Unix Security Books

UNIX and Linux Forensic Analysis DVD Toolkit

Chris Pogue, Cory Altheide, Todd Haverkos

Amazon Price: $41.96 List Price: $59.95 Usually ships in 24 hours By: Syngress Amazon Marketplace: 38 new & used starting at $41.95

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Computer Science -> Software Engineering -> Information Systems
Subjects -> Computers & Internet -> Networking -> Network Security

Customer Reviews:
Total reviews: 2 Average rating: 5.0 of 5

Editorial Review:

This book addresses topics in the area of forensic analysis of systems running on variants of the UNIX operating system, which is the choice of hackers for their attack platforms. According to a 2007 IDC report, UNIX servers account for the second-largest segment of spending (behind Windows) in the worldwide server market with $4.2 billion in 2Q07, representing 31.7% of corporate server spending. UNIX systems have not been analyzed to any significant depth largely due to a lack of understanding on the part of the investigator, an understanding and knowledge base that has been achieved by the attacker. The companion DVD provides a simulated or "live" UNIX environment where readers can test the skills they've learned in the book and use custom tools developed by the authors.

The book begins with a chapter to describe why and how the book was written, and for whom, and then immediately begins addressing the issues of live response (volatile) data collection and analysis. The book continues by addressing issues of collecting and analyzing the contents of physical memory (i.e., RAM). The following chapters address /proc analysis, revealing the wealth of significant evidence, and analysis of files created by or on UNIX systems. Then the book addresses the underground world of UNIX hacking and reveals methods and techniques used by hackers, malware coders, and anti-forensic developers. The book then illustrates to the investigator how to analyze these files and extract the information they need to perform a comprehensive forensic analysis. The final chapter includes a detailed discussion of Loadable Kernel Modules and Malware. The companion DVD provides a simulated or "live" UNIX environment where readers can test the skills they've learned in the book and use custom tools developed by the authors.

Throughout the book the author provides a wealth of unique information, providing tools, techniques and information that won't be found anywhere else. Not only are the tools provided, but the author also provides sample files so that after completing a detailed walk-through, the reader can immediately practice the new-found skills.

* The companion DVD for the book contains significant, unique materials (movies, spreadsheet, code, etc.) not available any place else.
* This book contains information about UNIX forensic analysis that is not available anywhere else. Much of the information is a result of the author?s own unique research and work.
* The authors have the combined experience of Law Enforcement, Military, and Corporate forensics. This unique perspective makes this book attractive to ALL forensic investigators.

Practical Unix & Internet Security, 3rd Edition

Simson Garfinkel, Gene Spafford, Alan Schwartz

Amazon Price: $34.62 List Price: $54.95 Usually ships in 24 hours By: O'Reilly Media, Inc. Amazon Marketplace: 51 new & used starting at $3.80

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Certification Central -> Exams -> Security+

Customer Reviews:
Total reviews: 35 Average rating: 4.5 of 5

Editorial Review:

The world's most business-critical transactions run on Unix machines, which means the machines running those transactions attract evildoers. Furthermore, a lot of those machines have Internet connections, which means it's always possible that some nefarious remote user will find a way in. The third edition of Practical Unix & Internet Security contains--to an even greater extent than its favorably reputed ancestors--an enormous amount of accumulated wisdom about how to protect Internet-connected Unix machines from intrusion and other forms of attack. This book is fat with practical advice on specific defensive measures (to defeat known attacks) and generally wise policies (to head off as-yet-undiscovered ones).

The authors' approach to Unix security is holistic and clever; they devote as much space to security philosophy as to advice about closing TCP ports and disabling unnecessary services. They also recognize that lots of Unix machines are development platforms, and make many recommendations to consider as you design software. It's rare that you read a page in this carefully compiled book that does not impart some obscure nugget of knowledge, or remind you to implement some important policy. Plus, the authors have a style that reminds their readers that computing is supposed to be about intellectual exercise and fun, an attitude that's absent from too much of the information technology industry lately. Read this book if you use any flavor of Unix in any mission-critical situation. --David Wall

Topics covered: Security risks (and ways to limit them) under Linux, Solaris, Mac OS X, and FreeBSD. Coverage ranges from responsible system administration (including selection of usernames and logins) to intrusion detection, break-in forensics, and log analysis.

HackNotes(tm) Linux and Unix Security Portable Reference

Nitesh Dhanjani

Amazon Price: $29.99 List Price: $29.99 Usually ships in 24 hours By: McGraw-Hill Osborne Media Amazon Marketplace: 32 new & used starting at $8.50

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Home Computing -> Internet -> Web for Kids
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Privacy

Customer Reviews:
Total reviews: 6 Average rating: 4.5 of 5

Short and right to the point 5 out of 5 stars.
3 of 3 people found this review helpful.

There are quite a few secucity related books out there nowdays. But most of them is just way too thick for me, to make matters worse those books are often filled with repeated or unwanted information. However, this book is different; it cuts right to the point and present me just the right amount of information that I wanted to know. At the same time, it is thin enough so I can carry it around with me.

As a unix sysadmin I think this is one of those books that should go right next to the "Unix System Administration Handbook" on bookshelfs.

This is a must have book for people who cares or want to know more about security.

Well done 5 out of 5 stars.
2 of 2 people found this review helpful.

Got this book after I read a recent review. I found this book to contain some pretty cool attack & penetration techniques. Chapters like the one on NASL and the Zaurus PDA hacking are a nice addition.

Since this is a hacking book, I disagree with the one review on here that complained about it not being complete. As far as the a&p techniques go, this book packs in more info than most 400+ hacking books I own. Saves a lot of desk real estate and also time. I really dont want to read 5 pages telling me what a portscan is, just tell me how to do it. I prefer it over the Hacking Exposed Linux book when I need quick and precise answers. This book helps me with just this. Right to the point, and some very cool techniques!

5 thumbs up.

Editorial Review:

Safeguard your systems from all types of hackers, hijackers, and predators with help from this insightful resource. Get thorough, just-the-facts coverage of Linux, UNIX and Solaris, and learn about advanced hacking techniques including buffer overflows, password theory, port re-direction, and more.

UNIX Backup and Recovery

W. Curtis Preston

Amazon Price: $30.36 List Price: $39.95 In stock soon. Order now to get in line. First come, first served. By: O'Reilly Media, Inc. Amazon Marketplace: 32 new & used starting at $0.88

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Networking -> Networks, Protocols & APIs -> General
Subjects -> Computers & Internet -> Networking -> Networks, Protocols & APIs -> General AAS
Subjects -> Computers & Internet -> Operating Systems -> Unix -> General

Customer Reviews:
Total reviews: 17 Average rating: 5.0 of 5

Editorial Review:

The Unix file system is reliable and very well-suited to mission-critical applications in which maximum uptime is key. But it's not flawless, and that's where Unix Backup & Recovery comes in. This book details dozens of strategies for keeping Unix systems online. The strategies range from good administration practices that minimize problems to hot-restore techniques that allow you to recover from breaks as seamlessly as possible. The book also contains absolutely inclusive archive techniques that allow you to restore huge databases and file systems from backup media.

Unix Backup & Recovery includes a lot of general "recommended practices" advice and lots of scary stories about lost files (and more than a few about heroic system administrators who saved the day, or at least the data). But it gets down to brass tacks too, documenting lots of backup and recovery tools that can make the administrator's job much easier when they're used properly (including cpio, tar, and AMANDA). Coverage of specific systems' backup and recovery issues (including those of Solaris, HP-UX, Oracle, Sybase, and Informix) are invaluable, as is the coverage of techniques for extracting information from ancient, obsolete backup media. The point: read this book before you have a disaster, so you can do everything required to head one off and be ready to deal with problems when they happen. --David Wall

Topics covered: Strategies for protecting the contents and availability of Unix systems, particularly those running Solaris, Linux, Compaq True-64 Unix, HP-UX, IRIX, and AIX. Coverage also includes backup and recovery software (free and commercial), and the mechanics of protecting and fixing large database management systems. There's also a lot of advice on defensive administration, backup hardware, and obsolete media.

Special Ops: Host and Network Security for Microsoft Unix and Oracle

Syngress

Amazon Price: $27.98 List Price: $69.95 Available for download now By: Syngress

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> General
Subjects -> Computers & Internet -> Business & Culture -> Security
Subjects -> Computers & Internet -> Certification Central -> Exams -> Security+

Customer Reviews:
Total reviews: 11 Average rating: 4.5 of 5

The CISO or Auditor Survival Guide 5 out of 5 stars.
24 of 27 people found this review helpful.

Yesterday morning I spent the better part of an hour in an interview with a reporter. The topic: "If you were giving advice to a brand new security officer, a CSO, or CISO, about how to avoid being fired in their first year, what would you tell them?" After the interview I started to read Special Ops and if there was any way to go back in time I would have told that reporter, tell them to buy Special Ops and read it at least three times.

I normally classify books into a couple of categories; there are books about things and books that tell you how to do things. Special Ops weighs in at a thousand plus pages and covers Windows XP, 2000, Outlook, Exchange, Unix, Security Policy and much more, yet does not fall neatly into either category. So what category is Special Ops?

Dan Lynch, a founder of the Internet and the founder of Interop once used a term, Bogon filter, years before BGP was invented. Bogon, apparently, was a synonym for blarney if you get my drift. Technical people will tell managers and auditors almost anything because they are pretty sure they can get away with it. The chapters in this book are written by brilliant people; they are packed with useful information. You will not learn enough about securing XP to hang out your shingle, but if you read that chapter a couple times you will certainly be on solid ground to determine if the consultant you are considering hiring to secure your XP systems knows enough to even get near your computer facility. The auditor that invests the time to read this book cover to cover three times should be given a t-shirt that says "Fear me". Special Ops can help you develop a bogon filter better than any other single book I have seen on the marketplace.

Chapter 18, Creating Effective Corporate Security Policies, is one of the most fascinating chapters in the book. Though obviously it covers material that can be found in other places, the authors clearly knows their stuff; it is pure pragmatic advice. The warnings ring true and the links are there.

Though content is the most important ingredient of a technical book and Special Ops is packed with content, layout is also important. The book was happy to lay flat within the first four minutes I was playing with it. The fonts are well chosen and large enough to be readable, the paper is substantial. I do have two complaints regarding layout. After the first reading, it will primarily serve as a reference book, so running a camouflage overprint across half of the table of contents was less than brilliant. The same goes for the silly FAQ stamp on top of the questions. Never intentionally make a book hard to read! On the other hand, summary links for more information and an FAQ for every chapter show a real concern for the needs of the reader. As always, just buying the book and putting it on the shelf will not make your systems and network more secure. I have only met Erik Birkholz twice, but I truly believe that if you come up to him hoping for his autograph he is going to reserve a special word for the person with a copy of Special Ops that is full of sticky notes and scribble in the margins. This author team must have worked very hard to produce something this powerful; drink deep of their knowledge.

Editorial Review:

Special Ops: Host and Network Security for Microsoft, UNIX, and Oracle provides solutions for the impossible 24-hour IT work day. By now, most companies have hardened their perimeters and locked out the “bad guys,” but what has been done on the inside? Have you considered the damage that could be done by recently laid-off or disgruntled employees, contractors and consultants, building security guards, cleaning staff, and of course the unsecured wireless network?This book attacks the problem of the soft, chewy center in internal networks.

Hack Attacks Revealed: A Complete Reference for UNIX, Windows, and Linux with Custom Security Toolkit, Second Edition

John Chirillo

List Price: $60.00 By: Wiley Amazon Marketplace: 18 new & used starting at $5.13

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Culture
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Security

Customer Reviews:
Total reviews: 13 Average rating: 4.0 of 5

Editorial Review:

The much-anticipated second edition of the bestselling book that details network security through the hacker's eye
Since the first edition of Hack Attacks Revealed was published, many new attacks have been made on all operating systems, including UNIX, Windows XP, Mac OS, and Linux, and on firewalls, proxies, and gateways. Security expert John Chirillo is ready to tackle these attacks with you again. He has packed the Second Edition of his all-in-one reference with forty percent new material.
In this fascinating new edition, you'll discover:
* The hacker's perspective on security holes in UNIX, Linux, and Windows networks
* Over 170 new vulnerabilities and exploits
* Advanced discovery techniques
* A crash course in C for compiling hacker tools and vulnerability scanners
* The top seventy-five hack attacks for UNIX and Windows
* Malicious code coverage of Myparty, Goner, Sircam, BadTrans, Nimda, Code Red I/II, and many more
* TigerSuite Professional 3.5 (full suite single license)

Practical UNIX Security (Computer Security)

Simson Garfinkel, Gene Spafford

List Price: $29.95 By: O'Reilly Amazon Marketplace: 22 new & used starting at $0.01

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Certification Central -> Exams -> Security+

Editorial Review:

If you are a UNIX system administrator or user who deals with security, you need this book. It's a practical guide that spells out your options for both Berkeley UNIX and System V. It's complete, rational, and doesn't require that you be a programmer to use it.

Practical UNIX Security describes the issues, approaches, and methods for implementing security measures, spelling out what the varying approaches cost and require in the way of equipment. After presenting UNIX security basics and network security, this guide goes on to suggest how to keep intruders out, how to tell if they've gotten in, how to clean up after them, and even how to prosecute them. Filled with practical scripts, tricks, and warnings, Practical UNIX Security tells you what you need to know to make your UNIX system as secure as it possibly can be.

Contents include:

• Understanding basic UNIX functions, such as users, passwords, groups, superuser, and the file system.
• Defending against security breaches.
• Defending against network and communication breaches, using modems, UUCP, NFS, secure NFS, Kerberos, and firewall machines.
• Handling break-ins or other security incidents and repairing the damage.
• Applying techniques of encryption and physical security to UNIX.
• Appendices: UNIX security checklist, important files, UNIX processes, how Kerberos works, other sources.

UNIX, Solaris and Linux: A Practical Security Cookbook: Securing UNIX Operating System without Third-Party Applications

Boris Loza

Amazon Price: $49.99 List Price: $49.99 Usually ships in 24 hours By: AuthorHouse Amazon Marketplace: 22 new & used starting at $25.00

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Certification Central -> Exams -> Security+
Subjects -> Computers & Internet -> Computer Science -> Software Engineering -> Information Systems
Subjects -> Computers & Internet -> Networking -> Network Security

Customer Reviews:
Total reviews: 2 Average rating: 5.0 of 5

Tons of practical information! 5 out of 5 stars.
5 of 5 people found this review helpful.

This book is one of the best I've read about UNIX security. Dr. Loza provides hundreds of hands-on, practical solutions for how to investigate suspicious hackers' activities, secure the system, or protect you on the Internet by using only "native" UNIX capabilities. This book is very unique in the approach that shows you how one can do absolutely the same things to secure your UNIX box that freeware or open-source tools offer - if you are creative and hove some scripting skills. Using freeware and open-source applications is prohibited in many companies. This is why this book is absolutely the best! Especially I loved the Forensics chapter. Once again, I would recommend this book for all hackers and system administrators alike!

Editorial Review:

Whether you are an experienced Security or System Administrator or a Newbie to the industry, you will learn how to use native, "out-of-the-box", operating system capabilities to secure your UNIX environment. No need for third-party software or freeware tools to be and stay secure! This book will help you ensure that your system is protected from unauthorized users and conduct intrusion traces to identify the intruders if this does occur. It provides you with practical information to use of the native OS security capabilities without the need for a third party security software application. Also included are hundreds of security tips, tricks, ready-to-use scripts and configuration files that will be a valuable resource in your endeavor to secure your UNIX systems.

Auditing and Security: AS/400, NT, UNIX, Networks, and Disaster Recovery Plans

Yusufali F. Musaji

Amazon Price: $140.00 List Price: $140.00 Usually ships in 24 hours By: Wiley Amazon Marketplace: 23 new & used starting at $18.95

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> Accounting -> Auditing
Subjects -> Business & Investing -> General
Subjects -> Business & Investing -> General AAS

Customer Reviews:
Total reviews: 1 Average rating: 1.0 of 5

Editorial Review:

A complete and definitive guide to auditing the security of IT systems for managers, CIOs, controllers, and auditors
This up-to-date resource provides all the tools you need to perform practical security audits on the entire spectrum of a company's IT platforms-from the mainframe to the individual PC-as well as the networks that connect them to each other and to the global marketplace. Auditing and Security: AS/400, NT, Unix, Networks, and Disaster Recovery Plans is the first book on IT security written specifically for the auditor, detailing what controls are necessary to ensure a secure system regardless of the specific hardware, software, or architecture a company runs. The author uses helpful checklists and diagrams and a practical, rather than theoretical, method to understanding and auditing a company's IT security systems and their requirements. This comprehensive volume covers the full range of issues relating to security audits, including:
* Hardware and software
* Operating systems
* Network connections
* The cooperation of logical and physical security systems
* Disaster recovery planning

Hack Attacks Denied: A Complete Guide to Network Lockdown for UNIX, Windows, and Linux, Second Edition

John Chirillo

List Price: $50.00 By: Wiley Amazon Marketplace: 20 new & used starting at $6.80

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Culture
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Security

Customer Reviews:
Total reviews: 1 Average rating: 5.0 of 5

Editorial Review:

John Chirillo is back and ready to help you outsmart the next generation of intruders!
Since the publication of the First Edition, new security breaches to networks have inevitably occurred. In order to keep hack-prevention information as current as possible for security engineers and designers, John Chirillo is back with a new edition on how to fortify your networks and home computers. He's updated his bestselling book and is ready to arm you with the necessary security steps from the system to the daemon, concluding with that crucial ingredient-an effective security policy. Packed with nearly 400 pages of fresh material, including new fortification techniques, advisory solutions, and firewall labs, Hack Attacks Denied, Second Edition offers vital insight that will teach you how to be aware of potential security dangers.
This all-in-one reference covers Windows, UNIX, and Linux, and teaches you how to keep the hacks out of your network by using the same Tiger Box tools that hackers use to detect and penetrate network vulnera-bilities. Full of essential examples and illustrations, the Second Edition, contains:
* Over 170 new countermeasures
* Patching the top seventy-five hack attacks for UNIX and Windows
* Cleanup and prevention of malicious code including Myparty, Goner, Sircam, BadTrans, Nimda, Code Red I/II, and many more
* TigerSurf 2.0 Intrusion Defense (full suite single license)
Bonus CD!
To accommodate the new material in the book, Chirillo has moved all lengthy lists and source code from the book to the CD-ROM, and has also added the new version of the security software, TigerSurf 2.0.