Linux consistently appears high up in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well.
This highly regarded book, originally titled Building Secure Servers with Linux, combines practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--as a hub offering services to an organization or the Internet--and shows readers how to harden their hosts against attacks. An all-inclusive resource for Linux users who wish to harden their systems, Linux Server Security covers general security such as intrusion detection and firewalling a hub, as well as key services such as DNS, the Apache Web server, mail, and secure shell.
Author Michael D. Bauer, a security consultant, network architect, and lead author of the popular Paranoid Penguin column in the Linux Journal, carefully outlines the security risks, defines precautions that can minimize those risks, and offers recipes for robust security. He is joined on several chapters by administrator and developer Bill Lubanovic.
A number of new security topics have been added for this edition, including:
Database security, with a focus on MySQL Using OpenLDAP for authentication An introduction to email encryption The Cyrus IMAP service, a popular mail delivery agent The vsftpd FTP server Geared toward Linux users with little security expertise, the author explains security concepts and techniques in clear language, beginning with the fundamentals. Linux Server Security with Linux provides a unique balance of "big picture" principles that transcend specific software packages and version numbers, and very clear procedures on securing some of those software packages on several popular distributions. With this book in hand, you'll have both the expertise and the tools to comprehensively secure your Linux system.
With more than 67% of web servers running Apache, it is by far the most widely used web server platform in the world. Apache has evolved into a powerful system that easily rivals other HTTP servers in terms of functionality, efficiency, and speed. Despite these impressive capabilities, though, Apache is only a beneficial tool if it's a secure one.
To be sure, administrators installing and configuring Apache still need a sure-fire way to secure it--whether it's running a huge e-commerce operation, corporate intranet, or just a small hobby site.
Our new guide, Apache Security, gives administrators and webmasters just what they crave--a comprehensive security source for Apache. Successfully combining Apache administration and web security topics, Apache Security speaks to nearly everyone in the field. What's more, it offers a concise introduction to the theory of securing Apache, as well as a broad perspective on server security in general.
But this book isn't just about theory. The real strength of Apache Security lies in its wealth of interesting and practical advice, with many real-life examples and solutions. Administrators and programmers will learn how to:
Install and configure Apache prevent denial of service (DoS) and other attacks securely share servers control logging and monitoring secure custom-written web applications conduct a web security assessment use mod_security and other security-related modules And that's just the tip of the iceberg, as mainstream Apache users will also gain valuable information on PHP and SSL/ TLS. Clearly, Apache Security is packed and to the point, with plenty of details for locking down this extremely popular and versatile web server.
With start-up templates for projects ranging from Windows applications to web services, and extensive help and on-line documentation, Visual Studio .NET might be mistaken for a tool for unsophisticated users. It's true that most developers soon discover that the basic operation of Visual Studio is fairly self-explanatory; less obvious are some of the suite's more advanced built-in features.
Visual Studio .Net includes a wealth of little-used capabilities, is very customizable, has a complete automation model, and much more. On top of its regular feature set, there are hosts of free add-ins, macros, and power toys that can further enhance the functionality of Visual Studio. This book is all about exploring these things, and in doing so, becoming a better and more efficient developer. Developers will learn how to:
Get the most out of projects and solutions, including getting down and dirty with the undocumented format of project and solution files Use these editor features to the fullest, and add additional functionality to the editor through the use of third-party add-ins Learn smarter ways to navigate the application and your own source code Customize shortcut keys, toolbars, menus, the toolbox, and much more Use the debugger successfully not only on your source code, but with T-SQL and scripting languages as well Automatically generate code Learn how the server can be used to interface with databases, services, and performance counters, as well as WMI Use and create Visual Studio add-ins to extend its functionality Offering valuable tips, tools, and tricks, Visual Studio Hacks takes you far beyond the suite's usual capabilities. You can read this book from cover to cover or, because each hack stands its own, you can feel free to browse and jump to the different sections that interest you most. If there's a prerequisite you need to know about, a cross-reference will guide you to the right hack.
If you want to experience the full spectrum of Visual Studio's functionality and flexibility, you'll find the perfect guide for exploration in Visual Studio Hacks. Once the final page is turned, you can confidently say that you've been exposed to everything that Visual Studio .NET is capable of doing.
One of the greatest frustrations in most software projects is version control: the art of managing changes to information. Today's increasingly fast pace of software development--as programmers make small changes to software one day only to undo them the next--has only heightened the problem; consecutive work on code or single-programmer software is a rare sight these days. Without careful attention to version control, concurrent and collaborative work can create more headaches than it solves. This is where Subversion comes into play.
Written by members of the Subversion open source development team, Version Control with Subversion introduces the powerful new versioning tool designed to be the successor to the Concurrent Version System or CVS. CVS users will find the "look and feel" Subversion comfortably familiar, but under the surface it's far more flexible, robust, and usable, and more importantly, it improves on CVS's more notable flaws.
The book begins with a general introduction to Subversion, the basic concepts behind version control, and a guided tour of Subversion's capabilities and structure. With thorough attention to detail, the authors cover every aspect of installing and configuring Subversion for managing a programming project, documentation, or any other team-based endeavor. Later chapters cover the more complex topics of branching, repository administration, and other advanced features such as properties, externals, and access control. The book ends with reference material and appendices covering a number of useful topics such as a Subversion complete reference and troubleshooting guide.
Version Control with Subversion aims to be useful to readers of widely different backgrounds, from those with no previous experience in version control to experienced sysadmins. If you've never used version control, you'll find everything you need to get started in this book. And if you're a seasoned CVS pro, this book will help you make a painless leap into Subversion.
In September 2003, Macromedia released Flash MX 2004, and with it, ActionScript 2.0, a dramatically improved version of Flash's programming language. ActionScript 2.0 introduces a formal object-oriented programming syntax and methodology for creating Flash applications. From a developer's perspective, the new OOP-based techniques in ActionScript 2.0 make applications more natural to plan and conceptualize, more stable, more reusable across projects, easier to maintain, change, and expand upon, and much more. In short, they enhance the entire development process.
In Essential ActionScript 2.0, bestselling author Colin Moock--one of the most universally respected developers in the Flash community--covers everything you'll need to know about the new ActionScript language and its methodologies for producing movies, animation, and applications on the web. Moock guides readers through this important new territory with his trademark easy-to-understand style and expertise. Moock's goal throughout the book is not just to get you to use object-oriented programming in your daily Flash work: he wants you to reap the benefits of OOP; he wants you to understand ActionScript 2.0 completely. And without question, Moock is the author who can make this happen.
Essential ActionScript 2.0 begins with a tour of the language, including the fundamentals of object-oriented concepts, syntax, and usage. Those who are new to OOP will learn the basics and how to apply their understanding. Those who are familiar with OOP will leverage their prior experience to learn about Flash-based OOP. The next part of the book shows how to structure entire applications with ActionScript 2.0, teaching you best practices and techniques to build scalable, extensible, stable apps. Next, you'll explore a variety of approaches to various programming situations by applying object-oriented programming strategies, known as design patterns, to Flash.
Experienced Flash developers and programmers coming from other languages will enjoy the sheer depth of Moocks's coverage and expertise in Essential ActionScript 2.0. Novice programmers will appreciate the frequent, low-jargon explanations that are often glossed over by advanced programming books. As usual, Moock guarantees quality and accuracy by working closely with Macromedia Flash engineers, including Rebecca Sun, lead developer of ActionScript 2.0.
Whether you're ready to make the move to ActionScript 2.0 now or simply assessing it for the future, you'll find everything you need to know within this book. Essential ActionScript 2.0 is the one book every ActionScript coder must own.
Java 5.0, code-named "Tiger", promises to be the most significant new version of Java since the introduction of the language. With over a hundred substantial changes to the core language, as well as numerous library and API additions, developers have a variety of new features, facilities, and techniques available.
But with so many changes, where do you start? You could read through the lengthy, often boring language specification; you could wait for the latest 500 page tome on concepts and theory; you could even play around with the new JDK, hoping you figure things out--or you can get straight to work with Java 5.0 Tiger: A Developer's Notebook.
This no-nonsense, down-and-dirty guide by bestselling Java authors Brett McLaughlin and David Flanagan skips all the boring prose and lecture, and jumps right into Tiger. You'll have a handle on the important new features of the language by the end of the first chapter, and be neck-deep in code before you hit the halfway point. Using the task-oriented format of this new series, you'll get complete practical coverage of generics, learn how boxing and unboxing affects your type conversions, understand the power of varargs, learn how to write enumerated types and annotations, master Java's new formatting methods and the for/in loop, and even get a grip on concurrency in the JVM.
Light on theory and long on practical application, Java 5.0 Tiger: A Developer's Notebook allows you to cut to the chase, getting straight to work with Tiger's new features. The new Developer's Notebooks series from O'Reilly covers important new tools for software developers. Emphasizing example over explanation and practice over theory, they focus on learning by doing--you'll get the goods straight from the masters, in an informal and code-intensive style that suits developers. If you've been curious about Tiger, but haven't known where to start, this no-fluff, lab-style guide is the solution.
Cisco routers are everywhere that networks are. They come in all sizes, from inexpensive units for homes and small offices to equipment costing well over $100,000 and capable of routing at gigabit speeds. A fixture in today's networks, Cisco claims roughly 70% of the router market, producing high-end switches, hubs, and other network hardware. One unifying thread runs through the product line: virtually all of Cisco's products run the Internetwork Operating System, or IOS.
If you work with Cisco routers, it's likely that you deal with Cisco's IOS software--an extremely powerful and complex operating system, with an equally complex configuration language. With a cryptic command-line interface and thousands of commands--some of which mean different things in different situations--it doesn't have a reputation for being user-friendly.
Fortunately, there's help. This second edition of Cisco IOS in a Nutshell consolidates the most important commands and features of IOS into a single, well-organized volume that you'll find refreshingly user-friendly.
This handy, two-part reference covers IOS configuration for the TCP/IP protocol family. The first section includes chapters on the user interface, configuring lines and interfaces, access lists, routing protocols, and dial-on-demand routing and security. A brief, example-filled tutorial shows you how to accomplish common tasks.
The second part is a classic O'Reilly quick reference to all the commands for working with TCP/IP and the lower-level protocols on which it relies. Brief descriptions and lists of options help you zero in on the commands you for the task at hand. Updated to cover Cisco IOS Software Major Release 12.3, this second edition includes lots of examples of the most common configuration steps for the routers themselves. It's a timely guide that any network administrator will come to rely on.
Over the last few years, Linux has grown both as an operating system and a tool for personal and business use. Simultaneously becoming more user friendly and more powerful as a back-end system, Linux has achieved new plateaus: the newer filesystems have solidified, new commands and tools have appeared and become standard, and the desktop--including new desktop environments--have proved to be viable, stable, and readily accessible to even those who don't consider themselves computer gurus.
Whether you're using Linux for personal software projects, for a small office or home office (often termed the SOHO environment), to provide services to a small group of colleagues, or to administer a site responsible for millions of email and web connections each day, you need quick access to information on a wide range of tools. This book covers all aspects of administering and making effective use of Linux systems. Among its topics are booting, package management, and revision control. But foremost in Linux in a Nutshell are the utilities and commands that make Linux one of the most powerful and flexible systems available.
Now in its fifth edition, Linux in a Nutshell brings users up-to-date with the current state of Linux. Considered by many to be the most complete and authoritative command reference for Linux available, the book covers all substantial user, programming, administration, and networking commands for the most common Linux distributions.
Comprehensive but concise, the fifth edition has been updated to cover new features of major Linux distributions. Configuration information for the rapidly growing commercial network services and community update services is one of the subjects covered for the first time.
But that's just the beginning. The book covers editors, shells, and LILO and GRUB boot options. There's also coverage of Apache, Samba, Postfix, sendmail, CVS, Subversion, Emacs, vi, sed, gawk, and much more. Everything that system administrators, developers, and power users need to know about Linux is referenced here, and they will turn to this book again and again.