Book Overview & Buying
Table Of Contents

Practical Linux Security Cookbook - Second Edition

By : Tajinder Kalsi

3.7 (3)

Buy this Book

Practical Linux Security Cookbook

3.7 (3)

By: Tajinder Kalsi

Buy this Book

Overview of this book

Over the last few years, system security has gained a lot of momentum and software professionals are focusing heavily on it. Linux is often treated as a highly secure operating system. However, the reality is that Linux has its share of security ?aws, and these security ?aws allow attackers to get into your system and modify or even destroy your important data. But there’s no need to panic, since there are various mechanisms by which these ?aws can be removed, and this book will help you learn about different types of Linux security to create a more secure Linux system. With a step-by-step recipe approach, the book starts by introducing you to various threats to Linux systems. Then, this book will walk you through customizing the Linux kernel and securing local files. Next, you will move on to managing user authentication both locally and remotely and mitigating network attacks. Later, you will learn about application security and kernel vulnerabilities. You will also learn about patching Bash vulnerability, packet filtering, handling incidents, and monitoring system logs. Finally, you will learn about auditing using system services and performing vulnerability scanning on Linux. By the end of this book, you will be able to secure your Linux systems and create a robust environment.

Preface

Who this book is for

What this book covers

To get the most out of this book

Sections

Get in touch

Free Chapter

Linux Security Problem

Security policy

Configuring server security

Security policy – server security

Defining security controls

Checking the integrity of installation medium by using checksum

Using LUKS disk encryption

Make use of sudoers – configuring sudo access

Scanning hosts with Nmap

Gaining root on a vulnerable Linux system

Missing backup plans

Configuring a Secure and Optimized Kernel

Creating USB boot media

Retrieving the kernel source

Configuring and building kernel

Installing and booting from a kernel

Kernel testing and debugging

Debugging kernel boot

Kernel errors

Checking kernel parameters using Lynis

Local Filesystem Security

Viewing files and directory details using ls

Using chmod to set permissions on files and directories

Using chown to change ownership of files and directories

Using ACLs to access files

File handling using the mv command (moving and renaming)

Implementing Mandatory Access Control with SELinux

Using extended file attributes to protect sensitive files

Installing and configuring a basic LDAP server on Ubuntu

Local Authentication in Linux

User authentication and logging

Limiting login capabilities of users

Disabling username/password logins

Monitoring user activity using acct

Defining user authorization controls

Access Management using IDAM

Remote Authentication

Remote server/host access using SSH

Enabling and disabling root login over SSH

Key-based login into SSH for restricting remote access

Copying files remotely

Setting up a Kerberos server with Ubuntu

Using LDAP for user authentication and management

Network Security

Managing TCP/IP networks

Using a packet sniffer to monitor network traffic

Using IP tables for configuring a firewall

Blocking spoofed addresses

Blocking incoming traffic

Configuring and using TCP Wrappers

Blocking country-specific traffic using mod_security

Securing network traffic using SSL

Security Tools

Linux sXID

Port Sentry

Using Squid proxy

Open SSL server

Tripwire

Shorewall

OSSEC

Snort

Rsync and Grsync – backup tool

Linux Security Distros

Kali Linux

pfSense

Digital Evidence and Forensic Toolkit (DEFT)

Network Security Toolkit (NST)

Security Onion

Tails OS

Qubes OS

Bash Vulnerability Patching

Understanding the Bash vulnerability – Shellshock

Security issues – Shellshock

Linux patch management system

Applying patches in Linux

Other well-known Linux vulnerabilities

Security Monitoring and Logging

Viewing and managing log files using Logcheck

Monitoring the network using Nmap

Using Glances for system monitoring

Monitoring logs using MultiTail

Using system tools – whowatch

Using system tools – stat

Using System tools – lsof

Using System tools – strace

Real time IP LAN monitoring using IPTraf

Network security monitoring using Suricata

Network monitoring using OpenNMS

Understanding Linux Service Security

Web server – HTTPD

Remote service login – Telnet

Secure remote login – SSH

File transfer security – FTP

Securing Mail Transfer – SMTP

Scanning and Auditing Linux

Installing an antivirus on Linux

Scanning with ClamAV

Finding rootkits

Using the auditd daemon

Using ausearch and aureport to read logs

Auditing system services with systemctl

Vulnerability Scanning and Intrusion Detection

Network security monitoring using Security Onion

Finding vulnerabilities with OpenVAS

Using Nikto for web server scanning

Hardening using Lynis

Other Books You May Enjoy

Leave a review - let other readers know what you think

Debugging kernel boot

Sometimes your system might fail to boot due to changes within the kernel. Hence it is important that when creating reports about these failures, all the appropriate information about debugging is included. This will be useful for the kernel team in resolving the issue.

How to do it...

If you are trying to capture error messages that appear during boot, then it is better to boot the kernel with the quiet and splash options removed. This helps you see the messages, if any, that appear on the screen.

To edit boot option parameters, do the following: