LitArk » Books » Computer

Daniel J. Barrett - Linux Security Cookbook

Here you can read online Daniel J. Barrett - Linux Security Cookbook full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2003, publisher: OReilly Media, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Book:
Linux Security Cookbook
Author:
Daniel J Barrett / Richard E Silverman / Robert G Byrnes
Publisher:
OReilly Media
Genre:
Books / Computer
Year:
2003
Rating:
4 / 5
Favourites:
Add to favourites
Your mark:
- 80
- 1
- 2
- 3
- 4
- 5

Description
Author's other books
Similar books

Linux Security Cookbook: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Linux Security Cookbook" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If youre grounded in the basics of security, however, you wont necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. Thats exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes--short, focused pieces of code that administrators can use to improve security and perform common tasks securely. The Linux Security Cookbook includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure. Some of the recipes youll find in this book are:Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more Monitoring your network with tcpdump, dsniff, netstat, and other tools Protecting network connections with Secure Shell (SSH) and stunnel Safeguarding email sessions with Secure Sockets Layer (SSL) Encrypting files and email messages with GnuPG Probing your own security with password crackers, nmap, and handy scripts This cookbooks proven techniques are derived from hard-won experience. Whether youre responsible for security on a home Linux system or for a large corporation, or somewhere in between, youll find valuable, to-the-point, practical recipes for dealing with everyday security issues. This book is a system saver.

Daniel J. Barrett: author's other books

Who wrote Linux Security Cookbook? Find out the surname, the name of the author of the book and a list of all author's works by series.

Linux Security Cookbook — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Linux Security Cookbook" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

↓

↑

Reset

Interval:

↓

↑

Bookmark:

Make

[]

[]
[See process accounting]
[See kadmin utility]
[See also ssh-agent]
[See Snort]
aliases
[See also public-key encryption]
attacks
buffer overflow
man-in-the-middle (MITM)
authentication
[See email IMAP]
[See ssh-agent]
[See Kerberos authentication]
[See SSH]
[See PAM]
[See SMTP]
[See SSH]
[See SSL]
[See trusted-host authentication]
root user
sharing root privileges
sudo command

[]
binary data
buffer overflow attacks

[]
C programs
cert.pem file
certificates
SSL
[See CA]
chkconfig command
[See Kerberos PAM SSH SSL trusted-host authentication]
command-line arguments
copying files
cracking passwords
cron utility
cryptographic authentication
[See Kerberos authentication]
[See SSH]
[See SSL]
[See trusted-host authentication]
current directory

[]
daemons
[See imapd]
[See inetd]
[See sshd]
tcpd
[See xinetd]
debugging
denial-of-service (DOS) attacks
DENY
device special files
directories
[See hosts.deny file]
display filter expressions
[See DER]
DNS
[See denial-of-service attacks]
DROP
insecure network protocols
libnids

[]
Emacs
encryption
[See Mailcrypt]
POP/IMAP security
protecting
[See public-key encryption]
[See email, encryption]
[See also files, protecting]
[See public-key encryption]
[See symmetric encryption]
env program
errors
Ethereal (network sniffing GUI)
[See !, under Symbols]
executables
[See process accounting]

[]
[See permissions]
[See permissions]
[See find command]
filesystems
filters
capture expressions
display expressions
find command
fingerprints
firewalls
rules
forced commands
fstab file
FTP

[]
[See Emacs]
[See Gnu Privacy Guard]
grep command
group permissions
groups
[See Generic Security Services Application Programming Interface]

[]
[See aliases]
[See trusted-host authentication]
HostbasedAuthentication
hostnames
hosts
Kerberos
[See trusted-host authentication]
access control for remote hosts
access control for remote hosts
HTTP

[]
ICMP
IDENT
ifconfig program
IMAP
mail session security
imapd
importing keys
[See firewalls networks, access control]
inetd.conf file
inode numbers
input/output
[See also Tripwire]
integrity checks
interfaces, network
[See inetd]
IP addresses
ipchains-save
iptables-save

[]

[]
[See Key Distribution Center]
kernel
[See also cryptographic authentication]
keyserver
killing processes
ksu (Kerberized su)

[]
binary files
Linux
[See Red Hat Linux]
[See SuSE Linux]
localhost
logging
[See system logger]
loghost
logins
logwatch

[]
MAC addresses
[See email IMAP POP]
mail clients
mail servers
Mailcrypt
man-in-the-middle (MITM) attacks
MD5 checksum
[See man-in-the-middle attacks]
modules
Perl
writing system log entries
monitoring tools for networks
Mozilla
multi-homed hosts

[]
nc command
netgroups
netstat command
network filesystems
[See Snort]
network monitoring tools
networking
[See intrusion detection for networks monitoring systems for suspicious activity]
networks
[See also firewalls]
[See intrusion detection for networks Snort]
[See network filesystems]
[See network intrusion detection systems Snort]

[]
[See Tripwire]
[See SSH]
[See networks, protecting outgoing traffic]
ownership, file

[]
packet filtering
packet sniffers
passphrases
passwords
dsniff program
sudo command
pathnames
paths
[See regular expressions]
Perl scripts
PID (process ID)
Pine
pings
[See PAM]
policies
POP
port forwarding
portmappers
ports
preprocessors, Snort
[See PGP]
database for
priority
process IDs
processes
killing
listing
protocols
public keys
[See cryptographic authentication]

[]

[]
Red Hat Linux
redirecting
regular expressions (and pattern matching)
REJECT
relative pathnames
remote hosts
restricting access to TCP service
remote programs, invoking securely
reports, Tripwire
root
sharing privileges
rootkits
routers
RPC services

[]
S/MIME
scp command
secret keys
[See SSL]
[See policies]
[See monitoring systems for suspicious activity]
sendmail
[See Kerberos; PAM; SSH; SSL; trusted-host authentication]
service names
setgid/setuid programs
setgid/setuid programs, security checks
sharing files
shell scripts
shells
[See digital signatures]
single computer
size, file
SMTP
[See Tripwire]
source address verification
source addresses
spoofed addresses
[See ssh-agent]
ssh command
sshd_config file
SSL-port
sticky bit
strings
[See inetd]
[See xinetd]
[See also root]
SuSE Linux
switched networks
symbolic links
syslog.conf file
syslogd
system logger
writing system log entries
system_auth (/etc/pam.d startup file)
systems
[See monitoring systems for suspicious activity]

[]
! (exclamation point)
/proc files
/var/log/secure

[]
tar utility
TCP
TCP-wrappers
TCP/IP connections
tcpd
restricting access by remote hosts
tcsh shell
Telnet
access control
terminals
[See monitoring systems for suspicious activity]
[See PEM format]
timestamps
[See SSL]
[See SSL]
Trojan horses
implications of
tunneling

[]
UDP
umask
user accounts
users

[]
vim editor
vulnerability to attacks

[]

[]
X Window System
xargs program
xinetd.conf file

Recipe 1.1 Setting Up Tripwire

1.1.1 Problem

You want to prepare a computer to useTripwire for the first time.

1.1.2 Solution

After you have installed Tripwire, do the following:

# cd /etc/tripwire# ./twinstall.sh# tripwire --init# rm twcfg.txt twpol.txt

1.1.3 Discussion

The scripttwinstall.sh performs the following tasks withinthe directory /etc/tripwire:

Creates the site key and the local key, promptingyou to enter their passphrases. (If the keys exist, this step isskipped.) The site key is stored in site.key,and the local key in hostname-local.key , where hostname is the hostname of the machine.
Signs the default configuration file, twcfg.txt,with the site key, creating tw.cfg.
Signs the defaultpolicy file,twpol.txt, with the site key, creatingtw.pol.

If for some reason your system doesn't havetwinstall.sh, equivalent manual steps are:

Helpful variables:DIR=/etc/tripwireSITE_KEY=$DIR/site.keyLOCAL_KEY=$DIR/`hostname`-local.keyGenerate the site key:# twadmin --generate-keys --site-keyfile $SITE_KEYGenerate the local key:# twadmin --generate-keys --local-keyfile $LOCAL_KEYNext page

Light

Font size:

↓

↑

Reset

Interval:

↓

↑

Bookmark:

Make

Similar books «Linux Security Cookbook»

Look at similar books to Linux Security Cookbook. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.

Dieterle

Basic security testing with Kali Linux test your computer system security by using the same tactics that an attacker would use

Tevault

Mastering Linux Security and Hardening

Tajinder Kalsi

Practical Linux Security Cookbook

Dean

Linux administration cookbook insightful recipes to work with system administration tasks on Linux

Kalsi

Practical Linux security cookbook: secure your Linux environment from modern-day attacks with practical recipes

Gilberto Nájera-Gutiérrez

Kali Linux Web Penetration Testing Cookbook

Hatch

Hacking exposed Linux: Linux security secrets & solutions

Michael Hixon

Kali Linux. Network Scanning Cookbook

William Rothwell

Linux Essentials for Cybersecurity

Corey P. Schultz

Kali Linux Cookbook

Tony Bautts

Linux Network Administrators Guide

James Kent Lewis

Linux Utilities Cookbook

Reviews about «Linux Security Cookbook»

Discussion, reviews of the book Linux Security Cookbook and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.