BN Homepage Two-Image carousal

!

Javascript is not enabled in your browser. Enabling JavaScript in your browser will allow you to experience all the features of our site.

Learn how to enable JavaScript on your browser

Hardening Linux

Hardening Linux

Hardening Linux

Add to Wishlist

Hardening Linux

Paperback

$49.00

Paperback
$49.00

SHIP THIS ITEM

In stock. Ships in 1-2 days.
PICK UP IN STORE

Your local store may have stock of this item.

Available within 2 business hours

Want it Today?
Check Store Availability

Related collections and offers

Overview

Shows you how to bullet proof your system before you are hacked. This book also shows you how to secure your Linux system to work securely in the first place.

Product Details
Table of Contents

Product Details

ISBN-13:	9780072254976
Publisher:	McGraw-Hill/Osborne Media
Publication date:	07/29/2004
Series:	Hardening
Pages:	404
Product dimensions:	7.51(w) x 9.25(h) x 0.95(d)

Table of Contents

	Foreword from David Wreski	xxi
	Foreword from Corey D. Schou	xxiii
	Introduction	xxvii
Part I	Do These Seven Things First
1	Critical First Steps	3
	Examine Systems for Evidence of Compromise	4
	Terminate Unauthorized Users	5
	Identify and Shut Down Unauthorized Processes	7
	Check Log Files for Possible Evidence of Intrusion Attempts	9
	Check for Potential System File Damage	10
	Check System Stability and Availability	11
	Validate Hardware Operation	12
	Make Sure Power Is Stable	12
Part II	Take It From The Top: The Systematic Hardening Process
2	Hardening Network Access: Disable Unnecessary Services	17
Step 1	Take the Machine Off the Network	18
Step 2	Determine Required Services	20
	Red Hat Enterprise Linux AS 3.0 Services Baseline	21
	SLES8 Services Baseline	21
	Consider Additional Services	22
Step 3	Determine Services' Dependencies	27
Step 4	Prevent Services from Running	32
	Use Tools to Alter Startup Scripts	33
	Turn Off Unnecessary Services: Command Line Tool	40
Step 5	Reboot	43
Step 6	Check Configuration for Unnecessary Services	44
	Check Configuration: GUI	44
	Check Configuration: Manual	44
Step 7	Check Configuration for Necessary Services	45
	Check the Configuration	45
	Probe the Service	45
	Look for the Service in Memory	45
Step 8	Return the Machine to the Network	46
	Test Network Connectivity	46
3	Installing Firewalls and Filters	47
	Take Stock	48
	Check for Existing Firewall Rules	48
	Understand Network Basics	55
	Understand Firewall Rules	57
	Identify Protective Firewall Needs	60
	Protective Strategy	60
	Configure the Firewall	61
4	Hardening Software Accessibility	79
	Identify Required Software	80
	Determine Software Dependencies	86
	Remove or Restrict Unneeded Software	89
	Install Software Securely	90
	Install Trusted Software from Vendors	91
	Install Software from Trusted Sources	94
	Monitor Your Systems	102
5	Preparing for Disaster	105
	Understanding Disaster Recovery	106
	Do Not Build a Custom Kernel	106
	Document Server Setup and Record Changes	107
	Prepare Automated Reinstallation	107
	Prepare Red Hat Kickstart Install Facility	109
	Using SUSE YaST Auto-installation Tools	114
6	Hardening Access Controls	129
	Linux File Permissions and Ownership	130
	Use POSIX Access Control Lists	130
	Review File and Directory Access Controls	137
	Verify the Sticky Bit for Temporary Directories	138
	Record SUID/SGID Files and Directories	139
7	Hardening Data Storage	141
	Understand Legal and Ethical Issues with Cryptography	142
	Comply with Legal Requirements	142
	Understand Ethical Issues	143
	Use Proper Procedures	144
	Store Data Securely	145
	Remove Plaintext Copies of Data	146
	Use GnuPG to Encrypt Files	147
	Creating Keys in a Secure Manner	148
	Creating Keys for Use with GnuPG	149
	Use OpenSSL for File Encryption	159
	Install and Use a Cryptographic File System	161
8	Hardening Authentication and User Identity	169
	Use Pluggable Authentication Modules (PAM) to Provide Flexible Authentication	170
	Use PAM Because...	171
	Enforce Strict Password Requirements	171
	Enable Wheel Group Access	171
	Enable the Use of a Centralized Authentication Server	172
	Correctly Configure PAM to Avoid Compromise	172
	Remove Obsolete PAM Configuration File	172
	Configuration File Format	173
	Backing Up the Configuration Before Making Changes	174
	Recovering from Catastrophic Errors	175
	PAM Framework	175
	Traditional Services	176
	A BSD-Like wheel Group	178
	Per-User Temporary Directories	179
	Require Strong Passwords	179
	Name Switching Service (NSS)	183
9	Restricted Execution Environments	185
	Restrict Functionality	186
	Use chroot to Protect a Service	187
	Understand What Is Protected...and What Isn't	187
	Build the chroot Directory Structure	188
	Resolve Dynamic Library Dependencies	190
	Determine File Dependencies	192
	Create Devices in the chroot Directory	194
	Establish Shells and User Environments	195
	Install the Service(s) to the chroot Directory	198
	Install from Source	198
	Install from a Source RPM	199
	Install a Binary RPM to an Alternate Location	204
	Configure the Service to Log Activity	205
	Troubleshoot chroot Environment Problems	206
	Combine chroot and Your Distribution's Security Capabilities	207
	pam_chroot and Red Hat Enterprise Linux AS 3.0	207
	Monitor File Mode and Permission Settings	209
	Maintain chroot	210
10	Hardening Communications	211
	Secure Protocols	212
	Use SSH	213
	Secure X Connections with SSH	224
	Use Virtual Private Networks	225
	IPSec	228
	Set Up a VPN with FreeS/WAN	229
	Verify the Connection	234
Part III	Once Is Never Enough!
11	Install Network Monitoring Software	239
	Install a Network Analyzer	241
	Install and Use ngrep to Monitor the Network	241
	Install and Use tcpdump	245
	Install Ethereal	252
	Utilize a Network Intrusion Detection System	255
	Install and Use Snort	256
	Use Snort in Sniffing Mode	256
	Use Snort in Packet Capture Mode	258
	Use Snort in NIDS Mode	261
	Use Snort Add-ons	265
	Honeypots/Honeynets	265
	Other Tools	266
12	Automatic Logfile Scanning	267
	Logfiles at a Personal Level	268
	Create a Logfile Policy	270
	Configure the syslog Daemon	271
	The Selector Component	271
	The Activity Component	273
	Set Up a Centralized Server	275
	Ensure Centralized Logging Dependencies Are Met	275
	Configure the Centralized Server	275
	Configure Clients for the Centralized Server	276
	Create a Centralized Server with syslog-ng and stunnel	277
	SUSE: Download and Install stunnel 4.04	277
	Download and Install syslog-ng	277
	Create Certificates for Your Machines	278
	Copy Certificates to /etc/stunnel	279
	Check Certificate Permissions	279
	Create stunnel Configuration on the Server	279
	Create stunnel Configuration on the Client	280
	Create syslog-ng Configuration on the Server	280
	Create syslog-ng Configuration File on the Client Machines	280
	Start stunnel and syslog-ng Manually	281
	Check for Activity on the Server	281
	Use the logger Command to Send Messages Directly to the syslog Daemon	283
	Use Perl's Sys:Syslog to Send Messages to the syslog Daemon	284
	Manage Logfiles	284
	Finding Logfiles	285
	Other System Logfiles	285
	Search Logfiles	286
	Strategy for Searching Logfiles	286
	Searching Logfiles Manually	287
	Search Logfiles with logwatch	288
	Search Logfiles with logsurfer	289
	Search Logfiles with swatch	291
	Modify swatch Configuration to Detect an Attack on the SSH Daemon	293
	Respond to Attacks and Abnormalities	294
13	Patch Management and Monitoring	295
	Apply Updates	296
	Update and Patch SUSE Software	296
	Update and Patch Red Hat Software	303
	Use a Central Patch Server	318
	Patch Monitoring and Management	319
	Create a Change Process	320
	Monitor the Patch Process	321
14	Self-Monitoring Tools	323
	Install and Run a Host-Based Intrusion Detection System	324
	Install and Use Tripwire	324
	Use RPM for File Integrity Checking	335
	Other Tools	336
	Install and Run a Password Checker	336
	Use John the Ripper to Audit Passwords	337
	Set Up Network Monitoring	340
	Configure and Run Nmap	340
	Configure and Run Nessus	344
Part IV	How to Succeed at Hardening Linux
15	Budget Acquisition and Corporate Commitment to Security	355
	Obtain Management Support	356
	Show the Need for the Security Program	356
	Perform a Risk Assessment	357
	Determine Scope	358
	Select the Team	358
	Gather Issues and Determine Impact and Probability	359
	Prioritize Risks	361
	Quantitative Risk Assessment Overview	362
	Report to Management and Obtain Guidance	363
	Executive Summary	364
	Determine Return on Investment (ROI)	365
	Perform Fact Finding	365
	Show Return on Investment	369
	Seek Outside Help and References	369
	Involve Management in Creation of Security Policies and Spending	372
16	Establishing a Security Campaign	373
	Establish the Security Campaign	374
	Determine Goals	374
	Identify What Is Needed to Accomplish Goals	375
	Create Policies	376
	Example Company Encrypted Protocols Policy	381
	Gain User Acceptance and Support	382
	Evaluate Program	385
	Maintain the Program	385
A	Additional Linux Security Resources	387
	General Linux	388
	General Security	388
	General Linux Security	388
	Linux Security Programs	389
	Index	391

From the B&N Reads Blog

Page 1 of

Editorial Reviews

The Barnes & Noble Review
Don’t run Linux in production unless you’ve hardened it. Many admins have barely scratched the surface. Let Samba-Team co-founder John Terpstra show you how it’s really done.
Terpstra starts with an eight-item checklist you’d better attend to right now. Once that’s done, you’ll systematically harden network, system, and software access; the kernel; file systems and data storage; authentication and user identity; and communications. (You’ll even learn how to establish secure “chrooted jails” for business-critical apps.)
Security is, of course, never done. Part III focuses on ongoing tasks: network monitoring, log file scanning, patch management, and more. There’s even coverage of setting up a corporate security policy that gains user acceptance -- and works. Bill Camarda
Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2003 and Upgrading & Fixing Networks for Dummies, Second Edition.

bn.com

Customer Reviews