Cover image for Practical UNIX and Internet security
Practical UNIX and Internet security
Personal Author:
2nd ed., expanded & updated
Publication Information:
Sebastopol, Calif.: O'Reilly & Associates, 1996
Added Author:


Item Barcode
Call Number
Material Type
30000003863911 QA76.76.O63 G37 1996 Closed Access Book

On Order



When Practical UNIX Security was first published in 1991, it became an instant classic. Crammed with information about host security, it saved many a UNIX system administrator and user from disaster.This second edition is a complete rewrite of the original book. It's packed with twice the pages and offers even more practical information for UNIX users and administrators. It covers features of many types of UNIX systems, including SunOS, Solaris, BSDI, AIX, HP-UX, Digital UNIX, Linux, and others. The first edition was practical, entertaining, and full of useful scripts, tips, and warnings. This edition is all those things -- and more.If you are a UNIX system administrator or user in this security-conscious age, you need this book. It's a practical guide that spells out, in readable and entertaining language, the threats, the system vulnerabilities, and the countermeasures you can adopt to protect your UNIX system, network, and Internet connection. It's complete -- covering both host and network security -- and doesn't require that you be a programmer or a UNIX guru to use it. Practical UNIX & Internet Security describes the issues, approaches, and methods for implementing security measures. It covers UNIX basics, the details of security, the ways that intruders can get into your system, and the ways you can detect them, clean up after them, and even prosecute them if they do get in. Filled with practical scripts, tricks, and warnings, Practical UNIX & Internet Security tells you everything you need to know to make your UNIX system as secure as it possible can be.Contents include:

Part I: Computer Security Basics. Introduction and security policies. Part II: User Responsibilities. Users and their passwords, groups, the superuser, the UNIX filesystem, and cryptography. Part III: System Administrator Responsibilities. Backups, defending accounts, integrity checking, log files, programmed threats, physical security, and personnel security. Part IV: Network and Internet Security: telephone security, UUCP, TCP/IP networks, TCP/IP services, WWW, RPC, NIS, NIS+, Kerberos, and NFS. Part V: Advanced Topics: firewalls, wrappers, proxies, and secure programming. Part VI: Handling Security Incidents: discovering a breakin, U.S. law, and trust. VII: Appendixes. UNIX system security checklist, important files, UNIX processes, paper and electronic sources, security organizations, and table of IP services.

Author Notes

Gene Spafford, Ph.D., CISSP, is an internationally renowned scientist, professor, and director of Purdue University CERIAS, the Center for Education and Research in Information Assurance and Security
Alan Schwartz, Ph.D., is assistant professor of clinical decision making in the Departments of Medical Education and Pediatrics at the University of Illinois at Chicago

Reviews 1

Library Journal Review

Open-source, UNIX-like operating systems such as Linux (Computer Media, LJ 5/1/03) and FreeBSD (Computer Media, LJ 9/1/03) have been growing in popularity, adding to UNIX's reputation as an undeniable standard. For beginning users (with little geared toward administrators), Visual QuickStart provides step-by-step instructions to common commands, from logging in to recording login sessions-with typical tips, tables, sidebars, and screenshots. Appendixes contain a UNIX reference, typical file and directory locations, and command flags. A gentle introduction to the seemingly intimidating UNIX environment; recommended for all libraries. Webmin covers the core uses of this popular open-source, web-based graphical system administration tool, from installation to configuring DNS with BIND to setting up Sendmail. Notes, cautions, and tips add OS-specific and other useful information, the use of each Webmin option is clearly explained, and strategic screen shots illustrate concepts. Especially useful for beginning to intermediate administrators, this will find an audience in larger libraries. (The text is also freely available online.) Security updates and revises this comprehensive classic for beginning to advanced administrators, with hands-on, applicable advice for securing UNIX and UNIX-like networks. While all examples are UNIX-specific, the underlying explanations of network security issues are useful overall. Its logical organization and clear explanations make it a good reference for larger libraries. (c) Copyright 2010. Library Journals LLC, a wholly owned subsidiary of Media Source, Inc. No redistribution permitted.

Table of Contents

Prefacep. xiii
Part I. Computer Security Basics
1. Introduction: Some Fundamental Questionsp. 3
What Is Computer Security?p. 5
What Is an Operating System?p. 6
What Is a Deployment Environment?p. 8
2. Unix History and Lineagep. 11
History of Unixp. 12
Security and Unixp. 23
Role of This Bookp. 30
3. Policies and Guidelinesp. 32
Planning Your Security Needsp. 33
Risk Assessmentp. 35
Cost-Benefit Analysis and Best Practicesp. 38
Policyp. 45
Compliance Auditsp. 53
Outsourcing Optionsp. 54
The Problem with Security Through Obscurityp. 61
Part II. Security Building Blocks
4. Users, Passwords, and Authenticationp. 67
Logging in with Usernames and Passwordsp. 68
The Care and Feeding of Passwordsp. 76
How Unix Implements Passwordsp. 82
Network Account and Authorization Systemsp. 91
Pluggable Authentication Modules (PAM)p. 94
5. Users, Groups, and the Superuserp. 98
Users and Groupsp. 98
The Superuser (root)p. 105
The su Command: Changing Who You Claim to Bep. 109
Restrictions on the Superuserp. 117
6. Filesystems and Securityp. 122
Understanding Filesystemsp. 122
File Attributes and Permissionsp. 127
chmod: Changing a File's Permissionsp. 136
The umaskp. 142
SUID and SGIDp. 145
Device Filesp. 155
Changing a File's Owner or Groupp. 157
7. Cryptography Basicsp. 161
Understanding Cryptographyp. 161
Symmetric Key Algorithmsp. 169
Public Key Algorithmsp. 180
Message Digest Functionsp. 187
8. Physical Security for Serversp. 194
Planning for the Forgotten Threatsp. 194
Protecting Computer Hardwarep. 197
Preventing Theftp. 211
Protecting Your Datap. 216
Story: A Failed Site Inspectionp. 226
9. Personnel Securityp. 230
Background Checksp. 231
On the Jobp. 233
Departurep. 236
Other Peoplep. 237
Part III. Network and Internet Security
10. Modems and Dialup Securityp. 241
Modems: Theory of Operationp. 242
Modems and Securityp. 246
Modems and Unixp. 257
Additional Security for Modemsp. 265
11. TCP/IP Networksp. 267
Networkingp. 267
IP: The Internet Protocolp. 271
IP Securityp. 290
12. Securing TCP and UDP Servicesp. 305
Understanding Unix Internet Servers and Servicesp. 306
Controlling Access to Serversp. 314
Primary Unix Network Servicesp. 329
Managing Services Securelyp. 389
Putting It All Together: An Examplep. 399
13. Sun RPCp. 407
Remote Procedure Call (RPC)p. 408
Secure RPC (AUTH_DES)p. 411
14. Network-Based Authentication Systemsp. 421
Sun's Network Information Service (NIS)p. 422
Sun's NIS+p. 431
Kerberosp. 438
LDAPp. 447
Other Network Authentication Systemsp. 453
15. Network Filesystemsp. 456
Understanding NFSp. 457
Server-Side NFS Securityp. 468
Client-Side NFS Securityp. 473
Improving NFS Securityp. 474
Some Last Comments on NFSp. 483
Understanding SMBp. 485
16. Secure Programming Techniquesp. 498
One Bug Can Ruin Your Whole Day...p. 498
Tips on Avoiding Security-Related Bugsp. 505
Tips on Writing Network Programsp. 514
Tips on Writing SUID/SGID Programsp. 516
Using chroot()p. 519
Tips on Using Passwordsp. 520
Tips on Generating Random Numbersp. 522
Part IV. Secure Operations
17. Keeping Up to Datep. 533
Software Management Systemsp. 533
Updating System Softwarep. 538
18. Backupsp. 544
Why Make Backups?p. 545
Backing Up System Filesp. 561
Software for Backupsp. 565
19. Defending Accountsp. 571
Dangerous Accountsp. 571
Monitoring File Formatp. 583
Restricting Loginsp. 584
Managing Dormant Accountsp. 586
Protecting the root Accountp. 591
One-Time Passwordsp. 595
Administrative Techniques for Conventional Passwordsp. 600
Intrusion Detection Systemsp. 613
20. Integrity Managementp. 616
The Need for Integrityp. 616
Protecting Integrityp. 618
Detecting Changes After the Factp. 622
Integrity-Checking Toolsp. 630
21. Auditing, Logging, and Forensicsp. 641
Unix Log File Utilitiesp. 642
Process Accounting: The acct/pacct Filep. 664
Program-Specific Log Filesp. 666
Designing a Site-Wide Log Policyp. 670
Handwritten Logsp. 673
Managing Log Filesp. 676
Unix Forensicsp. 677
Part V. Handling Security Incidents
22. Discovering a Break-inp. 683
Preludep. 683
Discovering an Intruderp. 686
Cleaning Up After the Intruderp. 700
Case Studiesp. 713
23. Protecting Against Programmed Threatsp. 734
Programmed Threats: Definitionsp. 735
Damagep. 746
Authorsp. 747
Entryp. 749
Protecting Yourselfp. 750
Preventing Attacksp. 762
24. Denial of Service Attacks and Solutionsp. 767
Types of Attacksp. 767
Destructive Attacksp. 769
Overload Attacksp. 769
Network Denial of Service Attacksp. 787
25. Computer Crimep. 795
Your Legal Options After a Break-inp. 795
Criminal Hazardsp. 801
Criminal Subject Matterp. 805
26. Who Do You Trust?p. 811
Can You Trust Your Computer?p. 811
Can You Trust Your Suppliers?p. 815
Can You Trust People?p. 823
Part VI. Appendixes
A. Unix Security Checklistp. 831
B. Unix Processesp. 850
C. Paper Sourcesp. 873
D. Electronic Resourcesp. 883
E. Organizationsp. 896
Indexp. 907