- Introduction to the Second Edition
- Who Should Read This Book?
- How This Book Is Organized
- What Are You Protecting?
- Who Are Your Enemies?
- What They Hope to Accomplish
- Costs: Protection versus Break-Ins
- Protecting Hardware
- Protecting Network and Modem Access
- Protecting System Access
- Protecting Files
- Preparing for and Detecting an Intrusion
- Recovering from an Intrusion
1.12 Preparing for and Detecting an Intrusion
Periodically, security holes in programs are detected and, unfortunately, some are discovered by crackers poring over the source or experimenting. While some detractors claim that this is a weakness of Linux, the reality is that with so many people looking at the code, problems are found and fixed quickly, frequently within a day. It is this author's experience that a closed-source vendor will take from a month to a year to fix many serious problems. An intelligent person does not leave burning candles unattended nor does she smoke in bed, but still installs smoke detectors and carries insurance. We look at many important steps to take in preparing for a possible intrusion and for detecting attempts and even the rare successful intrusion.