| |
| |
Preface | |
| |
| |
| |
Computer Security Basics | |
| |
| |
| |
Introduction: Some Fundamental Questions | |
| |
| |
What Is Computer Security? | |
| |
| |
What Is an Operating System? | |
| |
| |
What Is a Deployment Environment? | |
| |
| |
| |
Unix History and Lineage | |
| |
| |
History of Unix | |
| |
| |
Security and Unix | |
| |
| |
Role of This Book | |
| |
| |
| |
Policies and Guidelines | |
| |
| |
Planning Your Security Needs | |
| |
| |
Risk Assessment | |
| |
| |
Cost-Benefit Analysis and Best Practices | |
| |
| |
Policy | |
| |
| |
Compliance Audits | |
| |
| |
Outsourcing Options | |
| |
| |
The Problem with Security Through Obscurity | |
| |
| |
| |
Security Building Blocks | |
| |
| |
| |
Users, Passwords, and Authentication | |
| |
| |
Logging in with Usernames and Passwords | |
| |
| |
The Care and Feeding of Passwords | |
| |
| |
How Unix Implements Passwords | |
| |
| |
Network Account and Authorization Systems | |
| |
| |
Pluggable Authentication Modules (PAM) | |
| |
| |
| |
Users, Groups, and the Superuser | |
| |
| |
Users and Groups | |
| |
| |
The Superuser (root) | |
| |
| |
The su Command: Changing Who You Claim to Be | |
| |
| |
Restrictions on the Superuser | |
| |
| |
| |
Filesystems and Security | |
| |
| |
Understanding Filesystems | |
| |
| |
File Attributes and Permissions | |
| |
| |
chmod: Changing a File's Permissions | |
| |
| |
The umask | |
| |
| |
SUID and SGID | |
| |
| |
Device Files | |
| |
| |
Changing a File's Owner or Group | |
| |
| |
| |
Cryptography Basics | |
| |
| |
Understanding Cryptography | |
| |
| |
Symmetric Key Algorithms | |
| |
| |
Public Key Algorithms | |
| |
| |
Message Digest Functions | |
| |
| |
| |
Physical Security for Servers | |
| |
| |
Planning for the Forgotten Threats | |
| |
| |
Protecting Computer Hardware | |
| |
| |
Preventing Theft | |
| |
| |
Protecting Your Data | |
| |
| |
Story: A Failed Site Inspection | |
| |
| |
| |
Personnel Security | |
| |
| |
Background Checks | |
| |
| |
On the Job | |
| |
| |
Departure | |
| |
| |
Other People | |
| |
| |
| |
Network and Internet Security | |
| |
| |
| |
Modems and Dialup Security | |
| |
| |
Modems: Theory of Operation | |
| |
| |
Modems and Security | |
| |
| |
Modems and Unix | |
| |
| |
Additional Security for Modems | |
| |
| |
| |
TCP/IP Networks | |
| |
| |
Networking | |
| |
| |
IP: The Internet Protocol | |
| |
| |
IP Security | |
| |
| |
| |
Securing TCP and UDP Services | |
| |
| |
Understanding Unix Internet Servers and Services | |
| |
| |
Controlling Access to Servers | |
| |
| |
Primary Unix Network Services | |
| |
| |
Managing Services Securely | |
| |
| |
Putting It All Together: An Example | |
| |
| |
| |
Sun RPC | |
| |
| |
Remote Procedure Call (RPC) | |
| |
| |
Secure RPC (AUTH_DES) | |
| |
| |
| |
Network-Based Authentication Systems | |
| |
| |
Sun's Network Information Service (NIS) | |
| |
| |
Sun's NIS+ | |
| |
| |
Kerberos | |
| |
| |
LDAP | |
| |
| |
Other Network Authentication Systems | |
| |
| |
| |
Network Filesystems | |
| |
| |
Understanding NFS | |
| |
| |
Server-Side NFS Security | |
| |
| |
Client-Side NFS Security | |
| |
| |
Improving NFS Security | |
| |
| |
Some Last Comments on NFS | |
| |
| |
Understanding SMB | |
| |
| |
| |
Secure Programming Techniques | |
| |
| |
One Bug Can Ruin Your Whole Day... | |
| |
| |
Tips on Avoiding Security-Related Bugs | |
| |
| |
Tips on Writing Network Programs | |
| |
| |
Tips on Writing SUID/SGID Programs | |
| |
| |
Using chroot() | |
| |
| |
Tips on Using Passwords | |
| |
| |
Tips on Generating Random Numbers | |
| |
| |
| |
Secure Operations | |
| |
| |
| |
Keeping Up to Date | |
| |
| |
Software Management Systems | |
| |
| |
Updating System Software | |
| |
| |
| |
Backups | |
| |
| |
Why Make Backups? | |
| |
| |
Backing Up System Files | |
| |
| |
Software for Backups | |
| |
| |
| |
Defending Accounts | |
| |
| |
Dangerous Accounts | |
| |
| |
Monitoring File Format | |
| |
| |
Restricting Logins | |
| |
| |
Managing Dormant Accounts | |
| |
| |
Protecting the root Account | |
| |
| |
One-Time Passwords | |
| |
| |
Administrative Techniques for Conventional Passwords | |
| |
| |
Intrusion Detection Systems | |
| |
| |
| |
Integrity Management | |
| |
| |
The Need for Integrity | |
| |
| |
Protecting Integrity | |
| |
| |
Detecting Changes After the Fact | |
| |
| |
Integrity-Checking Tools | |
| |
| |
| |
Auditing, Logging, and Forensics | |
| |
| |
Unix Log File Utilities | |
| |
| |
Process Accounting: The acct/pacct File | |
| |
| |
Program-Specific Log Files | |
| |
| |
Designing a Site-Wide Log Policy | |
| |
| |
Handwritten Logs | |
| |
| |
Managing Log Files | |
| |
| |
Unix Forensics | |
| |
| |
| |
Handling Security Incidents | |
| |
| |
| |
Discovering a Break-in | |
| |
| |
Prelude | |
| |
| |
Discovering an Intruder | |
| |
| |
Cleaning Up After the Intruder | |
| |
| |
Case Studies | |
| |
| |
| |
Protecting Against Programmed Threats | |
| |
| |
Programmed Threats: Definitions | |
| |
| |
Damage | |
| |
| |
Authors | |
| |
| |
Entry | |
| |
| |
Protecting Yourself | |
| |
| |
Preventing Attacks | |
| |
| |
| |
Denial of Service Attacks and Solutions | |
| |
| |
Types of Attacks | |
| |
| |
Destructive Attacks | |
| |
| |
Overload Attacks | |
| |
| |
Network Denial of Service Attacks | |
| |
| |
| |
Computer Crime | |
| |
| |
Your Legal Options After a Break-in | |
| |
| |
Criminal Hazards | |
| |
| |
Criminal Subject Matter | |
| |
| |
| |
Who Do You Trust? | |
| |
| |
Can You Trust Your Computer? | |
| |
| |
Can You Trust Your Suppliers? | |
| |
| |
Can You Trust People? | |
| |
| |
| |
Appendixes | |
| |
| |
| |
Unix Security Checklist | |
| |
| |
| |
Unix Processes | |
| |
| |
| |
Paper Sources | |
| |
| |
| |
Electronic Resources | |
| |
| |
| |
Organizations | |
| |
| |
Index | |