You're reading from Mastering Linux Security and Hardening A practical guide to protecting your Linux system from cyber attacks

Product type Paperback

Published in Feb 2023

Publisher Packt

ISBN-13 9781837630516

Length 618 pages

Edition 3rd Edition

Languages

Tools

Linux

Concepts

Hardening

Author (1):

Donald A. Tevault

View More author details

Table of Contents (22) Chapters

Preface

1. Section 1: Setting up a Secure Linux System

2. Running Linux in a Virtual Environment FREE CHAPTER

3. Securing Administrative User Accounts

4. Securing Normal User Accounts

5. Securing Your Server with a Firewall – Part 1

6. Securing Your Server with a Firewall — Part 2

7. Encryption Technologies

8. SSH Hardening

9. Section 2: Mastering File and Directory Access Control (DAC)

10. Mastering Discretionary Access Control

11. Access Control Lists and Shared Directory Management

12. Section 3: Advanced System Hardening Techniques

13. Implementing Mandatory Access Control with SELinux and AppArmor

14. Kernel Hardening and Process Isolation

15. Scanning, Auditing, and Hardening

16. Logging and Log Security

17. Vulnerability Scanning and Intrusion Detection

18. Prevent Unwanted Programs from Running

19. Security Tips and Tricks for the Busy Bee

20. Other Books You May Enjoy

21. Index

To get the most out of this book

A working knowledge of basic Linux commands and how to navigate through the Linux filesystem.
A basic knowledge about tools such as less and grep.
Familiarity with command-line editing tools, such as vim or nano.
A basic knowledge of how to control systemd services with systemctl commands.

For hardware, you don’t need anything fancy. All you need is a machine that’s capable of running 64-bit virtual machines. So, you can use any host machine that runs with almost any modern CPU from either Intel or AMD. (There are a couple of exceptions, though. First, some Intel Core i3 and Core i5 CPUs lack the required hardware acceleration to run virtual machines. Also, AlmaLinux 9, which we’ll be using, won’t run on the first generation of x86_64 CPUs. So, if you have an x86_64 machine that was made prior to 2010, AlmaLinux 9 won’t run on it.) For memory, I’d recommend using a host machine with at least 8 GB.

You can run any of the three major desktop operating systems on your machine, because the virtualization software that we’ll be using comes in flavors for Windows, macOS, and Linux.

Download the example code files

The code bundle for the book is hosted on GitHub at https://github.com/PacktPublishing/Mastering-Linux-Security-and-Hardening-3E. We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://packt.link/wcaG3

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. For example: “open Firefox and navigate to https://localhost:9392"

A block of code is set as follows:

HTTP TRACK method is active, suggesting the host is vulnerable to XST
Cookie wordpress_test_cookie created without the httponly flag

Any command-line input or output is written as follows:

sudo apt update
sudo apt install podman

Bold: Indicates a new term, an important word, or words that you see on the screen. For instance, words in menus or dialog boxes appear in the text like this. For example: “Set one to Bridged mode and leave the other in NAT mode.”

Warnings or important notes appear like this.

Tips and tricks appear like this.