Product: 1590594444

Hardening Linux by James Turnbull, stands out in my mind as a vitally important text that clearly lays out how to make your Linux boxes as secure as possible. Mr. Turnbull has done a remarkable job in delineating the potential vulnerabilities, and how to mitigate them. Each chapter covers a particular focus area in depth, with carefully worded and easy-to-follow examples. In the cases where you need to install some other piece of software to provide the extra security, he gives you the step-by-step details, leaving nothing for misinterpretation. This is one of those books that, as you finish each chapter, you’ll want to apply your new-found knowledge to the machines at your disposal.

As each subsequent chapter unfolds, James explains very carefully how to tighten remote administration, files and file systems, mail, ftp, and DNS/BIND. Additional information is given on how to log important information securely, and efficiently monitor the data collected. In addition, tools for testing the security of your hosts is described very clearly, from the inside-out and the outside-in, along with explanations of how to detect penetrations and recover from them.

Writing about securing a computer system can be written on a few different levels, from the general suggestions which apply to just about any program, to the specific which apply to just one. Mr. Turnbull has chosen to pick commonly used programs and provide step-by-step procedures for locking them down. For example, if you are hardening a mail server, you will find descriptions of Sendmail and Postfix, but not of Qmail or Courier. While this might limit the appeal of the book to just those using the more common programs, it allows a depth that would be otherwise unavailable.

The only quibble I have is that his book does not go far enough. While the chosen types of applications are covered in great depth, some applications are missing. There is no coverage for a web server, such as Apache, or a database server, such as MySQL. I can only hope that a future edition of the book includes chapters on these and other categories of programs.

I definitely recommend Hardening Linux by James Turnbull to anyone who installs and maintains Linux servers. The information packed in this book is easy to follow, and will help you configure your systems very securely. The additional insights into why the configurations are important is extremely valuable in its own right. This book belongs on any Linux sysadmin’s bookshelf.
Rating: 4
1590594444
Count: 8