Search and Find
Service
Front Cover
1
Securing Linux
4
Copyright Page
5
Contents
10
Chapter 1. Presenting the Business Case for Open Source Software
18
Introduction
19
The Costs of Using Free Security Solutions
19
The Savings of Using Free Security Solutions
22
Comparing Free Solutions with Commercial Solutions
24
"Selling" a Free Solution
30
Summary
32
Solutions Fast Track
32
Frequently Asked Questions
33
Chapter 2. Hardening the Operating System
34
Introduction
35
Updating the Operating System
35
Handling Maintenance Issues
36
Manually Disabling Unnecessary Services and Ports
42
Locking Down Ports
45
Hardening the System with Bastille
49
Controlling and Auditing Root Access with Sudo
59
Managing Your Log Files
73
Using Logging Enhancers
74
Security Enhanced Linux
80
Securing Novell SUSE Linux
85
Novell AppArmor
91
Host Intrusion Prevention System
94
Linux Benchmark Tools
96
Summary
101
Solutions Fast Track
102
Frequently Asked Questions
106
Chapter 3. Enumeration and Scanning Your Network
108
Introduction
109
Scanning
109
Enumeration
109
How Scanning Works
111
Open Source Tools
115
Summary
133
Frequently Asked Questions
136
Chapter 4. Introducing Intrusion Detection and Snort
138
Introduction
139
How an IDS Works
140
Where Snort Fits
143
Snort System Requirements
144
Exploring Snort's Features
146
Using Snort on Your Network
153
Security Considerations with Snort
168
Summary
171
Solutions Fast Track
171
Frequently Asked Questions
173
Chapter 5. Installing and Configuring Snort and Add-Ons
174
Placing Your NIDS
175
Configuring Snort on Linux
177
Other Snort Add-Ons
189
Demonstrating Effectiveness
192
Summary
194
Solutions Fast Track
194
Frequently Asked Questions
195
Chapter 6. Advanced Snort Deployment
198
Introduction
199
Monitoring the Network
199
Configuring Channel Bonding for Linux
200
Snort Rulesets
201
Plug-Ins
205
Preprocessor Plug–Ins
205
Detection Plug-Ins
212
Output Plug-Ins
213
Snort Inline
213
Solving Specific Security Requirements
214
Summary
217
Solutions Fast Track
217
Frequently Asked Questions
219
Chapter 7. Network Analysis, Troubleshooting, and Packet Sniffing
220
Introduction
221
What Is Network Analysis and Sniffing?
221
Who Uses Network Analysis?
224
How Does It Work?
229
Sniffing Wireless
248
Protocol Dissection
250
Protecting Against Sniffers
256
Network Analysis and Policy
258
Frequently Asked Questions
263
Chapter 8. Basics of Cryptography and Encryption
266
Introduction
267
Algorithms
267
Concepts of Using Cryptography
277
Summary
284
Solutions Fast Track
284
Frequently Asked Questions
286
Chapter 9. Perimeter Security, DMZs, Remote Access, and VPNs
288
Introduction
289
Firewall Types
289
Firewall Architectures
291
Implementing Firewalls
295
Providing Secure Remote Access
342
Summary
355
Solutions Fast Track
355
Frequently Asked Questions
357
Chapter 10. Linux Bastion Hosts
358
Introduction
359
System Installation
359
Removing Optional Components
363
Additional Steps
370
Controlling Access to Resources
379
Auditing Access to Resources
383
Remote Administration
387
Bastion Host Configurations
390
Bastion Host Maintenance and Support
396
Linux Bastion Host Checklist
396
Summary
397
Solutions Fast Track
397
Frequently Asked Questions
399
Chapter 11. Apache Web Server Hardening
400
Understanding Common Vulnerabilities Within Apache Web Server
401
Patching and Securing the OS
402
Hardening the Apache Application
403
Monitoring the Server for Secure Operation
417
Index
420
All prices incl. VAT