Hacking Linux Exposed: Linux Security Secrets & Solutions
Brian Hatch - 2001
Hacking Exposed Linux provides the most up-to-date coverage available from a large team of topic-focused experts. The book is based on the latest security research and shows you, in full detail, how to lock out intruders and defend your Linux systems against catastrophic attacks.Secure Linux by using attacks and countermeasures from the latest OSSTMM researchFollow attack techniques of PSTN, ISDN, and PSDN over LinuxHarden VoIP, Bluetooth, RF, RFID, and IR devices on LinuxBlock Linux signal jamming, cloning, and eavesdropping attacksApply Trusted Computing and cryptography tools for your best defenseFix vulnerabilities in DNS, SMTP, and Web 2.0 servicesPrevent SPAM, Trojan, phishing, DoS, and DDoS exploitsFind and repair errors in C code with static analysis and Hoare Logic
Working at the Ubuntu Command-Line Prompt
Keir Thomas - 2011
His books have been read by over 1,000,000 people and are #1 best-sellers. His book Beginning Ubuntu Linux recently entered its sixth edition, and picked-up a Linux Journal award along the way. Thomas is also the author of Ubuntu Kung Fu. * * * * * * * * * * * * * * * * * Get to grips with the Ubuntu command-line with this #1 best-selling and concise guide. "Best buck I've spent yet" — Amazon review.* Readable, accessible and easy to understand;* Learn essential Ubuntu vocational skills, or read just for fun;* Covers Ubuntu commands, syntax, the filesystem, plus advanced techniques;* For ANY version of Linux based on Debian, such as Linux Mint--not just Ubuntu!;* Includes BONUS introduction to Ubuntu chapter, plus a glossary appendix and a guide to reading Linux/Unix documentation.
The Linux Programming Interface: A Linux and Unix System Programming Handbook
Michael Kerrisk - 2010
You'll learn how to:Read and write files efficiently Use signals, clocks, and timers Create processes and execute programs Write secure programs Write multithreaded programs using POSIX threads Build and use shared libraries Perform interprocess communication using pipes, message queues, shared memory, and semaphores Write network applications with the sockets API While The Linux Programming Interface covers a wealth of Linux-specific features, including epoll, inotify, and the /proc file system, its emphasis on UNIX standards (POSIX.1-2001/SUSv3 and POSIX.1-2008/SUSv4) makes it equally valuable to programmers working on other UNIX platforms.The Linux Programming Interface is the most comprehensive single-volume work on the Linux and UNIX programming interface, and a book that's destined to become a new classic.Praise for The Linux Programming Interface "If I had to choose a single book to sit next to my machine when writing software for Linux, this would be it." —Martin Landers, Software Engineer, Google "This book, with its detailed descriptions and examples, contains everything you need to understand the details and nuances of the low-level programming APIs in Linux . . . no matter what the level of reader, there will be something to be learnt from this book." —Mel Gorman, Author of Understanding the Linux Virtual Memory Manager "Michael Kerrisk has not only written a great book about Linux programming and how it relates to various standards, but has also taken care that bugs he noticed got fixed and the man pages were (greatly) improved. In all three ways, he has made Linux programming easier. The in-depth treatment of topics in The Linux Programming Interface . . . makes it a must-have reference for both new and experienced Linux programmers." —Andreas Jaeger, Program Manager, openSUSE, Novell "Michael's inexhaustible determination to get his information right, and to express it clearly and concisely, has resulted in a strong reference source for programmers. While this work is targeted at Linux programmers, it will be of value to any programmer working in the UNIX/POSIX ecosystem." —David Butenhof, Author of Programming with POSIX Threads and Contributor to the POSIX and UNIX Standards ". . . a very thorough—yet easy to read—explanation of UNIX system and network programming, with an emphasis on Linux systems. It's certainly a book I'd recommend to anybody wanting to get into UNIX programming (in general) or to experienced UNIX programmers wanting to know 'what's new' in the popular GNU/Linux system." —Fernando Gont, Network Security Researcher, IETF Participant, and RFC Author ". . . encyclopedic in the breadth and depth of its coverage, and textbook-like in its wealth of worked examples and exercises. Each topic is clearly and comprehensively covered, from theory to hands-on working code. Professionals, students, educators, this is the Linux/UNIX reference that you have been waiting for." —Anthony Robins, Associate Professor of Computer Science, The University of Otago "I've been very impressed by the precision, the quality and the level of detail Michael Kerrisk put in his book. He is a great expert of Linux system calls and lets us share his knowledge and understanding of the Linux APIs." —Christophe Blaess, Author of Programmation systeme en C sous Linux ". . . an essential resource for the serious or professional Linux and UNIX systems programmer. Michael Kerrisk covers the use of all the key APIs across both the Linux and UNIX system interfaces with clear descriptions and tutorial examples and stresses the importance and benefits of following standards such as the Single UNIX Specification and POSIX 1003.1." —Andrew Josey, Director, Standards, The Open Group, and Chair of the POSIX 1003.1 Working Group "What could be better than an encyclopedic reference to the Linux system, from the standpoint of the system programmer, written by none other than the maintainer of the man pages himself? The Linux Programming Interface is comprehensive and detailed. I firmly expect it to become an indispensable addition to my programming bookshelf." —Bill Gallmeister, Author of POSIX.4 Programmer's Guide: Programming for the Real World ". . . the most complete and up-to-date book about Linux and UNIX system programming. If you're new to Linux system programming, if you're a UNIX veteran focused on portability while interested in learning the Linux way, or if you're simply looking for an excellent reference about the Linux programming interface, then Michael Kerrisk's book is definitely the companion you want on your bookshelf." —Loic Domaigne, Chief Software Architect (Embedded), Corpuls.com
Introduction to Disciplined Agile Delivery: A Small Agile Team’s Journey from Scrum to Continuous Delivery
Mark Lines - 2015
It describes the Disciplined Agile Delivery (DAD) process decision framework and then works through a case study describing a typical agile team’s experiences adopting a disciplined agile approach. The book describes how the team develops the first release of a mission-critical application while working in a legacy enterprise environment. It describes their experiences from beginning-to-end, starting with their initial team initiation efforts through construction and finally to deploying the solution into production. It also describes how the team stays together for future releases, overviewing their process improvement efforts from their Scrum-based beginnings through to a lean continuous delivery approach that fits in with their organization’s evolving DevOps strategy. The DAD framework is a hybrid of existing methods such as Scrum, Kanban, Agile Modeling, SAFe, Extreme Programming, Agile Data, Unified Process and many others. DAD provides the flexibility to use various approaches and plugs the gaps not addressed by mainstream agile methods. In a nutshell, DAD is “pragmatic agile.” DAD describes proven strategies to adapt and scale your agile initiatives to suit the unique realities of your enterprise without having to figure it all out by yourself. Here’s an overview of what each chapter covers: * Chapter 1: Introduction. This chapter provides a quick overview of the book and a brief history of Disciplined Agile. * Chapter 2: Reality over Rhetoric. This chapter explores several common myths about DAD and more importantly disproves them. * Chapter 3: Disciplined Agile Delivery in a Nutshell. This chapter provides a brief yet comprehensive overview of the DAD framework. * Chapter 4: Introduction to the Case Study. This chapter introduces us to the team, describes the market opportunity that they hope to address, and describes the environment in which they’re working. * Chapter 5: Inception. The team’s initiation effort includes initial requirements modeling and planning with their stakeholders in a streamlined manner, initial architecture modeling, setting up their physical work environment, setting up the start of their tooling infrastructure, initial risk identification, and finally securing stakeholder support and funding for the rest of the first release. * Chapters 6 through 10: Construction. These chapters each describe a single Construction iteration, sharing the team’s experiences during each of those two-week timeboxes. * Chapter 11: Transition. The two-week transition phase focuses on final testing and fixing, training the support/help-desk staff, finishing a few short end-user “how to” videos, and deploying the solution into production. * Chapter 12: Future Releases. This chapter overviews the team’s improvement efforts over the next few releases, describing how they evolve from the agile Scrum-based lifecycle to a leaner approach and eventually to continuous delivery. * Chapter 13: Closing Thoughts. This chapter overviews the disciplined agile resources that are available to you. * Appendix: The Disciplined Agile IT Department. This short appendix overviews our ongoing work on the Disciplined Agile framework to address the full scope of an IT department. At 102 pages, you should find this book to be a quick, informative read.
The UNIX Programming Environment
Brian W. Kernighan - 1983
Readers will gain an understanding not only of how to use the system, its components, and the programs, but also how these fit into the total environment.
Wireshark 101: Essential Skills for Network Analysis
Laura A. Chappell - 2013
This book provides an ideal starting point whether you are interested in analyzing traffic to learn how an application works, you need to troubleshoot slow network performance, or determine whether a machine is infected with malware. Learning to capture and analyze communications with Wireshark will help you really understand how TCP/IP networks function. As the most popular network analyzer tool in the world, the time you spend honing your skills with Wireshark will pay off when you read technical specs, marketing materials, security briefings, and more. This book can also be used by current analysts who need to practice the skills contained in this book. In essence, this book is for anyone who really wants to know what's happening on their network.
The Rails 4 Way
Obie Fernandez - 2013
It has conquered developer mindshare at startups and enterprises alike with its focus of simplicity, convention and clean, maintainable code. The latest version, Rails 4, continues the tradition of enhanced performance, security and developer productivity, with improvements that enable professional developers to focus on what matters most: delivering business value quickly and consistently.The Rails™ 4 Way is the only comprehensive, authoritative guide to delivering production-quality code with Rails 4. Pioneering Rails expert Obie Fernandez and his team of leading Rails experts illuminate the entire set of Rails APIs, along with the idioms, design approaches, and libraries that make developing applications with Rails so powerful. Drawing on their unsurpassed experience and track record, they address the real challenges development teams face, showing how to use Rails to maximize your productivity.Using numerous detailed code examples, the author systematically cover Rails key capabilities and subsystems, making this book a reference that you depend on everyday. He presents advanced Rails programming techniques that have been proven effective in day-to-day usage on dozens of production Rails systems and offers important insights into behavior-driven development and production considerations such as scalability. Dive deep into the subtleties of the asset pipeline and other advanced Rails topics such as security and scalability. The Rails 4 Way is your best guide for making Rails do exactly what you want it to do.
The Art of UNIX Programming
Eric S. Raymond - 2003
This book attempts to capture the engineering wisdom and design philosophy of the UNIX, Linux, and Open Source software development community as it has evolved over the past three decades, and as it is applied today by the most experienced programmers. Eric Raymond offers the next generation of hackers the unique opportunity to learn the connection between UNIX philosophy and practice through careful case studies of the very best UNIX/Linux programs.
Version Control with Subversion
Ben Collins-Sussman - 2004
Today's increasingly fast pace of software development--as programmers make small changes to software one day only to undo them the next--has only heightened the problem; consecutive work on code or single-programmer software is a rare sight these days. Without careful attention to version control, concurrent and collaborative work can create more headaches than it solves. This is where Subversion comes into play.Written by members of the Subversion open source development team, Version Control with Subversion introduces the powerful new versioning tool designed to be the successor to the Concurrent Version System or CVS. CVS users will find the "look and feel" Subversion comfortably familiar, but under the surface it's far more flexible, robust, and usable, and more importantly, it improves on CVS's more notable flaws.The book begins with a general introduction to Subversion, the basic concepts behind version control, and a guided tour of Subversion's capabilities and structure. With thorough attention to detail, the authors cover every aspect of installing and configuring Subversion for managing a programming project, documentation, or any other team-based endeavor. Later chapters cover the more complex topics of branching, repository administration, and other advanced features such as properties, externals, and access control. The book ends with reference material and appendices covering a number of useful topics such as a Subversion complete reference and troubleshooting guide.Version Control with Subversion aims to be useful to readers of widely different backgrounds, from those with no previous experience in version control to experienced sysadmins. If you've never used version control, you'll find everything you need to get started in this book. And if you're a seasoned CVS pro, this book will help you make a painless leap into Subversion.
Linux Server Hacks: 100 Industrial-Strength Tips and Tools
Rob Flickenger - 2003
Setting up and maintaining a Linux server requires understanding not only the hardware, but the ins and outs of the Linux operating system along with its supporting cast of utilities as well as layers of applications software. There's basic documentation online but there's a lot beyond the basics you have to know, and this only comes from people with hands-on, real-world experience. This kind of "know how" is what we sought to capture in Linux Server Hacks.Linux Server Hacks is a collection of 100 industrial-strength hacks, providing tips and tools that solve practical problems for Linux system administrators. Every hack can be read in just a few minutes but will save hours of searching for the right answer. Some of the hacks are subtle, many of them are non-obvious, and all of them demonstrate the power and flexibility of a Linux system. You'll find hacks devoted to tuning the Linux kernel to make your system run more efficiently, as well as using CVS or RCS to track the revision to system files. You'll learn alternative ways to do backups, how to use system monitoring tools to track system performance and a variety of secure networking solutions. Linux Server Hacks also helps you manage large-scale Web installations running Apache, MySQL, and other open source tools that are typically part of a Linux system.O'Reilly's new Hacks Series proudly reclaims the term "hacking" for the good guys. Hackers use their ingenuity to solve interesting problems. Rob Flickenger is an experienced system administrator, having managed the systems for O'Reilly Network for several years. (He's also into community wireless networking and he's written a book on that subject for O'Reilly.) Rob has also collected the best ideas and tools from a number of other highly skilled contributors.Written for users who already understand the basics, Linux Server Hacks is built upon the expertise of people who really know what they're doing.
Managing Risk and Information Security: Protect to Enable
Malcolm Harkins - 2012
Because almost every aspect of an enterprise is now dependent on technology, the focus of IT security must shift from locking down assets to enabling the business while managing and surviving risk. This compact book discusses business risk from a broader perspective, including privacy and regulatory considerations. It describes the increasing number of threats and vulnerabilities, but also offers strategies for developing solutions. These include discussions of how enterprises can take advantage of new and emerging technologiessuch as social media and the huge proliferation of Internet-enabled deviceswhile minimizing risk. With ApressOpen, content is freely available through multiple online distribution channels and electronic formats with the goal of disseminating professionally edited and technically reviewed content to the worldwide community. Here are some of the responses from reviewers of this exceptional work: Managing Risk and Information Security is a perceptive, balanced, and often thought-provoking exploration of evolving information risk and security challenges within a business context. Harkins clearly connects the needed, but often-overlooked linkage and dialog between the business and technical worlds and offers actionable strategies. The book contains eye-opening security insights that are easily understood, even by the curious layman. Fred Wettling, Bechtel Fellow, IS&T Ethics & Compliance Officer, Bechtel As disruptive technology innovations and escalating cyber threats continue to create enormous information security challenges, Managing Risk and Information Security: Protect to Enable provides a much-needed perspective. This book compels information security professionals to think differently about concepts of risk management in order to be more effective. The specific and practical guidance offers a fast-track formula for developing information security strategies which are lock-step with business priorities. Laura Robinson, Principal, Robinson Insight Chair, Security for Business Innovation Council (SBIC) Program Director, Executive Security Action Forum (ESAF) The mandate of the information security function is being completely rewritten. Unfortunately most heads of security havent picked up on the change, impeding their companies agility and ability to innovate. This book makes the case for why security needs to change, and shows how to get started. It will be regarded as marking the turning point in information security for years to come. Dr. Jeremy Bergsman, Practice Manager, CEB The world we are responsible to protect is changing dramatically and at an accelerating pace. Technology is pervasive in virtually every aspect of our lives. Clouds, virtualization and mobile are redefining computing and they are just the beginning of what is to come. Your security perimeter is defined by wherever your information and people happen to be.
Site Reliability Engineering: How Google Runs Production Systems
Betsy Beyer - 2016
So, why does conventional wisdom insist that software engineers focus primarily on the design and development of large-scale computing systems?In this collection of essays and articles, key members of Google's Site Reliability Team explain how and why their commitment to the entire lifecycle has enabled the company to successfully build, deploy, monitor, and maintain some of the largest software systems in the world. You'll learn the principles and practices that enable Google engineers to make systems more scalable, reliable, and efficient--lessons directly applicable to your organization.This book is divided into four sections: Introduction--Learn what site reliability engineering is and why it differs from conventional IT industry practicesPrinciples--Examine the patterns, behaviors, and areas of concern that influence the work of a site reliability engineer (SRE)Practices--Understand the theory and practice of an SRE's day-to-day work: building and operating large distributed computing systemsManagement--Explore Google's best practices for training, communication, and meetings that your organization can use
97 Things Every Programmer Should Know: Collective Wisdom from the Experts
Kevlin Henney - 2010
With the 97 short and extremely useful tips for programmers in this book, you'll expand your skills by adopting new approaches to old problems, learning appropriate best practices, and honing your craft through sound advice.With contributions from some of the most experienced and respected practitioners in the industry--including Michael Feathers, Pete Goodliffe, Diomidis Spinellis, Cay Horstmann, Verity Stob, and many more--this book contains practical knowledge and principles that you can apply to all kinds of projects.A few of the 97 things you should know:"Code in the Language of the Domain" by Dan North"Write Tests for People" by Gerard Meszaros"Convenience Is Not an -ility" by Gregor Hohpe"Know Your IDE" by Heinz Kabutz"A Message to the Future" by Linda Rising"The Boy Scout Rule" by Robert C. Martin (Uncle Bob)"Beware the Share" by Udi Dahan
You Don't Know JS: Up & Going
Kyle Simpson - 2015
With the "You Don’t Know JS" book series, you’ll get a more complete understanding of JavaScript, including trickier parts of the language that many experienced JavaScript programmers simply avoid.The series’ first book, Up & Going, provides the necessary background for those of you with limited programming experience. By learning the basic building blocks of programming, as well as JavaScript’s core mechanisms, you’ll be prepared to dive into the other, more in-depth books in the series—and be well on your way toward true JavaScript.With this book you will:
Learn the essential programming building blocks, including operators, types, variables, conditionals, loops, and functions
Become familiar with JavaScript's core mechanisms such as values, function closures, this, and prototypes
Get an overview of other books in the series—and learn why it’s important to understand all parts of JavaScript