Linux Books

This really filled the void between the amazing hands-on "Lions Book" and Maurice Bach's "The Design of the UNIX Operating System", introducing the reader to some more modern implementation of the UNIX operating system.
There is some bad in the good though, the text varies in quality, not having code anywhere in the book is sometimes a big miss, you can get pretty exhausted reading this, I meant to get this book as bed time reading, it ended up being more of a reference, with only a few chapters being useful, if you're curious about the internals of the actual system get it, but if you need some more theoretical grasp or a "toy problem" book to truly understand the basics, then get Lions book.
Conclusion, I dont regret having it on my shelf, maybe it just could have been better.

Enjoy.

If you are already a BSD kernel expert you might use this as a reference. If you're an advanced "userland" programmer who wants to start learning about kernel internels, this is one way to proceed but, it is very, very difficult.

I wish Kirk had decided to show us more of the joy of programming the kernel. If he had, the book would have been worth at least twice it's current price.

well, just see the authors,..
in my opinion, the overall text is very good designed, easy to read, and gives you a good overview of the kernel.
although im not a professional kernel hacking, it explains you how the system works, lettign you "grep" through the source, (get 4.3 bsd from ftp://ftp.funet.fi/unix first), very good.

Seriously, despite of the funny little daemon on the cover, this book is quite difficult.

First, it's a technical book about the BSD kernel. The only reason why you would want to read it is that you really want to know How It Works(tm). It's all about kernel. The drivers are only slightly touched, the API is touched even less. Rather than that, this book shows you the fields and flags of internal structures and the ways they are handled. Therefore I'd only recommend it to the system programmers and may be to the enthusiastic admins.

Second, certain chapters are written much worse than the others. The language in chapters 4 (Process Management) and 5 (Memory Management) is sort of a tangled making reading a challenge and it's really a pity because these two topics would better be covered best.

Also note that this book does not include sample code AT ALL. All the principles and algorithms are described using plain English and I'd say it's great, because it's much easier to follow, rather than making your way through somebody else's C scribbling.

Anyway, 5 stars, because it gives you 500 pages of pure distilled info. And it's info from the authors of BSD !

I'm definetely looking forward to read this book again and this is one of the books that are worth it.

While this book has been written by some of the best in the UNIX arena, their strong focus on packing a lot of content into these pages at times can prove a burden to the reader.

Reading through the chapters, it appears that the book could have been rendered more readable if a knowledgeable technical editor had put the finishing touches on it.

Nevertheless, even though it takes a bit of time to get used to the different writing styles and differences in quality of several chapters, this books is a well of insights into the internal workings of BSD 4.4 and its derivatives (like Mac OS X).

In order to gain the most from this title, I strongly urge interested readers to already have worked their way through Maurice J. Bach's "The Design of the UNIX Operating System".

I am a network intrusion detector building and deploying FreeBSD-based sensors for use at work and home. I am trying to augment my "end user" perspective with an administrator's skill set. I was anxious to add to my limited knowledge of installing and configuring FreeBSD.

Ted says his book "is written for beginning FreeBSD administrators," and has "operating with the Microsoft operating system and networking as a primary goal." This is true. The perfect reader is comfortable with installing and manipulating FreeBSD, but is not sure how best to implement FreeBSD-based email, web, print, or Windows share serving. Newbies will not find enough hand-holding, and gurus on a man-page diet may not be satisfied.

A unique aspect of the book is its analysis of Microsoft's products. With a FreeBSD bias, Ted is not afraid to lift up the Microsoft rock and show the bugs scurrying underneath. Windows devotees might welcome some of his hints on administering Microsoft's email products!

This 400-page book devotes substantial sections to non-BSD topics like advocacy and history (40+ pages), router configuration, and general email services, which didn't bother me. Similar to Rod Smith's approach in The Multi-Boot Configuration Handbook, inclusion of material beyond strict FreeBSD configuration helps build well-rounded system administrators. Those needing more detail and explicit instructions would probably wish for less history and more command-line configuration.

The strongest feature is the author's breadth of knowledge and devotion to linking FreeBSD to multiple Microsoft OS products. Who needs to run TCP/IP on DOS, and have it talk to FreeBSD? If you do, check out this book! (Fond memories of installing Trumpet Winsock on Windows 3.1 in 1994 resurfaced while reading p. 56.) The weakest aspect is the book's implicit assumption that the reader is the type who is comfortable reading manual pages. While Ted may seem to be looking out for the newbie (explaining the term "shell," even, on page 18), I still felt the tug of the man page.

I hope this book is successful and encourages updates to Greg Lehey's "The Complete FreeBSD" and inspires other FreeBSD gurus to write their own books. Thanks for the great work Ted!

Like the Unix System Administration Handbook, this book shares the author's extensive experience in the real world. So many computer books are merely rewrites of manuals touting the merits of software, but not this one.
System administrators these days deal with networks of computers running various versions of Microsoft Windows as well as UNIX variants and even Macs, whether the system administrator is running a home network and using FreeBSD as a gateway or running a more complex network in an office. For anyone trying to put it all together, from testing the hardware to email and printing, this is an invaluable book.

This book reperesents an excellent introduction to freeBSD for andministrator experienced in working with Windows NT/2000. All the major topics are covered in a very readable way and readers are invited to make a decision as to where freeBSD will fit into their architecture - Mittelstaedt just presents the facts. All in all, the book is worth 5 stars for two reasons. Fistly, it achieved what it set out to do and secondly, it converted a cynic like me to freeBSD. Eneough said!

If you're looking for a tutorial that will guide you to install FreeBSD and recompile the kernel, you're looking in the wrong place. If you're an experienced network administrator/user who wants to take advantage of that knowledge with FreeBSD, you'll feel in heaven.

The book is an excellent guide to set up a complete and highly reliable network server/workstation (web, ftp, mail, firewall etc.) compatible with many other OS.

There are few books that accomplish the promise they make with the title, but this is an example of a very focused work on the field the author wants to cover.

It's a good thing to support the FreeBSD project, but it's better when you get what you want for your bucks. However, you can get the "Handbook", "The Complete FreeBSD" book or "FreeBSD Unleashed" for a broader knowledge of FreeBSD, and when you feel at home with the OS, then get this book to fine tune your network services.

Buy the FreeBSD CNG if you want to spend a week-end (and more) discovering and playing with FreeBSD. It's a nice deal for $49.95. It is also a useful acquisition for more fluent users who look for a book that consolidates information about where to find information about FreeBSD.

I admit it right away, I did not buy the book for the contents but rather for the FreeBSD 4.2 CD-ROM. A cheap way to get a recent release without downloading an obscene amount of data over Internet. An impulse act of consumerism some would say.

I'm not (read not at all) an expert in FreeBSD but I already installed and used it on various machines. So, I'm not the best person to tell whether or not you can use the FreeBSD CNG to start from scratch. But I would say yes because while reading some chapters, you clearly see that the author actually went through the stuff he's talking about.

If you reach a road block when installing and configuring FreeBSD you'll probably find a way to get out of the pit while browsing the book. The text is full of pointers which will guide you through the gory parts of a first FreeBSD installation, as well as future changes of configurations. Anyway, as the author says himself up front, read the online manuals and documentation (thank you for saying so). To which you must add that installing FreeBSD is simple compared to some others OSes which, supposedly, do all the things for you.

Although I don't think it is its primary goal, the FreeBSD CNG is a good compromise between the two other books about FreeBSD: "The Complete FreeBSD" (which starts with more basic stuff, slightly outdated but still a good introduction for the complete beginner) and the FreeBSD Handbook (which has no structure nor index and that you get online as well as on your system once it's running). If you're not fluent in basic UNIX, also buy a "good" UNIX administration handbook. My own cent: Unix System Administration Handbook Evi Nemeth and others, PH/PTR.

The FreeBSD CNG provides a good overview of what you can expect from FreeBSD. It goes beyond technical issues: history, advocacy, coexistence with Windows systems. Useful to System Administrators who want to introduce FreeBSD within a corporation.

It also provides some unexpected information (the speech about the ISPs for instance). You'll like it because, the author does not tell you how things are supposed to be but how they are. There are many tidbits you can reuse in front of people for showing off (but don't do it because you never know who you're talking to). In addition, the author does it without controversy (if you like controversy, go to slashdot.org).

The FreeBSD CNG covers a lot of ground (always a challenge). The author does it well. If you buy and read this book, you will want to use FreeBSD. As the French say "l'essayer c'est l'adopter".

This is an excellent book, even though like a lot of folks, I bought it for the wrong reason. This book isn't really specific to the title, it's actually about the subtitle. Bash and Zsh are major characters, but this book is about using and mastering the command line, in either UNIX or Linux.

I don't know why the authors would target a book at me personally, so I assume there are many others out there who were once masters of the DOS and UNIX command lines when their companies made the decision (sometimes regretfully) to move "up" to Windows and Windows NT. Now here I am, over a decade later fondly recalling the power and well, frankly the fun, of being able to control my computer and the OS that runs it with commands customized specifically to my needs.

If you miss DOS batch files and UNIX scripts, being able to automate functions that take dozens of repetitive steps in a GUI like Windows or CDE, then this book was written for you as well. The free, powerful open source UNIX-based Operating Systems like Solaris and FreeBSD or the many Linux versions have given the command line it's well-deserved comeback. The authors of "BASH to Z Shell, Conquering the Command Line," make the assumption that the reader has more than basic computer skills, but just in case, starts with the premise that we may have even forgotten why the command line is even desirable.

Each of the early chapters on the basics warns the reader of the level of coverage and explains where to go to find the in depth version. I remembered pipes and redirection, but read the early stuff anyway and was rewarded with the fun reminder of just how powerful the command line can be. How about one command that can list every program on your system, sort it alphabetically, trim off any text and blank spaces you don't want and print it all in nice neat columns either onscreen or to a file? Ok, so nobody really needs such a list, but ya gotta admit it's pretty cool to be able to do all that with a single command. Then they launch into a discussion of for and foreach loops -- that's the basic stuff at the beginning mind you.

This is a book that's destined to be dog-eared. The spine will be wrinkled from sitting on the desk next to my keyboard as I construct a list of aliases that will simplify my life and then build a menu so I can remember them all. If you're just getting back into UNIX or have newly discovered Linux, this could be an invaluable tool for the journey.

I work on multiple Unix platforms all day long. I had never really taken the time to learn about the shells, but I had picked up the basics over time. I knew how to run commands, string them together with pipes, and redirect their output into files. So when I tell you that I started learning new things in the first chapter of From Bash to Z Shell, you will know the coverage is in depth. If you are a casual shell user, or even less experienced, this book has a lot to offer you.

From Bash to Z Shell is organized into three parts. Part one is an introduction to shell basics. It focuses on typical interactions with a shell including all of the things I mentioned knowing before reading this book. There is surprisingly good depth even here though and I doubt that anyone short of a power user could make it through this section without picking up a new trick or two. I learned multiple things from each chapter in this section.

In part two, each chapter takes a single aspect of the shells and really focuses in on just that. You will find chapters about the startup files each shell invokes as well as shell command histories. This is comprehensive coverage that really gets you to understand how things work as well as how to tune them to your personal tastes. You are even less likely to not pickup great tips in here.

The third and final part of the book turns to shell programming. While I suspect that plenty of users interact with a shell regularly without getting much into scripting them, there are still useful tidbits in here for them too. For example, after reading this section, I added some code to my startup file to customize my shell's completion functionality. I can now tab-complete the server names used by my workplace and even file system paths on those servers. This section also has a very good chapter on variables that will definitely help in day to day usage. A couple of the final chapters in here are heavily slanted towards or exclusively about the Z Shell though, so those chapters don't hold much for users of other shells.

As the title suggests, the book extensively covers both the Bash shell, which seems to be the standard default on many Unix systems now, and the feature-rich Z Shell that power users seem to favor. Surprisingly though, the book does talk about many other shells. In the first part especially, features tend to be described for more than just the two shells with top billing. This falls off in the later parts to some extent though. Also, the authors clearly aren't fans of the C Shell or its derivative the T C-Shell, so fans of those will want to look elsewhere. Windows receives some screen time, but only from the angle of running Unix-like environments and shells on it. You won't find coverage of the native Windows shells in these pages.

The book is quite good at covering the similarities of the shells. They frequently tell you when some command will work unchanged in both Bash and the Z Shell and they always do their best to give two equivalent commands when there are differences. This makes the shell knowledge you pick up from reading quite portable. It's also nice for those who don't know much about the differences between the shells and thus are trying to learn enough to pick the right one for them. It helped me choose a favorite. The only downside of this is that the transitions seem to become less smooth late in the book and I found myself wondering if we were still talking about Bash or had moved on to Z Shell a few times. This is a minor complaint though.

Beyond covering the shells well, the book can also help you better understand the design of the Unix operating system. It has some great asides on things like process forking and child process inheritance, special files and devices, and terminal drivers. Seeing these items through their interactions with a shell can make them significantly easier to grasp.

The writing style of this book is very natural. That's important since it distills so much information into every page, you could easily begin to feel overwhelmed. Luckily, that wasn't the case at all for me. I found the material to be presented so naturally that I absorbed it with ease. The book also has abundant cross references and a strong index which will make it great to reference later.

The final measure of a book like this turns out to be how much it changed your daily work habits. I've already noticed dramatic differences. I'm using shell loops at the command-line now to process many files at once; I actually understand shell quoting and when to use which types of quotes and escapes to get the desired effect; I can easily strip off a file extension or get a directory name from a full path when I need one; I make constant use of the command history now whether I'm searching for a past command, correcting a typo, or just pulling a single argument out of a previous command for reuse in a new command; and I've written a few shell functions to provide shortcuts to my common tasks. I just naturally began doing these things too, I didn't have to work at it a lot. From Bash to Z Shell just raised my understanding that much. To me, that's a big selling point.

This book is a must for any sysadmin or power user. It is definitely not for the novice. It's writing structure is almost akin to what it would be like if you could read pthreads! I am so happy with this book.

I bought this book for two reasons: To get a quick view of the Z shell, which was excellent, and to complement the many books on Bash that I have. This is where it really shone. I found information here, and quickly, that I could not find elsewhere. I would recommend it for all Bash programmers. This comes from a Korn shell bigot, too.

I've just finished reading From Bash to Z Shell from APress Publishing. It's taught this Linux NetAdmin several new tricks, and should be an addition to any Admin's bookshelf. It'll fit nicely next to your O'Reilly's.

I initially bought the book to lean the Z Shell (zsh), but decided that I'll stick with good 'ole Bash for a little longer. The tricks I've learned through this book about Bash quenches my needs for the moment. This book teaches you about essential techniques such as CDPATH, History options, key bindings, editing modes, and tons more. I've only read it only once, but I have already dog-eared 20 pages. My ~/.bashrc, and ~/.inputrc are in full swing with many new shortcuts! I highly recommend this book!!

There is nothing wrong with this book. There just isn't a lot right with it. It sells itself as a book to hack Ubuntu, making it sound like it has all kinds of secret ways to make Ubuntu do whatever you want it to. Unfortunately, it is just a run-of-the-mill how-to book, only slightly advanced beyond the beginner stage. Coming from ExtremeTech, I expected better. It was more like it came from PC Magazine. All the information is easily found online faster. As I said, it isn't a bad book; it just has an overinflated opinion of itself.

This book is a gem. Most other Linux books are heavy with theory but don't get you where you need to go. By contrast, this book is chock full of really practical mods (hacks) that are easy to do, yet provide great enhancements to the usability and security of your new Ubuntu system. If you're new to Ubuntu, get this book!

The popularity of Ubuntu has given rise to a deluge of Ubuntu books. Most are of an introductory nature; this is one of the few that rises to the level of a system administrator's needs.

The choice of content is excellent and, perhaps more importantly, the narrative is effective in building a cohesive understanding of the software systems that comprise Ubuntu. In this, it is clear that this book has benefited from having a single, expert author following a rational path of exposition.

Well explained , easy to use and above all useful. This books helped me to switch to Ubuntu Linux which is now my main operating system. Without this book I am not sure I could have done it.

I hope for the book that will clearly tell me step by step how to hack/customize things in Ubuntu. This book tries to cover too many topics thus not details enough to be successful on the first try. I still have to go to various forum to read more. It is only introduce me to various topics. For the really confusing things such as network sharing, it doesn't go into details at all. Very disappointing.

Great book for any beginner as reference. Always keep this handy when starting up and you will be surprised at the times it will be used.

Also great for veterans who forget the small things such as myself :)

Even though it has a few years on it, this title is a great tool for any UNIX or Linux person - novice or advanced. I have been working with Linux systems for over 10 years and I use this book often to refresh those elusive command line options.

If you do any CLI work, or need to know what a command does, get a copy of this text. True, you could read the man page but unlike the man pages on your 'nix machine, you get useful examples in this book.

This is my most coveted book in my work library.

I am like some of the other reader / reviewers who have found that this book provides definitive answers where other books have only provided hints. I have another, very thick book, "Linux Command Instant Reference", and this book, "Linux Desk Reference", blows it away with thorough coverage of useful commands and all the associated command arguments. One example is the fuser command I was looking into recently.

I have probably thrown away nearly as many Linux books as I've bought. It took about 5 weeks for this book to arrive, but now that it has, I can see that it is very good. It will be a permanent part of my Linux reference books.

As far as my Linux experience goes, I'm in the newbie category. I've installed about five different distros over the last 6 years, but only to dabble and see if I can make a permanent go of it. The Linux world is definitely improving.

Another book that I'm now finding useful is "Linux Phrasebook" by Scott Granneman. It is like a starter book. Then I look up the rest in this book, "Linux Desk Reference".

I like the book, the layout, the typeface, the structure, the organisation, the extensive index and especially the command lists inside the front and back covers.

So why only four stars?

The book actually contains a lot of mistakes and although generally very good there are areas where there are obvious errors which have not been corrected.

In some sections the logical flow of the material is broken and we seem to fall from one command into the middle of another. As bedtime reading this made it very hard work. As a reference manual it has already helped me sort out some problems.

I bought this book because I had recently (finally!!) managed to install Linux on my laptop. I was a complete Linux newbie and kept running into hints and mentions here and there about this or that Linux command but never any explanation of how to use them! The book is an excellent systematic, brief presentation of these commands. You DON'T have to be a programmer to benefit from this book!! Now, many months later, I can say that I still frequently consult the book. It opens up the great versatility of Linux for those of us who are not programmers but want more from their Linux computing experience. If you're a newbie, buy the book!

I purchased this book recently. Though a little outdated, the concepts covered in this book are invaluable for anyone who wants to understand UNIX internals. I would also recommend Maurice Bach Design of the UNIX Operating System (Prentice Hall Software Series)

Arrange the information for me to purchase the Magic Garden
from india on net

Excellent book on UNIX internals. Somewhat confusing at places. But still a good read for any CS student or programmer.

Kinndly arrange to send the info for purchase this book
within india , city and location OR Bookseller address
also how it will be purchased thru the Cheque /DD
Please tell me i will Go for it at any cost

The entire UNIX OS is expalined in a cogent manner to be understood completely. For any serious kernel writers this book is a great assert to understand the mysterious kernel. Great book to keep in hand.

Great starter book into Pen Testing. Big book with lots of information. Great book to read to prepare to start your CEH or CISSP studies.

If you live and breathe IT security, this books is for you. I would like to somewhat disagree with some of the earlier reviewers. I don't think this book was intended to be "the one and only" penetration toolkit manual. However, what it does do - it introduces one to the world of penetration testing providing enough information and examples on a wide variety of tools. A lot of great subjects are covered, such as reconnaissance, enumeration, scanning, web application testing, wireless penetration and more. It's a very insightful read, even for those who are just researching in the area of security. It will open your eyes on many aspects of information security. The CD itself is a good resource, but you may need to update some applications by now. Nessus signatures do get updated regularly.

At around 700 pages in size, the 'Penetration Tester's Open Source Toolkit' by Johnny Long is a solid reference material which is a nice pickup for anyone that is concerned with this subject matter. As with all Syngress books, you aren't buying these for the highest quality paper or design, but rather the material within. This is a solid book that most users should find helpful in their jobs.

**** RECOMMENDED

If you are going to do any work in the Information Assurance world you will want to add this book to your shelf and keep it handy. The authors of this book know the topics and present information clearly.
Each chapter is a stand-alone lesson, and all chapters build on each other to create a big-picture of exploiting any network and reporting results. The CD that comes with the book gives you excellent tools to start or fill out your library. Some are getting dated as of this writing, but all are still solid tools that you can update once you've learned them.
I highly recommend this book!

Title: Penetration Tester's Open Source Toolkit
Author: Johnny Long, Aaron Bayles, James Foster, Chris Hurley, Mike Petruzzi Noam Rathaus, Mark Wolfgang
Publisher: Syngress Publishing, Inc.
800 Hingham Street
Rockland, MA 02370
Copyright: 2006
ISBN: 1597490210
Pages: 678 plus appendix and index

This book not only covers what tools are available for penetration testing but also details how to use them to effectively test the system. Some of the tools, such as whois and ping, will be very familiar to the Linux user and most power users of other operating systems. Other tools are less familiar but very powerful and a real insight into what can be done to gather information on a system before attempting to penetrate it. Part of what makes this book really interesting is the way the authors approach this subject. They don't walk the reader through all the details of a handful of tools but instead they take a task-oriented approach. For example they go first through enumerating and scanning a system, then testing databases, web server testing, web application testing, wireless penetration and network devices. They then end this section with information about writing open source security tools. Chapter 8 starts a section on the Open Source vulnerability scanner Nessus. It automatically finds many problems in the system by trying to penetrate it using various scripts. The results are captured and the generated reports detail the information it was able to obtain. This is a very powerful testing product and one of the most common ones you will find in the marketplace.
The authors detail how to set up a Nessus client and server, scan the system and understand the results. Although almost three hundred pages are dedicated to Nessus it is a very powerful and highly configurable program that can consume a full book by itself to use its full potential. Penetration Tester's Open Source Toolkit is highly recommended, insightful, and very interesting to read and experiment with.

I had a very limited amount of knowledge on SNMP but this book took me from 0 knowledge to the point where I use this as a reference on the job. I'm a network engineer that is in charge of managing our LAN/WAN sites across the US using SNMP based management and I find this book to be indispensible.

Very useful book for learning and understanding the issues of SNMPv3. Lots of examples and pseudo-code for in-depth understanding. Takes less time to read than all the RFC's ;-).

The one star rating I gave this book was because I bought this book based on all the people who said this was a great book for beginners to learn SNMP. ABSOLUTELY NOT! If you are a beginner, don't touch this book. Nowhere in the book does it show you how to actually USE SNMP practically. It does throw out some code here and there, but doesn't explain how or why the code works...let alone the most important part...how to implement it. It's just code by itself sitting there. This book may be a good reference for the experienced, but all it is is definitions of the different parts of SNMP. Big waste of time and money for a beginner.

I have been working on SNMP for a while, and have read a lot of SNMP books. This book is definitely the best one and it's written for both beginners and experienced engineers.

This book is the best SNMP book I've seen. It is extremely well organized and easy to read. It allowed me to quickly understand the fundamentals of SNMP v3 and the examples were very helpful in getting my job done. I highly recommend this book.

This book will no doubt be on the shelf next to my desk for the rest of my life. I have been a Unix/Linux user since 1999 and this is by far the best reference book available. I have specifically bookmarked the SED/AWK, Background, Uniq, and Word Count pages. In fact this book is so cheap when purchased used you could afford to give one as a gift to almost every "computer person" you know. Anyone getting started in Unix/Linux should certainly read this book. Time and time again I pull this book off the shelf for 10 minutes to solve a problem. This is essentially the swiss army knife of IT books.

I was transferred to a remote location and, because help was at least a day away, I became the de facto system manager for a UNIX workstation, with zero UNIX experience. The book saved my life through all kinds of minor and major crises, including three reinstalls of the OS. As soon as the second edition came out, I bought it. I plan to buy the third edition, also, even though I now work in a location where we have good support.
As the other reviewers have said, the book nurses you along in the beginning, and continues to be useful as you learn.

I agree with many of the reviewers (esp rpclark), in saying that this is a wonderful introductory book. I can further add that I have owned this book for 5+ years and it is still the reference I refer to most often. I believe, a particular strength of Sobell's book is that it was useful to a newbie and is still useful at the sys admin level.

A user of FreeBSD now for a year, the lights came on with this
book. Certainly, all unix books have something different to offer...this one excels above most. I agree with one of the other posts here that states "...it assumes that you are an intelligent reader", and "doesn't humor you with cute language and humor". However, I don't agree with another post that states that this book "is difficult". I am reading the 1989 copyright of this book, ISBN 0-8053-0243-3. The book does get down to the grit of things, but feeds it to you in a sequential manner. I don't like having to sift through paragraphs of what the author thinks is funny. In contrast to the "Unix Shell Programming" - Kochan & Wood, I found this book to be *to the point* on this topic. "Unix Shell Programming" is one of my favorites, but it takes a while to get to actual script writing. In chapter eight in this book, THE BOURNE SHELL, Sobell gets right to the point--after just 3 minutes of reading this chapter I starting writing "working" scripts---honestly. I keep this one at arms length from the keyboard.

If you don't like being talked to like a "Dummy",
pick this one up!

Just Have Fun!!!

This book was a required text for the Unix course I am enrolled in and I found it to be a very difficult book to learn Unix. The author attempts to explain shell scripting, for example, by providing the script and then explaining what the script does in paragraph form. This made the chapters on bourne, c and korn shell very difficult to learn from. Try Ellie Quigley's book "Unix Shells by Example" for learning shell scripting. Quigley provides plenty of examples to learn from and provides step by step explanations on shell scripting.

Sobell does a good job Chapter 7, networking. Most of this chapter is explaining concepts and not teaching and explaining Unix commands.

I would not recommend this book if you are learning Unix. I think there are books out there do that do a better job to those new to Unix.

Given a choice, I preferred the following:

"Learning the Unix OS" by Oreilly. "Unix Shells by Example" by Quigley, which I highly recommend

I think this book should have been titled more along the lines of "Network Attack and Defense", but that doesn't detract from its contents. This is a great network-focused coverage of some of the things that the bad guys will do to get into your network and, to some extent, what you can do about it. I particularly enjoyed chapters five and eight on wireless recon and penetration, which have great coverage on how to set up various wireless tools on Linux (which can be a daunting task for the uninitiated), as well as chapter eighteen on network sniffing (Practical Packet Analysis makes a good followup to this chapter). The last chapter also tacks on a bit on binary reverse engineering, which seems like an afterthought in the context of the rest of the book, but is still a good read. Overall, another great security book from O'Reilly!

This is a book that serves its purpose wonderfully.

Its chapters and articles are based on a series of assumptions. First, that the reader won't read the book from head to tail but bit-by-bit. Second, that the reader, although not a complete geek, has a deep interest in computer sciences and computer security, from a practical standpoint.
Given those two conditions, it is a wonderfully easy to read book which will participate in the answering to the following question: "what tool should I use to answer this ____ (fill in the blank) IT Security problem?".
That's a good thing for a "power tool book" isn't it ?

Security Power Tools (SPT) is O'Reilly Publishing's sister manual to their popular Unix Power Tools [&]. It is written as a primer to various security tools, organized within seven sections, covering Legal and Ethics, Reconnaissance, Penetration, Control, Defense, Monitoring, and Discovery. While the target audience of SPT is security professionals, the book weighs in at just over 800 pages and probably has something for everyone working in a technical facet of IT.

Having said that, I really enjoyed reading this book. I read it nearly cover-to-cover, and while I was at least familiar with most of the material in the book, I was still able to find gems of knowledge, even in tools that I work with on a daily basis. Expect to read about some tools that you may already know about, like Nmap, Nessus, and The Metasploit Framework, but keep reading for a heap of other useful applications that you may not be familiar with.

One of the strengths of the book is the varying backgrounds of its contributing authors; just as the book covers a diverse tool set, the expertise of the authors is also diverse. The book was written collaboratively by twelve individuals, made up primarily of Juniper Networks' J-Security team [&]. Despite an opportunity for vendor-bias towards Juniper products, the book remained vendor-neutral. The majority of the book focuses on open-source and free-ware applications, although there is commercial software covered as well. In fact, Chapter 9 - Exploitation Framework Applications covers Canvas [&] and Core Impact [&] exclusively; both commercial applications.

One of the chapters that makes this book unique is the chapter on Law and Ethics, written by Jennifer Stisa Granick. You may recognize Ms Granick from her representation of Michael Lynn in during the Cisco Gate ordeal at Black Hat 2005 (coincidentally, Michael Lynn is also one of the contributing authors of this book). She provides an insightful discussion on not only the legal implications of security work, but also the role that ethics plays in some of those "gray" areas that security professionals may find themselves in.

Another chapter that sets this book apart is Chapter 6 - Custom Packet Generation, which primarily focuses on the use of Scapy. The chapter is written by Phillipe Biondi, the author of Scapy, and he provides an excellent argument to "Decode, Do Not Interpret". He discusses the advantages of writing tools that will provide you with raw decoded information, without an interpretation of that information. For instance, if you scanned a port on a remote host, Biondi would argue that it would be better for your tool to tell you that the remote host returned a RST packet rather than telling you that the port is closed. Beyond this valuable discussion, Biondi provides a very thorough discussion of the uses of Scapy, along with several good examples. This chapter alone makes this book worth buying.

While I liked this book, there were also some problems that prevented me from giving it a 5-star rating. For starters, the preface describes the overwhelming amount of content that was edited out of this book to keep it within size constraints, yet there was quite a bit of content that detracted from the value-density of the book. As I mentioned previously, the majority of SPT is a security primer and should not be considered a reference. Given this position, I believe that there was too much step-by-step installation and setup content. As an example, Chapter 16 - E-Mail Security and Anti-Spam covered the installation and management of the Norton Anti-Virus client. I can appreciate the security-related value of anti-virus software, but I felt that a step-by-step walk through of a Norton product was irrelevant.

Additionally, while I previously stated that the diverse expertise of the authors was a benefit, the varied writing style detracted from the readability of the book. Content aside, I found some chapters to be fun to read while others were boring, due to a particular author's writing style.

In summary, I would recommend this book to anyone interested in an overview of where to get started in researching security tools for a particular purpose. While none of the discussions in the book are exhaustive, they will definitely get you started and arm you with enough information to know what you want and where to get it.

A classic ad for Snap-on brand tools featured the tagline, "I own the best, please don't ask to borrow them." In the new, complex world of IT security, picking the best tool for the job is no easy task. An indispensable reference on the subject, Security Power Tools, brings together a slew of expert authors who detail the best security tools available.

The main portion of the book is divided into six sections comprising 23 chapters that cover the following aspects of network security: reconnaissance, penetration, control, defense, monitoring, and discovery. The chapters cover tools for major operating systems from Unix/Linux, to Windows and Macintosh. The book is organized and progresses in a logical sequence that parallels real-world security scenarios and application of the tools.

Each section and subsection covers the subjects at hand, and then lists the appropriate tool for the job. The book not only lists and evaluates top tools but also explains how to access all of them, many for free, by downloading them from the Internet.

Many of the hacking countermeasures listed in the book may, however, require specific legal permission before use. Perhaps for this reason, the book opens with a chapter on legal and ethical issues. Yet the chapter does not read like a legal disclaimer--quite the contrary--it's both engaging and fascinating.

This book is written for experienced security professionals who need an authoritative resource for finding the best IT security tool for the job. At nearly 800 pages, the text covers nearly every available security tool known, making it the de facto reference to such tool selection. Readers will find it an invaluable guide

I am probably the first reviewer to have read the vast majority of Security Power Tools (SPT). I do not think the other reviewers are familiar with similar books like Anti-Hacker Toolkit, first published in 2002 and most recently updated in a third edition (AHT3E) in Feb 2006. (I doubt the SPT authors read or even were aware of AHT3E.) SPT has enough original material that I expect at least some of it will appeal to many readers, justifying four stars. On the other hand, a good portion of the material (reviewed previously as "the most up-to-date tools") offers nothing new and in some cases is several years old.

I'll begin with my favorite sections. SPT started very strongly with Jennifer Grannick's chapter on law as it pertains to security issues. She is an excellent writer and I would like to see her create her own book on the same subject. I liked Philippe Biondi's work in Ch 6 (Custom Packet Generation) although his coverage of Scapy (while great) is not for the beginner. (Just try as many examples as you can -- Scapy is cool.) Ch 7 (Metasploit) provided a great discussion of Metasploit 3; I learned quite a bit. I was pleasantly surprised by Ch 15 (Securing Communications). It was very practical. I should mention that some of the chapters appeared to be good, but they were outside my expertise and beyond my skill level. These included Ch 10 (Custom Exploitation), Ch 22 (Application Fuzzing) and Ch 23 (Binary Reverse Engineering). I was initially inclined to skip the section on BO2k in Ch 11 (Backdoors), but I didn't know the tool had been updated in Mar 07 and could be considered "viable" in the age of botnets.

Readers may also like SPT because it mixes coverage of open source and commercial tools. For example, Ch 9 (Exploitation Framework Applications) covers CORE IMPACT and Immunity CANVAS. Ch 3 (Vulnerability Scanning) describes WebInspect. Ch 17 (Device Security Testing) describes Traffic IQ Pro. Other commercial tools are mentioned in SPT but these were covered with more than a cursory overview.

The major problems I had with SPT involved indications of old material and lack of originality. Ch 20 (Host Monitoring) doesn't include any URLs for the tools it mentions. Tool versions are incredibly out-of-date, with references to 2006 or even 2005, despite versions from early 2007 (pre-publication) being available. (Examples: Afick 2.10-1, 17 May 07; Samhain 2.3.4, 1 May 07; Tripware Open Source 2.4.1.2, 18 Apr 07). Ch 19 (Network Monitoring) mentions ACID as a Snort console; BASE replaced ACID in Sep 04! The script to download and update Snort rules uses snortrules.tar.gz, which also (besides not working now) dates it to late 2004. Ch 22 says @Stake's WebProxy is a great tool, but it's been unavailable for several years. Ch 23 mentions SoftIce, but it was discontinued in Apr 06. (Unfortunately the same chapter neglects covering PaiMei "since it will probably change" -- although the Web page lists 22 May 07 as the last update.) Ch 2 (Network Scanning) lists PortSentry, but that tool hasn't been supported since '03 and is now replaced by Mike Rash's Psad. Ch 13 spends a lot of time talking about IPFW as a BSD firewall, even though Pf has been the preferred tool for several years. Ch 5 (Wireless Reconnaissance) seems to ignore that AirPcap is a viable solution for wireless sniffing on Windows. Ch 21 (Forensics) offered absolutely nothing new or advanced.

Overall, you will probably find something to really like about SPT. I would take a much different approach in the future. Trying to coordinate so many authors probably resulted in some authors finishing their sections in late '05 or early '06. They waited until the remainder finished so the book could be published in Aug 07. I am not convinced another mammoth book is needed -- maybe smaller books on focused topics would be worthwhile. I would also not bother to cover tools addressed elsewhere --especially in other O'Reilly books.