Rating: 
Summary: Little old but still a valuable classic
Review: Practical UNIX and Internet Security by Garfinkel and Spafford is a fundamental work on the subject. The authors not only are widely respected professionals in the field, but good writers as well (or is this O'Reilly's editors? :-). Anyway, this book despite its size is readable, still has lots of information, and comes highly recommended. As one of the other reviewers of this book has written, the details of systems and software may change, but the underlying security and good management practices will not. The reason I give it 4 out of 5 stars is because it is published a while ago.
Edgar Danielyan CCNP(Security) ISA www.danielyan.com
Rating: 
Summary: One excellent security resource!!
Review: Practical, indeed, and insightful! Loaded with security principles and procedures to enforce those principles. A valuable, lasting security guide for its principles alone; this is not one of those books that will be obsolete in a couple years. Very broad, covering all major aspects of computer security; it's like many books in one. Teaches the whats, whys, and hows of each aspect. Also contains some history as well as some humorous accounts. Descriptions and procedures are applied to the most popular Unix systems (focuses on Solaris, Mac OS X, Linux, & FreeBSD, but discusses many more). Very educational, understandable, and practical--even for newbies like me desiring to lock down their system. Appendix contains a helpful security checklist summarizing each chapter's content.
Rating:
Summary: One excellent security resource!!
Review: Practical, indeed, and insightful! Loaded with security principles and procedures to enforce those principles. A valuable, lasting security guide for its principles alone; this is not one of those books that will be obsolete in a couple years. Very broad, covering all major aspects of computer security; it's like many books in one. Teaches the whats, whys, and hows of each aspect. Also contains some history as well as some humorous accounts. Descriptions and procedures are applied to the most popular Unix systems (focuses on Solaris, Mac OS X, Linux, & FreeBSD, but discusses many more). Very educational, understandable, and practical--even for newbies like me desiring to lock down their system. Appendix contains a helpful security checklist summarizing each chapter's content.
Rating:
Summary: Recommended with reservations for students & hobbyists only
Review: Somewhat outdated -- two years old in a very dynamic field, Rootkit is not even mentioned, Bugtraq mentioned only in supplement, etc. Far from being practical and can be used only as an introductory text in Unix security. Not recommended for Internet security (superficial and incomplete). Good style -- Simson Garfinkel of The UNIX-Haters Handbook fame is a really talented journalist (but now only a journalist, see his interview with Amazon.com). The main problem with the book is that instead of relying on tools as any Unix author should, the authors use a cookbook/reference approach giving recipes about improving security. References to important RFCs, FAQ and CERT advisories are absent. For example RFC1244 (now superseded by RTC2196) is not mentioned in index(and probably in the text as well) although Ch.2 and Ch.24 mirror its content. No attempts were made to explain what tools can be used for checking/fixing particular class of problems or to present a bigger picture in which the flaw exists. Typesetting is very primitive. Although one of the authors is a (former) programmer judging by just the book content it is difficult to believe that he is able to spell PERL :-). The book is not updated enough to compete with newer books on Internet Security. For corporate users possible alternatives are combinations of one book on Unix security (for example, Unix System Security by David A. Curry) and one book on Internet security (for example Actually Useful Internet Security Techniques by Larry J. Hughes). The last is recommended as an alternative for readers who cannot afford two books. Often books written by a specialist in particular areas can be a better deal than books from security folks. For example TCP/IP Network Administration by Craig Hunt contains a lot more information about how properly configure TCP/IP than this book and in Ch.12 has a very decent overview of security in just 40 pages.
Rating:
Summary: No better Unix/Internet security book exists...
Review: Sure, it's a bit dated, but it's still the best book on this subject. It doesn't go into as much depth in certain areas as other books might (e.g., "Building Internet Firewalls, 2nd Edition", By Elizabeth D. Zwicky, Simon Cooper & D. Brent Chapman, published by O'Reilly & Assoc.), but then it covers a much broader array of subjects.If you're a Unix admin but your primary job is not Security, then this probably needs to be one of your core books on your bookshelf. If you are a Security admin, then this book should be the core of a whole collection of books you need.
Rating:
Summary: An excellent book for the computer auditor!
Review: The best beginners guide to UNIX security and computer security in general I have ever read. In fact the only technical book I have read and enjoyed! This book explains first principles in computer security in an understandable way. This is particularly useful for computer auditors, who may not be technically competent in UNIX. I used this book to develop security audit programs for backup and recovery, incident management, basic UNIX security review and risk management. Consequently I was haled as a hero and a guru by management! New computer auditors should buy this now!
Rating: 
Summary: Sub Par Performance from a Sub Par Author
Review: the book contains little to no information that any intro security book hasnt already covered, the author of the UNIX Hater's book is definately showing his general dis interest in security for unix ... why he wrote this book is beyond me ... to sum up: dont waste 30-odd dollars for this .. if ya see another security book on the shelf .. try it cant be much worse
Rating:
Summary: Little Giant. . . Vade Mecum
Review: The second edition of this book was my security vade mecum for the last 8 years. For what I can foresee, this third edition, will play the same role for (at least) the next three years. When you are required as an security expert, several tasks are usually to be faced:
New scenarios to analyze?, checklists to recommend?, good firewall architectures to suggest?, logs to watch? (and so on). Don't worry, with the only help of this Garfinkel, Spafford and Schwartz 'little giant' book, you are done. Excellent book. A Must for security people.
Rating:
Summary: Excellent book for those securing any TCP/IP network
Review: This book covers a wide range of topics regarding internet security. For *NIX admins, a very good source of information about securing your network against the outside. For other Non-*NIX people, still very worth while for the coverage about securing TCP/IP networks in general, and understanding the various implications of running certain internet services.
Rating: 
Summary: don't waste your money
Review: This book is seriously outdated, and even when it wasn't it was useless. Don't be fooled by the five star reviews; they are most likely written by people who are a.) friends of spaf or b.) have no clue about computer security. Eugene Spafford likes to talk, but he has little skill. He would rather waste his time preaching his opinions on vulnerability disclosure than take the time to get a clue. Don't get this book unless you are looking for a few laughs. I could write one paragraph on unix security, and if you took my advice you would be much more secure than if you read this whole useless book. What gives Spafford the right to write a book on this subject anyway? He himself was hacked by known vulnerabilities several times, and that has been documented in the book "Underground". Looking at all the five star reviews for this book makes me realize why most networks are insecure; because the people who run them read this (...) and think they are locked down. I could go on and on, but I'm not going to.
|
