exploring & Customizing Snow Leopard

Jump to Comments

Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.

Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.

We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.