If you're looking to secure your network, Practical Unix & Internet Security is a good source of information. Covering a wide range of Internet security topics, the book's 900-plus pages discuss everything from responsible system administration to intrusion detection, break-in forensics, and log analysis with scripts, checklists, tips, and warnings.

Practical Unix & Internet Security is a well-written introduction to Unix and security issues. It spends a significant amount of time explaining how Unix-based systems work and covering topics such as file systems, partition structure, file ownership and permissions, users and groups, i-nodes, SSH (Secure Shell), and backup and recovery. It details each command, utility, procedure, or feature and explains practical applications for each. It also explains computer security principles in an understandable way, introducing basic Unix security concepts such as passwords, cryptography, security auditing and logging, incident management, risk management, and physical and personnel security. This is particularly useful for computer auditors, who might not be technically competent in Unix.

The book then discusses networking subjects, including modems, TCP/IP, Network File System, firewalls, proxies, remote connection security, and individual network-services security. It also covers detection and response, break-ins, programmed threats and denial of service attacks, and legal issues. It reviews host and network authentication systems (such as NIS, NIS+, and Kerberos, and secure programming) and discusses how to limit security risks under some Unix flavors or platforms (including Solaris, Mac OS X, Linux, and FreeBSD). Throughout, the book successfully intertwines important issues and terms, such as the Rainbow Series and legal issues.

One of the book's main problems is that instead of relying on tools (as any Unix author should), the authors use a cookbook or reference approach. In other words, they give recipes for improving security but make no attempt to explain which tools readers can use to check or fix a particular class of problems.

Additionally, the authors don't present the bigger picture in which flaws exist or provide in-depth coverage of cryptography, networking, or Internet security issues. For example, the book contains only a few lines about Secure Socket Layer, a few lines about spoofing, and nothing about Internet Control Message Protocol attacks. Instead, about a third of the book repeats information from basic Unix texts.

Furthermore, the authors fail to provide references to important RFCs (Request for Comments), including important Internet and protocol policies, FAQs about some topics, and CERT (Computer Emergency Response Teams) advisories worldwide.

If you're relatively new to Unix security or just starting out as an Information System Security Professional (ISSP), Practical Unix & Internet Security will help you immensely. It's a quick and easy reference to security fundamentals. If you're an ISSP or a security administrator, this will be one of many books you'll want in your collection. Even if you don't work with Unix, the book is worthwhile for its discussion of securing TCP/IP networks in general and its explanation of the various implications of running certain Internet services.

Hector Zenil Chávez is a mathematician from UNAM (the National University of Mexico). Contact him at zenil@ciencias.unam.mx.