Jaime Frutos Morales's blog


Book Review: Samba 3 by Example

Filed under: Books, Linux, SysAdmin — acidborg @ 20:57

Last week, I finished reading “Samba-3 by Example. Practical exercises in successful Samba deployment” by John H. Terpstra.
Samba 3 by example
What makes this book worth reading is the approach that the author makes to the different configurations of a Samba network depending on the users’ requisites, the available hardware and the expertise of the sysadmin. He starts with a basic Samba installation on a simple network, with a few users and no security and he evolves this study case until it reaches advanced topics like migrations from Windows and NetWare networks to Samba or integrating Samba with Microsoft’s Active Directory).

I strongly recommend this book if you are a Samba sysadmin or you are thinking about deploying Samba on your network, because it contains many tips and ideas to design your Samba network or improve your existing one.

You can download it (PDF format) from here for free.


Book review: ModSecurity 2.5 by Magnus Mischel

Filed under: Books, Security, SysAdmin — acidborg @ 14:41

ModSecurity 2.5 by Magnus Mischel

As a GNU/Linux systems administrator, I manage Apache servers and their configurations on a daily basis, so being capable of getting the best from them is essential on my daily work. That’s why any additional knowledge on the subject helps to make my work easier and more efficient. That is where ModSecurity 2.5 by Magnus Mischel comes to scene. Although I have already installed and configured mod_security on several Apache servers, I have learned a lot from this book and I strongly recommend to read it if you are a web server admin or you are interested in web-based attacks and how to protect your servers from them.

ModSecurity 2.5 by Magnus Mischel introduces one of the most powerful Apache’s modules: mod_security. It is a web application firewall designed as an Apache module. It provides protection from a lot of web-based attacks and it monitors and logs your HTTP traffic. This book explains how to secure your Apache installation and web applications using mod_security. It is targeted to web servers admins, mainly in GNU/Linux environments, with some experience with SQL. Although programming knowledge is not required, knowing shell scripting, Perl and/or PHP will make following the book easier. Web security knowledge is not required as all security concepts and attacks are in-depth explained through the book. No prior regular expressions knowledge is required as they are widely explained on many chapters and there is an appendix dedicated to them.

Before reading this book, I was thinking “A book on such a specialized topic must be hard to follow and understand”. How wrong I was. In fact, it is one of the best written technical books I have ever read. The author explains each topic step-by-step but in-depth, so you can learn new things easily through all the book both by the explanations and the real-life examples it shows. After reading it, you will be able to create your own customized mod_security rules, understand a lot of web-based attacks, know how to protect from them using mod_security and, last but not least, improve your regular expressions skills.

My favourite part of the book is Chapter 6 (“Blocking common attacks”) because it introduces many web-based attacks, how to prevent them and how to protect your servers from them in just a few minutes with real-life examples and screenshots. Chapter 2 (“Writing rules”) is very nice and well explained too, but I prefer real examples over theory (you can’t blame me, I’m a Sysadmin). On the other hand, The only chapter I don’t like as much as the others is the last one (“Protecting a web application”) because it picks up a web application (YaBB) and explains in-depth how to generate the proper rules to protect it. I understand that this has to be read as a real world example, but I think it’s very focused on the application and it’s hard to follow this example if you have never used YaBB before.

In conclusion, I think this is a “must-have” book if you usually deal with web servers. I enjoyed reading it a lot and I have learned many things that mod_security can do that I wasn’t aware of. I strongly recommend it to all web servers admins out there. You can download a sample chapter (Chapter 3 – Performance) here. Check the book’s table of contents to find out what the rest of the chapters are about.

You can also buy the book from Packt Publishing if you want.

NOTE: I was contacted by Packt Publishing to review this book and they send me a free copy to do it. I would like to thank them for giving me this opportunity.


Book review: Pro OpenSolaris

Filed under: Books, SysAdmin — acidborg @ 01:35

Yesterday, I finished reading “Pro OpenSolaris. A new Open Source OS for Linux developers and administrators“. It introduces the main differences between OpenSolaris and GNU/Linux (SMF, ZFS, zones and containers, Dtrace, etc). It explains all this things from a GNU/Linux user perspective, so if that’s your case, it will be easy to read for you. I missed some other comparisons between common GNU/Linux commands and their OpenSolaris equivalents, but it would have increased dramatically the number of pages of the book. A nice book to start using OpenSolaris.

Pro OpenSolaris


Book review: Apache Server 2 Bible

Filed under: Books, SysAdmin — acidborg @ 14:07

I have just finished reading “Apache Server 2 Bible” by Mohammed J. Kabir . Although it’s a reference book, I read it all because I wanted to revise all the Apache-related subjects that I already know and learn the ones that I don’t. This book explains all the Apache installation, configuration and management in great detail, including CGI, FastCGI, SSI, mod_perl, PHP and Java Servlets. I strongly recommend it as you’ll discover a lot of things that you don’t know about the Apache server and its configuration and you’ll learn many tricks about its management.

Apache Server 2 Bible


Upcoming book: ModSecurity 2.5 by Magnus Mischel

Filed under: Books, SysAdmin — acidborg @ 21:01

I’m pleased to have been chosen to review an upcoming book called “ModSecurity 2.5” by Magnus Mischel. It’s going to be published this month by Packt Publishing.

ModSecurity 2.5 book

As I explained in my previous post (Installing ModSecurity for Apache in Ubuntu Server 9.04), ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

I’m looking forward to reading the book and reviewing it, because I think ModSecurity is a great tool and very useful if you work in web-based environments.


Book: Pulling strings with Puppet

Filed under: Books, SysAdmin — acidborg @ 11:45

I’ve just finished reading this book about Puppet:
Pulling strings with Puppet

Puppet is a configuration management solution written in Ruby. I’m using it to manage the configuration of the almost 100 servers I have to admin every day.

This book has been very useful to create a basic modular configuration to start using Puppet. From this point, I’ve been improving and expanding it to fit my needs. I strongly recommend it if you are looking for an introduction to configuration management and Puppet basics.


Book: GREP Pocket Reference

Filed under: Books, Linux, SysAdmin — acidborg @ 13:39

I’ve just finished reading this book:

Grep book

It makes quite a complete review of grep, its parameters and the four kinds of regular expressions that it supports (and it only has 82 pages).

I totally recommend it!


Para este viaje no necesito alforjas by David Vázquez

Filed under: Books — acidborg @ 21:36

I would like to recommend a poetry book written by a great person and a better friend: David Vázquez. Its title is “Para este viaje no necesito alforjas”. Although it’s his first book, It’s quite good and I have to admit I’m quite impressed with the final result (I helped him with the “beta testing” of the book during the publication process).

It was published in January, but I’ve waited until a presentation date had been confirmed in Madrid to blog about it (it has already been presented in Salamanca). The presentation date is the 24th of April in the Tomás y Valiente theater, Fuenlabrada, at 20:00. I’m going to be there and I hope you too 🙂

If you want to buy the book, you can contact David here.


A popular science book

Filed under: Books — acidborg @ 23:03

Yesterday, I finished reading a popular science book called “Matemática, ¿estás ahí?” (“Maths, are you there?”) by Adrián Paenza, an Argentinian mathematician. It’s very interesting and enjoyable, although a bit “basic” for people who have studied Maths at university. However, sometimes it’s good to read things that you already know to understand and remember them better.

You can download it for free from here (Spanish edition).

Title page

There are another 3 books by Adrian Paenza which are very similar to this one and can also be downloaded for free from these webs: one, two and three (all of them are in Spanish).


Some books

Filed under: Books — acidborg @ 22:39

I recently finished a couple of books and I would like to recommend them. The first one is “The Labyrinth of the Olives” by Eduardo Mendoza. It has the same main character as The Mystery of the Bewitched Crypt and, for me, it’s funnier too.

The other one is “Mala vida” by Carles Quílez (in Spanish). I didn’t want to translate “Mala vida” because it’s a Spanish term meaning something like “a life of crime”, but with a marginality background. It surprised me a lot, because I thought it would be boring and full of clichés, but it isn’t. It’s quite different from other detective stories, because the stories are real and they are written in first-person.

Older Posts »

Create a free website or blog at WordPress.com.