Authors Brian Hatch and James Lee have added 200 pages of new content to this edition -- and they ve overhauled everything else to reflect the latest Linux exploits, cracking tools, and countermeasures. To help you set priorities on defense, every exploit is rated from 0 to 10 on popularity, simplicity, impact, and overall risk.
We found the sections on break-ins particularly useful. You ll find everything here from Mitnick-ian social engineering to physical and network attacks. For example, you probably know that systems running LILO are susceptible to being booted to single-user mode without passwords; you may not realize that newer systems using GRUB have their own vulnerabilities. Hatch and Lee offer countermeasures for both.
You ll learn how to prevent insecure program execution, buffer overflows, race conditions, and symlink attacks; how to validate user input; and how to create temporary files securely. There are updated chapters on email and FTP security; web servers and dynamic content; and denial-of-service attacks.
There s also an entirely new three-chapter section on what crackers do after they ve broken in. You ll learn how they cover their tracks -- from removing log entries through replacing your binaries with versions that don t betray their presence. There s a detailed chapter on backdoors, and another on kernel changes and other advanced methods for hiding one s activities. If you re running Linux for anything that matters, this book s a must. Bill Camarda
Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks for Dummies, Second Edition.