Book description
Maximum Linux Security: A Hacker's Guide to Protecting Your Linux Server and Workstation is designed for system administrators, managers, or Linux users who wish to protect their Linux servers and workstations from unauthorized intrusions and other external threats to their systems' integrity. Written by an experienced hacker--someone who knows which systems are vulnerable and how crackers get into them--this unique guide to Linux security identifies existing and potential security holes and faults, and then describes how to go about fixing them.
Table of contents
- Copyright
- Preface
- Introduction
-
I. Linux Security Basics
- 1. Introducing Linux
- 2. Physical Security
-
3. Installation Issues
- About Various Linux Distributions, Security, and Installation
-
Partitions and Security
- What Are Partitions, Exactly?
- Lumping Linux into a Single Partition
- Other Advantages of Multiple Partitions
- Sizing Out Partitions
- Creating the Swap and Root Partitions
- Creating the Extended Partition
- Creating Logical Partitions Within the Extended Partition
- Other Partitioning Tools
- Summary of Partitions and Security
- Choosing Network Services During Installation
- Boot Loaders
- Summary
- 4. Basic Linux System Administration
-
II. Linux User Security
-
5. Password Attacks
- What Is a Password Attack?
- How Linux Generates and Stores Passwords
- The Data Encryption Standard (DES)
- Case Study: Cracking Linux Passwords Via Dictionary Attack
-
Password Shadowing and the shadow Suite
-
/etc/shadow: The Password shadow Database
- Adding Users on Shadowed Systems: useradd
- Transferring Startup Files: /etc/skel
- Deleting Users on Shadowed Systems: userdel
- Modifying an Existing User Record on Shadowed Systems: usermod
- Adding a Group on Shadowed Systems: groupadd
- Modifying Group Information on a Shadowed System: groupmod
- Deleting Groups on Shadowed Systems: groupdel
- Managing Group Access: gpasswd
- Beyond Creating and Deleting Users and Groups
- Possible Attacks Against Your Shadowed System
-
/etc/shadow: The Password shadow Database
- After Installing the shadow Suite
- Other Password Security Issues
- Pluggable Authentication Modules
- Still Other Password Security Solutions
- Summary
- 6. Malicious Code
-
5. Password Attacks
-
III. Linux Network Security
- 7. Sniffers and Electronic Eavesdropping
- 8. Scanners
- 9. Spoofing
-
10. Protecting Data in Transit
- Secure Shell (ssh)
- scp: The Secure Copy Remote File Copy Program
- Providing ssh Services in a Heterogeneous Network
- ssh Security Issues
- Additional Resources
- Summary
-
IV. Linux Internet Security
- 11. FTP Security
- 12. Mail Security
- 13. Telnet Security
-
14. Web Server Security
- Eliminating Nonessential Services
-
Web Server Security
- httpd
- Controlling Outside Access: access.conf
- Configuration Options That Can Affect Security
- The ExecCGI Option: Enabling CGI Program Execution
- The FollowSymLinks Option: Allowing Users to Follow Symbolic Links
- The Includes Option: Enabling Server Side Includes (SSI)
- The Indexes Option: Enabling Directory Indexing
- Adding Directory Access Control with Basic HTTP Authentication
- Weaknesses in Basic HTTP Authentication
- HTTP and Cryptographic Authentication
- Running a chroot Web Environment
- Accreditation and Certification
- Summary
- 15. Secure Web Protocols
- 16. Secure Web Development
- 17. Denial-of-Service Attacks
- 18. Linux and Firewalls
- 19. Logs and Audit Trails
- 20. Intrusion Detection
- 21. Disaster Recovery
-
V. Appendixes
-
A. Linux Security Command Reference
- .htaccess
- .htpasswd
- ACUA (An Add-On)
- amadmin
- amanda
- amcheck
- amcleanup
- amdump
- amrestore
- Angel Network Monitor (An Add-On)
- arp
- bootpd
- cfdisk
- Check-ps (An Add-On)
- checkXusers (An Add-On)
- chmod
- chown
- chroot
- CIPE Crypto IP Encapsulation (An Add-On)
- crypt
- ctrlaltdel
- Dante (An Add-On)
- Deception Toolkit (An Add-On)
- DOC (Domain Obscenity Control, an Add-On)
- dns_lint (An Add-On)
- dnswalk (An Add-On)
- Ethereal (An Add-On)
- exports
- exscan (An Add-On)
- FakeBO (An Add-On)
- fdisk
- finger
- fingerd
- ftphosts
- ftpaccess
- ftpd
- ftpshut
- GNU Privacy Guard (An Add-On)
- halt
- hosts_access
- hosts_options
- hosts.equiv
- HUNT (An Add-On)
- htpasswd
- httpd
- icmpinfo (An Add-On)
- identd
- IdentTCPscan (An Add-On)
- inetd.conf
- ip_filter (An Add-On)
- IPAC (An Add-On)
- ipfwadm
- ISS (An Add-On)
- KSniffer (An Add-On)
- last
- Logcheck from the Abacus Project (An Add-On)
- lsof (An Add-On)
- MAT (Monitoring and Administration Tool, an Add-On)
- MOM (An Add-On)
- msystem (An Add-On That's Made for UNIX But Can Work with Linux)
- NEPED (Network Promiscuous Ethernet Detector, an Add-On)
- Nessus (An Add-On)
- netstat
- Network Security Scanner (An Add-On)
- NIST Cerberus (An Add-On)
- nmap (The Network Mapper, an Add-On)
- npasswd (An Add-On)
- ntop (An Add-On)
- passwd
- passwd+ (An Add-On)
- pgp4pine
- ping
- ps
- qmail (An Add-On)
- QueSo (An Add-On)
- rcmd
- rcp
- reboot
- rlogin
- rhosts
- rhosts.dodgy (An Add-On)
- rsh
- scp
- Sentry from the Abacus Project
- services
- shadow
- Shadow in a Box (An Add-On)
- showmount
- shutdown
- SINUS (An Add-On)
- SocketScript (An Add-On)
- ssh
- ssh-add
- ssh-agent
- ssh-keygen
- sshd
- SSLeay
- Strobe (An Add-On)
- sudo
- Swan (An Add-On)
- swatch (The System Watcher)
- sXid Secure (An Add-On)
- sysklogd
- System Administrator's Tool for Analyzing Networks (SATAN, an Add-On)
- tcpd (TCP WRAPPER)
- tcpdchk
- tcpdmatch
- tcpdump
- tftp
- The Linux Shadow Password Suite (An Add-On)
- traceroute
- traffic-vis (An Add-On)
- Trinux (An Add-On)
- TripWire(An Add-On)
- trojan.pl
- ttysnoop
- vipw
- visudo
- w
- who
- whois
- Xlogmaster (An Add-On)
- B. Linux Security Index—Past Linux Security Issues
- C. Other Useful Linux Security Tools
- D. Sources for More Information
-
E. Glossary
-
A. Linux Security Command Reference
Product information
- Title: Maximum Linux Security
- Author(s):
- Release date: September 1999
- Publisher(s): Sams
- ISBN: 9780672316708
You might also like
book
Linux Server Security
Learn how to attack and defend the world’s most popular web server platform Linux Server Security: …
book
Linux Server Security, Second Edition
Linux consistently appears high up in the list of popular Internet servers, whether it's for the …
book
Building Secure Servers with Linux
Linux consistently turns up high in the list of popular Internet servers, whether it's for the …
book
Advanced Linux Networking
With an increasing number of networks and mission-critical applications running on Linux, system and network administrators …