Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Practical Linux Security Cookbook
  • Table Of Contents Toc
  • Feedback & Rating feedback
Practical Linux Security Cookbook

Practical Linux Security Cookbook

By : Kalsi
3.7 (3)
Buy this Book
close
close
Practical Linux Security Cookbook

Practical Linux Security Cookbook

3.7 (3)
By: Kalsi
Buy this Book

Overview of this book

Over the last few years, system security has gained a lot of momentum and software professionals are focusing heavily on it. Linux is often treated as a highly secure operating system. However, the reality is that Linux has its share of security ?aws, and these security ?aws allow attackers to get into your system and modify or even destroy your important data. But there’s no need to panic, since there are various mechanisms by which these ?aws can be removed, and this book will help you learn about different types of Linux security to create a more secure Linux system. With a step-by-step recipe approach, the book starts by introducing you to various threats to Linux systems. Then, this book will walk you through customizing the Linux kernel and securing local files. Next, you will move on to managing user authentication both locally and remotely and mitigating network attacks. Later, you will learn about application security and kernel vulnerabilities. You will also learn about patching Bash vulnerability, packet filtering, handling incidents, and monitoring system logs. Finally, you will learn about auditing using system services and performing vulnerability scanning on Linux. By the end of this book, you will be able to secure your Linux systems and create a robust environment.
Table of Contents (15 chapters)
close
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Sections
Get in touch
Free Chapter
1
Linux Security Problem
Linux Security Problem
Security policy
Configuring server security
Security policy – server security
Defining security controls
Checking the integrity of installation medium by using checksum
Using LUKS disk encryption
Make use of sudoers – configuring sudo access
Scanning hosts with Nmap
Gaining root on a vulnerable Linux system
Missing backup plans
2
Configuring a Secure and Optimized Kernel
Configuring a Secure and Optimized Kernel
Creating USB boot media
Retrieving the kernel source
Configuring and building kernel
Installing and booting from a kernel
Kernel testing and debugging
Debugging kernel boot
Kernel errors
Checking kernel parameters using Lynis
3
Local Filesystem Security
Local Filesystem Security
Viewing files and directory details using ls
Using chmod to set permissions on files and directories
Using chown to change ownership of files and directories
Using ACLs to access files
File handling using the mv command (moving and renaming)
Implementing Mandatory Access Control with SELinux
Using extended file attributes to protect sensitive files
Installing and configuring a basic LDAP server on Ubuntu
4
Local Authentication in Linux
Local Authentication in Linux
User authentication and logging
Limiting login capabilities of users
Disabling username/password logins
Monitoring user activity using acct
Login authentication using a USB device and PAM
Defining user authorization controls
Access Management using IDAM
5
Remote Authentication
Remote Authentication
Remote server/host access using SSH
Enabling and disabling root login over SSH
Key-based login into SSH for restricting remote access
Copying files remotely
Setting up a Kerberos server with Ubuntu
Using LDAP for user authentication and management
6
Network Security
Network Security
Managing TCP/IP networks
Using a packet sniffer to monitor network traffic
Using IP tables for configuring a firewall
Blocking spoofed addresses
Blocking incoming traffic
Configuring and using TCP Wrappers
Blocking country-specific traffic using mod_security
Securing network traffic using SSL
7
Security Tools
Security Tools
Linux sXID
Port Sentry
Using Squid proxy
Open SSL server
Tripwire
Shorewall
OSSEC
Snort
Rsync and Grsync – backup tool
8
Linux Security Distros
Linux Security Distros
Kali Linux
pfSense
Digital Evidence and Forensic Toolkit  (DEFT)
Network Security Toolkit (NST)
Security Onion
Tails OS
Qubes OS
9
Bash Vulnerability Patching
Bash Vulnerability Patching
Understanding the Bash vulnerability – Shellshock
Security issues – Shellshock
Linux patch management system
Applying patches in Linux
Other well-known Linux vulnerabilities
10
Security Monitoring and Logging
chevron up
Security Monitoring and Logging
Viewing and managing log files using Logcheck
Monitoring the network using Nmap
Using Glances for system monitoring
Monitoring logs using MultiTail
Using system tools – whowatch
Using system tools – stat
Using System tools – lsof
Using System tools – strace
Real time IP LAN monitoring using IPTraf
Network security monitoring using Suricata
Network monitoring using OpenNMS
11
Understanding Linux Service Security
Understanding Linux Service Security
Web server – HTTPD
Remote service login – Telnet
Secure remote login – SSH
File transfer security – FTP
Securing Mail Transfer – SMTP
12
Scanning and Auditing Linux
Scanning and Auditing Linux
Installing an antivirus on Linux
Scanning with ClamAV
Finding rootkits
Using the auditd daemon
Using ausearch and aureport to read logs
Auditing system services with systemctl
13
Vulnerability Scanning and Intrusion Detection
Vulnerability Scanning and Intrusion Detection
Network security monitoring using Security Onion
Finding vulnerabilities with OpenVAS
Using Nikto for web server scanning
Hardening using Lynis
14
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Monitoring the network using Nmap

For any network, big or small, network monitoring and security is a very essential task. Regular monitoring of the network is important to protect the systems from attacks and also keeps viruses and malware out of the network.

Nmap, short forNetwork Mapper, is a free and open source tool for network monitoring and is the most versatile tool for system/network administrators. Nmap can be used to perform security scans, explore the network, find open ports on the remote system, and perform network audits.

 

Getting ready

To show you the workings of nmap, we need a minimum of two systems forming a small network. On one system, we will install the nmap package, while the other system will be used as a host to scan.

  1. To install nmap, if it is not already installed, run the following command:
  1. If we want to check the version of Nmap, we can use the following command:

How to do it...

In this section, we will see how we can use Nmap for performing different types of scans...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 3
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY