Here are some books about
Linux and open source
security issues and vulnerabilities:
Disclosure: Products details and descriptions provided by Amazon.com. Our company may receive a payment if you purchase products from them after following a link from this website.
Product Description: A hands-on, practical guide provides in-depth coverage of general networking concepts and component, plus coverage of computer security from privacy and cryptography to file systems, secure shell, and VPN software.
Product Description: Your Linux system will be attacked. Be ready! Real World Linux Security, Second Edition brings together state-of-the-art solutions and exclusive software for protecting yourself against today's most vicious Internet attacks. Highlights include surprising new research on IP Tables effectiveness; new ways to block ARP attacks; advances in adaptive firewalls; quick recovery from intrusions; securing wireless systems, instant messaging, VPNs, Samba, and Linux 2.4 kernels; and much more. Includes CD-ROM with the author's exclusive security software tools!
Product Description: The Linux Security Cookbook includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure. This cookbook's proven techniques are derived from hard-won experience. Whether you're responsible for security on a home Linux system or for a large corporation, or somewhere in between, you'll find valuable, to-the-point, practical recipes for dealing with everyday security issues.
Product Description: System administrators need to stay ahead of new security vulnerabilities that leave their networks exposed every day. A firewall and an intrusion detection systems (IDS) are two important weapons in that fight, enabling you to proactively deny access and monitor network traffic for signs of an attack.Linux Firewalls discusses the technical details of the iptables firewall and the Netfilter framework that are built into the Linux kernel, and it explains how they provide strong filtering, Network Address Translation (NAT), state tracking, and application layer inspection capabilities that rival many commercial tools. You'll learn how to deploy iptables as an IDS with psad and fwsnort and how to build a strong, passive authentication layer around iptables with fwknop.Concrete examples illustrate concepts such as firewall log analysis and policies, passive network authentication and authorization, exploit packet traces, Snort ruleset emulation, and more with coverage of these topics:Passive network authentication and OS fingerprintingiptables log analysis and policiesApplication layer attack detection with the iptables string match extensionBuilding an iptables ruleset that emulates a Snort rulesetPort knocking vs. Single Packet Authorization (SPA)Tools for visualizing iptables logsPerl and C code snippets offer practical examples that will help you to maximize your deployment of Linux firewalls. If you're responsible for keeping a network secure, you'll find Linux Firewalls invaluable in your attempt to understand attacks and use iptables-along with psad and fwsnort-to detect and even prevent compromises.
Linux consistently appears high up in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well.
This highly regarded book, originally titled Building Secure Servers with Linux, combines practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--as a hub offering services to an organization or the Internet--and shows readers how to harden their hosts against attacks. An all-inclusive resource for Linux users who wish to harden their systems, Linux Server Security covers general security such as intrusion detection and firewalling a hub, as well as key services such as DNS, the Apache Web server, mail, and secure shell.
Author Michael D. Bauer, a security consultant, network architect, and lead author of the popular Paranoid Penguin column in the Linux Journal, carefully outlines the security risks, defines precautions that can minimize those risks, and offers recipes for robust security. He is joined on several chapters by administrator and developer Bill Lubanovic.
A number of new security topics have been added for this edition, including:
Database security, with a focus on MySQL
Using OpenLDAP for authentication
An introduction to email encryption
The Cyrus IMAP service, a popular mail delivery agent
The vsftpd FTP server
Geared toward Linux users with little security expertise, the author explains security concepts and techniques in clear language, beginning with the fundamentals. Linux Server Security with Linux provides a unique balance of "big picture" principles that transcend specific software packages and version numbers, and very clear procedures on securing some of those software packages on several popular distributions. With this book in hand, you'll have both the expertise and the tools to comprehensively secure your Linux system.
Product Description: Linux continues to gain acceptance as a high-level operating system that's ready for serious corporate enterprise-level computing. When running Internet or file servers, Linux is more reliable, more flexible, more cost-effective, and even faster in some cases than Windows 2000/NT. This means that more and more companies are running Linux on their Web and internal file servers, and that more and more network administrators, used to how things work on Windows 2000/NT servers, will need a crash course on the vulnerabilities of Linux systems, and which holes they're going to need to plug in order to protect themselves from outside attacks. Maximum Linux Security, Second Edition fills this need.
Product Description: Security has become a hot topic on Linux newsgroups. This book offers cutting-edge material on securing a Linux system, including coverage of users and groups, files and permissions, TCP wrappers and trip wires, firewalls and special purpose software, security auditing, and more.
A CD-ROM includes the most recent Caldera OpenLinux release and security software programs.
Product Description: As more companies are moving to Linux for mission-critical applications, security becomes a major issue. This guide explains the pros and cons of the most the valuable open source security tools and is complete with implementation details. It gives detailed instructions on the implementation, configuration, and use of publicly available tools and features of Linux as they relate to Linux security. Essential background information is provided in the book's introductory chapters. Administrators will learn to: Prepare Linux systems for a production environment; Identify vulnerabilities, and planning for security administration; Configure Linux-based firewalls, authentication, and encryption; Secure filesystems, email, web servers, and other key applications; Protect mixed Linux/Unix and Windows environments. New to this Edition: Updated for Redhat 7.2 ; One of the first Linux security books to cover Bastille, a hardening program which tightens system security and can even lock down the entire system in cases where the system is seriously compromised; New chapter on network sniffers and port scanners used to detect intruders; Will Cover Open SSH - the new open source version of a popular suite of connectivity tools which allow you to login into remote computers and execute commands on these computers. Open SSH contains encryption capabilities that encrypts all traffic including passwords.
Product Description: Red Hat Enterprise Linux 5 Administration Security Desktop, examines topics in system administration, security, file and device management, and desktop use, including the Red Hat Enterprise Linux system-config administration tools. System administration covers software installation and update with Yum, user management, start up and service management, virtualization, system monitoring, and shell configuration. Security includes authentication, public and private key encryption (GPG ), SE Linux, firewalls using IPtables, the Secure SHell (SSH), and Kerberos. Device and file system management topics cover udev, the Hardware Abstraction Layer (HAL), Logical Volume Manager (LVM), Linux software RAID, and backups. Desktop covers desktop preferences, GNOME, KDE, desktop applications, shared folders, shell commands, network connections, and printers.
Answers 2000 Limited has no opinion about any stories or content of, or
views expressed in, any linked news resource or website.
Information about companies, organizations, products and services
was believed to be correct at the time it was first published on this website,
but may out of date by the time you read this website. For current
information about any company or organization,
readers are advised to check with the applicable company or organization.
Answers 2000 Limited expresses no opinion about any company or
organization (including expressing no opinion on any investments in, with, or relating to, any company or organization),
product or service. This website is not intended as investment or
financial advice.
CERTAIN CONTENT THAT APPEARS ON THIS SITE COMES FROM AMAZON SERVICES LLC. THIS CONTENT IS PROVIDED 'AS IS' AND IS SUBJECT TO CHANGE OR REMOVAL AT ANY TIME.
Disclosure:
Our company's websites' content (including this website's content) includes advertisements for
our own company's websites, products, and services,
and for other organization's websites, products, and services.
In the case of links to other organization's websites,
our company may receive a payment, (1) if you purchase products or services,
or (2) if you sign-up for third party offers, after following links from this website.
Unless specifically otherwise stated, information about other organization's products and services,
is based on information provided by that organization,
the product/service vendor, and/or publicly available information - and should
not be taken to mean that we have used the product/service in question.
Additionally, our company's websites contain some adverts which we are paid
to display, but whose content is not selected by us, such as Google AdSense ads. For more
detailed information, please see Advertising/Endorsements Disclosures
