Hacking Exposed Linux 2/e
by Berislav Kucan - Wednesday, 7 May 2003.

Authors: Bri Hatch and James Lee
Pages: 712
Publisher: McGraw-Hill Professional
ISBN: 0072225645



Introduction

The Hacking Exposed security titles don't need any introduction. Written by the experts in the security field, they provide loads of information as seen from both perspectives related to a system administrator - securing and hacking. As the security scene is actively progressing, the books from the Hacking Exposed series receive upgrades in the way of new editions. Today, we take a look at second edition of the successful "Hacking Exposed Linux".

About the authors

Bri Hatch is Chief Hacker at Onsight, Inc. where he is a Unix/Linux and network security consultant. He has taught various security, Unix, and programming classes for corporations through Onsight and as an adjunct instructor Northwestern University. He is also co-maintainer of Stunnel, an Open Source secure SSL wrapper used around the world to encrypt cleartext protocols.

An interview with Bri Hatch is available here.

James Lee is CEO of Onsight Inc., a training and consulting firm specializing in open-source technologies. Mr. Lee has over 15 years of experience in software development, training, Linux security and web programming. He can talk endlessly about the virtues of Linux, Perl, Apache and other open-source products - just ask his students. He has written articles about network programming and Perl for The Linux Journal.

Inside the book

If you are not familiar with the organization of the Hacking Exposed books, I'll mention that the book is really easy to navigate, as it uses a standard type of icons guiding the users into different security issues. Therefore there are separate icons for attacks that specify penetration testing/hacking tools and methodologies on the one hand and countermeasures presented to fix the various attack types on the other. Complementing the book's easy navigation, the authors use three subsets of icons - note, tip and caution. These symbols are used for emphasizing the important points of the discussed topics. Also for better presentation purposes, all of the hacking situations start with an information table detailing the problem's popularity, simplicity and impact and the final verdict on the overall risk rating for the given situation.

Before going deeper into the core of the book, I should mention the changes between the original and this second edition of "Hacking Exposed Linux". In building this edition, the authors wanted to be sure that the book will still be standalone, so they compressed, trimmed and deleted some of the old material. By doing this, they managed to add approximately 200 pages of new text, which can especially be seen from a new section focusing on the attacker's actions after a successful server compromise. Most of the removed material is still available from the online companion for this book, located at HackingLinuxExposed.com.

The book starts with an overview on Linux security, precisely with the introduction on the open source movement and the correlation between open source and security. Linux security basics follow up next, with some beginner type of information on permissions, aliased commands, system usage and the most popular security issues including format strings, buffer overflows and race conditions.

As system administrators should be fully equipped with a myriad of security tools, the authors introduce the readers to different tools related to proactive security measures. This extensive list of security scanners, log file analyzers and intrusion detection tools, offers a great guide for the novice administrators interested in hardening and watching after their systems. The final chapter in the opening "Locking into Linux" part of the book, goes further into specifying the services and situations attacker can learn about your system and provides the information on how to make the attacker's job as tougher as it can be.

The next two parts of the book deal with both outside and local attacks. A Linux system administrator must be introduced with the possible compromise methods that aren't directly related to the Linux environment. Because of that, the authors start the "outside attacks" section with the ever present topic of social engineering, a hacking method made famous by the well known hacker Kevin Mitnick. As the security situation within an organization can be locked from the computer perspective, attackers quite often use the weakest link - people. By either using false authority, sympathy, impersonation or boosting the co-speaker egos attackers can receive a complimentary ticket to the organization's network.

Trojan horses aren't such a problem for Linux users as they are for Windows users, but they are still a notable threat. It became a trend that the attacker compromises a target server offering some kind of software downloads and replaces the valid software files with trojaned copies of the same files. One of the topics missing in the first edition of this book was surely Wireless LAN hacking, which now receives just about 15 pages. Although this topic wasn't covered in such a manner I expected, it provides some decent information on the basics of wireless networks, protection and insecurities.

For the local hacking fans, the authors discuss different privilege escalation and password management scenarios. Neat coverage of the miscellaneous attacks is made even better with a section on physical attacks that mostly deals with unprivileged access to the system and its boot loaders (both LILO and GRUB are used as the abuse examples).

As Linux is mostly used in server environments, the fourth part of the book goes into specifics relating to server security issues. Here the authors traverse through security issues relating to File Transfer Protocol, E-Mail transfer, web servers and the dynamic content served through them. A newly written chapter on denial of service attacks provides a good overview on the topic. The last section of the book deals with the already mentioned means, hacker will deploy after a successful break-in. As there a lot of things to do on a compromised host, the section is divided into three separate sections defining possible attacker steps - covert access and hiding, backdooring valid services and advanced system hacks.

What I think of it

After spending some time with "Hacking Exposed Linux Second Edition", I'm happy to say that the book is a great read - it offers Linux related security details in an easily readable way. The quality of the written text is quite nicely supplemented with loads of practical examples written by the guy who gives us the excellent "Linux Security: Tips, Tricks and Hackery" newsletter. The book should be of interest to any Linux user as it gives an inside look into various hacking topics related to this popular operating system.