Hardening Linux
Hardening Linux
ISBN: 0072254971
EAN: 2147483647
EAN: 2147483647
Year: 2004
Pages: 113
Pages: 113
- Table of Contents
- BackCover
- Hardening Linux
- Foreword
- From Corey D. Schou
- Introduction
- Linux Naming Conventions Used in This Book
- Part I: Do These Seven Things First
- Chapter 1: Critical First Steps
- Examine Systems for Evidence of Compromise
- Check System Stability and Availability
- Part II: Take It From The Top: The Systematic Hardening Process
- Chapter 2: Hardening Network Access: Disable Unnecessary Services
- Step 1: Take the Machine Off the Network
- Step 2: Determine Required Services
- Step 3: Determine Services Dependencies
- Step 4: Prevent Services from Running
- Step 5: Reboot
- Step 6: Check Configuration for Unnecessary Services
- Step 7: Check Configuration for Necessary Services
- Step 8: Return the Machine to the Network
- Chapter 3: Installing Firewalls and Filters
- Take Stock
- Identify Protective Firewall Needs
- Chapter 4: Hardening Software Accessibility
- Identify Required Software
- Determine Software Dependencies
- Remove or Restrict Unneeded Software
- Install Software Securely
- Monitor Your Systems
- Chapter 5: Preparing for Disaster
- Do Not Build a Custom Kernel
- Document Server Setup and Record Changes
- Prepare Automated Reinstallation
- Chapter 6: Hardening Access Controls
- Review File and Directory Access Controls
- Chapter 7: Hardening Data Storage
- Use Proper Procedures
- Use GnuPG to Encrypt Files
- Use OpenSSL for File Encryption
- Install and Use a Cryptographic File System
- Chapter 8: Hardening Authentication and User Identity
- Correctly Configure PAM to Avoid Compromise
- Name Switching Service (NSS)
- Chapter 9: Restricted Execution Environments
- Use chroot to Protect a Service
- Build the chroot Directory Structure
- Install the Service(s) to the chroot Directory
- Configure the Service to Log Activity
- Troubleshoot chroot Environment Problems
- Combine chroot and Your Distribution s Security Capabilities
- Maintain chroot
- Chapter 10: Hardening Communications
- Secure Protocols
- IPSec
- Part III: Once Is Never Enough
- Chapter 11: Install Network Monitoring Software
- Install a Network Analyzer
- Utilize a Network Intrusion Detection System
- HoneypotsHoneynets
- Other Tools
- Chapter 12: Automatic Logfile Scanning
- Create a Logfile Policy
- Configure the syslog Daemon
- Set Up a Centralized Server
- Create a Centralized Server with syslog-ng and stunnel
- Other System Logfiles
- Search Logfiles
- Chapter 13: Patch Management and Monitoring
- Patch Monitoring and Management
- Chapter 14: Self-Monitoring Tools
- Install and Run a Host-Based Intrusion Detection System
- Install and Run a Password Checker
- Set Up Network Monitoring
- Part IV: How to Succeed at Hardening Linux
- Chapter 15: Budget Acquisition and Corporate Commitment to Security
- Obtain Management Support
- Perform a Risk Assessment
- Determine Return on Investment (ROI)
- Chapter 16: Establishing a Security Campaign
- Appendix: Additional Linux Security Resources
- General Security
- General Linux Security
- Linux Security Programs
- Index
- Index_B
- Index_C
- Index_D
- Index_E
- Index_F
- Index_G
- Index_H
- Index_I
- Index_J
- Index_K
- Index_L
- Index_M
- Index_N
- Index_O
- Index_P
- Index_R
- Index_S
- Index_T
- Index_U
- Index_V
- Index_W
- Index_X
- Index_Y
- List of Figures
- List of Tables
- List of Listings
- List of Sidebars
Hardening Linux
ISBN: 0072254971
EAN: 2147483647
EAN: 2147483647
Year: 2004
Pages: 113
Pages: 113