Network
Security Hacks, 100 Industrial-Strength Tips & Tools
by Andrew Lockhart, ISBN: 0-596-00643-8
Reviewed
by: Jim
Huddle, October 2004, send
e-mail
Published
by: O'Reilly
Media, Inc., go
to the web site
Requires: Intermediate
to Advanced Administrator
MSRP: US$24.95
I can't imagine any network engineer or admin who
isn't thinking about security. I don't mean in just
the last few years either. Security has always been
an up front issue with networked computers. There
are plenty of folks who will tell the sysadmin that
he or she needs to get their network clamped down,
but usually those same folks want to be hired to
tell the admin just how to do it. While that's not
always a bad idea, especially in large and complex
networks, there are plenty of things an administrator
can do to minimize obvious risks to the company's
network. With Network Security Hacks the admin has
a very good starting point with one hundred things
she can do right away.
The
author, Andrew Lockhart, has assembled into this
book a
series of “tips and tools” that
cover UNIX, Windows, Linux, BSD and general network
security, as well as tips on using log files and
secure tunnels. He also has 14 hacks on using Snort,
which I really liked. This isn't a sit-down-and-read-the-theory
kind of book. It also assumes that you, as the network
admin or engineer, have a pretty good understanding
of UNIX and Windows, as well as network infrastructure.
It this fits you, then you'll find Network Security
Hacks refreshing. Chapter One starts with UNIX security
and from there all the way to the index, it's just
one hack after another. |
|
Most of the
hacks begin with a few paragraphs giving a quick explanation
of the object behind the hack. After
that, the hack presents what can be done to better secure
the object or the tool to run to check the object. Where
appropriate, the hack will end with the loop holes that
may still exist. For example, hack #31—Detect ARP
Spoofing—begins by explaining what ARP spoofing is
and why it's a problem. After this the hack describes a
tool called arpwatch to detect ARP Spoofing. The hack then
tells you how to install and use the utility.
Network Security Hacks show how to detect the presence
(and track every keystroke) of network intruders, methods
for protecting your network and data using strong encryption,
and even techniques for laying traps for would-be system
crackers. Important security tools are presented, as well
as creative methods for using them to reveal useful information
about what is happening on your network.
O'Reilly's Hacks
series reclaims the term "hacking" for
the good guys—innovators who use their ingenuity
to solve interesting problems, explore and experiment,
unearth shortcuts and create useful tools. If you run a
multi-platform environment (and what IT manager doesn't
these days?), you'll find this to be handy volume to apply
against your network.
Letters to the Editor are welcome and occasionally abused in public. Send e-mail to: whine@kickstartnews.com
|
|