Using Red Hat Linux as the demonstration environment, the authors explain how to use a suite of publicly available tools to analyze, protect, and monitor your machines and networks. They approach the subject from a practical standpoint, emphasizing software and its use while referring the reader (using copious bibliographic notes) to more specialized works for detailed information on cryptography, firewall configuration, and other subjects.
Scott Mann and Ellen Mitchell have done excellent work in combining explanations of the "soft" aspects of security management with the particulars of using software. In a typical section, they explain how to acquire, install, and run Crack, a password breaker. First they show how a bad guy would use Crack to get unauthorized access to a machine over a network; then they explore the "white hat" applications of the program as a security tool for preemptively weeding out weak passwords. More detailed coverage goes to tiger and Tripwire, a pair of powerful auditing and monitoring tools. Along with Maximum Linux Security (which covers more offensive and defensive weapons in less detail), this is one of the two best Linux security books you can own. --David Wall
Topics covered: Linux security practices and tools, as demonstrated under Red Hat Linux 5.2 and 6. Software and commands include Pluggable Authentication Modules (PAM), OPIE, syslog, sudo, xinetd, Secure Shell (SSH), Crack, tiger, Tripwire, The Cryptographic File System (TCFS), and ipchains. The authors discuss administrative policies and procedures along the way.