This new edition of Practical Unix & Internet Security provides detailed coverage of today's increasingly important security and networking issues. Focusing on the four most popular Unix variants today--Solaris, Mac OS X, Linux, and FreeBSD--this book contains new information on PAM (Pluggable Authentication Modules), LDAP, SMB/Samba, anti-theft technologies, embedded systems, wireless and laptop issues, forensics, intrusion detection, chroot jails, telephone scanners and firewalls, virtual and cryptographic filesystems, WebNFS, kernel security levels, outsourcing, legal issues, new Internet protocols and cryptographic algorithms, and much more.
It's been 11 years since the publication of Practical Unix Security—and 6 years since Practical Unix and Internet Security was published—and oh, what a difference that time has made!
In 1991, the only thing that most Americans knew about Unix and the Internet was that they were some sort of massive computer network that had been besieged by a "computer virus" in 1988. By 1996, when our second edition was published, the Internet revolution was just beginning to take hold, with more than 10 million Americans using the Internet on a regular basis to send electronic mail, cruise the World Wide Web, and sometimes even shop.
Today it is increasingly difficult for people in much of the world to remember the pre-Internet era. Perhaps 500 million people around the world now use the Internet, with several billion more touched by it in some manner. In the United States more than half the population uses the Internet on a daily basis. We have watched an Internet revolution become a dot-com craze, which then became a bust. And nobody remembers that 1988 Internet worm anymore—these days, most Internet users are bombarded by network worms on a daily basis.
One quarter of the respondents who suffered attacks said that they had experienced between 2 and 5 incidents; 39% said that they had experienced 10 or more incidents. The average reported financial loss per company per year was in excess of $2 million.
What do all of these numbers mean for Unix? To be sure, most of the systems in use today are based on Microsoft's Windows operating system. Unix and Unix variants are certainly more secure than Windows, for reasons that we'll discuss in this book. Nevertheless, experience tells us that a poorly-administered Unix computer can be just as vulnerable as a typical Windows system: if you have a vulnerability that is known, an attacker can find it, exploit it, and take over your computer. It is our goal in this book to show you how to prevent yourself from ever experiencing this fate—and if you do, it is our goal to tell you what to do about it.