Linux Security Cookbook Security Tools and Techniques

Name: Linux Security Cookbook Security Tools and Techniques
Price: 6.23 USD
Availability: InStock
ISBN: 9780596003913

ISBN-10: 0596003919

ISBN-13: 9780596003913

Edition: 2003

Authors: Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes

List price: $39.99

30 day, 100% satisfaction guarantee!

Buy new: $27.89

Marketplace

3 new & used from $6.23

what's this?

Rush Rewards U
Members Receive:

You have reached 400 XP and carrot coins. That is the daily max!

Description:

Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new "Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes--short, focused pieces of code that administrators can use to improve security and…

Book details

List price: $39.99
Copyright year: 2003
Publisher: O'Reilly Media, Incorporated
Publication date: 6/24/2003
Binding: Paperback
Pages: 336
Size: 7.01" wide x 9.13" long x 0.83" tall
Weight: 1.188
Language: English

Daniel J. Barrett has been immersed in Internet technology since 1985. Currently working as a software engineer, Dan has also been a heavy metal singer, Unix system administrator, university lecturer, web designer, and humorist. He is the author of O'Reilly's Linux Pocket Guide, and is the coauthor of Linux Security Cookbook, and the first edition of SSH, The Secure Shell: The Definitive Guide. He also writes monthly columns for Compute! and Keyboard Magazine, and articles for the O'Reilly Network.

Richard E. Silverman has a B.A. in computer science and an M.A. in pure mathematics. Richard has worked in the fields of networking, formal methods in software development, public-key infrastructure, routing security, and Unix systems administration. He co-authored the first edition of SSH, The Secure Shell: The Definitive Guide.

Robert G. Byrnes, Ph.D., has been hacking on Unix systems for twenty years, and has been involved with security issues since the original Internet worm was launched from Cornell University, while he was a graduate student and system administrator. Currently, he's a software engineer at Curl Corporation, and has worked in the fields of networking, telecommunications, distributed computing, financial technology, and condensed matter physics.



Preface



System Snapshots with Tripwire



Setting Up Tripwire



Displaying the Policy and Configuration



Modifying the Policy and Configuration



Basic Integrity Checking



Read-Only Integrity Checking



Remote Integrity Checking



Ultra-Paranoid Integrity Checking



Expensive, Ultra-Paranoid Security Checking



Automated Integrity Checking



Printing the Latest Tripwire Report



Updating the Database



Adding Files to the Database



Excluding Files from the Database



Checking Windows VFAT Filesystems



Verifying RPM-Installed Files



Integrity Checking with rsync



Integrity Checking Manually



Firewalls with iptables and ipchains



Enabling Source Address Verification



Blocking Spoofed Addresses



Blocking All Network Traffic



Blocking Incoming Traffic



Blocking Outgoing Traffic



Blocking Incoming Service Requests



Blocking Access from a Remote Host



Blocking Access to a Remote Host



Blocking Outgoing Access to All Web Servers on a Network



Blocking Remote Access, but Permitting Local



Controlling Access by MAC Address



Permitting SSH Access Only



Prohibiting Outgoing Telnet Connections



Protecting a Dedicated Server



Preventing pings



Listing Your Firewall Rules



Deleting Firewall Rules



Inserting Firewall Rules



Saving a Firewall Configuration



Loading a Firewall Configuration



Testing a Firewall Configuration



Building Complex Rule Trees



Logging Simplified



Network Access Control



Listing Your Network Interfaces



Starting and Stopping the Network Interface



Enabling/Disabling a Service (xinetd)



Enabling/Disabling a Service (inetd)



Adding a New Service (xinetd)



Adding a New Service (inetd)



Restricting Access by Remote Users



Restricting Access by Remote Hosts (xinetd)



Restricting Access by Remote Hosts (xinetd with libwrap)



Restricting Access by Remote Hosts (xinetd with tcpd)



Restricting Access by Remote Hosts (inetd)



Restricting Access by Time of Day



Restricting Access to an SSH Server by Host



Restricting Access to an SSH Server by Account



Restricting Services to Specific Filesystem Directories



Preventing Denial of Service Attacks



Redirecting to Another Socket



Logging Access to Your Services



Prohibiting root Logins on Terminal Devices



Authentication Techniques and Infrastructures



Creating a PAM-Aware Application



Enforcing Password Strength with PAM



Creating Access Control Lists with PAM



Validating an SSL Certificate



Decoding an SSL Certificate



Installing a New SSL Certificate



Generating an SSL Certificate Signing Request (CSR)



Creating a Self-Signed SSL Certificate



Setting Up a Certifying Authority



Converting SSL Certificates from DER to PEM



Getting Started with Kerberos



Adding Users to a Kerberos Realm



Adding Hosts to a Kerberos Realm



Using Kerberos with SSH



Using Kerberos with Telnet



Securing IMAP with Kerberos



Using Kerberos with PAM for System-Wide Authentication



Authorization Controls



Running a root Login Shell



Running X Programs as root



Running Commands as Another User via sudo



Bypassing Password Authentication in sudo



Forcing Password Authentication in sudo



Authorizing per Host in sudo



Granting Privileges to a Group via sudo



Running Any Program in a Directory via sudo



Prohibiting Command Arguments with sudo



Sharing Files Using Groups



Permitting Read-Only Access to a Shared File via sudo



Authorizing Password Changes via sudo



Starting/Stopping Daemons via sudo



Restricting root's Abilities via sudo



Killing Processes via sudo



Listing sudo Invocations



Logging sudo Remotely



Sharing root Privileges via SSH



Running root Commands via SSH



Sharing root Privileges via Kerberos su



Protecting Outgoing Network Connections



Logging into a Remote Host



Invoking Remote Programs



Copying Files Remotely



Authenticating by Public Key (OpenSSH)



Authenticating by Public Key (OpenSSH Client, SSH2 Server, OpenSSH Key)



Authenticating by Public Key (OpenSSH Client, SSH2 Server, SSH2 Key)



Authenticating by Public Key (SSH2 Client, OpenSSH Server)



Authenticating by Trusted Host



Authenticating Without a Password (Interactively)



Authenticating in cron Jobs



Terminating an SSH Agent on Logout



Tailoring SSH per Host



Changing SSH Client Defaults



Tunneling Another TCP Session Through SSH



Keeping Track of Passwords



Protecting Files



Using File Permissions



Securing a Shared Directory



Prohibiting Directory Listings



Encrypting Files with a Password



Decrypting Files



Setting Up GnuPG for Public-Key Encryption



Listing Your Keyring



Setting a Default Key



Sharing Public Keys



Adding Keys to Your Keyring



Encrypting Files for Others



Signing a Text File



Signing and Encrypting Files



Creating a Detached Signature File



Checking a Signature



Printing Public Keys



Backing Up a Private Key



Encrypting Directories



Adding Your Key to a Keyserver



Uploading New Signatures to a Keyserver



Obtaining Keys from a Keyserver



Revoking a Key



Maintaining Encrypted Files with Emacs



Maintaining Encrypted Files with vim



Encrypting Backups



Using PGP Keys with GnuPG



Protecting Email



Encrypted Mail with Emacs



Encrypted Mail with vim



Encrypted Mail with Pine



Encrypted Mail with Mozilla



Encrypted Mail with Evolution



Encrypted Mail with mutt



Encrypted Mail with elm



Encrypted Mail with MH



Running a POP/IMAP Mail Server with SSL



Testing an SSL Mail Connection



Securing POP/IMAP with SSL and Pine



Securing POP/IMAP with SSL and mutt



Securing POP/IMAP with SSL and Evolution



Securing POP/IMAP with stunnel and SSL



Securing POP/IMAP with SSH



Securing POP/IMAP with SSH and Pine



Receiving Mail Without a Visible Server



Using an SMTP Server from Arbitrary Clients



Testing and Monitoring



Testing Login Passwords (John the Ripper)



Testing Login Passwords (CrackLib)



Finding Accounts with No Password



Finding Superuser Accounts



Checking for Suspicious Account Use



Checking for Suspicious Account Use, Multiple Systems



Testing Your Search Path



Searching Filesystems Effectively



Finding setuid (or setgid) Programs



Securing Device Special Files



Finding Writable Files



Looking for Rootkits



Testing for Open Ports



Examining Local Network Activities



Tracing Processes



Observing Network Traffic



Observing Network Traffic (GUI)



Searching for Strings in Network Traffic



Detecting Insecure Network Protocols



Getting Started with Snort



Packet Sniffing with Snort



Detecting Intrusions with Snort



Decoding Snort Alert Messages



Logging with Snort



Partitioning Snort Logs Into Separate Files



Upgrading and Tuning Snort's Ruleset



Directing System Messages to Log Files (syslog)



Testing a syslog Configuration



Logging Remotely



Rotating Log Files



Sending Messages to the System Logger



Writing Log Entries via Shell Scripts



Writing Log Entries via Perl



Writing Log Entries via C



Combining Log Files



Summarizing Your Logs with logwatch



Defining a logwatch Filter



Monitoring All Executed Commands



Displaying All Executed Commands



Parsing the Process Accounting Log



Recovering from a Hack



Filing an Incident Report


Index