Book Image

Mastering Linux Security and Hardening

By : Donald A. Tevault
Book Image

Mastering Linux Security and Hardening

By: Donald A. Tevault

Overview of this book

This book has extensive coverage of techniques that will help prevent attackers from breaching your system, by building a much more secure Linux environment. You will learn various security techniques such as SSH hardening, network service detection, setting up firewalls, encrypting file systems, protecting user accounts, authentication processes, and so on. Moving forward, you will also develop hands-on skills with advanced Linux permissions, access control, special modes, and more. Lastly, this book will also cover best practices and troubleshooting techniques to get your work done efficiently. By the end of this book, you will be confident in delivering a system that will be much harder to compromise.

Related Content you might be interested in

Current Title:

Small book image
Mastering Linux Security and Hardening
Donald A. Tevault
Jan, 2018 | 376 pages
Small book image
Practical Linux Security Cookbook.
Tajinder Kalsi
Aug, 2018 | 482 pages
Small book image
Linux Service Management Made Easy with systemd
Donald A Tevault
Feb, 2022 | 420 pages
Small book image
Linux Administration Cookbook
Adam K Dean
Dec, 2018 | 826 pages
Table of Contents (15 chapters)
Title Page
Title Page
Packt Upsell
Packt Upsell
Contributors
Contributors
Preface
Preface
Free Chapter
1
Running Linux in a Virtual Environment
Running Linux in a Virtual Environment
The threat landscape
Keeping up with security news
Introduction to VirtualBox and Cygwin
Using Cygwin to connect to your virtual machines
Summary
2
Securing User Accounts
Securing User Accounts
The dangers of logging in as the root user
The advantages of using sudo
Setting up sudo privileges for full administrative users
Setting up sudo for users with only certain delegated privileges
Advanced tips and tricks for using sudo
Locking down users' home directories the Red Hat or CentOS way
Locking down users' home directories the Debian/Ubuntu way
Enforcing strong password criteria
Setting and enforcing password and account expiration
Preventing brute-force password attacks
Locking user accounts
Setting up security banners
Summary
3
Securing Your Server with a Firewall
Securing Your Server with a Firewall
An overview of iptables
Uncomplicated Firewall for Ubuntu systems
firewalld for Red Hat systems
nftables – a more universal type of firewall system
Summary
4
Encrypting and SSH Hardening
Encrypting and SSH Hardening
GNU Privacy Guard
Encrypting partitions with Linux Unified Key Setup – LUKS
Encrypting directories with eCryptfs
Using VeraCrypt for cross-platform sharing of encrypted containers
Ensuring that SSH protocol 1 is disabled
Creating and managing keys for password-less logins
Disabling root user login
Disabling username/password logins
Setting up a chroot environment for SFTP users
Summary
5
Mastering Discretionary Access Control
Mastering Discretionary Access Control
Using chown to change ownership of files and directories
Using chmod to set permissions values on files and directories
Using SUID and SGID on regular files
The security implications of the SUID and SGID permissions
Using extended file attributes to protect sensitive files
Summary
6
Access Control Lists and Shared Directory Management
Access Control Lists and Shared Directory Management
Creating an access control list for either a user or a group
Creating an inherited access control list for a directory
Removing a specific permission by using an ACL mask
Using the tar --acls option to prevent the loss of ACLs during a backup
Creating a user group and adding members to it
Creating a shared directory
Setting the SGID bit and the sticky bit on the shared directory
Using ACLs to access files in the shared directory
Summary
7
Implementing Mandatory Access Control with SELinux and AppArmor
Implementing Mandatory Access Control with SELinux and AppArmor
How SELinux can benefit a systems administrator
Setting security contexts for files and directories
Troubleshooting with setroubleshoot
Working with SELinux policies
How AppArmor can benefit a systems administrator
Looking at AppArmor profiles
Working with AppArmor command-line utilities
Troubleshooting AppArmor problems
Summary
8
Scanning, Auditing, and Hardening
Scanning, Auditing, and Hardening
Installing and updating ClamAV and maldet
Scanning with ClamAV and maldet
SELinux considerations
Scanning for rootkits with Rootkit Hunter
Controlling the auditd daemon
Creating audit rules
Using ausearch and aureport
Applying OpenSCAP policies with oscap
Using SCAP Workbench
More about OpenSCAP profiles
Applying an OpenSCAP profile during system installation
Summary
9
Vulnerability Scanning and Intrusion Detection
Vulnerability Scanning and Intrusion Detection
Looking at Snort and Security Onion
Scanning and hardening with Lynis
Finding vulnerabilities with OpenVAS
Web server scanning with Nikto
Summary
10
Security Tips and Tricks for the Busy Bee
Security Tips and Tricks for the Busy Bee
Auditing system services
Password-protecting the GRUB 2 bootloader
Securely configuring BIOS/UEFI
Using a security checklist for system setup
Summary
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review – let other readers know what you think

Chapter 1. Running Linux in a Virtual Environment

So, you may be asking yourself, "Why do I need to study Linux security? Isn't Linux already secure? After all, it's not Windows." But, the fact is, there are many reasons.

It's true that Linux has certain advantages over Windows when it comes to security.  These include:

  • Unlike Windows, Linux was designed from the ground up as a multiuser operating system. So, user security tends to be a bit better on a Linux system.
  • Linux offers a better separation between administrative users and unprivileged users. This makes it a bit harder for intruders, and it also makes it a bit harder for a user to accidentally infect a Linux machine with something nasty.
  • Linux is much more resistant to virus and malware infections than Windows is.
  • Certain Linux distributions come with built-in mechanisms, such as SELinux in Red Hat and CentOS and AppArmor in Ubuntu, which prevents intruders from taking control of a system.
  • Linux is a free and open source software. This allows anyone who has the skill to audit Linux code to hunt for bugs or backdoors.

But, even with those advantages, Linux is just like everything else that's been created by mankind. That is, it isn't perfect.

Here are the topics that we'll cover in this chapter:

  • Why every Linux administrator needs to learn about Linux security
  • A bit about the threat landscape, with some examples of how attackers have, at times, been able to breach Linux systems
  • Resources for keeping up with IT security news
  • How to set up Ubuntu Server and CentOS virtual machines with VirtualBox, and how to install the EPEL repository in the CentOS virtual machine
  • How to create virtual machine snapshots
  • How to install Cygwin on a Windows host so that Windows users can connect to a virtual machine from their Windows hosts
Previous Section
End of Section 1
Next Section