[SOLVED] Would a 2005 Text On Sever Security be Useful?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
My question is whether a book from 2005 about Linux server security is prescient in 2012. I was also looking at buying a book on iptables which confuses the hell out of me up to this point. Is this a question whose answer varies on specifics or are there general rules of thumb when trying to expand your knowledge affordably?
Specifics: I'm running a CentOS 6.3 mirror of the apache project's download section and getting a surprisingly large # of apparent hack attacks which is ok with me if it serves as an opportunity for learning security.
Any links to good (prescient) e-learning would also be greatly appreciated. I suppose my question is really one of advice on direction to take at this point in my self-ejumukashun and newb-dom.
I agree that even a book from that long ago still serves a purpose as Linux server management as well as security insights and best practices tend to gradually evolve over time. However considering the topics of your previous threads (some of which unfortunately were left unanswered [0|1]) which slowly move from client-oriented to server-centric, the fact you use a RHEL clone and the fact you appear to have started your server project some time ago I would nonetheless suggest starting with fundamentals like Rute's tutorial (just skip what you know) or if you want a dead tree O"Reilly's "Linux in a Nutshell" (2009 IIRC). While you might scoff at what the title suggests it offers you a solid foundation covering all Linux basics. But once you know how to properly config and admin a basic client role machine you're halfway there. One of the upsides of using Red Hat is that it comes with plenty of management basics (the Deployment, Configuration and Administration Guides for example) and server administration documentation you should be (or get) comfortable with anyway (RSN). A more recent (2011) dead tree might be Sobell's "A Practical Guide to Fedora and Red Hat Enterprise Linux" which covers firewalling and networked services too. Point is I wouldn't shell out cash because something is cheap. Instead I'd look around for what gets you up to speed with the basics in a comfortable and quick way (preferably something that you want to use and re-read again), check what's there for free on any topic that would get you started securing your server (about each major OSS has detailed sections on security) and only buy another book when you've exhausted your on-line resources.
Learning even old data helps you. 2005 isn't that bad so you can learn almost all of that and still have use for it.
I used to get older books at a discount and really liked it.
Not sure iptables has changed so it would be useful.
Iptables, from a philosophical/approach standpoint, confuses the hell out of me. I find bits of things that are suggested to put into my firewall without understanding them. Then I see others say stick to a minimal setup, including your firewall because some firewall settings can cause problems.
I didn't (but may still) get the book I mentioned, but did purchase an e-book, "Network Security Using Linux," which covers a lot of ground at a basic level & I would definitely recommend (haven't finished it yet though.)
I agree that even a book from that long ago still serves a purpose as Linux server management as well as security insights and best practices tend to gradually evolve over time. However considering the topics of your previous threads (some of which unfortunately were left unanswered [0|1]) which slowly move from client-oriented to server-centric, the fact you use a RHEL clone and the fact you appear to have started your server project some time ago I would nonetheless suggest starting with fundamentals like Rute's tutorial (just skip what you know) or if you want a dead tree O"Reilly's "Linux in a Nutshell" (2009 IIRC). While you might scoff at what the title suggests it offers you a solid foundation covering all Linux basics. But once you know how to properly config and admin a basic client role machine you're halfway there. One of the upsides of using Red Hat is that it comes with plenty of management basics (the Deployment, Configuration and Administration Guides for example) and server administration documentation you should be (or get) comfortable with anyway (RSN). A more recent (2011) dead tree might be Sobell's "A Practical Guide to Fedora and Red Hat Enterprise Linux" which covers firewalling and networked services too. Point is I wouldn't shell out cash because something is cheap. Instead I'd look around for what gets you up to speed with the basics in a comfortable and quick way (preferably something that you want to use and re-read again), check what's there for free on any topic that would get you started securing your server (about each major OSS has detailed sections on security) and only buy another book when you've exhausted your on-line resources.
I went back, commented and closed some of those threads.
I was able to get a copy of "Linux in a Nutshell" and am slowly making my way through it, along with the other book I mentioned above, on Linux network security.
Thanks to everyone for the suggestions, very helpful!
Looking back at my old threads, it's surprising how far I've come and how clueless I was, yet still am. I was lucky enough to be able to take an online grad-level course on Linux System Admin., using CentOS (hence my using it now.) It was very basic, however, so not much on iptables or (applied) security, other than basic principles/philosophy.
At this point I've made some progress and have other concerns I will start separate threads for. Thanks again to everyone that has helped me get this far.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.