Linux Server Hacks, Volume Two by William von Hagen, Brian K. Jones

We’ve come a long way since the 1980s, when Richard Stallman advocated using a carriage return as your password—and a long, sad trip it’s been. Today’s highly connected systems and the very existence of the Internet have provided exponential increases in productivity. The downside of this connectivity is that it also provides infinite opportunities for malicious intruders to crack your systems. The goals in attempting this range from curiosity to industrial espionage, but you can’t tell who’s who or take any chances. It’s the responsibility of every system administrator to make sure that the systems that they’re responsible for are secure and don’t end up as worm-infested zombies or warez servers serving up bootleg software and every episode of SG-1 to P2P users everywhere.

The hacks in this chapter address system security at multiple levels. Several discuss how to set up secure systems, detect network intrusions, and lock out hosts that clearly have no business trying to access your machines. Others discuss software that enables you to record the official state of your machine’s filesystems and catch changes to files that shouldn’t be changing. Another hack discusses how to automatically detect well-known types of Trojan horse software that, once installed, let intruders roam unmolested by hiding their existence from standard system commands. Together, the hacks in this chapter discuss a wide spectrum of system security applications and ...