Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Practical UNIX security
Garfinkel S., Spafford G., O’Reilly & Associates, Inc., Sebastopol, CA, 1991. Type: Book (9780937175729)
Date Reviewed: Jun 1 1992

Those who deal with security and those who deal with UNIX (AT&T System V as well as BSD 4.2 and 4.3) must have this book. In the preface, the authors state, “This book is not intended to be a UNIX tutorial.… Nor is this a general book on security…this is not a book that is likely to help you design new security mechanisms for UNIX.… What we have done here has been to collect helpful information concerning how to secure your UNIX system against threats, both internal and external. Most of the material is intended for a UNIX system administrator or manager.… Certain key parts of this book were written in greater detail, with a novice user in mind.…”

After reading the book, I found the authors’ claims in the preface to be relatively modest. This book should be read by anyone who deals with UNIX systems, including the acquirers, developers, users, operators, and administrators of UNIX systems and UNIX-based applications.

The book is easy to read and comprehend. Its biggest asset is that the authors introduce UNIX and security-related concepts in terms that can be easily understood by computer professionals. The transition from an abstract security concept to its UNIX application is achieved in a comprehensive and efficient manner. Another asset of the book is the technical depth. The book gives complete implementation details of the security mechanisms and the rationale behind them.

The book is divided into six parts. Part 1, “UNIX and UNIX Security Basics,” has four chapters. The topics covered include the definition of computer security, password management within UNIX, users, groups, superusers, and the UNIX filesystem. The details of password management exemplify the excellent depth and practicality of the book. The chapter on the UNIX filesystem comprehensively describes the discretionary access protection mechanism for the UNIX filesystem hierarchy in an easy-to-understand  fashion. 

Part 2, “Enforcing Security on Your System,” consists of four chapters. The topics covered include dealing with accounts, the importance of password protection for accounts, protecting the root account, backup, integrity checks on files, and various audit logs and their usage in analyzing potential compromises. The section on integrity checks on files is another example of the book’s comprehensiveness and efficiency. In less than 15 pages, the authors introduce various techniques and tools for protecting files against unauthorized modifications and for detecting unauthorized modifications. Part 2 also describes various programmed threats to UNIX systems. A full chapter is devoted to this topic. Trap doors, logic bombs, viruses, worms, and Trojan horses are introduced, and specific UNIX scenarios and countermeasures are described for each of these threats.

Part 3, “Communications and Security,” contains six chapters. The topics covered include modems, UNIX-to-UNIX CoPy system (UUCP), network security, Sun’s NFS, MIT’s Kerberos, and Sun’s secure remote procedure call (RPC). The chapter on modems is efficient and thorough. It discusses the potential threats based on how modem and telephone lines work and how the ultimate in modem security is achieved by having separate banks of incoming and outbound modems and by ensuring that the local carrier provides separate lines to answer incoming calls and to dial out. The chapter on network security covers internet issues, TCP/IP, TELNET, rlogin, rexec, electronic mail, and FTP.

Part 4, “Handling Security Incidents,” has three chapters. The topics covered include things that may point to potential intrusion, tracing potentially troubling network connections, steps to follow when you discover an unauthorized access, and civil and criminal law aspects of a security breach. Part 4 also contains a chapter on denial of service attacks from local UNIX users and from remote network users.

Part 5, “Other Security Topics,” comprises two chapters: a chapter on encryption and a chapter on physical security. The chapter on encryption summarizes three software-based encryption algorithms available on UNIX systems.

Finally, Part 6 contains five appendices and an index of terms. The first four appendices provide a detailed UNIX security checklist organized by the chapters in the main body of the book; a list of important files in UNIX systems, including the SUID and SGID files; process management commands in UNIX; and details on how Kerberos works. The fifth appendix provides a comprehensive list of UNIX security-related references and a list of organizations involved in UNIX security.
Reviewer:  Santosh Chokani Review #: CR115707
Bookmark and Share
 
Security and Protection (D.4.6 )
 
 
Unix (D.4.0 ... )
 
 
Systems Programs And Utilities (D.4.9 )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
Trusted products evaluation
Chokhani S. Communications of the ACM 35(7): 64-76, 1992. Type: Article		 Oct 1 1993
An experience using two covert channel analysis techniques on a real system design
Haigh J., Kemmerer R., McHugh J., Young W. IEEE Transactions on Software Engineering SE-13(2): 157-168, 1987. Type: Article		 Nov 1 1987
A comment on the ‘basic security theorem’ of Bell and LaPadula
McLean J. Information Processing Letters 20(2): 67-70, 1985. Type: Article		 Dec 1 1985
more...
E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use | Privacy Policy