You're reading from Mastering Linux Security and Hardening A practical guide to protecting your Linux system from cyber attacks

Product type Paperback

Published in Feb 2023

Publisher Packt

ISBN-13 9781837630516

Length 618 pages

Edition 3rd Edition

Languages

Tools

Linux

Concepts

Hardening

Author (1):

Donald A. Tevault

View More author details

Table of Contents (22) Chapters

Preface

1. Section 1: Setting up a Secure Linux System

2. Running Linux in a Virtual Environment FREE CHAPTER

3. Securing Administrative User Accounts

4. Securing Normal User Accounts

5. Securing Your Server with a Firewall – Part 1

6. Securing Your Server with a Firewall — Part 2

7. Encryption Technologies

8. SSH Hardening

9. Section 2: Mastering File and Directory Access Control (DAC)

10. Mastering Discretionary Access Control

11. Access Control Lists and Shared Directory Management

12. Section 3: Advanced System Hardening Techniques

13. Implementing Mandatory Access Control with SELinux and AppArmor

14. Kernel Hardening and Process Isolation

15. Scanning, Auditing, and Hardening

16. Logging and Log Security

17. Vulnerability Scanning and Intrusion Detection

18. Prevent Unwanted Programs from Running

19. Security Tips and Tricks for the Busy Bee

20. Other Books You May Enjoy

21. Index

Scanning and hardening with Lynis

Lynis is yet another FOSS tool that you can use to scan your systems for vulnerabilities and bad security configurations. It comes as a portable shell script that you can use not only on Linux, but also on a variety of different Unix and Unix-like systems. It’s a multipurpose tool that you can use for compliance auditing, vulnerability scanning, or hardening. Unlike most vulnerability scanners, you install and run Lynis on the system that you want to scan. According to the creator of Lynis, this allows for more in-depth scanning.

The Lynis scanning tool is available as a free-of-charge version, but its scanning capabilities are somewhat limited. If you need all that Lynis has to offer, you’ll need to purchase an enterprise license.

Installing Lynis on Red Hat/CentOS

Red Hat, CentOS 7, and AlmaLinux 8/9 users will find an up-to-date version of Lynis in the EPEL repository. So, if you have EPEL installed, as I showed you in...