Link to this post 17 Feb 12

My favorite books are:
Special Ops:
Hack Proofing Linux:
Guide to Network Defense and Countermeasures:

Honestly security tactics and techniques change so often that books on the subject are outdated before they are published. You can use some of the information from the books as reference for past methods and to teach you the basic techniques, but the only way to really know what is going on is to get some hands on experience.

To really understand what is going on I highly recommend setting up a snort ( ) server in a detached network and running attacks against various operating systems and applications from the backtrack disk, that logged traffic will show you common patterns and attack portals.

Ipcop is a user friendly firewall solution, personally I prefer scripting modifications to a stock iptables firewall than going through a gui or restricted setup. You can see my firewall script from a couple of revisions ago at

As for what distributions I use, I am a loyal slackware user. Pat's diligence in testing software, watching vulnerabilities and simplifying the installation base makes is very easy to build a very secure system. I consider the lack of PAM and SeLinux a benefit because it removed the potential for configuration mistakes and eliminates the vulnerabity histories of that software from my mind. An important rule is to keep your security solutions simple, the simplicity reduces complexity and attack vectors.

Link to this post 17 Feb 12

Great answer, mfillpot. I can work with that. Thank you.

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board