This is a nice, useful collection of 125 hacks to help secure your network and systems. If you've read a couple dozen or more other security books and spend a lot of time reading security-related websites, there isn't much in this book that you haven't already seen elsewhere. It is nice to have it all in one book though. This is well written and has proven to be a worthwhile reference on my book shelf on several occasions.

I don't feel this book is suitable for absolute beginners to information security. For those without much infosec background, seek an introductory security book prior to diving into this one.

The Windows coverage is very light. If you run a Windows-only network, this book doesn't offer a lot for you, but still may be a worthwhile purchase. For those running a mixed network or primarily BSD and Linux systems, it offers much more value.

Hi, I didn't receive my order. It's my second order I have problem with it.

More, i receive mail to review my order but it don't apper in my recent order.

Thanks to correct situation,

This is a great book and a great series. Tons of great tips and quickly becomes and awesome reference guide.

A very good organization, I recommend those for whom security is important, but who don't want complications.

This second edition of Network Security Hacks is a collection of 125 powerful security techniques. This volume demonstrates effective methods for defending your servers and networks from a variety of devious and subtle attacks. Within this book are examples of how to detect the presence and track every keystroke of network intruders, methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be hackers. Many important security tools are presented, as well as interesting ways for using them to reveal useful information about your network's activity. There is mention in the beginning of the book about "code", but I haven't run across any yet. The closest thing I found to code were forms of command lines for various network tools and expected typical responses. So if you are not a programmer, don't be scared away. The following is the table of contents:

Chapter 1, Unix Host Security, demonstrates advanced techniques for hardening your Linux, FreeBSD, or OpenBSD server.

Chapter 2, Windows Host Security, covers many important steps that Windows administrators often overlook, including tightening down permissions, auditing all system activity, and eliminating security holes that are present in the default Windows installation.

Chapter 3, Privacy and Anonymity, discusses several ways to protect oneself online by offering solutions for encrypting email, remaining anonymous, and managing passwords for web sites.

Chapter 4, Firewalling, shows how to set up firewalls under various operating systems, such as Linux, OpenBSD, FreeBSD, and Windows. Different filtering and firewall testing techniques are also covered in this chapter.

Chapter 5, Encrypting and Securing Services, shows how provide secure services for SMTP, IMAP, POP3, Apache, and MySQL.

Chapter 6, Network Security, demonstrates some tools and techniques used to attack servers using the network itself, as well as methods for preventing these attacks.

Chapter 7, Wireless Security, includes only a handful of very useful hacks. Whether you want to share your network with others and still maintain a semblance of security, or lock down your wireless network with fine-grained authentication, this chapter has something for you.

Chapter 8, Logging, shows you how to balance the need for information with the need for brevity by automatically collecting, processing, and protecting your system logs.

Chapter 9, Monitoring and Trending, presents a number of tools and methods for watching your network and services over time, allowing you to recognize trends that will aid in future planning and enable you to tell at a glance when something just isn't right.

Chapter 10, Secure Tunnels, shows you how to implement powerful VPN technologies, including IPSec, PPTP, and OpenVPN. You will also find techniques for protecting services using SSL, SSH, and other strong encryption tools.

Chapter 11, Network Intrusion Detection, centers on the tremendously popular NIDS tool Snort and presents many techniques and add-ons that unleash this powerful tool's full potential. Also presented are methods for setting up your own "honeypot" network to attract and confuse would-be system crackers.

Chapter 12, Recovery and Response, contains suggestions on how to verify your system's integrity, preserve evidence for later analysis, and track down the human being at the other end of undesirable network traffic.

I would recommend this book to any network security professional. However, I think it is too advanced for someone who is just interested in the profession or someone who is tinkering with a home network on an amateur basis. There is no "beginner's material" to be found in this book, and it will likely be over your head if you are not already working in the field.

This second edition of Network Security Hacks is a collection of 125 powerful security techniques. This volume demonstrates effective methods for defending your servers and networks from a variety of devious and subtle attacks. Within this book are examples of how to detect the presence and track every keystroke of network intruders, methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be hackers. Many important security tools are presented, as well as interesting ways for using them to reveal useful information about your network's activity. There is mention in the beginning of the book about "code", but I haven't run across any yet. The closest thing I found to code were forms of command lines for various network tools and expected typical responses. So if you are not a programmer, don't be scared away. The following is the table of contents:

Chapter 1, Unix Host Security, demonstrates advanced techniques for hardening your Linux, FreeBSD, or OpenBSD server.

Chapter 2, Windows Host Security, covers many important steps that Windows administrators often overlook, including tightening down permissions, auditing all system activity, and eliminating security holes that are present in the default Windows installation.

Chapter 3, Privacy and Anonymity, discusses several ways to protect oneself online by offering solutions for encrypting email, remaining anonymous, and managing passwords for web sites.

Chapter 4, Firewalling, shows how to set up firewalls under various operating systems, such as Linux, OpenBSD, FreeBSD, and Windows. Different filtering and firewall testing techniques are also covered in this chapter.

Chapter 5, Encrypting and Securing Services, shows how provide secure services for SMTP, IMAP, POP3, Apache, and MySQL.

Chapter 6, Network Security, demonstrates some tools and techniques used to attack servers using the network itself, as well as methods for preventing these attacks.

Chapter 7, Wireless Security, includes only a handful of very useful hacks. Whether you want to share your network with others and still maintain a semblance of security, or lock down your wireless network with fine-grained authentication, this chapter has something for you.

Chapter 8, Logging, shows you how to balance the need for information with the need for brevity by automatically collecting, processing, and protecting your system logs.

Chapter 9, Monitoring and Trending, presents a number of tools and methods for watching your network and services over time, allowing you to recognize trends that will aid in future planning and enable you to tell at a glance when something just isn't right.

Chapter 10, Secure Tunnels, shows you how to implement powerful VPN technologies, including IPSec, PPTP, and OpenVPN. You will also find techniques for protecting services using SSL, SSH, and other strong encryption tools.

Chapter 11, Network Intrusion Detection, centers on the tremendously popular NIDS tool Snort and presents many techniques and add-ons that unleash this powerful tool's full potential. Also presented are methods for setting up your own "honeypot" network to attract and confuse would-be system crackers.

Chapter 12, Recovery and Response, contains suggestions on how to verify your system's integrity, preserve evidence for later analysis, and track down the human being at the other end of undesirable network traffic.

I would recommend this book to any network security professional. However, I think it is too advanced for someone who is just interested in the profession or someone who is tinkering with a home network on an amateur basis. There is no "beginner's material" to be found in this book, and it will likely be over your head if you are not already working in the field.

This second edition of Network Security Hacks is a collection of 125 powerful security techniques. This volume demonstrates effective methods for defending your servers and networks from a variety of devious and subtle attacks. Within this book are examples of how to detect the presence and track every keystroke of network intruders, methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be hackers. Many important security tools are presented, as well as interesting ways for using them to reveal useful information about your network's activity. There is mention in the beginning of the book about "code", but I haven't run across any yet. The closest thing I found to code were forms of command lines for various network tools and expected typical responses. So if you are not a programmer, don't be scared away. The following is the table of contents:

Chapter 1, Unix Host Security, demonstrates advanced techniques for hardening your Linux, FreeBSD, or OpenBSD server.

Chapter 2, Windows Host Security, covers many important steps that Windows administrators often overlook, including tightening down permissions, auditing all system activity, and eliminating security holes that are present in the default Windows installation.

Chapter 3, Privacy and Anonymity, discusses several ways to protect oneself online by offering solutions for encrypting email, remaining anonymous, and managing passwords for web sites.

Chapter 4, Firewalling, shows how to set up firewalls under various operating systems, such as Linux, OpenBSD, FreeBSD, and Windows. Different filtering and firewall testing techniques are also covered in this chapter.

Chapter 5, Encrypting and Securing Services, shows how provide secure services for SMTP, IMAP, POP3, Apache, and MySQL.

Chapter 6, Network Security, demonstrates some tools and techniques used to attack servers using the network itself, as well as methods for preventing these attacks.

Chapter 7, Wireless Security, includes only a handful of very useful hacks. Whether you want to share your network with others and still maintain a semblance of security, or lock down your wireless network with fine-grained authentication, this chapter has something for you.

Chapter 8, Logging, shows you how to balance the need for information with the need for brevity by automatically collecting, processing, and protecting your system logs.

Chapter 9, Monitoring and Trending, presents a number of tools and methods for watching your network and services over time, allowing you to recognize trends that will aid in future planning and enable you to tell at a glance when something just isn't right.

Chapter 10, Secure Tunnels, shows you how to implement powerful VPN technologies, including IPSec, PPTP, and OpenVPN. You will also find techniques for protecting services using SSL, SSH, and other strong encryption tools.

Chapter 11, Network Intrusion Detection, centers on the tremendously popular NIDS tool Snort and presents many techniques and add-ons that unleash this powerful tool's full potential. Also presented are methods for setting up your own "honeypot" network to attract and confuse would-be system crackers.

Chapter 12, Recovery and Response, contains suggestions on how to verify your system's integrity, preserve evidence for later analysis, and track down the human being at the other end of undesirable network traffic.

I would recommend this book to any network security professional. However, I think it is too advanced for someone who is just interested in the profession or someone who is tinkering with a home network on an amateur basis. There is no "beginner's material" to be found in this book, and it will likely be over your head if you are not already working in the field.

This second edition of Network Security Hacks is a collection of 125 powerful security techniques. This volume demonstrates effective methods for defending your servers and networks from a variety of devious and subtle attacks. Within this book are examples of how to detect the presence and track every keystroke of network intruders, methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be system crackers. Many important security tools are presented, as well as clever methods for using them to reveal real, useful information about what is happening on your network.

Chapter 1, Unix Host Security, demonstrates advanced techniques for hardening your Linux, FreeBSD, or OpenBSD server.

Chapter 2, Windows Host Security, covers many important steps that Windows administrators often overlook, including tightening down permissions, auditing all system activity, and eliminating security holes that are present in the default Windows installation.

Chapter 3, Privacy and Anonymity, discusses several ways to protect oneself online by offering solutions for encrypting email, remaining anonymous, and managing passwords for web sites.

Chapter 4, Firewalling, shows how to set up firewalls under various operating systems, such as Linux, OpenBSD, FreeBSD, and Windows. Different filtering and firewall testing techniques are also covered in this chapter.

Chapter 5, Encrypting and Securing Services, shows how provide secure services for SMTP, IMAP, POP3, Apache, and MySQL.

Chapter 6, Network Security, demonstrates some tools and techniques used to attack servers using the network itself, as well as methods for preventing these attacks.

Chapter 7, Wireless Security, includes only a handful of very useful hacks. Whether you want to share your network with others and still maintain a semblance of security, or lock down your wireless network with fine-grained authentication, this chapter has something for you.

Chapter 8, Logging, shows you how to balance the need for information with the need for brevity by automatically collecting, processing, and protecting your system logs.

Chapter 9, Monitoring and Trending, presents a number of tools and methods for watching your network and services over time, allowing you to recognize trends that will aid in future planning and enable you to tell at a glance when something just isn't right.

Chapter 10, Secure Tunnels, shows you how to implement powerful VPN technologies, including IPSec, PPTP, and OpenVPN. You will also find techniques for protecting services using SSL, SSH, and other strong encryption tools.

Chapter 11, Network Intrusion Detection, centers on the tremendously popular NIDS tool Snort and presents many techniques and add-ons that unleash this powerful tool's full potential. Also presented are methods for setting up your own "honeypot" network to attract and confuse would-be system crackers.

Chapter 12, Recovery and Response, contains suggestions on how to verify your system's integrity, preserve evidence for later analysis, and track down the human being at the other end of undesirable network traffic.

I would recommend this book to any network security professional. However, I think it is too advanced for someone who is just interested in the profession or someone who is tinkering with a home network on an amateur basis. There is no "beginner's material" to be found in this book, and it will likely be over your head if you are not already working in the field.

"Network Security Hacks" Second Edition
by: Andrew Lockhart
O'Reilly Media, Inc. 2007
ISBN: 10: 0-596-52763-2

Network Security Hacks is more advanced than some of the other "Hacks series" books.
Explains the why and how of securing your Unix, Linux, or Windows servers. Protect your data and your users form outside threats, using the detailed examples in this book. Not for beginners, this book is intended for experienced administrators, already familiar with server configurations.

"Network Security Hacks" Second Edition
by: Andrew Lockhart
O'Reilly Media, Inc. 2007
ISBN: 10: 0-596-52763-2

Network Security Hacks is more advanced than some of the other "Hacks series" books.
Explains the why and how of securing your Unix, Linux, or Windows servers. Protect your data and your users form outside threats, using the detailed examples in this book. Not for beginners, this book is intended for experienced administrators, already familiar with server configurations.

O'Reilly's Hacks series have been hit or miss; mostly hits, and this second edition is no exception. Lockhart and friends bring together a set of tips and tricks in the classic O'Reilly form, and cover a scattershot of topics that people like to know.

There's over 100 hacks here, and I can't possibly cover them all. I'll pick and choose topics to illustrate why I think this book is a success. As other reviewers have noted, this book focuses on Linux and BSD security, but it does cover Windows in a decent amount. This probably reflects the community's choice of OSes (but does under represent some OS X specifics), and the availability of tools and techniques.

Chapter 1, covering 20-some hacks, covers UNIX host-level security. A lot of it is stuff you've seen before, but some of it is stuff that's hard to find (ie Systrace setups, sandboxing services), or so disparate that it's nice to have it all in one place. Chapter 2 covers over a dozen hacks for Windows that are similar, securing your Windows host.

The chapters on privacy (3), encrypting services (5), and tunneling (Chapter 10) are pretty good. They're tight, well written, and clear enough that an intermediate network or system administrator could do well. I liked that chapter 4 covered firewalling for PF on BSD, Linux's Netfilter, and the Windows firewall all similarly. The hacks on VPNs using various tools are great, they're clear in an amazingly short space.

Network and wireless security get a fair shake, and you can even learn how to scan the network for viruses, detect ARP attacks, deploy a captive portal, and assess your systems for vulnerabilities. Again, a nice spread of topics, most of them well covered in a short space.

NIDS topics get their own chapter, and things like Snort setup, maintenance, and even the basics of rule writing get covered. You'll even get an intro to Honeyd for your time.

I would have liked to have seen Chapter 12 on recovery and response get a lot more time and effort, I think it's sorely needed. Perhaps if everyone writes a hack for this chapter they'll add them to the third edition.

All in all a good book for a skilled, intermediate level system and network administrator. This book carries on the hacks series with style and skill, and delivers almost everything in a small package.

The book is very well written in a professional form. I was able to learn a lot out of it. It should be in every IT security persons library. But it is not a book for beginners. Although all issues are well explained, a certain computer background is needed, and not basic knowledge only. The book is worth its price.

Werner Preining, captain, CPP, CAS

The book is very well written in a professional form. I was able to learn a lot out of it. It should be in every IT security persons library. But it is not a book for beginners. Although all issues are well explained, a certain computer background is needed, and not basic knowledge only. The book is worth its price.

Werner Preining, captain, CPP, CAS

First, I write software professionally. I write software, I am not a Sys Admin (which is hard work I might add; System Administration is for hardcore people.) This book saved me money by giving me answers to problems that would have taken me days to find the answers to by searching the internet.

I would have said 5 stars but this covers Unix, Windows and Linux and I was just looking for a Linux book. It is good none the less.

Time is money in this business and this book save both time and money.

Also the book is a "good" read. The authors write well and that keeps you reading. Not a dry manual.

If you are doing Linux for fun or work you need will need to buy this book. It allows you more time to sleep at night.

First, I write software professionally. I write software, I am not a Sys Admin (which is hard work I might add; System Administration is for hardcore people.) This book saved me money by giving me answers to problems that would have taken me days to find the answers to by searching the internet.

I would have said 5 stars but this covers Unix, Windows and Linux and I was just looking for a Linux book. It is good none the less.

Time is money in this business and this book save both time and money.

Also the book is a "good" read. The authors write well and that keeps you reading. Not a dry manual.

If you are doing Linux for fun or work you need will need to buy this book. It allows you more time to sleep at night.

Security has been high on my list of things to understand and master these past two years. Our company's firewall has been breached numerous times. This has scared the living daylights out of our stakeholders. I have therefore been forced to become an expert. This is one of the books that has helped me attain this level of understanding. It offers insights not available in regular how to guides on security.

First, let me make clear right off the bat, I'm leaving this review as someone who purchased this book expecting information on Windows Networks and was disappointed. A large part of why this book was a bad experience for me is that, when a book bills itself as covering both Unix and Windows, I assume it gives equal coverage to both.

If you are a Unix admin this book might very well be just what you need.

That said, of its 300 pages, roughly 35 of them are devoted to Windows. In those 35 pages the author pretty clearly conveys his distaste for Windows even going so far as to misrepresent certain areas of the Windows World (someone should tell the author that Windows does have a fairly powerful scripting engine). Of the Windows tips that are provided, many of them are dedicated to making Windows work with Unix in a mixed environment.

Even without the coverage, it wouldn't take much to figure out the author's bias. The book is full of quotes such as "I know we're used to a robust, powerful scripting function in Unix but Windows doesn't have this so we have to..."

I honestly could have forgiven most of the above if the hacks had been well marked so that I could tell which were Windows related and which were Unix related. That way I would have, at very least, had a visual way to skim the book and realize how lopsided the coverage was so that I could have been saved from purchasing it.

If you're interested in Windows Security advice, I'd suggest picking up Hardening Windows by Roberta Bragg. It's a much better fit.

This book took me a long time to read, but for a good reason, I kept implementing
the various hacks in the book on a server I had started setting up.

The book is mostly Unix related, but there is some Windows related `hacks' as well.
I think the Windows coverage was lacking a bit though. For Unix, it talks about
Linux, the BSD's and a bit on Mac OS X and Solaris. Most of the topics are
general enough to apply to any Unix based Operating System, but some are specific
to an operating system.

One of the great things about the Hacks series of books by O'Reilly is that the
information is presented in nice small chunks that you can read in a few minutes
if you have some spare time.

The hacks are all `hyperlinked' to each other, if a hack mentions something that
relates to another hack, it is highlighted in blue and the hack that it
references is listed. I did find a few places where this wasn't done
(#84 Real-Time Monitoring, first mentions Barnyard but doesn't provide any
information on it or mention that it is one of the later hacks).

Lots of the hacks in the book could be found by doing some reading on the
internet, but finding such a variety of topics all in one place, with enough
information to get you started is really nice. Even though I consider myself to
be fairly security conscious, I still found quite a few things in this book that
I hadn't thought of, or plain didn't realize were possible or even existed. I
would recommend this book to anyone that is interested in security or anyone
responsible for maintaining a server (whether or not it is on the internet).

Overall, I find this book to be an enjoyable read. I thumb through it time and time again, and come up with some useful hints and tips (not really necessarily hacks though). It's more oriented toward BSD Unix and Linux, but I did find some useful hints for Windows (the current topic of my studies). I really like the plug for ntsyslod (hack 56), which can take binary event logs and route them to syslogd service. Nice. Finally, logs in Windows are now open for business.

I found some material to be trivial, making problems from non-problems, or rather not practical to implement. For example, one hint advises Windows users to encrypt their temp directory (hack 28). However, there are easy workarounds to bypass EFS, and the temp directory is within a user's profile, and thus secured from other users anyhow. So encrypting it is unecessary, and not useful given users can drag a file to a floppy or non-NTFS filesystem to and bypass the encryption.

One hack recommended flush the page file as some important application data might be in there (hack 29). However, this requires delving into the registry, and to implement across all workstations is too taxing. However, there could be ways to automate this through group policy objects and scripts. There's no coverage on how to automate some of these chores, which is not always straightforward in Windows.

One a final note, I wish there was more coverage of Windows. There's could be equivelent coverage of things like time sychronization (hack 44) for Windows as well.

Overall though, I think there are enough useful tips to make this book valuable. I've already wrote my name on this one...

It's important to understand who this book is for. It's not for the amateur looking to configure their firewall. The book starts with locking up UNIX filesystems and doesn't turn back the complexity clock as it winds through all the way to advanced topics like Honeypots and various SSH tunneling schemes. I highly recommend this book for network administrators and security professionals looking to make sure they have all of their bases covered. However, for the personal computer user looking to make sure their DSL doesn't get hacked I cannot recommend this book.

Lots of very very very good hints and suggestions!

a valauble title.

"Network Security Hacks" (NSH) has something for nearly everyone, although it focuses squarely on Linux, BSD, and Windows, in that order of preference. Administrators for commercial UNIX variants (Solaris, AIX, HP-UX, etc.) should be able to apply much of the book's advice to their environments, but they are not the target audience. NSH is written for admins needing quick-start guides for common security tools, and in this respect it delivers.

I found NSH to be most rewarding when it avoided discussing the same topics everyone else has covered. Lesser known tools like authpf, ftester, sniffdet, SFS, rpcapd, and Sguil caught my interest (especially as I write Sguil installation docs). Even some ways to use familiar tools were helpful, like the -f (fork) and -N (no command) switches for SSH forwarding. In some cases it made sense to mention well-worn topics like BIND or MySQL, with an eye towards quickly augmenting the security of those servers.

Elsewhere I questioned the need to cover certain tools. With the number of Snort titles approaching double digits, and O'Reilly's own Snort books in the wings, was it really necessary to devote several hacks to Snort? In the same respect, I felt mention of Nmap, Nessus, swatch, and ACID was not needed, nor was advice on implementing certain Windows security features.

In some cases the descriptions were too brief to really explain the technologies at hand. For example, the "Secure Tunnels" chapter discusses a very specific IPSec scenario (wireless client to gateway) without informing the reader of the other sorts of tunnels that are possible. I also questioned some of the content, like p. 47's statement that Windows lacks "robust built-in scripting." Brian Knittel's "Windows XP Under the Hood" would quickly change the author's mind. Also, the anomaly detection preprocessor SPADE is described, even though the last version (Spade-030125.1.tgz, released Jan 03) is only available on a Polish student's Web server and no longer cleanly integrates with Snort past version 2.0.5, released in Nov 03.

Despite these comments, I still found NSH a great addition to my security bookshelf. I found the coverage of Windows more than adequate, given that true security innovation in the public sphere is being done in the open source world and not in Redmond's labs. The writing tends to be clear and the descriptions concise. I guarantee you will find a handful of hacks which pique your curiosity and ultimately help secure your enterprise.

When I first got this little book, I was unimpressed by its idea: a seemingly random collection of network security tips, combined under the same cover. However, when I started reading, more and more often I exclaimed "ah, that is how it is done", etc. The book is one cool collection of tips, ranging from mundane (`how to configure iptables on Linux') to fairly esoteric (`how to use MySQL as an authenticating backend for an FTP server'). Always wanted to use `grsecurity' or `systrace', but thought it is too complicated - grab the book and give it a shot. Want to set up a fancy encrypted tunnel between two networks - it covers that too. Admittedly, a lot of advice given in the book can be found on Google, but it is nice to find it in one place. The book covers selected topics in host security, SSH and VPNs, IDS, monitoring and even touches upon forensics. I also liked its multi-platform coverage, with a slight, but unmistakable UNIX/Linux bias.

Overall, it is a great simple book, provided you don't try to find in it something it isn't: a neat collection of simple network security tips. I somewhat disliked that many tips don't go beyond `how to install a tool' and stop short of discussing `how to use it best'.

Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major security information management company. He is the author of the book "Security Warrior" (O'Reilly, 2004) and contributor to "Know Your Enemy II" by the Honeynet Project (AWL, 2004)). His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org

As with the other "Hacks" books, there are 100 hacks listed, and these are focused on network security. As another reviewer points out these hacks seem to be heavily slanted toward Unix. Whether this is due to the Windows OS "keeping the administrator out of the loop about the inner workings of her environment," as the book points out or the numerous "helpful features" of Windows that aren't that helpful to Windows admins is unclear. There does appear to be some limits to how secure you can make a Windows network, as opposed to Unix which seems to have many more options. And while we constantly hear about new Windows viruses, we rarely hear about Unix viruses. But I digress.

There definitely are some good ones here, like the "honeypot hack," protecting logs from tampering (thereby making it more difficult for a network intruder to cover their tracks), preventing stack-smashing attacks (thereby preventing an attacker from overwriting the information on a stack), detecting spoofing, testing your firewall, monitoring your logs for any sign of tampering, even defending yourself against web application intrusions. In short, these hacks are the ones deemed most likely by the book's author to be useful in defending your network against any kind of hostile attack or intrusion.

And while you may agree or disagree with the list presented in this book, this book is a valuable tool and reference for any network admin to have on hand.

If you're at all responsible for or mindful of the security aspects of your network, here's a book you'll enjoy... Network Security Hacks by Andrew Lockhart (O'Reilly). As with all the Hacks titles, this book contains 100 various tips and ideas on how to improve your network security through the use of various software packages or procedures you can implement. The Hacks are grouped into the following chapters:

Unix Host Security; Windows Host Security; Network Security; Logging; Monitoring and Trending; Secure Tunnels; Network Intrusion Detection; Recovery And Response.

This isn't a primer on all you need to know about system security, nor is it meant to be. Network Security Hacks is most helpful for the system or network administrator who understands security but is always looking for various ways to enhance their level of security or ease the administration processes. For instance, in the Monitoring and Trending chapter, you are introduced to a number of free tools you can download that will verify your services, graph your bandwidth trends, monitor real-time network stats, and audit the traffic on your network. While not every hack will appeal or apply to you, you will find plenty of gems that will give you a real and quick payback.

The only "gripe" I have about the book is that it is heavily weighted towards the Unix environment. The Windows chapter is pretty small, and even some of the Windows hacks involve allowing you to work with the data like you can with Unix. So, if you're looking strictly for Windows security tips, you will probably find less satisfaction than you might if you were a hard-core Unix admin. Even so, there is material there that will interest you, such as how to use Snort to set up an intrusion detection system or how to use built-in features of Windows to create your own firewall.

Very good book, and worthy to hold a spot on your bookshelf...