Book Image

Practical Linux Security Cookbook - Second Edition

By : Tajinder Kalsi
Book Image

Practical Linux Security Cookbook - Second Edition

By: Tajinder Kalsi

Overview of this book

Over the last few years, system security has gained a lot of momentum and software professionals are focusing heavily on it. Linux is often treated as a highly secure operating system. However, the reality is that Linux has its share of security ?aws, and these security ?aws allow attackers to get into your system and modify or even destroy your important data. But there’s no need to panic, since there are various mechanisms by which these ?aws can be removed, and this book will help you learn about different types of Linux security to create a more secure Linux system. With a step-by-step recipe approach, the book starts by introducing you to various threats to Linux systems. Then, this book will walk you through customizing the Linux kernel and securing local files. Next, you will move on to managing user authentication both locally and remotely and mitigating network attacks. Later, you will learn about application security and kernel vulnerabilities. You will also learn about patching Bash vulnerability, packet filtering, handling incidents, and monitoring system logs. Finally, you will learn about auditing using system services and performing vulnerability scanning on Linux. By the end of this book, you will be able to secure your Linux systems and create a robust environment.

Related Content you might be interested in

Current Title:

Small book image
Practical Linux Security Cookbook - Second Edition
Tajinder Kalsi
Aug, 2018 | 482 pages
Small book image
Mastering Linux Security and Hardening
Donald A Tevault
Jan, 2018 | 376 pages
Small book image
Mastering Linux Security and Hardening
Donald A Tevault
Feb, 2020 | 666 pages
Small book image
Mastering Linux Security and Hardening
Donald A Tevault
Feb, 2023 | 618 pages
Table of Contents (20 chapters)
Title Page
Title Page
Copyright and Credits
Copyright and Credits
Contributors
Contributors
Packt Upsell
Packt Upsell
Preface
Preface
Free Chapter
1
Linux Security Problem
Linux Security Problem
Security policy
Configuring server security
Security policy – server security
Defining security controls
Checking the integrity of installation medium by using checksum
Using LUKS disk encryption
Make use of sudoers – configuring sudo access
Scanning hosts with Nmap
Gaining root on a vulnerable Linux system
Missing backup plans
2
Configuring a Secure and Optimized Kernel
Configuring a Secure and Optimized Kernel
Creating USB boot media
Retrieving the kernel source
Configuring and building kernel
Installing and booting from a kernel
Kernel testing and debugging
Debugging kernel boot
Kernel errors
Checking kernel parameters using Lynis
3
Local Filesystem Security
Local Filesystem Security
Viewing files and directory details using ls
Using chmod to set permissions on files and directories
Using chown to change ownership of files and directories
Using ACLs to access files
File handling using the mv command (moving and renaming)
Implementing Mandatory Access Control with SELinux
Using extended file attributes to protect sensitive files
Installing and configuring a basic LDAP server on Ubuntu
4
Local Authentication in Linux
Local Authentication in Linux
User authentication and logging
Limiting login capabilities of users
Disabling username/password logins
Monitoring user activity using acct
Login authentication using a USB device and PAM
Defining user authorization controls
Access Management using IDAM
5
Remote Authentication
Remote Authentication
Remote server/host access using SSH
Enabling and disabling root login over SSH
Key-based login into SSH for restricting remote access
Copying files remotely
Setting up a Kerberos server with Ubuntu
Using LDAP for user authentication and management
6
Network Security
Network Security
Managing TCP/IP networks
Using a packet sniffer to monitor network traffic
Using IP tables for configuring a firewall
Blocking spoofed addresses
Blocking incoming traffic
Configuring and using TCP Wrappers
Blocking country-specific traffic using mod_security
Securing network traffic using SSL
7
Security Tools
Security Tools
Linux sXID
Port Sentry
Using Squid proxy
Open SSL server
Tripwire
Shorewall
OSSEC
Snort
Rsync and Grsync – backup tool
8
Linux Security Distros
Linux Security Distros
Kali Linux
pfSense
Digital Evidence and Forensic Toolkit  (DEFT)
Network Security Toolkit (NST)
Security Onion
Tails OS
Qubes OS
9
Bash Vulnerability Patching
Bash Vulnerability Patching
Understanding the Bash vulnerability – Shellshock
Security issues – Shellshock
Linux patch management system
Applying patches in Linux
Other well-known Linux vulnerabilities
10
Security Monitoring and Logging
Security Monitoring and Logging
Viewing and managing log files using Logcheck
Monitoring the network using Nmap
Using Glances for system monitoring
Monitoring logs using MultiTail
Using system tools – whowatch
Using system tools – stat
Using System tools – lsof
Using System tools – strace
Real time IP LAN monitoring using IPTraf
Network security monitoring using Suricata
Network monitoring using OpenNMS
11
Understanding Linux Service Security
Understanding Linux Service Security
Web server – HTTPD
Remote service login – Telnet
Secure remote login – SSH
File transfer security – FTP
Securing Mail Transfer – SMTP
12
Scanning and Auditing Linux
Scanning and Auditing Linux
Installing an antivirus on Linux
Scanning with ClamAV
Finding rootkits
Using the auditd daemon
Using ausearch and aureport to read logs
Auditing system services with systemctl
13
Vulnerability Scanning and Intrusion Detection
Vulnerability Scanning and Intrusion Detection
Network security monitoring using Security Onion
Finding vulnerabilities with OpenVAS
Using Nikto for web server scanning
Hardening using Lynis
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think
Index
Index

Checking the integrity of installation medium by using checksum

Whenever you download an image file of any Linux distribution, it should always be checked for correctness and safety. This can be done by generating an MD5 hash after downloading the image file and then comparing the generated hash with the hash generated by the organization supplying the image file.

This helps in checking the integrity of the downloaded file. If the original file was tampered with it can be detected using the MD5 hash comparison. The larger the file size, the higher the possibility of changes in the file. It is always recommended you do an MD5 hash comparison for files such as the operating system installation CD.

Getting ready

md5sum is normally installed in most Linux distributions, so installation is not required.

How to do it…

Perform the following steps:

  1. Open the Linux Terminal and then change the directory to the folder containing the downloaded ISO file.

Note

Because Linux is case sensitive, type the correct spelling for the folder name. Downloads are not the same as downloads in Linux.

  1. After changing to the download directory, type the following command:
md5sum ubuntu-filename.iso

md5sum will then print the calculated hash in a single line as shown here:

8044d756b7f00b695ab8dce07dce43e5 ubuntu-filename.iso

Now we can compare the hash calculated by this command with the hash on the UbuntuHashes page (https://help.ubuntu.com/community/UbuntuHashes). After opening the UbuntuHashes page, we just need to copy this previously calculated hash, in the Find box of the browser (by pressing Ctrl + F).

How it works…

If the calculated hash and the hash on the UbuntuHashes page match, then the downloaded file is not damaged. In case the hashes don't match, then there is a possibility that the file might be tampered or is damaged. Try downloading the file again. If the issue still persists, it is recommended you report the issue to the administrator of the server.

See also

Here’s something extra in case you want to go the extra mile: the GUI checksum calculator available for Ubuntu.

Sometimes, it’s really inconvenient to use the Terminal for doing checksums. You need to know the right folder of the downloaded file and also the exact filename. This makes it difficult to remember the exact commands.

As a solution, there is the very small and simple software – GtkHash.

You can download the tool here: http://gtkhash.sourceforge.net/.

Or you can install it by using the following command:

sudo apt-get install gtkhash
Previous Section
End of Section 6
Next Section