Product: 0130158070

Actually all tools described are not Linux specific and can be used for any Unix including FreeBSD and Solaris.
The authors seems to know the subject and really used tools that they are writing about. For several popular tools the book provides some useful info that is difficult to find elsewhere. Pretty decent typography, although it’s a little bit too academic and does not use icons on margins that IMHO simplify reading.
As for the classic open security tools, the book covers PAM(36 pages), Sudo(20 pages), TCP Wrappers(24 pages), SSH(55 pages), Tripwire(24 pages), CFS and TCFS (30 pages), and ipchains.
From the first reading it looks like the chapters are not a rehash of existing online documentation. In addition to the chapters about classic open source security tools I like chapters about logs: a chapter on syslog (Ch. 8) and a chapter on log file management (Ch. 17).
Now about weaknesses. The chapter on Tiger is rather weak. Moreover regrettably Tiger is a legacy tool, but actually information is not completely useless – it’s not difficult to switch to another tool after one understands how Tiger works. Actually Perl is superior for writing Unix vulnerability scanners in comparison with shell. May be hardening scripts like Bastille would be a better choice for this chapter in the second edition of the book.
Book is incomplete in a sense that neither Snort (or any similar intrusion detection tool), nor open source network scanners (Saint, Sara, etc.) are covered.
Of course there are some typos, but generally not that many. But what is really bad is that the Prentice Hall book page currently is pretty basic with no errata or additional links. The authors do not provide a WEB site for the book.
This book can probably be used for studying Unix security at universities along with somewhat outdated Practical Unix and Internet Security and this combination can somewhat compensate deficiencies of the latter (non tool oriented descriptive approach).
Rating: 5
0130158070
Count: 5