Practical Unix & Internet Security, 3rd Edition |
By Simson Garfinkel, Alan Schwartz, Gene Spafford |
| |
Publisher | : O'Reilly |
Pub Date | : February 2003 |
ISBN | : 0-596-00323-4 |
Pages | : 984 |
| Copyright |
| | Preface |
| | | Unix "Security"? |
| | | Scope of This Book |
| | | Which Unix System? |
| | | Conventions Used in This Book |
| | | Comments and Questions |
| | | Acknowledgments |
| | | A Note to Would-Be Attackers |
|
| | Part I: Computer Security Basics |
| | | Chapter 1. Introduction: Some Fundamental Questions |
| | | Section 1.1. What Is Computer Security? |
| | | Section 1.2. What Is an Operating System? |
| | | Section 1.3. What Is a Deployment Environment? |
| | | Section 1.4. Summary |
|
| | | Chapter 2. Unix History and Lineage |
| | | Section 2.1. History of Unix |
| | | Section 2.2. Security and Unix |
| | | Section 2.3. Role of This Book |
| | | Section 2.4. Summary |
|
| | | Chapter 3. Policies and Guidelines |
| | | Section 3.1. Planning Your Security Needs |
| | | Section 3.2. Risk Assessment |
| | | Section 3.3. Cost-Benefit Analysis and Best Practices |
| | | Section 3.4. Policy |
| | | Section 3.5. Compliance Audits |
| | | Section 3.6. Outsourcing Options |
| | | Section 3.7. The Problem with Security Through Obscurity |
| | | Section 3.8. Summary |
|
|
| | Part II: Security Building Blocks |
| | | Chapter 4. Users, Passwords, and Authentication |
| | | Section 4.1. Logging in with Usernames and Passwords |
| | | Section 4.2. The Care and Feeding of Passwords |
| | | Section 4.3. How Unix Implements Passwords |
| | | Section 4.4. Network Account and Authorization Systems |
| | | Section 4.5. Pluggable Authentication Modules (PAM) |
| | | Section 4.6. Summary |
|
| | | Chapter 5. Users, Groups, and the Superuser |
| | | Section 5.1. Users and Groups |
| | | Section 5.2. The Superuser (root) |
| | | Section 5.3. The su Command: Changing Who You Claim to Be |
| | | Section 5.4. Restrictions on the Superuser |
| | | Section 5.5. Summary |
|
| | | Chapter 6. Filesystems and Security |
| | | Section 6.1. Understanding Filesystems |
| | | Section 6.2. File Attributes and Permissions |
| | | Section 6.3. chmod: Changing a File's Permissions |
| | | Section 6.4. The umask |
| | | Section 6.5. SUID and SGID |
| | | Section 6.6. Device Files |
| | | Section 6.7. Changing a File's Owner or Group |
| | | Section 6.8. Summary |
|
| | | Chapter 7. Cryptography Basics |
| | | Section 7.1. Understanding Cryptography |
| | | Section 7.2. Symmetric Key Algorithms |
| | | Section 7.3. Public Key Algorithms |
| | | Section 7.4. Message Digest Functions |
| | | Section 7.5. Summary |
|
| | | Chapter 8. Physical Security for Servers |
| | | Section 8.1. Planning for the Forgotten Threats |
| | | Section 8.2. Protecting Computer Hardware |
| | | Section 8.3. Preventing Theft |
| | | Section 8.4. Protecting Your Data |
| | | Section 8.5. Story: A Failed Site Inspection |
| | | Section 8.6. Summary |
|
| | | Chapter 9. Personnel Security |
| | | Section 9.1. Background Checks |
| | | Section 9.2. On the Job |
| | | Section 9.3. Departure |
| | | Section 9.4. Other People |
| | | Section 9.5. Summary |
|
|
| | Part III: Network and Internet Security |
| | | Chapter 10. Modems and Dialup Security |
| | | Section 10.1. Modems: Theory of Operation |
| | | Section 10.2. Modems and Security |
| | | Section 10.3. Modems and Unix |
| | | Section 10.4. Additional Security for Modems |
| | | Section 10.5. Summary |
|
| | | Chapter 11. TCP/IP Networks |
| | | Section 11.1. Networking |
| | | Section 11.2. IP: The Internet Protocol |
| | | Section 11.3. IP Security |
| | | Section 11.4. Summary |
|
| | | Chapter 12. Securing TCP and UDP Services |
| | | Section 12.1. Understanding Unix Internet Servers and Services |
| | | Section 12.2. Controlling Access to Servers |
| | | Section 12.3. Primary Unix Network Services |
| | | Section 12.4. Managing Services Securely |
| | | Section 12.5. Putting It All Together: An Example |
| | | Section 12.6. Summary |
|
| | | Chapter 13. Sun RPC |
| | | Section 13.1. Remote Procedure Call (RPC) |
| | | Section 13.2. Secure RPC (AUTH_DES) |
| | | Section 13.3. Summary |
|
| | | Chapter 14. Network-Based Authentication Systems |
| | | Section 14.1. Sun's Network Information Service (NIS) |
| | | Section 14.2. Sun's NIS+ |
| | | Section 14.3. Kerberos |
| | | Section 14.4. LDAP |
| | | Section 14.5. Other Network Authentication Systems |
| | | Section 14.6. Summary |
|
| | | Chapter 15. Network Filesystems |
| | | Section 15.1. Understanding NFS |
| | | Section 15.2. Server-Side NFS Security |
| | | Section 15.3. Client-Side NFS Security |
| | | Section 15.4. Improving NFS Security |
| | | Section 15.5. Some Last Comments on NFS |
| | | Section 15.6. Understanding SMB |
| | | Section 15.7. Summary |
|
| | | Chapter 16. Secure Programming Techniques |
| | | Section 16.1. One Bug Can Ruin Your Whole Day . . . |
| | | Section 16.2. Tips on Avoiding Security-Related Bugs |
| | | Section 16.3. Tips on Writing Network Programs |
| | | Section 16.4. Tips on Writing SUID/SGID Programs |
| | | Section 16.5. Using chroot( ) |
| | | Section 16.6. Tips on Using Passwords |
| | | Section 16.7. Tips on Generating Random Numbers |
| | | Section 16.8. Summary |
|
|
| | Part IV: Secure Operations |
| | | Chapter 17. Keeping Up to Date |
| | | Section 17.1. Software Management Systems |
| | | Section 17.2. Updating System Software |
| | | Section 17.3. Summary |
|
| | | Chapter 18. Backups |
| | | Section 18.1. Why Make Backups? |
| | | Section 18.2. Backing Up System Files |
| | | Section 18.3. Software for Backups |
| | | Section 18.4. Summary |
|
| | | Chapter 19. Defending Accounts |
| | | Section 19.1. Dangerous Accounts |
| | | Section 19.2. Monitoring File Format |
| | | Section 19.3. Restricting Logins |
| | | Section 19.4. Managing Dormant Accounts |
| | | Section 19.5. Protecting the root Account |
| | | Section 19.6. One-Time Passwords |
| | | Section 19.7. Administrative Techniques for Conventional Passwords |
| | | Section 19.8. Intrusion Detection Systems |
| | | Section 19.9. Summary |
|
| | | Chapter 20. Integrity Management |
| | | Section 20.1. The Need for Integrity |
| | | Section 20.2. Protecting Integrity |
| | | Section 20.3. Detecting Changes After the Fact |
| | | Section 20.4. Integrity-Checking Tools |
| | | Section 20.5. Summary |
|
| | | Chapter 21. Auditing, Logging, and Forensics |
| | | Section 21.1. Unix Log File Utilities |
| | | Section 21.2. Process Accounting: The acct/pacct File |
| | | Section 21.3. Program-Specific Log Files |
| | | Section 21.4. Designing a Site-Wide Log Policy |
| | | Section 21.5. Handwritten Logs |
| | | Section 21.6. Managing Log Files |
| | | Section 21.7. Unix Forensics |
| | | Section 21.8. Summary |
|
|
| | Part V: Handling Security Incidents |
| | | Chapter 22. Discovering a Break-in |
| | | Section 22.1. Prelude |
| | | Section 22.2. Discovering an Intruder |
| | | Section 22.3. Cleaning Up After the Intruder |
| | | Section 22.4. Case Studies |
| | | Section 22.5. Summary |
|
| | | Chapter 23. Protecting Against Programmed Threats |
| | | Section 23.1. Programmed Threats: Definitions |
| | | Section 23.2. Damage |
| | | Section 23.3. Authors |
| | | Section 23.4. Entry |
| | | Section 23.5. Protecting Yourself |
| | | Section 23.6. Preventing Attacks |
| | | Section 23.7. Summary |
|
| | | Chapter 24. Denial of Service Attacks and Solutions |
| | | Section 24.1. Types of Attacks |
| | | Section 24.2. Destructive Attacks |
| | | Section 24.3. Overload Attacks |
| | | Section 24.4. Network Denial of Service Attacks |
| | | Section 24.5. Summary |
|
| | | Chapter 25. Computer Crime |
| | | Section 25.1. Your Legal Options After a Break-in |
| | | Section 25.2. Criminal Hazards |
| | | Section 25.3. Criminal Subject Matter |
| | | Section 25.4. Summary |
|
| | | Chapter 26. Who Do You Trust? |
| | | Section 26.1. Can You Trust Your Computer? |
| | | Section 26.2. Can You Trust Your Suppliers? |
| | | Section 26.3. Can You Trust People? |
| | | Section 26.4. Summary |
|
|
| | Part VI: Appendixes |
| | | Appendix A. Unix Security Checklist |
| | | Section A.1. Preface |
| | | Section A.2. Chapter 1: Introduction: Some Fundamental Questions |
| | | Section A.3. Chapter 2: Unix History and Lineage |
| | | Section A.4. Chapter 3: Policies and Guidelines |
| | | Section A.5. Chapter 4: Users, Passwords, and Authentication |
| | | Section A.6. Chapter 5: Users, Groups, and the Superuser |
| | | Section A.7. Chapter 6: Filesystems and Security |
| | | Section A.8. Chapter 7: Cryptography Basics |
| | | Section A.9. Chapter 8: Physical Security for Servers |
| | | Section A.10. Chapter 9: Personnel Security |
| | | Section A.11. Chapter 10: Modems and Dialup Security |
| | | Section A.12. Chapter 11: TCP/IP Networks |
| | | Section A.13. Chapter 12: Securing TCP and UDP Services |
| | | Section A.14. Chapter 13: Sun RPC |
| | | Section A.15. Chapter 14: Network-Based Authentication Systems |
| | | Section A.16. Chapter 15: Network Filesystems |
| | | Section A.17. Chapter 16: Secure Programming Techniques |
| | | Section A.18. Chapter 17: Keeping Up to Date |
| | | Section A.19. Chapter 18: Backups |
| | | Section A.20. Chapter 19: Defending Accounts |
| | | Section A.21. Chapter 20: Integrity Management |
| | | Section A.22. Chapter 21: Auditing, Logging, and Forensics |
| | | Section A.23. Chapter 22: Discovering a Break-In |
| | | Section A.24. Chapter 23: Protecting Against Programmed Threats |
| | | Section A.25. Chapter 24: Denial of Service Attacks and Solutions |
| | | Section A.26. Chapter 25: Computer Crime |
| | | Section A.27. Chapter 26: Who Do You Trust? |
| | | Section A.28. Appendix A: Unix Security Checklist |
| | | Section A.29. Appendix B: Unix Processes |
| | | Section A.30. Appendixes C, D, and E: Paper Sources, Electronic Sources, and Organizations |
|
| | | Appendix B. Unix Processes |
| | | Section B.1. About Processes |
| | | Section B.2. Signals |
| | | Section B.3. Controlling and Examining Processes |
| | | Section B.4. Starting Up Unix and Logging In |
|
| | | Appendix C. Paper Sources |
| | | Section C.1. Unix Security References |
| | | Section C.2. Other Computer References |
|
| | | Appendix D. Electronic Resources |
| | | Section D.1. Mailing Lists |
| | | Section D.2. Web Sites |
| | | Section D.3. Usenet Groups |
| | | Section D.4. Software Resources |
|
| | | Appendix E. Organizations |
| | | Section E.1. Professional Organizations |
| | | Section E.2. U.S. Government Organizations |
| | | Section E.3. Emergency Response Organizations |
|
|
| | Colophon |
| | Index |