+612 9045 4394
Hardening Linux : Hardening - John H. Terpstra

Paperback Published: 29th July 2004
ISBN: 9780072254976
Number Of Pages: 448

Share This Book:


RRP $98.00
Ships in 7 to 10 business days

Bulletproof your system "before" you are hacked From the publisher of the international best-seller, "Hacking Exposed," here is a brilliant new offering written with a passion for security that will help you make the necessary upgrades and take the essential steps to secure your Linux systems. The concise and consistent approach breaks down security into logical parts, giving you actions to take immediately, information on hardening your system from the top down, how to plan and maintain an interative security strategy and finally, how to navigate the "soft issues" of how to garner management and employee support for your security strategy. Features examples in the most frequently used enterprise Linux distributions, Red Hat Enterprise Server 3.0, SuSE SLES 8.1 and a sneak preview of SuSE SLES 9.0

Foreword from David Wreskip. xxi
Foreword from Corey D. Schoup. xxiii
Introductionp. xxvii
Do These Seven Things First
Critical First Stepsp. 3
Examine Systems for Evidence of Compromisep. 4
Terminate Unauthorized Usersp. 5
Identify and Shut Down Unauthorized Processesp. 7
Check Log Files for Possible Evidence of Intrusion Attemptsp. 9
Check for Potential System File Damagep. 10
Check System Stability and Availabilityp. 11
Validate Hardware Operationp. 12
Make Sure Power Is Stablep. 12
Take It From The Top: The Systematic Hardening Process
Hardening Network Access: Disable Unnecessary Servicesp. 17
Take the Machine Off the Networkp. 18
Determine Required Servicesp. 20
Red Hat Enterprise Linux AS 3.0 Services Baselinep. 21
SLES8 Services Baselinep. 21
Consider Additional Servicesp. 22
Determine Services' Dependenciesp. 27
Prevent Services from Runningp. 32
Use Tools to Alter Startup Scriptsp. 33
Turn Off Unnecessary Services: Command Line Toolp. 40
Rebootp. 43
Check Configuration for Unnecessary Servicesp. 44
Check Configuration: GUIp. 44
Check Configuration: Manualp. 44
Check Configuration for Necessary Servicesp. 45
Check the Configurationp. 45
Probe the Servicep. 45
Look for the Service in Memoryp. 45
Return the Machine to the Networkp. 46
Test Network Connectivityp. 46
Installing Firewalls and Filtersp. 47
Take Stockp. 48
Check for Existing Firewall Rulesp. 48
Understand Network Basicsp. 55
Understand Firewall Rulesp. 57
Identify Protective Firewall Needsp. 60
Protective Strategyp. 60
Configure the Firewallp. 61
Hardening Software Accessibilityp. 79
Identify Required Softwarep. 80
Determine Software Dependenciesp. 86
Remove or Restrict Unneeded Softwarep. 89
Install Software Securelyp. 90
Install Trusted Software from Vendorsp. 91
Install Software from Trusted Sourcesp. 94
Monitor Your Systemsp. 102
Preparing for Disasterp. 105
Understanding Disaster Recoveryp. 106
Do Not Build a Custom Kernelp. 106
Document Server Setup and Record Changesp. 107
Prepare Automated Reinstallationp. 107
Prepare Red Hat Kickstart Install Facilityp. 109
Using SUSE YaST Auto-installation Toolsp. 114
Hardening Access Controlsp. 129
Linux File Permissions and Ownershipp. 130
Use POSIX Access Control Listsp. 130
Review File and Directory Access Controlsp. 137
Verify the Sticky Bit for Temporary Directoriesp. 138
Record SUID/SGID Files and Directoriesp. 139
Hardening Data Storagep. 141
Understand Legal and Ethical Issues with Cryptographyp. 142
Comply with Legal Requirementsp. 142
Understand Ethical Issuesp. 143
Use Proper Proceduresp. 144
Store Data Securelyp. 145
Remove Plaintext Copies of Datap. 146
Use GnuPG to Encrypt Filesp. 147
Creating Keys in a Secure Mannerp. 148
Creating Keys for Use with GnuPGp. 149
Use OpenSSL for File Encryptionp. 159
Install and Use a Cryptographic File Systemp. 161
Hardening Authentication and User Identityp. 169
Use Pluggable Authentication Modules (PAM) to Provide Flexible Authenticationp. 170
Use PAM Because...p. 171
Enforce Strict Password Requirementsp. 171
Enable Wheel Group Accessp. 171
Enable the Use of a Centralized Authentication Serverp. 172
Correctly Configure PAM to Avoid Compromisep. 172
Remove Obsolete PAM Configuration Filep. 172
Configuration File Formatp. 173
Backing Up the Configuration Before Making Changesp. 174
Recovering from Catastrophic Errorsp. 175
PAM Frameworkp. 175
Traditional Servicesp. 176
A BSD-Like wheel Groupp. 178
Per-User Temporary Directoriesp. 179
Require Strong Passwordsp. 179
Name Switching Service (NSS)p. 183
Restricted Execution Environmentsp. 185
Restrict Functionalityp. 186
Use chroot to Protect a Servicep. 187
Understand What Is Protected...and What Isn'tp. 187
Build the chroot Directory Structurep. 188
Resolve Dynamic Library Dependenciesp. 190
Determine File Dependenciesp. 192
Create Devices in the chroot Directoryp. 194
Establish Shells and User Environmentsp. 195
Install the Service(s) to the chroot Directoryp. 198
Install from Sourcep. 198
Install from a Source RPMp. 199
Install a Binary RPM to an Alternate Locationp. 204
Configure the Service to Log Activityp. 205
Troubleshoot chroot Environment Problemsp. 206
Combine chroot and Your Distribution's Security Capabilitiesp. 207
pam_chroot and Red Hat Enterprise Linux AS 3.0p. 207
Monitor File Mode and Permission Settingsp. 209
Maintain chrootp. 210
Hardening Communicationsp. 211
Secure Protocolsp. 212
Use SSHp. 213
Secure X Connections with SSHp. 224
Use Virtual Private Networksp. 225
IPSecp. 228
Set Up a VPN with FreeS/WANp. 229
Verify the Connectionp. 234
Once Is Never Enough!
Install Network Monitoring Softwarep. 239
Install a Network Analyzerp. 241
Install and Use ngrep to Monitor the Networkp. 241
Install and Use tcpdumpp. 245
Install Etherealp. 252
Utilize a Network Intrusion Detection Systemp. 255
Install and Use Snortp. 256
Use Snort in Sniffing Modep. 256
Use Snort in Packet Capture Modep. 258
Use Snort in NIDS Modep. 261
Use Snort Add-onsp. 265
Honeypots/Honeynetsp. 265
Other Toolsp. 266
Automatic Logfile Scanningp. 267
Logfiles at a Personal Levelp. 268
Create a Logfile Policyp. 270
Configure the syslog Daemonp. 271
The Selector Componentp. 271
The Activity Componentp. 273
Set Up a Centralized Serverp. 275
Ensure Centralized Logging Dependencies Are Metp. 275
Configure the Centralized Serverp. 275
Configure Clients for the Centralized Serverp. 276
Create a Centralized Server with syslog-ng and stunnelp. 277
SUSE: Download and Install stunnel 4.04p. 277
Download and Install syslog-ngp. 277
Create Certificates for Your Machinesp. 278
Copy Certificates to /etc/stunnelp. 279
Check Certificate Permissionsp. 279
Create stunnel Configuration on the Serverp. 279
Create stunnel Configuration on the Clientp. 280
Create syslog-ng Configuration on the Serverp. 280
Create syslog-ng Configuration File on the Client Machinesp. 280
Start stunnel and syslog-ng Manuallyp. 281
Check for Activity on the Serverp. 281
Use the logger Command to Send Messages Directly to the syslog Daemonp. 283
Use Perl's Sys:Syslog to Send Messages to the syslog Daemonp. 284
Manage Logfilesp. 284
Finding Logfilesp. 285
Other System Logfilesp. 285
Search Logfilesp. 286
Strategy for Searching Logfilesp. 286
Searching Logfiles Manuallyp. 287
Search Logfiles with logwatchp. 288
Search Logfiles with logsurferp. 289
Search Logfiles with swatchp. 291
Modify swatch Configuration to Detect an Attack on the SSH Daemonp. 293
Respond to Attacks and Abnormalitiesp. 294
Patch Management and Monitoringp. 295
Apply Updatesp. 296
Update and Patch SUSE Softwarep. 296
Update and Patch Red Hat Softwarep. 303
Use a Central Patch Serverp. 318
Patch Monitoring and Managementp. 319
Create a Change Processp. 320
Monitor the Patch Processp. 321
Self-Monitoring Toolsp. 323
Install and Run a Host-Based Intrusion Detection Systemp. 324
Install and Use Tripwirep. 324
Use RPM for File Integrity Checkingp. 335
Other Toolsp. 336
Install and Run a Password Checkerp. 336
Use John the Ripper to Audit Passwordsp. 337
Set Up Network Monitoringp. 340
Configure and Run Nmapp. 340
Configure and Run Nessusp. 344
How to Succeed at Hardening Linux
Budget Acquisition and Corporate Commitment to Securityp. 355
Obtain Management Supportp. 356
Show the Need for the Security Programp. 356
Perform a Risk Assessmentp. 357
Determine Scopep. 358
Select the Teamp. 358
Gather Issues and Determine Impact and Probabilityp. 359
Prioritize Risksp. 361
Quantitative Risk Assessment Overviewp. 362
Report to Management and Obtain Guidancep. 363
Executive Summaryp. 364
Determine Return on Investment (ROI)p. 365
Perform Fact Findingp. 365
Show Return on Investmentp. 369
Seek Outside Help and Referencesp. 369
Involve Management in Creation of Security Policies and Spendingp. 372
Establishing a Security Campaignp. 373
Establish the Security Campaignp. 374
Determine Goalsp. 374
Identify What Is Needed to Accomplish Goalsp. 375
Create Policiesp. 376
Example Company Encrypted Protocols Policyp. 381
Gain User Acceptance and Supportp. 382
Evaluate Programp. 385
Maintain the Programp. 385
Additional Linux Security Resourcesp. 387
General Linuxp. 388
General Securityp. 388
General Linux Securityp. 388
Linux Security Programsp. 389
Indexp. 391
Table of Contents provided by Ingram. All Rights Reserved.

ISBN: 9780072254976
ISBN-10: 0072254971
Series: Hardening
Audience: Professional
Format: Paperback
Language: English
Number Of Pages: 448
Published: 29th July 2004
Publisher: McGraw-Hill Education - Europe
Country of Publication: US
Dimensions (cm): 23.5 x 19.0  x 2.3
Weight (kg): 0.77