Part II: Preparing for an Intrusion

   


Part II covers advance preparation for the possibility of being cracked. You learn about tools whose sole purpose is to harden your system. This differentiates them from the hardening of general tools that was discussed in Part I. Some of the tools you will cover are SSH, IP Chains (firewall construction), PGP, TCP Wrappers, and nmap. A brief look at several intrusion detection systems is given. You then prepare for a possible intrusion; it would be unrealistic not to prepare for the possibility. This preparation also will minimize the damage and enable you to come back online much more quickly, frequently in a few minutes instead of many hours or days.

The preparation includes backup data and hardware and hardening your system against intrusions. Detection of intrusion attempts (successful and unsuccessful) is covered in Part III and recovery is discussed in Part IV. Although this preparation takes time and money, it will pay for itself if you are cracked. Additionally, failure to do these things might be considered negligence in court where you or your company will be dragged in the event stockholders or customers lose money (or worse) as a result of the break-in.

First, hardening the system is covered. By this, it is meant making the "Rings of Security" harder to penetrate. Admittedly, the line between hardening and the many sections of Part I is not sharp. The programs discussed in Part I are standard Linux utilities whose primary function is not security. The tools covered here are solely for increasing security of a Linux system.

Most SysAdmins have heard of at least some of these tools but few are using all of them. In some cases, their installation and use can be baffling to someone encountering them for the first time. In other cases, although you might be able to do a basic installation, some of their power and dangers are not known. These issues will be addressed.

You then consider the hardware. You look at having spare disks and entire spare systems set up as "hot backup" systems. Although most people see lots of money and trouble at the mention of backup systems, this does not have to be, as shall be revealed. Lastly, you will explore ways of scanning your systems for vulnerabilities that have been overlooked.

The chapters in this part are:

  • Chapter 12, "Hardening Your System"

  • Chapter 13, "Preparing Your Hardware"

  • Chapter 14, "Preparing Your Configuration"

  • Chapter 15, "Scanning Your Own System"



   
Top


Real World Linux Security Prentice Hall Ptr Open Source Technology Series
Real World Linux Security Prentice Hall Ptr Open Source Technology Series
ISBN: N/A
EAN: N/A
Year: 2002
Pages: 260

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net