Practical Linux Security Cookbook

Secure your Linux environment from modern-day attacks with practical recipes, 2nd Edition
 
 
Packt Publishing
  • 1. Auflage
  • |
  • erschienen am 31. August 2018
  • |
  • 482 Seiten
 
E-Book | PDF mit Adobe DRM | Systemvoraussetzungen
978-1-78913-600-5 (ISBN)
 
Enhance file system security and learn about network attack, security tools and different versions of Linux build.Key FeaturesHands-on recipes to create and administer a secure Linux systemEnhance file system security and local and remote user authenticationUse various security tools and different versions of Linux for different tasksBook DescriptionOver the last few years, system security has gained a lot of momentum and software professionals are focusing heavily on it. Linux is often treated as a highly secure operating system. However, the reality is that Linux has its share of security flaws, and these security flaws allow attackers to get into your system and modify or even destroy your important data. But there's no need to panic, since there are various mechanisms by which these flaws can be removed, and this book will help you learn about different types of Linux security to create a more secure Linux system. With a step-by-step recipe approach, the book starts by introducing you to various threats to Linux systems. Then, this book will walk you through customizing the Linux kernel and securing local files. Next, you will move on to managing user authentication both locally and remotely and mitigating network attacks. Later, you will learn about application security and kernel vulnerabilities. You will also learn about patching Bash vulnerability, packet filtering, handling incidents, and monitoring system logs. Finally, you will learn about auditing using system services and performing vulnerability scanning on Linux.By the end of this book, you will be able to secure your Linux systems and create a robust environment.What you will learnLearn about vulnerabilities and exploits in relation to Linux systemsConfigure and build a secure kernel and test itLearn about file permissions and how to securely modify filesAuthenticate users remotely and securely copy files on remote systemsReview different network security methods and toolsPerform vulnerability scanning on Linux machines using toolsLearn about malware scanning and read through logsWho this book is forThis book is intended for all those Linux users who already have knowledge of Linux file systems and administration. You should be familiar with basic Linux commands. Understanding information security and its risks to a Linux system is also helpful in understanding the recipes more easily.
  • Englisch
  • Birmingham
  • |
  • Großbritannien
  • Überarbeitete Ausgabe
978-1-78913-600-5 (9781789136005)
weitere Ausgaben werden ermittelt
Tajinder Kalsi has more than 9 years of working experience in the field of IT. He has conducted seminars all across India, on topics such as information security and Android application development at more than 120 colleges, teaching more than 10,000 students. Apart from training, he has also worked on VAPT projects for various clients. When talking about certifications, Tajinder is an ISO 2700 LA and also IBM certified analyst. Prior to this course, Tajinder authored Practical Linux Security Cookbook, published by Packt Publishing. He has also authored three video courses with Packt: Getting Started with Pentensing, Finding and Exploiting Hidden Vulnerabilities, and Pentesting Web Applications.
  • Cover
  • Title Page
  • Copyright and Credits
  • Contributors
  • Packt Upsell
  • Table of Contents
  • Preface
  • Chapter 1: Linux Security Problem
  • Security policy
  • Developing a security policy
  • Linux security myths
  • Myth - as Linux is open source, it is considered to be insecure
  • Myth - Linux is an experts-only system, and only they know how to configure their systems in terms of security
  • Myth - Linux is virus free
  • Configuring server security
  • How to do it...
  • User management
  • Password policy
  • Configuration policy
  • Monitoring policy
  • How it works...
  • Security policy - server security
  • How to do it.
  • General policy
  • Configuration policy
  • Monitoring policy
  • How it works.
  • Defining security controls
  • How to do it...
  • Installation
  • Boot and disk
  • Network and services
  • Intrusion detection and Denial of Service (DoS)
  • Auditing and availability
  • How it works...
  • Checking the integrity of installation medium by using checksum
  • Getting ready
  • How to do it.
  • How it works.
  • See also
  • Using LUKS disk encryption
  • Getting ready
  • How to do it...
  • There's more...
  • Make use of sudoers - configuring sudo access
  • Getting ready
  • How to do it.
  • How it works.
  • There's more.
  • Vulnerability assessment
  • Scanning hosts with Nmap
  • Getting ready
  • How to do it...
  • How it works...
  • See also
  • Gaining root on a vulnerable Linux system
  • Getting ready
  • How to do it...
  • How it works...
  • There's more...
  • Missing backup plans
  • Getting ready
  • How to do it...
  • fwbackups
  • rsync
  • Amanda (Advanced Maryland Automatic Network Disk Archiver)
  • Simple Backup Solution (SBS)
  • Bacula
  • How it works...
  • Chapter 2: Configuring a Secure and Optimized Kernel
  • Creating USB boot media
  • Getting ready
  • How to do it...
  • How it works...
  • Retrieving the kernel source
  • Getting ready
  • How to do it...
  • How it works...
  • Configuring and building kernel
  • Getting ready
  • How to do it...
  • How it works...
  • Installing and booting from a kernel
  • Getting ready
  • How to do it...
  • How it works...
  • Kernel testing and debugging
  • Configuring console for debugging using netconsole
  • Getting ready
  • How to do it...
  • How it works...
  • There's more...
  • Debugging kernel boot
  • How to do it...
  • Kernel errors
  • Causes of kernel errors
  • Checking kernel parameters using Lynis
  • Getting ready
  • How to do it...
  • Chapter 3: Local Filesystem Security
  • Viewing files and directory details using ls
  • Getting ready
  • How to do it.
  • How it works.
  • Using chmod to set permissions on files and directories
  • Getting ready
  • How to do it...
  • How it works...
  • There's more...
  • Using chown to change ownership of files and directories
  • How to do it...
  • There's more...
  • Using ACLs to access files
  • Getting ready
  • How to do it...
  • There's more...
  • File handling using the mv command (moving and renaming)
  • Getting ready
  • How it works...
  • Implementing Mandatory Access Control with SELinux
  • Getting ready
  • How to do it...
  • How it works...
  • There's more...
  • Using extended file attributes to protect sensitive files
  • Getting ready
  • How to do it...
  • Installing and configuring a basic LDAP server on Ubuntu
  • Getting ready
  • How to do it...
  • How it works...
  • Chapter 4: Local Authentication in Linux
  • User authentication and logging
  • Getting ready
  • How to do it...
  • How it works...
  • Limiting login capabilities of users
  • Getting ready
  • How to do it...
  • How it works...
  • Disabling username/password logins
  • Getting ready
  • How to do it...
  • How it works...
  • Monitoring user activity using acct
  • Getting ready
  • How to do it...
  • How it works...
  • Login authentication using a USB device and PAM
  • Getting ready
  • How to do it...
  • How it works...
  • There's more...
  • Defining user authorization controls
  • Getting ready
  • How to do it...
  • How it works...
  • Access Management using IDAM
  • Getting ready
  • How to do it...
  • How it works...
  • Chapter 5: Remote Authentication
  • Remote server/host access using SSH
  • Getting ready
  • How to do it...
  • How it works...
  • Enabling and disabling root login over SSH
  • Getting ready
  • How to do it...
  • How it works...
  • There's more...
  • Key-based login into SSH for restricting remote access
  • Getting ready
  • How to do it...
  • How it works...
  • Copying files remotely
  • Getting ready
  • How to do it...
  • How it works...
  • Setting up a Kerberos server with Ubuntu
  • Getting started
  • How to do it...
  • How it works...
  • Using LDAP for user authentication and management
  • Getting started
  • How to do it...
  • Chapter 6: Network Security
  • Managing TCP/IP networks
  • Getting ready
  • How to do it...
  • How it works...
  • Using a packet sniffer to monitor network traffic
  • Getting ready
  • How to do it...
  • How it works...
  • Using IP tables for configuring a firewall
  • Getting ready
  • How to do it...
  • How it works...
  • Blocking spoofed addresses
  • Getting ready
  • How to do it...
  • How it works...
  • Blocking incoming traffic
  • Getting ready
  • How to do it...
  • How it works...
  • Configuring and using TCP Wrappers
  • Getting ready
  • How to do it...
  • How it works...
  • Blocking country-specific traffic using mod_security
  • Getting ready
  • How to do it...
  • Securing network traffic using SSL
  • Getting ready
  • How to do it...
  • How it works...
  • Chapter 7: Security Tools
  • Linux sXID
  • Getting ready
  • How to do it...
  • How it works...
  • Port Sentry
  • Getting ready
  • How to do it...
  • How it works...
  • Using Squid proxy
  • Getting ready
  • How to do it...
  • How it works...
  • Open SSL server
  • Getting ready
  • How to do it...
  • How it works...
  • There's more...
  • Tripwire
  • Getting ready
  • How to do it...
  • How it works...
  • Shorewall
  • Getting ready
  • How to do it...
  • How it works...
  • OSSEC
  • Getting ready
  • How to do it...
  • How it works...
  • Snort
  • Getting ready
  • How to do it...
  • How it works...
  • Rsync and Grsync - backup tool
  • Getting ready
  • How to do it...
  • How it works...
  • Chapter 8: Linux Security Distros
  • Kali Linux
  • pfSense
  • Getting ready
  • How to do it...
  • How it works...
  • Digital Evidence and Forensic Toolkit (DEFT)
  • Network Security Toolkit (NST)
  • Getting ready
  • How to do it...
  • How it works...
  • Security Onion
  • Getting ready
  • How to do it...
  • How it works...
  • Tails OS
  • Getting ready
  • How to do it...
  • Qubes OS
  • Getting ready
  • How to do it...
  • How it works...
  • Chapter 9: Bash Vulnerability Patching
  • Understanding the Bash vulnerability - Shellshock
  • Getting ready
  • How to do it...
  • How it works...
  • Security issues - Shellshock
  • Getting ready
  • How to do it...
  • How it works...
  • Linux patch management system
  • Getting ready
  • How to do it...
  • How it works...
  • Applying patches in Linux
  • Getting ready
  • How to do it...
  • How it works...
  • Other well-known Linux vulnerabilities
  • How to do it...
  • How it works...
  • Chapter 10: Security Monitoring and Logging
  • Viewing and managing log files using Logcheck
  • Getting ready
  • How to do it...
  • How it works...
  • Monitoring the network using Nmap
  • Getting ready
  • How to do it...
  • How it works...
  • Using Glances for system monitoring
  • Getting ready
  • How to do it...
  • How it works...
  • Monitoring logs using MultiTail
  • Getting ready
  • How to do it...
  • How it works...
  • Using system tools - whowatch
  • Getting ready
  • How to do it...
  • How it works
  • Using system tools - stat
  • Getting ready
  • How to do it...
  • How it works...
  • Using System tools - lsof
  • Getting ready
  • How to do it...
  • How it works...
  • Using System tools - strace
  • Getting ready
  • How to do it...
  • How it works
  • Real time IP LAN monitoring using IPTraf
  • Getting ready
  • How to do it...
  • How it works...
  • Network security monitoring using Suricata
  • Getting ready
  • How to do it...
  • Network monitoring using OpenNMS
  • Getting ready
  • How to do it...
  • How it works
  • Chapter 11: Understanding Linux Service Security
  • Web server - HTTPD
  • Getting ready
  • How to do it...
  • How it works...
  • Remote service login - Telnet
  • Getting ready
  • How to do it...
  • How it works...
  • Secure remote login - SSH
  • Getting ready
  • How to do it...
  • File transfer security - FTP
  • Securing Mail Transfer - SMTP
  • Getting ready
  • How to do it...
  • How it works...
  • Chapter 12: Scanning and Auditing Linux
  • Installing an antivirus on Linux
  • Getting ready
  • How to do it...
  • How it works...
  • Scanning with ClamAV
  • Getting ready
  • How to do it...
  • How it works...
  • Finding rootkits
  • Getting ready
  • How to do it...
  • How it works...
  • Using the auditd daemon
  • Getting ready
  • How to do it...
  • How it works...
  • Using ausearch and aureport to read logs
  • Getting ready
  • How to do it...
  • How it works...
  • Auditing system services with systemctl
  • Getting ready
  • How to do it...
  • How it works...
  • Chapter 13: Vulnerability Scanning and Intrusion Detection
  • Network security monitoring using Security Onion
  • Getting ready
  • How to do it...
  • How it works...
  • Finding vulnerabilities with OpenVAS
  • Getting ready
  • How to do it...
  • How it works...
  • Using Nikto for web server scanning
  • Getting ready
  • How to do it...
  • How it works...
  • Hardening using Lynis
  • Getting ready
  • How to do it...
  • How it works...
  • Other Books You May Enjoy
  • Index

Dateiformat: PDF
Kopierschutz: Adobe-DRM (Digital Rights Management)

Systemvoraussetzungen:

Computer (Windows; MacOS X; Linux): Installieren Sie bereits vor dem Download die kostenlose Software Adobe Digital Editions (siehe E-Book Hilfe).

Tablet/Smartphone (Android; iOS): Installieren Sie bereits vor dem Download die kostenlose App Adobe Digital Editions (siehe E-Book Hilfe).

E-Book-Reader: Bookeen, Kobo, Pocketbook, Sony, Tolino u.v.a.m. (nicht Kindle)

Das Dateiformat PDF zeigt auf jeder Hardware eine Buchseite stets identisch an. Daher ist eine PDF auch für ein komplexes Layout geeignet, wie es bei Lehr- und Fachbüchern verwendet wird (Bilder, Tabellen, Spalten, Fußnoten). Bei kleinen Displays von E-Readern oder Smartphones sind PDF leider eher nervig, weil zu viel Scrollen notwendig ist. Mit Adobe-DRM wird hier ein "harter" Kopierschutz verwendet. Wenn die notwendigen Voraussetzungen nicht vorliegen, können Sie das E-Book leider nicht öffnen. Daher müssen Sie bereits vor dem Download Ihre Lese-Hardware vorbereiten.

Bitte beachten Sie bei der Verwendung der Lese-Software Adobe Digital Editions: wir empfehlen Ihnen unbedingt nach Installation der Lese-Software diese mit Ihrer persönlichen Adobe-ID zu autorisieren!

Weitere Informationen finden Sie in unserer E-Book Hilfe.


Download (sofort verfügbar)

49,09 €
inkl. 19% MwSt.
Download / Einzel-Lizenz
PDF mit Adobe DRM
siehe Systemvoraussetzungen
E-Book bestellen