"Building Secure Servers with Linux" Released by O'Reilly

For Immediate Release
November 8, 2002
For more information, a review copy, cover art, or an interview with
the author, contact:
Kathryn Barrett (707) 827-7094 or kathrynb@oreilly.com


The Art of Bastioning Linux Servers
O'Reilly Releases "Building Secure Servers with Linux"


Sebastopol, CA--Computer security can be both discouraging and
liberating, says Michael D. "Mick" Bauer, author of "Building Secure
Servers with Linux" (O'Reilly, US $44.95). "Once you get past the
horror of grasping its futility--a feeling identical to the one that
young French horn players get upon realizing no matter how hard they
practice, their instrument will continue to humiliate them periodically
without warning--you realize that there's nowhere to go but up," Bauer
explains. While acknowledging that system security is, on some level,
futile, Bauer goes on to offers a great deal of practical advice on how
to think about threats and risks, how to protect publicly accessible
hosts via good network design, how to harden a fresh installation of
Linux and keep it patched against newly discovered vulnerabilities, and
much more.

"Building Secure Servers with Linux" focuses on the most common use of
Linux--as a hub offering services to an organization or the larger
Internet--and shows readers how to harden their hosts against attacks.
As the cost of broadband and other high-speed internet connectivity has
gone down, and its availability has increased, more Linux users are
providing services such as HTTP, Anonymous FTP, etc., to the world at
large. At the same time, some important, powerful, and popular open
source tools have emerged and rapidly matured--some of which rival
expensive commercial equivalents--making Linux a particularly
appropriate platform for providing secure internet services. But
security is uppermost in the mind of anyone providing such a service.
Any server experiences casual probe attempts dozens of time a day, and
serious break-in attempts are made with some frequency as well.

Bauer, a security consultant, network architect, and lead author of the
popular "Paranoid Penguin" column in "Linux Journal," carefully
outlines the security risks, defines precautions that can minimize
those risks, and offers recipes for robust security. The book does not
cover firewalls, but covers the more common situation where an
organization protects its hub using other systems as firewalls, often
proprietary firewalls.

"Since I'm a working security consultant and network architect, I have
insights on network and system security that go beyond settings in the
configuration files of specific applications," Bauer explains. "I
understand a bit more about how computers, software applications,
networks, users, and luck relate to each other than, for example, the
average system administrator who is compelled by circumstances to focus
on specific problems--usually crises--often at a relatively low level.

"However, I spend a lot of time configuring real-world applications on
real-world systems: fancy principles are not much use unless you
implement them in some way," Bauer adds. "'Building Secure Servers with
Linux' reflects this duality; I think it provides a unique balance of
big-picture principles that transcend specific software packages and
version numbers, and very clear procedures on securing some of those
packages. In other words, my procedures are presented within a larger
context, and my principles are accompanied by examples that are both
relevant and useful."

An all-inclusive resource for Linux users who wish to harden their
systems, "Building Secure Servers with Linux" covers general security
as well as key services such as DNS, the Apache web server, mail, file
transfer, and secure shell. The book includes:

-Precise directions for securing common services, including the Web,
mail, DNS, and file transfer
-Ancillary tasks, such as hardening Linux, using SSH and certificates
for tunneling, and using iptables for firewalling
-Basic installation of intrusion detection tools

"Building Secure Servers with Linux" explains security concepts and
techniques in clear language, beginning with the fundamentals, so that
Linux users with minimal knowledge of security will be able to grasp
and apply its concepts. With this book in hand, Linux administrators
will have everything they need to ensure robust security of their Linux
systems.


Additional resources:

An article by the author, "Securing Linux: Why It's Worthwhile and
Achievable," is available online at:
http://linux.oreillynet.com/pub/a/linux/2002/10/03/securinglinux.html

Chapter 10, "System Log Management and Monitoring," is available free
online at:  http://www.oreilly.com/catalog/bssrvrlnx/chapter/index.html

For more information about the book, including Table of Contents,
index, author bio, and samples, see:
http://www.oreilly.com/catalog/bssrvrlnx/

For a cover graphic in JPEG format, go to:
ftp://ftp.ora.com/pub/graphics/book_covers/hi-res/0596002173.jpg


Building Secure Servers with Linux
Michael D. Bauer
ISBN 0-596-00217-3, 430 pages, $44.95 (US), $69.95 (CAN)
order@oreilly.com
1-800-998-9938
1-707-827-7000
http://www.oreilly.com

About O'Reilly
O'Reilly & Associates is the premier information source for
leading-edge computer technologies. The company's books, conferences,
and web sites bring to light the knowledge of technology innovators.
O'Reilly books, known for the animals on their covers, occupy a
treasured place on the shelves of the developers building the next
generation of software. O'Reilly conferences and summits bring alpha
geeks and forward-thinking business leaders together to shape the
revolutionary ideas that spark new industries. From the Internet to
XML, open source, .NET, Java, and web services, O'Reilly puts
technologies on the map. For more information: http://www.oreilly.com

# # #

O'Reilly is a registered trademark of O'Reilly & Associates, Inc. All
other trademarks are property of their respective owners.