Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Practical Linux Security Cookbook
Practical Linux Security Cookbook

Practical Linux Security Cookbook: Secure your Linux machines and keep them secured with the help of exciting recipes

eBook
€20.98 €29.99
Paperback
€36.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Table of content icon View table of contents Preview book icon Preview Book

Practical Linux Security Cookbook

Chapter 1. Linux Security Problems

In this chapter, we will discuss the following:

  • The security policy of Linux
  • Configuring password protection
  • Configuring server security
  • Conducting integrity checks of the installation medium using checksum
  • Using the LUKS disk encryption
  • Making use of sudoers – configuring sudo access
  • Scanning hosts with Nmap
  • Gaining a root on a vulnerable Linux system

Introduction

A Linux machine is only as secure as an administrator configures it to be. Once we are done with the installation of the Linux OS and we remove its unnecessary packages after the installation has been completed, we can start working on the security aspect of the software and the services provided by the Linux machine.

The security policy of Linux

A security policy is a definition that outlines the rules and practices to be followed to set up the computer network security in an organization. How the organization should manage, protect, and distribute sensitive data is also defined by the security policy.

Developing a security policy

When creating a security policy, we should keep in mind that it should be simple and easy for all users. The objective of the policy should be to protect data while keeping the privacy of users intact.

It should be developed around these points:

  • Accessibility to the system
  • Software installation rights on the system
  • Data permission
  • Recovery from failure

When developing a security policy, a user should use only those services for which permission has been granted. Anything that is not permitted should be restricted in the policy.

Configuring password protection

In any system, the password plays a very important role in terms of security. A poor password may lead to an organization's resources being compromised. The password protection policy should be adhered to by everyone in the organization, from users to the administrator level.

How to do it…

Follow the given rules when selecting or securing your password.

For the creation policy, follow these rules:

  • A user should not use the same password for all the accounts in an organization
  • All access-related passwords should not be the same
  • Any system-level account should have a password that's different from any other account held by the same user

For the protection policy, follow these rules:

  • A password is something that needs to be treated as sensitive and confidential information. Hence, it should not be shared with anyone.
  • Passwords should not be shared through any electronic communication, such as e-mails.
  • Never reveal a password on your phone or questionnaire.
  • Do not use password hints that could provide clues to an attacker.
  • Never share company passwords with anyone, including administrative staff, managers, colleagues, and even family members.
  • Don't store passwords in written form anywhere in your office. If you store passwords on a mobile device, always use encryption.
  • Don't use the Remember Password feature of applications.
  • In there's any doubt of a password being compromised, report the incident and change the password as soon as possible.

For the change policy, follow these rules:

  • All users and administrators must change their password on a regular basis or at least on a quarterly basis
  • The security audit team of an organization must conduct random checks to check whether the passwords of any user can be guessed or cracked

How it works…

With the help of the preceding points, ensure that a password, when created or changed, is not easy enough to be guessed or cracked.

Configuring server security

A major reason for malicious attacks on Linux servers has been poorly implemented security or existing vulnerabilities. When configuring a server, security policies need to be implemented properly, and ownership needs to be taken in order to properly customize the server.

How to do it…

General Policy:

  • The administration of all the internal servers in an organization is the responsibility of a dedicated team, which should also keep a look out for any kind of compliance. If any compliance takes place, the team should accordingly implement or review the security policy.
  • When configuring internal servers, they must be registered in such a way that the servers can be identified on the basis of the following information:
    • Location of the server
    • The operating system version and its hardware configuration
    • Services and applications that are being run
  • Any kind of information in the organization's management system must always be kept up to date.

Configuration Policy:

  • The operating system on the server should be configured in accordance with the guidelines approved for InfoSec.
  • Any service or application not being used should be disabled wherever possible.
  • All access to the services and applications on the server should be monitored and logged. They should also be protected through access-control methods. An example of this will be covered in Chapter 3, Local Filesystem Security.
  • The system should be kept updated, and any recent security patches, if available, should be installed as soon as possible.
  • Avoid using a root account to the maximum extent. It's preferable to use security principles that require the least amount of access to perform a function.
  • Any kind of privileged access must be performed over secure channel connection (SSH) wherever possible.
  • The server should be accessed in a controlled environment.

Monitoring Policy:

  • All security-related actions on server systems must be logged, and audit reports should be saved as follows:
    • For a period of 1 month, all security-related logs should be kept online
    • For a period of 1 month, daily backups as well as weekly backups should be retained
    • For minimum of 2 years, full monthly backups should be retained
  • Any event related to security being compromised should be reported to the InfoSec team. They shall then review the logs and report the incident to the IT department.
  • A few examples of security-related events are as follows:
    • Port scanning-related attacks
    • Access to privileged accounts without authorization
    • Unusual occurrences due to a particular application being present on the host

How it works…

Following the preceding policy helps in the base configuration of the internal server that is owned or operated by the organization. Implementing the policy effectively will minimize any unauthorized access to sensitive and proprietary information.

There's more…

There are some more things to discover when we talk about security in Linux.

Security controls

When we talk about securing a Linux machine, it should always start with following a checklist in order to help in the hardening of the system. The checklist should be such that following it will confirm the implementation of proper security controls.

Conducting integrity checks of the installation medium using checksum

Whenever we download an image file of any Linux distribution, it should always be checked for correctness and safety. This can be achieved by doing an MD5 checksum of the downloaded image with the MD5 value of the correct image.

This helps in checking the integrity of the downloaded file. Any changes to the files can be detected by the MD5 hash comparison.

Whenever any changes take place in the downloaded files, the MD5 hash comparison can detect it. The larger the file size, the higher the possibility of changes in the file. It is always recommended to do the MD5 hash comparison for files such as operating system installation files on a CD.

Getting ready

The MD5 checksum is normally installed on most Linux distributions, so installation is not required.

How to do it…

  1. First open the Linux terminal and then change the directory to the folder containing the downloaded ISO file using the ubuntu@ubuntu-desktop:~$ cd Downloads command.

    Note

    Linux is case-sensitive, and type the correct spelling for the folder name. Downloads is not the same as downloads in Linux.

  2. After changing to the Downloads directory, type the following command:
    md5sum ubuntu-filename.iso
    
  3. The md5sum command will then print the calculated hash in a single line, as shown here:
    8044d756b7f00b695ab8dce07dce43e5 ubuntu-filename.iso
    

Now, we can compare the hash calculated by the preceding command with the hash on the UbuntuHashes page (https://help.ubuntu.com/community/UbuntuHashes). After opening the UbuntuHashes page, we just need to copy the preceding hash that has been calculated in the Find box of the browser (by pressing Ctrl + F).

How it works…

If the calculated hash and the hash on the UbuntuHashes page match, then the downloaded file is not damaged. If the hashes don't match, then there might be a problem with either the downloaded file or the server from where the download was made. Try downloading the file again. If the issue still persists, it is recommended that you report the issue to the administrator of the server.

See also

Here's something extra in case you want to go the extra mile: try out the GUI checksum calculator that is available for Ubuntu

Sometimes, it's really inconvenient to use a terminal in order to perform checksums. You need to know the right directory of the downloaded file and also the exact filename. This makes it difficult to remember the exact commands.

As a solution for this, there is a very small and simple software called GtkHash.

You can download the tool from http://gtkhash.sourceforge.net/, and install it using this command:

sudo apt-get install gtkhash

Using the LUKS disk encryption

In enterprises such as small businesses and government offices users may have to secure their systems in order to protect their private data, which includes customers details, important files, contact details, and so on. To do so, Linux provides good number of cryptographic techniques, which can be used to protect data on physical devices such as hard disks or a removable media. One such cryptographic technique uses the Linux Unified Key Setup-on-disk-format (LUKS). This technique allows for the encryption of Linux partitions.

LUKS has the following functionality:

  • An entire block device can be encrypted using LUKS. It's well suited to protecting data on removable storage media or laptop disk drives.
  • Once encrypted, the contents of the encrypted block devices are random, thus making it useful for the encryption of swap devices.
  • LUKS uses an existing device mapper kernel subsystem.
  • It also provides a passphrase strengthener, which helps in protecting against dictionary attacks.

Getting ready

For the following process to work, it is necessary that /home is created on a separate partition while installing Linux.

Tip

WARNING

Configuring LUKS using the given steps will remove all the data on the partition that's being encrypted. So, before starting the process of using LUKS, make sure to back up the data on an external source.

How to do it…

For manually encrypting directories follow these steps:

  1. Move to Run level 1. Type the following command in the shell prompt or terminal:
    telinit 1
    
  2. Now, unmount the current /home partition using this command:
    umount /home
    
  3. The previous command might fail if there is any process controlling /home. Find and kill any such process using the fuser command:
    fuser -mvk /home
    
  4. Check to confirm that the /home partition is not mounted now:
    grep home /proc/mounts
    
  5. Now, put some random data into the partition:
    shred -v --iterations=1 /dev/MYDisk/home
    
  6. The previous command might take some time to complete, so be patient. The time taken depends on the write speed of your device.
  7. Once the previous command completes, initialize the partition:
    cryptsetup --verbose --verify-passphrase luksFormat /dev/MYDisk/home
    
  8. Open the newly created encrypted device:
    cryptsetup luksOpen /dev/MYDisk/home 
    
  9. Check to confirm that the device is present:
    ls -l /dev/mapper | grep home
    
  10. Now create a filesystem:
    mkfs.ext3 /dev/mapper/home
    
  11. Then, mount the new filesytem:
    mount /dev/mapper/home /home
    
  12. Confirm that the filesystem is still visible:
    df -h | grep home
    
  13. Enter the following line in the /etc/crypttab file:
    home /dev/MYDisk/home none
    
  14. Make changes in the /etc/fstab file to delete the entry for /home and add the following line:
    /dev/mapper/home /home ext3 defaults 1 2
    
  15. Once completed, run this command to restore the default SELinux security settings:
    /sbin/restorecon -v -R /home
    
  16. Reboot the machine:
    shutdown -r now
    
  17. After rebooting, the system will prompt us for the LUKS passphrase on boot. You can log in as the root now and restore your backup.

Congratulations! You have successfully created an encrypted partition. Now you can keep all your data safe even when your computer is off.

How it works…

We first move into running level 1 and unmounting the /home partition. Once unmounted, we fill some random data in the /home partition. Then, we initialize the partition, using the cryptsetup command to encrypt it.

Once the encryption is done, we mount the filesystem back again, and then make an entry of the partition in the /etc/crypttab file. Also, the /etc/fstab file is edited to add an entry for the preceding encrypted partition.

After completing all the steps, we have restored the default settings of SELinux.

Doing this, the system will always ask for the LUKS passphrase on boot.

Making use of sudoers – configuring sudo access

Whenever the system administrator wants to provide trusted users administrative access to the system without sharing the password of the root user, they can do so using the sudo mechanism.

Once the user is given access using the sudo mechanism, they can execute any administrative command by preceding it with sudo. Then, the user will be asked to enter their own password. After this, the administrative command will be executed in the same way as run by the root user.

Getting ready

As the file for the configuration is predefined and the commands used are inbuilt, nothing extra needs to be configured before starting these steps.

How to do it…

  1. We will first create a normal account and then give it sudo access. Once done, we will be able to use the sudo command from the new account and then execute the administrative commands. Follow the steps given to configure the sudo access. Firstly, use the root account to login to the system. Then, create a user account using the useradd command, as shown in the following figure:
    How to do it…

    Replace USERNAME with any name of your choice in the preceding command.

  2. Now, using the passwd command, set a password for the new user account.
    How to do it…
  3. Edit the /etc/sudoers file by running visudo. The policies applied when using the sudo command are defined by the /etc/sudoers file.
    How to do it…
  4. Once the file is open in the editor, search for the following lines, which allow sudo access to the users in the test group:
    How to do it…
  5. We can enable the given configuration by deleting the comment character (#) at the beginning of the second line. Once the changes are made, save the file and exit from the editor. Now, using the usermod command, add the previously created user to the test group.
    How to do it…
  6. We need to check whether the configuration shown in the preceding screenshot allows the new user account to run commands using sudo.
  7. To switch to the newly created user account, use the su option.
    How to do it…
  8. Now, use the groups command to confirm the presence of the user account in the test group.
    How to do it…

    Finally, run the whoami command with sudo from the new account. As we have executed a command that uses sudo for the first time, using this new user account, the default banner message will be displayed for the sudo command. The screen will also ask for the user account password to be entered.

    How to do it…
  9. The last line of the preceding output is the username returned by the whoami command. If sudo is configured correctly, this value will be root.

You have successfully configured a user with sudo access. You can now log in to this user account and use sudo to run commands the same way as you would from the root user.

How it works…

When we create a new account, it does not have permission to run administrator commands. However, after editing the /etc/sudoers file and making an appropriate entry to grant sudo access to the new user account, we can start using the new user account to run all the administrator commands.

There's more…

Here is an extra measure that you can take to ensure total security.

Vulnerability assessment

A vulnerability assessment is the process of auditing our network and system security through which we can know about the confidentiality, integrity, and availability of our network. The first phase in the vulnerability assessment is reconnaissance, and this further leads to the phase of system readiness in which we mainly check for all known vulnerabilities in the target. The next phase is reporting, where we group all the vulnerabilities found into categories of low, medium, and high risk.

Scanning hosts with Nmap

Nmap is one of the most popular tools included in Linux that can be used to scan a network. It has been in existence for many years, and to date, it is one of the most preferable tools to gather information about a network.

Nmap can be used by administrators on their networks to find any open ports and host systems.

When doing a vulnerability assessment, Nmap is surely a tool that can't be missed.

Getting ready

Most Linux versions have Nmap installed. The first step is to check whether you already have it using this command:

nmap –version

If Nmap exists, you should see an output similar to what is shown here:

Getting ready

If Nmap is not already installed, you can download and install it from https://nmap.org/download.html

How to do it…

Follow these steps to scan hosts using Nmap:

  1. The most common use of Nmap is to find all online hosts within a given IP range. The default command used to do this takes some time to scan the complete network, depending on the number of hosts present in the network. However, we can optimize the process in order to scan the range faster.

    The following screenshot shows you an example of this:

    How to do it…
  2. In the preceding example, the time taken to complete the scan was 6.67 seconds when scanning 100 hosts. If the whole IP range for a particular network is to be scanned, it would take a lot more time.
  3. Now, let's try to speed up the process. The n switch tells Nmap not to perform the DNS resolution of the IP addresses, hence making the process faster. The T switch tells Nmap what speed to operate at. Here, T1 is the slowest and T5 is the fastest. The max-rtt-timeout option specifies the maximum time required to wait for the response.

    Now, the same command is shown in this example:

    How to do it…

    This time, Nmap scanned the complete IP range in 1.97 seconds. Pretty good, right?

  4. Port scanning using Nmap helps us discover services that are online, such as finding FTP servers. To do this, use the following command:
    How to do it…

    The preceding command of Nmap shall list out all the IP addresses that have port 21 open.

  5. Not only FTP, other services can also be discovered by matching the port numbers on which they run. For example, MySQL runs on port 3306. The command will now look like this:
    How to do it…

How it works…

Nmap checks for services that are listening by testing the most common network communication ports. This information helps the network administrator to close down any unwanted or unused services. The preceding examples show you how to use port scanning and Nmap as powerful tools to study the network around us.

See also

Nmap also has scripting features using which we can write custom scripts. These scripts can be used with Nmap to automate and extend its scanning capabilities. You can find more information about Nmap on its official home page at https://nmap.org/

Gaining a root on a vulnerable Linux system

When trying to learn how to scan and exploit a Linux machine, one major problem we encounter is where to try learning it. For this purpose, the Metasploit team has developed and released a VMware machine called Metasploitable. This machine has been made vulnerable purposefully and has many services running unpatched. Due to this, it becomes a great platform to practice or develop penetration testing skills. In this section, you will learn how to scan a Linux system, and then using the scanning result, find a service that is vulnerable. Using this vulnerable service, we shall gain root access to the system.

Getting ready

Backtrack 5R2 and the Metasploitable VMware system will be used in this section. The image file of Metasploitable can be downloaded from http://sourceforge.net/projects/metasploitable/files/Metasploitable2/.

How to do it…

Follow these steps to gain root access to a vulnerable Linux system:

  1. First, open the Metasploit console on the backtrack system by following this menu: navigate to Main Menu | Backtrack | Exploitation Tools | Network Exploitation Tools | Metasploit Framework | Msfconsole.
  2. Next, we need to scan the target (which is 192.168.0.1 in this example) with Nmap:

    This figure shows the output of the command that is executed:

    How to do it…

    In the preceding command, the -Ss option allows us to perform a stealth scan, and the -A option tries to discover the version information of the OS and service.

    Also, in the preceding command, we can see that there are many services running on different ports. Among them is Samba, which runs on ports 139 and 445.

    Note

    Note that Samba is a service that provides the SMB file and prints services for Windows systems.

  3. Once we are able to locate the Samba service, we will just focus on it now. From the preceding output, we can see that Samba is running version 3.x. Now, we shall try to get more specific information about the service. To do this, we will use any of the auxiliary modules of Metasploit, such as the scanner section, and look for the SMB protocol.
    How to do it…
  4. We can see that the scanner section has a SMB version detector. Now, we'll get the exact version of Samba using the SMB detector program. If we search online for all the vulnerabilities of the particular version of Samba, we will find the username map script.
  5. We can now search in the list of exploits available in Metasploit to check whether an exploit exists for the map script username using the search samba command.
    How to do it…
  6. We have found an exploit for the map script username, and it has a rating that is excellent, which means that we can use this exploit.
  7. Now, use the map script username to gain a root level shell in the system.
    How to do it…

Now, we shall gain root-level access to the system using the preceding exploit. Once we choose the exploit and configure it with the target IP address (in this case, 192.168.0.1), we will execute a command to run the exploit. Doing this will create and give us a remote session on the target system and also open a command shell. Now, run the id command in the remote shell. This will give a result—uid=0(root)gid=0(root). This confirms that we have remote root access to the target system.

How it works

We first performed an Nmap scan to check for running services and open ports and found the Samba service running. Then, we tried to find the version of the SMB service. Once we got this information, we searched for any exploit available for Samba. Using the exploit, we tried to attack the target system and got the root shell on it.

There's more…

Let's learn about a few more exploits and attacks that are peculiar to Linux.

In this section, we shall go through a few of the common exploits and attacks that Linux is vulnerable to. However, in this section, will not cover any recipes to deal with the attacks. This section is just to let you know about the common exploits used in Linux.

Null or default passwords

Often, administrators use default passwords that are provided to them by a vendor or they may even leave the administrative password blank. This happens mainly while configuring devices, such as routers, and also in BIOSes. Even some services running on Linux can contain the default administrator password. It is always recommended that you change the default password and set a new one that is only known to the administrator.

IP spoofing

An attacker can find vulnerabilities on our systems and servers, and using these, they can install background programs or attack a network. This can be done if the attacker connects his system to our network in a way that makes it appear as though there's a node in the local network. There are various tools available to assist crackers while performing IP spoofing.

Eavesdropping

An attacker can collect data passing between two active nodes that communicate on a network by eavesdropping. This type of attack works mostly with protocols such as Telnet, FTP, and HTTP. Attacks of this kind can be done when the remote attacker already has access to any system on the network. This can be made possible using other attacks such as the Man in the Middle Attack.

Service vulnerabilities

If an attacker is able to find a flaw or vulnerability in any service running on the network system, they can compromise the entire system and its data as well as other systems on the network.

Administrators should stay updated about any patches or updates that are available for any service or application running on the network system.

Denial of Service (DoS) attack

When an attacker sends unauthorized packets to the target system, which could be a server, router, or a workstation, in large numbers, it forces the resource to become unavailable to legitimate users.

The packets being sent by the attacker are usually forged, making the investigation process difficult.

Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • This book provides code-intensive discussions with detailed recipes that help you understand better and learn faster.
  • More than 50 hands-on recipes to create and administer a secure Linux system locally as well as on a network
  • Enhance file system security and local and remote user authentication by using various security tools and different versions of Linux for different tasks

Description

With the growing popularity of Linux, more and more administrators have started moving to the system to create networks or servers for any task. This also makes Linux the first choice for any attacker now. Due to the lack of information about security-related attacks, administrators now face issues in dealing with these attackers as quickly as possible. Learning about the different types of Linux security will help create a more secure Linux system. Whether you are new to Linux administration or experienced, this book will provide you with the skills to make systems more secure. With lots of step-by-step recipes, the book starts by introducing you to various threats to Linux systems. You then get to walk through customizing the Linux kernel and securing local files. Next you will move on to manage user authentication locally and remotely and also mitigate network attacks. Finally, you will learn to patch bash vulnerability and monitor system logs for security. With several screenshots in each example, the book will supply a great learning experience and help you create more secure Linux systems.

Who is this book for?

Practical Linux Security Cookbook is intended for all those Linux users who already have knowledge of Linux File systems and administration. You should be familiar with basic Linux commands. Understanding Information security and its risks to a Linux system is also helpful in understanding the recipes more easily. However, even if you are unfamiliar with Information security, you will be able to easily follow and understand the recipes discussed. Since Linux Security Cookbook follows a practical approach, following the steps is very easy.

What you will learn

  • Learn about various vulnerabilities and exploits in relation to Linux systems
  • Configure and build a secure kernel and test it
  • Learn about file permissions and security and how to securely modify files
  • Explore various ways to authenticate local users while monitoring their activities.
  • Authenticate users remotely and securely copy files on remote systems
  • Review various network security methods including firewalls using iptables and TCP Wrapper
  • Explore various security tools including Port Sentry, Squid Proxy, Shorewall, and many more
  • Understand Bash vulnerability/security and patch management
Estimated delivery fee Deliver to Austria

Premium delivery 7 - 10 business days

€17.95
(Includes tracking information)

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Apr 29, 2016
Length: 276 pages
Edition : 1st
Language : English
ISBN-13 : 9781785286421
Tools :

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Estimated delivery fee Deliver to Austria

Premium delivery 7 - 10 business days

€17.95
(Includes tracking information)

Product Details

Publication date : Apr 29, 2016
Length: 276 pages
Edition : 1st
Language : English
ISBN-13 : 9781785286421
Tools :

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total 115.97
Practical Linux Security Cookbook
€36.99
Mastering Linux Network Administration
€41.99
Learning Linux Binary Analysis
€36.99
Total 115.97 Stars icon

Table of Contents

11 Chapters
1. Linux Security Problems Chevron down icon Chevron up icon
2. Configuring a Secure and Optimized Kernel Chevron down icon Chevron up icon
3. Local Filesystem Security Chevron down icon Chevron up icon
4. Local Authentication in Linux Chevron down icon Chevron up icon
5. Remote Authentication Chevron down icon Chevron up icon
6. Network Security Chevron down icon Chevron up icon
7. Security Tools Chevron down icon Chevron up icon
8. Linux Security Distros Chevron down icon Chevron up icon
9. Patching a Bash Vulnerability Chevron down icon Chevron up icon
10. Security Monitoring and Logging Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon

Customer reviews

Rating distribution
Full star icon Full star icon Full star icon Full star icon Empty star icon 4
(1 Ratings)
5 star 0%
4 star 100%
3 star 0%
2 star 0%
1 star 0%
Happy Feb 16, 2018
Full star icon Full star icon Full star icon Full star icon Empty star icon 4
Good security references.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is the delivery time and cost of print book? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela
What is custom duty/charge? Chevron down icon Chevron up icon

Customs duty are charges levied on goods when they cross international borders. It is a tax that is imposed on imported goods. These duties are charged by special authorities and bodies created by local governments and are meant to protect local industries, economies, and businesses.

Do I have to pay customs charges for the print book order? Chevron down icon Chevron up icon

The orders shipped to the countries that are listed under EU27 will not bear custom charges. They are paid by Packt as part of the order.

List of EU27 countries: www.gov.uk/eu-eea:

A custom duty or localized taxes may be applicable on the shipment and would be charged by the recipient country outside of the EU27 which should be paid by the customer and these duties are not included in the shipping charges been charged on the order.

How do I know my custom duty charges? Chevron down icon Chevron up icon

The amount of duty payable varies greatly depending on the imported goods, the country of origin and several other factors like the total invoice amount or dimensions like weight, and other such criteria applicable in your country.

For example:

  • If you live in Mexico, and the declared value of your ordered items is over $ 50, for you to receive a package, you will have to pay additional import tax of 19% which will be $ 9.50 to the courier service.
  • Whereas if you live in Turkey, and the declared value of your ordered items is over € 22, for you to receive a package, you will have to pay additional import tax of 18% which will be € 3.96 to the courier service.
How can I cancel my order? Chevron down icon Chevron up icon

Cancellation Policy for Published Printed Books:

You can cancel any order within 1 hour of placing the order. Simply contact customercare@packt.com with your order details or payment transaction id. If your order has already started the shipment process, we will do our best to stop it. However, if it is already on the way to you then when you receive it, you can contact us at customercare@packt.com using the returns and refund process.

Please understand that Packt Publishing cannot provide refunds or cancel any order except for the cases described in our Return Policy (i.e. Packt Publishing agrees to replace your printed book because it arrives damaged or material defect in book), Packt Publishing will not accept returns.

What is your returns and refunds policy? Chevron down icon Chevron up icon

Return Policy:

We want you to be happy with your purchase from Packtpub.com. We will not hassle you with returning print books to us. If the print book you receive from us is incorrect, damaged, doesn't work or is unacceptably late, please contact Customer Relations Team on customercare@packt.com with the order number and issue details as explained below:

  1. If you ordered (eBook, Video or Print Book) incorrectly or accidentally, please contact Customer Relations Team on customercare@packt.com within one hour of placing the order and we will replace/refund you the item cost.
  2. Sadly, if your eBook or Video file is faulty or a fault occurs during the eBook or Video being made available to you, i.e. during download then you should contact Customer Relations Team within 14 days of purchase on customercare@packt.com who will be able to resolve this issue for you.
  3. You will have a choice of replacement or refund of the problem items.(damaged, defective or incorrect)
  4. Once Customer Care Team confirms that you will be refunded, you should receive the refund within 10 to 12 working days.
  5. If you are only requesting a refund of one book from a multiple order, then we will refund you the appropriate single item.
  6. Where the items were shipped under a free shipping offer, there will be no shipping costs to refund.

On the off chance your printed book arrives damaged, with book material defect, contact our Customer Relation Team on customercare@packt.com within 14 days of receipt of the book with appropriate evidence of damage and we will work with you to secure a replacement copy, if necessary. Please note that each printed book you order from us is individually made by Packt's professional book-printing partner which is on a print-on-demand basis.

What tax is charged? Chevron down icon Chevron up icon

Currently, no tax is charged on the purchase of any print book (subject to change based on the laws and regulations). A localized VAT fee is charged only to our European and UK customers on eBooks, Video and subscriptions that they buy. GST is charged to Indian customers for eBooks and video purchases.

What payment methods can I use? Chevron down icon Chevron up icon

You can pay with the following card types:

  1. Visa Debit
  2. Visa Credit
  3. MasterCard
  4. PayPal
What is the delivery time and cost of print books? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela