Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Practical Linux Security Cookbook
  • Table Of Contents Toc
Practical Linux Security Cookbook

Practical Linux Security Cookbook

By : Tajinder Kalsi
4 (1)
close
close
Practical Linux Security Cookbook

Practical Linux Security Cookbook

4 (1)
By: Tajinder Kalsi

Overview of this book

With the growing popularity of Linux, more and more administrators have started moving to the system to create networks or servers for any task. This also makes Linux the first choice for any attacker now. Due to the lack of information about security-related attacks, administrators now face issues in dealing with these attackers as quickly as possible. Learning about the different types of Linux security will help create a more secure Linux system. Whether you are new to Linux administration or experienced, this book will provide you with the skills to make systems more secure. With lots of step-by-step recipes, the book starts by introducing you to various threats to Linux systems. You then get to walk through customizing the Linux kernel and securing local files. Next you will move on to manage user authentication locally and remotely and also mitigate network attacks. Finally, you will learn to patch bash vulnerability and monitor system logs for security. With several screenshots in each example, the book will supply a great learning experience and help you create more secure Linux systems.
Table of Contents (12 chapters)
close
close
11
Index

Configuring server security

A major reason for malicious attacks on Linux servers has been poorly implemented security or existing vulnerabilities. When configuring a server, security policies need to be implemented properly, and ownership needs to be taken in order to properly customize the server.

How to do it…

General Policy:

  • The administration of all the internal servers in an organization is the responsibility of a dedicated team, which should also keep a look out for any kind of compliance. If any compliance takes place, the team should accordingly implement or review the security policy.
  • When configuring internal servers, they must be registered in such a way that the servers can be identified on the basis of the following information:
    • Location of the server
    • The operating system version and its hardware configuration
    • Services and applications that are being run
  • Any kind of information in the organization's management system must always be kept up to date.

Configuration Policy:

  • The operating system on the server should be configured in accordance with the guidelines approved for InfoSec.
  • Any service or application not being used should be disabled wherever possible.
  • All access to the services and applications on the server should be monitored and logged. They should also be protected through access-control methods. An example of this will be covered in Chapter 3, Local Filesystem Security.
  • The system should be kept updated, and any recent security patches, if available, should be installed as soon as possible.
  • Avoid using a root account to the maximum extent. It's preferable to use security principles that require the least amount of access to perform a function.
  • Any kind of privileged access must be performed over secure channel connection (SSH) wherever possible.
  • The server should be accessed in a controlled environment.

Monitoring Policy:

  • All security-related actions on server systems must be logged, and audit reports should be saved as follows:
    • For a period of 1 month, all security-related logs should be kept online
    • For a period of 1 month, daily backups as well as weekly backups should be retained
    • For minimum of 2 years, full monthly backups should be retained
  • Any event related to security being compromised should be reported to the InfoSec team. They shall then review the logs and report the incident to the IT department.
  • A few examples of security-related events are as follows:
    • Port scanning-related attacks
    • Access to privileged accounts without authorization
    • Unusual occurrences due to a particular application being present on the host

How it works…

Following the preceding policy helps in the base configuration of the internal server that is owned or operated by the organization. Implementing the policy effectively will minimize any unauthorized access to sensitive and proprietary information.

There's more…

There are some more things to discover when we talk about security in Linux.

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Practical Linux Security Cookbook
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon