Books about Linux System Administration

Apache Cookbook

£16.76

Ken Coar and Rich Bowen; ISBN: 0-596-00191-6

Apache is far and away the most widely used web server platform in the world. Both free and rock-solid, it runs more than half of the world's web sites, ranging from huge e-commerce operations to corporate intranets and smaller hobby sites, and it continues to maintain its popularity, drawing new users all the time. If you work with Apache on a regular basis, you have plenty of documentation on installing and configuring your server, but where do you go for help with the day-to-day stuff, like adding common modules or fine-tuning your activity logging?

The Apache Cookbook is a collection of problems, solutions, and practical examples for webmasters, web administrators, programmers, and everyone else who works with Apache. For every problem addressed in the book, there's a worked-out solution or "recipe"--short, focused pieces of code that you can use immediately. But this book offers more than cut-and-paste code. You also get explanations of how and why the code works, so you can adapt the problem-solving techniques to similar situations.

The recipes in the Apache Cookbook range from simple tasks, such as installing the server on Red Hat Linux or Windows, to more complex tasks, such as setting up name-based virtual hosts or securing and managing your proxy server. The two hundred plus recipes in the book cover additional topics such as:

Security
Aliases, Redirecting, and Rewriting
CGI Scripts, the suexec Wrapper, and other dynamic content techniques
Error Handling
SSL
Performance

The impressive collection of useful code in this book is a guaranteed timesaver for all Apache users, from novices to advanced practitioners. Instead of poking around mailing lists, online documentation, and other sources, you can rely on the Apache Cookbook for quick solutions to common problems, and then you can spend your time and energy where it matters most.

Apache Pocket Reference

£5.56

Andrew Ford; ISBN: 1-56592-706-0

Apache is far and away the most widely used web server platform in the world, running on Windows NT as well as Unix and other platforms. It powers about half of the world's existing web sites and is still increasing market share. Apache also forms the basis of a number of commercial web servers, such as IBM HTTP Server powered by Apache and C2Net's Stronghold.

Apache is at the leading edge of web server development with many new technologies being implemented first. Apache has a flexible architecture that allows independent developers to add their own functionality by way of modules, written either in C or, with the advent of mod_perl, in Perl.

The Apache Pocket Reference, a companion volume to Writing Apache Modules with Perl and C and Apache: The Definitive Guide, 2nd Edition, covers Apache 1.3.12. It provides a complete overview of the command-line options, configuration directives, and modules, and covers Apache support utilities.

Apache: The Definitive Guide, 3rd Edition

£22.80

Ben Laurie and Peter Laurie; ISBN: 0-596-00203-3

Apache is far and away the most widely used web server platform in the world. This versatile server runs more than half of the world's existing web sites. Apache is both free and rock-solid, running more than 21 million web sites ranging from huge e-commerce operations to corporate intranets and smaller hobby sites.

With this new third edition of Apache: The Definitive Guide, web administrators new to Apache will come up to speed quickly, and experienced administrators will find the logically organized, concise reference sections indispensable, and system programmers interested in customizing their servers will rely on the chapters on the API and Apache modules.

Updated to cover the changes in Apache's latest release, 2.0, as well as Apache 1.3, this useful guide discusses how to obtain, set up, secure, modify, and troubleshoot the Apache software on both Unix and Windows systems. Dozens of clearly written examples provide the answers to the real-world issues that Apache administrators face everyday. In addition to covering the installation and configuration of mod_perl and Tomcat, the book examines PHP, Cocoon, and other new technologies that are associated with the Apache web server. Additional coverage of security and the Apache 2.0 API make Apache: The Definitive Guide, Third Edition essential documentation for the world's most popular web server.

Computer Security Basics

£16.76

Debby Russell and G.T. Gangemi, Sr.; ISBN: 0-937175-71-4

There's a lot more consciousness of security today, but not a lot of understanding of what it means and how far it should go. No one loves security, but most people---managers, system administrators and users alike---are starting to feel that they'd better accept it, or at least try to understand it.

For example, most U.S. Government equipment acquisitions now require "Orange Book" (Trusted Computer System Evaluation Criteria) certification. A lot of people have a vague feeling that they ought to know about the Orange Book, but few make the effort to track it down and read it. Computer Security Basics contains a more readable introduction to the Orange Book---why it exists, what it contains, and what the different security levels are all about---than any other book or government publication.

This handbook describes complicated concepts such as trusted systems, encryption, and mandatory access control in simple terms. It tells you what you need to know to understand the basics of computer security, and it will help you persuade your employees to practice safe computing.

Contents include:

Introduction (basic computer security concepts, security breaches such as the Internet worm).
Computer security and requirements of the Orange Book.
Communications and network security.
Peripheral types of security (including biometric devices, physical controls, and TEMPEST).
Appendices: terms, sources, user groups, and other reference material.

DNS & BIND Cookbook

£19.96

Cricket Liu; ISBN: 0-596-00410-9

The DNS & BIND Cookbook presents solutions to the many problems faced by network administrators responsible for a name server. Following O'Reilly's popular problem-and-solution cookbook format, this title is an indispensable companion to DNS & BIND, 4th Edition, the definitive guide to the critical task of name server administration. The cookbook contains dozens of code recipes showing solutions to everyday problems, ranging from simple questions, like, "How do I get BIND?" to more advanced topics like providing name service for IPv6 addresses. It's full of BIND configuration files that you can adapt to your sites requirements.

With the wide range of recipes in this book, you'll be able to

Check whether a name is registered
Register your domain name and name servers
Create zone files for your domains
Protect your name server from abuse
Set up back-up mail servers and virtual email addresses
Delegate subdomains and check delegation
Use incremental transfer
Secure zone transfers
Restrict which queries a server will answer
Upgrade to BIND 9 from earlier version
Perform logging and troubleshooting
Use IPv6

and much more.

These recipes encompass all the day-to-day tasks you're faced with when managing a name server, and many other tasks you'll face as your site grows. Written by Cricket Liu, a noted authority on DNS, and the author of the bestselling DNS & BIND and DNS on Windows 2000, the DNS & BIND Cookbook belongs in every system or network administrator's library.

DNS on Windows 2000

£22.80

Matt Larson and Cricket Liu; ISBN: 0-596-00230-0

DNS on Windows 2000is a special Windows-oriented edition of the classic DNS and BIND. The Domain Name System (DNS) is one of the Internet's fundamental building blocks: the distributed host information database that's responsible for translating names into addresses, routing mail to its proper destination, and many other services. As the preface says, if you're using the Internet, you're already using DNS--even if you don't know it.

Besides covering general issues like installing, setting up, and maintaining the server, DNS on Windows 2000 tackles those specific to the Windows environment: integration between DNS and Active Directory, conversion from BIND to the Microsoft DNS server, and registry settings. You'll also acquire a grounding in:

Security issues
System tuning
Caching
Zone change notification
Troubleshooting
Planning for growth

If you're a Windows administrator, DNS on Windows 2000 is the operations manual you need for working with DNS every day; if you're a Windows user who simply wants to take the mystery out of the Internet, this book is a readable introduction to the Internet's architecture and inner workings.

Topics include:

What DNS does, how it works, and when you need to use it
How to find your own place in the Internet's namespace
Setting up name servers
Integrating Active Directory with DNS
Dynamic updates, storing zone information in Active Directory, and incremental zone transfers
Using MX records to route mail
Configuring hosts to use name servers
Subdividing domains (parenting)
Securing your name server: preventing unauthorized zone transfers
Mapping one name to several servers for load sharing
Troubleshooting: using nslookup, diagnosing common problems

DNS on Windows Server 2003

£22.80

Cricket Liu,Matt Larson and Robbie Allen; ISBN: 0-596-00562-8

While computers and other devices identify each other on networks or the Internet by using unique addresses made up of numbers, humans rely on the Domain Name System (DNS), the distributed database that allows us to identify machines by name. DNS does the work of translating domain names into numerical IP addresses, routing mail to its proper destination, and many other services, so that users require little or no knowledge of the system. If you're a network or system administrator, however, configuring, implementing, and maintaining DNS zones can be a formidable challenge. And now, with Windows Server 2003, an understanding of the workings of DNS is even more critical.

DNS on Windows Server 20003 is a special Windows-oriented edition of the classic DNS and BIND, newly updated to document the many changes to DNS, large and small, found in Windows Server 2003. Veteran O'Reilly authors, Cricket Liu, Matt Larson, and Robbie Allen explain the whole system in terms of the new Windows Server 2003, from starting and stopping a DNS service to establishing an organization's namespace in the global hierarchy.

Besides covering general issues like installing, setting up, and maintaining the server, DNS on Windows Server 2003 tackles the many issues specific to the new Windows environment, including the use of the dnscmd program to manage the Microsoft DNS Server from the command line and development using the WMI DNS provider to manage the name server programmatically. The book also documents new features of the Microsoft DNS Server in Windows Server 2003, including conditional forwarding and zone storage in Active Directory (AD) application partitions.

DNS on Windows Server 2003 provides grounding in:

Security issues
System tuning
Caching
Zone change notification
Troubleshooting
Planning for growth

If you're a Windows administrator, DNS on Windows Server 2003 is the operations manual you need for working with DNS every day. If you're a Windows user who simply wants to take the mystery out of the Internet, this book is a readable introduction to the Internet's architecture and inner workings.

Essential System Administration Pocket Reference

£5.56

Æleen Frisch; ISBN: 0-596-00449-4

If you're a Unix system administrator, then the information you need every day just to get your job done could fill a book--a very large book. But, practically speaking, you don't want to stop and thumb through a weighty volume each time a problem arises. Your answer is the Essential System Administration Pocket Reference, the only system administration reference that fits in your pocket. Concise and easy-to-use, this little book is the portable companion to the classic Essential System Administration by AEleen Frisch.

The Essential System Administration Pocket Reference is a quick reference to all the fundamental and essential tasks required to run such divergent Unix systems as Solaris, Linux, AIX, BSD, SuSe, Red Hat, and more. Beginners and experienced administrators alike will quickly be able to apply its principles and advice to solve everyday problems. The book is divided into three parts: Commands, Syntax and Their Applications, Configuration Files and Formats, and Operating System Specific Information. The information in this book is a must-have for any administrator or user of a Unix system.

O'Reilly's Pocket References have become a favorite among technology professionals everywhere. By providing a wealth of important details in a concise, well-organized format, these handy books deliver just what you need to complete the task at hand. When you've reached a sticking point and need to get to a solution quickly, the new Essential System Administration Pocket Reference is the book you'll want to have.

Exim

£25.56

Philip Hazel; ISBN: 0-596-00098-7

Exim delivers electronic mail, both local and remote. It has all the virtues of a good postman: it's easy to talk to, reliable, efficient, and eager to accommodate even the most complex special requests. It's the default mail transport agent installed on some Linux systems, runs on many versions of Unix, and is suitable for any TCP/IP network with any combination of hosts and end-user mail software.

Exim is growing in popularity because it is open source, scalable, and rich in features such as the following:

Compatibility with the calling interfaces and options of Sendmail (for which Exim is usually a drop-in replacement)
Lookups in LDAP servers, MySQL and PostgreSQL databases, and NIS or NIS+ services
Support for many kinds of address parsing, including regular expressions that are compatible with Perl 5
Sophisticated error handling
Innumerable tuning parameters for improving performance and handling enormous volumes of mail

Best of all, Exim is easy to configure. You never have to deal with ruleset 3 or worry that a misplaced asterisk will cause an inadvertent mail bomb.

While a basic configuration is easy to read and can be created quickly, Exim's syntax and behavior do get more subtle as you enter complicated areas like virtual hosting, filtering, and automatic replies. This book is a comprehensive survey that provides quick information for people in a hurry as well as thorough coverage of more advanced material.

High Performance Linux Clusters with OSCAR, Rocks, OpenMosix, and MPI

£22.80

Joseph D. Sloan; ISBN: 0-596-00570-9

To the outside world, a "supercomputer" appears to be a single system. In fact, it's a cluster of computers that share a local area network and have the ability to work together on a single problem as a team. Many businesses used to consider supercomputing beyond the reach of their budgets, but new Linux applications have made high-performance clusters more affordable than ever. These days, the promise of low-cost supercomputing is one of the main reasons many businesses choose Linux over other operating systems.

This new guide covers everything a newcomer to clustering will need to plan, build, and deploy a high-performance Linux cluster. The book focuses on clustering for high-performance computation, although much of its information also applies to clustering for high-availability (failover and disaster recovery). The book discusses the key tools you'll need to get started, including good practices to use while exploring the tools and growing a system. You'll learn about planning, hardware choices, bulk installation of Linux on multiple systems, and other basic considerations. Then, you'll learn about software options that can save you hours--or even weeks--of deployment time.

Since a wide variety of options exist in each area of clustering software, the author discusses the pros and cons of the major free software projects and chooses those that are most likely to be helpful to new cluster administrators and programmers. A few of the projects introduced in the book include:

MPI, the most popular programming library for clusters. This book offers simple but realistic introductory examples along with some pointers for advanced use.
OSCAR and Rocks, two comprehensive installation and administrative systems
openMosix (a convenient tool for distributing jobs), Linux kernel extensions that migrate processes transparently for load balancing
PVFS, one of the parallel filesystems that make clustering I/O easier
C3, a set of commands for administering multiple systems
Ganglia, OpenPBS, and cloning tools (Kickstart, SIS and G4U) are also covered. The book looks at cluster installation packages (OSCAR & Rocks) and then considers the core packages individually for greater depth or for folks wishing to do a custom installation. Guidelines for debugging, profiling, performance tuning, and managing jobs from multiple users round out this immensely useful book.

Home Networking Annoyances

£11.96

Kathy Ivens; ISBN: 0-596-00808-2

The beauty of a home network is that it can make life so easy--what could be better than sharing an Internet connection so that everyone can be online at the same time? With home networking you can move files from one computer to another, share resources, print to a single printer or multiple printers from any computer in the house, and IM the kids when they're holed up in their rooms. And the downside? Anyone who's ever had to troubleshoot a network glitch doesn't need to ask that question. The simple words, "Why can't I print? Why can't I get to the Internet? Why does my computer say 'Access Denied' today, when it worked fine yesterday?" are enough to send the home network administrator running for cover. And the concept of "network security" can keep the soundest sleeper tossing and turning all night.

Currently, more than 8 million homes in the US have installed a network of some kind, and within five years, that number is expected to jump to 37 million. This speaks to the availability of easy-to-install home networking products. Unfortunately, there's also a glut of potential headaches that can occur after installation (and during, sometimes) with no warning label on the box saying, "This product sure to cause annoyances."

But help is here. Home Networking Annoyances will ease the headaches and annoyances of anyone who runs a home network. This book tackles all the common annoyances associated with running your network--whether it's wired or wireless, Mac or PC, or a combination thereof. Its friendly, off-the-cuff approach will put you in a position of power over those home networking glitches, including file sharing, printing, cabling, security, and much more. You'll find dozens of on-target tips, workarounds, and fixes that will help you improve your home networking experience in every way possible.

Whether you're a mainstream business user or a home user with newly installed network hardware, you've probably had your patience tested by frustrating network maintenance issues. Take a stand against annoyances now: just as the bestselling PC Annoyances brought peace and happiness to PC users everywhere, Home Networking Annoyances is your ticket to serenity.

LDAP System Administration

£22.80

Gerald Carter; ISBN: 1-56592-491-6

Be more productive and make your life easier. That's what LDAP System Administration is all about.

System administrators often spend a great deal of time managing configuration information located on many different machines: usernames, passwords, printer configurations, email client configurations, and network filesystem configurations, to name a few. LDAPv3 provides tools for centralizing all of the configuration information and placing it under your control. Rather than maintaining several administrative databases (NIS, Active Directory, Samba, and NFS configuration files), you can make changes in only one place and have all your systems immediately "see" the updated information.

Practically platform independent, this book uses the widely available, open source OpenLDAP 2 directory server as a premise for examples, showing you how to use it to help you manage your configuration information effectively and securely. OpenLDAP 2 ships with most Linux distributions and Mac OS X, and can be easily downloaded for most Unix-based systems. After introducing the workings of a directory service and the LDAP protocol, all aspects of building and installing OpenLDAP, plus key ancillary packages like SASL and OpenSSL, this book discusses:

Configuration and access control
Distributed directories; replication and referral
Using OpenLDAP to replace NIS
Using OpenLDAP to manage email configurations
Using LDAP for abstraction with FTP and HTTP servers, Samba, and Radius
Interoperating with different LDAP servers, including Active Directory
Programming using Net::LDAP

If you want to be a master of your domain, LDAP System Administration will help you get up and running quickly regardless of which LDAP version you use. After reading this book, even with no previous LDAP experience, you'll be able to integrate a directory server into essential network services such as mail, DNS, HTTP, and SMB/CIFS.

LPI Linux Certification in a Nutshell

£22.80

Jeff Dean; ISBN: 1-56592-748-6

Companies ranging from IBM to Novell are dramatically expanding Linux training and development. Certification will be a key part of this trend, and support is growing for an industry-wide Linux certification program. Most companies want a vendor-neutral certification initiative, and the Linux Professional Institute (LPI) is the leading effort in this direction. As more corporations adopt Linux as the networking backbone for their IT systems, the demand for certified technicians will become even greater.

LPI Linux Certification in a Nutshell prepares system administrators for the basic LPI General Linux 101 exam and the more advanced 102 exam, and includes information on objectives and test suggestions. It also provides readers who aren't planning to take the exam with an excellent understanding of the targeted Linux concepts and functions.

The book is divided into two parts, one for each of the LPI exams. Each part features a summary of the exam, a Highlighter's Index, labs, suggested exercises, and practice exams to help you pass the LPI exams with flying colors.

Part I covers the General Linux 101 Exam:

GNU and Unix commands
Devices, Linux filesystems, and the filesystem hierarchy standard
Boot, initialization, shutdown and run levels
Documentation
Administrative tasks

Part II covers the General Linux 102 Exam:

Linux installation and package management
The Linux kernel
Text editing, processing, and printing
Shells, scripting, programming, and compiling
X-Windows
Networking fundamentals
Network services
Security

For those preparing to take the LPI Linux Certification Exams, this book will prove to be invaluable in its scope and breadth. Linux newbies will also find this book useful for learning more about how to use their Linux system.

Jeffrey Dean is a Red Hat Certified Engineer (RHCE) with professional experience in IT management and training delivery.

Learning the Korn Shell, 2nd Edition

£19.96

Bill Rosenblatt and Arnold Robbins; ISBN: 0-596-00195-9

The Korn shell is an interactive command and scripting language for accessing Unix® and other computer systems. As a complete and high-level programming language in itself, it's been a favorite since it was developed in the mid 1980s by David G. Korn at AT&T Bell Laboratories. Knowing how to use it is an essential skill for serious Unix users. Learning the Korn Shell shows you how to use the Korn shell as a user interface and as a programming environment.

Writing applications is often easier and quicker with Korn than with other high-level languages. Because of this, the Korn shell is the most often used shell in commercial environments and among inexperienced users. There are two other widely used shells, the Bourne shell and the C shell. The Korn shell, or ksh, has the best features of both, plus many new features of its own. ksh can do much to enhance productivity and the quality of a user's work, both in interacting with the system, and in programming. The new version, ksh93, has the functionality of other scripting languages such as awk, icon, Perl, rexx, and tcl.

Learning the Korn Shell is the key to gaining control of the Korn shell and becoming adept at using it as an interactive command and scripting language. Prior programming experience is not required in order to understand the chapters on basic shell programming. Readers will learn how to write many applications more easily and quickly than with other high-level languages. In addition, readers will also learn about Unix utilities and the way the Unix operating system works in general. The authors maintain that you shouldn't have to be an internals expert to use and program the shell effectively.

The second edition covers all the features of the current version of the Korn shell, including many new features not in earlier versions of ksh93, making it the most up-to-date reference available on the Korn shell. It compares the current version of the Korn shell to several other Bourne-compatible shells, including several Unix emulation environments for MS-DOS and Windows. In addition, it describes how to download and build ksh93 from source code.

A solid offering for many years, this newly revised title inherits a long tradition of trust among computer professionals who want to learn or refine an essential skill.

Linux Cookbook

£25.56

Carla Schroder; ISBN: 0-596-00640-3

This unique and valuable collection of tips, tools, and scripts provides clear, concise, hands-on solutions that can be applied to the challenges facing anyone running a network of Linux servers from small networks to large data centers in the practical and popular problem-solution-discussion O'Reilly cookbook format.

The Linux Cookbook covers everything you'd expect: backups, new users, and the like. But it also covers the non-obvious information that is often ignored in other books the time-sinks and headaches that are a real part of an administrator's job, such as: dealing with odd kinds of devices that Linux historically hasn't supported well, building multi-boot systems, and handling things like video and audio.

The knowledge needed to install, deploy, and maintain Linux is not easily found, and no Linux distribution gets it just right. Scattered information can be found in a pile of man pages, texinfo files, and source code comments, but the best source of information is the experts themselves who built up a working knowledge of managing Linux systems. This cookbook's proven techniques distill years of hard-won experience into practical cut-and-paste solutions to everyday Linux dilemmas.

Use just one recipe from this varied collection of real-world solutions, and the hours of tedious trial-and-error saved will more than pay for the cost of the book. But those who prefer to learn hands-on will find that this cookbook not only solves immediate problems quickly, it also cuts right to the chase pointing out potential pitfalls and illustrating tested practices that can be applied to a myriad of other situations.

Whether you're responsible for a small Linux system, a huge corporate system, or a mixed Linux/Windows/MacOS network, you'll find valuable, to-the-point, practical recipes for dealing with Linux systems everyday. The Linux Cookbook is more than a time-saver; it's a sanity saver.

Linux Network Administrator's Guide, 3rd Edition

£19.96

Tony Bautts,Terry Dawson and Gregor N. Purdy; ISBN: 0-596-00548-2

The Linux Network Administrator's Guide, Third Edition dispenses all the practical advice you need to join a network. Along with some hardware considerations, this highly acclaimed guide takes an in-depth look at all of the essential networking software that comes with the operating system--including basic infrastructure (TCP/IP, wireless networking, firewalling) and the most popular services on Linux systems.

But as the follow-up to a classic, the third edition of the Linux Network Administrator's Guide does more than just spruce up the basics. It also provides the very latest information on the following cutting-edge services:

Wireless hubs
OpenLDAP
FreeS/WAN
IMAP
Spam filtering
OpenSSH
BIND
IPv6
Featuring a litany of insider tips and techniques, the Linux Network Administrator's Guide, Third Edition is an invaluable companion for any network administrator interested in integrating Linux into their Windows environment
Authored by Terry Dawson, Tony Bautts, and Olaf Kirch, the Linux Network Administrator's Guide, Third Edition emerged from the Linux Documentation Project (LDP). The LDP's goal is to centralize all of the issues of Linux documentation, ranging from online documentation topics such as installing, using, and running Linux.

Linux Security Cookbook

£22.80

Daniel J. Barrett,Richard Silverman and Robert G. Byrnes; ISBN: 0-596-00391-9

Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes--short, focused pieces of code that administrators can use to improve security and perform common tasks securely.

The Linux Security Cookbook includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure.

Some of the "recipes" you'll find in this book are:

Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more
Monitoring your network with tcpdump, dsniff, netstat, and other tools
Protecting network connections with Secure Shell (SSH) and stunnel
Safeguarding email sessions with Secure Sockets Layer (SSL)
Encrypting files and email messages with GnuPG
Probing your own security with password crackers, nmap, and handy scripts

This cookbook's proven techniques are derived from hard-won experience. Whether you're responsible for security on a home Linux system or for a large corporation, or somewhere in between, you'll find valuable, to-the-point, practical recipes for dealing with everyday security issues. This book is a system saver.

Linux Server Security, 2nd Edition

£25.56

Michael D. Bauer; ISBN: 0-596-00670-5

Linux consistently appears high up in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well.

This highly regarded book, originally titled Building Secure Servers with Linux, combines practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--as a hub offering services to an organization or the Internet--and shows readers how to harden their hosts against attacks. An all-inclusive resource for Linux users who wish to harden their systems, Linux Server Security covers general security such as intrusion detection and firewalling a hub, as well as key services such as DNS, the Apache Web server, mail, and secure shell.

Author Michael D. Bauer, a security consultant, network architect, and lead author of the popular Paranoid Penguin column in the Linux Journal, carefully outlines the security risks, defines precautions that can minimize those risks, and offers recipes for robust security. He is joined on several chapters by administrator and developer Bill Lubanovic.

A number of new security topics have been added for this edition, including:

Database security, with a focus on MySQL
Using OpenLDAP for authentication
An introduction to email encryption
The Cyrus IMAP service, a popular mail delivery agent
The vsftpd FTP server
Geared toward Linux users with little security expertise, the author explains security concepts and techniques in clear language, beginning with the fundamentals. Linux Server Security with Linux provides a unique balance of "big picture" principles that transcend specific software packages and version numbers, and very clear procedures on securing some of those software packages on several popular distributions. With this book in hand, you'll have both the expertise and the tools to comprehensively secure your Linux system.

Linux Unwired

£14.00

Roger Weeks,Edd Dumbill and Brian Jepson; ISBN: 0-596-00583-0

In Linux Unwired, you'll learn the basics of wireless computing, from the reasons why you'd want to go wireless in the first place, to setting up your wireless network or accessing wireless data services on the road. The book provides a complete introduction to all the wireless technologies supported by Linux. You'll learn how to install and configure a variety of wireless technologies to fit different scenarios, including an office or home network and for use on the road. You'll also learn how to get Wi-Fi running on a laptop, how to use Linux to create your own access point, and how to deal with cellular networks, Bluetooth, and Infrared.

Other topics covered in the book include:

Connecting to wireless hotspots
Cellular data plans you can use with Linux
Wireless security, including WPA and 802.1x
Finding and mapping Wi-Fi networks with kismet and gpsd
Connecting Linux to your Palm or Pocket PC
Sending text messages and faxes from Linux through your cellular phone

Linux Unwired is a one-stop wireless information source for on-the-go Linux users. Whether you're considering Wi-Fi as a supplement or alternative to cable and DSL, using Bluetooth to network devices in your home or office,or want to use cellular data plans for access to data nearly everywhere, this book will show you the full-spectrum view of wireless capabilities of Linux, and how to take advantage of them.

Linux iptables Pocket Reference

£5.56

Gregor N. Purdy; ISBN: 0-596-00569-5

Firewalls, Network Address Translation (NAT), network logging and accounting are all provided by Linux's Netfilter system, also known by the name of the command used to administer it, iptables. The iptables interface is the most sophisticated ever offered on

Linux and makes Linux an extremely flexible system for any kind of network filtering you might do. Large sets of filtering rules can be grouped in ways that makes it easy to test them and turn them on and off.

Do you watch for all types of ICMP traffic--some of them quite dangerous? Can you take advantage of stateful filtering to simplify the management of TCP connections? Would you like to track how much traffic of various types you get?

This pocket reference will help you at those critical moments when someone asks you to open or close a port in a hurry, either to enable some important traffic or to block an attack. The book will keep the subtle syntax straight and help you remember all the values you have to enter in order to be as secure as possible. The book has an introductory section that describes applications,followed by a reference/encyclopaedic section with all the matches and targets arranged alphabetically.

Lotus Domino Administration in a Nutshell

£14.00

Greg Neilson; ISBN: 1-56592-717-6

Domino is one of the most effective platforms for developing and deploying e-business applications, allowing new communities of developers to enjoy its collaborative capabilities. With over 55 million seats worldwide, Domino already provided a strong foundation for messaging and web applications, and the release of R5 builds on that to make Domino easier to use than ever before.

For example, Lotus Domino R5 has been expanded to interact with most browsers and other non-Notes clients, so developers can choose their favorite language to design web applications. With R5, administrators can centrally modify client configurations instead of hopping from one terminal to the next throughout the company. The new Domino interface allows administrators to visually monitor the health and status of the Domino servers in a network from a single screen. All this capability implies complexity, and it's easy to forget which menu to go to. Here's where Lotus Domino Administration in a Nutshell can help. It's a quick reference that will come in handy again and again for finding solutions to administrative problems.

This book covers:

Domino architecture and key concepts
R5 administration tools
Domino directory and console commands
Database properties and Access Control
Configuring Domino Enterprise Connection Services (DECS)
Supporting the Notes client
Domino for IIS

Whether the task is messaging servers, modifying administration tasks to a simpler and more efficient level, or ensuring the security and flexibility of a web application server, Lotus Domino Administration in a Nutshell is the reference developers need to make the most of this reliable and scalable integrated server platform.

Managing IMAP

£19.96

Dianna Mullet and Kevin Mullet; ISBN: 0-596-00012-X

Virtually everything--not just computers, but every kind of device--is coming on board the Internet, and the two principal applications are the World Wide Web and email. The POP3 model for online-only messaging is being taxed to its limit, and users clearly would like mail servers with more "oomph." More specifically, the demand is for email servers that take advantage of centralized resources to manage mail, rather than heap more tasks on end-user computers. This clamor has resulted in the IMAP protocol being incorporated into virtually every major email server on the market. Those who haven't already installed IMAP are probably planning to do so.

Managing IMAP is a movable feast of IMAP help. It is a handy guide for everyday tasks common to most IMAP servers as well as a concise reference to help navigate the sometimes sparsely and obtusely documented open source software. Whether the goal is more insight into the IMAP server and client or utility software, or big-picture strategic suggestions to get off a legacy system, Managing IMAP is here to help.

This book is both a conceptual and a mechanical IMAP road map. Managers, system integrators, and system administrators on the front lines of Internet messaging will find it a valuable tool for IMAP system provision, maintenance and support. It is also useful if you're considering IMAP for your messaging system. Managing IMAP covers the IMAP protocol, setting up a client, IMAP security, performance monitoring, and tools. Several chapters are devoted specifically to two of the most popular servers: the University of Washington server and Cyrus, and detailed appendixes cover topics such as TCL, procmail, Sieve, and sendmail.

Managing Mailing Lists

£16.76

Alan Schwartz; ISBN: 1-56592-259-X

Would you like to set up an electronic discussion forum for your customers? Or how about a mailing list to announce meetings of your local hobby group? Email is the universal Internet application, which makes mailing lists an ideal vehicle for creating electronic communities. All you need to run a mailing list is access to a system that is connected to the Internet, a mailing list management software package, and a bit of know-how, which is where this book comes in.

Managing Mailing Lists is full of practical information for the list maintainer and system administrator alike.

This book covers four mailing list packages: Majordomo, LISTSERV, Listproc, and SmartList. All of these packages run on UNIX systems; LISTSERV runs on a number of platforms, including Windows NT. If you are a system administrator, Managing Mailing Lists tells you what you need to know to pick a mailing list package and get it up and running on your system. It also offers advice on working with the people who are actually maintaining mailing lists on your system, so that you can give them the support they need to run effective, useful lists.

If you are charged with establishing and running a mailing list, Managing Mailing Lists covers everything you need to know about setting up and maintaining the list, from writing the charter for the list to dealing with bounced messages. Depending on what mailing list software is running on your system, you'll need to work with your system administrator to set up various aspects of the list. This book lays out all the decisions you need to make and tells you what information you need to pass along to the administrator.

Mailing lists offer a great deal of flexibility. For example, you can create a moderated mailing list, so that you can control the content on the list, or you can let anyone post whatever they want, for a more free-form discussion group. You can also exert control over who can subscribe to the list, if you want to limit membership based on certain criteria. You can give your subscribers the option to receive individual messages or message digests and you can archive list postings and make them available to your readership.

Managing NFS and NIS, 2nd Edition

£22.80

Hal Stern,Mike Eisler and Ricardo Labiaga; ISBN: 1-56592-510-6

A modern computer system that's not part of a network is even more of an anomaly today than it was when we published the first edition of this book in 1991. But however widespread networks have become, managing a network and getting it to perform well can still be a problem.

Managing NFS and NIS, in a new edition based on Solaris 8, is a guide to two tools that are absolutely essential to distributed computing environments: the Network Filesystem (NFS) and the Network Information System (formerly called the "yellow pages" or YP).

The Network Filesystem, developed by Sun Microsystems, is fundamental to most Unix networks. It lets systems ranging from PCs and Unix workstations to large mainframes access each other's files transparently, and is the standard method for sharing files between different computer systems.

As popular as NFS is, it's a "black box" for most users and administrators. Updated for NFS Version 3, Managing NFS and NIS offers detailed access to what's inside, including:

How to plan, set up, and debug an NFS network
Using the NFS automounter
Diskless workstations
PC/NFS
A new transport protocol for NFS (TCP/IP)
New security options (IPSec and Kerberos V5)
Diagnostic tools and utilities
NFS client and server tuning

NFS isn't really complete without its companion, NIS, a distributed database service for managing the most important administrative files, such as the passwd file and the hosts file. NIS centralizes administration of commonly replicated files, allowing a single change to the database rather than requiring changes on every system on the network.

If you are managing a network of Unix systems, or are thinking of setting up a Unix network, you can't afford to overlook this book.

Managing RAID on Linux

£22.80

Derek Vadala; ISBN: 1-56592-730-3

Redundant Array of Independent Disks (RAID) technology is becoming a standard feature of computer systems that support mission-critical services like file sharing, mail exchange, or Web servers. RAID offers two benefits to these essential systems: improved I/O performance and fail-safe data storage.

Although bandwidth problems on networks are well documented, the internal data transfer bottleneck that exists at the hardware level in each system can also leave you with perplexing performance issues. RAID is a cost-effective and easy-to-manage way to alleviate this bandwidth problem by distributing the I/O load seamlessly across multiple disks and controllers.

RAID also provides uninterrupted data access through disk mirroring and parity algorithms. That means systems can remain online even during a disk or controller failure. RAID is scalable, making it robust enough for large, high-traffic sites and small, critical systems. By using RAID, system administrators can combine single disks into terabytes worth of data storage.

Managing RAID on Linux covers everything system administrators need to know to put together a system that can support RAID. You will learn about the different types of RAID, along with associated technologies and issues, and how to choose the best RAID system for your needs. With a step-by-step, hands-on approach, the author guides you through the installation of either Linux software RAID or a hardware RAID card. The book shows how to build an array and optionally install a high-performance file system. Contents include:

An introduction to RAID and Linux
Planning and architecture of your RAID system
Building a software RAID
Software RAID tools and references
Building a hardware RAID
Performance and tuning of your RAID system

RAID has become the low-cost solution of choice to deal with the ever-increasing demand for data storage space. Written for system administrators, power users, tech managers, and anyone who wants to learn about RAID technology, Managing RAID on Linux sidesteps the often-confusing vendor-specific approach you'll find elsewhere to give you the straight story on RAID. Even non-Linux users will find this book full of valuable material.

Managing Security with Snort & IDS Tools

£22.80

Kerry J. Cox and Christopher Gerg; ISBN: 0-596-00661-6

Intrusion detection is not for the faint at heart. But, if you are a network administrator chances are you're under increasing pressure to ensure that mission-critical systems are safe--in fact impenetrable--from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders.

Designing a reliable way to detect intruders before they get in is a vital but daunting challenge. Because of this, a plethora of complex, sophisticated, and pricy software solutions are now available. In terms of raw power and features, SNORT, the most commonly used Open Source Intrusion Detection System, (IDS) has begun to eclipse many expensive proprietary IDSes. In terms of documentation or ease of use, however, SNORT can seem overwhelming. Which output plugin to use? How do you email alerts to yourself? Most importantly, how do you sort through the immense amount of information Snort makes available to you?

Many intrusion detection books are long on theory but short on specifics and practical examples. Not Managing Security with Snort and IDS Tools. This new book is a thorough, exceptionally practical guide to managing network security using Snort 2.1 (the latest release) and dozens of other high-quality open source other open source intrusion detection programs.

Managing Security with Snort and IDS Tools covers reliable methods for detecting network intruders, from using simple packet sniffers to more sophisticated IDS (Intrusion Detection Systems) applications and the GUI interfaces for managing them. A comprehensive but concise guide for monitoring illegal entry attempts, this invaluable new book explains how to shut down and secure workstations, servers, firewalls, routers, sensors and other network devices.

Step-by-step instructions are provided to quickly get up and running with Snort. Each chapter includes links for the programs discussed, and additional links at the end of the book give administrators access to numerous web sites for additional information and instructional material that will satisfy even the most serious security enthusiasts.

Managing Security with Snort and IDS Tools maps out a proactive--and effective--approach to keeping your systems safe from attack.

Network Security Assessment

£22.80

Chris McNab; ISBN: 0-596-00611-X

There are hundreds--if not thousands--of techniques used to compromise both Windows and Unix-based systems. Malicious code and new exploit scripts are released on a daily basis, and each evolution becomes more and more sophisticated. Keeping up with the myriad of systems used by hackers in the wild is a formidable task, and scrambling to patch each potential vulnerability or address each new attack one-by-one is a bit like emptying the Atlantic with paper cup.

If you're a network administrator, the pressure is on you to defend your systems from attack. But short of devoting your life to becoming a security expert, what can you do to ensure the safety of your mission critical systems? Where do you start?

Using the steps laid out by professional security analysts and consultants to identify and assess risks, Network Security Assessment offers an efficient testing model that an administrator can adopt, refine, and reuse to create proactive defensive strategies to protect their systems from the threats that are out there, as well as those still being developed.

This thorough and insightful guide covers offensive technologies by grouping and analyzing them at a higher level--from both an offensive and defensive standpoint--helping administrators design and deploy networks that are immune to offensive exploits, tools, and scripts. Network administrators who need to develop and implement a security assessment program will find everything they're looking for--a proven, expert-tested methodology on which to base their own comprehensive program--in this time-saving new book.

Network Security with OpenSSL

£22.80

John Viega,Matt Messier and Pravir Chandra; ISBN: 0-596-00270-X

Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.

The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.

Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, instead of bogging you down in the technical details of how SSL works under the hood, this book provides only the information that is necessary to use OpenSSL safely and effectively. In step-by-step fashion, the book details the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges.

As a system or network administrator, you will benefit from the thorough treatment of the OpenSSL command-line interface, as well as from step-by-step directions for obtaining certificates and setting up your own certification authority. As a developer, you will further benefit from the in-depth discussions and examples of how to use OpenSSL in your own programs. Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included.

OpenSSL may well answer your need to protect sensitive data. If that?s the case, Network Security with OpenSSL is the only guide available on the subject.

PGP: Pretty Good Privacy

£19.96

Simson Garfinkel; ISBN: 1-56592-098-8

Use of the Internet is expanding beyond anyone's expectations. As corporations, government offices, and ordinary citizens begin to rely on the information highway to conduct business, they are realizing how important it is to protect their communications -- both to keep them a secret from prying eyes and to ensure that they are not altered during transmission. Encryption, which until recently was an esoteric field of interest only to spies, the military, and a few academics, provides a mechanism for doing this.

PGP, which stands for Pretty Good Privacy, is a free and widely available encryption program that lets you protect files and electronic mail. Written by Phil Zimmermann and released in 1991, PGP works on virtually every platform and has become very popular both in the U.S. and abroad. Because it uses state-of-the-art public key cryptography, PGP can be used to authenticate messages, as well as keep them secret. With PGP, you can digitally "sign" a message when you send it. By checking the digital signature at the other end, the recipient can be sure that the message was not changed during transmission and that the message actually came from you.

PGP offers a popular alternative to U.S. government initiatives like the Clipper Chip because, unlike Clipper, it does not allow the government or any other outside agency access to your secret keys.

PGP: Pretty Good Privacy by Simson Garfinkel is both a readable technical user's guide and a fascinating behind-the-scenes look at cryptography and privacy.

Part I, "PGP Overview," introduces PGP and the cryptography that underlies it.

Part II, "Cryptography History and Policy," describes the history of PGP -- its personalities, legal battles, and other intrigues; it also provides background on the battles over public key cryptography patents and the U.S. government export restrictions, and other aspects of the ongoing public debates about privacy and free speech.

Part III, "Using PGP," describes how to use PGP: protecting files and email, creating and using keys, signing messages, certifying and distributing keys, and using key servers.

Part IV, "Appendices," describes how to obtain PGP from Internet sites, how to install it on PCs, UNIX systems, and the Macintosh, and other background information.

The book also contains a glossary, a bibliography, and a handy reference card that summarizes all of the PGP commands, environment variables, and configuration variables.

Photo Retouching with Photoshop: A Designer's Notebook

£11.96

Marie Laure CLEC'H; ISBN: 0-596-00860-0

Photo Retouching with Photoshop: A Designer's Notebook

is at once eye candy, artistic inspiration, and incomparable technical guidance for intermediate-to-advanced digital imaging professionals, graphic artists, photographers, and just about anyone involved in creating digital images or animations. A visual splendor, this full-color book showcases a one-of-a-kind collection of superb and innovative photo-retouching solutions by well-known French artists.

The new English translation of a cutting-edge French work, Photo Retouching with Photoshop: A Designer's Notebook presents high-quality photo retouching from the unique cultural perspective of the French. Reflecting the very best of French creation in graphic design and digital imaging, this book offers an enlightening and stunning glimpse into a vibrant culture known for pushing the limits of imagination with photography, graphics, and art.

Filled with beauty, energy, and creative risks, the images inside will forever change the way you see and perform your own photo manipulation and graphic design. You'll see what other top-notch imaging professionals are able to do to and create with their photographs with Photoshop, and you'll be guided, step-by-step, through the editing process of each project--from original shot to polished print.

But most importantly, you'll gain both insight and experience into how each visionary artist imagined, conceptualized, and ultimately created his or her final exquisite image. With the book's inspiration and education, you'll be able to exert precise control over every aspect of your own photo restorations and retouching challenges so you can consistently achieve expert, dramatic results while always preserving the integrity of the photographs.

Part coffee-table book, part art inspiration, and part design guide, the lavishly illustrated Photo Retouching with Photoshop: A Designer's Notebook will redefine what it means to retouch a photograph--taking the procedure from simple, mindless manipulation to elaborate, intentional, highly rewarding art form.

Postfix: The Definitive Guide

£19.96

Kyle D. Dent; ISBN: 0-596-00212-2

Postfix is a Mail Transfer Agent (MTA): software that mail servers use to route email. Postfix is highly respected by experts for its secure design and tremendous reliability, while new users like it because it's so simple to configure. In fact, Postfix has been adopted as the default MTA on Mac OS X. It is also compatible with sendmail, so that existing scripts and programs continue to work seamlessly after it is installed.

Postfix was written by well-known security expert Wietse Venema, who reviewed this book intensively during its entire development. Author Kyle Dent covers a wide range of Postfix tasks, from virtual hosting to controls for unsolicited commercial email.

While basic configuration of Postfix is easy, every site has unique needs that call for a certain amount of study. This book, with careful background explanations and generous examples, eases readers from the basic configuration to the full power of Postfix. It discusses the Postfix interfaces to various tools that round out a fully scalable and highly secure email system. These tools include POP, IMAP, LDAP, MySQL, Simple Authentication and Security Layer (SASL), and Transport Layer Security (TLS, an upgrade of SSL). A reference section for Postfix configuration parameters and an installation guide are included.

Topics include:

Basic installation and configuration
DNS configuration for email
Working with POP/IMAP servers
Hosting multiple domains (virtual hosting)
Mailing lists
Handling unsolicited email (spam blocking)
Security through SASL and TLS

From compiling and installing Postfix to troubleshooting, Postfix: The Definitive Guide offers system administrators and anyone who deals with Postfix an all-in-one, comprehensive tutorial and reference to this MTA.

Practical Unix & Internet Security, 3rd Edition

£31.16

Simson Garfinkel,Gene Spafford and Alan Schwartz; ISBN: 0-596-00323-4

When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world.

Focusing on the four most popular Unix variants today--Solaris, Mac OS X, Linux, and FreeBSD--this book contains new information on PAM (Pluggable Authentication Modules), LDAP, SMB/Samba, anti-theft technologies, embedded systems, wireless and laptop issues, forensics, intrusion detection, chroot jails, telephone scanners and firewalls, virtual and cryptographic filesystems, WebNFS, kernel security levels, outsourcing, legal issues, new Internet protocols and cryptographic algorithms, and much more.

Practical Unix & Internet Security consists of six parts:

Computer security basics: introduction to security problems and solutions, Unix history and lineage, and the importance of security policies as a basic element of system security.
Security building blocks: fundamentals of Unix passwords, users, groups, the Unix filesystem, cryptography, physical security, and personnel security.
Network security: a detailed look at modem and dialup security, TCP/IP, securing individual network services, Sun's RPC, various host and network authentication systems (e.g., NIS, NIS+, and Kerberos), NFS and other filesystems, and the importance of secure programming.
Secure operations: keeping up to date in today's changing security world, backups, defending against attacks, performing integrity management, and auditing.
Handling security incidents: discovering a break-in, dealing with programmed threats and denial of service attacks, and legal aspects of computer security.
Appendices: a comprehensive security checklist and a detailed bibliography of paper and electronic references for further reading and research.

Packed with 1000 pages of helpful text, scripts, checklists, tips, and warnings, this third edition remains the definitive reference for Unix administrators and anyone who cares about protecting their systems and data from today's threats.

RADIUS

£19.96

Jonathan Hassell; ISBN: 0-596-00322-6

The subject of security never strays far from the minds of IT workers, for good reason. If there is a network with even just one connection to another network, it needs to be secured. RADIUS, or Remote Authentication Dial-In User Service, is a widely deployed protocol that enables companies to authenticate, authorize and account for remote users who want access to a system or service from a central network server. Originally developed for dial-up remote access, RADIUS is now used by virtual private network (VPN) servers, wireless access points, authenticating Ethernet switches, Digital Subscriber Line (DSL) access, and other network access types. Extensible, easy to implement, supported, and actively developed, RADIUS is currently the de facto standard for remote authentication.

RADIUS provides a complete, detailed guide to the underpinnings of the RADIUS protocol, with particular emphasis on the utility of user accounting. Author Jonathan Hassell draws from his extensive experience in Internet service provider operations to bring practical suggestions and advice for implementing RADIUS. He also provides instructions for using an open-source variation called FreeRADIUS.

"RADIUS is an extensible protocol that enjoys the support of a wide range of vendors," says Jonathan Hassell. "Coupled with the amazing efforts of the open source development community to extend RADIUS's capabilities to other applications-Web, calling card security, physical device security, such as RSA's SecureID-RADIUS is possibly the best protocol with which to ensure only the people that need access to a resource indeed gain that access."

This unique book covers RADIUS completely, from the history and theory of the architecture around which it was designed, to how the protocol and its ancillaries function on a day-to-day basis, to implementing RADIUS-based security in a variety of corporate and service provider environments. If you are an ISP owner or administrator, corporate IT professional responsible for maintaining mobile user connectivity, or a web presence provider responsible for providing multiple communications resources, you'll want this book to help you master this widely implemented but little understood protocol.

Regular Expression Pocket Reference

£5.56

Tony Stubblebine; ISBN: 0-596-00415-X

Regular expressions are such a powerful tool for manipulating text and data that anyone who uses a computer can benefit from them. Composed of a mixture of symbols and text, regular expressions can be an outlet for creativity, for brilliant programming, and for the elegant solution. While a command of regular expressions is an invaluable skill, all there is to know about them fills a very large volume, and you don't always have time to thumb through hundreds of pages each time a question arises. The answer is the Regular Expression Pocket Reference. Concise and easy-to-use, this little book is the portable companion to Mastering Regular Expressions.

This handy guide offers programmers a complete overview of the syntax and semantics of regular expressions, which are at the heart of every text-processing application. Ideal as an introduction for beginners and a quick reference for advanced programmers, Regular Expression Pocket Reference is a comprehensive guide to regular expression APIs for C, Perl, PHP,Java, .NET, Python, vi, and the POSIX regular expression libraries.

O'Reilly's Pocket References have become a favorite among programmers everywhere. By providing a wealth of important details in a concise, well-organized format, these handy books deliver just what you need to complete the task at hand. When you've reached a sticking point and need to get to a solution quickly, the new Regular Expression Pocket Reference is the book you'll want to have.

SELinux

£22.80

Bill McCarty; ISBN: 0-596-00716-7

The intensive search for a more secure operating system has often left everyday, production computers far behind their experimental, research cousins. Now SELinux (Security Enhanced Linux) dramatically changes this. This best-known and most respected security-related extension to Linux embodies the key advances of the security field. Better yet, SELinux is available in widespread and popular distributions of the Linux operating system--including for Debian, Fedora, Gentoo, Red Hat Enterprise Linux, and SUSE--all of it free and open source.

SELinux emerged from research by the National Security Agency and implements classic strong-security measures such as role-based access controls, mandatory access controls, and fine-grained transitions and privilege escalation following the principle of least privilege. It compensates for the inevitable buffer overflows and other weaknesses in applications by isolating them and preventing flaws in one application from spreading to others. The scenarios that cause the most cyber-damage these days--when someone gets a toe-hold on a computer through a vulnerability in a local networked application, such as a Web server, and parlays that toe-hold into pervasive control over the compute system--are prevented on a properly administered SELinux system.

The key, of course, lies in the words "properly administered." A system administrator for SELinux needs a wide range of knowledge, such as the principles behind the system, how to assign different privileges to different groups of users, how to change policies to accommodate new software, and how to log and track what is going on. And this is where SELinux is invaluable. Author Bill McCarty, a security consultant who has briefed numerous government agencies, incorporates his intensive research into SELinux into this small but information-packed book. Topics include:

A readable and concrete explanation of SELinux concepts and its security model
Installation instructions for numerous distributions
Basic system and user administration
A detailed dissection of the SELinux policy language
Examples and guidelines for altering and adding policies
With SELinux, a high-security computer is within reach of any system administrator. If you want an effective means of securing your Linux system--and who doesn't?--this book provides the means.

Samba Pocket Reference, 2nd Edition

£5.56

Jay Ts,Robert Eckstein and David Collier-Brown; ISBN: 0-596-00546-6

Samba is a cross-platform triumph: it turns a Unix or Linux system into a file and print server for Microsoft Windows network clients.This book describes all the options for Samba's configuration file in quick-reference format. It also contains command-line options and related information on the use of the Samba daemons (smbd, nmbd, and winbindd) and the utilities in the Samba distribution.

The current edition covers Samba 2.x and the most important features of 3.0, which was under development as this book went to print. New options pertain to Samba's acting as a primary domain controller and as a domain member server, its support for the use of Windows NT/2000/XP authentication and filesystem security on the host Unix system, and access to shared files and printers from Unix clients.

System administrators who are familiar with Samba and want a handy reminder of how to administer it without the bulk of a full-sized book will find this pocket reference invaluable.

Security Warrior

£25.56

Cyrus Peikari and Anton Chuvakin; ISBN: 0-596-00545-8

When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm.

What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.

Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines -- trojaned binaries, "spyware" that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability.

Security Warrior is the most comprehensive and up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you're on the front lines, defending your site against attackers, you need this book. On your shelf--and in your hands.

Server Load Balancing

£19.96

Tony Bourke; ISBN: 0-596-00050-2

Load balancing improves network performance by distributing traffic efficiently so that individual servers are not overwhelmed by sudden fluctuations in activity. Server Load Balancing is a guide to this critical component of high availability, clustering, and fault tolerance, all of which provide the infrastructure for reliable Internet sites and large corporate networks.

Much of the information on load balancing comes from vendor-specific manuals that use inconsistent terminology and are often biased toward the products they cover. Server Load Balancing explains to engineers and technicians the concepts and terminology of load balancing and offers practical guidance for planning and implementing it in almost any environment. It includes a configuration guide with diagrams and sample configurations for installing, configuring, and maintaining products from the four major vendors:

Alteon WebSystems
Cisco's CSS Series (formerly ArrowPoint)
F5's BIG-IP
the Foundry ServerIron series

By comparing several load balancing products, you'll gain a deeper understanding of the technology and how best to use it to improve your network performance. No system administrator responsible for traffic management should be without this practical guide.

Snort Cookbook

£22.80

Angela D. Orebaugh,Simon Biles,Jacob Babbin and Jacob Babbin; ISBN: 0-596-00791-4

If you are a network administrator, you're under a lot of pressure to ensure that mission-critical systems are completely safe from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders. Designing a reliable way to detect intruders before they get in is an essential--but often overwhelming--challenge. SNORT, the defacto open source standard of intrusion detection tools, is capable of performing real-time traffic analysis and packet logging on IP network. It can perform protocol analysis, content searching, and matching. SNORT can save countless headaches; the new SNORT Cookbook will save countless hours of sifting through dubious online advice or wordy tutorials in order to leverage the full power of SNORT.

Each recipe in the popular and practical problem-solution-discussion O'Reilly cookbook format contains a clear and thorough description of the problem, a concise but complete discussion of a solution, and real-world examples that illustrate that solution. The SNORT Cookbook covers important issues that sys admins and security pros will us everyday, such as:

installation
optimization
logging
alerting
rules and signatures
detecting viruses
countermeasures
detecting common attacks
administration
honeypots
log analysis
But the SNORT Cookbook offers far more than quick cut-and-paste solutions to frustrating security issues. Those who learn best in the trenches--and don't have the hours to spare to pore over tutorials or troll online for best-practice snippets of advice--will find that the solutions offered in this ultimate SNORT sourcebook not only solve immediate problems quickly, but also showcase the best tips and tricks they need to master be security gurus--and still have a life.

Solaris 8 Administrator's Guide

£22.80

Paul Watters; ISBN: 0-596-00073-1

The Solaris operating system, along with related Sun products like Java, is one of the most reliable and scalable platforms on which to build e-commerce products, and on which to support all networked services. Yet, one problem that potential users face is finding out more information about what Solaris offers. In a sense, they want to know how much technical work is involved in migrating to Solaris, and what kind of philosophy Solaris is based on.

To answer these questions, Solaris 8 Administrator's Guide covers all aspects of deploying Solaris as a network server, including both basic and advanced network services. Given newfound interest in Solaris as an enterprise network operating system, this guide is aimed

the Linux Emporium

Books about System Administration