You are previewing Practical Linux Security Cookbook.
O'Reilly logo
Practical Linux Security Cookbook

Book Description

Secure your Linux machines and keep them secured with the help of exciting recipes

About This Book

  • This book provides code-intensive discussions with detailed recipes that help you understand better and learn faster.

  • More than 50 hands-on recipes to create and administer a secure Linux system locally as well as on a network

  • Enhance file system security and local and remote user authentication by using various security tools and different versions of Linux for different tasks

  • Who This Book Is For

    Practical Linux Security Cookbook is intended for all those Linux users who already have knowledge of Linux File systems and administration. You should be familiar with basic Linux commands. Understanding Information security and its risks to a Linux system is also helpful in understanding the recipes more easily.

    However, even if you are unfamiliar with Information security, you will be able to easily follow and understand the recipes discussed.

    Since Linux Security Cookbook follows a practical approach, following the steps is very easy.

    What You Will Learn

  • Learn about various vulnerabilities and exploits in relation to Linux systems

  • Configure and build a secure kernel and test it

  • Learn about file permissions and security and how to securely modify files

  • Explore various ways to authenticate local users while monitoring their activities.

  • Authenticate users remotely and securely copy files on remote systems

  • Review various network security methods including firewalls using iptables and TCP Wrapper

  • Explore various security tools including Port Sentry, Squid Proxy, Shorewall, and many more

  • Understand Bash vulnerability/security and patch management

  • In Detail

    With the growing popularity of Linux, more and more administrators have started moving to the system to create networks or servers for any task. This also makes Linux the first choice for any attacker now. Due to the lack of information about security-related attacks, administrators now face issues in dealing with these attackers as quickly as possible. Learning about the different types of Linux security will help create a more secure Linux system.

    Whether you are new to Linux administration or experienced, this book will provide you with the skills to make systems more secure.

    With lots of step-by-step recipes, the book starts by introducing you to various threats to Linux systems. You then get to walk through customizing the Linux kernel and securing local files. Next you will move on to manage user authentication locally and remotely and also mitigate network attacks. Finally, you will learn to patch bash vulnerability and monitor system logs for security.

    With several screenshots in each example, the book will supply a great learning experience and help you create more secure Linux systems.

    Style and approach

    An easy-to-follow cookbook with step-by-step practical recipes covering the various Linux security administration tasks. Each recipe has screenshots, wherever needed, to make understanding more easy.

    Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the code file.

    Table of Contents

    1. Practical Linux Security Cookbook
      1. Table of Contents
      2. Practical Linux Security Cookbook
      3. Credits
      4. About the Author
      5. About the Reviewer
      6. www.PacktPub.com
        1. eBooks, discount offers, and more
          1. Why Subscribe?
      7. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Sections
          1. Getting ready
          2. How to do it…
          3. How it works…
          4. There's more…
          5. See also
        5. Conventions
        6. Reader feedback
        7. Customer support
          1. Downloading the example code
          2. Downloading the color images of this book
          3. Errata
          4. Piracy
          5. Questions
      8. 1. Linux Security Problems
        1. Introduction
        2. The security policy of Linux
          1. Developing a security policy
        3. Configuring password protection
          1. How to do it…
          2. How it works…
        4. Configuring server security
          1. How to do it…
          2. How it works…
          3. There's more…
        5. Security controls
        6. Conducting integrity checks of the installation medium using checksum
          1. Getting ready
          2. How to do it…
          3. How it works…
          4. See also
        7. Using the LUKS disk encryption
          1. Getting ready
          2. How to do it…
          3. How it works…
        8. Making use of sudoers – configuring sudo access
          1. Getting ready
          2. How to do it…
          3. How it works…
          4. There's more…
            1. Vulnerability assessment
        9. Scanning hosts with Nmap
          1. Getting ready
          2. How to do it…
          3. How it works…
          4. See also
        10. Gaining a root on a vulnerable Linux system
          1. Getting ready
          2. How to do it…
          3. How it works
          4. There's more…
            1. Null or default passwords
            2. IP spoofing
            3. Eavesdropping
              1. Service vulnerabilities
              2. Denial of Service (DoS) attack
      9. 2. Configuring a Secure and Optimized Kernel
        1. Introduction
        2. Requirements for building and using a kernel
        3. Creating a USB boot media
          1. Getting ready
          2. How to do it…
          3. How it works…
        4. Retrieving a kernel source
          1. Getting ready
          2. How to do it…
          3. How it works…
        5. Configuring and building a kernel
          1. Getting ready
          2. How to do it…
          3. How it works…
        6. Installing and booting from a kernel
          1. Getting ready
          2. How to do it…
          3. How it works…
        7. Testing and debugging a kernel
        8. Configuring a console for debugging using Netconsole
          1. Getting ready
          2. How to do it…
          3. How it works
          4. There's more…
        9. Debugging a kernel on boot
          1. How to do it…
      10. 3. Local Filesystem Security
        1. Viewing file and directory details using the ls command
          1. Getting ready
          2. How to do it…
          3. How it works…
        2. Changing the file permissions using the chmod command
          1. Getting ready
          2. How to do it…
          3. How it works…
          4. There's more...
        3. Implementing access control list (ACL)
          1. Getting ready
          2. How to do it…
          3. There's more…
        4. File handling using the mv command (moving and renaming)
          1. Getting ready…
          2. How it works…
          3. There's more…
        5. Install and configure a basic LDAP server on Ubuntu
          1. Getting ready
          2. How to do it…
          3. How it works…
      11. 4. Local Authentication in Linux
        1. User authentication and logging
          1. Getting Started
          2. How to do it...
          3. How it works...
        2. Limiting the login capabilities of users
          1. Getting ready
          2. How to do it...
          3. How it works...
        3. Monitoring user activity using acct
          1. Getting started
          2. How to do it?
          3. How it works...
        4. Login authentication using a USB device and PAM
          1. Getting ready
          2. How to do it…
          3. How it works...
          4. There's more...
        5. Defining user authorization controls
          1. Getting started...
          2. How to do it...
          3. How it works...
      12. 5. Remote Authentication
        1. Remote server/host access using SSH
          1. Getting ready
          2. How to do it…
          3. How it works…
        2. Disabling or enabling SSH root login
          1. Getting ready
          2. How to do it…
          3. How it works…
          4. There's more…
        3. Restricting remote access with key-based login into SSH
          1. Getting ready
          2. How to do it...
          3. How it works...
        4. Copying files remotely
          1. Getting ready
          2. How to do it...
          3. How it works...
        5. Setting up a Kerberos server with Ubuntu
          1. Getting ready
          2. How to do it...
          3. How it works...
      13. 6. Network Security
        1. Managing the TCP/IP network
          1. Getting ready
          2. How to do it...
          3. How it works...
        2. Using Iptables to configure a firewall
          1. Getting Ready
          2. How to do it...
          3. How it works...
        3. Blocking spoofed addresses
          1. Getting Ready
          2. How to do it...
          3. How it works...
        4. Blocking incoming traffic
          1. Getting Ready
          2. How to do it...
          3. How it works...
        5. Configuring and using the TCP Wrapper
          1. Getting Ready
          2. How to do it?
          3. How it works...
      14. 7. Security Tools
        1. Linux sXID
          1. Getting Ready
          2. How to do it...
          3. How it works...
        2. PortSentry
          1. Getting Ready
          2. How to do it?
          3. How it works...
        3. Using Squid proxy
          1. Getting Ready
          2. How to do it...
          3. How it works...
        4. OpenSSL Server
          1. Getting Ready
          2. How to do it...
          3. How it works...
        5. Tripwire
          1. Getting Ready
          2. How to do it...
          3. How it works...
        6. Shorewall
          1. Getting ready
          2. How to do it...
          3. How it works...
      15. 8. Linux Security Distros
        1. Kali Linux
          1. Getting ready
          2. How to do it...
          3. How it works...
        2. pfSense
          1. Getting ready
          2. How to do it...
          3. How it works...
        3. DEFT – Digital Evidence and Forensic Toolkit
          1. Getting ready
          2. How to do it...
          3. How it works...
        4. NST – Network Security Toolkit
          1. Getting ready
          2. How to do it...
          3. How it works...
        5. Helix
          1. Getting ready
          2. How to do it?
          3. How it works...
      16. 9. Patching a Bash Vulnerability
        1. Understanding the bash vulnerability through Shellshock
          1. Getting Ready
          2. How to do it…
          3. How it works…
        2. Shellshock's security issues
          1. Getting Ready
          2. How to do it…
          3. How it works…
        3. The patch management system
          1. Getting ready
          2. How to do it…
          3. How it works…
        4. Applying patches on the Linux systems
          1. Getting ready
          2. How to do it...
          3. How it works...
      17. 10. Security Monitoring and Logging
        1. Viewing and managing log files using Logcheck
          1. Getting ready
          2. How to do it…
          3. How it works…
        2. Monitoring a network using Nmap
          1. Getting ready
          2. How to do it…
          3. How it works…
        3. Using glances for system monitoring
          1. Getting ready
          2. How to do it…
          3. How it works…
        4. Monitoring logs using MultiTail
          1. Getting ready
          2. How to do it…
          3. How it works…
        5. Using system tools – Whowatch
          1. Getting ready
          2. How to do it…
          3. How it works
        6. Using system tools – stat
          1. Getting ready
          2. How to do it…
          3. How it works
        7. Using system tools – lsof
          1. Getting ready
          2. How to do it…
          3. How it works
        8. Using system tools – strace
          1. Getting ready
          2. How to do it…
          3. How it works
        9. Using Lynis
          1. Getting ready
          2. How to do it…
          3. How it works
      18. Index