Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Mastering Linux Security and Hardening
  • Table Of Contents Toc
Mastering Linux Security and Hardening

Mastering Linux Security and Hardening - Third Edition

By : Donald A. Tevault
4.6 (34)
close
close
Mastering Linux Security and Hardening

Mastering Linux Security and Hardening

4.6 (34)
By: Donald A. Tevault

Overview of this book

The third edition of Mastering Linux Security and Hardening is an updated, comprehensive introduction to implementing the latest Linux security measures, using the latest versions of Ubuntu and AlmaLinux. In this new edition, you will learn how to set up a practice lab, create user accounts with appropriate privilege levels, protect sensitive data with permissions settings and encryption, and configure a firewall with the newest firewall technologies. You’ll also explore how to use sudo to set up administrative accounts with only the privileges required to do a specific job, and you’ll get a peek at the new sudo features that have been added over the past couple of years. You’ll also see updated information on how to set up a local certificate authority for both Ubuntu and AlmaLinux, as well as how to automate system auditing. Other important skills that you’ll learn include how to automatically harden systems with OpenSCAP, audit systems with auditd, harden the Linux kernel configuration, protect your systems from malware, and perform vulnerability scans of your systems. As a bonus, you’ll see how to use Security Onion to set up an Intrusion Detection System. By the end of this new edition, you will confidently be able to set up a Linux server that will be secure and harder for malicious actors to compromise.
Table of Contents (22 chapters)
close
close
1
Section I: Setting up a Secure Linux System
9
Section II: Mastering File and Directory Access Control (DAC)
12
Section III: Advanced System Hardening Techniques
20
Other Books You May Enjoy
21
Index

Introduction to Snort and Security Onion

Snort is a Network Intrusion Detection System (NIDS), which is offered as a free open source software product. The program itself is free of charge, but you’ll need to pay if you want to have a complete, up-to-date set of threat detection rules. Snort started out as a one-man project, but it’s now owned by Cisco. Understand, though, this isn’t something that you install on the machine that you want to protect. Rather, you’ll have at least one dedicated Snort machine someplace on the network, just monitoring all network traffic, watching for anomalies.

When it sees traffic that shouldn’t be there – something that indicates the presence of a bot, for example – it can either just send an alert message to an administrator or it can even block the anomalous traffic, depending on how the rules have been configured. For a small network, you can have just one Snort machine that acts as both a control...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Mastering Linux Security and Hardening
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon