You're reading from Mastering Linux Security and Hardening A practical guide to protecting your Linux system from cyber attacks

Product type Paperback

Published in Feb 2023

Publisher Packt

ISBN-13 9781837630516

Length 618 pages

Edition 3rd Edition

Languages

Tools

Linux

Concepts

Hardening

Author (1):

Donald A. Tevault

View More author details

Table of Contents (22) Chapters

Preface

1. Section 1: Setting up a Secure Linux System

2. Running Linux in a Virtual Environment FREE CHAPTER

3. Securing Administrative User Accounts

4. Securing Normal User Accounts

5. Securing Your Server with a Firewall – Part 1

6. Securing Your Server with a Firewall — Part 2

7. Encryption Technologies

8. SSH Hardening

9. Section 2: Mastering File and Directory Access Control (DAC)

10. Mastering Discretionary Access Control

11. Access Control Lists and Shared Directory Management

12. Section 3: Advanced System Hardening Techniques

13. Implementing Mandatory Access Control with SELinux and AppArmor

14. Kernel Hardening and Process Isolation

15. Scanning, Auditing, and Hardening

16. Logging and Log Security

17. Vulnerability Scanning and Intrusion Detection

18. Prevent Unwanted Programs from Running

19. Security Tips and Tricks for the Busy Bee

20. Other Books You May Enjoy

21. Index

Performing a quick malware analysis with strings and VirusTotal

Malware analysis is one of those advanced topics that I can’t cover in detail here. However, I can show you a couple of quick ways to analyze a suspicious file.

Analyze a file with strings

Executable files often have strings of text embedded in them. You can use the strings utility to look at those strings. (Yeah, that makes sense, right?) Depending on your distro, strings might or might not already be installed. It’s already on CentOS and AlmaLinux, but to get it on Ubuntu, you’ll need to install the binutils package, like so:

sudo apt install binutils

As an example, let’s look at a Your File Is Ready To Download_2285169994.exe file that was automatically downloaded from a cryptocoin faucet site. To examine the file, I’ll do this:

strings "Your File Is Ready To Download_2285169994.exe" > output.txt
vim output.txt

I saved the output to a text file...

The rest of the chapter is locked

You're reading from Mastering Linux Security and Hardening A practical guide to protecting your Linux system from cyber attacks

Table of Contents (22) Chapters

Performing a quick malware analysis with strings and VirusTotal

Analyze a file with strings

Authors (1)

Personalised recommendations for you

You're reading from Mastering Linux Security and Hardening A practical guide to protecting your Linux system from cyber attacks

Table of Contents (22) Chapters

Performing a quick malware analysis with strings and VirusTotal

Analyze a file with strings

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you