Book Image

Mastering Linux Administration

By : Alexandru Calcatinge, Julian Balog
Book Image

Mastering Linux Administration

By: Alexandru Calcatinge, Julian Balog

Overview of this book

Linux plays a significant role in modern data center management and provides great versatility in deploying and managing your workloads on-premises and in the cloud. This book covers the important topics you need to know about for your everyday Linux administration tasks. The book starts by helping you understand the Linux command line and how to work with files, packages, and filesystems. You'll then begin administering network services and hardening security, and learn about cloud computing, containers, and orchestration. Once you've learned how to work with the command line, you'll explore the essential Linux commands for managing users, processes, and daemons and discover how to secure your Linux environment using application security frameworks and firewall managers. As you advance through the chapters, you'll work with containers, hypervisors, virtual machines, Ansible, and Kubernetes. You'll also learn how to deploy Linux to the cloud using AWS and Azure. By the end of this Linux book, you'll be well-versed with Linux and have mastered everyday administrative tasks using workflows spanning from on-premises to the cloud. If you also find yourself adopting DevOps practices in the process, we'll consider our mission accomplished.
Table of Contents (20 chapters)
Section 1: Linux Basic Administration
Section 2: Advanced Linux Server Administration
Section 3: Cloud Administration

Chapter 9: Securing Linux

Securing a Linux machine is usually a balancing act. The endgame is essentially protecting data from unwanted access. While there are many ways to achieve this goal, we should adopt the methods that yield maximum protection, along with the most efficient system administration. Gauging the attack and vulnerability surfaces, both internal and external, is always a good start. The rest of the work is building fences and putting on armor – not too high and not too heavy. The outer fence is a network firewall. Internally, at the system level, we build application security policies. This chapter introduces both, albeit the art of the balancing act is left to you.

In the first part of this chapter, we'll look at access control mechanisms and the related security modules – SELinux and AppArmor. In the second part, we will explore packet filtering frameworks and firewall solutions.

After completing this chapter, you will have become acquainted...