This is a great book and a great series. Tons of great tips and quickly becomes and awesome reference guide.

A very good organization, I recommend those for whom security is important, but who don't want complications.

This second edition of Network Security Hacks is a collection of 125 powerful security techniques. This volume demonstrates effective methods for defending your servers and networks from a variety of devious and subtle attacks. Within this book are examples of how to detect the presence and track every keystroke of network intruders, methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be hackers. Many important security tools are presented, as well as interesting ways for using them to reveal useful information about your network's activity. There is mention in the beginning of the book about "code", but I haven't run across any yet. The closest thing I found to code were forms of command lines for various network tools and expected typical responses. So if you are not a programmer, don't be scared away. The following is the table of contents:

Chapter 1, Unix Host Security, demonstrates advanced techniques for hardening your Linux, FreeBSD, or OpenBSD server.

Chapter 2, Windows Host Security, covers many important steps that Windows administrators often overlook, including tightening down permissions, auditing all system activity, and eliminating security holes that are present in the default Windows installation.

Chapter 3, Privacy and Anonymity, discusses several ways to protect oneself online by offering solutions for encrypting email, remaining anonymous, and managing passwords for web sites.

Chapter 4, Firewalling, shows how to set up firewalls under various operating systems, such as Linux, OpenBSD, FreeBSD, and Windows. Different filtering and firewall testing techniques are also covered in this chapter.

Chapter 5, Encrypting and Securing Services, shows how provide secure services for SMTP, IMAP, POP3, Apache, and MySQL.

Chapter 6, Network Security, demonstrates some tools and techniques used to attack servers using the network itself, as well as methods for preventing these attacks.

Chapter 7, Wireless Security, includes only a handful of very useful hacks. Whether you want to share your network with others and still maintain a semblance of security, or lock down your wireless network with fine-grained authentication, this chapter has something for you.

Chapter 8, Logging, shows you how to balance the need for information with the need for brevity by automatically collecting, processing, and protecting your system logs.

Chapter 9, Monitoring and Trending, presents a number of tools and methods for watching your network and services over time, allowing you to recognize trends that will aid in future planning and enable you to tell at a glance when something just isn't right.

Chapter 10, Secure Tunnels, shows you how to implement powerful VPN technologies, including IPSec, PPTP, and OpenVPN. You will also find techniques for protecting services using SSL, SSH, and other strong encryption tools.

Chapter 11, Network Intrusion Detection, centers on the tremendously popular NIDS tool Snort and presents many techniques and add-ons that unleash this powerful tool's full potential. Also presented are methods for setting up your own "honeypot" network to attract and confuse would-be system crackers.

Chapter 12, Recovery and Response, contains suggestions on how to verify your system's integrity, preserve evidence for later analysis, and track down the human being at the other end of undesirable network traffic.

I would recommend this book to any network security professional. However, I think it is too advanced for someone who is just interested in the profession or someone who is tinkering with a home network on an amateur basis. There is no "beginner's material" to be found in this book, and it will likely be over your head if you are not already working in the field.

"Network Security Hacks" Second Edition
by: Andrew Lockhart
O'Reilly Media, Inc. 2007
ISBN: 10: 0-596-52763-2

Network Security Hacks is more advanced than some of the other "Hacks series" books.
Explains the why and how of securing your Unix, Linux, or Windows servers. Protect your data and your users form outside threats, using the detailed examples in this book. Not for beginners, this book is intended for experienced administrators, already familiar with server configurations.

O'Reilly's Hacks series have been hit or miss; mostly hits, and this second edition is no exception. Lockhart and friends bring together a set of tips and tricks in the classic O'Reilly form, and cover a scattershot of topics that people like to know.

There's over 100 hacks here, and I can't possibly cover them all. I'll pick and choose topics to illustrate why I think this book is a success. As other reviewers have noted, this book focuses on Linux and BSD security, but it does cover Windows in a decent amount. This probably reflects the community's choice of OSes (but does under represent some OS X specifics), and the availability of tools and techniques.

Chapter 1, covering 20-some hacks, covers UNIX host-level security. A lot of it is stuff you've seen before, but some of it is stuff that's hard to find (ie Systrace setups, sandboxing services), or so disparate that it's nice to have it all in one place. Chapter 2 covers over a dozen hacks for Windows that are similar, securing your Windows host.

The chapters on privacy (3), encrypting services (5), and tunneling (Chapter 10) are pretty good. They're tight, well written, and clear enough that an intermediate network or system administrator could do well. I liked that chapter 4 covered firewalling for PF on BSD, Linux's Netfilter, and the Windows firewall all similarly. The hacks on VPNs using various tools are great, they're clear in an amazingly short space.

Network and wireless security get a fair shake, and you can even learn how to scan the network for viruses, detect ARP attacks, deploy a captive portal, and assess your systems for vulnerabilities. Again, a nice spread of topics, most of them well covered in a short space.

NIDS topics get their own chapter, and things like Snort setup, maintenance, and even the basics of rule writing get covered. You'll even get an intro to Honeyd for your time.

I would have liked to have seen Chapter 12 on recovery and response get a lot more time and effort, I think it's sorely needed. Perhaps if everyone writes a hack for this chapter they'll add them to the third edition.

All in all a good book for a skilled, intermediate level system and network administrator. This book carries on the hacks series with style and skill, and delivers almost everything in a small package.