Linux system security : an administrator's guide to open source security tools

As more companies are moving to Linux for mission-critical applications, security becomes a major issue. This guide explains the pros and cons of the most the valuable open source security tools and is complete with implementation details. It gives detailed instructions on the implementation, configuration, and use of publicly available tools and features of Linux as they relate to Linux security. Essential background information is provided in the book's introductory chapters. Administrators will learn to: Prepare Linux systems for a production environment; Identify vulnerabilities, and planning for security administration; Configure Linux-based firewalls, authentication, and encryption; Secure filesystems, email, web servers, and other key applications; Protect mixed Linux/Unix and Windows environments. New to this Edition: Updated for Redhat 7.2 ; One of the first Linux security books to cover Bastille, a hardening program which tightens system security and can even lock down the entire system in cases where the system is seriously compromised; New chapter on network sniffers and port scanners used to detect intruders; Will Cover Open SSH - the new open source version of a popular suite of connectivity tools which allow you to login into remote computers and execute commands on these computers. Open SSH contains encryption capabilities that encrypts all traffic including passwords.

Preface. 1. How Did That Happen?: Vulnerability Survey. What Happened? So, Are You Going to Show Us How to Break into Systems? A Survey of Vulnerabilities and Attacks. Summary. For Further Reading. 2. Imagine That! You're Big Brother! Security Policies. What Is Computer and Network Security? Securing Computers and Networks. User Privacy and Administrator Ethics. Summary. For Further Reading. 3. This 'n That: Background Information. BIOS Passwords. Linux Installation and LILO. Start-Up Scripts. Red Hat Package Manager. TCP/IP Networking Overview. Request for Comment. Cryptography. Testing and Production Environments. Licenses. 4. Of Course I Trust My Users! Users, Permissions, and Filesystems. User Account Management. The Root Account. Group Account Management. File and Directory Permissions. Using xlock and xscreensaver. Filesystem Restrictions. Access Control Lists and Extended Attributes. Summary. For Further Reading. 5. Been Cracked? Just Put PAM on It! Pluggable Authentication Modules. PAM Overview. PAM Administration. PAM Logs. Available PAM Modules. PAM-Aware Applications. Important Notes about Configuring PAM. The Future of PAM. Summary. For Further Reading. 6. Just Once, Only Once! One-Time Passwords. The Purpose of One-Time Passwords. S/Key. Which OTP System Should I Use? S/Key Vulnerabilities. Summary. For Further Reading. 7. Bean Counting: System Accounting. General System Accounting. Connection Accounting. Process Accounting. Accounting Files. Summary. For Further Reading. 8. And You Thought Wiretapping Was for the Feds! System Logging. The syslog System Logging Utility. Other Logs. Alternatives to syslog. The auditd Utility. Summary. For Further Reading. 9. Want To Be Root? Superuser Do (sudo). What Is sudo? Obtaining and Implementing sudo. Using sudo. PAM and sudo. Disabling root Access. Vulnerabilities of sudo. Summary. For Further Reading. 10. Which Doors Are Open? Securing Network Services: xinetd. Using xinetd. Summary. For Further Reading. Internet Services Resources. 11. Let 'Em Sniff the Net! The Secure Shell. Available Versions of SSH. Overview of SSH Version 1. Overview of SSH Version 2. Installing OpenSSH. Configuring the Secure Shell. Using SSH. Configuring SSH Authentication Behavior. Exploring ssh Functionality. Secure Shell Alternatives. Summary. For Further Reading. 12. So You Think You've Got a Good Password! Crack. Obtaining Crack. Major Components of Crack. Crack Overview. Building Crack. Compiling and Linking Crack. Crack Dictionaries. Using Crack. The White Hat Use of Crack. Summary. For Further Reading. 13. What's Been Happening? Auditing Your System with Bastille. Bastille Overview. Obtaining and Installing Bastille. Configuring Bastille. Duplicating Setup on Additional Hosts. UNDO! Automated Bastille. Summary. 14. Setting the Trap: Tripwire. Tripwire Overview. Obtaining and Installing Tripwire. Tripwire Version 2.3.1-5. Configuring Tripwire. The Tripwire Configuration File. The Tripwire Policy File. The tripwire Command. Initializing the Tripwire Database. Effective Tripwire Initialization. Routine Tripwire Runs3/4Compare Mode. Tripwire Update Mode. Policy Update Mode. Testing Email Notification. Twprint. Summary. For Further Reading. 15. We Must Censor! Part 1: ipchains. What is a Firewall? Packet Filtering. Configuring the Kernel for ipchains. ipchains Overview. Introduction to Using ipchains. Packet Fragments. IP Masquerading. Adding Custom Chains. Antispoofing Rules. Rule Ordering Is Important! Saving and Restoring Rules. Rule Writing and Logging Tips. Building Your Firewall. ipchains IsnOt Just for Firewalls! A Few More Thingsu Supplementary Utilities. The Next Generationu Summary. For Further Reading. 16. We Must Censor! Part 2: iptables. Netfilter Overview. The iptables Utility. iptables Examples. Summary. For Further Reading. 17. Who's Watching Now? Scanners, Sniffers, and Detectors. Introduction. Scanners. Sniffers. Detectors. Summary. For Further Reading. 18. Wiretapping Is Not So Much Fun after All! Log File Management. General Log File Management. Logrotate. Swatch. Logcheck. Summary. 19. This Is an Awful Lot of Work! Implementing and Managing Security. So, Where Do I Start? Reducing the Workload. What If My Systems Are Already in the Production Environment? The Internal Network. Firewalls and the DMZ. Break-in Recovery. Adding New Software. Only through Knowledgeu Appendix A. Keeping Up to Date. Web Pages. Full Disclosure Resources. Mailing Lists. Appendix B. Tools Not Covered. Appendix C. OPIE. Obtaining and Installing OPIE. Implementing and Using OPIE. OPIE and PAM. Appendix D. Securing Network Services: TCP_Wrappers and portmap. TCP_Wrappers. The Portmapper. Unwrapped Services. For Further Reading. Appendix E. The Cryptographic and Transparent Cryptographic Filesystems. Overview of the Cryptographic File System. Obtaining and Installing CFS. Using CFS. Vulnerabilities of CFS. Overview of TCFS. Obtaining and Installing TCFS. The TCFS Client Side. Using TCFS. Vulnerabilities of TCFS. CFS and TCFS Comparison. Securely Deleting Files. Alternatives to CFS and TCFS. Summary. For Further Reading. Glossary. Index.