3 Book Reviews: Ubuntu Titles
Moving to Ubuntu - Marcel Gagne
The Official Ubuntu Book - Benjamin Mako et. al.
Ubuntu Unleashed - Andrew Hudson, Paul Hudson
I received 3 Ubuntu titles and thought it might be useful to compare them. Ubuntu is a fairly recent Linux distribution that strives to be usable out of the box, with strong support. It has deep pockets and a thriving community behind it. You can get a free, fully-functional installation and livecd just for asking, or downloading. I admire a lot of the design choices that went into Ubuntu, such as limiting the use of the all-powerful root account, which can get people into trouble. The bare-bones server install is the cleanest Linux server I've seen - *no* open ports, minimal services. Just enough to log in at a console and then install what you want. On the other hand, if you want a LAMP server (Linux, Apache, MySQL, and PHP - the most popular combination on the internet), that's a one button install! Brilliant!
The only thing I don't like is the iptables firewall. A "linux for everyone" needs an easier firewall to deal with. (I love pf, written for OpenBSD and now showing up on other systems.)
I think all three books are pretty good, and your choice will depend on your technical level and religious ferver. If you are uncomfortable with computers, I think _Moving to Ubuntu_ is your best choice. If you are somewhat comfortable and into the philosophy behind Ubuntu, _the Official Ubuntu book_ is your best choice. If you are unintimidated by the topic, _Ubuntu Unleashed_ has the most detailed technical coverage.
Moving to Ubuntu - Marcel Gagne
This is the most approachable of the three books. Gagne has an enthusiastic, conversational, even narrative approach to the material. The audience is people stuck using Windows desktops because they don't know any Linux nerds willing to help them. I think it's a terrific book, and it showed me some cool things to do on the desktop. I use Linux mainly for servers.
It covers productivity apps very well. One quibble: he introduces GAIM, for chatting on various systems, and then introduces another tool for IRC, which GAIM handles just fine. The multimedia coverage is the best of the three books. The section on games is good as well, and I like his approach of getting a teenage nephew to recommend the best Linux games.
Like Ubuntu Unleashed, this book has a lot of material lifted from earlier works. I don't think that's a bad thing if the material lifted is generic. In this case, Gagne uses material from the slightly earlier _Moving to Linux_, which mostly used on one (non-Ubuntu) distro and mentioned some differences. Unlike _Ubuntu Unleashed_, the material was applied carefully. They even updated some things that didn't have to be, like an illustration in _MTL_ that had a graphic with a logo reading, "Welcome to Linux". In _MTU_ they cared enough to change it to "Welcome to Ubuntu". The chapters on Open Office are the same - and that's appropriate because Open Office IS the same. The GIMP is the same. So I think it's appropriate for the chapters to be the same.
Gagne pays some attention to the Ubuntu community ethos, but he's mostly concerned with showing someone unfamiliar with the system how to do the things they are most likely to want to do.
A good book, GREAT for newbies.
The Official Ubuntu Book - Benjamin Mako Hill, et. al.
This is at a midpoint in complexity. It is the strongest of the three in describing Ubuntu the phenomenon, rather than Ubuntu the tool. They honor their antecedents (especially the Debian distribution on which Ubuntu is built) and support projects built off of an Ubuntu base. The committment to the Open Source/Free Software community is very strong: even the book is Open Source, meaning you can copy, improve, and distribute it! Good technical details, few editing mistakes.
One area where this exceeds even Ubuntu Unleased in technical detail is in the future of the server side. While not yet ready, there are features that will make Ubuntu more suitable for server farms and clusters than it currently is. They also describe high end features like support for Red Hat's Cluster suite. Ubuntu Unleashed doesn't mention that, even though it is a retailored version of Fedora Unleased.
There are good points and advice throughout, and I picked up some neat tricks and tools. For example, I hadn't heard about zcat, zgrep, and zless, which work on gzipped files without requiring you to unzip them. Cool!
In the installation section, they include some useful tips like how to switch to another console in case you need to do something in the middle of the install. (I had to do that last week.) There's great information on setting up partitions, including one tip to separate /var/spool and /var/log because both can fill up if there's a glitch of some kind. I've long put /var on a separate partition, but that's an additional level I may adopt.
KDE is another desktop environment (Gnome is the default). TOUB gives the KDE flavor of Ubuntu, Kubuntu, full and fair treatment. Ubuntu Unleashed crams in a little Kubuntu stuff here and there.
I liked the treatment of bug reports in Chapter 6. That's the most realistic way the average user can make a contribution - catching and describing bugs in a useful way.
The discussion of scheduling jobs through cron was very good. I learned some stuff I hadn't heard before, such as using lists and ranges of times.
A couple of issues:
There is some very bad password advice on page 40, where the authors essentially suggest running a dictionary word through a 'leet-speak' filter, turning something like 'password' into p455w0rd' (substituting 4 for A, 5 for S, 0 for O). The bad guys crack this easily.
The discussion of the X-windows client and server on page 53 probably only makes sense to those who already understand what's going on.
The troubleshooting section for hardware was a little weak. "Want to watch DVDs? Check the forums." "Want to install a Tivo-like package? Check the forums." The book does a good job of describing the approach to software licenses and the exclusion of packages that aren't 100% free. But it doesn't do such a good job of how an individual can add those parts after the install. For example, playing dvd movies requires some additional libraries and the book doesn't provide much guidance. (Google "decss ubuntu" for starters)
I mentioned the editing is pretty good, no huge glitches. The chapter subtopic is wrong on 319-329: an earlier topic got stuck, I guess.
In sum, a good book and a great introduction to the Ubuntu community. Get this book if you want a family as much as an operating system.
Ubuntu Unleashed - Andrew Hudson, Paul Hudson
This is the most detailed of the three titles. It's aimed at a more technically proficient audience than the other two. It has the highest page count, and there's more print on the page. It also has the most demanding writing style; the other two are more conversational (especially MTU). It's perfectly clear, but the tone is not as reassuring to newbies. I think a Linux newbie who was fairly technical would still be comfortable, and it presupposes very little knowledge. It's mostly a matter of tone.
Part I, Installation and Configuration is about 260 pages.
Part II, System Administration, is about 170 pages.
Part III, Ubuntu as a server, is about 175 pages. It introduces Apache, Postfix, and other services.
Part IV, Programming, introduces Perl, Python, PHP, and some tools to use with C/C++ (but nothing on those languages themselves)
Part V, Housekeeping revists and amplifies Part II.
The good: I really like the organization. The other books are laid out for someone who has just installed, or is about to install,Ubuntu. This one expects that you will read much more material before hitting the keyboard. That's not a bad thing, for its audience. Home users won't have a lot of use for the mass deployment advice, for example, but IT folks might. In particular, this is the only book of the three to cover using Kickstart to automate installation.
I like how it gives two tables of contents, one brief, one detailed. (The detailed table of contents is 23 pages! The index is 62, but misses some keywords.) Each chapter recaps important commands, and provides links for further information. That's a great template I wish other books would adopt.
It briefly covers the history of Linux and the Ubuntu distribution of Linux. The other two books are a bit more evangelical about Ubuntu. This intro is more for the "Just the Facts, Ma'am" crowd. It is enthusiastic about Open Source and Linux in general.
They lift material from other books, especially Fedora Core Unleashed. That's not a bad thing - is it necessary come up with a new way to describe how TCP/IP works for each book you write? There's a lot of generic information that applies to most distros. A book that was only about Ubuntu and not general system administration would be pretty weak, in my opinion. This has a lot of good information about
running your system.
It introduces servers like the Postfix email server, and programming languages like Perl. Huge books are written on some of these topics, so you might wonder whether there was any point in a short chapter on them. In most cases, I'd say there is some point. You may not master Perl with what they give you, but you might be able to figure out some things. The Sguid proxy server treatment is short but could be very useful.
The Bad: The book was hastily thrown together, lifting or adapting a lot of material from Fedora Core Unleashed. As I said earlier, the repetition of material is not bad if the material is generic. But I don't expect to hear a lot about obtaining RPMs (software packages used by Fedora, among many other distros, but NOT by Ubuntu) in an Ubuntu book. At one point, they actually refer to Ubuntu Core! I'd lay odds there was a search and replace function used to swap "Ubuntu" for "Fedora" when it should have been for "Fedora Core." At another, they refer to different backup applications being available to the "business oriented" version. Ubuntu doesn't segment itself this way - that's a Redhat characteristic. There are tools mentioned that just aren't part of Ubuntu, as well.
The Security Chapter is terrible. It even describes itself as "all you need", but it isn't remotely enough. I give the other two books a pass because they are mostly aimed at users, not system administrators. This book needs a third coauthor who is well-versed in locking down internet-facing linux boxes.
A minor thing - the book is riddled with examples that will be dated before it goes out of print: hard drive prices and capacities, etc.
Chapter Notes - lots of nit-picks. Like I said, this is a good book overall.
Chapter One: Good short history, covers the bases of why this Matters.
Chapter Two: Good hardware compatibility resources. Useful USB incompatibility warning. Partition info is good - hint on partition for laptop suspend.
Chapter Three: it's customary when providing an example password to advise against using the example on your own systems - the examples often wind up in password cracking databases.
Chapter Four: Post-Install Config. Good tip on making a backup copy of each
Chapter Five: really nice description of the file system layout.
Chapter Six: X-Windows. It misses a chance to show how to set up a remote session. This is handled elsewhere, but why not here?
Chapter Seven: Software. This chapter is missing a section on dpkg, which is the underlying package management tool used by the other tools they talk about. They discuss it much later.
Chapter 8: Browsing/Email - good discussion of using mail from the command line (useful for scripts!)
Chapter 9: Productivity. Glosses over the use of Open Office, which is probably o.k. The audience can figure that out or get an Open Office book. Overstates coverage of groupware in Chapter 8 - it wasn't "in detail". Good call to plug Codeweavers for running native MS Office. Some people have to...
Chapter 10: Multimedia. This chapter suffers most from its origins in Fedora Unleashed. It's riddled with references to RPMs. Installing a t.v. card requires editing kernel modules, should refer to Chapter 35.
Chapter 11: Image Manipulation. VERY BAD ADVICE telling people to enable remote X sessions by entering xhost+ This is unfathomable!
Chapter 12: Printing. Pretty much just a UI run-through.
Chapter 13: Games. Good coverage, nice to know that the main first person shooters are available natively. Also good to know about Cedega, a games-oriented emulation package. Another Redhat-ism: Cedega is "not available via Yum"
Chapter 14: Users. Good coverage of user accounts, including those used by system services. Learned some stuff. User disk space quotas are mentioned, but I found the discussion unclear. User Accounting is a useful tool for security as well as old-fashioned timeshare billing, and they cover it pretty well. Really odd advice that you can edit /etc/shadow with a text editor. This is unsound.
Chapter 15: Automating Tasks. This was great. I learned new stuff, like scheduling jobs for a list or range of times. I liked the shell script introduction. There's an odd reference to Tripwire and Logwatch being included. You can install them, but they aren't included by default. Maybe another Fedora leakage? I liked the shell
script examples, but would have liked to see a few more, especially for the If clauses.
Chapter 16: System Monitoring. I learned good stuff about Top, time, and watch. Vmstat is a new one to me.
Chapter 17: Backups. It's arguably out of scope, but I think that they should mention that these days backup tapes have to be handled like evidence, with a chain of custody and logged distruction/wiping/disposal. Really liked the coverage of tar,
learned about incremental backups with it. dd coverage good, especially the warning about confusing source and target. Odd discussion of KDE gui backup tools - "archive has...function of system administrator...no GUI necessary" This applies equally to the Gnome tools like File Roller. Why say this in section on KDE tools? Liked the mc tool, but there is no package available for Ubuntu. They refer to obsolete rcp command, and say they previously mentioned it. I don't think they did! The index doesn't cover it. Big confusion in ext2/ext3 undelete: you can't undelete in
ext3 file system! ext2fs doesn't have the information available to do that. They need to make that VERY CLEAR, rather than misinforming you about undeleting. Good recovery information. GRUB boot floppy -great idea.
Chapter 18. Networking. Good explanation of purpose and use of loopback. Chapter needs editing. Private IP space handled twice, once incorrectly. They provide a good link to info on wifi adapters. Subnetting is pretty muddled, but should't hurt anyone who actually has to do it. The discussion of fiber optic cable is oddly wrong in one section, after getting it right in a previous section. It is not a 100 mbs media. It's 10mbps, 100mbps, 1 gig, 10 gig...depends on fiber characteristics, length, and the devices attached.
Chapter 20: Web Servers. Is C really one of the most popular CGI languages? I'd think PHP, C#, VN, Python...
Chapter 21: Nice comparison of MySQL vs. Postgres, and what type of tables you need in MySQL to get certain features.
Chapter 22: Good NFS intro, I think. Samba references really ought to include "The Official Samba How-to and Reference Guide" (TOSHARG). The section describes stand alone file servers, but you can set up a full-fledged NT 4.0 style domain with Samba. You should at least mention it and give a pointer to more info.
Chapter 23: ftp. Good emphasis on insecurity of this clear-text protocol.
Chapter 24: email. Typo/brain cramp in Qmail section: "Postfix is designed to be easier..." but we're reading about Qmail. Exim is claimed to be more secure than either Postfix or Qmail, but Qmail has an unclaimed bounty for any security related bugs. Word choice: "Postfix is...recommended client." An MTA is a client? Hmm. Good overview of Exchange alternatives.
Chapter 25: Proxy. Good examples for using access control lists in Squid to limit connections by source/destination and content. Should be useful to get up to speed.
Chapter 27: Perl is a backronym. The name was chosen and only later turned into an acronym. There are two, equally correct and they should have mentioned "Pathologically Eclectic Rubbish Lister" Lots of great Perl books, some as big as this one. This serves as a quick intro and maybe refresher.
Chapter 30: C/C++. Doesn't address language, unlike previous chapters on Python, PHP, etc. Just tools. Debuggers, development environments, etc.
Chapter 31: Securing the Host. Most disappointing chapter in the book. And there's even a claim that all you need is in this section. While Nessus may not identify weaknesses based on patch level as the book claims, it can do deeper tests and see if a vulnerability is really present. Nmap is NOT a substitute. For firewall configs, it claims that gnome-lokkit (for GUI) and lokkit (for cli) are included. They aren't and don't appear to be part of the Ubuntu repository. This looks like another Redhat-ism. There's nothing on mounting file systems with suid limitations, using a central log server so you can trust the logs, exporting the tripwire database so an intruder can't just register the trojanned binaries. There's so much you can and
should do, and it is not covered at all. CERT has checklists, SANS has checklists, there's a wealth of information out there that they could point us to if they aren't up to covering it themselves. I'd scrap the whole chapter and start fresh in another edition.
Chapter 32: Tuning. This has good info on hard drive tuning. Major clue - disable atime for partitions seeing many writes/second. Each atime update is another write.
Chapter 33: Shell Master Class. Revisits the command line, really good information. I learned a lot about the less command, and screen.
Chapter 34: Advanced Apt. Good coverage of (finally) dpkg and aptitude. I'd call it complete.
Chapter 35: Kernel maintenance. Good info on kernel modules. I can't swear the kernel patching stuff is good (no direct experience) but it looks complete.
Appendix A: references are good. Mailing lists, chat rooms, websites. Seems complete.
Moving to Ubuntu - Marcel Gagne
The Official Ubuntu Book - Benjamin Mako et. al.
Ubuntu Unleashed - Andrew Hudson, Paul Hudson
I received 3 Ubuntu titles and thought it might be useful to compare them. Ubuntu is a fairly recent Linux distribution that strives to be usable out of the box, with strong support. It has deep pockets and a thriving community behind it. You can get a free, fully-functional installation and livecd just for asking, or downloading. I admire a lot of the design choices that went into Ubuntu, such as limiting the use of the all-powerful root account, which can get people into trouble. The bare-bones server install is the cleanest Linux server I've seen - *no* open ports, minimal services. Just enough to log in at a console and then install what you want. On the other hand, if you want a LAMP server (Linux, Apache, MySQL, and PHP - the most popular combination on the internet), that's a one button install! Brilliant!
The only thing I don't like is the iptables firewall. A "linux for everyone" needs an easier firewall to deal with. (I love pf, written for OpenBSD and now showing up on other systems.)
I think all three books are pretty good, and your choice will depend on your technical level and religious ferver. If you are uncomfortable with computers, I think _Moving to Ubuntu_ is your best choice. If you are somewhat comfortable and into the philosophy behind Ubuntu, _the Official Ubuntu book_ is your best choice. If you are unintimidated by the topic, _Ubuntu Unleashed_ has the most detailed technical coverage.
Moving to Ubuntu - Marcel Gagne
This is the most approachable of the three books. Gagne has an enthusiastic, conversational, even narrative approach to the material. The audience is people stuck using Windows desktops because they don't know any Linux nerds willing to help them. I think it's a terrific book, and it showed me some cool things to do on the desktop. I use Linux mainly for servers.
It covers productivity apps very well. One quibble: he introduces GAIM, for chatting on various systems, and then introduces another tool for IRC, which GAIM handles just fine. The multimedia coverage is the best of the three books. The section on games is good as well, and I like his approach of getting a teenage nephew to recommend the best Linux games.
Like Ubuntu Unleashed, this book has a lot of material lifted from earlier works. I don't think that's a bad thing if the material lifted is generic. In this case, Gagne uses material from the slightly earlier _Moving to Linux_, which mostly used on one (non-Ubuntu) distro and mentioned some differences. Unlike _Ubuntu Unleashed_, the material was applied carefully. They even updated some things that didn't have to be, like an illustration in _MTL_ that had a graphic with a logo reading, "Welcome to Linux". In _MTU_ they cared enough to change it to "Welcome to Ubuntu". The chapters on Open Office are the same - and that's appropriate because Open Office IS the same. The GIMP is the same. So I think it's appropriate for the chapters to be the same.
Gagne pays some attention to the Ubuntu community ethos, but he's mostly concerned with showing someone unfamiliar with the system how to do the things they are most likely to want to do.
A good book, GREAT for newbies.
The Official Ubuntu Book - Benjamin Mako Hill, et. al.
This is at a midpoint in complexity. It is the strongest of the three in describing Ubuntu the phenomenon, rather than Ubuntu the tool. They honor their antecedents (especially the Debian distribution on which Ubuntu is built) and support projects built off of an Ubuntu base. The committment to the Open Source/Free Software community is very strong: even the book is Open Source, meaning you can copy, improve, and distribute it! Good technical details, few editing mistakes.
One area where this exceeds even Ubuntu Unleased in technical detail is in the future of the server side. While not yet ready, there are features that will make Ubuntu more suitable for server farms and clusters than it currently is. They also describe high end features like support for Red Hat's Cluster suite. Ubuntu Unleashed doesn't mention that, even though it is a retailored version of Fedora Unleased.
There are good points and advice throughout, and I picked up some neat tricks and tools. For example, I hadn't heard about zcat, zgrep, and zless, which work on gzipped files without requiring you to unzip them. Cool!
In the installation section, they include some useful tips like how to switch to another console in case you need to do something in the middle of the install. (I had to do that last week.) There's great information on setting up partitions, including one tip to separate /var/spool and /var/log because both can fill up if there's a glitch of some kind. I've long put /var on a separate partition, but that's an additional level I may adopt.
KDE is another desktop environment (Gnome is the default). TOUB gives the KDE flavor of Ubuntu, Kubuntu, full and fair treatment. Ubuntu Unleashed crams in a little Kubuntu stuff here and there.
I liked the treatment of bug reports in Chapter 6. That's the most realistic way the average user can make a contribution - catching and describing bugs in a useful way.
The discussion of scheduling jobs through cron was very good. I learned some stuff I hadn't heard before, such as using lists and ranges of times.
A couple of issues:
There is some very bad password advice on page 40, where the authors essentially suggest running a dictionary word through a 'leet-speak' filter, turning something like 'password' into p455w0rd' (substituting 4 for A, 5 for S, 0 for O). The bad guys crack this easily.
The discussion of the X-windows client and server on page 53 probably only makes sense to those who already understand what's going on.
The troubleshooting section for hardware was a little weak. "Want to watch DVDs? Check the forums." "Want to install a Tivo-like package? Check the forums." The book does a good job of describing the approach to software licenses and the exclusion of packages that aren't 100% free. But it doesn't do such a good job of how an individual can add those parts after the install. For example, playing dvd movies requires some additional libraries and the book doesn't provide much guidance. (Google "decss ubuntu" for starters)
I mentioned the editing is pretty good, no huge glitches. The chapter subtopic is wrong on 319-329: an earlier topic got stuck, I guess.
In sum, a good book and a great introduction to the Ubuntu community. Get this book if you want a family as much as an operating system.
Ubuntu Unleashed - Andrew Hudson, Paul Hudson
This is the most detailed of the three titles. It's aimed at a more technically proficient audience than the other two. It has the highest page count, and there's more print on the page. It also has the most demanding writing style; the other two are more conversational (especially MTU). It's perfectly clear, but the tone is not as reassuring to newbies. I think a Linux newbie who was fairly technical would still be comfortable, and it presupposes very little knowledge. It's mostly a matter of tone.
Part I, Installation and Configuration is about 260 pages.
Part II, System Administration, is about 170 pages.
Part III, Ubuntu as a server, is about 175 pages. It introduces Apache, Postfix, and other services.
Part IV, Programming, introduces Perl, Python, PHP, and some tools to use with C/C++ (but nothing on those languages themselves)
Part V, Housekeeping revists and amplifies Part II.
The good: I really like the organization. The other books are laid out for someone who has just installed, or is about to install,Ubuntu. This one expects that you will read much more material before hitting the keyboard. That's not a bad thing, for its audience. Home users won't have a lot of use for the mass deployment advice, for example, but IT folks might. In particular, this is the only book of the three to cover using Kickstart to automate installation.
I like how it gives two tables of contents, one brief, one detailed. (The detailed table of contents is 23 pages! The index is 62, but misses some keywords.) Each chapter recaps important commands, and provides links for further information. That's a great template I wish other books would adopt.
It briefly covers the history of Linux and the Ubuntu distribution of Linux. The other two books are a bit more evangelical about Ubuntu. This intro is more for the "Just the Facts, Ma'am" crowd. It is enthusiastic about Open Source and Linux in general.
They lift material from other books, especially Fedora Core Unleashed. That's not a bad thing - is it necessary come up with a new way to describe how TCP/IP works for each book you write? There's a lot of generic information that applies to most distros. A book that was only about Ubuntu and not general system administration would be pretty weak, in my opinion. This has a lot of good information about
running your system.
It introduces servers like the Postfix email server, and programming languages like Perl. Huge books are written on some of these topics, so you might wonder whether there was any point in a short chapter on them. In most cases, I'd say there is some point. You may not master Perl with what they give you, but you might be able to figure out some things. The Sguid proxy server treatment is short but could be very useful.
The Bad: The book was hastily thrown together, lifting or adapting a lot of material from Fedora Core Unleashed. As I said earlier, the repetition of material is not bad if the material is generic. But I don't expect to hear a lot about obtaining RPMs (software packages used by Fedora, among many other distros, but NOT by Ubuntu) in an Ubuntu book. At one point, they actually refer to Ubuntu Core! I'd lay odds there was a search and replace function used to swap "Ubuntu" for "Fedora" when it should have been for "Fedora Core." At another, they refer to different backup applications being available to the "business oriented" version. Ubuntu doesn't segment itself this way - that's a Redhat characteristic. There are tools mentioned that just aren't part of Ubuntu, as well.
The Security Chapter is terrible. It even describes itself as "all you need", but it isn't remotely enough. I give the other two books a pass because they are mostly aimed at users, not system administrators. This book needs a third coauthor who is well-versed in locking down internet-facing linux boxes.
A minor thing - the book is riddled with examples that will be dated before it goes out of print: hard drive prices and capacities, etc.
Chapter Notes - lots of nit-picks. Like I said, this is a good book overall.
Chapter One: Good short history, covers the bases of why this Matters.
Chapter Two: Good hardware compatibility resources. Useful USB incompatibility warning. Partition info is good - hint on partition for laptop suspend.
Chapter Three: it's customary when providing an example password to advise against using the example on your own systems - the examples often wind up in password cracking databases.
Chapter Four: Post-Install Config. Good tip on making a backup copy of each
Chapter Five: really nice description of the file system layout.
Chapter Six: X-Windows. It misses a chance to show how to set up a remote session. This is handled elsewhere, but why not here?
Chapter Seven: Software. This chapter is missing a section on dpkg, which is the underlying package management tool used by the other tools they talk about. They discuss it much later.
Chapter 8: Browsing/Email - good discussion of using mail from the command line (useful for scripts!)
Chapter 9: Productivity. Glosses over the use of Open Office, which is probably o.k. The audience can figure that out or get an Open Office book. Overstates coverage of groupware in Chapter 8 - it wasn't "in detail". Good call to plug Codeweavers for running native MS Office. Some people have to...
Chapter 10: Multimedia. This chapter suffers most from its origins in Fedora Unleashed. It's riddled with references to RPMs. Installing a t.v. card requires editing kernel modules, should refer to Chapter 35.
Chapter 11: Image Manipulation. VERY BAD ADVICE telling people to enable remote X sessions by entering xhost+ This is unfathomable!
Chapter 12: Printing. Pretty much just a UI run-through.
Chapter 13: Games. Good coverage, nice to know that the main first person shooters are available natively. Also good to know about Cedega, a games-oriented emulation package. Another Redhat-ism: Cedega is "not available via Yum"
Chapter 14: Users. Good coverage of user accounts, including those used by system services. Learned some stuff. User disk space quotas are mentioned, but I found the discussion unclear. User Accounting is a useful tool for security as well as old-fashioned timeshare billing, and they cover it pretty well. Really odd advice that you can edit /etc/shadow with a text editor. This is unsound.
Chapter 15: Automating Tasks. This was great. I learned new stuff, like scheduling jobs for a list or range of times. I liked the shell script introduction. There's an odd reference to Tripwire and Logwatch being included. You can install them, but they aren't included by default. Maybe another Fedora leakage? I liked the shell
script examples, but would have liked to see a few more, especially for the If clauses.
Chapter 16: System Monitoring. I learned good stuff about Top, time, and watch. Vmstat is a new one to me.
Chapter 17: Backups. It's arguably out of scope, but I think that they should mention that these days backup tapes have to be handled like evidence, with a chain of custody and logged distruction/wiping/disposal. Really liked the coverage of tar,
learned about incremental backups with it. dd coverage good, especially the warning about confusing source and target. Odd discussion of KDE gui backup tools - "archive has...function of system administrator...no GUI necessary" This applies equally to the Gnome tools like File Roller. Why say this in section on KDE tools? Liked the mc tool, but there is no package available for Ubuntu. They refer to obsolete rcp command, and say they previously mentioned it. I don't think they did! The index doesn't cover it. Big confusion in ext2/ext3 undelete: you can't undelete in
ext3 file system! ext2fs doesn't have the information available to do that. They need to make that VERY CLEAR, rather than misinforming you about undeleting. Good recovery information. GRUB boot floppy -great idea.
Chapter 18. Networking. Good explanation of purpose and use of loopback. Chapter needs editing. Private IP space handled twice, once incorrectly. They provide a good link to info on wifi adapters. Subnetting is pretty muddled, but should't hurt anyone who actually has to do it. The discussion of fiber optic cable is oddly wrong in one section, after getting it right in a previous section. It is not a 100 mbs media. It's 10mbps, 100mbps, 1 gig, 10 gig...depends on fiber characteristics, length, and the devices attached.
Chapter 20: Web Servers. Is C really one of the most popular CGI languages? I'd think PHP, C#, VN, Python...
Chapter 21: Nice comparison of MySQL vs. Postgres, and what type of tables you need in MySQL to get certain features.
Chapter 22: Good NFS intro, I think. Samba references really ought to include "The Official Samba How-to and Reference Guide" (TOSHARG). The section describes stand alone file servers, but you can set up a full-fledged NT 4.0 style domain with Samba. You should at least mention it and give a pointer to more info.
Chapter 23: ftp. Good emphasis on insecurity of this clear-text protocol.
Chapter 24: email. Typo/brain cramp in Qmail section: "Postfix is designed to be easier..." but we're reading about Qmail. Exim is claimed to be more secure than either Postfix or Qmail, but Qmail has an unclaimed bounty for any security related bugs. Word choice: "Postfix is...recommended client." An MTA is a client? Hmm. Good overview of Exchange alternatives.
Chapter 25: Proxy. Good examples for using access control lists in Squid to limit connections by source/destination and content. Should be useful to get up to speed.
Chapter 27: Perl is a backronym. The name was chosen and only later turned into an acronym. There are two, equally correct and they should have mentioned "Pathologically Eclectic Rubbish Lister" Lots of great Perl books, some as big as this one. This serves as a quick intro and maybe refresher.
Chapter 30: C/C++. Doesn't address language, unlike previous chapters on Python, PHP, etc. Just tools. Debuggers, development environments, etc.
Chapter 31: Securing the Host. Most disappointing chapter in the book. And there's even a claim that all you need is in this section. While Nessus may not identify weaknesses based on patch level as the book claims, it can do deeper tests and see if a vulnerability is really present. Nmap is NOT a substitute. For firewall configs, it claims that gnome-lokkit (for GUI) and lokkit (for cli) are included. They aren't and don't appear to be part of the Ubuntu repository. This looks like another Redhat-ism. There's nothing on mounting file systems with suid limitations, using a central log server so you can trust the logs, exporting the tripwire database so an intruder can't just register the trojanned binaries. There's so much you can and
should do, and it is not covered at all. CERT has checklists, SANS has checklists, there's a wealth of information out there that they could point us to if they aren't up to covering it themselves. I'd scrap the whole chapter and start fresh in another edition.
Chapter 32: Tuning. This has good info on hard drive tuning. Major clue - disable atime for partitions seeing many writes/second. Each atime update is another write.
Chapter 33: Shell Master Class. Revisits the command line, really good information. I learned a lot about the less command, and screen.
Chapter 34: Advanced Apt. Good coverage of (finally) dpkg and aptitude. I'd call it complete.
Chapter 35: Kernel maintenance. Good info on kernel modules. I can't swear the kernel patching stuff is good (no direct experience) but it looks complete.
Appendix A: references are good. Mailing lists, chat rooms, websites. Seems complete.
posted by JimmytheGeek at 9:31 PM
0 Comments:
Post a Comment
<< Home