Practical Unix & Internet Security, 3/e (Paperback)

Simson Garfinkel, Gene Spafford, Alan Schwartz

  • 出版商: O'Reilly
  • 出版日期: 2003-03-18
  • 定價: $1,800
  • 售價: 6.0$1,080
  • 語言: 英文
  • 頁數: 988
  • 裝訂: Paperback
  • ISBN: 0596003234
  • ISBN-13: 9780596003234
  • 相關分類: 資訊安全
  • 立即出貨(限量)



When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world.

Focusing on the four most popular Unix variants today--Solaris, Mac OS X, Linux, and FreeBSD--this book contains new information on PAM (Pluggable Authentication Modules), LDAP, SMB/Samba, anti-theft technologies, embedded systems, wireless and laptop issues, forensics, intrusion detection, chroot jails, telephone scanners and firewalls, virtual and cryptographic filesystems, WebNFS, kernel security levels, outsourcing, legal issues, new Internet protocols and cryptographic algorithms, and much more.

Practical Unix & Internet Security consists of six parts:

  • Computer security basics: introduction to security problems and solutions, Unix history and lineage, and the importance of security policies as a basic element of system security.

  • Security building blocks: fundamentals of Unix passwords, users, groups, the Unix filesystem, cryptography, physical security, and personnel security.

  • Network security: a detailed look at modem and dialup security, TCP/IP, securing individual network services, Sun's RPC, various host and network authentication systems (e.g., NIS, NIS+, and Kerberos), NFS and other filesystems, and the importance of secure programming.

  • Secure operations: keeping up to date in today's changing security world, backups, defending against attacks, performing integrity management, and auditing.

  • Handling security incidents: discovering a break-in, dealing with programmed threats and denial of service attacks, and legal aspects of computer security.

  • Appendixes: a comprehensive security checklist and a detailed bibliography of paper and electronic references for further reading and research.

Packed with 1000 pages of helpful text, scripts, checklists, tips, and warnings, this third edition remains the definitive reference for Unix administrators and anyone who cares about protecting their systems and data from today's threats.

Table of Contents


Part I. Computer Security Basics

1. Introduction: Some Fundamental Questions

2. Unix History and Lineage

3. Policies and Guidelines

Part II. Security Building Blocks

4. Users, Passwords, and Authentication

5. Users, Groups, and the Superuser

6. Filesystems and Security

7. Cryptography Basics

8. Physical Security for Servers

9. Personnel Security

Part III. Network and Internet Security

10. Modems and Dialup Security

11. TCP/IP Networks

12. Securing TCP and UDP Services

13. Sun RPC

14. Network-Based Authentication Systems

15. Network Filesystems

16. Secure Programming Techniques

Part IV. Secure Operations

17. Keeping Up to Date

18. Backups

19. Defending Accounts

20. Integrity Management

21. Auditing, Logging, and Forensics

Part V. Handling Security Incidents

22. Discovering a Break-in

23. Protecting Against Programmed Threats

24. Denial of Service Attacks and Solutions

25. Computer Crime

26. Who Do You Trust?

Part VI. Appendixes

A. Unix Security Checklist

B. Unix Processes

C. Paper Sources

D. Electronic Resources

E. Organizations