Chapter 1, Linux Security Problem, discusses the kinds of security that can be implemented for these exploits. Topics include preparing security policies and security controls for password protection and server security and performing vulnerability assessments of the Linux system. It also covers the configuration of sudo access.
Chapter 2, Configuring a Secure and Optimized Kernel, focuses on the process of configuring and building the Linux kernel and testing it. Topics covered include requirements for building a kernel, configuring a kernel, kernel installation, customization, and kernel debugging. The chapter also discusses configuring a console using Netconsole.
Chapter 3, Local Filesystem Security, looks at Linux file structures and permissions. It covers topics such as viewing file and directory details, handling files and file permissions using chmod, and the implementation of an access control list. The chapter also gives readers an introduction to the configuration of LDAP.
Chapter 4, Local Authentication in Linux, explores user authentication on a local system while maintaining security. Topics covered in this chapter include user authentication logging, limiting user login capabilities, monitoring user activity, authentication control definition, and also how to use PAM.
Chapter 5, Remote Authentication, talks about authenticating users remotely on a Linux system. The topics included in this chapter are remote server access using SSH, disabling and enabling root login, restricting remote access when using SSH, copying files remotely over SSH, and setting up Kerberos.
Chapter 6, Network Security, provides information about network attacks and security. It covers managing the TCP/IP network, configuring a firewall using IPtables, blocking spoofed addresses, and unwanted incoming traffic. The chapter also gives readers an introduction to configuring and using TCP Wrapper.
Chapter 7, Security Tools, targets various security tools or software that can be used for security on a Linux system. Tools covered in this chapter include sXID, Portsentry, Squid proxy, OpenSSL server, Tripwire, Shorewall, OSSEC, Snort, and Rsync/Grsync.
Chapter 8, Linux Security Distros, introduces the readers to some of the famous Linux/Unix distributions of that have been developed in relation to security and penetration testing. The distros covered in this chapter include Kali Linux, PfSense, DEFT, NST, Security Onion, Tails, and Qubes.
Chapter 9, Bash Vulnerability Patching, explores the most famous vulnerability of the Bash shell, which is known as Shellshock. It gives readers an understanding of Shellshock's vulnerability and the security issues that can arise with its presence. The chapter also tells the reader how to use the Linux Patch Management system to secure their machine and also gives them an understanding of how patches are applied in a Linux system. It also gives an insight into other known Linux vulnerabilities.
Chapter 10, Security Monitoring and Logging, provides information on monitoring logs in Linux, on a local system as well as a network. Topics discussed in this chapter include monitoring logs using Logcheck, using Nmap for network monitoring, system monitoring using Glances, and using MultiTail to monitor logs. A few other tools are also discussed, which include Whowatch, stat, lsof, and strace. Readers also learn about network monitoring using IPTraf, Suricata and OpenNMS.
Chapter 11, Understanding Linux Service Security, helps the reader understand the commonly used services on Linux systems and the security concern related to each of these services. Services such as HTTPD, Telnet, and FTP, have been in use since long time and still, many administrators are not aware of the security concerns that each of them can cause, if not configured properly.
Chapter 12, Scanning and Auditing Linux, provides information about performing malware scan on Linux systems so as to find all malwares including rootkits. It also gives an insight into auditing using system services such as auditd and tools like ausearch and aureport. This chapter will help readers understand how to read through logs to learn what the system services are doing.
Chapter 13, Vulnerability Scanning and Intrusion Detection, will help readers perform vulnerability assessment on Linux machine using various tools and Linux distros like Security Onion, OpenVAS, and Nikto. Learn about network and server category vulnerabilities and also web based vulnerabilities. The chapter also helps readers to harden Linux systems using Lynis.
