So, Are You Going to Show Us How to Break into Systems?
No, the purpose of the dialog at the beginning of this chapter is to illustrate the types of activities that occur all too frequently. The intent of this book is to provide you with skills, knowledge, and tools that will allow you to better prepare your systems for use in environments where you do not always know who is accessing what. The techniques and methods discussed are all from the perspective of restricting use to authorized access and making it as difficult as possible for crackers to gain unauthorized access.
This book is how-to oriented. This means that we will discuss the ways in which various utilities may be used to help protect your environment. What you should do in terms of implementing security at your site is largely left to other texts. While we make recommendations throughout this book, nothing can replace a good organizational security policy (discussed in Chapter 2). Also, we provide references at the end of each chapter if you wish to further investigate each topic we discuss. You will find that many of these references discuss the particulars of what ought to be done to maintain good security generally.
Before we get into the details of using publicly available tools to help secure your Linux1 system(s), we spend the rest of this chapter discussing the types of vulnerabilities and attacks that are in common use today. We do not detail how they work; rather, we define their characteristics so that you have an understanding of what they are. You can also find additional information through the references cited in "For Further Reading."