[Gllug] Up-to-date Linux security books

John Edwards john at cornerstonelinux.co.uk
Thu Feb 17 12:54:34 UTC 2011 

> On Thu, Feb 17, 2011 at 12:19:49PM +0000, gvim wrote:
> I've been looking for up-to-date Linux security books and couldn't
> find much published after 2005 on Amazon other than "Fedora 9 Linux
> Administration and Security" (2008) and "Hacking Linux Exposed, 3rd
> Edition" which has bad reviews for being off-topic.

Books by their very nature are never "up-to-date", which may be part
of the problem. Also when distributions like Fedora and Ubuntu release
every 6 months that means that by the time the book hits the shelves
it will be obsolete and unsaleable in weeks. That tends to put off
publishers.


> In a field where up-to-date information is so vital I'm quite
> surprised at the lack of choice. Any recommendations?

I'm not sure if good security practices really change that quickly.

Sure, new attacks are created evey day, but it is no good trying to
implement a new defense against ever attack. The best general defense
is still mostly the same as it was 10 years ago - apply security
updates, run the bare minimum of services and packages, firewall both
incoming and outgoing traffic, don't use unencrypted traffic, etc.

There are new defenses like SELinux and AppArmor, but they are
documented by both themselves and by the distribution. Encrypting
filesystems that contain sensitive data can also be useful in places
where a server might be stolen.



> RHEL bias is fine.

What about Red Hat's own documentation and training material?
That also has the advantage of getting you towards Red Hat
certification if you need it.


I think that instead of thinking about the operating system, you
should be thinking about the services you want to provide, which
daemons will provide them, then look at securing each of them to
the level both you and your users are happy with.

If you are looking to secure a web server it really helps if you
learn a bit about the programming languages such as PHP and Perl
that will be used. Learn about Cross-Site Scripting and SQL
Injections and how to spot them in the programs you are running. 


Of course books have several advantages - more readable when
travelling, easier to flick through than a computer screen,
impressing visitors to your office.

For a general purpose System Administration book I would recommend
Limoncelli & Hogan "The Practice of System and Network Administration".

It doesn't so much tell you how to do things, but what to think about
before you start to do them.



-- 
#---------------------------------------------------------#
|    John Edwards   Email: john at cornerstonelinux.co.uk    |
#---------------------------------------------------------#
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 205 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20110217/2343cb84/attachment.pgp>
-------------- next part --------------
--
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list