Network Security Hacks: 100 Industrial-Strength Tips & Tools
Book Review
Network Security Hacks:
100 Industrial-Strength Tips & Tools
Book Review
 By
Dale Farris, Vice PresidentGolden Triangle PC Club May 2004 General Overview To the uninitiated, the title may seem like an oxymoron: after all, aren't hacks what network security is supposed to prevent? But if you're network administrator, this book's title not only makes sense, it makes a lot of sense. You know that a busy administrator needs a hatful of devilishly effective security hacks to keep your 12-hour days from becoming all-nighters. Network Security Hacks is not a long-winded treatise on security theory. Instead, this information packed little book provides 100 quick, practical, and clever things to do to help make your Linux, UNIX, or Windows networks more secure today. These industrial-strength techniques will help make sure that your networks are not the target of opportunity. The tips are all real-world examples of tools and methods used by experts to protect their own computers and networks. This compendium of security hacks doesn't just cover securing TCP/IP-based services, but also provides intelligent, host-based security techniques. Loaded with concise but powerful examples of applied encryption, intrusion detection, logging, trending, and incident response, Network Security Hacks will demonstrate effective methods for defending your servers and networks from a variety of devious and subtle attacks. Network Security Hacks show how to detect the presence (and track every keystroke) of network intruders, methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be system crackers. Important security tools are presented, as well as clever methods for using them to reveal real, timely, useful information about what is happening on your network. O'Reilly's always faithful and important "Hacks" series of titles reclaims the term "hacking" for the good guys -- innovators who use their ingenuity to solve interesting problems, explore and experiment, unearth shortcuts, and create useful tools. Network Security Hacks lives up to the reputation the "Hacks" series has earned by providing the "roll-up-your sleeves and get-it-done" hacks that most network security tomes don't offer. Each hack can be read in just a few minutes but will save hours of searching for the right answer. Using just one of these amazing hacks will make this slim book's price seem like a remarkable deal. The other 99 make Network Security Hacks absolutely invaluable. Special Features Inside, you will find a wealth of useful techniques for detecting and dealing with intruders. You will learn how to: Monitor your network and services with advanced Intrusion Detection Systems (IDS), such as Snort and Spade Protect your email and other critical services using strong encryption Block network scanners that detect operating system identity, and even fool them into thinking you are running another OS entirely Securely connect two remote sites over the Internet using a number of strong VPN solutions, including IPSec, OpenVPN, PPTP, VTun, and even SSH Set up virtual networks (honeypots) that appear to be vulnerable to attack, in order to divert and confuse attackers Harden your Linux, BSD, and Windows hosts against attack Detect, respond to, and recover from inevitable system compromises Table of Contents The 100 super tips and tools are organized into 8 chapters, and include the following: 1) Unix Host Security 2) Windows Host Security 3) Network Security 4) Logging 5) Monitoring and Trending 6) Secure Tunnels 7) Network Intrusion Detection 8) Recovery and Response Target Readers Written for the intermediate to advanced network administrator, Network Security Hacks is full of practical, ingenious solutions to real-world networking situations and problems. All computer network administrators need a copy of this vital book, and I suggest they should also consider multiple copies to share with other of their network support team. Book Contents 312 pages; preface; acknowledgments; tons of sample scripts; figures; screen-shots; tips; index; cover colophon Author Andrew Lockhart About the Author Andrew Lockhart is originally from South Carolina, but currently resides in northern Colorado, where he spends his spare time trying to learn the black art of auditing disassembled binaries and trying to keep from freezing to death. He holds a BS in computer science from Colorado State University and has done security consulting for small businesses in the area. When he's not writing, he currently works at a Fortune 100 company. In his free time, he works on Snort-Wireless (www.snort-wireless.org), a project intended to add wireless intrusion detection to the popular open source IDS Snort. ISBN April 2004 - First Edition 0-596-00643-8 List Price $24.95 $36.95 CAN About O'Reilly & Associates, Inc. O'Reilly & Associates is the premier information source for leading-edge computer technologies. O'Reilly communicates the knowledge of experts through their books, conferences, and web sites. Their books, known for their animals on the covers, occupy a treasured place on the shelves of developers building the next generation of software, and their conferences and summits bring innovators together to shape the revolutionary ideas that spark new industries. From the Internet to the web, Linux, Open Source, and now Peer-to-Peer Networking, O'Reilly puts technologies on the map. Anyone involved in information technology can always depend on O'Reilly for high quality books, as well as the most authoritative works on the market. The company's commitment to technical expertise in their books is matched by their commitment to quality production, now famously recognized by their "lay flat" binding that makes reading an O'Reilly book very convenient. Among the sea of computer titles that now fill the shelves, professionals in information technology have for many years realized the super value that is always present in any O'Reilly title. Publisher Contact Marsee Henon marsee@oreilly.com O'Reilly & Associates, Inc. 1005 Gravenstein Highway North Sebastopol, California 95472 707-827-7000 800-998-9938 FAX 707-829-0104 www.oreilly.com |