Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Mastering Linux Security and Hardening
Mastering Linux Security and Hardening

Mastering Linux Security and Hardening: Protect your Linux systems from intruders, malware attacks, and other cyber threats , Second Edition

eBook
€31.99 €35.99
Paperback
€44.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Table of content icon View table of contents Preview book icon Preview Book

Mastering Linux Security and Hardening

Running Linux in a Virtual Environment

So, you may be asking yourself: Why do I need to study Linux security? Isn't Linux already secure? After all, it's not Windows. But the fact is, there are many reasons.

It's true that Linux has certain advantages over Windows when it comes to security. These include the following:

  • Unlike Windows, Linux was designed from the ground up as a multiuser operating system. So, user security tends to be a bit better on a Linux system.
  • Linux offers a better separation between administrative users and unprivileged users. This makes it a bit harder for intruders, and it also makes it a bit harder for a user to accidentally infect a Linux machine with something nasty.
  • Linux is much more resistant to viruses and malware infections than Windows is. Certain Linux distributions come with built-in mechanisms, such as SELinux in Red Hat and CentOS, and AppArmor in Ubuntu, that prevent intruders from taking control of a system.
  • Linux is a free and open source software. This allows anyone who has the skill to audit Linux code to hunt for bugs or backdoors.

But even with those advantages, Linux is just like everything else that's been created by mankind. That is, it isn't perfect.

Here are the topics that we'll cover in this chapter:

  • Looking at the threat landscape
  • Why every Linux administrator needs to learn about Linux security
  • A bit about the threat landscape, with some examples of how attackers have, at times, been able to breach Linux systems
  • Resources for keeping up with IT security news
  • Differences between physical, virtual, and cloud setups
  • Setting up Ubuntu Server and CentOS virtual machines with VirtualBox, and installing the Extra Packages for Enterprise Linux (EPEL) repository in the CentOS virtual machine
  • Creating virtual machine snapshots
  • Installing Cygwin on a Windows host so that Windows users can connect to a virtual machine from their Windows hosts
  • Using the Windows 10 Bash shell to access Linux systems
  • How to keep your Linux systems updated

Looking at the threat landscape

If you've kept up with IT technology news over the past few years, you'll likely have seen at least a few articles about how attackers have compromised Linux servers. For example, while it's true that Linux isn't really susceptible to virus infections, there have been several cases where attackers have planted other types of malware on Linux servers. These cases have included the following:

  • Botnet malware: This causes a server to join a botnet that is controlled by a remote attacker. One of the more famous cases involved joining Linux servers to a botnet that launched denial-of-service (DoS) attacks against other networks.
  • Ransomware: This is designed to encrypt user data until the server owner pays a ransom fee. But even after paying the fee, there's no guarantee that the data can be recovered.
  • Cryptocoin mining software: This causes the CPUs of the server on which it's planted to work extra hard and consume more energy. Cryptocoins that get mined go to the accounts of the attackers who planted the software.

And, of course, there have been plenty of breaches that don't involve malware, such as where attackers have found a way to steal user credentials, credit card data, or other sensitive information.

Some security breaches come about because of plain carelessness. Here's an example of where a careless Adobe administrator placed the company's private security key on a public security blog: https://arstechnica.com/information-technology/2017/09/in-spectacular-fail-adobe-security-team-posts-private-pgp-key-on-blog/.

Why do security breaches happen?

Regardless of whether you're running Linux, Windows, or whatever else, the reasons for security breaches are usually the same. They could be security bugs in the operating system or security bugs in an application that's running on that operating system. Often, a bug-related security breach could have been prevented had the administrators applied security updates in a timely manner.

Another big issue is poorly configured servers. A standard, out-of-the-box configuration of a Linux server is actually quite insecure and can cause a whole ton of problems. One cause of poorly configured servers is simply the lack of properly trained personnel to securely administer Linux servers. (Of course, that's great news for the readers of this book, because—trust me—there's no lack of well-paying IT security jobs.)

And now, in addition to Linux on servers and desktops, we now have Linux on devices that are part of the Internet of Things (IoT). There have been many security problems with these devices, in large part because people just don't know how to configure them securely.

As we journey through this book, we'll see how to do business the right way, to make our servers as secure as possible.

Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • Deliver a system that reduces the risk of being hacked
  • Explore a variety of advanced Linux security techniques with the help of hands-on labs
  • Master the art of securing a Linux environment with this end-to-end practical guide

Description

From creating networks and servers to automating the entire working environment, Linux has been extremely popular with system administrators for the last couple of decades. However, security has always been a major concern. With limited resources available in the Linux security domain, this book will be an invaluable guide in helping you get your Linux systems properly secured. Complete with in-depth explanations of essential concepts, practical examples, and self-assessment questions, this book begins by helping you set up a practice lab environment and takes you through the core functionalities of securing Linux. You'll practice various Linux hardening techniques and advance to setting up a locked-down Linux server. As you progress, you will also learn how to create user accounts with appropriate privilege levels, protect sensitive data by setting permissions and encryption, and configure a firewall. The book will help you set up mandatory access control, system auditing, security profiles, and kernel hardening, and finally cover best practices and troubleshooting techniques to secure your Linux environment efficiently. By the end of this Linux security book, you will be able to confidently set up a Linux server that will be much harder for malicious actors to compromise.

Who is this book for?

This book is for Linux administrators, system administrators, and network engineers interested in securing moderate to complex Linux environments. Security consultants looking to enhance their Linux security skills will also find this book useful. Working experience with the Linux command line and package management is necessary to understand the concepts covered in this book.

What you will learn

  • Create locked-down user accounts with strong passwords
  • Configure firewalls with iptables, UFW, nftables, and firewalld
  • Protect your data with different encryption technologies
  • Harden the secure shell service to prevent security break-ins
  • Use mandatory access control to protect against system exploits
  • Harden kernel parameters and set up a kernel-level auditing system
  • Apply OpenSCAP security profiles and set up intrusion detection
  • Configure securely the GRUB 2 bootloader and BIOS/UEFI

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Feb 21, 2020
Length: 666 pages
Edition : 2nd
Language : English
ISBN-13 : 9781838983598
Vendor :
Linux Foundation
Tools :

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Product Details

Publication date : Feb 21, 2020
Length: 666 pages
Edition : 2nd
Language : English
ISBN-13 : 9781838983598
Vendor :
Linux Foundation
Tools :

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total 128.97
Linux Kernel Programming
€41.99
Mastering Linux Security and Hardening
€44.99
Mastering Windows Security and Hardening
€41.99
Total 128.97 Stars icon

Table of Contents

19 Chapters
Section 1: Setting up a Secure Linux System Chevron down icon Chevron up icon
Running Linux in a Virtual Environment Chevron down icon Chevron up icon
Securing User Accounts Chevron down icon Chevron up icon
Securing Your Server with a Firewall - Part 1 Chevron down icon Chevron up icon
Securing Your Server with a Firewall - Part 2 Chevron down icon Chevron up icon
Encryption Technologies Chevron down icon Chevron up icon
SSH Hardening Chevron down icon Chevron up icon
Section 2: Mastering File and Directory Access Control (DAC) Chevron down icon Chevron up icon
Mastering Discretionary Access Control Chevron down icon Chevron up icon
Access Control Lists and Shared Directory Management Chevron down icon Chevron up icon
Section 3: Advanced System Hardening Techniques Chevron down icon Chevron up icon
Implementing Mandatory Access Control with SELinux and AppArmor Chevron down icon Chevron up icon
Kernel Hardening and Process Isolation Chevron down icon Chevron up icon
Scanning, Auditing, and Hardening Chevron down icon Chevron up icon
Logging and Log Security Chevron down icon Chevron up icon
Vulnerability Scanning and Intrusion Detection Chevron down icon Chevron up icon
Security Tips and Tricks for the Busy Bee Chevron down icon Chevron up icon
Assessments Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.5
(4 Ratings)
5 star 75%
4 star 0%
3 star 25%
2 star 0%
1 star 0%
Mark Grimshaw Jan 15, 2022
Full star icon Full star icon Full star icon Full star icon Full star icon 5
is was great as usually
Amazon Verified review Amazon
Amazon Customer Apr 09, 2023
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Book good. Life change forever. Wife fix breakfast in bed. Geico call and offer discount. Life not been same.Lottery tickets all winners . Or possibly this has all been a coincidence!
Amazon Verified review Amazon
Hugtrw Aug 23, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Great book, read in a little under a week. Yes the book may be a little on the beginer side, but I honestly learned a lot even with being in IT for a year. A lot of the book covers REHL and Ubuntu but most of it can be applied else where as it goes over key concepts.I found 3 spelling errors and one sentence that i belived got cut off or the author could not finish their thought.I recomend this book if your getting in to security, or want to secure your server as its a good place to start.
Amazon Verified review Amazon
F. Jul 16, 2023
Full star icon Full star icon Full star icon Empty star icon Empty star icon 3
This book is not bad, but it lacks few things that really hardens a bit more the Linux system. I am a student of Networking and Cybersecurity and I learned other things by the time that goes on. When I read this book, 1 major thing I found that is missing is the usage of a OS such as Kali Linux. The author is not teaching neither the users about the PAM libraries. It is not said anywhere neither about the various shells that can be used in /etc/passwd, such as /bin/false. I still found various useful methods in that book but I think it’s going enough deep in the subject. The author is talking somewhere about Kernel Hardening but still, it says not enough and don’t take the subject deeper than using Lynis to extract some /etc/sysctl.conf and put it there. The book also takes some hardening such as grub, which is crucial if the environment is not protected with an alarm system or a security guard. Once the system boots in grub, an attacker can easily take advantage of the system if Grub2 isn’t hardened. The thing that is bad in this book is it lacks details about that too. It only scratches the surface which makes it harder to really understand the thing and harden the system the bast as possible for different personal needs.I just bought the third version lastly, from the same author and same editor and I hope this version will reach my expectations, otherwise I’m never gonna buy again from this author and I will find a better author to read from and to harden my system with the latest techniques.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

How do I buy and download an eBook? Chevron down icon Chevron up icon

Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.

If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.

Please Note: Packt eBooks are non-returnable and non-refundable.

Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:

  • You may make copies of your eBook for your own use onto any machine
  • You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website? Chevron down icon Chevron up icon

If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:

  1. Register on our website using your email address and the password.
  2. Search for the title by name or ISBN using the search option.
  3. Select the title you want to purchase.
  4. Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title. 
  5. Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook? Chevron down icon Chevron up icon
  • If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
  • To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
  • To view your account details or to download a new copy of the book go to www.packtpub.com/account
  • To contact us directly if a problem is not resolved, use www.packtpub.com/contact-us
What eBook formats do Packt support? Chevron down icon Chevron up icon

Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.

You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.

What are the benefits of eBooks? Chevron down icon Chevron up icon
  • You can get the information you need immediately
  • You can easily take them with you on a laptop
  • You can download them an unlimited number of times
  • You can print them out
  • They are copy-paste enabled
  • They are searchable
  • There is no password protection
  • They are lower price than print
  • They save resources and space
What is an eBook? Chevron down icon Chevron up icon

Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.

When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.

For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.