Available for download is chapter 9 entitled "Networking and the Internet".
In the last few years, Red Hat has become the market-leading Linux distribution. This is exactly why there are many books about Red Hat Linux, with this one being one of the newest. The material presented here is specifically written for Red Hat users but the majority of the information presented can be applied to other Linux distributions. This review is going to be a bit more concentrated on the security aspects of this book.
About the author
Mark G. Sobell is the author of three best-selling UNIX and Linux books: A Practical Guide to the UNIX System, UNIX System V: A Practical Guide, and A Practical Guide to Linux. He has more than twenty years of experience working with UNIX and Linux and is president of Sobell Associates Inc., a consulting firm that designs and builds custom software applications, designs and writes documentation, and provides UNIX and Linux training and support.
An interview with Mark Sobell is available here.
Inside the book
The book starts with an overview of GNU/Linux and its many features. Sobell provides a lot of information dedicated to novice users: logging in and out, using the documentation, basic utilities, etc. The author makes a security recommandation when writing about passwords. He underlines the importance of using passwords, protecting them, choosing the right type of password and using the
We learn about the many GNU/Linux utilities that you can use to work with files, obtain system and user information, communicate with other users, use e-mail, and so on. When discussing utilities that can help you to obtain user and system information, the author mentiones
w. He notes that if you're concerned about security you might want to disable
finger, since it can give out information that might be of help to an intruder.
The GNU/Linux filesystem is covered with a lot of information including: directories, filenames, pathnames and links. This overview touches security concerns as Sobell introduces security permissions. He explains how executable files that are setuid work and advises never to write setuid shell scripts since there are several techniques that can be used to subvert them. The author explains what the shell is and covers the command line, standard input and standard output, redirection, pipes, special characters, and more.
In the part dedicated to a comprehensive overview of the X Window System and the Graphical User Interface, Sobell describes a myriad of topics including: the desktop, the file manager, remote computing on local displays and X applications. The author notes that careful consideration is needed before allowing a remote machine to access your display using
xhost. This can give someone the possibility to see everything you type in a terminal emulation window.
The GNOME desktop manager is covered in great detail as well. Some of the topics presented here are: the Nautilus file manager, various utilities, customization tips, etc. There's also a few pages on the Sawfish window manager. Users of KDE will also find information on many aspects of this desktop environment. Sobell provides an overview of KDE and then introduces the K Menu, the kicker panel, several KDE utilities, the Konqueror browser and file manager, and a whole lot more.
There's plenty of information on both networking and the Internet. We are introduced to the various types of networks and how they work. When it comes to network utilities there's information on
dig. Sobell notes that
telnetis not secure and that you shouldn't let anyone log in as you from a remote system without knowing your password, by using the
.rhostsfile. The author recommends
rcpwhenever possible. There's also information on distributed computing where Sobell writes about DNS, NIS, NFS, Internet Services, etc. A tutorial on using
pineas a newsreader as well as a few pages on the World Wide Web are present.
The two most popular editors in the Linux community are certainly
emacs. They both get an extensive amount of exposure as the author dedicates a chapter for each editor. You'll be introduced to the features of both editors, their commands, parameters and advanced editing techniques. Both chapter include also a tutorial that will help you start editing files in no time.
As he introduces the Bourne Again Shell, Sobell notes that the information provided here also applies to the Z Shell. In the first part we learn the shell basics, separating and grouping commands, redirecting standard error, manipulating the directory stack, etc. The second part discusses additional commands, builtins and concepts that make shell programming useful. This information is spread out over 130 pages so you can imagine how much knowledge about the Bourne Again Shell the author packed into this book.
Sobell continues by introducing the TC Shell by highlighting its features that differ from those of
bashor are absent from
bash. The author writes about shell scripts, command line expansion, variables, control structures, and more. The Z Shell combines many features of the Bourne Again, TC and C Shells. A large chapter is dedicated to the Z Shell and advanced shell programming. Here we find a cover of variables, builtins, command line editing, shell programs and Z Shell options. The part dedicated to shell programming is pretty extensive and guides you through the construction of two longer shell programs.
Since the Linux operating system contains a rich set of languages and development tools, it's a great environment for programming. Since the operating system is written mostly in C, that's one of the most popular system programming languages. Sobell writes about programming in C, using shared libraries, debugging C programs, system calls, etc. This is excellent reading material for those of you who desire to program in Linux.
The chapter dedicated to Red Hat Linux system administration feels very complete although a seasoned administrator will certainly find various things missing. But, since this is a practical guide and not a book on system administration, some 180+ pages on this topic certainly do the trick. The author covers so much ground that it's difficult to mention everything - I'll do my best to point out the most interesting bits.
This is, naturally, the part of the book with the most security oriented information. Sobell notes that allowing
rootaccess over a network is a bad idea and that
rootowned setuid programs are extremely dangerous. You'll also learn that the fewer directories you keep in your
PATHwhen you are
root, the less likely you will execute an untrusted program as
root. There's also an overview of a Red Hat Linux 8 installation that covers a lot of ground and should answer most of your questions.
Sobell introduces also GUI administration tools, many of which are built specifically for GNOME and KDE. There's information about configuring user and group accounts, backing up files and printing. When the author addresses the configuration of network services you'll read about proxies, the
/etc/hostsfile, the network filesystem, Samba, OpenSSH, etc. In case you want to reconfigure and rebuild the Linux kernel, Sobell provides all the necessary information to get you started. There's also a bunch of utilities that can help you perform system administration tasks. The author describes a few of them:
Even experienced system administrators make mistakes now and then. Mentioned in the book are a few of the most common techniques that you can use o increase your odds in not making mistakes and keep your system more secure. A large part of the book is dedicated to provide a comprehensive list of utilities. Each utility is presented in a format similar to the
manpage descriptions. You'll find more than 85 utilities described here. This is very handy, especially if you're like me and prefer to have a reference guide in paper instead of digital format.
The last part of the book is comprised of five appendixes: regular expressions, help, security, the POSIX standards and the free software definition. The appendix dedicated to security covers encryption, file security, e-mail security, network security and host security. The author provides interesting tips as well as a list of security resources that can help you broaden you knowledge on the subject.
My 2 cents
Throught the book you'll find countless tips, security and caution notices that point out particularly important things and, many times, refer you to a part of the book where you can find out more about it. This makes the book a perfect reference manual despite its considerable weight. In case you don't have Red Hat Linux 8 installed you get install it by using the two CD-ROMs that come with the book.
This book is very "learning friendly" since we are provided with both easy and advanced exercises at the end of each chapter; these will help you test your knowledge. And let's not forget the fact that there are innumerable screenshots that sometimes help more than words.
What you get with this massive book is a compendious guide to Red Hat Linux 8 that covers basically everything a Red Hat user might need: from the very basics of using the
picoeditor to the rebuilding of the Linux kernel. I can highly recommend it to both the novice user and the Linux professional. Some will enjoy its user friendly explanation of "everything" from the basics up while others will find it useful as a knowledge testing tool or reference guide. If you're a Red Hat Linux user, this is THE book to have on your bookshelf.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.