How to Cheat at Securing Linux - James Stanger

How to Cheat at Securing Linux (eBook)

James Stanger (Autor)

eBook Download: PDF

2011 | 1. Auflage
432 Seiten
Elsevier Science (Verlag)
978-0-08-055868-4 (ISBN)

Are you one of the millions of SysAdmins running a Linux server who can't find a current book on Linux security? Well..this is the book for you. How to Cheat at Securing Linux Servers is designed to help you deploy a Linux system on the Internet in a variety of security roles. This book provides practical instructions and pointers concerning the open source security tools that we use every day. This book shows you how to use your Linux skills to provide the most important security services such as encryption, authentication, access control, and logging. While writing the book, the authors had the following three-part structure in mind: locking down the network, securing data passing across the network, and protecting the network perimeter with firewalls, DMZs, and VPNs.

The Perfect Reference for the Multitasked SysAdmin
* Discover Why Measure Twice, Cut Once Applies to Securing Linux
* Complete Coverage of Hardening the Operating System, Implementing an Intrusion Detection System, and Defending Databases
* Short on Theory, History, and Technical Data that Is Not Helpful in Performing Your Job

Linux servers now account for 33% of all networks servers running worldwide (Source: IDC). The top 3 market share holders in the network server space (IBM, Hewlett-Packard, and Dell) all use Linux as their standard operating system. This book teaches Linux system administrators how to protect their servers from malicious threats.As with any technologies, increased usage results in increased attention from malicious hackers. For years a myth existed that Windows was inherently less secure than Linux, because there were significantly more attacks against Windows machines than Linux. This was a fallacy. There were more attacks against Windows machines because there were simply so many more Windows machines to attack. Now, the numbers tell the exact opposite story. Linux servers account for 1/3 of all servers worldwide, but in 2005 there were 3 times as many high-severity security vulnerabilities discovered on Linux servers (Source: IDC).This book covers Open Source security, implementing an intrusion detection system, unearthing Rootkits, defending against malware, creating Virtual Private Networks, and much more.The Perfect Reference for the Multitasked SysAdmin* Discover Why "e;Measure Twice, Cut Once"e; Applies to Securing Linux* Complete Coverage of Hardening the Operating System, Implementing an Intrusion Detection System, and Defending Databases* Short on Theory, History, and Technical Data that Is Not Helpful in Performing Your Job

Front Cover 1
Securing Linux 4
Copyright Page 5
Contents 10
Chapter 1. Presenting the Business Case for Open Source Software 18
Introduction 19
The Costs of Using Free Security Solutions 19
The Savings of Using Free Security Solutions 22
Comparing Free Solutions with Commercial Solutions 24
"Selling" a Free Solution 30
Summary 32
Solutions Fast Track 32
Frequently Asked Questions 33
Chapter 2. Hardening the Operating System 34
Introduction 35
Updating the Operating System 35
Handling Maintenance Issues 36
Manually Disabling Unnecessary Services and Ports 42
Locking Down Ports 45
Hardening the System with Bastille 49
Controlling and Auditing Root Access with Sudo 59
Managing Your Log Files 73
Using Logging Enhancers 74
Security Enhanced Linux 80
Securing Novell SUSE Linux 85
Novell AppArmor 91
Host Intrusion Prevention System 94
Linux Benchmark Tools 96
Summary 101
Solutions Fast Track 102
Frequently Asked Questions 106
Chapter 3. Enumeration and Scanning Your Network 108
Introduction 109
Scanning 109
Enumeration 109
How Scanning Works 111
Open Source Tools 115
Summary 133
Frequently Asked Questions 136
Chapter 4. Introducing Intrusion Detection and Snort 138
Introduction 139
How an IDS Works 140
Where Snort Fits 143
Snort System Requirements 144
Exploring Snort's Features 146
Using Snort on Your Network 153
Security Considerations with Snort 168
Summary 171
Solutions Fast Track 171
Frequently Asked Questions 173
Chapter 5. Installing and Configuring Snort and Add-Ons 174
Placing Your NIDS 175
Configuring Snort on Linux 177
Other Snort Add-Ons 189
Demonstrating Effectiveness 192
Summary 194
Solutions Fast Track 194
Frequently Asked Questions 195
Chapter 6. Advanced Snort Deployment 198
Introduction 199
Monitoring the Network 199
Configuring Channel Bonding for Linux 200
Snort Rulesets 201
Plug-Ins 205
Preprocessor Plug–Ins 205
Detection Plug-Ins 212
Output Plug-Ins 213
Snort Inline 213
Solving Specific Security Requirements 214
Summary 217
Solutions Fast Track 217
Frequently Asked Questions 219
Chapter 7. Network Analysis, Troubleshooting, and Packet Sniffing 220
Introduction 221
What Is Network Analysis and Sniffing? 221
Who Uses Network Analysis? 224
How Does It Work? 229
Sniffing Wireless 248
Protocol Dissection 250
Protecting Against Sniffers 256
Network Analysis and Policy 258
Frequently Asked Questions 263
Chapter 8. Basics of Cryptography and Encryption 266
Introduction 267
Algorithms 267
Concepts of Using Cryptography 277
Summary 284
Solutions Fast Track 284
Frequently Asked Questions 286
Chapter 9. Perimeter Security, DMZs, Remote Access, and VPNs 288
Introduction 289
Firewall Types 289
Firewall Architectures 291
Implementing Firewalls 295
Providing Secure Remote Access 342
Summary 355
Solutions Fast Track 355
Frequently Asked Questions 357
Chapter 10. Linux Bastion Hosts 358
Introduction 359
System Installation 359
Removing Optional Components 363
Additional Steps 370
Controlling Access to Resources 379
Auditing Access to Resources 383
Remote Administration 387
Bastion Host Configurations 390
Bastion Host Maintenance and Support 396
Linux Bastion Host Checklist 396
Summary 397
Solutions Fast Track 397
Frequently Asked Questions 399
Chapter 11. Apache Web Server Hardening 400
Understanding Common Vulnerabilities Within Apache Web Server 401
Patching and Securing the OS 402
Hardening the Apache Application 403
Monitoring the Server for Secure Operation 417
Index 420

Erscheint lt. Verlag	18.4.2011
Sprache	englisch
Themenwelt	Sachbuch/Ratgeber
	Informatik ► Betriebssysteme / Server ► Unix / Linux
	Informatik ► Netzwerke ► Sicherheit / Firewall
	Wirtschaft ► Betriebswirtschaft / Management
ISBN-10	0-08-055868-2 / 0080558682
ISBN-13	978-0-08-055868-4 / 9780080558684

Haben Sie eine Frage zum Produkt?

PDF (Adobe DRM)

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Print-Ausgabe

Buch | Softcover

39,85 €