Halting the Hacker lives up to it's billing as a "practical guide." It is a ledger of how to set up and secure a Unix-based network. It details numerous approaches and techniques that hackers use to gain system access, privileges and control of a system. Its key benefit is that it clearly and quickly details numerous countermeasures (both reactive and proactive) that one can take to stop most hackers.

For example, tips on dealing with "doctored logs."

The system manager may be able to tell that the logs have been altered but not be able to tell what information has been altered or removed. If the system's auditing allows for auditing of events to a specific file, you should audit all activities that pertain to log files. If you are using syslog to save the log files to another machine, the connection to that machine should be audited.

The book comes with a CD-ROM library of software tools to detect and eliminate security problems. At under 200 pages, it is readable in a few hours and one can put numerous solutions to immediate use.