Arpwatch was created by Craig Leres of Lawrence Berkeley Labs and I have enhanced it extensively to be more useful for large networks with multiple subnets and to properly detect bogons. Bogons are systems whose IP address is incorrect for the network that they are on. Bogons indicate systems that are incorrectly configured or compromised.
This wonderful program allows fast real-time analysis of packets traversing a system or network. It allows localizing a network or firewall problem, verifying that a VPN actually is encrypting its data, etc.
How long did it take you to write "Real World Linux Security, 2/e" and what was it like?
It took about three months of 90-hour weeks to finish the manuscript and a few months of "normal weeks" for the post-manuscript production to produce the finished book. This was on top of about six months of 120-hour weeks to create the manuscript for the first edition and three months for production.
What was it like? Pure hell. I worked mostly at night because I am more creative then and there were no interruptions for email or phone calls. My friends thought I abandoned them because they never saw me and I kept sending my girlfriend away for weekends, camping, to visit her mother in Washington, DC, and elsewhere. My good friend, Stan Bootle calls it "Writer's Widow".
I slept very little. I did just enough for my clients so that they did not find someone else to help them. This obsession resulted in a much better book. I saw my contribution to Linux and Open Source was to help secure it. While Linux (and Unix) is capable of very good security, people did not know how. With my knowledge of security and some ability to write I saw this as my greatest contribution to Open Source. The book also is very useful to Unix System Administrators.
What's your take on the adoption of Linux in the enterprise? Do you think it will give a boost to security?
Linux continues to "Eat Bill's lunch" and that of the Unix vendors. With the desktop work that has been done recently and several Distributions' work for easier installs, Linux is ready to take over the desktop market too. I think that the poor economy internationally has helped Linux.
Any old PC can run Linux quickly for no money and troublefree operation. The latter means far less support costs. Microsoft just announced that it no longer will support its flagship Office for previous Windows versions, to "force" people to buy its new stuff; I think many will switch to Linux instead.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.