Rating: 
Summary: don't waste your money
Review: This book is seriously outdated, and even when it wasn't it was useless. Don't be fooled by the five star reviews; they are most likely written by people who are a.) friends of spaf or b.) have no clue about computer security. Eugene Spafford likes to talk, but he has little skill. He would rather waste his time preaching his opinions on vulnerability disclosure than take the time to get a clue. Don't get this book unless you are looking for a few laughs. I could write one paragraph on unix security, and if you took my advice you would be much more secure than if you read this whole useless book. What gives Spafford the right to write a book on this subject anyway? He himself was hacked by known vulnerabilities several times, and that has been documented in the book "Underground". Looking at all the five star reviews for this book makes me realize why most networks are insecure; because the people who run them read this (...) and think they are locked down. I could go on and on, but I'm not going to.
Rating: 
Summary: Book delivers answers to most important security questions.
Review: This book is the textbook for a UNIX and Network Security course given by Victor Hazelwood at the San Diego Supercomputer Center. It presents important and immediate security issues a UNIX System Administrator or IT manager must face, and clearly shows how to protect your systems from unwanted intrusion. Worth having for the security references alone. This is a MUST HAVE reference for ALL UNIX System Administrators.
Rating:
Summary: Incredible!
Review: This book opens up your mind to the various aspects of security in a Unix environment, and teaches you thousands things about TCP/IP, Kerberos, and even how to handle suspended accounts! With examples of shell scripts and illustrations of how computers interact, it is masterpeice for any system administrator who needs or wants to learn more about security and the internet in general
Rating: 
Summary: A thorough book in an ever changing environment
Review: This books is a very thorough hands-on guide to the subject of security for unix computers connected to the Internet.It starts with basic subjects, such as passwords, backups, security auditing & logging, and physical security, and then continues with networking subjects, such as modems, TCP/IP, NFS, kerberos, firewalls, proxies, etc. important issues and terms are interwined - such as what is the rainbow series and legal issues. The subject of computer & Internet security is changing quickly, and as other reviewers have written a book written a couple of years ago (I have the 1996 edition) is no longer up to date. But I think it's a minor issue. First, because one must still learn and protect against older attacks - an intruder will not shy away from trying to use an old security hole just because it's two months old. Hacks are not cheese, and cant be thrown out after two weeks. Second, a sysadmin should get the basic information, terms, ways of thought, etc - and this book will teach this well - and then continuously look for new information and information sources. This includes finding out about bugtraq, ntbugtraq, phrack, and any other new mailing lists and web sites regularily. So I highly recommend this book to anyone who deals with the subject of unix & internet security.
Rating:
Summary: A thorough book in an ever changing environment
Review: This books is a very thorough hands-on guide to the subject of security for unix computers connected to the Internet. It starts with basic subjects, such as passwords, backups, security auditing & logging, and physical security, and then continues with networking subjects, such as modems, TCP/IP, NFS, kerberos, firewalls, proxies, etc. important issues and terms are interwined - such as what is the rainbow series and legal issues. The subject of computer & Internet security is changing quickly, and as other reviewers have written a book written a couple of years ago (I have the 1996 edition) is no longer up to date. But I think it's a minor issue. First, because one must still learn and protect against older attacks - an intruder will not shy away from trying to use an old security hole just because it's two months old. Hacks are not cheese, and cant be thrown out after two weeks. Second, a sysadmin should get the basic information, terms, ways of thought, etc - and this book will teach this well - and then continuously look for new information and information sources. This includes finding out about bugtraq, ntbugtraq, phrack, and any other new mailing lists and web sites regularily. So I highly recommend this book to anyone who deals with the subject of unix & internet security.
Rating:
Summary: Very Important Book
Review: This is a must-have for the new Unix admin. The book won't explain how attacks are done - the book objectively tells what the admin must do to avoid the most common attacks. I guess that for most admins, this is just what they need. Just don't expect to learn much on the nature of the attacks, just on how to defend against them.
Rating:
Summary: Excellent General Introduction
Review: This is a superb discussion of networked-system security, in general. It doesn't pretend to be an up-to-the-minute shopping list of security flaws: that job is better left to web sites. Instead, the text educates readers with a conceptual idea of Computer Security that can be applied successfully to existing systems, and to systems not yet built. It's exactly the sort of educational value that we'd expect from simsong and spaf. But it does go beyond theoretical education, to explain with great clarity fundamental issues in system security. Covering everything from physical security to filesystem quirks, this tome is fascinating in its scope. I have found the special section on writing solid network applications (CGI programs, and the like) to be of great value. In short, this book provides the Common Body of Knowledge in computer security. Start here, and you'll have the basis for a comprehensive understanding of related issues -- one that transcends the individual bugs to see the bigger picture.
Rating:
Summary: IA Professionals should have this book memorized
Review: This is the first book a person considering a career as an Information System Security Professional (ISSP) should read. If you are a ISSP, get this book. If you fall asleep reading it, you may want to think about another career. This book provides the fundamentals and will help you to understand information security manuals. ISSPs speak their own language with multiple acronyms and terms such as I&A, IDS, Orange Book, DAC, MAC, etc.
Rating:
Summary: IA Professionals should have this book memorized
Review: This is the first book a person considering a career as an Information System Security Professional (ISSP) should read. If you are a ISSP, get this book. If you fall asleep reading it, you may want to think about another career. This book provides the fundamentals and will help you to understand information security manuals. ISSPs speak their own language with multiple acronyms and terms such as I&A, IDS, Orange Book, DAC, MAC, etc.
Rating:
Summary: Best and easiest to understand book about UNIX Security
Review: This was the first book I have erver read in English and about UNIX Security. I used it to set up a Linux Gateway/Router and ether my mother tongue is German it was right that book I needed, without tons of parameters and commands - that can you find in help files and man pages ! If I want to buy a book there should be described how a firewall works and how to set it up - and not what to type at the command line exactly, because that demands on the used type and version of the OS. This book is really great !
| 
