Here are some books about
Linux and open source
security issues and vulnerabilities:
Disclosure: Products details and descriptions provided by Amazon.com. Our company may receive a payment if you purchase products from them after following a link from this website.
"Hardening" is the process of protecting a system and its applications against unknown threats. And Hardening Linux will explain the main steps that any Network or Systems Administrator needs to take, to protect his computers that run on Linux. This book discusses security of mail servers, web servers, and file servers, as well as hardening IP tables and remote access functionality.
Written in a similar manner to Hardening Windows and Hardening Apache, complete with checklists and reference-style chapters, Hardeing Linux shows Apress’ commitment to publishing books that appeal to the security professional.
System administrators need to stay ahead of new security vulnerabilities that leave their networks exposed every day. A firewall and an intrusion detection systems (IDS) are two important weapons in that fight, enabling you to proactively deny access and monitor network traffic for signs of an attack.
Linux Firewalls discusses the technical details of the iptables firewall and the Netfilter framework that are built into the Linux kernel, and it explains how they provide strong filtering, Network Address Translation (NAT), state tracking, and application layer inspection capabilities that rival many commercial tools. You'll learn how to deploy iptables as an IDS with psad and fwsnort and how to build a strong, passive authentication layer around iptables with fwknop.
Concrete examples illustrate concepts such as firewall log analysis and policies, passive network authentication and authorization, exploit packet traces, Snort ruleset emulation, and more with coverage of these topics:
Passive network authentication and OS fingerprinting
iptables log analysis and policies
Application layer attack detection with the iptables string match extension
Building an iptables ruleset that emulates a Snort ruleset
Port knocking vs. Single Packet Authorization (SPA)
Tools for visualizing iptables logs
Perl and C code snippets offer practical examples that will help you to maximize your deployment of Linux firewalls. If you're responsible for keeping a network secure, you'll find Linux Firewalls invaluable in your attempt to understand attacks and use iptables-along with psad and fwsnort-to detect and even prevent compromises.
Encouraging hands-on practice, Mastering Linux provides a comprehensive, up-to-date guide to Linux concepts, usage, and programming. Through a set of carefully selected topics and practical examples, the book imparts a sound understanding of operating system concepts and shows how to use Linux effectively.
Ready-to-Use Examples Offer Immediate Access to Practical Applications After a primer on the fundamentals, the text covers user interfaces, commands and filters, Bash Shell scripting, the file system, networking and Internet use, and kernel system calls. It presents many examples and complete programs ready to run on your Linux system. Each chapter includes a summary and exercises of varying degrees of difficulty.
Web Resource The companion website at http://ml.sofpower.com/ offers a host of ancillary materials. Along with links to numerous resources, it includes appendices on SSH and SFTP, VIM, text editing with Vi, and the emacs editor. The site also provides a complete example code package for download.
Master the Linux Operating System Toolbox This book enables you to leverage the capabilities and power of the Linux system more effectively. Going beyond this, it can help you write programs at the shell and C levels—encouraging you to build new custom tools for applications and R&D.
Product Description: If your job is to design or implement IT security solutions or if you’re studying for any security certification, this is the how-to guide you’ve been looking for. Here’s how to assess your needs, gather the tools, and create a controlled environment in which you can experiment, test, and develop the solutions that work. With liberal examples from real-world scenarios, it tells you exactly how to implement a strategy to secure your systems now and in the future.
Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.
Notes: BRAND NEW FROM PUBLISHER! 100% Satisfaction Guarantee. Tracking provided on most orders. Buy with Confidence! Millions of books sold!
Product Description:
Linux consistently appears high up in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well.
This highly regarded book, originally titled Building Secure Servers with Linux, combines practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--as a hub offering services to an organization or the Internet--and shows readers how to harden their hosts against attacks. An all-inclusive resource for Linux users who wish to harden their systems, Linux Server Security covers general security such as intrusion detection and firewalling a hub, as well as key services such as DNS, the Apache Web server, mail, and secure shell.
Author Michael D. Bauer, a security consultant, network architect, and lead author of the popular Paranoid Penguin column in the Linux Journal, carefully outlines the security risks, defines precautions that can minimize those risks, and offers recipes for robust security. He is joined on several chapters by administrator and developer Bill Lubanovic.
A number of new security topics have been added for this edition, including:
Database security, with a focus on MySQL
Using OpenLDAP for authentication
An introduction to email encryption
The Cyrus IMAP service, a popular mail delivery agent
The vsftpd FTP server
Geared toward Linux users with little security expertise, the author explains security concepts and techniques in clear language, beginning with the fundamentals. Linux Server Security with Linux provides a unique balance of "big picture" principles that transcend specific software packages and version numbers, and very clear procedures on securing some of those software packages on several popular distributions. With this book in hand, you'll have both the expertise and the tools to comprehensively secure your Linux system.
“As an author, editor, and publisher, I never paid much attention to the competition–except in a few cases. This is one of those cases. The UNIX System Administration Handbook is one of the few books we ever measured ourselves against.”
–From the Foreword by Tim O’Reilly, founder of O’Reilly Media
“This book is fun and functional as a desktop reference. If you use UNIX and Linux systems, you need this book in your short-reach library. It covers a bit of the systems’ history but doesn’t bloviate. It’s just straightfoward information delivered in colorful and memorable fashion.”
–Jason A. Nunnelley
“This is a comprehensive guide to the care and feeding of UNIX and Linux systems. The authors present the facts along with seasoned advice and real-world examples. Their perspective on the variations among systems is valuable for anyone who runs a heterogeneous computing facility.”
–Pat Parseghian
The twentieth anniversary edition of the world’s best-selling UNIX system administration book has been made even better by adding coverage of the leading Linux distributions: Ubuntu, openSUSE, and RHEL.
This book approaches system administration in a practical way and is an invaluable reference for both new administrators and experienced professionals. It details best practices for every facet of system administration, including storage management, network design and administration, email, web hosting, scripting, software configuration management, performance analysis, Windows interoperability, virtualization, DNS, security, management of IT service organizations, and much more. UNIX® and Linux® System Administration Handbook, Fourth Edition, reflects the current versions of these operating systems:
Ubuntu® Linux openSUSE® Linux Red Hat® Enterprise Linux® Oracle America® Solaris™ (formerly Sun Solaris) HP HP-UX® IBM AIX®
When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world.
Focusing on the four most popular Unix variants today--Solaris, Mac OS X, Linux, and FreeBSD--this book contains new information on PAM (Pluggable Authentication Modules), LDAP, SMB/Samba, anti-theft technologies, embedded systems, wireless and laptop issues, forensics, intrusion detection, chroot jails, telephone scanners and firewalls, virtual and cryptographic filesystems, WebNFS, kernel security levels, outsourcing, legal issues, new Internet protocols and cryptographic algorithms, and much more.
Practical Unix & Internet Security consists of six parts:
Computer security basics: introduction to security problems and solutions, Unix history and lineage, and the importance of security policies as a basic element of system security.
Security building blocks: fundamentals of Unix passwords, users, groups, the Unix filesystem, cryptography, physical security, and personnel security.
Network security: a detailed look at modem and dialup security, TCP/IP, securing individual network services, Sun's RPC, various host and network authentication systems (e.g., NIS, NIS+, and Kerberos), NFS and other filesystems, and the importance of secure programming.
Secure operations: keeping up to date in today's changing security world, backups, defending against attacks, performing integrity management, and auditing.
Handling security incidents: discovering a break-in, dealing with programmed threats and denial of service attacks, and legal aspects of computer security.
Appendixes: a comprehensive security checklist and a detailed bibliography of paper and electronic references for further reading and research.
Packed with 1000 pages of helpful text, scripts, checklists, tips, and warnings, this third edition remains the definitive reference for Unix administrators and anyone who cares about protecting their systems and data from today's threats.
Product Description: Your Linux system will be attacked. Be ready! Real World Linux Security, Second Edition brings together state-of-the-art solutions and exclusive software for protecting yourself against today's most vicious Internet attacks. Highlights include surprising new research on IP Tables effectiveness; new ways to block ARP attacks; advances in adaptive firewalls; quick recovery from intrusions; securing wireless systems, instant messaging, VPNs, Samba, and Linux 2.4 kernels; and much more. Includes CD-ROM with the author's exclusive security software tools!
Answers 2000 Limited has no opinion about any stories or content of, or
views expressed in, any linked news resource or website.
Information about companies, organizations, products and services
was believed to be correct at the time it was first published on this website,
but may out of date by the time you read this website. For current
information about any company or organization,
readers are advised to check with the applicable company or organization.
Answers 2000 Limited expresses no opinion about any company or
organization (including expressing no opinion on any investments in, with, or relating to, any company or organization),
product or service. This website is not intended as investment or
financial advice.
CERTAIN CONTENT THAT APPEARS ON THIS SITE COMES FROM AMAZON SERVICES LLC. THIS CONTENT IS PROVIDED 'AS IS' AND IS SUBJECT TO CHANGE OR REMOVAL AT ANY TIME.
Disclosure:
Our company's websites' content (including this website's content) includes advertisements for
our own company's websites, products, and services,
and for other organization's websites, products, and services.
In the case of links to other organization's websites,
our company may receive a payment, (1) if you purchase products or services,
or (2) if you sign-up for third party offers, after following links from this website.
Unless specifically otherwise stated, information about other organization's products and services,
is based on information provided by that organization,
the product/service vendor, and/or publicly available information - and should
not be taken to mean that we have used the product/service in question.
Additionally, our company's websites contain some adverts which we are paid
to display, but whose content is not selected by us, such as Google AdSense ads. For more
detailed information, please see Advertising/Endorsements Disclosures
