Product Description: Linux is the fastest growing operating system. As the number of companies implementing Linux increases, so too does the rapidly-developing need for skilled users, developers and administrators. Advanced Guide to Linux Networking and Security was especially designed for individuals who want to move beyond just the basics of Linux installation and administration into a broader study of the many security issues surrounding this operating system. With its comprehensive Linux security coverage, this text can fit into any Linux Security course and is intended to follow the Complete Guide to Linux System Administration by Nick Wells.
Product Description: Fedora 9 Administration and Security examines topics in system administration, security, and file and device management, including the Fedora system-config administration tools. System administration covers software installation and update with PackageKit, User management, start up and service management using Upstart, virtualization, and system logs, and shell configuration. Security includes PolicyKit authorization, public and private key encryption (GPG and seahorse), SE Linux, firewalls using IPtables, the Secure SHell (SSH), and Kerberos. Device and file system management topics cover udev, the Hardware Abstraction Layer (HAL), Logical Volume Manager (LVM), Linux software RAID, and backups.
Product Description: Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new "Linux Security Cookbook" does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes--short, focused pieces of code that administrators can use to improve security and perform common tasks securely.
The "Linux Security Cookbook" includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure.
Some of the "recipes" you'll find in this book are:
Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more
Monitoring your network with tcpdump, dsniff, netstat, and other tools
Protecting network connections with Secure Shell (SSH) and stunnel
Safeguarding email sessions with Secure Sockets Layer (SSL)
Encrypting files and email messages with GnuPG
Probing your own security with password crackers, nmap, and handy scripts
This cookbook's proven techniques are derived from hard-won experience. Whether you're responsible for security on a home Linux system or for a large corporation, or somewhere in between, you'll find valuable, to-the-point, practical recipes for dealing with everyday security issues. This book is a system saver.
Product Description: The intensive search for a more secure operating system has often left everyday, production computers far behind their experimental, research cousins. Now SELinux (Security Enhanced Linux) dramatically changes this. This best-known and most respected security-related extension to Linux embodies the key advances of the security field. Better yet, SELinux is available in widespread and popular distributions of the Linux operating system--including for Debian, Fedora, Gentoo, Red Hat Enterprise Linux, and SUSE--all of it free and open source. SELinux emerged from research by the National Security Agency and implements classic strong-security measures such as role-based access controls, mandatory access controls, and fine-grained transitions and privilege escalation following the principle of least privilege. It compensates for the inevitable buffer overflows and other weaknesses in applications by isolating them and preventing flaws in one application from spreading to others. The scenarios that cause the most cyber-damage these days--when someone gets a toe-hold on a computer through a vulnerability in a local networked application, such as a Web server, and parlays that toe-hold into pervasive control over the computer system--are prevented on a properly administered SELinux system. The key, of course, lies in the words "properly administered." A system administrator for SELinux needs a wide range of knowledge, such as the principles behind the system, how to assign different privileges to different groups of users, how to change policies to accommodate new software, and how to log and track what is going on. And this is where SELinux is invaluable. Author Bill McCarty, a security consultant who has briefed numerous government agencies, incorporates his intensive research into SELinux into this small but information-packed book. Topics include:
A readable and concrete explanation of SELinux concepts and the SELinux security model
Installation instructions for numerous distributions
Basic system and user administration
A detailed dissection of the SELinux policy language
Examples and guidelines for altering and adding policies
With SELinux, a high-security computer is within reach of any system administrator. If you want an effective means of securing your Linux system--and who doesn't?--this book provides the means.
Product Description: Linux consistently appears high up in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well. This highly regarded book, originally titled Building Secure Servers with Linux, combines practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--as a hub offering services to an organization or the Internet--and shows readers how to harden their hosts against attacks. An all-inclusive resource for Linux users who wish to harden their systems, Linux Server Security covers general security such as intrusion detection and firewalling a hub, as well as key services such as DNS, the Apache Web server, mail, and secure shell. Author Michael D. Bauer, a security consultant, network architect, and lead author of the popular Paranoid Penguin column in the Linux Journal, carefully outlines the security risks, defines precautions that can minimize those risks, and offers recipes for robust security. He is joined on several chapters by administrator and developer Bill Lubanovic. A number of new security topics have been added for this edition, including:
Database security, with a focus on MySQL
Using OpenLDAP for authentication
An introduction to email encryption
The Cyrus IMAP service, a popular mail delivery agent
The vsftpd FTP server
Geared toward Linux users with little security expertise, the author explains security concepts and techniques in clear language, beginning with the fundamentals. Linux Server Security with Linux provides a unique balance of "big picture" principles that transcend specific software packages and version numbers, and very clear procedures on securing some of those software packages on several popular distributions. With this book in hand, you'll have both the expertise and the tools to comprehensively secure your Linux system.
Product Description: Maximum Linux Security: A Hacker's Guide to Protecting Your Linux Server and Workstation is designed for system administrators, managers, or Linux users who wish to protect their Linux servers and workstations from unauthorized intrusions and other external threats to their systems' integrity. Written by an experienced hacker--someone who knows which systems are vulnerable and how crackers get into them--this unique guide to Linux security identifies existing and potential security holes and faults, and then describes how to go about fixing them.
Product Description: A hands-on guide to protecting Linux data from security risks. Introduces readers to the seven deadly sins of Linux security, showing how to set up firewalls, break in case studies, block spam, develop internal security policies, and recover from an intrusion quickly. Softcover. DLC: Linux.
Hardening Linux by James Turnbull belongs on the shelf of anyone who installs and maintains Linux servers.
— Ray Lodato, Slashdot Contributor
I felt like I learned more about Linux reading this book than I've learned during the last year at work.
— Lasse Koskela, JavaRanch Sheriff
I think Hardening Linux may be the best example I've seen of a practical book on the subject.
— Anomaly - G. Wade Johnson
I was a bit surprised when I scanned the table of contents. The first thought in my head was, 'hey, this has everything in it.' And it does.
— Joe Topjian, Adminspotting.net
"Hardening" is the process of protecting a system and its applications against unknown threats. Hardening Linux identifies many of the risks of running Linux hosts and applications and provides practical examples and methods to minimize those risks. The book is written for Linux/UNIX administrators who do not necessarily have in-depth knowledge of security but need to know how to secure their networks.
In this book, you'll learn how to secure:
The base operating system and firewall with iptables
Connections to your hosts
Fie systems and files
Email servers
IMAP and POP servers
FTP servers
A quick reference of the procedures discussed in each chapter are summarized in Appendix C.
Product Description: Linux networks are becoming more and more common, but security is often an overlooked issue. Unfortunately, in today's environment all networks are potential hacker targets, from top-secret military research networks to small home LANs. Linux Network Security focuses on securing Linux in a networked environment, where the security of the entire network needs to be considered rather than just isolated machines. It uses a mix of theory and practical techniques to teach administrators how to install and use security applications, as well as how the applications work and why they are necessary. Starting with the need for security and understanding the problem, the book teaches administrators about packet filtering (firewalling) with iptables, hardening services such as Apache, BIND, Sendmail, FTP, and MySQL to prevent attacks, network analysis, encryption, local security, DoS attacks, and rootkits. Auditing networks for potential vulnerabilities and creating secure passwords is also explored. This is the one book that really details how to secure a Linux network.
Product Description: Guide to Linux Networking and Security is a hands-on, practical guide that can be used to master Linux networking and security, in preparation for the Linux certification exams from SAIR/GNU and LPI. This book begins by introducing networking technologies and protocols, then moves into configuring a Linux network using a variety of command line and graphical utilities. Specific protocols and applications are covered in the networking chapters, including the r-utilities, NFS, Samba, and FTP, plus business-critical services such as e-mail, Web, and DNS. The second half of this book includes a discussion of security in the context of protecting business assets and user privacy, with emphasis on system administrator ethics. Cryptography and encrypted protocols lay a foundation for discussion of specific Linux security tools, including PAM, sudo, and GPG. User, file, and network security are covered. The network security discussion includes firewalls, VPNs, and utilities such as nmap, ethereal, and the SAINT profiling tool. Throughout, the book provides examples of sample commands and output, plus screen shots of related graphical utilities.
News stories are provided by third parties, used with permission,
and copyright of their various respective owners.
Answers 2000 Limited has not necessarily reviewed,
and does not necessarily endorse or
agree with any content of, or views expressed in, all such items.
Comments are posted by our users. Answers 2000 Limited has not
necessarily reviewed,
and does not necessarily endorse or
agree with any content of, or views expressed in, comments.
