Linux Server Security, 2nd Edition View Larger Image | Michael D. Bauer
O'Reilly Media, Paperback, 2nd edition, Published January 2005, 522 pages, ISBN 0596006705 | List Price: $44.95
Our Price: $27.95
You Save: $17.00 (38% Off)
| | | Availability: Out-Of-Stock |
Be the First to Write a Review and tell the world about this title!People who purchase this book frequently purchase: - Linux Cookbook; Carla Schroder, $27.95, 38% Off!
- Linux Network Administrator's Guide, 3rd Edition; Tony Bautts, et al, $21.95, 37% Off!
- Linux Security Cookbook; Daniel J. Barrett, et al, $24.95, 38% Off!
- Linux iptables Pocket Reference; Gregor N. Purdy, $6.95, 30% Off!
Books on similar topics, in best-seller order:Books from the same publisher, in best-seller order:
Linux consistently appears high up in the list of popular Internet servers, whether
it's for the Web, anonymous FTP, or general services such as DNS and delivering
mail. But security is the foremost concern of anyone providing such a service.
Any server experiences casual probe attempts dozens of time a day, and serious
break-in attempts with some frequency as well.
This highly regarded book, originally titled Building Secure Servers with Linux,
combines practical advice with a firm knowledge of the technical tools needed
to ensure security. The book focuses on the most common use of Linux--as a hub
offering services to an organization or the Internet--and shows readers how
to harden their hosts against attacks. An all-inclusive resource for Linux users
who wish to harden their systems, Linux Server Security covers general security
such as intrusion detection and firewalling a hub, as well as key services such
as DNS, the Apache Web server, mail, and secure shell.
Author Michael D. Bauer, a security consultant, network architect, and lead
author of the popular Paranoid Penguin column in the Linux Journal, carefully
outlines the security risks, defines precautions that can minimize those risks,
and offers recipes for robust security. He is joined on several chapters by
administrator and developer Bill Lubanovic.
A number of new security topics have been added for this edition, including:
- Database security, with a focus on MySQL
- Using OpenLDAP for authentication
- An introduction to email encryption
- The Cyrus IMAP service, a popular mail delivery agent
- The vsftpd FTP server
Geared toward Linux users with little security expertise, the author explains
security concepts and techniques in clear language, beginning with the fundamentals.
Linux Server Security with Linux provides a unique balance of "big picture"
principles that transcend specific software packages and version numbers, and
very clear procedures on securing some of those software packages on several
popular distributions. With this book in hand, you'll have both the expertise
and the tools to comprehensively secure your Linux system.
Table of Contents
Preface
1. Threat Modeling and Risk Management
Components of Risk
Simple Risk Analysis: ALEs
An Alternative: Attack Trees
Defenses
Conclusion
Resources
2. Designing Perimeter Networks
Some Terminology
Types of Firewall and DMZ Architectures
Deciding What Should Reside on the DMZ
Allocating Resources in the DMZ
The Firewall
3. Hardening Linux and Using iptables
OS Hardening Principles
Automated Hardening with Bastille Linux
4. Secure Remote Administration
Why It's Time to Retire Cleartext Admin Tools
Secure Shell Background and Basic Use
Intermediate and Advanced SSH
5. OpenSSL and Stunnel
Stunnel and OpenSSL: Concepts
6. Securing Domain Name Services (DNS)
DNS Basics
DNS Security Principles
Selecting a DNS Software Package
Securing BIND
djbdns
Resources
7. Using LDAP for Authentication
LDAP Basics
Setting Up the Server
LDAP Database Management
Conclusions
Resources
8. Database Security
Types of Security Problems
Server Location
Server Installation
Database Operation
Resources
9. Securing Internet Email
Background: MTA and SMTP Security
Using SMTP Commands to Troubleshoot and Test SMTP Servers
Securing Your MTA
Sendmail
Postfix
Mail Delivery Agents
A Brief Introduction to Email Encryption
Resources
10. Securing Web Servers
Web Security
The Web Server
Web Content
Web Applications
Layers of Defense
Resources
11. Securing File Services
FTP Security
Other File-Sharing Methods
Resources
12. System Log Management and Monitoring
syslog
Syslog-ng
Testing System Logging with logger
Managing System Logfiles with logrotate
Using Swatch for Automated Log Monitoring
Some Simple Log-Reporting Tools
Resources
13. Simple Intrusion Detection Techniques
Principles of Intrusion Detection Systems
Using Tripwire
Other Integrity Checkers
Snort
Resources
Appendix:. Two Complete iptables Startup Scripts
Index
About the Author
Michael D. (Mick) Bauer, CISSP, is Network Security Architect
for a large financial services provider. He is also Security Editor for Linux
Journal Magazine, and author of its monthly "Paranoid Penguin" security
column. Mick's areas of expertise include Linux security and general Unix security,
network (TCP/IP) security, security assessment, and the development of security
policies and awareness programs.
|
