REVIEW - Linux Security - Craig Hunt Linux Library


Linux Security

Craig Hunt Linux Library


Ramón J. Hontañón


John Wiley & Sons (2001)




Joe McCool


April 2002



I approached this book with some excitement. Recently on a site of mine, I had a problem with spam and network intrusion. I had the idea of implementing a Linux firewall, using the famed robustness of Linux to keep intruders from tampering with prone NT servers. As it turned out, I got it completely wrong. Hontañón's book is about security on Linux itself and not just about using Linux to protect others, but it is no less relevant for that. It had never crossed my mind that Linux might itself be susceptible.

Susceptible it certainly is, according to this author. Problems can stem right from kernel compilation to setting up user accounts. (Hontañón points out that most hacking takes place behind firewalls and by legitimate users!)

There is a wealth of material covered here; things to watch while configuring samba, apache, network security, sendmail, user authentication, transport and application layer firewalls, ssh and vpn. The material is well organised and presented clearly.

I do have some petty criticisms: some diagrams have essential text missing, screen shots, while pretty, add little to the understanding. Listings are too long (4 pages), deliver little and could be relocated to an appendix. Like anyone trying to hedge their bets, he does not come down in favour of any particular Linux distribution. Kernel re-compilation is an essential part of Linux security and very much part of Linux culture. Hontañón recommends kernel compilation as root. This contradicts the advice given by Linux gurus on the Step by Step site (see http://linux.ns/misconstrue.html). Otherwise this is a good and useful read, certainly recommended. With Linux playing an increasing role in commercial web servers, this text has a ready market.

Book cover image courtesy of Open Library.

Your Privacy

By clicking "Accept Non-Essential Cookies" you agree ACCU can store non-essential cookies on your device and disclose information in accordance with our Privacy Policy and Cookie Policy.

Current Setting: Non-Essential Cookies REJECTED

By clicking "Include Third Party Content" you agree ACCU can forward your IP address to third-party sites (such as YouTube) to enhance the information presented on this site, and that third-party sites may store cookies on your device.

Current Setting: Third Party Content EXCLUDED

Settings can be changed at any time from the Cookie Policy page.