Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Mastering Linux Security and Hardening
  • Table Of Contents Toc
  • Feedback & Rating feedback
Mastering Linux Security and Hardening

Mastering Linux Security and Hardening

By : Donald A. Tevault
4.7 (35)
Buy this Book
close
close
Mastering Linux Security and Hardening

Mastering Linux Security and Hardening

4.7 (35)
By: Donald A. Tevault
Buy this Book

Overview of this book

The third edition of Mastering Linux Security and Hardening is an updated, comprehensive introduction to implementing the latest Linux security measures, using the latest versions of Ubuntu and AlmaLinux. In this new edition, you will learn how to set up a practice lab, create user accounts with appropriate privilege levels, protect sensitive data with permissions settings and encryption, and configure a firewall with the newest firewall technologies. You’ll also explore how to use sudo to set up administrative accounts with only the privileges required to do a specific job, and you’ll get a peek at the new sudo features that have been added over the past couple of years. You’ll also see updated information on how to set up a local certificate authority for both Ubuntu and AlmaLinux, as well as how to automate system auditing. Other important skills that you’ll learn include how to automatically harden systems with OpenSCAP, audit systems with auditd, harden the Linux kernel configuration, protect your systems from malware, and perform vulnerability scans of your systems. As a bonus, you’ll see how to use Security Onion to set up an Intrusion Detection System. By the end of this new edition, you will confidently be able to set up a Linux server that will be secure and harder for malicious actors to compromise.
Table of Contents (22 chapters)
close
close
close
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Get in touch
1
Section 1: Setting up a Secure Linux System
Icon
Section 1: Setting up a Secure Linux System
Free Chapter
2
Running Linux in a Virtual Environment
chevron up
Icon
Running Linux in a Virtual Environment
Icon
Looking at the threat landscape
Icon
Why do security breaches happen?
Icon
Keeping up with security news
Icon
Differences between physical, virtual, and cloud setups
Icon
Introducing VirtualBox and Cygwin
Icon
Keeping the Linux systems updated
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
3
Securing Administrative User Accounts
Icon
Securing Administrative User Accounts
Icon
The dangers of logging in as the root user
Icon
The advantages of using sudo
Icon
Setting up sudo privileges for full administrative users
Icon
Setting up sudo for users with only certain delegated privileges
Icon
Advanced tips and tricks for using sudo
Icon
New sudo features
Icon
Special sudo considerations for SUSE and OpenSUSE
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
4
Securing Normal User Accounts
Icon
Securing Normal User Accounts
Icon
Locking down users’ home directories the Red Hat way
Icon
Locking down users’ home directories the Debian/Ubuntu way
Icon
Enforcing strong password criteria
Icon
Setting and enforcing password and account expiration
Icon
Configuring default expiry data for useradd for Red Hat-type systems only
Icon
Setting expiry data on a per-account basis with useradd and usermod
Icon
Setting expiry data on a per-account basis with chage
Icon
Preventing brute-force password attacks
Icon
Locking user accounts
Icon
Locking the root user account
Icon
Setting up security banners
Icon
Detecting compromised passwords
Icon
Understanding centralized user management
Icon
Samba on Linux
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
5
Securing Your Server with a Firewall – Part 1
Icon
Securing Your Server with a Firewall – Part 1
Icon
Technical requirements
Icon
An overview of the Linux firewall
Icon
An overview of iptables
Icon
nftables – a more universal type of firewall system
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
6
Securing Your Server with a Firewall — Part 2
Icon
Securing Your Server with a Firewall — Part 2
Icon
Technical requirements
Icon
The Uncomplicated Firewall for Ubuntu systems
Icon
firewalld for Red Hat systems
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
7
Encryption Technologies
Icon
Encryption Technologies
Icon
GNU Privacy Guard (GPG)
Icon
Encrypting partitions with Linux Unified Key Setup (LUKS)
Icon
Encrypting directories with eCryptfs
Icon
Encrypting the swap partition with eCryptfs
Icon
Using VeraCrypt for cross-platform sharing of encrypted containers
Icon
OpenSSL and the Public Key Infrastructure
Icon
Introducing quantum-resistant encryption algorithms
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
8
SSH Hardening
Icon
SSH Hardening
Icon
Ensuring that SSH protocol 1 is disabled
Icon
Creating and managing keys for passwordless logins
Icon
Configuring access control with whitelists and TCP Wrappers
Icon
Configuring automatic logouts and security banners
Icon
Configuring other miscellaneous security settings
Icon
Setting different configurations for different users and groups
Icon
Creating different configurations for different hosts
Icon
Setting up a chroot environment for SFTP users
Icon
Sharing a directory with SSHFS
Icon
Remotely connecting from Windows desktops
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
9
Section 2: Mastering File and Directory Access Control (DAC)
Icon
Section 2: Mastering File and Directory Access Control (DAC)
10
Mastering Discretionary Access Control
Icon
Mastering Discretionary Access Control
Icon
Using chown to change ownership of files and directories
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
11
Access Control Lists and Shared Directory Management
Icon
Access Control Lists and Shared Directory Management
Icon
Creating an ACL for either a user or a group
Icon
Creating an inherited ACL for a directory
Icon
Removing a specific permission by using an ACL mask
Icon
Using the tar --acls option to prevent the loss of ACLs during a backup
Icon
Creating a user group and adding members to it
Icon
Creating a shared directory
Icon
Setting the SGID bit and the sticky bit on the shared directory
Icon
Using ACLs to access files in the shared directory
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
12
Section 3: Advanced System Hardening Techniques
Icon
Section 3: Advanced System Hardening Techniques
13
Implementing Mandatory Access Control with SELinux and AppArmor
Icon
Implementing Mandatory Access Control with SELinux and AppArmor
Icon
How SELinux can benefit a systems administrator
Icon
Setting security contexts for files and directories
Icon
Troubleshooting with setroubleshoot
Icon
Working with SELinux policies
Icon
How AppArmor can benefit a systems administrator
Icon
Exploiting a system with an evil Docker container
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
14
Kernel Hardening and Process Isolation
Icon
Kernel Hardening and Process Isolation
Icon
Understanding the /proc filesystem
Icon
Setting kernel parameters with sysctl
Icon
Configuring the sysctl.conf file
Icon
Understanding process isolation
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
15
Scanning, Auditing, and Hardening
Icon
Scanning, Auditing, and Hardening
Icon
Installing and updating ClamAV and maldet
Icon
Scanning with ClamAV and maldet
Icon
Scanning for rootkits with Rootkit Hunter
Icon
Performing a quick malware analysis with strings and VirusTotal
Icon
Understanding the auditd daemon
Icon
Using ausearch and aureport
Icon
Auditing files and directories with inotifywait
Icon
Applying OpenSCAP policies with oscap
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
16
Logging and Log Security
Icon
Logging and Log Security
Icon
Understanding the Linux system log files
Icon
Understanding rsyslog
Icon
Understanding journald
Icon
Making things easier with Logwatch
Icon
Setting up a remote log server
Icon
Maintaining Logs in Large Enterprises
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
17
Vulnerability Scanning and Intrusion Detection
Icon
Vulnerability Scanning and Intrusion Detection
Icon
Introduction to Snort and Security Onion
Icon
Using Security Onion
Icon
IPFire and its built-in Intrusion Prevention System (IPS)
Icon
Scanning and hardening with Lynis
Icon
Finding vulnerabilities with the Greenbone Security Assistant
Icon
Web server scanning with Nikto
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
18
Prevent Unwanted Programs from Running
Icon
Prevent Unwanted Programs from Running
Icon
Mount Partitions with the no options
Icon
Understanding fapolicyd
Icon
Summary
Icon
Further reading
Icon
Questions
Icon
Answers
19
Security Tips and Tricks for the Busy Bee
Icon
Security Tips and Tricks for the Busy Bee
Icon
Technical requirements
Icon
Auditing system services
Icon
Password-protecting the GRUB2 bootloader
Icon
Securely configuring BIOS/UEFI
Icon
Using a security checklist for system setup
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Answers
20
Other Books You May Enjoy
Icon
Other Books You May Enjoy
21
Index
Icon
Index

Looking at the threat landscape

If you’ve kept up with IT technology news over the past few years, you’ll likely have seen at least a few articles about how attackers have compromised Linux servers. For example, while it’s true that Linux isn’t really susceptible to virus infections, there have been several cases where attackers have planted other types of malware on Linux servers. Here are some examples:

  • Botnet malware: This causes a server to join a botnet that is controlled by a remote attacker. One of the more famous cases involved joining Linux servers to a botnet that launched denial-of-service (DoS) attacks against other networks.
  • Ransomware: This is designed to encrypt user data until the server owner pays a ransom fee. But even after paying the fee, there’s no guarantee that the data can be recovered.
  • Cryptocoin mining software: This causes the CPUs of the server on which it’s planted to work extra hard and consume more energy. Cryptocoins that get mined go to the accounts of the attackers who planted the software.

And, of course, there have been plenty of breaches that don’t involve malware, such as where attackers have found a way to steal user credentials, credit card data, or other sensitive information.

Some security breaches come about because of plain carelessness. Here’s an example of where a careless Adobe administrator placed the company’s private security key on a public security blog: https://arstechnica.com/information-technology/2017/09/in-spectacular-fail-adobe-security-team-posts-private-pgp-key-on-blog/.

Now, let’s talk a bit more about security breaches.

End of Section 3
Next Section

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY