You are previewing Linux Server Security.
O'Reilly logo
Linux Server Security

Book Description

Learn how to attack and defend the world’s most popular web server platform

Linux Server Security: Hack and Defend presents a detailed guide for experienced admins, aspiring hackers and other IT professionals seeking a more advanced understanding of Linux security. Written by a 20-year veteran of Linux server deployment this book provides the insight of experience along with highly practical instruction.

The topics range from the theory of past, current, and future attacks, to the mitigation of a variety of online attacks, all the way to empowering you to perform numerous malicious attacks yourself (in the hope that you will learn how to defend against them). By increasing your understanding of a hacker’s tools and mindset you're less likely to be confronted by the all-too-common reality faced by many admins these days: someone else has control of your systems.

  • Master hacking tools and launch sophisticated attacks: perform SQL injections, deploy multiple server exploits and crack complex passwords.
  • Defend systems and networks: make your servers invisible, be confident of your security with penetration testing and repel unwelcome attackers.
  • Increase your background knowledge of attacks on systems and networks and improve all-important practical skills required to secure any Linux server.

The techniques presented apply to almost all Linux distributions including the many Debian and Red Hat derivatives and some other Unix-type systems. Further your career with this intriguing, deeply insightful, must-have technical book. Diverse, broadly-applicable and hands-on practical, Linux Server Security: Hack and Defend is an essential resource which will sit proudly on any techie's bookshelf.

Table of Contents

  1. Title Page
  2. Introduction
    1. How This Book Is Organized
    2. Who Should Read This Book
    3. Summary
  3. Chapter 1: Invisibility Cloak
    1. Background
    2. Installing knockd
    3. Some Config Options
    4. Testing Your Install
    5. Making Your Server Invisible
    6. Further Considerations
    7. Summary
  4. Chapter 2: Digitally Fingerprint Your Files
    1. Filesystem Integrity
    2. Whole Filesystem
    3. Rootkits
    4. Configuration
    5. False Positives
    6. Well Designed
    7. Summary
  5. Chapter 3: Twenty-First-Century Netcat
    1. History
    2. Installation Packages
    3. Transferring Files
    4. Chaining Commands Together
    5. Secure Communications
    6. Executables
    7. Access Control Lists
    8. Miscellaneous Options
    9. Summary
  6. Chapter 4: Denying Service
    1. NTP Infrastructure
    2. NTP Reflection Attacks
    3. Attack Reporting
    4. Preventing SNMP Reflection
    5. DNS Resolvers
    6. Complicity
    7. Bringing a Nation to Its Knees
    8. Mapping Attacks
    9. Summary
  7. Chapter 5: Nping
    1. Functionality
    2. TCP
    3. Interpreter
    4. UDP
    5. ICMP
    6. ARP
    7. Payload Options
    8. Echo Mode
    9. Other Nping Options
    10. Summary
  8. Chapter 6: Logging Reconnoiters
    1. ICMP Misconceptions
    2. tcpdump
    3. Iptables
    4. Multipart Rules
    5. Log Everything for Forensic Analysis
    6. Hardening
    7. Summary
  9. Chapter 7: Nmap's Prodigious NSE
    1. Basic Port Scanning
    2. The Nmap Scripting Engine
    3. Timing Templates
    4. Categorizing Scripts
    5. Contributing Factors
    6. Security Holes
    7. Authentication Checks
    8. Discovery
    9. Updating Scripts
    10. Script Type
    11. Regular Expressions
    12. Graphical User Interfaces
    13. Zenmap
    14. Summary
  10. Chapter 8: Malware Detection
    1. Getting Started
    2. Configuration
    3. Summary
  11. Chapter 9: Password Cracking with Hashcat
    1. History
    2. Understanding Passwords
    3. Using Hashcat
    4. Running Hashcat
    5. oclHashcat
    6. Hashcat-Utils
    7. Summary
  12. Chapter 10: SQL Injection Attacks
    1. History
    2. Basic SQLi
    3. Mitigating SQLi in PHP
    4. Exploiting SQL Flaws
    5. Launching an Attack
    6. Trying SQLi Legally
    7. Summary
  13. End User License Agreement