Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
Practical Linux Security Cookbook
Practical Linux Security Cookbook

Practical Linux Security Cookbook: Secure your Linux machines and keep them secured with the help of exciting recipes

Arrow left icon
Profile Icon Michael A Lindner Profile Icon Kalsi
Arrow right icon
$9.99 $39.99
Full star icon Full star icon Full star icon Full star icon Empty star icon 4 (1 Ratings)
eBook Apr 2016 276 pages 1st Edition
eBook
$9.99 $39.99
Paperback
$48.99
Subscription
Free Trial
Renews at $19.99p/m
Arrow left icon
Profile Icon Michael A Lindner Profile Icon Kalsi
Arrow right icon
$9.99 $39.99
Full star icon Full star icon Full star icon Full star icon Empty star icon 4 (1 Ratings)
eBook Apr 2016 276 pages 1st Edition
eBook
$9.99 $39.99
Paperback
$48.99
Subscription
Free Trial
Renews at $19.99p/m
eBook
$9.99 $39.99
Paperback
$48.99
Subscription
Free Trial
Renews at $19.99p/m

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Table of content icon View table of contents Preview book icon Preview Book

Practical Linux Security Cookbook

Chapter 2. Configuring a Secure and Optimized Kernel

In this chapter, we will discuss the following:

  • Requirements for building and using a kernel
  • Creating a USB boot media
  • Retrieving a kernel source
  • Configuring and building a kernel
  • Installing and booting from a kernel
  • Testing and debugging a kernel
  • Configuring a console for debugging using Netconsole
  • Debugging a kernel on boot

Introduction

For all Linux distributions, including Ubuntu, CentOS, and Fedora, a kernel is vital. It is by default installed for most Linux versions when the OS is installed, hence we generally don't have to compile the kernel. Even when there is a critical update to be installed in the kernel, it can be done using apt-get or yum on the Linux system.

However, there might be few situations where we have to compile the kernel from a source ourselves. A few of these situations are as follows:

  • Enabling experimental features in the kernel
  • Enabling new hardware support
  • Debugging the kernel
  • Exploring the kernel source code

Requirements for building and using a kernel

Before we can start building the Linux kernel, we must ensure that a working boot media exists for the Linux system. This can be used to boot into the Linux system if the boot loader is not configured properly. You will learn how to create a USB boot media, retrieve a kernel source, configure and build a kernel, and perform installation and booting from a kernel.

Creating a USB boot media

A USB boot media can be created on any USB media device that is formatted as ext2, ext3, or VFAT. Also, ensure that enough free space is available on the device, varying from 4 GB required for the transfer of a distribution DVD image, 700 MB in the case of a distribution CD image, or just 10 MB to transfer a minimal boot media image.

Getting ready

Before carrying out the steps, we need to have an image file of the Linux installation disk, which we can name boot.iso, and a USB storage device, as specified previously.

How to do it…

To create the USB boot media, we need to perform these commands as the root:

  1. Firstly, we need to install the syslinux boot loader by executing the following command on the USB storage device:
    syslinux /dev/sdb1
    
  2. Now, create mount points each for the boot.iso file and the USB storage device by executing the following command:
    mkdir /mnt/isoboot /mnt/diskboot
    
  3. Next, mount the boot.iso file on the mount point created for it:
    mount –o...

Retrieving a kernel source

Most Linux distributions include kernel sources in them. However, these sources may tend to be a bit out of date. Due to this, we may need to get the latest sources when building or customizing the kernel.

Getting ready

Most of the Linux kernel developer community uses the Git tool to manage source code. Even Ubuntu has integrated Git for its own Linux kernel source code, hence enabling kernel developers to interact better with the community.

We can install the git package using this command:

sudo apt-get install git

How to do it…

The Linux kernel source code can be downloaded from various sources, and we will discuss the methods used to download from these sources:

  • We can find the Linux source code in the form of a complete tarball and also as an incremental patch on the official web page of Linux kernel at http://www.kernel.org.
  • It is always recommended that you use the latest version unless you have a specific reason to work with an older version.
  • Ubuntu&apos...

Configuring and building a kernel

The need to configure the kernel could arise due to many reasons. We may want to resize the kernel to run only the necessary services, or we may have to patch it to support new hardware that was not supported earlier by the kernel. This could be a daunting task for any system administrator, and in this section, we take a look at how we can configure and build the kernel.

Getting ready

It is always recommended that you have ample space for kernels in the boot partition of any system. We can either choose the whole disk install option or set aside a minimum of 3 GB of disk space for the boot partition.

After installing the Linux distribution and configuring development packages on the system, enable the root account as well as sudo for our user account.

Now, before we start with the installation of any packages, run the following command to update the system:

sudo apt-get update && sudo apt-get upgrade

After this, check whether the build-essential package...

Installing and booting from a kernel

After having spent a lot of time configuring and compiling the kernel, we can now start the process of installing the kernel on the local system.

Getting ready

Before starting the installation of the kernel, make sure to back up all your important data on the system. Also, make a copy of /boot/ on an external storage that is formatted in the FAT32 filesystem. This will help with repairing the system if the installation process fails for any reason.

How to do it…

After completing the compilation of the kernel, we can then start following the commands required to proceed with the installation of the kernel.

  1. Install drivers by running the following command:
    How to do it…

    The preceding command will copy the modules to a subdirectory of/lib/modules.

  2. Now, run the following command to install the actual kernel:
    make install
    
    How to do it…
  3. This command executes /sbin/installkernel.
  4. The new kernel will be installed in /boot/vmlinuz-{version}.

    If a symbolic link already exists for /boot/vmlinuz...

Introduction


For all Linux distributions, including Ubuntu, CentOS, and Fedora, a kernel is vital. It is by default installed for most Linux versions when the OS is installed, hence we generally don't have to compile the kernel. Even when there is a critical update to be installed in the kernel, it can be done using apt-get or yum on the Linux system.

However, there might be few situations where we have to compile the kernel from a source ourselves. A few of these situations are as follows:

  • Enabling experimental features in the kernel

  • Enabling new hardware support

  • Debugging the kernel

  • Exploring the kernel source code

Requirements for building and using a kernel


Before we can start building the Linux kernel, we must ensure that a working boot media exists for the Linux system. This can be used to boot into the Linux system if the boot loader is not configured properly. You will learn how to create a USB boot media, retrieve a kernel source, configure and build a kernel, and perform installation and booting from a kernel.

Creating a USB boot media


A USB boot media can be created on any USB media device that is formatted as ext2, ext3, or VFAT. Also, ensure that enough free space is available on the device, varying from 4 GB required for the transfer of a distribution DVD image, 700 MB in the case of a distribution CD image, or just 10 MB to transfer a minimal boot media image.

Getting ready

Before carrying out the steps, we need to have an image file of the Linux installation disk, which we can name boot.iso, and a USB storage device, as specified previously.

How to do it…

To create the USB boot media, we need to perform these commands as the root:

  1. Firstly, we need to install the syslinux boot loader by executing the following command on the USB storage device:

    syslinux /dev/sdb1
    
  2. Now, create mount points each for the boot.iso file and the USB storage device by executing the following command:

    mkdir /mnt/isoboot /mnt/diskboot
    
  3. Next, mount the boot.iso file on the mount point created for it:

    mount –o loop boot.iso ...
Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • This book provides code-intensive discussions with detailed recipes that help you understand better and learn faster.
  • More than 50 hands-on recipes to create and administer a secure Linux system locally as well as on a network
  • Enhance file system security and local and remote user authentication by using various security tools and different versions of Linux for different tasks

Description

With the growing popularity of Linux, more and more administrators have started moving to the system to create networks or servers for any task. This also makes Linux the first choice for any attacker now. Due to the lack of information about security-related attacks, administrators now face issues in dealing with these attackers as quickly as possible. Learning about the different types of Linux security will help create a more secure Linux system. Whether you are new to Linux administration or experienced, this book will provide you with the skills to make systems more secure. With lots of step-by-step recipes, the book starts by introducing you to various threats to Linux systems. You then get to walk through customizing the Linux kernel and securing local files. Next you will move on to manage user authentication locally and remotely and also mitigate network attacks. Finally, you will learn to patch bash vulnerability and monitor system logs for security. With several screenshots in each example, the book will supply a great learning experience and help you create more secure Linux systems.

Who is this book for?

Practical Linux Security Cookbook is intended for all those Linux users who already have knowledge of Linux File systems and administration. You should be familiar with basic Linux commands. Understanding Information security and its risks to a Linux system is also helpful in understanding the recipes more easily. However, even if you are unfamiliar with Information security, you will be able to easily follow and understand the recipes discussed. Since Linux Security Cookbook follows a practical approach, following the steps is very easy.

What you will learn

  • Learn about various vulnerabilities and exploits in relation to Linux systems
  • Configure and build a secure kernel and test it
  • Learn about file permissions and security and how to securely modify files
  • Explore various ways to authenticate local users while monitoring their activities.
  • Authenticate users remotely and securely copy files on remote systems
  • Review various network security methods including firewalls using iptables and TCP Wrapper
  • Explore various security tools including Port Sentry, Squid Proxy, Shorewall, and many more
  • Understand Bash vulnerability/security and patch management

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Apr 29, 2016
Length: 276 pages
Edition : 1st
Language : English
ISBN-13 : 9781785285301
Tools :

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Product Details

Publication date : Apr 29, 2016
Length: 276 pages
Edition : 1st
Language : English
ISBN-13 : 9781785285301
Tools :

Packt Subscriptions

See our plans and pricing
Modal Close icon
$19.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
$199.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts
$279.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total $ 152.97
Learning Linux Binary Analysis
$48.99
Mastering Linux Network Administration
$54.99
Practical Linux Security Cookbook
$48.99
Total $ 152.97 Stars icon
Banner background image

Table of Contents

11 Chapters
1. Linux Security Problems Chevron down icon Chevron up icon
2. Configuring a Secure and Optimized Kernel Chevron down icon Chevron up icon
3. Local Filesystem Security Chevron down icon Chevron up icon
4. Local Authentication in Linux Chevron down icon Chevron up icon
5. Remote Authentication Chevron down icon Chevron up icon
6. Network Security Chevron down icon Chevron up icon
7. Security Tools Chevron down icon Chevron up icon
8. Linux Security Distros Chevron down icon Chevron up icon
9. Patching a Bash Vulnerability Chevron down icon Chevron up icon
10. Security Monitoring and Logging Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon

Customer reviews

Rating distribution
Full star icon Full star icon Full star icon Full star icon Empty star icon 4
(1 Ratings)
5 star 0%
4 star 100%
3 star 0%
2 star 0%
1 star 0%
Happy Feb 16, 2018
Full star icon Full star icon Full star icon Full star icon Empty star icon 4
Good security references.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

How do I buy and download an eBook? Chevron down icon Chevron up icon

Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.

If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.

Please Note: Packt eBooks are non-returnable and non-refundable.

Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:

  • You may make copies of your eBook for your own use onto any machine
  • You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website? Chevron down icon Chevron up icon

If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:

  1. Register on our website using your email address and the password.
  2. Search for the title by name or ISBN using the search option.
  3. Select the title you want to purchase.
  4. Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title. 
  5. Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook? Chevron down icon Chevron up icon
  • If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
  • To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
  • To view your account details or to download a new copy of the book go to www.packtpub.com/account
  • To contact us directly if a problem is not resolved, use www.packtpub.com/contact-us
What eBook formats do Packt support? Chevron down icon Chevron up icon

Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.

You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.

What are the benefits of eBooks? Chevron down icon Chevron up icon
  • You can get the information you need immediately
  • You can easily take them with you on a laptop
  • You can download them an unlimited number of times
  • You can print them out
  • They are copy-paste enabled
  • They are searchable
  • There is no password protection
  • They are lower price than print
  • They save resources and space
What is an eBook? Chevron down icon Chevron up icon

Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.

When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.

For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.