E-Book, Englisch, 432 Seiten, Web PDF
Stanger How to Cheat at Securing Linux
1. Auflage 2011
ISBN: 978-0-08-055868-4
Verlag: Elsevier Science & Techn.
Format: PDF
Kopierschutz: 1 - PDF Watermark
E-Book, Englisch, 432 Seiten, Web PDF
ISBN: 978-0-08-055868-4
Verlag: Elsevier Science & Techn.
Format: PDF
Kopierschutz: 1 - PDF Watermark
Are you one of the millions of SysAdmins running a Linux server who can't find a current book on Linux security? Well..this is the book for you. How to Cheat at Securing Linux Servers is designed to help you deploy a Linux system on the Internet in a variety of security roles. This book provides practical instructions and pointers concerning the open source security tools that we use every day. This book shows you how to use your Linux skills to provide the most important security services such as encryption, authentication, access control, and logging. While writing the book, the authors had the following three-part structure in mind: locking down the network, securing data passing across the network, and protecting the network perimeter with firewalls, DMZs, and VPNs.
The Perfect Reference for the Multitasked SysAdmin
* Discover Why Measure Twice, Cut Once Applies to Securing Linux
* Complete Coverage of Hardening the Operating System, Implementing an Intrusion Detection System, and Defending Databases
* Short on Theory, History, and Technical Data that Is Not Helpful in Performing Your Job
Autoren/Hrsg.
Weitere Infos & Material
1;Front Cover;1
2;Securing Linux;4
3;Copyright Page;5
4;Contents;10
5;Chapter 1. Presenting the Business Case for Open Source Software;18
5.1;Introduction;19
5.2;The Costs of Using Free Security Solutions;19
5.3;The Savings of Using Free Security Solutions;22
5.4;Comparing Free Solutions with Commercial Solutions;24
5.5;"Selling" a Free Solution;30
5.6;Summary;32
5.7;Solutions Fast Track;32
5.8;Frequently Asked Questions;33
6;Chapter 2. Hardening the Operating System;34
6.1;Introduction;35
6.2;Updating the Operating System;35
6.3;Handling Maintenance Issues;36
6.4;Manually Disabling Unnecessary Services and Ports;42
6.5;Locking Down Ports;45
6.6;Hardening the System with Bastille;49
6.7;Controlling and Auditing Root Access with Sudo;59
6.8;Managing Your Log Files;73
6.9;Using Logging Enhancers;74
6.10;Security Enhanced Linux;80
6.11;Securing Novell SUSE Linux;85
6.12;Novell AppArmor;91
6.13;Host Intrusion Prevention System;94
6.14;Linux Benchmark Tools;96
6.15;Summary;101
6.16;Solutions Fast Track;102
6.17;Frequently Asked Questions;106
7;Chapter 3. Enumeration and Scanning Your Network;108
7.1;Introduction;109
7.2;Scanning;109
7.3;Enumeration;109
7.4;How Scanning Works;111
7.5;Open Source Tools;115
7.6;Summary;133
7.7;Frequently Asked Questions;136
8;Chapter 4. Introducing Intrusion Detection and Snort;138
8.1;Introduction;139
8.2;How an IDS Works;140
8.3;Where Snort Fits;143
8.4;Snort System Requirements;144
8.5;Exploring Snort's Features;146
8.6;Using Snort on Your Network;153
8.7;Security Considerations with Snort;168
8.8;Summary;171
8.9;Solutions Fast Track;171
8.10;Frequently Asked Questions;173
9;Chapter 5. Installing and Configuring Snort and Add-Ons;174
9.1;Placing Your NIDS;175
9.2;Configuring Snort on Linux;177
9.3;Other Snort Add-Ons;189
9.4;Demonstrating Effectiveness;192
9.5;Summary;194
9.6;Solutions Fast Track;194
9.7;Frequently Asked Questions;195
10;Chapter 6. Advanced Snort Deployment;198
10.1;Introduction;199
10.2;Monitoring the Network;199
10.3;Configuring Channel Bonding for Linux;200
10.4;Snort Rulesets;201
10.5;Plug-Ins;205
10.6;Preprocessor Plug–Ins;205
10.7;Detection Plug-Ins;212
10.8;Output Plug-Ins;213
10.9;Snort Inline;213
10.10;Solving Specific Security Requirements;214
10.11;Summary;217
10.12;Solutions Fast Track;217
10.13;Frequently Asked Questions;219
11;Chapter 7. Network Analysis, Troubleshooting, and Packet Sniffing;220
11.1;Introduction;221
11.2;What Is Network Analysis and Sniffing?;221
11.3;Who Uses Network Analysis?;224
11.4;How Does It Work?;229
11.5;Sniffing Wireless;248
11.6;Protocol Dissection;250
11.7;Protecting Against Sniffers;256
11.8;Network Analysis and Policy;258
11.9;Frequently Asked Questions;263
12;Chapter 8. Basics of Cryptography and Encryption;266
12.1;Introduction;267
12.2;Algorithms;267
12.3;Concepts of Using Cryptography;277
12.4;Summary;284
12.5;Solutions Fast Track;284
12.6;Frequently Asked Questions;286
13;Chapter 9. Perimeter Security, DMZs, Remote Access, and VPNs;288
13.1;Introduction;289
13.2;Firewall Types;289
13.3;Firewall Architectures;291
13.4;Implementing Firewalls;295
13.5;Providing Secure Remote Access;342
13.6;Summary;355
13.7;Solutions Fast Track;355
13.8;Frequently Asked Questions;357
14;Chapter 10. Linux Bastion Hosts;358
14.1;Introduction;359
14.2;System Installation;359
14.3;Removing Optional Components;363
14.4;Additional Steps;370
14.5;Controlling Access to Resources;379
14.6;Auditing Access to Resources;383
14.7;Remote Administration;387
14.8;Bastion Host Configurations;390
14.9;Bastion Host Maintenance and Support;396
14.10;Linux Bastion Host Checklist;396
14.11;Summary;397
14.12;Solutions Fast Track;397
14.13;Frequently Asked Questions;399
15;Chapter 11. Apache Web Server Hardening;400
15.1;Understanding Common Vulnerabilities Within Apache Web Server;401
15.2;Patching and Securing the OS;402
15.3;Hardening the Apache Application;403
15.4;Monitoring the Server for Secure Operation;417
16;Index;420
