Real World Linux Security : Intrusion Prevention , Detection and Recovery
Steve Bourne, Creator of the Bourne Shell Your enemy is coming - are you ready? Its not a question of "if" but "when."
Will you be ready to protect your system when a cracker comes to call? Real World Linux Security goes beyond the books that merely detail system vulnerabilities; it offers system administrators practical solutions for safeguarding Linux systems and actively responding to break-in attempts.
Veteran Bob Toxen shows you how to know your enemies and stop them at the front gate, before they can damage your system.
The hands-on guide to protecting your Linux data - and yourself
*7 "deadly sins of Linux security" *Set up effective firewalls *Break-in case studies
*Develop internal security policies *Block spam
*Recover quickly from an intrusion About the CD-ROM The accompanying CD contains original software that locks out crackers and alerts system administrators. In addition, it includes programs that monitor system health and report suspicious activities, detect network sniffers, and speed backup and recovery. About the Author Bob Toxen has 26 years of UNIX/Linux experience, and is one of the 168 recognized developers of Berkeley UNIX. He learned about security as a student at UC Berkeley, when he played for "the other team," successfully cracking several of the original UNIX systems there. He is president of Fly-By-Day Consulting, specializing in Linux security, client/server creation, system administration, porting, and C programming. Technical Reviewers
*Kurt Seifried, Sr. Analyst, SecurityPortal
*Dr. Indira Moyer, Consultant
*Larry Gee, Architect, ApplianceWare
*Michael Warfield, Sr. Wizard X-Force, Internet Security Systems
*Stephen Friedl, Consultant
*Mike OShaughnessy, Quarry Technologies Table of Contents
List of Figures. List of Tables.
Foreword. Acknowledgments. About the Author.
1. Introduction. Who Should Read This Book? How This Book Is Organized. What Are You Protecting? Who Are Your Enemies? What They Hope to Accomplish. Costs: Protection versus Break-Ins. Protecting Hardware. Protecting Network and Modem Access. Protecting System Access. Protecting Files. Preparing for and Detecting an Intrusion. Recovering from an Intrusion.
I. SECURING YOUR SYSTEM.
2. Quick Fixes for Common Problems.
Understanding Linux Security. The Seven Most Deadly Sins. Passwords-A Key Point for Good Security. Advanced Password Techniques. Protecting the System from User Mistakes. Forgiveness Is Better Than Permission. Dangers and Countermeasures During Initial System Setup. Limiting Unreasonable Access. Firewalls and the Corporate Moat. Turn Off Unneeded Services. High Security Requires Minimum Services. Replace These Weak Doors with Brick. New Lamps for Old. United We Fall, Divided We Stand.
3. Quick and Easy Break-Ins and How to Avoid Them.
X Marks the Hole. Physical Intrusions. Selected Short Subjects. Terminal Device Attacks. Disk Sniffing.
4. Common Break-Ins by Subsystem. NFS, mountd, and portmap.
Sendmail. Telnet. FTP. The rsh, rcp, rexec, and rlogin Services. DNS (named, a.k.a BIND). POP and IMAP Servers. Doing the Samba. Stop Squid from Inking Out Their Trail. The syslogd Service. The print Service (lpd). The ident Service. INND and News. Protecting Your DNS Registration.
5. Common Attacks. Rootkit Attacks (Script Kiddies).
Packet Spoofing Explained. SYN Flood Attack Explained. Defeating SYN Flood Attacks. Defeating TCP Sequence Spoofing. Packet Storms, Smurf Attacks, and Fraggles. Buffer Overflows or Stamping on Memory with gets(). Spoofing Techniques. Man in the Middle Attack.
6. Advanced Security Issues.
Configuring Netscape for Higher Security. Stopping Access to I/O Devices. Scouting Out Apache (httpd) Problems. Special Techniques for Web Servers. One-Way Credit Card Data Path for Top Security. Hardening for Very High Security. Restricting Login Location and Times. Obscure but Deadly Problems. Defeating Login Simulators. Stopping Buffer Overflows with Libsafe.
7. Establishing Security Policies. General Policy.
Personal Use Policy. Accounts Policy. E-Mail Policy. Web Server Policy. File Server and Database Policy. Firewall Policy. Desktop Policy. Laptop Policy. Disposal Policy. Network Topology Policy. Problem Reporting Policy. Ownership Policy. Policy Policy.
8. Trusting Other Computers. Secure Systems and Insecure Systems.
Linux and UNIX Systems Within Your Control. Mainframes Within Your Control. A Window Is Worth a Thousand Cannons. Firewall Vulnerabilities. Virtual Private Networks. Viruses and Linux.
9. Gutsy Break-Ins. Mission Impossible Techniques. Spies. Fanatics and Suicide Attacks.
10. Case Studies. Confessions of a Berkeley System Mole.
Knights of the Realm (Forensics). Ken Thompson Cracks the Navy. The Virtual Machine Trojan. AOLs DNS Chang