Security is all about trade-offs. Make the right decision, and users will be satisfied with their level of access to information and resources. Make the wrong decision, and users discover the hard way that maintaining security of of information and resources, is more than than just choosing the right password or defining a policy (which is seldom ever followed(.
Instant access to information is expected these days. With the prevalence of Linux systems and off-the-shelf distributions designed to accomplish any number of tasks , administrators are often caught between unachievable deadlines for getting online systems up and running and the constant barrage of Internet threats posed by malicious individuals (both inside and outside) looking to gain access for their own benefit.
Adding to the difficulty of finding the right balance between controlling access and protecting information, the administrators of today s Linux servers have to juggle access control (security) in addition to other numerous day-to-day tasks. Linux vendors also struggle with the task of providing compelling tools for the administrator while not compromising system security and performance.
Hardening Linux takes a proactive approach to securing the general Linux systems used today, and does an excellent job of managing the tradeoffs and pitfalls many administrators face.
Its comprehensive coverage of technical and corporate policy issues deliver a step-by-step approach for those who need to get security done without understand all that runs under the hood.
This highly regarded group of authors does a tremendous job of ensuring that the average reader achieves a solid understanding of how to harden their Linux systems and how to develop and deploy a sustainable security strategy Although general Linux distribution vendors are making great progress in improving the security of their products, Hardening Linux is an invaluable resource for those seeking the perfect balance to improve security while meeting their core business needs.
While on the pursuit towards the secured server, a copy of this book, along with other valuable resources including LinuxSecurity.com, are sure to provide the guidance necessary to be vigilant, and learning how to act instead of react , when addressing real-world security issues.
Chief Executive Officer, Guardian Digital Corporation
Co-author Linux Security HOWTO
EnGarde Secure Linux Project Lead
Dave Wreski has been in information technology and security for more than ten years . Founding Guardian Digital in early 1999, Wreski has grown the company to serve hundreds of corporate clients interested in using open source to solve critical business security issues. Prior to launchin g Guardian Digital, Wreski served as senior architect for UPS Worldwide where he managed the security architecture of the company s data centers. He enjoys advocating open source security and improving acceptance of Linux to the enterprise.