Back in my system administration days, which were pre-broadband I set up a home network with my link to the outside world being through an ISDN router. One of my co-workers came over to the house and I showed him my network, which consisted of Unix machines (Solaris, HP-UX, Linux) and Windows (NT & 98), and a Mac, to which he remarked, “You have all the cool toys, Frankie!”
Looking back on that I realize how right he was and how naive I was because most of my toys didn’t have much in the way protection. At that time security was not the hot issue. Today, I have a smaller and hopefully, a more secure network. Security has taken so much of my personal bandwidth that I’m now considering the pursuit of the CISSP certificate.
The certificate would be nice to have, but there is no substitute for experience. Using the tools matters more. Learning the tools takes organization, and becoming an expert in any of the tools requires dedication.
For obvious reasons free software tools are a good place to start, and this book Open Source Security Tools: A Practical Guide to Security Applications, by Tony Howlett and published by Prentice Hall presents a good overview of these tools for a system administrator.
This is one of those reference books that you’ll always keep on the shelf at arms length for immediate access. It will have what you need to know, when you need to know it, and contain more depth than any webpage you might have bookmarked.
This is one of those reference books that you’ll always keep on the shelf at arms length for immediate access. It will have what you need to know, when you need to know it
The contents
At 12 chapters and 5 appendices totaling 578 pages, the book is more reference than a quick and easy read. However, finding what you are looking for is easy. For example, chapter 11 covers Forensic Tools, and not just for GNU/Linux, but for Windows as well. I noted in chapter 1 the acknowledgment that this book supports Windows because of its widespread usage and that ignoring it would be a disservice to IT support folks.
The orientation of the book is for GNU/Linux and Windows, but many of the tools work on other platforms. For example, a Google search of lsof for HP-UX or Solaris yield a number of hits. So, while there is an accompanying CD-ROM that contains the tools in the form of tar balls, GNU/Linux RPMs, and Windows Zips, one should not feel constrained or hemmed in. In fact, when you consider how quickly free software tools evolve, you’d be better off to visit the websites that are listed in the tool summary boxes that appear all through the book.
After chapter one, the chapters are a breakdown of tools used in system and network sub-areas such as Firewalls, Port Scanners, Network Sniffers, Wireless Tools, etc...
Through some fluke I received two copies of the book mailed to me a week apart. The first copy had no CD-ROM while the second copy did. Given a choice, I’d urge the reader to get a copy with the CD-ROM if possible, but if it isn’t there don’t let this influence your decision to buy the book.
The appendices in the book are a little more than I need to know. Though I did find the TCP/IP port numbers and the Nessus Plug-in information helpful.
Who’s this book for?
My impression is that it is for System/Network Administrators. A section in the Preface confirms that the intended audience are system/network admins, and yes those too often disdained Windows admins. The orientation, more specifically is towards admins who are experienced, but not specifically tasked as security admins.
Relevance to free software
All the tools listed are free software. You are free to strip them down to the frame like a bicycle mechanic with garden style tools. For this reason alone they are better learning tools.
Pros
The book is a great reference-instruction tool to get started with. It does assume some techical experience, but not specifically security related.
Cons
It is a poor learning-instruction tool. What do I mean by this? While the book will point you to the tools and give you a reference point it will not provide you with tutorials. So, once you begin to use a tool like Ethereal, for example, you may need to get help from some source to quantify your understanding.
| Title | Open Source Security Tools: A Practical Guide to Security Applications |
| Author | Tony Howlett |
| Publisher | Prentice Hall |
| ISBN | 0321194438 |
| Year | 2005 |
| Pages | 578 |
| CD included | Yes |
| FS Oriented | 10 |
| Over all score | 9 |
In short