Home Page Icon
Home Page
Table of Contents for
Getting ready
Close
Getting ready
by Tajinder Kalsi
Practical Linux Security Cookbook - Second Edition
Title Page
Copyright and Credits
Practical Linux Security Cookbook Second Edition
Contributors
About the author
About the reviewer
Packt is searching for authors like you
Packt Upsell
Why subscribe?
PacktPub.com
Preface
Who this book is for
What this book covers
To get the most out of this book
Conventions used
Sections
Getting ready
How to do it...
How it works...
There's more...
See also
Get in touch
Reviews
Linux Security Problem
Security policy
Developing a security policy
Linux security myths
Myth – as Linux is open source, it is considered to be insecure
Myth – Linux is an experts-only system, and only they know how to configure their systems in terms of security
Myth – Linux is virus free
Configuring server security
How to do it...
User management
Password policy
Configuration policy
Monitoring policy
How it works...
Security policy – server security
How to do it…
General policy
Configuration policy
Monitoring policy
How it works…
Defining security controls
How to do it...
Installation
Boot and disk
Network and services
Intrusion detection and Denial of Service (DoS)
Auditing and availability
How it works...
Checking the integrity of installation medium by using checksum
Getting ready
How to do it…
How it works…
See also
Using LUKS disk encryption
Getting ready
How to do it...
There's more...
Make use of sudoers – configuring sudo access
Getting ready
How to do it…
How it works…
There’s more…
Vulnerability assessment
Scanning hosts with Nmap
Getting ready
How to do it...
How it works...
See also
Gaining root on a vulnerable Linux system
Getting ready
How to do it...
How it works...
There's more...
Missing backup plans
Getting ready
How to do it...
fwbackups
rsync
Amanda (Advanced Maryland Automatic Network Disk Archiver)
Simple Backup Solution (SBS)
Bacula
How it works...
Configuring a Secure and Optimized Kernel
Creating USB boot media
Getting ready
How to do it...
How it works...
Retrieving the kernel source
Getting ready
How to do it...
How it works...
Configuring and building kernel
Getting ready
How to do it...
How it works...
Installing and booting from a kernel
Getting ready
How to do it...
How it works...
Kernel testing and debugging
Configuring console for debugging using netconsole
Getting ready
How to do it...
How it works...
There's more...
Debugging kernel boot
How to do it...
Kernel errors
Causes of kernel errors
Checking kernel parameters using Lynis
Getting ready
How to do it...
Local Filesystem Security
Viewing files and directory details using ls
Getting ready
How to do it…
How it works…
Using chmod to set permissions on files and directories
Getting ready
How to do it...
How it works...
There's more...
Using chown to change ownership of files and directories
How to do it...
There's more...
Using ACLs to access files
Getting ready
How to do it...
There's more...
File handling using the mv command (moving and renaming)
Getting ready
How it works...
Implementing Mandatory Access Control with SELinux
Getting ready
How to do it...
How it works...
There's more...
Using extended file attributes to protect sensitive files
Getting ready
How to do it...
Installing and configuring a basic LDAP server on Ubuntu
Getting ready
How to do it...
How it works...
Local Authentication in Linux
User authentication and logging
Getting ready
How to do it...
How it works...
Limiting login capabilities of users
Getting ready
How to do it...
How it works...
Disabling username/password logins
Getting ready
How to do it...
How it works...
Monitoring user activity using acct
Getting ready
How to do it...
How it works...
Login authentication using a USB device and PAM
Getting ready
How to do it...
How it works...
There's more...
Defining user authorization controls
Getting ready
How to do it...
How it works...
Access Management using IDAM
Getting ready
How to do it...
How it works...
Remote Authentication
Remote server/host access using SSH
Getting ready
How to do it...
How it works...
Enabling and disabling root login over SSH
Getting ready
How to do it...
How it works...
There's more...
Key-based login into SSH for restricting remote access
Getting ready
How to do it...
How it works...
Copying files remotely
Getting ready
How to do it...
How it works...
Setting up a Kerberos server with Ubuntu
Getting started
How to do it...
How it works...
Using LDAP for user authentication and management
Getting started
How to do it...
Network Security
Managing TCP/IP networks
Getting ready
How to do it...
How it works...
Using a packet sniffer to monitor network traffic
Getting ready
How to do it...
How it works...
Using IP tables for configuring a firewall
Getting ready
How to do it...
How it works...
Blocking spoofed addresses
Getting ready
How to do it...
How it works...
Blocking incoming traffic
Getting ready
How to do it...
How it works...
Configuring and using TCP Wrappers
Getting ready
How to do it...
How it works...
Blocking country-specific traffic using mod_security
Getting ready
How to do it...
Securing network traffic using SSL
Getting ready
How to do it...
How it works...
Security Tools
Linux sXID
Getting ready
How to do it...
How it works...
Port Sentry
Getting ready
How to do it...
How it works...
Using Squid proxy
Getting ready
How to do it...
How it works...
Open SSL server
Getting ready
How to do it...
How it works...
There's more...
Tripwire
Getting ready
How to do it...
How it works...
Shorewall
Getting ready
How to do it...
How it works...
OSSEC
Getting ready
How to do it...
How it works...
Snort
Getting ready
How to do it...
How it works...
Rsync and Grsync – backup tool
Getting ready
How to do it...
How it works...
Linux Security Distros
Kali Linux
pfSense
Getting ready
How to do it...
How it works...
Digital Evidence and Forensic Toolkit  (DEFT)
Network Security Toolkit (NST)
Getting ready
How to do it...
How it works...
Security Onion
Getting ready
How to do it...
How it works...
Tails OS
Getting ready
How to do it...
Qubes OS
Getting ready
How to do it...
How it works...
Bash Vulnerability Patching
Understanding the Bash vulnerability – Shellshock
Getting ready
How to do it...
How it works...
Security issues – Shellshock
Getting ready
How to do it...
How it works...
Linux patch management system
Getting ready
How to do it...
How it works...
Applying patches in Linux
Getting ready
How to do it...
How it works...
Other well-known Linux vulnerabilities
How to do it...
How it works...
Security Monitoring and Logging
Viewing and managing log files using Logcheck
Getting ready
How to do it...
How it works...
Monitoring the network using Nmap
Getting ready
How to do it...
How it works...
Using Glances for system monitoring
Getting ready
How to do it...
How it works...
Monitoring logs using MultiTail
Getting ready
How to do it...
How it works...
Using system tools – whowatch
Getting ready
How to do it...
How it works
Using system tools – stat
Getting ready
How to do it...
How it works...
Using System tools – lsof
Getting ready
How to do it...
How it works...
Using System tools – strace
Getting ready
How to do it...
How it works
Real time IP LAN monitoring using IPTraf
Getting ready
How to do it...
How it works...
Network security monitoring using Suricata
Getting ready
How to do it...
Network monitoring using OpenNMS
Getting ready
How to do it...
How it works
Understanding Linux Service Security
Web server – HTTPD
Getting ready
How to do it...
How it works...
Remote service login – Telnet
Getting ready
How to do it...
How it works...
Secure remote login – SSH
Getting ready
How to do it...
File transfer security – FTP
Securing Mail Transfer – SMTP
Getting ready
How to do it...
How it works...
Scanning and Auditing Linux
Installing an antivirus on Linux
Getting ready
How to do it...
How it works...
Scanning with ClamAV
Getting ready
How to do it...
How it works...
Finding rootkits
Getting ready
How to do it...
How it works...
Using the auditd daemon
Getting ready
How to do it...
How it works...
Using ausearch and aureport to read logs
Getting ready
How to do it...
How it works...
Auditing system services with systemctl
Getting ready
How to do it...
How it works...
Vulnerability Scanning and Intrusion Detection
Network security monitoring using Security Onion
Getting ready
How to do it...
How it works...
Finding vulnerabilities with OpenVAS
Getting ready
How to do it...
How it works...
Using Nikto for web server scanning
Getting ready
How to do it...
How it works...
Hardening using Lynis
Getting ready
How to do it...
How it works...
Other Books You May Enjoy
Leave a review - let other readers know what you think
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Checking the integrity of installation medium by using checksum
Next
Next Chapter
How to do it…
Getting ready
md5sum
is normally installed in most Linux distributions, so installation is not required.
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset