LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-18-2012, 07:36 PM   #1
mbvpixies78
Member
 
Registered: Nov 2007
Location: IL
Distribution: CentOS 6 & Fedora 17
Posts: 179
Blog Entries: 3

Rep: Reputation: 15
Would a 2005 Text On Sever Security be Useful?


I'm looking to learn further about securing a CentOS 6.3 web server and can get a used copy of "Linux Server Security" pretty cheap (http://www.barnesandnoble.com/w/linu...i=linux+server)

My question is whether a book from 2005 about Linux server security is prescient in 2012. I was also looking at buying a book on iptables which confuses the hell out of me up to this point. Is this a question whose answer varies on specifics or are there general rules of thumb when trying to expand your knowledge affordably?

Specifics: I'm running a CentOS 6.3 mirror of the apache project's download section and getting a surprisingly large # of apparent hack attacks which is ok with me if it serves as an opportunity for learning security.

Any links to good (prescient) e-learning would also be greatly appreciated. I suppose my question is really one of advice on direction to take at this point in my self-ejumukashun and newb-dom.
 
Old 10-18-2012, 08:44 PM   #2
jefro
Moderator
 
Registered: Mar 2008
Posts: 15,374

Rep: Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198
Learning even old data helps you. 2005 isn't that bad so you can learn almost all of that and still have use for it.

I used to get older books at a discount and really liked it.

Not sure iptables has changed so it would be useful.
 
Old 10-19-2012, 08:22 AM   #3
Habitual
LQ Addict
 
Registered: Jan 2011
Location: Youngstown, Ohio
Distribution: LM17.1/Xfce4.11.8
Posts: 7,159
Blog Entries: 10

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
I'd buy it.
The principles and techniques in the book will still be valid even though the data it is referencing may be dated.
 
Old 10-19-2012, 11:27 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
I agree that even a book from that long ago still serves a purpose as Linux server management as well as security insights and best practices tend to gradually evolve over time. However considering the topics of your previous threads (some of which unfortunately were left unanswered [0|1]) which slowly move from client-oriented to server-centric, the fact you use a RHEL clone and the fact you appear to have started your server project some time ago I would nonetheless suggest starting with fundamentals like Rute's tutorial (just skip what you know) or if you want a dead tree O"Reilly's "Linux in a Nutshell" (2009 IIRC). While you might scoff at what the title suggests it offers you a solid foundation covering all Linux basics. But once you know how to properly config and admin a basic client role machine you're halfway there. One of the upsides of using Red Hat is that it comes with plenty of management basics (the Deployment, Configuration and Administration Guides for example) and server administration documentation you should be (or get) comfortable with anyway (RSN). A more recent (2011) dead tree might be Sobell's "A Practical Guide to Fedora and Red Hat Enterprise Linux" which covers firewalling and networked services too. Point is I wouldn't shell out cash because something is cheap. Instead I'd look around for what gets you up to speed with the basics in a comfortable and quick way (preferably something that you want to use and re-read again), check what's there for free on any topic that would get you started securing your server (about each major OSS has detailed sections on security) and only buy another book when you've exhausted your on-line resources.
 
Old 02-15-2013, 11:16 PM   #5
mbvpixies78
Member
 
Registered: Nov 2007
Location: IL
Distribution: CentOS 6 & Fedora 17
Posts: 179
Blog Entries: 3

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by jefro View Post
Learning even old data helps you. 2005 isn't that bad so you can learn almost all of that and still have use for it.

I used to get older books at a discount and really liked it.

Not sure iptables has changed so it would be useful.
Iptables, from a philosophical/approach standpoint, confuses the hell out of me. I find bits of things that are suggested to put into my firewall without understanding them. Then I see others say stick to a minimal setup, including your firewall because some firewall settings can cause problems.

I didn't (but may still) get the book I mentioned, but did purchase an e-book, "Network Security Using Linux," which covers a lot of ground at a basic level & I would definitely recommend (haven't finished it yet though.)
 
Old 02-15-2013, 11:33 PM   #6
mbvpixies78
Member
 
Registered: Nov 2007
Location: IL
Distribution: CentOS 6 & Fedora 17
Posts: 179
Blog Entries: 3

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by unSpawn View Post
I agree that even a book from that long ago still serves a purpose as Linux server management as well as security insights and best practices tend to gradually evolve over time. However considering the topics of your previous threads (some of which unfortunately were left unanswered [0|1]) which slowly move from client-oriented to server-centric, the fact you use a RHEL clone and the fact you appear to have started your server project some time ago I would nonetheless suggest starting with fundamentals like Rute's tutorial (just skip what you know) or if you want a dead tree O"Reilly's "Linux in a Nutshell" (2009 IIRC). While you might scoff at what the title suggests it offers you a solid foundation covering all Linux basics. But once you know how to properly config and admin a basic client role machine you're halfway there. One of the upsides of using Red Hat is that it comes with plenty of management basics (the Deployment, Configuration and Administration Guides for example) and server administration documentation you should be (or get) comfortable with anyway (RSN). A more recent (2011) dead tree might be Sobell's "A Practical Guide to Fedora and Red Hat Enterprise Linux" which covers firewalling and networked services too. Point is I wouldn't shell out cash because something is cheap. Instead I'd look around for what gets you up to speed with the basics in a comfortable and quick way (preferably something that you want to use and re-read again), check what's there for free on any topic that would get you started securing your server (about each major OSS has detailed sections on security) and only buy another book when you've exhausted your on-line resources.
I went back, commented and closed some of those threads.

I was able to get a copy of "Linux in a Nutshell" and am slowly making my way through it, along with the other book I mentioned above, on Linux network security.

Thanks to everyone for the suggestions, very helpful!

Looking back at my old threads, it's surprising how far I've come and how clueless I was, yet still am. I was lucky enough to be able to take an online grad-level course on Linux System Admin., using CentOS (hence my using it now.) It was very basic, however, so not much on iptables or (applied) security, other than basic principles/philosophy.

At this point I've made some progress and have other concerns I will start separate threads for. Thanks again to everyone that has helped me get this far.
 
Old 02-16-2013, 08:13 AM   #7
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
If it helps, there's a lot(!) of free to read manuals/books at www.linuxtopia.org.
 
Old 02-16-2013, 10:14 AM   #8
mbvpixies78
Member
 
Registered: Nov 2007
Location: IL
Distribution: CentOS 6 & Fedora 17
Posts: 179
Blog Entries: 3

Original Poster
Rep: Reputation: 15
Awesome thanks! Will definitely be spending some time there.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LQ Security Report Oct 2005 unSpawn Linux - Security 5 11-09-2005 04:16 PM
LQ Security Report - September 5th 2005 Capt_Caveman Linux - Security 3 09-05-2005 07:27 PM
LQ Security Report - June 27th 2005 Capt_Caveman Linux - Security 3 06-27-2005 08:54 PM
LQ Security Report - May 8th 2005 Capt_Caveman Linux - Security 3 05-08-2005 11:08 PM
LQ Security Report - January 9th 2005 Capt_Caveman Linux - Security 3 01-09-2005 02:47 PM


All times are GMT -5. The time now is 02:44 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration