Charles River Media - Linux Network Security

• Linux Network Security
• Back Cover
• About
• Preface
• Chapter 1: Introduction—The Need For Security
  • 1.2 JUST WHO IS AT RISK?
  • 1.3 THE IMPLICATIONS OF A COMPROMISE
  • 1.4 HACKERS AND CRACKERS
  • SUMMARY
  • ENDNOTES
  • REFERENCES
• Chapter 2: Understanding the Problem
  • PART I: ATTACKS AGAINST LINUX
  • 2.1 EXPLOITS AND VULNERABILITIES
  • 2.2 TROJANS AND BACKDOORS
  • 2.3 ROOTKITS
  • PART II: ATTACKS AGAINST THE NETWORK
  • 2.4 DENIAL OF SERVICE (DOS)
  • 2.5 TCP/IP ATTACKS
  • SUMMARY
  • ENDNOTES
  • REFERENCES
• Chapter 3: A Secure Topology
  • 3.1 NETWORK TOPOLOGY
  • 3.2 A DETOUR INTO IPTABLES
  • 3.3 IMPLEMENTING THE THREE-LEGGED MODEL
  • 3.4 NETWORK TUNING WITH THE /proc FILESYSTEM
  • 3.5 VIRTUAL PRIVATE NETWORKS AND IP SECURITY
  • SUMMARY
  • ENDNOTES
  • REFERENCES
• Chapter 4: Assessing the Network
  • 4.1 PORTSCANNING WITH NMAP
  • 4.2 VULNERABILITY AUDITING WITH NESSUS
  • 4.3 WEB SITE AUDITING WITH NIKTO
  • SUMMARY
  • ENDNOTES
  • REFERENCES
• Chapter 5: Packet Filtering with Iptables
  • 5.1 THE COMPONENTS OF AN IPTABLES RULE
  • 5.2 CREATING A FIREWALL RULESET
  • 5.3 FIREWALL MANAGEMENT: DEALING WITH DYNAMIC IP ADDRESSES
  • SUMMARY
  • ENDNOTES
  • REFERENCES
• Chapter 6: Basic System Security Measures
  • 6.1 PASSWORD PROTECTION
  • 6.2 USER CONTROL AND PAM
  • 6.3 SERVICES
  • 6.4 TIGHTENING USER PERMISSIONS
  • 6.5 DELEGATING ROOT ACCESS
  • 6.6 PHYSICAL SECURITY
  • SUMMARY
  • ENDNOTES
  • REFERENCES
• Chapter 7: Desktop Security
  • 7.1 VIRUSES AND WORMS
  • 7.2 SAFE WEB BROWSING
  • 7.3 E-MAIL
  • 7.4 X WINDOWS
  • SUMMARY
  • ENDNOTES
  • REFERENCES
• Chapter 8: System Hardening
  • 8.1 CHOOSING A DISTRIBUTION
  • 8.2 chroot ENVIRONMENTS
  • 8.3 STRIPPING DOWN LINUX
  • 8.4 MEMORY PROTECTION
  • 8.5 POLICING SYSTEM CALL WITH SYSTRACE
  • SUMMARY
  • ENDNOTES
  • REFERENCES
• Chapter 9: Access Control
  • 9.1 INTRODUCTION TO ACCESS CONTROL
  • 9.2 ROLE-BASED ACCESS CONTROL WITH GRSECURITY
  • 9.3 LIDS: LINUX INTRUSION DETECTION SYSTEM (LIDS)
  • 9.4 OTHER ACCESS CONTROL PROJECTS
  • SUMMARY
  • ENDNOTES
  • REFERENCES
• Chapter 10: Securing Services
  • 10.1 WEB SERVICES AND APACHE
  • 10.2 SSH
  • 10.3 NFS AND NIS
  • 10.4 DNS AND BIND
  • 10.5 E-MAIL
  • 10.6 FTP
  • SUMMARY
  • ENDNOTES
  • REFERENCES
• Chapter 11: Keeping Secure
  • 11.1 STAYING UP TO DATE
  • 11.2 LOGGING AND LOG ANALYSIS
  • 11.3 SYSTEM INTEGRITY
  • 11.4 INTRUSION DETECTION
  • 11.5 RECOVERING FROM A COMPROMISE
  • SUMMARY
  • REFERENCES
• Appendix A: Recompiling the Linux Kernel
  • OBTAINING THE KERNEL SOURCE CODE
  • CONFIGURING THE KERNEL
  • COMPILING THE KERNEL
  • INSTALLING THE KERNEL
  • ENDNOTE
• Appendix B: Kernel Configuration Options for Networking
  • NETWORKING SUPPORT -> NETWORKING OPTIONS
  • NETWORKING SUPPORT -> NETWORKING OPTIONS -> TCP/IP NETWORKING
  • NETWORKING SUPPORT -> NETWORKING OPTIONS -> NETWORK PACKET FILTERING -> IP: NETFILTER CONFIGURATION
  • NETWORKING SUPPORT -> NETWORKING OPTIONS -> NETWORK PACKET FILTERING -> IP: NETFILTER CONFIGURATION -> CONNECTION TRACKING
  • NETWORKING SUPPORT -> NETWORKING OPTIONS -> NETWORK PACKET FILTERING -> IP: NETFILTER CONFIGURATION -> IPTABLES SUPPORT
  • NETWORKING SUPPORT -> NETWORKING OPTIONS -> NETWORK PACKET FILTERING -> IP: NETFILTER CONFIGURATION -> ARP TABLES SUPPORT
• Appendix C: NAT Firewall Script
• Appendix D: Complete Firewall Script
• Appendix E: Cryptography
  • ATTACKS AGAINST CRYPTOGRAPHY
  • POPULAR ENCRYPTION ALGORITHMS
  • HASH ALGORITHMS
  • PUBLIC KEY CRYPTOGRAPHY (PKC)
  • PGP, PGPI, OPENPGP, AND GNUPG
  • REFERENCES
• Appendix F: About the CD-ROM
• CD-ROM FILES
• List of Figures
• List of Tables

• Back Cover
• Chapter 1: Introduction—The Need For Security
• Chapter 2: Understanding the Problem
• Chapter 3: A Secure Topology
• Chapter 4: Assessing the Network
• Chapter 5: Packet Filtering with Iptables
• Chapter 6: Basic System Security Measures
• Chapter 7: Desktop Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Linux Network Security
• Preface