Linux Security Cookbook

Valutazione media 3,81
( su 21 valutazioni fornite da GoodReads )
 
9780596003913: Linux Security Cookbook

Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes--short, focused pieces of code that administrators can use to improve security and perform common tasks securely.The Linux Security Cookbook includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure.Some of the "recipes" you'll find in this book are:

  • Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more
  • Monitoring your network with tcpdump, dsniff, netstat, and other tools
  • Protecting network connections with Secure Shell (SSH) and stunnel
  • Safeguarding email sessions with Secure Sockets Layer (SSL)
  • Encrypting files and email messages with GnuPG
  • Probing your own security with password crackers, nmap, and handy scripts
This cookbook's proven techniques are derived from hard-won experience. Whether you're responsible for security on a home Linux system or for a large corporation, or somewhere in between, you'll find valuable, to-the-point, practical recipes for dealing with everyday security issues. This book is a system saver.

Le informazioni nella sezione "Riassunto" possono far riferimento a edizioni diverse di questo titolo.

L'autore:

Dan Barrett has been immersed in Internet technology since 1985. Currently working as a software engineer, Dan has also been a heavy metal singer, Unix system administrator, university lecturer, web designer, and humorist. He has written several O'Reilly books, as well as monthly columns for Compute! and Keyboard Magazine. Dan and his family reside in Boston.

Richard E. Silverman has a B.A. in computer science and an M.A. in pure mathematics. Richard has worked in the fields of networking, formal methods in software development, public-key infrastructure, routing security, and Unix systems administration. He is the co-author of SSH, The Secure Shell: The Definitive Guide.

Contenuti:

Preface; A Cookbook About Security?!?; Intended Audience; Roadmap of the Book; Our Security Philosophy; Supported Linux Distributions; Trying the Recipes; Conventions Used in This Book; We'd Like to Hear from You; Acknowledgments; Chapter 1: System Snapshots with Tripwire; 1.1 Setting Up Tripwire; 1.2 Displaying the Policy and Configuration; 1.3 Modifying the Policy and Configuration; 1.4 Basic Integrity Checking; 1.5 Read-Only Integrity Checking; 1.6 Remote Integrity Checking; 1.7 Ultra-Paranoid Integrity Checking; 1.8 Expensive, Ultra-Paranoid Security Checking; 1.9 Automated Integrity Checking; 1.10 Printing the Latest Tripwire Report; 1.11 Updating the Database; 1.12 Adding Files to the Database; 1.13 Excluding Files from the Database; 1.14 Checking Windows VFAT Filesystems; 1.15 Verifying RPM-Installed Files; 1.16 Integrity Checking with rsync; 1.17 Integrity Checking Manually; Chapter 2: Firewalls with iptables and ipchains; 2.1 Enabling Source Address Verification; 2.2 Blocking Spoofed Addresses; 2.3 Blocking All Network Traffic; 2.4 Blocking Incoming Traffic; 2.5 Blocking Outgoing Traffic; 2.6 Blocking Incoming Service Requests; 2.7 Blocking Access from a Remote Host; 2.8 Blocking Access to a Remote Host; 2.9 Blocking Outgoing Access to All Web Servers on a Network; 2.10 Blocking Remote Access, but Permitting Local; 2.11 Controlling Access by MAC Address; 2.12 Permitting SSH Access Only; 2.13 Prohibiting Outgoing Telnet Connections; 2.14 Protecting a Dedicated Server; 2.15 Preventing pings; 2.16 Listing Your Firewall Rules; 2.17 Deleting Firewall Rules; 2.18 Inserting Firewall Rules; 2.19 Saving a Firewall Configuration; 2.20 Loading a Firewall Configuration; 2.21 Testing a Firewall Configuration; 2.22 Building Complex Rule Trees; 2.23 Logging Simplified; Chapter 3: Network Access Control; 3.1 Listing Your Network Interfaces; 3.2 Starting and Stopping the Network Interface; 3.3 Enabling/Disabling a Service (xinetd); 3.4 Enabling/Disabling a Service (inetd); 3.5 Adding a New Service (xinetd); 3.6 Adding a New Service (inetd); 3.7 Restricting Access by Remote Users; 3.8 Restricting Access by Remote Hosts (xinetd); 3.9 Restricting Access by Remote Hosts (xinetd with libwrap); 3.10 Restricting Access by Remote Hosts (xinetd with tcpd); 3.11 Restricting Access by Remote Hosts (inetd); 3.12 Restricting Access by Time of Day; 3.13 Restricting Access to an SSH Server by Host; 3.14 Restricting Access to an SSH Server by Account; 3.15 Restricting Services to Specific Filesystem Directories; 3.16 Preventing Denial of Service Attacks; 3.17 Redirecting to Another Socket; 3.18 Logging Access to Your Services; 3.19 Prohibiting root Logins on Terminal Devices; Chapter 4: Authentication Techniques and Infrastructures; 4.1 Creating a PAM-Aware Application; 4.2 Enforcing Password Strength with PAM; 4.3 Creating Access Control Lists with PAM; 4.4 Validating an SSL Certificate; 4.5 Decoding an SSL Certificate; 4.6 Installing a New SSL Certificate; 4.7 Generating an SSL Certificate Signing Request (CSR); 4.8 Creating a Self-Signed SSL Certificate; 4.9 Setting Up a Certifying Authority; 4.10 Converting SSL Certificates from DER to PEM; 4.11 Getting Started with Kerberos; 4.12 Adding Users to a Kerberos Realm; 4.13 Adding Hosts to a Kerberos Realm; 4.14 Using Kerberos with SSH; 4.15 Using Kerberos with Telnet; 4.16 Securing IMAP with Kerberos; 4.17 Using Kerberos with PAM for System-Wide Authentication; Chapter 5: Authorization Controls; 5.1 Running a root Login Shell; 5.2 Running X Programs as root; 5.3 Running Commands as Another User via sudo; 5.4 Bypassing Password Authentication in sudo; 5.5 Forcing Password Authentication in sudo; 5.6 Authorizing per Host in sudo; 5.7 Granting Privileges to a Group via sudo; 5.8 Running Any Program in a Directory via sudo; 5.9 Prohibiting Command Arguments with sudo; 5.10 Sharing Files Using Groups; 5.11 Permitting Read-Only Access to a Shared File via sudo; 5.12 Authorizing Password Changes via sudo; 5.13 Starting/Stopping Daemons via sudo; 5.14 Restricting root's Abilities via sudo; 5.15 Killing Processes via sudo; 5.16 Listing sudo Invocations; 5.17 Logging sudo Remotely; 5.18 Sharing root Privileges via SSH; 5.19 Running root Commands via SSH; 5.20 Sharing root Privileges via Kerberos su; Chapter 6: Protecting Outgoing Network Connections; 6.1 Logging into a Remote Host; 6.2 Invoking Remote Programs; 6.3 Copying Files Remotely; 6.4 Authenticating by Public Key (OpenSSH); 6.5 Authenticating by Public Key (OpenSSH Client, SSH2 Server, OpenSSH Key); 6.6 Authenticating by Public Key (OpenSSH Client, SSH2 Server, SSH2 Key); 6.7 Authenticating by Public Key (SSH2 Client, OpenSSH Server); 6.8 Authenticating by Trusted Host; 6.9 Authenticating Without a Password (Interactively); 6.10 Authenticating in cron Jobs; 6.11 Terminating an SSH Agent on Logout; 6.12 Tailoring SSH per Host; 6.13 Changing SSH Client Defaults; 6.14 Tunneling Another TCP Session Through SSH; 6.15 Keeping Track of Passwords; Chapter 7: Protecting Files; 7.1 Using File Permissions; 7.2 Securing a Shared Directory; 7.3 Prohibiting Directory Listings; 7.4 Encrypting Files with a Password; 7.5 Decrypting Files; 7.6 Setting Up GnuPG for Public-Key Encryption; 7.7 Listing Your Keyring; 7.8 Setting a Default Key; 7.9 Sharing Public Keys; 7.10 Adding Keys to Your Keyring; 7.11 Encrypting Files for Others; 7.12 Signing a Text File; 7.13 Signing and Encrypting Files; 7.14 Creating a Detached Signature File; 7.15 Checking a Signature; 7.16 Printing Public Keys; 7.17 Backing Up a Private Key; 7.18 Encrypting Directories; 7.19 Adding Your Key to a Keyserver; 7.20 Uploading New Signatures to a Keyserver; 7.21 Obtaining Keys from a Keyserver; 7.22 Revoking a Key; 7.23 Maintaining Encrypted Files with Emacs; 7.24 Maintaining Encrypted Files with vim; 7.25 Encrypting Backups; 7.26 Using PGP Keys with GnuPG; Chapter 8: Protecting Email; 8.1 Encrypted Mail with Emacs; 8.2 Encrypted Mail with vim; 8.3 Encrypted Mail with Pine; 8.4 Encrypted Mail with Mozilla; 8.5 Encrypted Mail with Evolution; 8.6 Encrypted Mail with mutt; 8.7 Encrypted Mail with elm; 8.8 Encrypted Mail with MH; 8.9 Running a POP/IMAP Mail Server with SSL; 8.10 Testing an SSL Mail Connection; 8.11 Securing POP/IMAP with SSL and Pine; 8.12 Securing POP/IMAP with SSL and mutt; 8.13 Securing POP/IMAP with SSL and Evolution; 8.14 Securing POP/IMAP with stunnel and SSL; 8.15 Securing POP/IMAP with SSH; 8.16 Securing POP/IMAP with SSH and Pine; 8.17 Receiving Mail Without a Visible Server; 8.18 Using an SMTP Server from Arbitrary Clients; Chapter 9: Testing and Monitoring; 9.1 Testing Login Passwords (John the Ripper); 9.2 Testing Login Passwords (CrackLib); 9.3 Finding Accounts with No Password; 9.4 Finding Superuser Accounts; 9.5 Checking for Suspicious Account Use; 9.6 Checking for Suspicious Account Use, Multiple Systems; 9.7 Testing Your Search Path; 9.8 Searching Filesystems Effectively; 9.9 Finding setuid (or setgid) Programs; 9.10 Securing Device Special Files; 9.11 Finding Writable Files; 9.12 Looking for Rootkits; 9.13 Testing for Open Ports; 9.14 Examining Local Network Activities; 9.15 Tracing Processes; 9.16 Observing Network Traffic; 9.17 Observing Network Traffic (GUI); 9.18 Searching for Strings in Network Traffic; 9.19 Detecting Insecure Network Protocols; 9.20 Getting Started with Snort; 9.21 Packet Sniffing with Snort; 9.22 Detecting Intrusions with Snort; 9.23 Decoding Snort Alert Messages; 9.24 Logging with Snort; 9.25 Partitioning Snort Logs Into Separate Files; 9.26 Upgrading and Tuning Snort's Ruleset; 9.27 Directing System Messages to Log Files (syslog); 9.28 Testing a syslog Configuration; 9.29 Logging Remotely; 9.30 Rotating Log Files; 9.31 Sending Messages to the System Logger; 9.32 Writing Log Entries via Shell Scripts; 9.33 Writing Log Entries via Perl; 9.34 Writing Log Entries via C; 9.35 Combining Log Files; 9.36 Summarizing Your Logs with logwatch; 9.37 Defining a logwatch Filter; 9.38 Monitoring All Executed Commands; 9.39 Displaying All Executed Commands; 9.40 Parsing the Process Accounting Log; 9.41 Recovering from a Hack; 9.42 Filing an Incident Report; Colophon;

Le informazioni nella sezione "Su questo libro" possono far riferimento a edizioni diverse di questo titolo.

I migliori risultati di ricerca su AbeBooks

Edizione Internazionale
Edizione Internazionale

1.

Robert G
ISBN 10: 0596003919 ISBN 13: 9780596003913
Nuovi Soft cover Quantità: > 20
Edizione Internazionale
Da
University Bookstore
(DELHI, DELHI, India)
Valutazione libreria
[?]

Descrizione libro 2003. Soft cover. Condizione libro: New. This book is BRAND NEW Soft cover International edition with black and white printing. ISBN number & cover page may be different but contents identical to the US edition word by word. Book is in English language. Codice libro della libreria UN-SHRO-451

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 9,87
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 10,00
Da: India a: U.S.A.
Destinazione, tempi e costi

2.

Barrett, Daniel J.; Silverman, Richard E.; Byrnes, Robert G.
Editore: O'Reilly Media
ISBN 10: 0596003919 ISBN 13: 9780596003913
Nuovi PAPERBACK Quantità: > 20
Da
Mediaoutlet12345
(Springfield, VA, U.S.A.)
Valutazione libreria
[?]

Descrizione libro O'Reilly Media. PAPERBACK. Condizione libro: New. 0596003919 *BRAND NEW* Ships Same Day or Next!. Codice libro della libreria SWATI2122346387

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 23,04
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,72
In U.S.A.
Destinazione, tempi e costi

3.

Daniel Barrett, Richard Silverman, Robert G. Byrnes
Editore: O Reilly Media, Inc, USA, United States (2003)
ISBN 10: 0596003919 ISBN 13: 9780596003913
Nuovi Paperback Quantità: 1
Da
The Book Depository
(London, Regno Unito)
Valutazione libreria
[?]

Descrizione libro O Reilly Media, Inc, USA, United States, 2003. Paperback. Condizione libro: New. 230 x 178 mm. Language: English . Brand New Book. Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you re grounded in the basics of security, however, you won t necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That s exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes-short, focused pieces of code that administrators can use to improve security and perform common tasks securely. The book includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure. Some of the recipes you ll find in this book are: controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more; monitoring your network with tcpdump, dsniff, netstat, and other tools; protecting network connections with Secure Shell (SSH) and stunnel; safeguarding email sessions with Secure Sockets Layer (SSL); encrypting files and email messages with GnuPG; and probing your own security with password crackers, nmap, and handy scripts. Codice libro della libreria AAH9780596003913

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 28,13
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi

4.

Daniel Barrett, Richard Silverman, Robert G. Byrnes
Editore: O Reilly Media, Inc, USA, United States (2003)
ISBN 10: 0596003919 ISBN 13: 9780596003913
Nuovi Paperback Quantità: 1
Da
The Book Depository US
(London, Regno Unito)
Valutazione libreria
[?]

Descrizione libro O Reilly Media, Inc, USA, United States, 2003. Paperback. Condizione libro: New. 230 x 178 mm. Language: English . Brand New Book. Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you re grounded in the basics of security, however, you won t necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That s exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes-short, focused pieces of code that administrators can use to improve security and perform common tasks securely. The book includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure. Some of the recipes you ll find in this book are: controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more; monitoring your network with tcpdump, dsniff, netstat, and other tools; protecting network connections with Secure Shell (SSH) and stunnel; safeguarding email sessions with Secure Sockets Layer (SSL); encrypting files and email messages with GnuPG; and probing your own security with password crackers, nmap, and handy scripts. Codice libro della libreria AAH9780596003913

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 28,14
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi

5.

Barrett, Daniel J.
ISBN 10: 0596003919 ISBN 13: 9780596003913
Nuovi Paperback Quantità: > 20
Print on Demand
Da
BargainBookStores
(Grand Rapids, MI, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Paperback. Condizione libro: New. This item is printed on demand. Item doesn't include CD/DVD. Codice libro della libreria 1185114

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 27,59
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,72
In U.S.A.
Destinazione, tempi e costi

6.

Barrett, Daniel; Silverman, Richard; Byrnes, Robert G.
Editore: O'Reilly Media, Inc, USA (2003)
ISBN 10: 0596003919 ISBN 13: 9780596003913
Nuovi Brossura Quantità: 3
Valutazione libreria
[?]

Descrizione libro O'Reilly Media, Inc, USA, 2003. Condizione libro: New. 2003. Paperback. Computer security is an ongoing process, a relentless contest between system administrators and intruders. This is a series of easy-to-follow recipes - short, focused pieces of code that administrators can use to improve security and perform common tasks securely. Num Pages: 310 pages, index. BIC Classification: ULL. Category: (P) Professional & Vocational; (UP) Postgraduate, Research & Scholarly; (UU) Undergraduate. Dimension: 181 x 233 x 319. Weight in Grams: 558. . . . . . . Codice libro della libreria V9780596003913

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 31,57
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
Da: Irlanda a: U.S.A.
Destinazione, tempi e costi

7.

Barrett, Daniel; Silverman, Richard; Byrnes, Robert G.
Editore: O'Reilly Media, Inc, USA
ISBN 10: 0596003919 ISBN 13: 9780596003913
Nuovi Brossura Quantità: 3
Da
Kennys Bookstore
(Olney, MD, U.S.A.)
Valutazione libreria
[?]

Descrizione libro O'Reilly Media, Inc, USA. Condizione libro: New. 2003. Paperback. Computer security is an ongoing process, a relentless contest between system administrators and intruders. This is a series of easy-to-follow recipes - short, focused pieces of code that administrators can use to improve security and perform common tasks securely. Num Pages: 310 pages, index. BIC Classification: ULL. Category: (P) Professional & Vocational; (UP) Postgraduate, Research & Scholarly; (UU) Undergraduate. Dimension: 181 x 233 x 319. Weight in Grams: 558. . . . . . Books ship from the US and Ireland. Codice libro della libreria V9780596003913

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 33,34
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
In U.S.A.
Destinazione, tempi e costi

8.

Daniel Barrett, Richard Silverman, Robert G. Byrnes
Editore: O'Reilly Media, Inc, USA 2003-06-13, Sebastopol (2003)
ISBN 10: 0596003919 ISBN 13: 9780596003913
Nuovi paperback Quantità: > 20
Da
Blackwell's
(Oxford, OX, Regno Unito)
Valutazione libreria
[?]

Descrizione libro O'Reilly Media, Inc, USA 2003-06-13, Sebastopol, 2003. paperback. Condizione libro: New. Codice libro della libreria 9780596003913

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 28,30
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 5,38
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi

9.

Daniel Barrett, Richard Silverman, Robert G. Byrnes,
ISBN 10: 0596003919 ISBN 13: 9780596003913
Nuovi Paperback Quantità: 3
Da
Ria Christie Collections
(Uxbridge, Regno Unito)
Valutazione libreria
[?]

Descrizione libro Paperback. Condizione libro: New. Not Signed; Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't ne. book. Codice libro della libreria ria9780596003913_rkm

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 30,24
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,97
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi

10.

Daniel J. Barrett; Richard E. Silverman; Robert G. Byrnes
Editore: O'Reilly Media (2003)
ISBN 10: 0596003919 ISBN 13: 9780596003913
Nuovi Paperback Quantità: 1
Da
Irish Booksellers
(Rumford, ME, U.S.A.)
Valutazione libreria
[?]

Descrizione libro O'Reilly Media, 2003. Paperback. Condizione libro: New. book. Codice libro della libreria 0596003919

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 37,50
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
In U.S.A.
Destinazione, tempi e costi

Vedi altre copie di questo libro

Vedi tutti i risultati per questo libro