Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Linux Security and Hardening

You're reading from   Mastering Linux Security and Hardening Protect your Linux systems from intruders, malware attacks, and other cyber threats

Arrow left icon
Product type Paperback
Published in Feb 2020
Publisher
ISBN-13 9781838981778
Length 666 pages
Edition 2nd Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Donald A. Tevault Donald A. Tevault
Author Profile Icon Donald A. Tevault
Donald A. Tevault
Arrow right icon
View More author details
Toc

Table of Contents (20) Chapters Close

Preface 1. Section 1: Setting up a Secure Linux System
2. Running Linux in a Virtual Environment FREE CHAPTER 3. Securing User Accounts 4. Securing Your Server with a Firewall - Part 1 5. Securing Your Server with a Firewall - Part 2 6. Encryption Technologies 7. SSH Hardening 8. Section 2: Mastering File and Directory Access Control (DAC)
9. Mastering Discretionary Access Control 10. Access Control Lists and Shared Directory Management 11. Section 3: Advanced System Hardening Techniques
12. Implementing Mandatory Access Control with SELinux and AppArmor 13. Kernel Hardening and Process Isolation 14. Scanning, Auditing, and Hardening 15. Logging and Log Security 16. Vulnerability Scanning and Intrusion Detection 17. Security Tips and Tricks for the Busy Bee 18. Assessments 19. Other Books You May Enjoy

Looking at the threat landscape

If you've kept up with IT technology news over the past few years, you'll likely have seen at least a few articles about how attackers have compromised Linux servers. For example, while it's true that Linux isn't really susceptible to virus infections, there have been several cases where attackers have planted other types of malware on Linux servers. These cases have included the following:

  • Botnet malware: This causes a server to join a botnet that is controlled by a remote attacker. One of the more famous cases involved joining Linux servers to a botnet that launched denial-of-service (DoS) attacks against other networks.
  • Ransomware: This is designed to encrypt user data until the server owner pays a ransom fee. But even after paying the fee, there's no guarantee that the data can be recovered.
  • Cryptocoin mining software: This causes the CPUs of the server on which it's planted to work extra hard and consume more energy. Cryptocoins that get mined go to the accounts of the attackers who planted the software.

And, of course, there have been plenty of breaches that don't involve malware, such as where attackers have found a way to steal user credentials, credit card data, or other sensitive information.

Some security breaches come about because of plain carelessness. Here's an example of where a careless Adobe administrator placed the company's private security key on a public security blog: https://arstechnica.com/information-technology/2017/09/in-spectacular-fail-adobe-security-team-posts-private-pgp-key-on-blog/.
You have been reading a chapter from
Mastering Linux Security and Hardening - Second Edition
Published in: Feb 2020
Publisher:
ISBN-13: 9781838981778
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image