BKUNSSTL.RVW 991002 "UNIX System Security Tools", Seth Ross, 2000, 0-07-913788-1, U$39.99 %A Seth Ross seth@albion.com %C 300 Water Street, Whitby, Ontario L1N 9B6 %D 2000 %G 0-07-913788-1 %I McGraw-Hill Ryerson/Osborne %O U$39.99 905-430-5000 800-565-5758 fax: 905-430-5020 %P 444 p. + CD-ROM %T "UNIX System Security Tools" I must admit, I got a bit apprehensive when the preface stated that the author had evaluated "over three dozen" security tools, chose a half dozen to cover in depth, and did not intend to be a UNIX security primer. Any UNIX sysadmin with a basic knowledge of security could probably name off a few dozen security tools, many shipped with the operating system itself. I need not have worried overmuch. Chapter one has a brief history of UNIX, and then attempts a definition of security that vacillates between broad and narrow, is long on quotations from names in the field, and fails to provide a single, working direction. The outline of security planning given in chapter two is quite good, although it has some gaps and weak areas, such as the very terse coverage of security policies. An informative review of account and password security is presented in chapter three. Means of, and tools for, extending account security are described in chapter four, and the venerable Crack program is given more space in chapter five. Chapter six looks in some depth at the filesystem, but also does a very quick once over of cryptography and backups. Tripwire, which detects file changes, is covered in chapter seven. Logging and auditing is explained in chapter eight and the Swatch logging management program is reviewed in nine. Chapter ten moves from particular areas into the field of overall security and security checking. The COPS and Tiger vulnerability checking programs are discussed in chapters eleven and twelve. Chapter thirteen gives some background on TCP/IP networking and UNIX network functions. A number of Internet applications are described in chapter fourteen, with HTTP (HyperText Transfer Protocol) and the World Wide Web covered in fifteen. Firewalls are given separate space in chapter sixteen. Ross has provided a useful reference for those who have not studied, and cannot devote much time to, security. As he keeps repeating, this is not going to secure systems fully, but it is a reasonable guide to incrementally increasing the security of what you have. copyright Robert M. Slade, 1999 BKUNSSTL.RVW 991002