Practical Linux Security Cookbook - Second Edition

Enhance file system security and learn about network attack, security tools and different versions of Linux build.

Preview Online

Code Files

Practical Linux Security Cookbook - Second Edition

Tajinder Kalsi

August 2018

New Release!

Enhance file system security and learn about network attack, security tools and different versions of Linux build.

Quick links: > Table of contents > What will you learn?

eBook

€10.36

RRP €37.18

Save 72%

Print + eBook

€38.99

RRP €38.99

What do I get with a Mapt subscription?

Unlimited access to all Packt’s 6,000+ eBooks and Videos
100+ new titles a month, learning paths, assessments & code files
1 Free eBook or Video to download and keep every month after trial

What do I get with an eBook?

Download this book in EPUB, PDF, MOBI formats
DRM FREE - read and interact with your content when you want, where you want, and how you want
Access this title in the subscription reader

What do I get with Print & eBook?

Get a paperback copy of the book delivered to you
Download this book in EPUB, PDF, MOBI formats
DRM FREE - read and interact with your content when you want, where you want, and how you want
Access this title in the subscription reader

What do I get with a Video?

Download this Video course in MP4 format
DRM FREE - read and interact with your content when you want, where you want, and how you want
Access this title in the subscription reader

€10.36

€38.99

RRP €37.18

RRP €38.99

eBook

Print + eBook

Frequently bought together

Practical Linux Security Cookbook - Second Edition

€ 37.18

€ 10.36

Practical Linux Security Cookbook - Second Edition

Aug 2018

482 pages

€ 10.36

Kali Linux Web Penetration Testing Cookbook - Second Edition

€ 41.98

€ 10.36

Kali Linux Web Penetration Testing Cookbook - Second Edition

Aug 2018

404 pages

€ 10.36

Buy 2 for €20.72
Save €48.70

Add to Cart

Book Details

ISBN 139781789138399

Paperback482 pages

Book Description

Over the last few years, system security has gained a lot of momentum and software professionals are focusing heavily on it. Linux is often treated as a highly secure operating system. However, the reality is that Linux has its share of security aws, and these security aws allow attackers to get into your system and modify or even destroy your important data. But there’s no need to panic, since there are various mechanisms by which these aws can be removed, and this book will help you learn about different types of Linux security to create a more secure Linux system.

With a step-by-step recipe approach, the book starts by introducing you to various threats to Linux systems. Then, this book will walk you through customizing the Linux kernel and securing local files. Next, you will move on to managing user authentication both locally and remotely and mitigating network attacks. Later, you will learn about application security and kernel vulnerabilities. You will also learn about patching Bash vulnerability, packet filtering, handling incidents, and monitoring system logs. Finally, you will learn about auditing using system services and performing vulnerability scanning on Linux.

By the end of this book, you will be able to secure your Linux systems and create a robust environment.

Chapter 1: Linux Security Problem

Security policy

Configuring server security

Security policy – server security

Defining security controls

Checking the integrity of installation medium by using checksum

Using LUKS disk encryption

Make use of sudoers – configuring sudo access

Scanning hosts with Nmap

Gaining root on a vulnerable Linux system

Missing backup plans

Chapter 2: Configuring a Secure and Optimized Kernel

Creating USB boot media

Retrieving the kernel source

Configuring and building kernel

Installing and booting from a kernel

Kernel testing and debugging

Debugging kernel boot

Kernel errors

Checking kernel parameters using Lynis

Chapter 3: Local Filesystem Security

Viewing files and directory details using ls

Using chmod to set permissions on files and directories

Using chown to change ownership of files and directories

Using ACLs to access files

File handling using the mv command (moving and renaming)

Implementing Mandatory Access Control with SELinux

Using extended file attributes to protect sensitive files

Installing and configuring a basic LDAP server on Ubuntu

Chapter 4: Local Authentication in Linux

User authentication and logging

Limiting login capabilities of users

Disabling username/password logins

Monitoring user activity using acct

Defining user authorization controls

Access Management using IDAM

Chapter 5: Remote Authentication

Remote server/host access using SSH

Enabling and disabling root login over SSH

Key-based login into SSH for restricting remote access

Copying files remotely

Setting up a Kerberos server with Ubuntu

Using LDAP for user authentication and management

Chapter 6: Network Security

Managing TCP/IP networks

Using a packet sniffer to monitor network traffic

Using IP tables for configuring a firewall

Blocking spoofed addresses

Blocking incoming traffic

Configuring and using TCP Wrappers

Blocking country-specific traffic using mod_security

Securing network traffic using SSL

Chapter 7: Security Tools

Rsync and Grsync – backup tool

Chapter 8: Linux Security Distros

Kali Linux

pfSense

Digital Evidence and Forensic Toolkit (DEFT)

Network Security Toolkit (NST)

Security Onion

Tails OS

Qubes OS

Chapter 9: Bash Vulnerability Patching

Understanding the Bash vulnerability – Shellshock

Security issues – Shellshock

Linux patch management system

Applying patches in Linux

Other well-known Linux vulnerabilities

Chapter 10: Security Monitoring and Logging

Viewing and managing log files using Logcheck

Monitoring the network using Nmap

Using Glances for system monitoring

Monitoring logs using MultiTail

Using system tools – whowatch

Using system tools – stat

Using System tools – lsof

Using System tools – strace

Real time IP LAN monitoring using IPTraf

Network security monitoring using Suricata

Network monitoring using OpenNMS

Chapter 11: Understanding Linux Service Security

Web server – HTTPD

Remote service login – Telnet

Secure remote login – SSH

File transfer security – FTP

Securing Mail Transfer – SMTP

Chapter 12: Scanning and Auditing Linux

Installing an antivirus on Linux

Scanning with ClamAV

Finding rootkits

Using the auditd daemon

Using ausearch and aureport to read logs

Auditing system services with systemctl

Chapter 13: Vulnerability Scanning and Intrusion Detection

Network security monitoring using Security Onion

Finding vulnerabilities with OpenVAS

Using Nikto for web server scanning

Hardening using Lynis

What You Will Learn

Learn about vulnerabilities and exploits in relation to Linux systems
Configure and build a secure kernel and test it
Learn about file permissions and how to securely modify files
Authenticate users remotely and securely copy files on remote systems
Review different network security methods and tools
Perform vulnerability scanning on Linux machines using tools
Learn about malware scanning and read through logs

Authors

Tajinder Kalsi

Tajinder Kalsi has more than 9 years of working experience in the field of IT. He has conducted seminars all across India, on topics such as information security and Android application development at more than 120 colleges, teaching more than 10,000 students. Apart from training, he has also worked on VAPT projects for various clients. When talking about certifications, Tajinder is an ISO 2700 LA and also IBM certified analyst.

Prior to this course, Tajinder authored Practical Linux Security Cookbook, published by Packt Publishing. He has also authored three video courses with Packt: Getting Started with Pentensing, Finding and Exploiting Hidden Vulnerabilities, and Pentesting Web Applications.

Chapter 1: Linux Security Problem

Security policy

Configuring server security

Security policy – server security

Defining security controls

Checking the integrity of installation medium by using checksum

Using LUKS disk encryption

Make use of sudoers – configuring sudo access

Scanning hosts with Nmap

Gaining root on a vulnerable Linux system

Missing backup plans

Chapter 2: Configuring a Secure and Optimized Kernel