Real World Linux Security

Newly revised edition of the top-selling book.

Auteur

BOB TOXEN has 28 years of UNIX/Linux experience. One of the 162 recognized developers of Berkeley UNIX, he learned about security as a student at UC Berkeley, where he cracked several of the original UNIX systems there. He is now President of Fly-By-Day Consulting, specializing in Linux and network security, firewalls, VPNs, 24x7 network monitoring, response, and administration for clients worldwide. In 2002, his recommendations were included in a report on improving U.S. intelligence that was presented to President Bush at the President's request. Toxen currently works with the U.S. Centers for Disease Control and Prevention to combat bioterrorism.

Texte du rabat

"You have in your hands a book I've been waiting to read for years-a practical, hands-on guide to hardening your Linux system." -From the foreword by Eric S. Raymond

• Safeguard your Linux systems against today's most vicious attacks!
• Realistic, step-by-step techniques from one of the world's leading Linux security experts
• Covers IP Tables, ARP attacks, adaptive firewalls, VPNs, wireless networks, Samba, monitoring, 2.4 kernel security, and much more
• Quick and effective recovery from intrusions
• Web site contains important new tools for monitoring networks and locking out hackers"A comprehensive guide to system security: covers everything from hardening a system to system recovery after an attack." -Steve Bourne, Creator of the Bourne Shell

Stop today's most vicious Internet attackers-right in their tracks!

Your Linux system will be attacked: maybe in minutes, certainly in days. Be ready! Real World Linux Security, Second Edition brings together state-of-the-art solutions and exclusive software for safeguarding any Linux-based system or network, and fighting off any intrusion. Top Linux security consultant Bob Toxen has thoroughly revamped this definitive guide to reflect today's most vicious Internet attacks-and arm you with breakthrough resources for protecting yourself!

• Surprising new IP Tables research every netadmin must know about
• New techniques and software for detecting and blocking ARP and Switch attacks
• Important enhancements to Linux-based adaptive firewalls
• Thoroughly revised coverage of Samba security for Windows clients
• 802.11b wireless networks security
• How to make the most of Logcheck, Portsentry, and other new monitoring tools
• VPN and instant messaging security, GNU Privacy Guard, 2.4 kernel issues, and much more
• Includes all-new chapter on physical security
• Reviewed by some of the world's leading Linux security experts!Web Site The accompanying web site contains the author's own state-of-the-art software for instantly locking out hackers and alerting system administrators. The website contents also include exclusive IP Tables and IP Chains firewall scripts (rule sets), as well as powerful new tools for monitoring network health, detecting and reporting suspicious activities, securing backups, simplifying recovery, and much more.

Résumé

Newly revised edition of the top-selling book.

Contenu

List of Figures.

List of Tables.

Foreword.

Acknowledgments.

About the Author.

1. Introduction.

Introduction to the Second Edition. Who Should Read This Book? How This Book Is Organized. What Are You Protecting? Who Are Your Enemies? What They Hope to Accomplish. Costs: Protection versus Break-Ins. Protecting Hardware. Protecting Network and Modem Access. Protecting System Access. Protecting Files. Preparing for and Detecting an Intrusion. Recovering from an Intrusion.

I. SECURING YOUR SYSTEM. 2. Quick Fixes for Common Problems.

Understanding Linux Security. The Seven Most Deadly Sins. Passwords: A Key Point for Good Security. Advanced Password Techniques. Protecting the System from User Mistakes. Forgiveness Is Better than Permission. Dangers and Countermeasures During Initial System Setup. Limiting Unreasonable Access. Firewalls and the Corporate Moat. Turn Off Unneeded Services. High Security Requires Minimum Services. Replace These Weak Doors with Brick. New Lamps for Old. United We Fall, Divided We Stand.

3. Quick and Easy Hacking and How to Avoid It.

X Marks the Hole. Law of the Jungle-Physical Security. Physical Actions. Selected Short Subjects. Terminal Device Attacks. Disk Sniffing.

4. Common Hacking by Subsystem.

NFS, mountd, and portmap. Sendmail. Telnet. FTP. The rsh, rcp, rexec, and rlogin Services. DNS (named, a.k.a. BIND). POP and IMAP Servers. Doing the Samba. Stop Squid from Inking Out Their Trail. The syslogd Service. The print Service (lpd). The ident Service. INND and News. Protecting Your DNS Registration.

5. Common Hacker Attacks.

Rootkit Attacks (Script Kiddies). Packet Spoofing Explained. SYN Flood Attack Explained. Defeating SYN Flood Attacks. Defeating TCP Sequence Spoofing. Packet Storms, Smurf Attacks, and Fraggles. Buffer Overflows or Stamping on Memory with gets(). Spoofing Techniques. Man-in-the-Middle Attack.

6. Advanced Security Issues.

Configuring Netscape for Higher Security. Stopping Access to I/O Devices. Scouting Out Apache (httpd) Problems. Special Techniques for Web Servers. One-Way Credit Card Data Path for Top Security. Hardening for Very High Security. Restricting Login Location and Times. Obscure but Deadly Problems. Defeating Login Simulators. Stopping Buffer Overflows with Libsafe.

7. Establishing Security Policies.

General Policy. Personal Use Policy. Accounts Policy. E-Mail Policy. Instant Messenger (IM) Policy. Web Server Policy. File Server and Database Policy. Firewall Policy. Desktop Policy. Laptop Policy. Disposal Policy. Network Topology Policy. Problem Reporting Policy. Ownership Policy. Policy Policy.

8. Trusting Other Computers.

Secure Systems and Insecure Systems. Trust No One-The Highest Security. Linux and UNIX Systems Within Your Control. Mainframes Within Your Control. A Window Is Worth a Thousand Cannons. Firewall Vulnerabilities. Virtual Private Networks. Viruses and Linux.

9. Gutsy Break-Ins.

Mission Impossible Techniques. Spies. Fanatics and Suicide Attacks.

10. Case Studies.

Confessions of a Berkeley System Mole. Knights of the Realm (Forensics). Ken Thompson Cracks the Navy. The Virtual Machine Trojan. AOL's DNS Change Fiasco. I'm Innocent, I Tell Ya! Cracking with a Laptop and a Pay Phone. Take a Few Cents off the Top. Nonprofit Organization Runs Out of Luck. Persistence with Recalcitrant SysAdmins Pays Off. Net Shipped with Nimda.

11. Recent Break-Ins.

Fragmentation Attacks. IP Masquerading Fails for ICMP. The Ping of Death Sinks Dutch Shipping Company. Captain, We're Being Scanned! (Stealth Scans). Cable Modems: A Cracker's Dream. Using Sendmail to Block E-Mail Attacks. Sendmail Account Guessing. The Mysterious Ingreslock. You're Being Tracked. Distributed Denial of Service (Coordinated) Attacks. Stealth Trojan Horses. Linuxconf via TCP Port 98. Evil HTML Tags and Script. Format Problems with syslog().

II. PREPARING FOR AN INTRUSION. 12. Hardening Your System.

Protecting User Sessions with SSH. Virtual Private Networks (VPNs). Pretty Good Privacy (PGP). Using GPG to Encrypt Files the Easy Way. Firewalls with IP Tables and DMZ. Firewalls with IP Chains and DMZ.

13. Preparing Your Hardware.

Timing Is Everything. Advanced Preparation. Switch to Auxiliary Control (Hot Backups).

14. Preparing Your Configuration.

TCP Wrappers. Adaptive Firewalls: Raising the Drawbridge with the Cracker Trap. Ending Cracker Servers with a Kernel Mod. Fire Drills. Break into Your Own System with Tiger Teams.

15. Scanning Your Own System.

The Nessus Security Scanner. The SARA and SAINT Secur…