Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Linux Security and Hardening

You're reading from   Mastering Linux Security and Hardening A practical guide to protecting your Linux system from cyber attacks

Arrow left icon
Product type Paperback
Published in Feb 2023
Publisher Packt
ISBN-13 9781837630516
Length 618 pages
Edition 3rd Edition
Languages
Tools
Concepts
Arrow right icon
Author (1):
Arrow left icon
Donald A. Tevault Donald A. Tevault
Author Profile Icon Donald A. Tevault
Donald A. Tevault
Arrow right icon
View More author details
Toc

Table of Contents (22) Chapters Close

Preface 1. Section 1: Setting up a Secure Linux System
2. Running Linux in a Virtual Environment FREE CHAPTER 3. Securing Administrative User Accounts 4. Securing Normal User Accounts 5. Securing Your Server with a Firewall – Part 1 6. Securing Your Server with a Firewall — Part 2 7. Encryption Technologies 8. SSH Hardening 9. Section 2: Mastering File and Directory Access Control (DAC)
10. Mastering Discretionary Access Control 11. Access Control Lists and Shared Directory Management 12. Section 3: Advanced System Hardening Techniques
13. Implementing Mandatory Access Control with SELinux and AppArmor 14. Kernel Hardening and Process Isolation 15. Scanning, Auditing, and Hardening 16. Logging and Log Security 17. Vulnerability Scanning and Intrusion Detection 18. Prevent Unwanted Programs from Running 19. Security Tips and Tricks for the Busy Bee 20. Other Books You May Enjoy
21. Index

What this book covers

Chapter 1, Running Linux in a Virtual Environment, gives an overview of the IT security landscape, and will inform the reader why learning Linux security would be a good career move. We’ll also show how to set up a virtual lab environment for the hands-on labs.

Chapter 2, Securing Administrative User Accounts, covers the dangers of always using the root user account, and introduces the benefits of using sudo instead.

Chapter 3, Securing Normal User Accounts, covers how to lock down normal user accounts, and ensure that the users use good-quality passwords.

Chapter 4, Securing Your Server with a Firewall – Part 1, involves working with the various types of firewall utilities.

Chapter 5, Securing Your Server with a Firewall – Part 2, continues the discussion about working with the various types of firewall utilities.

Chapter 6, Encryption Technologies, makes sure that important information—both at rest and in transit—are safeguarded with proper encryption.

Chapter 7, SSH Hardening, covers how to safeguard data in transit. The default Secure Shell configuration is anything but secure, and could lead to a security breach if left as is. This chapter shows how to fix that.

Chapter 8, Mastering Discretionary Access Control, covers how to set ownership and permissions on files and directories. We’ll also cover what SUID and SGID can do for us, and the security implications of using them. We’ll wrap things up by covering extended file attributes.

Chapter 9, Access Control Lists and Shared Directory Management, explains that normal Linux file and directory permissions settings aren’t very granular. With Access Control Lists, we can allow only a certain person to access a file, or we can allow multiple people to access a file with different permissions for each person. We’re also going to put what we’ve learned together in order to manage a shared directory for a group.

Chapter 10, Implementing Mandatory Access Control with SELinux and AppArmor, talks about SELinux, which is a Mandatory Access Control technology that is included with Red Hat-type Linux distributions. We’ll give a brief introduction here on how to use SELinux to prevent intruders from compromising a system. We’ll also give a brief introduction to AppArmor, which is another Mandatory Access Control technology that is included with Ubuntu and SUSE-type Linux distributions.

Chapter 11, Kernel Hardening and Process Isolation, covers how to tweak the Linux kernel to make it even more secure against certain types of attacks. It also covers some process isolation techniques to help prevent attackers from exploiting a Linux system.

Chapter 12, Scanning, Auditing, and Hardening, talks about how viruses that are a big problem for Windows users aren’t yet a huge problem for Linux users. If your organization has Windows clients that access Linux file servers, then this section is for you. You can use auditd to audit accesses to files, directories, or system calls on a Linux system. It won’t prevent security breaches, but it will let you know if some unauthorized person is trying to access a sensitive resource. SCAP, the Security Content Application Protocol, is a compliance framework that’s promulgated by the National Institute of Standards and Technology. OpenSCAP, the open source implementation, can be used to apply a hardening policy to a Linux computer.

Chapter 13, Logging and Log Security, gives you the basics about ryslog and journald, the two most prevalent logging systems that come with Linux-based operating systems. We’ll show you a cool way to make log reviews easier, and how to set up a secure central log server. We’ll do all of this just with the packages that come in your normal Linux distribution’s repositories.

Chapter 14, Vulnerability Scanning and Intrusion Detection, explains how to scan our systems to see if we’ve missed anything in our security configurations. We’ll also take a quick look at an intrusion detection system.

Chapter 15, Prevent Unwanted Programs from Running, explains how to use fapolicyd and partition mounting options to prevent untrusted programs from running on your system.

Chapter 16, Security Tips and Tricks for the Busy Bee, explains that since you’re dealing with security, we know that you’re a busy bee. This chapter introduces you to some quick tips and tricks to help make the job easier.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image