|
Free ebooks
 Operating System Linux Hardening Linux: Learn how to quickly secure your Linux hosts and application against attack
|
 Chapter 1, “Hardening the Basics,” covers the basics of hardening your Linux hosts. It introduces the core security features of the Linux operating system and kernel and provides information and examples on how to harden them. It also covers patching and updating your hosts and how to keep up-to-date with the latest security-related information for Linux.Chapter 2, “Firewalling Your Hosts,” addresses securing your Linux hosts with the iptables firewall. It covers setting up a basic firewall and configuring and managing iptables and then moves onto advanced topics such as firewall logging , protecting from Denial of Service (DoS) attacks and other network-based attacks. Chapter 3, “Securing Connections and Remote Administration,” examines securing connections on your hosts. This includes providing secure connections for the administration of your systems using tools such as OpenSSH. Chapter 4, “Securing Files and File Systems,” looks at securing your files and file systems. I cover file permissions, file attributes, and symmetric file encryption. I also explain securely mounting your disks and removable file systems, encrypting entire file systems, and using the Tripwire tool to monitor the integrity and status of your files and directories. Chapter 5, “Understanding Logging and Log Monitoring,” covers logging and monitoring and filtering your logs. I cover the syslog and syslog-ng tools for gathering your log messages. I also show you how to use the SEC tool to correlate log messages and demonstrate how to manage and rotate your log files. Chapter 6, “Using Tools for Security Testing,” provides information on the tools available to you for testing the security of your hosts. I address testing the security of your passwords and scanning for root kits. I cover scanning your hosts for vulnerabilities and open ports with tools such as nmap and Nessus. I also demonstrate how to use the Bastille hardening script to harden your host. Chapter 7, “Securing Your Mail Server,” looks at securing and hardening two of the most commonly used e-mail servers, Sendmail and Postfix. I examine running these e-mail servers in a chroot jail as well as other methods of limiting their exposure to attack. I also explain how to protect your users from spam and viruses. Chapter 8, “Authenticating and Securing Your Mail,” addresses securing the transmission of your e-mail and the authentication of your clients to your e-mail servers. I examine using Cyrus SASL and SMTP AUTH to ensure only authenticated clients can use your e-mail servers and demonstrate how to use TLS to provide encryption of the transmission of your e-mail. Chapter 9, “Hardening Remote Access to E-mail,” addresses securing your user’s remote access to their e-mail via IMAP and POP and using tools such as Fetchmail. I cover providing secure IMAP and POP using SSL and how to build a “black box” secure IMAP server using Cyrus IMAP. Chapter 10, “Securing an FTP Server,” covers the FTP server and file transfers. I demonstrate how to run secure local and anonymous FTP servers, including how to integrate it with SSL/TLS and authenticate your users with PAM. Chapter 11, “Hardening DNS and BIND,” looks at running DNS services. I cover DNSrelated threats and attacks, how to choose your DNS server, and the basics of secure DNS design. I also cover installing and hardening a BIND DNS server and take you through the security-related configurations options of BIND. Finally, I cover some BIND security features such as TSIG. Download Free ebook for linux: Hardening Linux
|
