• Home
• Articles
• Codesnippets
• Tutorials
• FAQ
• Books
• Search
• Contact

Search PHPit

Use this textbox to search all the content on PHPit. Seperate keywords with a space.

Advertisements

Partners

• WesternUnion
• Odżywki
• IRS Forms
• California Flags
• Files Guide

Red Hat Linux Security and Optimization

Book Details

Availability: Usually ships in 24 hours
List Price: $49.99
Our Price: $34.99
You Save: $15 (30%)

Spotlight Customer Reviews

Average Customer Rating: 3.44

Customer Rating: 4
Summary: Good but for immediate or better users
Comment: I want to begin with whats good about the book. It does a good job of covering Linux security concepts, and centralizing them in a well laid out, easily referenced book. Others have pointed out that a lot of this information is available on the net for free, however without a reference like this they wouldn't know what they should be looking for. (How many folks know their BIND server should run in a chroot environment to even begin the research?).

Despite having Red Hat in its title, and being released as a redhat Press book, the book is surprisingly generic in its treatment. While that may be a welcome releif to Suse/Debian/etc users, its a bit annoying to redhat users who were expecting more specific help, and perhaps less conflicting help. Several of the security measures covered in the book have already been implemented in the default redhat install, except using different usernames, file paths, etc.

Some of this may be an artifact of the book not covering the latest release, but some have been around long enough to convince me the book was written to a far more generic audience originally then given a new title. Which isn't bad by itself, just not what a novice user would expect, and might not catch.

My final concern is that some of the implementation steps are just flat wrong. The section on running BIND in a chroot environment is one, it describes the process in 7 steps (only 6 are enumerated) and does not mention redhat's prefered method of passing the options to the daemon. However, since knowing that it should/can be done is half the battle in linux, the correct procedure can be found on the web.

Customer Rating: 3
Summary: Good RH reference Freely available info is just as good
Comment: A doctrine of the open source movement is that although the software is free, you have to pay for the support and documentation. While anyone can ..get the Red Hat Linux software for free, books on Linux or other open source topics will cost the reader money. But for readers who are willing to shell out [the money]for a book about Linux security, Red Hat Linux Security and Optimization is a good overview on the core concepts of Linux security and how to secure, optimize, and harden Red Hat.

The book is titled Red Hat Linux Security and Optimization, indicating that both topics are covered, but the bulk of this book (chapters 8 - 21) really deals with security topics. Only the first 7 chapters deal with system and network performance.

Part 1 of the book comprises three chapters on system performance. Issues such as performance basics and kernel tuning are discussed. It shows how users can compile and install their own custom kernel. Chapter 3 is on file system tuning and deals with standard issues such as determining which file system to use and the creation of volumes and partitions.

The three chapters of Part 2 (Network and Service Performance) detail the issues of network and server performance. Chapter 5 provides a good overview of tweaking Apache and the use of Squid.

Part 3, System Security, is the heart of the book. The author takes a bottom up approach to security, where he starts with kernel security and progresses to other topics such as file system security, network security, passwords, and more.

Part 4 details network security, from DNS and BIND, to SSL, FTP, and the other major networking protocols. Chapter 17 has a good synopsis of email and the vulnerabilities associated with open email gateways, and how to control mail relays so as not to be used as a spam clearinghouse.

The book finishes with Part 5, which comprises two chapters about Linux firewalls. It also includes information about VPNs, SSL tunnels, and assessment tools.

The enclosed CD-ROM has a lot of security software, including standard security tools such as John the Ripper, netcat, nessus, nmap, and more. Is also includes other software such as Tripwire, Saint, OpenSSH, OpenSSL, tcpdump, and more. Also included is an electronic version of the book. With the exception of the electronic copy of the book, everything on the CD-ROM is available free off the Net. It would have been nice if the book could have included a second CD-ROM with the Linux operating system software. Although the software can be downloaded from Red Hat, the nearly 1 GB of data can take quite a while to download, even with a broadband connection.

Red Hat Linux Security and Optimization is a straightforward book that details all of the rudiments of Linux functionality and security. While the book is written for Red Hat, the majority of the information can be applied to other flavors of Linux. Overall, Red Hat Linux Security and Optimization is a good option for readers who want a security reference book....

Customer Rating: 2
Summary: Obviously trying to cash in on Red Hat's dominance
Comment: Red Hat is synonymous to Linux for many people, and this book is obviously trying to cash in on that. The editing of this book leaves much to be desired - there are some really terrible errors throughout. I am usually partial to books that have CDs with them, but in this case it doesn't add anything. The tools on the CD are freely downloadable from the internet, and are being updated constantly. The versions on the CD are very old, so you need to download new versions anyway.

Overall, for my money, I'd buy the oreilly security book or the hacking linux exposed one.

Copyright © 2004 Dennis Pallett. All Rights Reserved.