Linux Security Cookbook

(ebook) (audiobook) (audiobook)

Autorzy:: Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes

Promocja Przejdź

Linux Security Cookbook Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes - okladka książki

Linux Security Cookbook Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes - audiobook MP3

Linux Security Cookbook Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes - audiobook CD

Wydawnictwo:: O'Reilly Media (Z chęcią przeczytam książkę w języku polskim)
Ocena:: Bądź pierwszym, który oceni tę książkę
Stron:: 336
Dostępne formaty:: ePub

Mobi

Ebook (118,15 zł najniższa cena z 30 dni)

~~139,00 zł~~ (-15%)
118,15 zł

Dodaj do koszyka lub Kup na prezent Kup 1-kliknięciem

(118,15 zł najniższa cena z 30 dni)

Przenieś na półkę

Do przechowalni

Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes--short, focused pieces of code that administrators can use to improve security and perform common tasks securely.The Linux Security Cookbook includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure.Some of the "recipes" you'll find in this book are:

Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more
Monitoring your network with tcpdump, dsniff, netstat, and other tools
Protecting network connections with Secure Shell (SSH) and stunnel
Safeguarding email sessions with Secure Sockets Layer (SSL)
Encrypting files and email messages with GnuPG
Probing your own security with password crackers, nmap, and handy scripts

This cookbook's proven techniques are derived from hard-won experience. Whether you're responsible for security on a home Linux system or for a large corporation, or somewhere in between, you'll find valuable, to-the-point, practical recipes for dealing with everyday security issues. This book is a system saver.

Wybrane bestsellery

O autorze książki

Dr Daniel J. Barrett jest inżynierem oprogramowania, administratorem systemów, muzykiem i satyrykiem. Od wczesnych lat 90. XX wieku pisze o technologiach informatycznych. Dla wydawnictwa O’Reilly napisał wiele książek, między innymi: SSH, Secure Shell: The Definitive Guide, MediaWiki i Linux. Bezpieczeństwo. Receptury.

Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes - pozostałe książki

Kup polskie wydanie:

Linux. Bezpieczeństwo. Receptury

Autor:: Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes

44,85 zł ~~69,00 zł~~ (41.4 zł najniższa cena z 30 dni)

Druk

Ebooka "Linux Security Cookbook" przeczytasz na:

czytnikach Inkbook, Kindle, Pocketbook, Onyx Booxs i innych
systemach Windows, MacOS i innych

systemach Windows, Android, iOS, HarmonyOS
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi

Masz pytania? Zajrzyj do zakładki Pomoc »

Audiobooka "Linux Security Cookbook" posłuchasz:

w aplikacji Ebookpoint na Android, iOS, HarmonyOs
na systemach Windows, MacOS i innych

na dowolonych urządzeniach
i aplikacjach obsługujących format MP3
(pliki spakowane w ZIP)

Masz pytania? Zajrzyj do zakładki Pomoc »

Kurs Video "Linux Security Cookbook" zobaczysz:

Oceny i opinie klientów: Linux Security Cookbook Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes (0) Weryfikacja opinii następuję na podstawie historii zamówień na koncie Użytkownika umieszczającego opinię. Użytkownik mógł otrzymać punkty za opublikowanie opinii uprawniające do uzyskania rabatu w ramach Programu Punktowego.

Szczegóły książki

ISBN Ebooka:: 978-14-493-6676-6, 9781449366766
Data wydania ebooka :: 2003-06-02 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@helion.pl.
Język publikacji:: 1
Rozmiar pliku ePub:: 1.6MB
Rozmiar pliku Mobi:: 4.5MB

Zgłoś erratę
Kategorie:
Hacking » Bezpieczeństwo systemów
Systemy operacyjne » Linux
Hacking » Inne

Spis treści książki

Linux Security Cookbook
Preface
- A Cookbook About Security?!?
- Intended Audience
- Roadmap of the Book
- Our Security Philosophy
- Supported Linux Distributions
- Trying the Recipes
- Conventions Used in This Book
- Wed Like to Hear from You
- Acknowledgments
1. System Snapshots with Tripwire
- 1.1. Setting Up Tripwire
  - 1.1.1. Problem
  - 1.1.2. Solution
  - 1.1.3. Discussion
  - 1.1.4. See Also
- 1.2. Displaying the Policy and Configuration
  - 1.2.1. Problem
  - 1.2.2. Solution
  - 1.2.3. Discussion
  - 1.2.4. See Also
- 1.3. Modifying the Policy and Configuration
  - 1.3.1. Problem
  - 1.3.2. Solution
  - 1.3.3. Discussion
  - 1.3.4. See Also
- 1.4. Basic Integrity Checking
  - 1.4.1. Problem
  - 1.4.2. Solution
  - 1.4.3. Discussion
  - 1.4.4. See Also
- 1.5. Read-Only Integrity Checking
  - 1.5.1. Problem
  - 1.5.2. Solution
  - 1.5.3. Discussion
  - 1.5.4. See Also
- 1.6. Remote Integrity Checking
  - 1.6.1. Problem
  - 1.6.2. Solution
  - 1.6.3. Discussion
  - 1.6.4. See Also
- 1.7. Ultra-Paranoid Integrity Checking
  - 1.7.1. Problem
  - 1.7.2. Solution
  - 1.7.3. Discussion
  - 1.7.4. See Also
- 1.8. Expensive, Ultra-Paranoid Security Checking
  - 1.8.1. Problem
  - 1.8.2. Solution
  - 1.8.3. Discussion
- 1.9. Automated Integrity Checking
  - 1.9.1. Problem
  - 1.9.2. Solution
  - 1.9.3. Discussion
  - 1.9.4. See Also
- 1.10. Printing the Latest Tripwire Report
  - 1.10.1. Problem
  - 1.10.2. Solution
  - 1.10.3. Discussion
  - 1.10.4. See Also
- 1.11. Updating the Database
  - 1.11.1. Problem
  - 1.11.2. Solution
  - 1.11.3. Discussion
  - 1.11.4. See Also
- 1.12. Adding Files to the Database
  - 1.12.1. Problem
  - 1.12.2. Solution
  - 1.12.3. Discussion
  - 1.12.4. See Also
- 1.13. Excluding Files from the Database
  - 1.13.1. Problem
  - 1.13.2. Solution
  - 1.13.3. Discussion
  - 1.13.4. See Also
- 1.14. Checking Windows VFAT Filesystems
  - 1.14.1. Problem
  - 1.14.2. Solution
  - 1.14.3. Discussion
  - 1.14.4. See Also
- 1.15. Verifying RPM-Installed Files
  - 1.15.1. Problem
  - 1.15.2. Solution
  - 1.15.3. Discussion
  - 1.15.4. See Also
- 1.16. Integrity Checking with rsync
  - 1.16.1. Problem
  - 1.16.2. Solution
  - 1.16.3. Discussion
  - 1.16.4. See Also
- 1.17. Integrity Checking Manually
  - 1.17.1. Problem
  - 1.17.2. Solution
  - 1.17.3. Discussion
  - 1.17.4. See Also
2. Firewalls with iptables and ipchains
- 2.1. Enabling Source Address Verification
  - 2.1.1. Problem
  - 2.1.2. Solution
  - 2.1.3. Discussion
  - 2.1.4. See Also
- 2.2. Blocking Spoofed Addresses
  - 2.2.1. Problem
  - 2.2.2. Solution
  - 2.2.3. Discussion
  - 2.2.4. See Also
- 2.3. Blocking All Network Traffic
  - 2.3.1. Problem
  - 2.3.2. Solution
  - 2.3.3. Discussion
  - 2.3.4. See Also
- 2.4. Blocking Incoming Traffic
  - 2.4.1. Problem
  - 2.4.2. Solution
  - 2.4.3. Discussion
  - 2.4.4. See Also
- 2.5. Blocking Outgoing Traffic
  - 2.5.1. Problem
  - 2.5.2. Solution
  - 2.5.3. Discussion
  - 2.5.4. See Also
- 2.6. Blocking Incoming Service Requests
  - 2.6.1. Problem
  - 2.6.2. Solution
  - 2.6.3. Discussion
  - 2.6.4. See Also
- 2.7. Blocking Access from a Remote Host
  - 2.7.1. Problem
  - 2.7.2. Solution
  - 2.7.3. Discussion
  - 2.7.4. See Also
- 2.8. Blocking Access to a Remote Host
  - 2.8.1. Problem
  - 2.8.2. Solution
  - 2.8.3. Discussion
  - 2.8.4. See Also
- 2.9. Blocking Outgoing Access to All Web Servers on a Network
  - 2.9.1. Problem
  - 2.9.2. Solution
  - 2.9.3. Discussion
  - 2.9.4. See Also
- 2.10. Blocking Remote Access, but Permitting Local
  - 2.10.1. Problem
  - 2.10.2. Solution
  - 2.10.3. Discussion
  - 2.10.4. See Also
- 2.11. Controlling Access by MAC Address
  - 2.11.1. Problem
  - 2.11.2. Solution
  - 2.11.3. Discussion
  - 2.11.4. See Also
- 2.12. Permitting SSH Access Only
  - 2.12.1. Problem
  - 2.12.2. Solution
  - 2.12.3. Discussion
  - 2.12.4. See Also
- 2.13. Prohibiting Outgoing Telnet Connections
  - 2.13.1. Problem
  - 2.13.2. Solution
  - 2.13.3. Discussion
  - 2.13.4. See Also
- 2.14. Protecting a Dedicated Server
  - 2.14.1. Problem
  - 2.14.2. Solution
  - 2.14.3. Discussion
  - 2.14.4. See Also
- 2.15. Preventing pings
  - 2.15.1. Problem
  - 2.15.2. Solution
  - 2.15.3. Discussion
  - 2.15.4. See Also
- 2.16. Listing Your Firewall Rules
  - 2.16.1. Problem
  - 2.16.2. Solution
  - 2.16.3. Discussion
  - 2.16.4. See Also
- 2.17. Deleting Firewall Rules
  - 2.17.1. Problem
  - 2.17.2. Solution
  - 2.17.3. Discussion
  - 2.17.4. See Also
- 2.18. Inserting Firewall Rules
  - 2.18.1. Problem
  - 2.18.2. Solution
  - 2.18.3. Discussion
  - 2.18.4. See Also
- 2.19. Saving a Firewall Configuration
  - 2.19.1. Problem
  - 2.19.2. Solution
  - 2.19.3. Discussion
  - 2.19.4. See Also
- 2.20. Loading a Firewall Configuration
  - 2.20.1. Problem
  - 2.20.2. Solution
  - 2.20.3. Discussion
  - 2.20.4. See Also
- 2.21. Testing a Firewall Configuration
  - 2.21.1. Problem
  - 2.21.2. Solution
  - 2.21.3. Discussion
  - 2.21.4. See Also
- 2.22. Building Complex Rule Trees
  - 2.22.1. Problem
  - 2.22.2. Solution
  - 2.22.3. Discussion
  - 2.22.4. See Also
- 2.23. Logging Simplified
  - 2.23.1. Problem
  - 2.23.2. Solution
  - 2.23.3. Discussion
  - 2.23.4. See Also
3. Network Access Control
- 3.1. Listing Your Network Interfaces
  - 3.1.1. Problem
  - 3.1.2. Solution
  - 3.1.3. Discussion
  - 3.1.4. See Also
- 3.2. Starting and Stopping the Network Interface
  - 3.2.1. Problem
  - 3.2.2. Solution
  - 3.2.3. Discussion
  - 3.2.4. See Also
- 3.3. Enabling/Disabling a Service (xinetd)
  - 3.3.1. Problem
  - 3.3.2. Solution
  - 3.3.3. Discussion
  - 3.3.4. See Also
- 3.4. Enabling/Disabling a Service (inetd)
  - 3.4.1. Problem
  - 3.4.2. Solution
  - 3.4.3. Discussion
  - 3.4.4. See Also
- 3.5. Adding a New Service (xinetd)
  - 3.5.1. Problem
  - 3.5.2. Solution
  - 3.5.3. Discussion
  - 3.5.4. See Also
- 3.6. Adding a New Service (inetd)
  - 3.6.1. Problem
  - 3.6.2. Solution
  - 3.6.3. Discussion
  - 3.6.4. See Also
- 3.7. Restricting Access by Remote Users
  - 3.7.1. Problem
  - 3.7.2. Solution
  - 3.7.3. Discussion
  - 3.7.4. See Also
- 3.8. Restricting Access by Remote Hosts (xinetd)
  - 3.8.1. Problem
  - 3.8.2. Solution
  - 3.8.3. Discussion
  - 3.8.4. See Also
- 3.9. Restricting Access by Remote Hosts (xinetd with libwrap)
  - 3.9.1. Problem
  - 3.9.2. Solution
  - 3.9.3. Discussion
  - 3.9.4. See Also
- 3.10. Restricting Access by Remote Hosts (xinetd with tcpd)
  - 3.10.1. Problem
  - 3.10.2. Solution
  - 3.10.3. Discussion
  - 3.10.4. See Also
- 3.11. Restricting Access by Remote Hosts (inetd)
  - 3.11.1. Problem
  - 3.11.2. Solution
  - 3.11.3. Discussion
  - 3.11.4. See Also
- 3.12. Restricting Access by Time of Day
  - 3.12.1. Problem
  - 3.12.2. Solution
  - 3.12.3. Discussion
  - 3.12.4. See Also
- 3.13. Restricting Access to an SSH Server by Host
  - 3.13.1. Problem
  - 3.13.2. Solution
  - 3.13.3. Discussion
  - 3.13.4. See Also
- 3.14. Restricting Access to an SSH Server by Account
  - 3.14.1. Problem
  - 3.14.2. Solution
  - 3.14.3. Discussion
  - 3.14.4. See Also
- 3.15. Restricting Services to Specific Filesystem Directories
  - 3.15.1. Problem
  - 3.15.2. Solution
  - 3.15.3. Discussion
  - 3.15.4. See Also
- 3.16. Preventing Denial of Service Attacks
  - 3.16.1. Problem
  - 3.16.2. Solution
  - 3.16.3. Discussion
  - 3.16.4. See Also
- 3.17. Redirecting to Another Socket
  - 3.17.1. Problem
  - 3.17.2. Solution
  - 3.17.3. Discussion
  - 3.17.4. See Also
- 3.18. Logging Access to Your Services
  - 3.18.1. Problem
  - 3.18.2. Solution
  - 3.18.3. Discussion
  - 3.18.4. See Also
- 3.19. Prohibiting root Logins on Terminal Devices
  - 3.19.1. Problem
  - 3.19.2. Solution
  - 3.19.3. Discussion
  - 3.19.4. See Also
4. Authentication Techniques and Infrastructures
- 4.1. Creating a PAM-Aware Application
  - 4.1.1. Problem
  - 4.1.2. Solution
  - 4.1.3. Discussion
  - 4.1.4. See Also
- 4.2. Enforcing Password Strength with PAM
  - 4.2.1. Problem
  - 4.2.2. Solution
  - 4.2.3. Discussion
  - 4.2.4. See Also
- 4.3. Creating Access Control Lists with PAM
  - 4.3.1. Problem
  - 4.3.2. Solution
  - 4.3.3. Discussion
  - 4.3.4. See Also
- 4.4. Validating an SSL Certificate
  - 4.4.1. Problem
  - 4.4.2. Solution
  - 4.4.3. Discussion
  - 4.4.4. See Also
- 4.5. Decoding an SSL Certificate
  - 4.5.1. Problem
  - 4.5.2. Solution
  - 4.5.3. Discussion
  - 4.5.4. See Also
- 4.6. Installing a New SSL Certificate
  - 4.6.1. Problem
  - 4.6.2. Solution
  - 4.6.3. Discussion
  - 4.6.4. See Also
- 4.7. Generating an SSL Certificate Signing Request (CSR)
  - 4.7.1. Problem
  - 4.7.2. Solution
  - 4.7.3. Discussion
  - 4.7.4. See Also
- 4.8. Creating a Self-Signed SSL Certificate
  - 4.8.1. Problem
  - 4.8.2. Solution
  - 4.8.3. Discussion
  - 4.8.4. See Also
- 4.9. Setting Up a Certifying Authority
  - 4.9.1. Problem
  - 4.9.2. Solution
  - 4.9.3. Discussion
  - 4.9.4. See Also
- 4.10. Converting SSL Certificates from DER to PEM
  - 4.10.1. Problem
  - 4.10.2. Solution
  - 4.10.3. Discussion
  - 4.10.4. See Also
- 4.11. Getting Started with Kerberos
  - 4.11.1. Problem
  - 4.11.2. Solution
  - 4.11.3. Discussion
  - 4.11.4. See Also
- 4.12. Adding Users to a Kerberos Realm
  - 4.12.1. Problem
  - 4.12.2. Solution
  - 4.12.3. Discussion
  - 4.12.4. See Also
- 4.13. Adding Hosts to a Kerberos Realm
  - 4.13.1. Problem
  - 4.13.2. Solution
  - 4.13.3. Discussion
  - 4.13.4. See Also
- 4.14. Using Kerberos with SSH
  - 4.14.1. Problem
  - 4.14.2. Solution
  - 4.14.3. Discussion
  - 4.14.4. See Also
- 4.15. Using Kerberos with Telnet
  - 4.15.1. Problem
  - 4.15.2. Solution
  - 4.15.3. Discussion
  - 4.15.4. See Also
- 4.16. Securing IMAP with Kerberos
  - 4.16.1. Problem
  - 4.16.2. Solution
  - 4.16.3. Discussion
  - 4.16.4. See Also
- 4.17. Using Kerberos with PAM for System-Wide Authentication
  - 4.17.1. Problem
  - 4.17.2. Solution
  - 4.17.3. Discussion
  - 4.17.4. See Also
5. Authorization Controls
- 5.1. Running a root Login Shell
  - 5.1.1. Problem
  - 5.1.2. Solution
  - 5.1.3. Discussion
  - 5.1.4. See Also
- 5.2. Running X Programs as root
  - 5.2.1. Problem
  - 5.2.2. Solution
  - 5.2.3. Discussion
  - 5.2.4. See Also
- 5.3. Running Commands as Another User via sudo
  - 5.3.1. Problem
  - 5.3.2. Solution
  - 5.3.3. Discussion
  - 5.3.4. See Also
- 5.4. Bypassing Password Authentication in sudo
  - 5.4.1. Problem
  - 5.4.2. Solution
  - 5.4.3. Discussion
  - 5.4.4. See Also
- 5.5. Forcing Password Authentication in sudo
  - 5.5.1. Problem
  - 5.5.2. Solution
  - 5.5.3. Discussion
  - 5.5.4. See Also
- 5.6. Authorizing per Host in sudo
  - 5.6.1. Problem
  - 5.6.2. Solution
  - 5.6.3. Discussion
  - 5.6.4. See Also
- 5.7. Granting Privileges to a Group via sudo
  - 5.7.1. Problem
  - 5.7.2. Solution
  - 5.7.3. See Also
- 5.8. Running Any Program in a Directory via sudo
  - 5.8.1. Problem
  - 5.8.2. Solution
  - 5.8.3. See Also
- 5.9. Prohibiting Command Arguments with sudo
  - 5.9.1. Problem
  - 5.9.2. Solution
  - 5.9.3. Discussion
  - 5.9.4. See Also
- 5.10. Sharing Files Using Groups
  - 5.10.1. Problem
  - 5.10.2. Solution
  - 5.10.3. Discussion
  - 5.10.4. See Also
- 5.11. Permitting Read-Only Access to a Shared File via sudo
  - 5.11.1. Problem
  - 5.11.2. Solution
  - 5.11.3. Discussion
  - 5.11.4. See Also
- 5.12. Authorizing Password Changes via sudo
  - 5.12.1. Problem
  - 5.12.2. Solution
  - 5.12.3. Discussion
  - 5.12.4. See Also
- 5.13. Starting/Stopping Daemons via sudo
  - 5.13.1. Problem
  - 5.13.2. Solution
  - 5.13.3. Discussion
  - 5.13.4. See Also
- 5.14. Restricting roots Abilities via sudo
  - 5.14.1. Problem
  - 5.14.2. Solution
  - 5.14.3. Discussion
  - 5.14.4. See Also
- 5.15. Killing Processes via sudo
  - 5.15.1. Problem
  - 5.15.2. Solution
  - 5.15.3. Discussion
  - 5.15.4. See Also
- 5.16. Listing sudo Invocations
  - 5.16.1. Problem
  - 5.16.2. Solution
  - 5.16.3. Discussion
  - 5.16.4. See Also
- 5.17. Logging sudo Remotely
  - 5.17.1. Problem
  - 5.17.2. Solution
  - 5.17.3. Discussion
  - 5.17.4. See Also
- 5.18. Sharing root Privileges via SSH
  - 5.18.1. Problem
  - 5.18.2. Solution
  - 5.18.3. Discussion
  - 5.18.4. See Also
- 5.19. Running root Commands via SSH
  - 5.19.1. Problem
  - 5.19.2. Solution
  - 5.19.3. Discussion
  - 5.19.4. See Also
- 5.20. Sharing root Privileges via Kerberos su
  - 5.20.1. Problem
  - 5.20.2. Solution
  - 5.20.3. Discussion
    - 5.20.3.1. Authentication
    - 5.20.3.2. Authorization
  - 5.20.4. See Also
6. Protecting Outgoing Network Connections
- 6.1. Logging into a Remote Host
  - 6.1.1. Problem
  - 6.1.2. Solution
  - 6.1.3. Discussion
  - 6.1.4. See Also
- 6.2. Invoking Remote Programs
  - 6.2.1. Problem
  - 6.2.2. Solution
  - 6.2.3. Discussion
  - 6.2.4. See Also
- 6.3. Copying Files Remotely
  - 6.3.1. Problem
  - 6.3.2. Solution
  - 6.3.3. Discussion
  - 6.3.4. See Also
- 6.4. Authenticating by Public Key (OpenSSH)
  - 6.4.1. Problem
  - 6.4.2. Solution
  - 6.4.3. Discussion
  - 6.4.4. See Also
- 6.5. Authenticating by Public Key (OpenSSH Client, SSH2 Server, OpenSSH Key)
  - 6.5.1. Problem
  - 6.5.2. Solution
  - 6.5.3. Discussion
  - 6.5.4. See Also
- 6.6. Authenticating by Public Key (OpenSSH Client, SSH2 Server, SSH2 Key)
  - 6.6.1. Problem
  - 6.6.2. Solution
  - 6.6.3. Discussion
  - 6.6.4. See Also
- 6.7. Authenticating by Public Key (SSH2 Client, OpenSSH Server)
  - 6.7.1. Problem
  - 6.7.2. Solution
  - 6.7.3. Description
  - 6.7.4. See Also
- 6.8. Authenticating by Trusted Host
  - 6.8.1. Problem
  - 6.8.2. Solution
  - 6.8.3. Discussion
  - 6.8.4. See Also
- 6.9. Authenticating Without a Password (Interactively)
  - 6.9.1. Problem
  - 6.9.2. Solution
  - 6.9.3. Discussion
  - 6.9.4. See Also
- 6.10. Authenticating in cron Jobs
  - 6.10.1. Problem
  - 6.10.2. Solution
  - 6.10.3. Discussion
  - 6.10.4. See Also
- 6.11. Terminating an SSH Agent on Logout
  - 6.11.1. Problem
  - 6.11.2. Solution
  - 6.11.3. Discussion
  - 6.11.4. See Also
- 6.12. Tailoring SSH per Host
  - 6.12.1. Problem
  - 6.12.2. Solution
  - 6.12.3. Discussion
  - 6.12.4. See Also
- 6.13. Changing SSH Client Defaults
  - 6.13.1. Problem
  - 6.13.2. Solution
  - 6.13.3. Discussion
  - 6.13.4. See Also
- 6.14. Tunneling Another TCP Session Through SSH
  - 6.14.1. Problem
  - 6.14.2. Solution
  - 6.14.3. Discussion
  - 6.14.4. See Also
- 6.15. Keeping Track of Passwords
  - 6.15.1. Problem
  - 6.15.2. Solution
  - 6.15.3. Discussion
  - 6.15.4. See Also
7. Protecting Files
- 7.1. Using File Permissions
  - 7.1.1. Problem
  - 7.1.2. Solution
  - 7.1.3. Discussion
  - 7.1.4. See Also
- 7.2. Securing a Shared Directory
  - 7.2.1. Problem
  - 7.2.2. Solution
  - 7.2.3. Discussion
  - 7.2.4. See Also
- 7.3. Prohibiting Directory Listings
  - 7.3.1. Problem
  - 7.3.2. Solution
  - 7.3.3. Discussion
  - 7.3.4. See Also
- 7.4. Encrypting Files with a Password
  - 7.4.1. Problem
  - 7.4.2. Solution
  - 7.4.3. Discussion
  - 7.4.4. See Also
- 7.5. Decrypting Files
  - 7.5.1. Problem
  - 7.5.2. Solution
  - 7.5.3. Discussion
  - 7.5.4. See Also
- 7.6. Setting Up GnuPG for Public-Key Encryption
  - 7.6.1. Problem
  - 7.6.2. Solution
  - 7.6.3. Discussion
  - 7.6.4. See Also
- 7.7. Listing Your Keyring
  - 7.7.1. Problem
  - 7.7.2. Solution
  - 7.7.3. Discussion
  - 7.7.4. See Also
- 7.8. Setting a Default Key
  - 7.8.1. Problem
  - 7.8.2. Solution
  - 7.8.3. Discussion
  - 7.8.4. See Also
- 7.9. Sharing Public Keys
  - 7.9.1. Problem
  - 7.9.2. Solution
  - 7.9.3. Discussion
  - 7.9.4. See Also
- 7.10. Adding Keys to Your Keyring
  - 7.10.1. Problem
  - 7.10.2. Solution
  - 7.10.3. Discussion
  - 7.10.4. See Also
- 7.11. Encrypting Files for Others
  - 7.11.1. Problem
  - 7.11.2. Solution
  - 7.11.3. Discussion
  - 7.11.4. See Also
- 7.12. Signing a Text File
  - 7.12.1. Problem
  - 7.12.2. Solution
  - 7.12.3. Discussion
  - 7.12.4. See Also
- 7.13. Signing and Encrypting Files
  - 7.13.1. Problem
  - 7.13.2. Solution
  - 7.13.3. Discussion
  - 7.13.4. See Also
- 7.14. Creating a Detached Signature File
  - 7.14.1. Problem
  - 7.14.2. Solution
  - 7.14.3. Discussion
  - 7.14.4. See Also
- 7.15. Checking a Signature
  - 7.15.1. Problem
  - 7.15.2. Solution
  - 7.15.3. Discussion
  - 7.15.4. See Also
- 7.16. Printing Public Keys
  - 7.16.1. Problem
  - 7.16.2. Solution
  - 7.16.3. Discussion
  - 7.16.4. See Also
- 7.17. Backing Up a Private Key
  - 7.17.1. Problem
  - 7.17.2. Solution
  - 7.17.3. Discussion
  - 7.17.4. See Also
- 7.18. Encrypting Directories
  - 7.18.1. Problem
  - 7.18.2. Solution
  - 7.18.3. Discussion
  - 7.18.4. See Also
- 7.19. Adding Your Key to a Keyserver
  - 7.19.1. Problem
  - 7.19.2. Solution
  - 7.19.3. Discussion
  - 7.19.4. See Also
- 7.20. Uploading New Signatures to a Keyserver
  - 7.20.1. Problem
  - 7.20.2. Solution
- 7.21. Obtaining Keys from a Keyserver
  - 7.21.1. Problem
  - 7.21.2. Solution
  - 7.21.3. Discussion
  - 7.21.4. See Also
- 7.22. Revoking a Key
  - 7.22.1. Problem
  - 7.22.2. Solution
  - 7.22.3. Discussion
  - 7.22.4. See Also
- 7.23. Maintaining Encrypted Files with Emacs
  - 7.23.1. Problem
  - 7.23.2. Solution
  - 7.23.3. Discussion
  - 7.23.4. See Also
- 7.24. Maintaining Encrypted Files with vim
  - 7.24.1. Problem
  - 7.24.2. Solution
  - 7.24.3. Discussion
  - 7.24.4. See Also
- 7.25. Encrypting Backups
  - 7.25.1. Problem
  - 7.25.2. Solution
  - 7.25.3. Discussion
  - 7.25.4. See Also
- 7.26. Using PGP Keys with GnuPG
  - 7.26.1. Problem
  - 7.26.2. Solution
  - 7.26.3. Discussion
  - 7.26.4. See Also
8. Protecting Email
- 8.1. Encrypted Mail with Emacs
  - 8.1.1. Problem
  - 8.1.2. Solution
  - 8.1.3. Discussion
  - 8.1.4. See Also
- 8.2. Encrypted Mail with vim
  - 8.2.1. Problem
  - 8.2.2. Solution
  - 8.2.3. Discussion
  - 8.2.4. See Also
- 8.3. Encrypted Mail with Pine
  - 8.3.1. Problem
  - 8.3.2. Solution
  - 8.3.3. Description
  - 8.3.4. See Also
- 8.4. Encrypted Mail with Mozilla
  - 8.4.1. Problem
  - 8.4.2. Solution
  - 8.4.3. Discussion
  - 8.4.4. See Also
- 8.5. Encrypted Mail with Evolution
  - 8.5.1. Problem
  - 8.5.2. Solution
  - 8.5.3. Discussion
  - 8.5.4. See Also
- 8.6. Encrypted Mail with mutt
  - 8.6.1. Problem
  - 8.6.2. Solution
  - 8.6.3. Discussion
  - 8.6.4. See Also
- 8.7. Encrypted Mail with elm
  - 8.7.1. Problem
  - 8.7.2. Solution
  - 8.7.3. Discussion
  - 8.7.4. See Also
- 8.8. Encrypted Mail with MH
  - 8.8.1. Problem
  - 8.8.2. Solution
  - 8.8.3. Discussion
  - 8.8.4. See Also
- 8.9. Running a POP/IMAP Mail Server with SSL
  - 8.9.1. Problem
  - 8.9.2. Solution
  - 8.9.3. Discussion
  - 8.9.4. See Also
- 8.10. Testing an SSL Mail Connection
  - 8.10.1. Problem
  - 8.10.2. Solution
  - 8.10.3. Discussion
  - 8.10.4. See Also
- 8.11. Securing POP/IMAP with SSL and Pine
  - 8.11.1. Problem
  - 8.11.2. Solution
  - 8.11.3. Discussion
  - 8.11.4. See Also
- 8.12. Securing POP/IMAP with SSL and mutt
  - 8.12.1. Problem
  - 8.12.2. Solution
  - 8.12.3. Discussion
  - 8.12.4. See Also
- 8.13. Securing POP/IMAP with SSL and Evolution
  - 8.13.1. Problem
  - 8.13.2. Solution
  - 8.13.3. Discussion
  - 8.13.4. See Also
- 8.14. Securing POP/IMAP with stunnel and SSL
  - 8.14.1. Problem
  - 8.14.2. Solution
  - 8.14.3. Discussion
  - 8.14.4. See Also
- 8.15. Securing POP/IMAP with SSH
  - 8.15.1. Problem
  - 8.15.2. Solution
  - 8.15.3. Discussion
  - 8.15.4. See Also
- 8.16. Securing POP/IMAP with SSH and Pine
  - 8.16.1. Problem
  - 8.16.2. Solution
  - 8.16.3. Discussion
  - 8.16.4. See Also
- 8.17. Receiving Mail Without a Visible Server
  - 8.17.1. Problem
  - 8.17.2. Solution
  - 8.17.3. Discussion
  - 8.17.4. See Also
- 8.18. Using an SMTP Server from Arbitrary Clients
  - 8.18.1. Problem
  - 8.18.2. Solution
  - 8.18.3. Discussion
  - 8.18.4. See Also
9. Testing and Monitoring
- 9.1. Testing Login Passwords (John the Ripper)
  - 9.1.1. Problem
  - 9.1.2. Solution
  - 9.1.3. Discussion
  - 9.1.4. See Also
- 9.2. Testing Login Passwords (CrackLib)
  - 9.2.1. Problem
  - 9.2.2. Solution
  - 9.2.3. Discussion
  - 9.2.4. See Also
- 9.3. Finding Accounts with No Password
  - 9.3.1. Problem
  - 9.3.2. Solution
  - 9.3.3. Discussion
  - 9.3.4. See Also
- 9.4. Finding Superuser Accounts
  - 9.4.1. Problem
  - 9.4.2. Solution
  - 9.4.3. Discussion
  - 9.4.4. See Also
- 9.5. Checking for Suspicious Account Use
  - 9.5.1. Problem
  - 9.5.2. Solution
  - 9.5.3. Discussion
  - 9.5.4. See Also
- 9.6. Checking for Suspicious Account Use, Multiple Systems
  - 9.6.1. Problem
  - 9.6.2. Solution
  - 9.6.3. Discussion
  - 9.6.4. See Also
- 9.7. Testing Your Search Path
  - 9.7.1. Problem
  - 9.7.2. Solution
  - 9.7.3. Discussion
  - 9.7.4. See Also
- 9.8. Searching Filesystems Effectively
  - 9.8.1. Problem
  - 9.8.2. Solution
  - 9.8.3. Discussion
  - 9.8.4. See Also
- 9.9. Finding setuid (or setgid) Programs
  - 9.9.1. Problem
  - 9.9.2. Solution
  - 9.9.3. Discussion
  - 9.9.4. See Also
- 9.10. Securing Device Special Files
  - 9.10.1. Problem
  - 9.10.2. Solution
  - 9.10.3. Discussion
  - 9.10.4. See Also
- 9.11. Finding Writable Files
  - 9.11.1. Problem
  - 9.11.2. Solution
  - 9.11.3. Discussion
  - 9.11.4. See Also
- 9.12. Looking for Rootkits
  - 9.12.1. Problem
  - 9.12.2. Solution
  - 9.12.3. Discussion
  - 9.12.4. See Also
- 9.13. Testing for Open Ports
  - 9.13.1. Problem
  - 9.13.2. Solution
  - 9.13.3. Discussion
  - 9.13.4. See Also
- 9.14. Examining Local Network Activities
  - 9.14.1. Problem
  - 9.14.2. Solution
  - 9.14.3. Discussion
  - 9.14.4. See Also
- 9.15. Tracing Processes
  - 9.15.1. Problem
  - 9.15.2. Solution
  - 9.15.3. Discussion
  - 9.15.4. See Also
- 9.16. Observing Network Traffic
  - 9.16.1. Problem
  - 9.16.2. Solution
  - 9.16.3. Discussion
  - 9.16.4. See Also
- 9.17. Observing Network Traffic (GUI)
  - 9.17.1. Problem
  - 9.17.2. Solution
  - 9.17.3. Discussion
  - 9.17.4. See Also
- 9.18. Searching for Strings in Network Traffic
  - 9.18.1. Problem
  - 9.18.2. Solution
  - 9.18.3. Discussion
  - 9.18.4. See Also
- 9.19. Detecting Insecure Network Protocols
  - 9.19.1. Problem
  - 9.19.2. Solution
  - 9.19.3. Discussion
  - 9.19.4. See Also
- 9.20. Getting Started with Snort
  - 9.20.1. Problem
  - 9.20.2. Solution
  - 9.20.3. Discussion
  - 9.20.4. See Also
- 9.21. Packet Sniffing with Snort
  - 9.21.1. Problem
  - 9.21.2. Solution
  - 9.21.3. Discussion
  - 9.21.4. See Also
- 9.22. Detecting Intrusions with Snort
  - 9.22.1. Problem
  - 9.22.2. Solution
  - 9.22.3. Discussion
  - 9.22.4. See Also
- 9.23. Decoding Snort Alert Messages
  - 9.23.1. Problem
  - 9.23.2. Solution
  - 9.23.3. Discussion
  - 9.23.4. See Also
- 9.24. Logging with Snort
  - 9.24.1. Problem
  - 9.24.2. Solution
  - 9.24.3. Discussion
  - 9.24.4. See Also
- 9.25. Partitioning Snort Logs Into Separate Files
  - 9.25.1. Problem
  - 9.25.2. Solution
  - 9.25.3. Discussion
  - 9.25.4. See Also
- 9.26. Upgrading and Tuning Snorts Ruleset
  - 9.26.1. Problem
  - 9.26.2. Solution
  - 9.26.3. Discussion
  - 9.26.4. See Also
- 9.27. Directing System Messages to Log Files (syslog)
  - 9.27.1. Problem
  - 9.27.2. Solution
  - 9.27.3. Discussion
  - 9.27.4. See Also
- 9.28. Testing a syslog Configuration
  - 9.28.1. Problem
  - 9.28.2. Solution
  - 9.28.3. Discussion
  - 9.28.4. See Also
- 9.29. Logging Remotely
  - 9.29.1. Problem
  - 9.29.2. Solution
  - 9.29.3. Discussion
  - 9.29.4. See Also
- 9.30. Rotating Log Files
  - 9.30.1. Problem
  - 9.30.2. Solution
  - 9.30.3. Discussion
  - 9.30.4. See Also
- 9.31. Sending Messages to the System Logger
  - 9.31.1. Problem
  - 9.31.2. Solution
  - 9.31.3. Discussion
  - 9.31.4. See Also
- 9.32. Writing Log Entries via Shell Scripts
  - 9.32.1. Problem
  - 9.32.2. Solution
  - 9.32.3. Discussion
  - 9.32.4. See Also
- 9.33. Writing Log Entries via Perl
  - 9.33.1. Problem
  - 9.33.2. Solution
  - 9.33.3. Discussion
  - 9.33.4. See Also
- 9.34. Writing Log Entries via C
  - 9.34.1. Problem
  - 9.34.2. Solution
  - 9.34.3. Discussion
  - 9.34.4. See Also
- 9.35. Combining Log Files
  - 9.35.1. Problem
  - 9.35.2. Solution
  - 9.35.3. Discussion
  - 9.35.4. See Also
- 9.36. Summarizing Your Logs with logwatch
  - 9.36.1. Problem
  - 9.36.2. Solution
  - 9.36.3. Discussion
  - 9.36.4. See Also
- 9.37. Defining a logwatch Filter
  - 9.37.1. Problem
  - 9.37.2. Solution
  - 9.37.3. Discussion
  - 9.37.4. See Also
- 9.38. Monitoring All Executed Commands
  - 9.38.1. Problem
  - 9.38.2. Solution
  - 9.38.3. Discussion
  - 9.38.4. See Also
- 9.39. Displaying All Executed Commands
  - 9.39.1. Problem
  - 9.39.2. Solution
  - 9.39.3. Discussion
  - 9.39.4. See Also
- 9.40. Parsing the Process Accounting Log
  - 9.40.1. Problem
  - 9.40.2. Solution
  - 9.40.3. Discussion
  - 9.40.4. See Also
- 9.41. Recovering from a Hack
  - 9.41.1. Problem
  - 9.41.2. Solution
  - 9.41.3. Discussion
  - 9.41.4. See Also
- 9.42. Filing an Incident Report
  - 9.42.1. Problem
  - 9.42.2. Solution
  - 9.42.3. Discussion
  - 9.42.4. See Also
Index
About the Authors
Colophon
Copyright