Product Description
To the uninitiated, the title may seem like an oxymoron: after all, aren't hacks what network security is supposed to prevent? But if you're network administrator, this book's title not only makes sense; it makes a lot of sense. You know that a busy administrator needs a hatful of devilishly effective security hacks to keep your 12-hour days from becoming all-nighters. Network Security Hacks is not a long-winded treatise on security theory. Instead, this information packed little book provides 100 quick, practical, and clever things to do to help make your Linux, UNIX, or Windows networks more secure today. This compendium of security hacks doesn't just cover securing TCP/IP-based services, but also provides intelligent host-based security techniques. Loaded with concise but powerful examples of applied encryption, intrusion detection, logging, trending, and incident response, Network Security Hacks will demonstrate effective methods for defending your servers and networks from a variety of devious and subtle attacks. Network Security Hacks show how to detect the presence (and track every keystroke) of network intruders, methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be system crackers. Important security tools are presented, as well as clever methods for using them to reveal real, timely, useful information about what is happening on your network. O'Reilly's Hacks Series reclaims the term "hacking" for the good guys--innovators who use their ingenuity to solve interesting problems, explore and experiment, unearth shortcuts, and create useful tools. Network Security Hacks lives up to reputation the Hacks series has earned by providing the "roll-up-your sleeves and get-it-done" hacks that most network security tomes don't offer. Every hack can be read in just a few minutes but will save hours of searching for the right answer. Using just one of these amazing hacks will make this slim book's price seem like a remarkable deal. The other 99 make Network Security Hacks absolutely invaluable.
Great bag of tricks for the network security professional - Reviewed on 2007-01-10
1 customer found this review helpful.
This second edition of Network Security Hacks is a collection of 125 powerful security techniques. This volume demonstrates effective methods for defending your servers and networks from a variety of devious and subtle attacks. Within this book are examples of how to detect the presence and track every keystroke of network intruders, methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be hackers. Many important security tools are presented, as well as interesting ways for using them to reveal useful information about your network's activity. There is mention in the beginning of the book about "code", but I haven't run across any yet. The closest thing I found to code were forms of command lines for various network tools and expected typical responses. So if you are not a programmer, don't be scared away. The following is the table of contents:
Chapter 1, Unix Host Security, demonstrates advanced techniques for hardening your Linux, FreeBSD, or OpenBSD server.
Chapter 2, Windows Host Security, covers many important steps that Windows administrators often overlook, including tightening down permissions, auditing all system activity, and eliminating security holes that are present in the default Windows installation.
Chapter 3, Privacy and Anonymity, discusses several ways to protect oneself online by offering solutions for encrypting email, remaining anonymous, and managing passwords for web sites.
Chapter 4, Firewalling, shows how to set up firewalls under various operating systems, such as Linux, OpenBSD, FreeBSD, and Windows. Different filtering and firewall testing techniques are also covered in this chapter.
Chapter 5, Encrypting and Securing Services, shows how provide secure services for SMTP, IMAP, POP3, Apache, and MySQL.
Chapter 6, Network Security, demonstrates some tools and techniques used to attack servers using the network itself, as well as methods for preventing these attacks.
Chapter 7, Wireless Security, includes only a handful of very useful hacks. Whether you want to share your network with others and still maintain a semblance of security, or lock down your wireless network with fine-grained authentication, this chapter has something for you.
Chapter 8, Logging, shows you how to balance the need for information with the need for brevity by automatically collecting, processing, and protecting your system logs.
Chapter 9, Monitoring and Trending, presents a number of tools and methods for watching your network and services over time, allowing you to recognize trends that will aid in future planning and enable you to tell at a glance when something just isn't right.
Chapter 10, Secure Tunnels, shows you how to implement powerful VPN technologies, including IPSec, PPTP, and OpenVPN. You will also find techniques for protecting services using SSL, SSH, and other strong encryption tools.
Chapter 11, Network Intrusion Detection, centers on the tremendously popular NIDS tool Snort and presents many techniques and add-ons that unleash this powerful tool's full potential. Also presented are methods for setting up your own "honeypot" network to attract and confuse would-be system crackers.
Chapter 12, Recovery and Response, contains suggestions on how to verify your system's integrity, preserve evidence for later analysis, and track down the human being at the other end of undesirable network traffic.
I would recommend this book to any network security professional. However, I think it is too advanced for someone who is just interested in the profession or someone who is tinkering with a home network on an amateur basis. There is no "beginner's material" to be found in this book, and it will likely be over your head if you are not already working in the field.
« RSS Feeds
