Rating: 
Summary: A mile wide, several inches deep, great for filling in gaps
Review: I hate to repeat the cliche, but if you can only buy one security book this year and you are a *nix geek, this should be it, hands down. As some point out, you can probably find everything in this book online, but then again you can find anything online, so why buy any books at all? I don't like giving 5 stars; this book left me no choice.The strength of this book lies in several areas. First, the authors probably have 50+ years experience between them and it shows. You really get the impression that they've "been there, done that". But they don't try and "wow" you with their intelligence and they aren't condescending, in fact they write quite clearly. The "mile wide" crack I made in the title refers to the fact that this book covers everything from physical security and social engineering, to how to setup up integrity checking with tripwire and use PAM. Basically I found this book to be invaluable because while I could breeze through certain sections, there was a ton of material that I needed more knowledge about, but either never got around to it, or didn't even know I was lacking. An example is NFS. I knew I needed more background about NFS because I work in infosec, but every place I've ever worked has banned NFS outright, which makes it a little more difficult to learn.... Another 2 technologies pop into my mind: LDAP and PAM. I knew what they were, but now I know how to set up the basics and can branch out on my own. In our infosec world it's simply not possible to know everything. This book gives the reader a solid grounding in a ton of stuff, which enables him to go out and Google around intelligently for more advanced information. In a pinch it can also be used as an anti-theft device since it weighs in at 900+ pages and is quite heavy.
Rating: 
Summary: Definitive Guide to a Wide Variety of Security Issues
Review: I read the first few chapters of this book, gave up on it for few months and then came back and finished it over the past month. Although some of the material is dated, there is a great deal of practical value in this book. One of my favorite sections was on encryption. The authors do an in depth treatment of DES, RSA, MD5 and other types of encryption/cryptography, even going into the algorithms used and what makes them difficult to crack. I also enjoyed the section on different types of log files and the treatment of different services - particularly the parts about X Windows and monitoring with Netstat. There were some sections in the middle that were a little slow- particularly the sections on physical and personnal security and the talk about telephones and modems. While this is useful info, perhaps it could be presented a little better. The section on the world wide web is definately dated but the treatment of rpc and name services (DNS,NIS,NIS+) is excellent. I also enjoyed the authors' description of how to set up a secure network and liked reading about computer security and the law. All in all I enjoyed this book and look forward to the 3rd addition.
Rating:
Summary: Extremely useful, but basic and dated
Review: I read this book and found it to be a great help. I did not know the basics of Unix security. This book was a great start. I read this book over a year ago, and still occasionally refer to pieces of it, (like when I was setting up tripwire, or when I want to find a "well known port".) However, for these days there should be a few additonal tips: 1) subscribe to every security mailing list you can find 2) get on your vendors mailing list 3) get the latest vendor supplied patches 4) beware of buffer overflows and suid programs 5) stay aware of what your logs are telling you 6) keep up with what's happening on the newsgroups and IRC, if possible. I'd say that most break-ins are the result of not fixing a known hole, either through ignorance or wishful thinking. If you have a known hole, fix it.
Rating: 
Summary: outdated and light on internet security
Review: I should have paid more attention when I bought this book in a series of security books and I regret this buy. Its "best seller" position is IMO unjustified because the networking/internet sections (10 total lines on SSL!, mentions of Netscape 2.0b2, nothing on ICMPs attacks, 3 lines about spoofing...) are completly outdated and/or pretty useless.
Rating:
Summary: Great.
Review: I thought this book was great; it extends my knowledge of security in general (TCP IP, Firewalls, WWW, etc), and isn't that difficult to understand. I do find it intresting, however, that the co-author of a book on UNIX Security is the co-author of the UNIX Haters' handbook.. ?
Rating:
Summary: Perfect
Review: If UNIX security is part of your world and
you only have the budget for one book, this is
the one to buy! It is GREAT and a must have.
Rating:
Summary: If you only read one book this year...
Review: If you have anything to do with network administration, security or management, this is a "must read" book. Common (and not-so-common) security situations are explained clearly, with good background and examples. Even the most basic sysadmin to the haughtiest guru can learn something from this book.
Rating:
Summary: Awesome security book!
Review: Practical Unix & Internet Security, the 3rd Edition has a ton of new useful information. If you have but one security reference, this should be it!
Rating:
Summary: Awesome security book!
Review: Practical Unix & Internet Security, the 3rd Edition has a ton of new useful information. If you have but one security reference, this should be it!
Rating:
Summary: Awesome security book!
Review: Practical Unix & Internet Security, the 3rd Edition has a ton of new useful information. If you have but one security reference, this should be it!
| 
