Review: Linux Server Security
About the author
Chris Binnie is a Technical Consultant with 20 years of experience working with Linux systems, and a writer for Linux Magazine and Admin Magazine. He built an Autonomous System Network in 2005, and served HD video to 77 countries via a media streaming platform. Over the course of his career, he has deployed many servers in the cloud and on banking and government server estates.
Inside Linux Server Security
The author addresses a number of ways to protect your Linux systems – those that plug the biggest, most often exploited holes and, in general, bring “most bang for your buck” (the “buck” here being “effort”).
For example, you’ll learn how to keep your server unnoticed by attackers (effectively, performing “security through obscurity”), how to protect it from being exploited to participate in DDoS attacks against, how to spot reconnaissance efforts aimed against it, rootkits being inserted, malware being leveraged, and how to prevent SQL injection attacks.
The author explains how to do all this, but also how attackers go about performing these attacks, and the tools they most often use. You’ll learn yourself how to use these same tools – nmap, netcat, nping, iptables, tcpdump, hashcat, and so on – for probing your servers to find and plug security holes.
The techniques presented in this book apply to almost all Linux distributions including the many Debian and Red Hat derivatives, and some other Unix-type systems.
The book is sort of a step-by-step tutorial on doing all these things, but it’s not dry. Quite the contrary – you can almost feel the author taking you by the hand and leading you through the problems, explaining the reasoning for believing this or that option is the best, making it stick in your mind.
He doesn’t go too much in depth on any one thing, but often provides links to outside sources (right then and there, and not in the footnotes, which I appreciate greatly) if you want to learn more or simply help reason the choice for yourself.
Linux Server Security is a short book that will come handy and should be interesting to Linux systems administrators, especially if they know nothing or next to nothing about keeping them secure.
The author does not say – and you should not expect – that the techniques described in the book are good for keeping your server(s) secure from state-backed or other sophisticated attackers. Instead, they will help you repel an increasing number of proficient but mostly opportunistic attackers.