Preface

• What this book covers
• To get the most out of this book
• Get in touch

1. Section 1: Setting up a Secure Linux System

2. Running Linux in a Virtual Environment FREE CHAPTER

• Looking at the threat landscape
• Why do security breaches happen?
• Keeping up with security news
• Differences between physical, virtual, and cloud setups
• Introducing VirtualBox and Cygwin
• Keeping the Linux systems updated
• Summary
• Questions
• Further reading
• Answers

3. Securing Administrative User Accounts

• The dangers of logging in as the root user
• The advantages of using sudo
• Setting up sudo privileges for full administrative users
• Setting up sudo for users with only certain delegated privileges
• Advanced tips and tricks for using sudo
• New sudo features
• Special sudo considerations for SUSE and OpenSUSE
• Summary
• Questions
• Further reading
• Answers

4. Securing Normal User Accounts

• Locking down users’ home directories the Red Hat way
• Locking down users’ home directories the Debian/Ubuntu way
• Enforcing strong password criteria
• Setting and enforcing password and account expiration
• Configuring default expiry data for useradd for Red Hat-type systems only
• Setting expiry data on a per-account basis with useradd and usermod
• Setting expiry data on a per-account basis with chage
• Preventing brute-force password attacks
• Locking user accounts
• Locking the root user account
• Setting up security banners
• Detecting compromised passwords
• Understanding centralized user management
• Samba on Linux
• Summary
• Questions
• Further reading
• Answers

5. Securing Your Server with a Firewall – Part 1

• Technical requirements
• An overview of the Linux firewall
• An overview of iptables
• nftables – a more universal type of firewall system
• Summary
• Questions
• Further reading
• Answers

6. Securing Your Server with a Firewall — Part 2

• Technical requirements
• The Uncomplicated Firewall for Ubuntu systems
• firewalld for Red Hat systems
• Summary
• Questions
• Further reading
• Answers

7. Encryption Technologies

• GNU Privacy Guard (GPG)
• Encrypting partitions with Linux Unified Key Setup (LUKS)
• Encrypting directories with eCryptfs
• Encrypting the swap partition with eCryptfs
• Using VeraCrypt for cross-platform sharing of encrypted containers
• OpenSSL and the Public Key Infrastructure
• Introducing quantum-resistant encryption algorithms
• Summary
• Questions
• Further reading
• Answers

8. SSH Hardening

• Ensuring that SSH protocol 1 is disabled
• Creating and managing keys for passwordless logins
• Configuring access control with whitelists and TCP Wrappers
• Configuring automatic logouts and security banners
• Configuring other miscellaneous security settings
• Setting different configurations for different users and groups
• Creating different configurations for different hosts
• Setting up a chroot environment for SFTP users
• Sharing a directory with SSHFS
• Remotely connecting from Windows desktops
• Summary
• Questions
• Further reading
• Answers

9. Section 2: Mastering File and Directory Access Control (DAC)

10. Mastering Discretionary Access Control

• Using chown to change ownership of files and directories
• Summary
• Questions
• Further reading
• Answers

11. Access Control Lists and Shared Directory Management

• Creating an ACL for either a user or a group
• Creating an inherited ACL for a directory
• Removing a specific permission by using an ACL mask
• Using the tar --acls option to prevent the loss of ACLs during a backup
• Creating a user group and adding members to it
• Creating a shared directory
• Setting the SGID bit and the sticky bit on the shared directory
• Using ACLs to access files in the shared directory
• Summary
• Questions
• Further reading
• Answers

12. Section 3: Advanced System Hardening Techniques

13. Implementing Mandatory Access Control with SELinux and AppArmor

• How SELinux can benefit a systems administrator
• Setting security contexts for files and directories
• Troubleshooting with setroubleshoot
• Working with SELinux policies
• How AppArmor can benefit a systems administrator
• Exploiting a system with an evil Docker container
• Summary
• Questions
• Further reading
• Answers

14. Kernel Hardening and Process Isolation

• Understanding the /proc filesystem
• Setting kernel parameters with sysctl
• Configuring the sysctl.conf file
• Understanding process isolation
• Summary
• Questions
• Further reading
• Answers

15. Scanning, Auditing, and Hardening

• Installing and updating ClamAV and maldet
• Scanning with ClamAV and maldet
• Scanning for rootkits with Rootkit Hunter
• Performing a quick malware analysis with strings and VirusTotal
• Understanding the auditd daemon
• Using ausearch and aureport
• Auditing files and directories with inotifywait
• Applying OpenSCAP policies with oscap
• Summary
• Questions
• Further reading
• Answers

16. Logging and Log Security

• Understanding the Linux system log files
• Understanding rsyslog
• Understanding journald
• Making things easier with Logwatch
• Setting up a remote log server
• Maintaining Logs in Large Enterprises
• Summary
• Questions
• Further reading
• Answers

17. Vulnerability Scanning and Intrusion Detection

• Introduction to Snort and Security Onion
• Using Security Onion
• IPFire and its built-in Intrusion Prevention System (IPS)
• Scanning and hardening with Lynis
• Finding vulnerabilities with the Greenbone Security Assistant
• Web server scanning with Nikto
• Summary
• Questions
• Further reading
• Answers

18. Prevent Unwanted Programs from Running

• Mount Partitions with the no options
• Understanding fapolicyd
• Summary
• Further reading
• Questions
• Answers

19. Security Tips and Tricks for the Busy Bee

• Technical requirements
• Auditing system services
• Password-protecting the GRUB2 bootloader
• Securely configuring BIOS/UEFI
• Using a security checklist for system setup
• Summary
• Questions
• Further reading
• Answers

20. Other Books You May Enjoy

21. Index