did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780072254976

Hardening Linux

by
  • ISBN13:

    9780072254976

  • ISBN10:

    0072254971

  • Format: Paperback
  • Copyright: 2004-07-29
  • Publisher: McGraw-Hill Osborne Media
  • Purchase Benefits
  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $39.99 Save up to $0.77
  • Buy New
    $39.22
    Add to Cart Free Shipping Icon Free Shipping

    USUALLY SHIPS IN 2-3 BUSINESS DAYS

Supplemental Materials

What is included with this book?

Summary

Recognized Linux expert John Terpstra and security evangelist and 25-year IT industry veteran, Roberta Bragg cut through the noise to show you how to bullet proof your system before you are hacked!No more "hack and patch!" Harden your Linux system before it is hacked. "Do this NOW, here's why, here's how and don't stop there!"Administrators and IT Pros have to do more with less. They don't want multiple choice/consequences. They want to know what to do NOW to protect their systems against malicious attacks. Hacking Exposed Linux shows how to test, hack, and find the security holes and fix them. Hardening Linux shows you how to secure your Linux system to work securely in the first place

Author Biography

John H. Terpstra (Draper, Utah) is CEO/President or PrimaStasys, Inc., co-founder of the Samba-Team, former VP Technology with Caldera, VP of Development for TurboLinux, and he serves on the Linux Standards Base (the body that sets the specifications for Linux), as well as the Linux Professional Institute Academic Council, responsible for reviewing LPI Certification Exam Questions for accuracy, relevance, and method.

Table of Contents

Foreword xxi
David Wreski
Foreword xxiii
Corey D. Schou
Introduction xxvii
PART I Do These Seven Things First
Critical First Steps
3(14)
Examine Systems for Evidence of Compromise
4(7)
Terminate Unauthorized Users
5(2)
Identify and Shut Down Unauthorized Processes
7(2)
Check Log Files for Possible Evidence of Intrusion Attempts
9(1)
Check for Potential System File Damage
10(1)
Check System Stability and Availability
11(6)
Validate Hardware Operation
12(1)
Make Sure Power Is Stable
12(5)
PART II Take It From The Top: The Systematic Hardening Process
Hardening Network Access: Disable Unnecessary Services
17(30)
Step 1: Take the Machine Off the Network
18(2)
Step 2: Determine Required Services
20(7)
Red Hat Enterprise Linux As 3.0 Services Baseline
21(1)
SLES8 Services Baseline
21(1)
Consider Additional Services
22(5)
Step 3: Determine Services' Dependencies
27(5)
Step 4: Prevent Services from Running
32(11)
Use Tools to Alter Startup Scripts
33(7)
Turn Off Unnecessary Services: Command Line Tool
40(3)
Step 5: Reboot
43(1)
Step 6: Check Configuration for Unnecessary Services
44(1)
Check Configuration: GUI
44(1)
Check Configuration: Manual
44(1)
Step 7: Check Configuration for Necessary Services
45(1)
Check the Configuration
45(1)
Probe the Service
45(1)
Look for the Service in Memory
45(1)
Step 8: Return the Machine to the Network
46(1)
Test Network Connectivity
46(1)
Installing Firewalls and Filters
47(32)
Take Stock
48(12)
Check for Existing Firewall Rules
48(7)
Understand Network Basics
55(2)
Understand Firewall Rules
57(3)
Identify Protective Firewall Needs
60(19)
Protective Strategy
60(1)
Configure the Firewall
61(18)
Hardening Software Accessibility
79(26)
Identify Required Software
80(6)
Determine Software Dependencies
86(3)
Remove or Restrict Unneeded Software
89(1)
Install Software Securely
90(12)
Install Trusted Software from Vendors
91(3)
Install Software from Trusted Sources
94(8)
Monitor Your Systems
102(3)
Preparing for Disaster
105(24)
Understanding Disaster Recovery
106(1)
Do Not Build a Custom Kernel
106(1)
Document Server Setup and Record Changes
107(1)
Prepare Automated Reinstallation
107(22)
Prepare Red Hat Kickstart Install Facility
109(5)
Using SUSE YaST Auto-installation Tools
114(15)
Hardening Access Controls
129(12)
Linux File Permissions and Ownership
130(7)
Use POSIX Access Control Lists
130(7)
Review File and Directory Access Controls
137(4)
Verify the Sticky Bit for Temporary Directories
138(1)
Record SUID/SGID Files and Directories
139(2)
Hardening Data Storage
141(28)
Understand Legal and Ethical Issues with Cryptography
142(2)
Comply with Legal Requirements
142(1)
Understand Ethical Issues
143(1)
Use Proper Procedures
144(3)
Store Data Securely
145(1)
Remove Plaintext Copies of Data
146(1)
Use GnuPG to Encrypt Files
147(12)
Creating Keys in a Secure Manner
148(1)
Creating Keys for Use with GnuPG
149(10)
Use OpenSSL for File Encryption
159(2)
Install and Use a Cryptographic File System
161(8)
Hardening Authentication and User Identity
169(16)
Use Pluggable Authentication Modules (PAM) to Provide Flexible Authentication
170(2)
Use PAM Because
171(1)
Enforce Strict Password Requirements
171(1)
Enable Wheel Group Access
171(1)
Enable the Use of a Centralized Authentication Server
172(1)
Correctly Configure PAM to Avoid Compromise
172(11)
Remove Obsolete PAM Configuration File
172(1)
Configuration File Format
173(1)
Backing Up the Configuration Before Making Changes
174(1)
Recovering from Catastrophic Errors
175(1)
PAM Framework
175(1)
Traditional Services
176(2)
A BSD-Like wheel Group
178(1)
Per-User Temporary Directories
179(1)
Require Strong Passwords
179(4)
Name Switching Service (NSS)
183(2)
Restricted Execution Environments
185(26)
Restrict Functionality
186(1)
Use chroot to Protect a Service
187(1)
Understand What Is Protected....and What Isn't
187(1)
Build the chroot Directory Structure
188(10)
Resolve Dynamic Library Dependencies
190(2)
Determine File Dependencies
192(2)
Create Devices in the chroot Directory
194(1)
Establish Shells and User Environments
195(3)
Install the Service(s) to the chroot Directory
198(7)
Install from Source
198(1)
Install from a Source RPM
199(5)
Install a Binary RPM to an Alternate Location
204(1)
Configure the Service to Log Activity
205(1)
Troubleshoot chroot Environment Problems
206(1)
Combine chroot and Your Distribution's Security Capabilities
207(3)
pam_chroot and Red Hat Enterprise Linux AS 3.0
207(2)
Monitor File Mode and Permission Settings
209(1)
Maintain chroot
210(1)
Hardening Communications
211(28)
Secure Protocols
212(16)
Use SSH
213(11)
Secure X Connections with SSH
224(1)
Use Virtual Private Networks
225(3)
IPSec
228(11)
Set Up a VPN with FreeS/WAN
229(5)
Verify the Connection
234(5)
PART III Once Is Never Enough!
Install Network Monitoring Software
239(28)
Install a Network Analyzer
241(14)
Install and Use ngrep to Monitor the Network
241(4)
Install and Use tcpdump
245(7)
Install Ethereal
252(3)
Utilize a Network Intrusion Detection System
255(10)
Install and Use Snort
256(1)
Use Snort in Sniffing Mode
256(2)
Use Snort in Packet Capture Mode
258(3)
Use Snort in NIDS Mode
261(4)
Use Snort Add-ons
265(1)
Honeypots/Honeynets
265(1)
Other Tools
266(1)
Automatic Logfile Scanning
267(28)
Logfiles at a Personal Level
268(2)
Create a Logfile Policy
270(1)
Configure the syslog Daemon
271(4)
The Selector Component
271(2)
The Activity Component
273(2)
Set Up a Centralized Server
275(2)
Ensure Centralized Logging Dependencies Are Met
275(1)
Configure the Centralized Server
275(1)
Configure Clients for the Centralized Server
276(1)
Create a Centralized Server with syslog-ng and stunnel
277(8)
SUSE: Download and Install stunnel 4.04
277(1)
Download and Install syslog-ng
277(1)
Create Certificates for Your Machines
278(1)
Copy Certificates to / etc/stunnel
279(1)
Check Certificate Permissions
279(1)
Create stunnel Configuration on the Server
279(1)
Create stunnel Configuration on the Client
280(1)
Create syslog-ng Configuration on the Server
280(1)
Create syslog-ng Configuration File on the Client Machines
280(1)
Start stunnel and syslog-ng Manually
281(1)
Check for Activity on the Server
281(2)
Use the logger Command to Send Messages Directly to the syslog Daemon
283(1)
Use Perl's Sys:Syslog to Send Messages to the syslog Daemon
284(1)
Manage Logfiles
284(1)
Finding Logfiles
285(1)
Other System Logfiles
285(1)
Search Logfiles
286(9)
Strategy for Searching Logfiles
286(1)
Searching Logfiles Manually
287(1)
Search Logfiles with logwatch
288(1)
Search Logfiles with logsurfer
289(2)
Search Logfiles with swatch
291(2)
Modify swatch Configuration to Detect an Attack on the SSH Daemon
293(1)
Respond to Attacks and Abnormalities
294(1)
Patch Management and Monitoring
295(28)
Apply Updates
296(23)
Update and Patch SUSE Software
296(7)
Update and Patch Red Hat Software
303(15)
Use a Central Patch Server
318(1)
Patch Monitoring and Management
319(4)
Create a Change Process
320(1)
Monitor the Patch Process
321(2)
Self-Monitoring Tools
323(32)
Install and Run a Host-Based Intrusion Detection System
324(12)
Install and Use Tripwire
324(11)
Use RPM for File Integrity Checking
335(1)
Other Tools
336(1)
Install and Run a Password Checker
336(4)
Use John the Ripper to Audit Passwords
337(3)
Set Up Network Monitoring
340(15)
Configure and Run Nmap
340(4)
Configure and Run Nessus
344(11)
PART IV How to Succeed at Hardening Linux
Budget Acquisition and Corporate Commitment to Security
355(18)
Obtain Management Support
356(1)
Show the Need for the Security Program
356(1)
Perform a Risk Assessment
357(8)
Determine Scope
358(1)
Select the Team
358(1)
Gather Issues and Determine Impact and Probability
359(2)
Prioritize Risks
361(1)
Quantitative Risk Assessment Overview
362(1)
Report to Management and Obtain Guidance
363(1)
Executive Summary
364(1)
Determine Return on Investment (ROI)
365(8)
Perform Fact Finding
365(4)
Show Return on Investment
369(1)
Seek Outside Help and References
369(3)
Involve Management in Creation of Security Policies and Spending
372(1)
Establishing a Security Campaign
373(14)
Establish the Security Campaign
374(13)
Determine Goals
374(1)
Identify What Is Needed to Accomplish Goals
375(1)
Create Policies
376(5)
Example Company Encrypted Protocols Policy
381(1)
Gain User Acceptance and Support
382(3)
Evaluate Program
385(1)
Maintain the Program
385(2)
A Additional Linux Security Resources
387(4)
General Linux
388(1)
General Security
388(1)
General Linux Security
388(1)
Linux Security Programs
389(2)
Index 391

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program