Practical Unix & Internet Security, 3/e (Paperback)

Simson Garfinkel, Gene Spafford, Alan Schwartz

  • 出版商: O'Reilly
  • 出版日期: 2003-04-01
  • 定價: $1,800
  • 售價: 9.5$1,710
  • 貴賓價: 9.0$1,620
  • 語言: 英文
  • 頁數: 988
  • 裝訂: Paperback
  • ISBN: 0596003234
  • ISBN-13: 9780596003234
  • 相關分類: 資訊安全
  • 立即出貨(限量)



When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world.

Focusing on the four most popular Unix variants today--Solaris, Mac OS X, Linux, and FreeBSD--this book contains new information on PAM (Pluggable Authentication Modules), LDAP, SMB/Samba, anti-theft technologies, embedded systems, wireless and laptop issues, forensics, intrusion detection, chroot jails, telephone scanners and firewalls, virtual and cryptographic filesystems, WebNFS, kernel security levels, outsourcing, legal issues, new Internet protocols and cryptographic algorithms, and much more.

Practical Unix & Internet Security consists of six parts:

  • Computer security basics: introduction to security problems and solutions, Unix history and lineage, and the importance of security policies as a basic element of system security.

  • Security building blocks: fundamentals of Unix passwords, users, groups, the Unix filesystem, cryptography, physical security, and personnel security.

  • Network security: a detailed look at modem and dialup security, TCP/IP, securing individual network services, Sun's RPC, various host and network authentication systems (e.g., NIS, NIS+, and Kerberos), NFS and other filesystems, and the importance of secure programming.

  • Secure operations: keeping up to date in today's changing security world, backups, defending against attacks, performing integrity management, and auditing.

  • Handling security incidents: discovering a break-in, dealing with programmed threats and denial of service attacks, and legal aspects of computer security.

  • Appendixes: a comprehensive security checklist and a detailed bibliography of paper and electronic references for further reading and research.

Packed with 1000 pages of helpful text, scripts, checklists, tips, and warnings, this third edition remains the definitive reference for Unix administrators and anyone who cares about protecting their systems and data from today's threats.

Table of Contents


Part I. Computer Security Basics

1. Introduction: Some Fundamental Questions

2. Unix History and Lineage

3. Policies and Guidelines

Part II. Security Building Blocks

4. Users, Passwords, and Authentication

5. Users, Groups, and the Superuser

6. Filesystems and Security

7. Cryptography Basics

8. Physical Security for Servers

9. Personnel Security

Part III. Network and Internet Security

10. Modems and Dialup Security

11. TCP/IP Networks

12. Securing TCP and UDP Services

13. Sun RPC

14. Network-Based Authentication Systems

15. Network Filesystems

16. Secure Programming Techniques

Part IV. Secure Operations

17. Keeping Up to Date

18. Backups

19. Defending Accounts

20. Integrity Management

21. Auditing, Logging, and Forensics

Part V. Handling Security Incidents

22. Discovering a Break-in

23. Protecting Against Programmed Threats

24. Denial of Service Attacks and Solutions

25. Computer Crime

26. Who Do You Trust?

Part VI. Appendixes

A. Unix Security Checklist

B. Unix Processes

C. Paper Sources

D. Electronic Resources

E. Organizations



《實用Unix安全》首次出版已經超過十年,立即成為經典之作。這本書充滿了有關主機安全的資訊,為許多Unix系統管理員避免了災難。第二版增加了互聯網安全的內容,並將原始版本的大小加倍。第三版是這本非常受歡迎的書的全面更新,是Unix/Linux系統管理員的伴侶,他們需要在日益惡劣的世界中保護組織的系統、網絡和網站。本書專注於當今最受歡迎的四種Unix變體:Solaris、Mac OS X、Linux和FreeBSD,其中包含有關PAM(可插拔身份驗證模塊)、LDAP、SMB/Samba、防盜技術、嵌入式系統、無線和筆記本電腦問題、取證、入侵檢測、chroot監獄、電話掃描器和防火牆、虛擬和加密文件系統、WebNFS、內核安全級別、外包、法律問題、新的互聯網協議和加密算法等新信息。

1. 電腦安全基礎:介紹安全問題和解決方案、Unix的歷史和血統,以及安全政策作為系統安全的基本要素的重要性。
2. 安全基礎:Unix密碼、用戶、組、Unix文件系統、加密、物理安全和人員安全的基礎知識。
3. 網絡安全:詳細介紹數據機和撥號安全、TCP/IP、保護個別網絡服務、Sun的RPC、各種主機和網絡身份驗證系統(例如NIS、NIS+和Kerberos)、NFS和其他文件系統,以及安全編程的重要性。
4. 安全操作:在當今不斷變化的安全世界中保持最新、備份、防禦攻擊、執行完整性管理和審計。
5. 處理安全事件:發現入侵、處理程序威脅和阻斷服務攻擊,以及計算機安全的法律方面。
6. 附錄:全面的安全檢查表和詳細的參考書目,供進一步閱讀和研究使用。


1. 簡介:一些基本問題
2. Unix的歷史和血統
3. 政策和指南

4. 用戶、密碼和身份驗證
5. 用戶、組和超級用戶
6. 文件系統和安全
7. 加密基礎
8. 伺服器的物理安全
9. 人員安全

10. 數據機和撥號安全
11. TCP/IP網絡
12. 保護TCP和UDP服務
13. Sun RPC
14. 基於網絡的身份驗證系統
15. 網絡文件系統
16. 安全編程技術

17. 保持最新
18. 備份
19. 保護帳戶
20. 完整性管理
21. 審計、日誌和取證

22. 發現入侵
23. 防禦程序威脅
24. 阻斷服務攻擊和解決方案
25. 電腦犯罪
26. 信任誰?

A. Unix安全檢查表
B. Unix進程
C. 紙質資料來源
D. 電子資料來源