|2020ok Directory of FREE Online Books and FREE eBooks|
Hack Proofing Sun Solaris 8
by Randy Cook, Ido Dubrawsky, F. Williams Lynch, and Ed Mitchell
(Respecting the intellectual property of others is utmost important to us, we make every effort to make sure we only link to legitimate sites, such as those sites owned by authors and publishers. If you have any questions about these links, please contact us.)
Two of Sun Solaris's prime attractions are its reliability and the high availability of servers running it. These advantages can be, however, negated by carelessness. Forget to apply a patch, or neglect to synchronize your servers' system clocks, and someone who's paying more attention will exploit the holes you've left in your system. The authors of Hack Proofing Sun Solaris 8 teach you how to run Solaris with flair. They show you how to implement wise security rules and implement popular services--like Common Gateway Interface (CGI) scripts--with a focus on improving security without reducing function. Most of the advice here has to do with Solaris boxes as Web servers, mail servers, and firewalls.
A lot of the authors' advice will be familiar to readers who have done security work before--their advice to disable all nonessential services, for example, falls into this category. Other information, such as the particular syntax of Solaris's native security utilities and third-party programs that are designed for Solaris, is very handy. It'll prove especially nice for people coming to Solaris from security administration on other operating systems. The organizational approach balances quick reference--the ability to quickly locate some detail via the index--with informative background that will help you head off emerging, undocumented attacks. There aren't many earth-shaking revelations in this book, but it contains good documentation of Solaris security tools and procedures. --David Wall
Topics covered: Sun Solaris 8 defensive policies and procedures. Native Solaris tools (like audit log) are documented, as are outside tools like Snort. There's advice on setting user and file permissions, and hints on how to configure network services like HTTP, SMTP, DHCP, and network address translation (NAT) in a secure way. Caching with Squid gets attention, too.
Drew Simonis (CCNA, SCSA, SCNA, CCSA, CCSE, IBM CS) is co-author of Hack Proofing Your Web Applications (ISBN: 1-928994-31-8) and is a Senior Security Engineer with the RL Phillips Group, LLC. He currently provides senior level security consulting to the United States Navy, working on large enterprise networks. He considers himself a security generalist, with a strong background in system administration, Internet application development, intrusion detection and prevention and penetration testing. Drews background includes a consulting position with Fiderus, serving as a Security Architect with AT&T and as a Technical Team Lead with IBM. Drew has a bachelors degree from the University of South Florida and is also a member of American MENSA. Drew currently lives in Suffolk, VA with his wife Kym and daughters Cailyn and Delaney.
F. William Lynch (SCSA, CCNA, MCSE, MCP, A+) is an Independent Security and Systems Administration consultant in Denver, CO. His specialties include firewalls, VPNs, security auditing, documentation, systems performance analysis, Solaris and open source operating systems such as OpenBSD, FreeBSD, and Linux. He has served as a consultant to multinational corporations and the Federal government including the Centers for Disease Control and Prevention headquarters in Atlanta, GA as well as various airbases of the United States Air Force. William is also the founder and director of the MRTG-PME project, which uses the MRTG engine to track systems performance of various UNIX operating systems. William holds a bachelor's degree in Chemical Engineering from the University of Dayton in Dayton, OH and a master's degree in Business Administration from Regis University in Denver, CO
Randy Cook (SCSA) is a Senior UNIX System Administrator with Sapphire Technologies. He is currently assigned to one of the largest manufacturing and scientific facilities in the world where he provides system security and administration support. He works with a wide variety of UNIX distributions in a high-threat environment. Randy was the co-author and technical editor of the Sun Certified System Administrator for Solaris 8.0 Study Guide (ISBN: 0-07-212369-9) and has written technical articles for industry publications. He has also hosted a syndicated radio program, Technically News, which provided news and information for IT professionals.
Related Free eBooks