Books: A User's Report
Elizabeth Zinkann This has been an exciting two months in the UNIX book world. The new Rainbow manuals for both the Intel and Motorola processors are being released, although not all of them have been published yet. The manuals are also on the shelves for System V Release 4.2. New books have been published on device drivers for SCO UNIX (Writing Device Drivers for SCO UNIX by Peter Kettle and Steve Statler) and also for the casual UNIX user. Choosing books to review was not easy, but I finally decided to read two books on UNIX security, an exceptional book on UNIX tools, and Stalling's new networking book.
UNIX Installation Security & Integrity This book primarily addresses the system administrator or systems programmer. Its audience also includes anyone whose job functions deal with system security. Ferbrache and Shearer first provide a short history of UNIX, describing the different UNIX systems and when they were developed, then turn to file system security. They begin with a definition of inodes, which they supplement with a diagram of the UNIX file system, a diagram demonstrating inode allocation, and a table listing inode fields. The authors reuse the inode diagram later in the chapter to help the reader visualize multiple block allocation, unlinked files, unlinked blocks, corrupt directory structures, and other inode concepts. In this chapter, Ferbrache and Shearer also discuss directory and file permissions and respective safety precautions. The second major subject of the book, integrity, is defined as "preventing the corruption or modification of data or programs" -- for UNIX, this is expanded to include redundancy, synchronization, and tracking. The authors examine different ways to back up data, how to construct a file system using mount, and consistency checking using fsck. Account-level security, including login procedures and the etc/passwd file, is the first security implementation the authors address. When security is violated at this level, they note, the system administrator or security manager should be able to identify the perpetrator. Also presented in this chapter is a consideration of different password algorithms and data encryption techniques to protect accounts. The authors then logically progress to a discussion of process security and examine how the process privileges are controlled. In addition to the fork and exec system calls, Ferbrache and Shearer explain the signal, trace, and setuid mechanisms. They provide a comprehensive discussion of viruses and Trojan horses, then dissect the initialization of two different UNIX versions to identify the security problems that may be encountered while installing the system files. Later chapters deal with network security, including different types of protocols, monitoring security, programming for secure results, trusted systems, hardware security support, and standardization. The book ends with a set of fourteen appendices, ranging in subject from the Internet Worm to a glossary to several security packages and including references and suggested reading. UNIX Installation Security & Integrity is an excellent addition to the texts available for system administrators. The authors not only explain commands, but also describe how the commands really work. They identify possible loopholes and outline different methods for remedying problems before they occur. Though each section begins by presenting a simple concept and its purposes, each topic is then covered in depth. Overall, this book will provide useful information to anyone interested in computer security.
UNIX Security Derek Arnold's book presents a straightforward approach to different aspects of UNIX system security. Each chapter consists of an introduction, objectives, the body of the chapter, plus review questions. The first chapter covers a range of topics -- from the history of UNIX through its present versions, including a discussion of the the Trusted Computer Base (TCB), to definitions of security and how to activate a system as well as proceed through the shutdown procedure. Arnold chose a familiar way to differentiate the potential transgressors of security from its protectors: the latter are the "good guys," the former, the "bad guys." Arnold's central thesis is that "a System Administrator must realize that knowledge is a more powerful tool than anything else the bad guys might possess" (page 11). The goal of the book is to provide that knowledge for the system administrator. To that end, Arnold examines how audit programs can help keep a system secure. He describes the etc/passwd file and its entries, analyzing each field and the security risks involved, then offers solutions for the potential problems in the etc/passwd file. Special devices are a special problem -- they can be used to bypass standard UNIX security. Proper permissions are needed to use anything in the /dev directory, but some special devices are privately owned and located outside /dev. Arnold describes the problems these can cause for system security and presents possible solutions. A rather unique chapter, "Break-In Techniques," explores the methods of the bad guys. Arnold postulates that in order to find a bad guy, you have to know how he operates. By thinking like a bad guy, the system administrator can detect where the system may be vulnerable. A chapter entitled "Viral Infection" defines a virus and explains how a virus attacks the operating system. The author describes symptoms that could indicate viral infection and includes ways to prevent a virus from infecting your system. Another special problem has to do with repairing a program for which you don't have the source code. If left to its own devices, the object code could threaten the security of the entire system. Arnold presents maintenance procedures for patching object code through pre-processors, a string patch, the absolute debugger (adb), and the symbolic debugger (sdb). Other topics include modem security, database security, the updated UUCP network security, and an overview of Local Area Networks. This book succeeds very well as a practical approach to protecting a UNIX system. Step by step, the author analyzes the UNIX system, points out its vulnerabilities, and suggests ways to prevent invasion by the bad guys. Two chapters I found particularly helpful were chapter A, a list of reference programs with instructions on how to compile them, and chapter B, the source code for the reference programs. Moreover, no system administrator should be without the information in the chapter "Break-In Techniques." One criticism: the print, especially for the table of contents, should have been easier to read. However, that does not effect the quality of the book, which is excellent, nor Arnold's writing style, which is clear and easy to understand.
UNIX Power Tools UNIX has, historically, been a difficult system to master, in part because most of the tips and tricks that make the system pliable have been available only through the Internet. As a result, UNIX users have often had to learn the hard way, with little help or guidance from easily found resources. UNIX Power Tools puts an end to the mystery: the experienced UNIX programmer is likely to look at this book and wonder where it has been and why it took so long. UNIX Power Tools was not designed to be read from cover to cover beginning with page one; instead, it is organized so that it can be referenced easily. The topics are detailed, brief, and cover exactly what was promised. Where a subject intertwines with other concepts, the separate discussions are cross-referenced, with the name shown in blue italics and followed by the section where it is more thoroughly explained, such as "expr[47.20]." At the beginning of the book, following a well-organized table of contents, are two pages of instructions for using UNIX Power Tools. The book also contains a glossary and a detailed index. Icons warn of possible problems along the way, and also identify what is on the CD-ROM. Many of the topics included here are not often seen in print. For example, on page 1,000, section 52.08 recounts how to read a permuted index, complete with a small sample. Facing this information is an entry entitled "Make Your Own Man Pages without Learning troff." Each selection is followed by its author's initials. The shrink-wrapped CD-ROM that accompanies the book includes such tools as Perl, GNU Emacs, and every shell, perl, awk, and sed script referenced in the book, and a section in the book documents every tool included and its purpose. The book also describes how to install the CD-ROM and what to do if you have a problem. In addition to the precompiled versions for the most popular UNIX platforms, C source code is included for unsupported platforms. (For those UNIX users without a CD-ROM, Ready-To-Run Software Inc. has provided an order form so that you can obtain the software on alternate media, including floppies, QIC, 8mm, 4mm, or DEC TK50 tape cartridges.) The real challenge confronting the user of this book is to put it down. I tried several times to open it at random and read only one article. However, either the previous or the following page would entice me to peruse more than I had planned. The writing style is crisp, clear, and easy to understand. Considering the number of contributors, I was surprised at the uniformity of style and quality throughout the book: it read as if there had only been one author. UNIX Power Tools has implemented a new type of UNIX text and explains some things in print for the first time. It is an exceptional book, and one that every UNIX user, programmer, and system administrator should own and use often.
Networking Standards In this latest addition to the networking selections, Stallings first examines the definition of a standard. He analyzes the importance of standards, the varied types of standards, and different standards organizations. The rest of the book addresses five major concepts in five sections: the "Open Systems Interconnection" (OSI), the "Integrated Services Digital Network" (ISDN), "Local and Metropolitan Area Networks" (LANS and MANS), "Network Management and Security," and "OSI Implementation." Each section is prefaced by a summary of its contents and a brief overview of what each chapter within the division contains. Each chapter concludes with a brief summary. Stallings describes several concepts that are already well-known, but are not very well documented. For example, in the chapter on internetworking, he covers routing from two different perspectives, end-to-intermediate system routing and intermediate-to-intermediate system routing. In the ISDN division, he gives a good explanation of frame relay. Stallings also presents a chapter on the fiber distributed data interface (FDDI) and discusses both FDDI-I, the original specification, and FDDI-II. FDDI-I uses a packet mode data transfer service, while FDDI-II uses both a packet mode and isochronous data transfer. The order of this book is logical and the diagrams are plentiful and clear. The insides of both covers and their facing pages provide a useful list of acronyms. Stallings attempts to present difficult concepts in a well-defined, forthright manner and he succeeds. The result is a text carefully constructed for readability and suitable for a wide audience, ranging from students and designers to customers and managers. Anyone interested in networking and, in particular, OSI, ISDN, LAN, and MAN, will find this book to be a worthwhile addition to their library.
About the Author
Elizabeth Zinkann has been involved in the UNIX and C environments for the past 10 years. She is currently a UNIX and C consultant, and one of her specialities is UNIX education. In addition to her computer science background, she also has a degree in English.
|