نویسنده : Bob Toxen
حجم : 1913 کیلو بایت
دسته بندی : امنیت
فرمت : chm
صفحات : http://iran-talk.ir
You have in your hands a book I've been waiting to read for years—a practical, hands-on guide to hardening your Linux system which also manages to illuminate the larger issues in UNIX security and computer security in general. I tested this book by applying its prescriptions to my home Linux machine as I was reading it. Bob Toxen's presentation is hands-on, thorough, and concise—just the thing for the working system administrator in a hurry who prefers to go from application to theory rather than the other way around. But I found good theory there, too; Bob's early introduction of the ideas of attack paths, rings of security, and cost functions provides an unobtrusive unifying framework for the descriptions of specific exploits and how to counter them.
Every SysAdmin responsible for security needs to take the workbook-level steps described in this book—but those will only deal with today's attacks. To cope with tomorrow's threats, you'll need to learn how to think about security in the large—not just on the level of individual exploits or attack paths but at the level of design philosophy and policy for your system. The real gold in this book is what's in between the lines of the recipes. You'll learn not just day-to-day remedies but a way of thinking about security that balances costs with risks, is alert to possible future attack paths, and never relies completely on the perfection of
any one barrier.
Security, like programming, is an art. At the lowest levels, it's all mechanics. Once the mechanics become automatic,
you can start thinking about refining technique and fitting it sensitively to your goals (in programming, an application spec; in security, a threat model). At the highest level, when mechanics and technique have both become next to automatic, expert intuition becomes your most effective tool. In both fields, you get that intuition by immersing yourself in the craft thoroughly enough that your mind begins to make connections of its own, beyond what's in the books and teachings.
s ability to make both low and high levels live in this book is what makes it special. I think you'll find it a wonderful launch point from which to learn the craft (and, eventually, the art and intuition) of Linux security.