Linux Security Cookbook Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes

Linux Security Cookbook Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes - okladka książki

Autorzy:: Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes
Wydawnictwo:: O'Reilly Media (Z chęcią przeczytam książkę w języku polskim)
Ocena:: Bądź pierwszym, który oceni tę książkę
Stron:: 336
Dostępne formaty:: ePub

Mobi

Ebook 109,65 zł najniższa cena z 30 dni

~~129,00 zł~~ (-15%)
109,65 zł

Dodaj do koszyka lub Kup na prezent Kup 1-kliknięciem

109,65 zł najniższa cena z 30 dni

Przenieś na półkę

Do przechowalni

Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes--short, focused pieces of code that administrators can use to improve security and perform common tasks securely.The Linux Security Cookbook includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure.Some of the "recipes" you'll find in this book are:

Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more
Monitoring your network with tcpdump, dsniff, netstat, and other tools
Protecting network connections with Secure Shell (SSH) and stunnel
Safeguarding email sessions with Secure Sockets Layer (SSL)
Encrypting files and email messages with GnuPG
Probing your own security with password crackers, nmap, and handy scripts

This cookbook's proven techniques are derived from hard-won experience. Whether you're responsible for security on a home Linux system or for a large corporation, or somewhere in between, you'll find valuable, to-the-point, practical recipes for dealing with everyday security issues. This book is a system saver.

Wybrane bestsellery

O autorze książki

Dr Daniel J. Barrett jest inżynierem oprogramowania, administratorem systemów, muzykiem i satyrykiem. Od wczesnych lat 90. XX wieku pisze o technologiach informatycznych. Dla wydawnictwa O’Reilly napisał wiele książek, między innymi: SSH, Secure Shell: The Definitive Guide, MediaWiki i Linux. Bezpieczeństwo. Receptury.

Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes - pozostałe książki

Promocja

Take your Linux skills to the next level! Whether you're a system administrator, software developer, site reliability engineer, or enthusiastic hobbyist, this practical, hands-on book will help you work faster, smarter, and more efficiently. You'll learn how to create and run complex commands that solve real business problems, process and retrieve
- ePub + Mobi
Efficient Linux at the Command Line

Daniel J. Barrett

(160,65 zł najniższa cena z 30 dni)

169.14 zł ~~199.00 zł (-15%)~~
Promocja

Niniejsza książka jest zwięzłym przewodnikiem po systemie. Docenią ją zarówno początkujący, jak i zaawansowani użytkownicy. Opisano tu ważne i użyteczne aspekty Linuksa, tak aby każdy szybko mógł rozpocząć efektywną pracę. W tym wydaniu książki pojawiły się również nowe polecenia służące do przetwarzania plików audiowizualnych, odczytywania i zapisywania zawartości schowka systemowego oraz do wykonywania operacji na plikach PDF. Nie pominięto też idiomów powłoki, takich jak podstawianie poleceń czy przekazywanie ich potokiem do powłoki.
- PDF + ePub + Mobi
- Druk
Linux. Leksykon kieszonkowy. Wydanie III

Daniel J. Barrett

(9,90 zł najniższa cena z 30 dni)

16.45 zł ~~29.90 zł (-45%)~~
Promocja

„Linux. Leksykon kieszonkowy” to książka dla tych, których do Linuksa zniechęca konieczność zapamiętania niezliczonej ilości poleceń i parametrów, oraz dla tych, którzy pracują z nim na co dzień i potrzebują podręcznej ściągi. Znajdziesz tu zestawienie poleceń najczęściej używanych w codziennej pracy. Ponadto dowiesz się, jak dopasować system do własnych potrzeb oraz jak programować skrypty powłoki. W trakcie lektury przekonasz się, że wiele zadań szybciej wykonasz w trybie tekstowym niż graficznym. Książka ta jest nieocenionym pomocnikiem każdego użytkownika systemu Linux, dlatego warto mieć ją pod ręką!
- PDF + ePub + Mobi
- Druk
Linux. Leksykon kieszonkowy. Wydanie II

Daniel J. Barrett

(9,90 zł najniższa cena z 30 dni)

13.70 zł ~~24.90 zł (-45%)~~
Promocja

Are you serious about network security? Then check out SSH, the Secure Shell, which provides key-based authentication and transparent encryption for your network connections. It's reliable, robust, and reasonably easy to use, and both free and commercial implementations are widely available for most operating systems. While it doesn't solve every p
- ePub + Mobi
SSH, The Secure Shell: The Definitive Guide. The Definitive Guide. 2nd Edition

Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes

(135,15 zł najniższa cena z 30 dni)

126.65 zł ~~149.00 zł (-15%)~~
Promocja

Książka "Linux. Bezpieczeństwo. Przewodnik encyklopedyczny" nauczy Cię, jakie polecenia należy wykonać i co wpisać w plikach konfiguracyjnych, by poprawić bezpieczeństwo Twojego systemu. Nie jest to klasyczny podręcznik; nie znajdziesz tu teorii, lecz rozwiązania konkretnych problemów i sposoby łatania typowych luk w zabezpieczeniach. Dzięki książce nie będziesz tracić cennego czasu, poszukując właściwej składni poleceń. Przeznaczona jest dla średnio zaawansowanych użytkowników i administratorów systemów Linux.
- Druk
Linux. Bezpieczeństwo. Receptury

Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes

(41,40 zł najniższa cena z 30 dni)

48.30 zł ~~69.00 zł (-30%)~~
Nowość Promocja

Administratorzy systemów linuksowych mogą pracować za pomocą myszy, korzystając z interfejsu graficznego, jednak pełny potencjał Linuksa ujawnia się dzięki pracy z wierszem poleceń. Umiejętność używania tego narzędzia przydaje się każdemu, komu zależy na efektywnym działaniu systemu.
- PDF + ePub + Mobi
- Druk
Linux. Leksykon kieszonkowy. Wydanie IV

Daniel J. Barrett

(29,90 zł najniższa cena z 30 dni)

32.95 zł ~~59.90 zł (-45%)~~
Promocja

If you use Linux in your day-to-day work, then Linux Pocket Guide is the perfect on-the-job reference. This thoroughly updated 20th anniversary edition explains more than 200 Linux commands, including new commands for file handling, package management, version control, file format conversions, and more.In this concise guide, author Daniel Barrett p
- ePub + Mobi
Linux Pocket Guide. 4th Edition

Daniel J. Barrett

(92,65 zł najniższa cena z 30 dni)

92.65 zł ~~109.00 zł (-15%)~~
Promocja

Jeśli chciałbyś zgłębić system Git, trafiłeś na doskonałą książkę. Dzięki jej niewielkim rozmiarom możesz mieć ją zawsze przy sobie. Zmiana SVN na Git oprócz poznania nowych pojęć wymaga zmiany sposobu myślenia. Ten leksykon pozwoli Ci w każdej chwili sprawdzić, jak stworzyć nowe repozytorium czy gałąź oraz jak wprowadzić zmiany i przesłać je na centralny serwer. Ponadto dowiesz się, jak śledzić zdalne repozytoria, przeglądać historię zmian i scalać wersje. To doskonała lektura dla wszystkich osób chcących błyskawicznie poznać możliwości Gita i zacząć stosować go w codziennej pracy.
- PDF + ePub + Mobi
- Druk
Git. Leksykon kieszonkowy

Richard E. Silverman

(9,90 zł najniższa cena z 30 dni)

16.45 zł ~~29.90 zł (-45%)~~
Promocja

This pocket guide is the perfect on-the-job companion to Git, the distributed version control system. It provides a compact, readable introduction to Git for new users, as well as a reference to common commands and procedures for those of you with Git experience.Written for Git version 1.8.2, this handy task-oriented guide is organized around the b
- ePub + Mobi
Git Pocket Guide. A Working Introduction

Richard E. Silverman

(42,42 zł najniższa cena z 30 dni)

42.42 zł ~~49.90 zł (-15%)~~

Kup polskie wydanie:

Linux. Bezpieczeństwo. Receptury

Autor:: Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes

48,30 zł ~~69,00 zł~~ (41.4 zł najniższa cena z 30 dni)

Druk

Ebooka "Linux Security Cookbook" przeczytasz na:

czytnikach Inkbook, Kindle, Pocketbook, Onyx Boox i innych
systemach Windows, MacOS i innych

systemach Windows, Android, iOS, HarmonyOS
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi

Masz pytania? Zajrzyj do zakładki Pomoc »

Oceny i opinie klientów: Linux Security Cookbook Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes

(0)

Szczegóły książki

ISBN Ebooka:: 978-14-493-6676-6, 9781449366766
Data wydania ebooka :: 2003-06-02 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@ebookpoint.pl.
Język publikacji:: 1
Rozmiar pliku ePub:: 1.6MB
Rozmiar pliku Mobi:: 4.5MB

Zgłoś erratę

Kategorie

Kliknij, aby zgłosić błędnie przypisaną kategorię »

Informatyka » Hacking » Bezpieczeństwo systemów
Informatyka » Hacking » Inne
Informatyka » Systemy operacyjne » Linux

Spis treści książki

Linux Security Cookbook
Preface
- A Cookbook About Security?!?
- Intended Audience
- Roadmap of the Book
- Our Security Philosophy
- Supported Linux Distributions
- Trying the Recipes
- Conventions Used in This Book
- Wed Like to Hear from You
- Acknowledgments
1. System Snapshots with Tripwire
- 1.1. Setting Up Tripwire
  - 1.1.1. Problem
  - 1.1.2. Solution
  - 1.1.3. Discussion
  - 1.1.4. See Also
- 1.2. Displaying the Policy and Configuration
  - 1.2.1. Problem
  - 1.2.2. Solution
  - 1.2.3. Discussion
  - 1.2.4. See Also
- 1.3. Modifying the Policy and Configuration
  - 1.3.1. Problem
  - 1.3.2. Solution
  - 1.3.3. Discussion
  - 1.3.4. See Also
- 1.4. Basic Integrity Checking
  - 1.4.1. Problem
  - 1.4.2. Solution
  - 1.4.3. Discussion
  - 1.4.4. See Also
- 1.5. Read-Only Integrity Checking
  - 1.5.1. Problem
  - 1.5.2. Solution
  - 1.5.3. Discussion
  - 1.5.4. See Also
- 1.6. Remote Integrity Checking
  - 1.6.1. Problem
  - 1.6.2. Solution
  - 1.6.3. Discussion
  - 1.6.4. See Also
- 1.7. Ultra-Paranoid Integrity Checking
  - 1.7.1. Problem
  - 1.7.2. Solution
  - 1.7.3. Discussion
  - 1.7.4. See Also
- 1.8. Expensive, Ultra-Paranoid Security Checking
  - 1.8.1. Problem
  - 1.8.2. Solution
  - 1.8.3. Discussion
- 1.9. Automated Integrity Checking
  - 1.9.1. Problem
  - 1.9.2. Solution
  - 1.9.3. Discussion
  - 1.9.4. See Also
- 1.10. Printing the Latest Tripwire Report
  - 1.10.1. Problem
  - 1.10.2. Solution
  - 1.10.3. Discussion
  - 1.10.4. See Also
- 1.11. Updating the Database
  - 1.11.1. Problem
  - 1.11.2. Solution
  - 1.11.3. Discussion
  - 1.11.4. See Also
- 1.12. Adding Files to the Database
  - 1.12.1. Problem
  - 1.12.2. Solution
  - 1.12.3. Discussion
  - 1.12.4. See Also
- 1.13. Excluding Files from the Database
  - 1.13.1. Problem
  - 1.13.2. Solution
  - 1.13.3. Discussion
  - 1.13.4. See Also
- 1.14. Checking Windows VFAT Filesystems
  - 1.14.1. Problem
  - 1.14.2. Solution
  - 1.14.3. Discussion
  - 1.14.4. See Also
- 1.15. Verifying RPM-Installed Files
  - 1.15.1. Problem
  - 1.15.2. Solution
  - 1.15.3. Discussion
  - 1.15.4. See Also
- 1.16. Integrity Checking with rsync
  - 1.16.1. Problem
  - 1.16.2. Solution
  - 1.16.3. Discussion
  - 1.16.4. See Also
- 1.17. Integrity Checking Manually
  - 1.17.1. Problem
  - 1.17.2. Solution
  - 1.17.3. Discussion
  - 1.17.4. See Also
2. Firewalls with iptables and ipchains
- 2.1. Enabling Source Address Verification
  - 2.1.1. Problem
  - 2.1.2. Solution
  - 2.1.3. Discussion
  - 2.1.4. See Also
- 2.2. Blocking Spoofed Addresses
  - 2.2.1. Problem
  - 2.2.2. Solution
  - 2.2.3. Discussion
  - 2.2.4. See Also
- 2.3. Blocking All Network Traffic
  - 2.3.1. Problem
  - 2.3.2. Solution
  - 2.3.3. Discussion
  - 2.3.4. See Also
- 2.4. Blocking Incoming Traffic
  - 2.4.1. Problem
  - 2.4.2. Solution
  - 2.4.3. Discussion
  - 2.4.4. See Also
- 2.5. Blocking Outgoing Traffic
  - 2.5.1. Problem
  - 2.5.2. Solution
  - 2.5.3. Discussion
  - 2.5.4. See Also
- 2.6. Blocking Incoming Service Requests
  - 2.6.1. Problem
  - 2.6.2. Solution
  - 2.6.3. Discussion
  - 2.6.4. See Also
- 2.7. Blocking Access from a Remote Host
  - 2.7.1. Problem
  - 2.7.2. Solution
  - 2.7.3. Discussion
  - 2.7.4. See Also
- 2.8. Blocking Access to a Remote Host
  - 2.8.1. Problem
  - 2.8.2. Solution
  - 2.8.3. Discussion
  - 2.8.4. See Also
- 2.9. Blocking Outgoing Access to All Web Servers on a Network
  - 2.9.1. Problem
  - 2.9.2. Solution
  - 2.9.3. Discussion
  - 2.9.4. See Also
- 2.10. Blocking Remote Access, but Permitting Local
  - 2.10.1. Problem
  - 2.10.2. Solution
  - 2.10.3. Discussion
  - 2.10.4. See Also
- 2.11. Controlling Access by MAC Address
  - 2.11.1. Problem
  - 2.11.2. Solution
  - 2.11.3. Discussion
  - 2.11.4. See Also
- 2.12. Permitting SSH Access Only
  - 2.12.1. Problem
  - 2.12.2. Solution
  - 2.12.3. Discussion
  - 2.12.4. See Also
- 2.13. Prohibiting Outgoing Telnet Connections
  - 2.13.1. Problem
  - 2.13.2. Solution
  - 2.13.3. Discussion
  - 2.13.4. See Also
- 2.14. Protecting a Dedicated Server
  - 2.14.1. Problem
  - 2.14.2. Solution
  - 2.14.3. Discussion
  - 2.14.4. See Also
- 2.15. Preventing pings
  - 2.15.1. Problem
  - 2.15.2. Solution
  - 2.15.3. Discussion
  - 2.15.4. See Also
- 2.16. Listing Your Firewall Rules
  - 2.16.1. Problem
  - 2.16.2. Solution
  - 2.16.3. Discussion
  - 2.16.4. See Also
- 2.17. Deleting Firewall Rules
  - 2.17.1. Problem
  - 2.17.2. Solution
  - 2.17.3. Discussion
  - 2.17.4. See Also
- 2.18. Inserting Firewall Rules
  - 2.18.1. Problem
  - 2.18.2. Solution
  - 2.18.3. Discussion
  - 2.18.4. See Also
- 2.19. Saving a Firewall Configuration
  - 2.19.1. Problem
  - 2.19.2. Solution
  - 2.19.3. Discussion
  - 2.19.4. See Also
- 2.20. Loading a Firewall Configuration
  - 2.20.1. Problem
  - 2.20.2. Solution
  - 2.20.3. Discussion
  - 2.20.4. See Also
- 2.21. Testing a Firewall Configuration
  - 2.21.1. Problem
  - 2.21.2. Solution
  - 2.21.3. Discussion
  - 2.21.4. See Also
- 2.22. Building Complex Rule Trees
  - 2.22.1. Problem
  - 2.22.2. Solution
  - 2.22.3. Discussion
  - 2.22.4. See Also
- 2.23. Logging Simplified
  - 2.23.1. Problem
  - 2.23.2. Solution
  - 2.23.3. Discussion
  - 2.23.4. See Also
3. Network Access Control
- 3.1. Listing Your Network Interfaces
  - 3.1.1. Problem
  - 3.1.2. Solution
  - 3.1.3. Discussion
  - 3.1.4. See Also
- 3.2. Starting and Stopping the Network Interface
  - 3.2.1. Problem
  - 3.2.2. Solution
  - 3.2.3. Discussion
  - 3.2.4. See Also
- 3.3. Enabling/Disabling a Service (xinetd)
  - 3.3.1. Problem
  - 3.3.2. Solution
  - 3.3.3. Discussion
  - 3.3.4. See Also
- 3.4. Enabling/Disabling a Service (inetd)
  - 3.4.1. Problem
  - 3.4.2. Solution
  - 3.4.3. Discussion
  - 3.4.4. See Also
- 3.5. Adding a New Service (xinetd)
  - 3.5.1. Problem
  - 3.5.2. Solution
  - 3.5.3. Discussion
  - 3.5.4. See Also
- 3.6. Adding a New Service (inetd)
  - 3.6.1. Problem
  - 3.6.2. Solution
  - 3.6.3. Discussion
  - 3.6.4. See Also
- 3.7. Restricting Access by Remote Users
  - 3.7.1. Problem
  - 3.7.2. Solution
  - 3.7.3. Discussion
  - 3.7.4. See Also
- 3.8. Restricting Access by Remote Hosts (xinetd)
  - 3.8.1. Problem
  - 3.8.2. Solution
  - 3.8.3. Discussion
  - 3.8.4. See Also
- 3.9. Restricting Access by Remote Hosts (xinetd with libwrap)
  - 3.9.1. Problem
  - 3.9.2. Solution
  - 3.9.3. Discussion
  - 3.9.4. See Also
- 3.10. Restricting Access by Remote Hosts (xinetd with tcpd)
  - 3.10.1. Problem
  - 3.10.2. Solution
  - 3.10.3. Discussion
  - 3.10.4. See Also
- 3.11. Restricting Access by Remote Hosts (inetd)
  - 3.11.1. Problem
  - 3.11.2. Solution
  - 3.11.3. Discussion
  - 3.11.4. See Also
- 3.12. Restricting Access by Time of Day
  - 3.12.1. Problem
  - 3.12.2. Solution
  - 3.12.3. Discussion
  - 3.12.4. See Also
- 3.13. Restricting Access to an SSH Server by Host
  - 3.13.1. Problem
  - 3.13.2. Solution
  - 3.13.3. Discussion
  - 3.13.4. See Also
- 3.14. Restricting Access to an SSH Server by Account
  - 3.14.1. Problem
  - 3.14.2. Solution
  - 3.14.3. Discussion
  - 3.14.4. See Also
- 3.15. Restricting Services to Specific Filesystem Directories
  - 3.15.1. Problem
  - 3.15.2. Solution
  - 3.15.3. Discussion
  - 3.15.4. See Also
- 3.16. Preventing Denial of Service Attacks
  - 3.16.1. Problem
  - 3.16.2. Solution
  - 3.16.3. Discussion
  - 3.16.4. See Also
- 3.17. Redirecting to Another Socket
  - 3.17.1. Problem
  - 3.17.2. Solution
  - 3.17.3. Discussion
  - 3.17.4. See Also
- 3.18. Logging Access to Your Services
  - 3.18.1. Problem
  - 3.18.2. Solution
  - 3.18.3. Discussion
  - 3.18.4. See Also
- 3.19. Prohibiting root Logins on Terminal Devices
  - 3.19.1. Problem
  - 3.19.2. Solution
  - 3.19.3. Discussion
  - 3.19.4. See Also
4. Authentication Techniques and Infrastructures
- 4.1. Creating a PAM-Aware Application
  - 4.1.1. Problem
  - 4.1.2. Solution
  - 4.1.3. Discussion
  - 4.1.4. See Also
- 4.2. Enforcing Password Strength with PAM
  - 4.2.1. Problem
  - 4.2.2. Solution
  - 4.2.3. Discussion
  - 4.2.4. See Also
- 4.3. Creating Access Control Lists with PAM
  - 4.3.1. Problem
  - 4.3.2. Solution
  - 4.3.3. Discussion
  - 4.3.4. See Also
- 4.4. Validating an SSL Certificate
  - 4.4.1. Problem
  - 4.4.2. Solution
  - 4.4.3. Discussion
  - 4.4.4. See Also
- 4.5. Decoding an SSL Certificate
  - 4.5.1. Problem
  - 4.5.2. Solution
  - 4.5.3. Discussion
  - 4.5.4. See Also
- 4.6. Installing a New SSL Certificate
  - 4.6.1. Problem
  - 4.6.2. Solution
  - 4.6.3. Discussion
  - 4.6.4. See Also
- 4.7. Generating an SSL Certificate Signing Request (CSR)
  - 4.7.1. Problem
  - 4.7.2. Solution
  - 4.7.3. Discussion
  - 4.7.4. See Also
- 4.8. Creating a Self-Signed SSL Certificate
  - 4.8.1. Problem
  - 4.8.2. Solution
  - 4.8.3. Discussion
  - 4.8.4. See Also
- 4.9. Setting Up a Certifying Authority
  - 4.9.1. Problem
  - 4.9.2. Solution
  - 4.9.3. Discussion
  - 4.9.4. See Also
- 4.10. Converting SSL Certificates from DER to PEM
  - 4.10.1. Problem
  - 4.10.2. Solution
  - 4.10.3. Discussion
  - 4.10.4. See Also
- 4.11. Getting Started with Kerberos
  - 4.11.1. Problem
  - 4.11.2. Solution
  - 4.11.3. Discussion
  - 4.11.4. See Also
- 4.12. Adding Users to a Kerberos Realm
  - 4.12.1. Problem
  - 4.12.2. Solution
  - 4.12.3. Discussion
  - 4.12.4. See Also
- 4.13. Adding Hosts to a Kerberos Realm
  - 4.13.1. Problem
  - 4.13.2. Solution
  - 4.13.3. Discussion
  - 4.13.4. See Also
- 4.14. Using Kerberos with SSH
  - 4.14.1. Problem
  - 4.14.2. Solution
  - 4.14.3. Discussion
  - 4.14.4. See Also
- 4.15. Using Kerberos with Telnet
  - 4.15.1. Problem
  - 4.15.2. Solution
  - 4.15.3. Discussion
  - 4.15.4. See Also
- 4.16. Securing IMAP with Kerberos
  - 4.16.1. Problem
  - 4.16.2. Solution
  - 4.16.3. Discussion
  - 4.16.4. See Also
- 4.17. Using Kerberos with PAM for System-Wide Authentication
  - 4.17.1. Problem
  - 4.17.2. Solution
  - 4.17.3. Discussion
  - 4.17.4. See Also
5. Authorization Controls
- 5.1. Running a root Login Shell
  - 5.1.1. Problem
  - 5.1.2. Solution
  - 5.1.3. Discussion
  - 5.1.4. See Also
- 5.2. Running X Programs as root
  - 5.2.1. Problem
  - 5.2.2. Solution
  - 5.2.3. Discussion
  - 5.2.4. See Also
- 5.3. Running Commands as Another User via sudo
  - 5.3.1. Problem
  - 5.3.2. Solution
  - 5.3.3. Discussion
  - 5.3.4. See Also
- 5.4. Bypassing Password Authentication in sudo
  - 5.4.1. Problem
  - 5.4.2. Solution
  - 5.4.3. Discussion
  - 5.4.4. See Also
- 5.5. Forcing Password Authentication in sudo
  - 5.5.1. Problem
  - 5.5.2. Solution
  - 5.5.3. Discussion
  - 5.5.4. See Also
- 5.6. Authorizing per Host in sudo
  - 5.6.1. Problem
  - 5.6.2. Solution
  - 5.6.3. Discussion
  - 5.6.4. See Also
- 5.7. Granting Privileges to a Group via sudo
  - 5.7.1. Problem
  - 5.7.2. Solution
  - 5.7.3. See Also
- 5.8. Running Any Program in a Directory via sudo
  - 5.8.1. Problem
  - 5.8.2. Solution
  - 5.8.3. See Also
- 5.9. Prohibiting Command Arguments with sudo
  - 5.9.1. Problem
  - 5.9.2. Solution
  - 5.9.3. Discussion
  - 5.9.4. See Also
- 5.10. Sharing Files Using Groups
  - 5.10.1. Problem
  - 5.10.2. Solution
  - 5.10.3. Discussion
  - 5.10.4. See Also
- 5.11. Permitting Read-Only Access to a Shared File via sudo
  - 5.11.1. Problem
  - 5.11.2. Solution
  - 5.11.3. Discussion
  - 5.11.4. See Also
- 5.12. Authorizing Password Changes via sudo
  - 5.12.1. Problem
  - 5.12.2. Solution
  - 5.12.3. Discussion
  - 5.12.4. See Also
- 5.13. Starting/Stopping Daemons via sudo
  - 5.13.1. Problem
  - 5.13.2. Solution
  - 5.13.3. Discussion
  - 5.13.4. See Also
- 5.14. Restricting roots Abilities via sudo
  - 5.14.1. Problem
  - 5.14.2. Solution
  - 5.14.3. Discussion
  - 5.14.4. See Also
- 5.15. Killing Processes via sudo
  - 5.15.1. Problem
  - 5.15.2. Solution
  - 5.15.3. Discussion
  - 5.15.4. See Also
- 5.16. Listing sudo Invocations
  - 5.16.1. Problem
  - 5.16.2. Solution
  - 5.16.3. Discussion
  - 5.16.4. See Also
- 5.17. Logging sudo Remotely
  - 5.17.1. Problem
  - 5.17.2. Solution
  - 5.17.3. Discussion
  - 5.17.4. See Also
- 5.18. Sharing root Privileges via SSH
  - 5.18.1. Problem
  - 5.18.2. Solution
  - 5.18.3. Discussion
  - 5.18.4. See Also
- 5.19. Running root Commands via SSH
  - 5.19.1. Problem
  - 5.19.2. Solution
  - 5.19.3. Discussion
  - 5.19.4. See Also
- 5.20. Sharing root Privileges via Kerberos su
  - 5.20.1. Problem
  - 5.20.2. Solution
  - 5.20.3. Discussion
    - 5.20.3.1. Authentication
    - 5.20.3.2. Authorization
  - 5.20.4. See Also
6. Protecting Outgoing Network Connections
- 6.1. Logging into a Remote Host
  - 6.1.1. Problem
  - 6.1.2. Solution
  - 6.1.3. Discussion
  - 6.1.4. See Also
- 6.2. Invoking Remote Programs
  - 6.2.1. Problem
  - 6.2.2. Solution
  - 6.2.3. Discussion
  - 6.2.4. See Also
- 6.3. Copying Files Remotely
  - 6.3.1. Problem
  - 6.3.2. Solution
  - 6.3.3. Discussion
  - 6.3.4. See Also
- 6.4. Authenticating by Public Key (OpenSSH)
  - 6.4.1. Problem
  - 6.4.2. Solution
  - 6.4.3. Discussion
  - 6.4.4. See Also
- 6.5. Authenticating by Public Key (OpenSSH Client, SSH2 Server, OpenSSH Key)
  - 6.5.1. Problem
  - 6.5.2. Solution
  - 6.5.3. Discussion
  - 6.5.4. See Also
- 6.6. Authenticating by Public Key (OpenSSH Client, SSH2 Server, SSH2 Key)
  - 6.6.1. Problem
  - 6.6.2. Solution
  - 6.6.3. Discussion
  - 6.6.4. See Also
- 6.7. Authenticating by Public Key (SSH2 Client, OpenSSH Server)
  - 6.7.1. Problem
  - 6.7.2. Solution
  - 6.7.3. Description
  - 6.7.4. See Also
- 6.8. Authenticating by Trusted Host
  - 6.8.1. Problem
  - 6.8.2. Solution
  - 6.8.3. Discussion
  - 6.8.4. See Also
- 6.9. Authenticating Without a Password (Interactively)
  - 6.9.1. Problem
  - 6.9.2. Solution
  - 6.9.3. Discussion
  - 6.9.4. See Also
- 6.10. Authenticating in cron Jobs
  - 6.10.1. Problem
  - 6.10.2. Solution
  - 6.10.3. Discussion
  - 6.10.4. See Also
- 6.11. Terminating an SSH Agent on Logout
  - 6.11.1. Problem
  - 6.11.2. Solution
  - 6.11.3. Discussion
  - 6.11.4. See Also
- 6.12. Tailoring SSH per Host
  - 6.12.1. Problem
  - 6.12.2. Solution
  - 6.12.3. Discussion
  - 6.12.4. See Also
- 6.13. Changing SSH Client Defaults
  - 6.13.1. Problem
  - 6.13.2. Solution
  - 6.13.3. Discussion
  - 6.13.4. See Also
- 6.14. Tunneling Another TCP Session Through SSH
  - 6.14.1. Problem
  - 6.14.2. Solution
  - 6.14.3. Discussion
  - 6.14.4. See Also
- 6.15. Keeping Track of Passwords
  - 6.15.1. Problem
  - 6.15.2. Solution
  - 6.15.3. Discussion
  - 6.15.4. See Also
7. Protecting Files
- 7.1. Using File Permissions
  - 7.1.1. Problem
  - 7.1.2. Solution
  - 7.1.3. Discussion
  - 7.1.4. See Also
- 7.2. Securing a Shared Directory
  - 7.2.1. Problem
  - 7.2.2. Solution
  - 7.2.3. Discussion
  - 7.2.4. See Also
- 7.3. Prohibiting Directory Listings
  - 7.3.1. Problem
  - 7.3.2. Solution
  - 7.3.3. Discussion
  - 7.3.4. See Also
- 7.4. Encrypting Files with a Password
  - 7.4.1. Problem
  - 7.4.2. Solution
  - 7.4.3. Discussion
  - 7.4.4. See Also
- 7.5. Decrypting Files
  - 7.5.1. Problem
  - 7.5.2. Solution
  - 7.5.3. Discussion
  - 7.5.4. See Also
- 7.6. Setting Up GnuPG for Public-Key Encryption
  - 7.6.1. Problem
  - 7.6.2. Solution
  - 7.6.3. Discussion
  - 7.6.4. See Also
- 7.7. Listing Your Keyring
  - 7.7.1. Problem
  - 7.7.2. Solution
  - 7.7.3. Discussion
  - 7.7.4. See Also
- 7.8. Setting a Default Key
  - 7.8.1. Problem
  - 7.8.2. Solution
  - 7.8.3. Discussion
  - 7.8.4. See Also
- 7.9. Sharing Public Keys
  - 7.9.1. Problem
  - 7.9.2. Solution
  - 7.9.3. Discussion
  - 7.9.4. See Also
- 7.10. Adding Keys to Your Keyring
  - 7.10.1. Problem
  - 7.10.2. Solution
  - 7.10.3. Discussion
  - 7.10.4. See Also
- 7.11. Encrypting Files for Others
  - 7.11.1. Problem
  - 7.11.2. Solution
  - 7.11.3. Discussion
  - 7.11.4. See Also
- 7.12. Signing a Text File
  - 7.12.1. Problem
  - 7.12.2. Solution
  - 7.12.3. Discussion
  - 7.12.4. See Also
- 7.13. Signing and Encrypting Files
  - 7.13.1. Problem
  - 7.13.2. Solution
  - 7.13.3. Discussion
  - 7.13.4. See Also
- 7.14. Creating a Detached Signature File
  - 7.14.1. Problem
  - 7.14.2. Solution
  - 7.14.3. Discussion
  - 7.14.4. See Also
- 7.15. Checking a Signature
  - 7.15.1. Problem
  - 7.15.2. Solution
  - 7.15.3. Discussion
  - 7.15.4. See Also
- 7.16. Printing Public Keys
  - 7.16.1. Problem
  - 7.16.2. Solution
  - 7.16.3. Discussion
  - 7.16.4. See Also
- 7.17. Backing Up a Private Key
  - 7.17.1. Problem
  - 7.17.2. Solution
  - 7.17.3. Discussion
  - 7.17.4. See Also
- 7.18. Encrypting Directories
  - 7.18.1. Problem
  - 7.18.2. Solution
  - 7.18.3. Discussion
  - 7.18.4. See Also
- 7.19. Adding Your Key to a Keyserver
  - 7.19.1. Problem
  - 7.19.2. Solution
  - 7.19.3. Discussion
  - 7.19.4. See Also
- 7.20. Uploading New Signatures to a Keyserver
  - 7.20.1. Problem
  - 7.20.2. Solution
- 7.21. Obtaining Keys from a Keyserver
  - 7.21.1. Problem
  - 7.21.2. Solution
  - 7.21.3. Discussion
  - 7.21.4. See Also
- 7.22. Revoking a Key
  - 7.22.1. Problem
  - 7.22.2. Solution
  - 7.22.3. Discussion
  - 7.22.4. See Also
- 7.23. Maintaining Encrypted Files with Emacs
  - 7.23.1. Problem
  - 7.23.2. Solution
  - 7.23.3. Discussion
  - 7.23.4. See Also
- 7.24. Maintaining Encrypted Files with vim
  - 7.24.1. Problem
  - 7.24.2. Solution
  - 7.24.3. Discussion
  - 7.24.4. See Also
- 7.25. Encrypting Backups
  - 7.25.1. Problem
  - 7.25.2. Solution
  - 7.25.3. Discussion
  - 7.25.4. See Also
- 7.26. Using PGP Keys with GnuPG
  - 7.26.1. Problem
  - 7.26.2. Solution
  - 7.26.3. Discussion
  - 7.26.4. See Also
8. Protecting Email
- 8.1. Encrypted Mail with Emacs
  - 8.1.1. Problem
  - 8.1.2. Solution
  - 8.1.3. Discussion
  - 8.1.4. See Also
- 8.2. Encrypted Mail with vim
  - 8.2.1. Problem
  - 8.2.2. Solution
  - 8.2.3. Discussion
  - 8.2.4. See Also
- 8.3. Encrypted Mail with Pine
  - 8.3.1. Problem
  - 8.3.2. Solution
  - 8.3.3. Description
  - 8.3.4. See Also
- 8.4. Encrypted Mail with Mozilla
  - 8.4.1. Problem
  - 8.4.2. Solution
  - 8.4.3. Discussion
  - 8.4.4. See Also
- 8.5. Encrypted Mail with Evolution
  - 8.5.1. Problem
  - 8.5.2. Solution
  - 8.5.3. Discussion
  - 8.5.4. See Also
- 8.6. Encrypted Mail with mutt
  - 8.6.1. Problem
  - 8.6.2. Solution
  - 8.6.3. Discussion
  - 8.6.4. See Also
- 8.7. Encrypted Mail with elm
  - 8.7.1. Problem
  - 8.7.2. Solution
  - 8.7.3. Discussion
  - 8.7.4. See Also
- 8.8. Encrypted Mail with MH
  - 8.8.1. Problem
  - 8.8.2. Solution
  - 8.8.3. Discussion
  - 8.8.4. See Also
- 8.9. Running a POP/IMAP Mail Server with SSL
  - 8.9.1. Problem
  - 8.9.2. Solution
  - 8.9.3. Discussion
  - 8.9.4. See Also
- 8.10. Testing an SSL Mail Connection
  - 8.10.1. Problem
  - 8.10.2. Solution
  - 8.10.3. Discussion
  - 8.10.4. See Also
- 8.11. Securing POP/IMAP with SSL and Pine
  - 8.11.1. Problem
  - 8.11.2. Solution
  - 8.11.3. Discussion
  - 8.11.4. See Also
- 8.12. Securing POP/IMAP with SSL and mutt
  - 8.12.1. Problem
  - 8.12.2. Solution
  - 8.12.3. Discussion
  - 8.12.4. See Also
- 8.13. Securing POP/IMAP with SSL and Evolution
  - 8.13.1. Problem
  - 8.13.2. Solution
  - 8.13.3. Discussion
  - 8.13.4. See Also
- 8.14. Securing POP/IMAP with stunnel and SSL
  - 8.14.1. Problem
  - 8.14.2. Solution
  - 8.14.3. Discussion
  - 8.14.4. See Also
- 8.15. Securing POP/IMAP with SSH
  - 8.15.1. Problem
  - 8.15.2. Solution
  - 8.15.3. Discussion
  - 8.15.4. See Also
- 8.16. Securing POP/IMAP with SSH and Pine
  - 8.16.1. Problem
  - 8.16.2. Solution
  - 8.16.3. Discussion
  - 8.16.4. See Also
- 8.17. Receiving Mail Without a Visible Server
  - 8.17.1. Problem
  - 8.17.2. Solution
  - 8.17.3. Discussion
  - 8.17.4. See Also
- 8.18. Using an SMTP Server from Arbitrary Clients
  - 8.18.1. Problem
  - 8.18.2. Solution
  - 8.18.3. Discussion
  - 8.18.4. See Also
9. Testing and Monitoring
- 9.1. Testing Login Passwords (John the Ripper)
  - 9.1.1. Problem
  - 9.1.2. Solution
  - 9.1.3. Discussion
  - 9.1.4. See Also
- 9.2. Testing Login Passwords (CrackLib)
  - 9.2.1. Problem
  - 9.2.2. Solution
  - 9.2.3. Discussion
  - 9.2.4. See Also
- 9.3. Finding Accounts with No Password
  - 9.3.1. Problem
  - 9.3.2. Solution
  - 9.3.3. Discussion
  - 9.3.4. See Also
- 9.4. Finding Superuser Accounts
  - 9.4.1. Problem
  - 9.4.2. Solution
  - 9.4.3. Discussion
  - 9.4.4. See Also
- 9.5. Checking for Suspicious Account Use
  - 9.5.1. Problem
  - 9.5.2. Solution
  - 9.5.3. Discussion
  - 9.5.4. See Also
- 9.6. Checking for Suspicious Account Use, Multiple Systems
  - 9.6.1. Problem
  - 9.6.2. Solution
  - 9.6.3. Discussion
  - 9.6.4. See Also
- 9.7. Testing Your Search Path
  - 9.7.1. Problem
  - 9.7.2. Solution
  - 9.7.3. Discussion
  - 9.7.4. See Also
- 9.8. Searching Filesystems Effectively
  - 9.8.1. Problem
  - 9.8.2. Solution
  - 9.8.3. Discussion
  - 9.8.4. See Also
- 9.9. Finding setuid (or setgid) Programs
  - 9.9.1. Problem
  - 9.9.2. Solution
  - 9.9.3. Discussion
  - 9.9.4. See Also
- 9.10. Securing Device Special Files
  - 9.10.1. Problem
  - 9.10.2. Solution
  - 9.10.3. Discussion
  - 9.10.4. See Also
- 9.11. Finding Writable Files
  - 9.11.1. Problem
  - 9.11.2. Solution
  - 9.11.3. Discussion
  - 9.11.4. See Also
- 9.12. Looking for Rootkits
  - 9.12.1. Problem
  - 9.12.2. Solution
  - 9.12.3. Discussion
  - 9.12.4. See Also
- 9.13. Testing for Open Ports
  - 9.13.1. Problem
  - 9.13.2. Solution
  - 9.13.3. Discussion
  - 9.13.4. See Also
- 9.14. Examining Local Network Activities
  - 9.14.1. Problem
  - 9.14.2. Solution
  - 9.14.3. Discussion
  - 9.14.4. See Also
- 9.15. Tracing Processes
  - 9.15.1. Problem
  - 9.15.2. Solution
  - 9.15.3. Discussion
  - 9.15.4. See Also
- 9.16. Observing Network Traffic
  - 9.16.1. Problem
  - 9.16.2. Solution
  - 9.16.3. Discussion
  - 9.16.4. See Also
- 9.17. Observing Network Traffic (GUI)
  - 9.17.1. Problem
  - 9.17.2. Solution
  - 9.17.3. Discussion
  - 9.17.4. See Also
- 9.18. Searching for Strings in Network Traffic
  - 9.18.1. Problem
  - 9.18.2. Solution
  - 9.18.3. Discussion
  - 9.18.4. See Also
- 9.19. Detecting Insecure Network Protocols
  - 9.19.1. Problem
  - 9.19.2. Solution
  - 9.19.3. Discussion
  - 9.19.4. See Also
- 9.20. Getting Started with Snort
  - 9.20.1. Problem
  - 9.20.2. Solution
  - 9.20.3. Discussion
  - 9.20.4. See Also
- 9.21. Packet Sniffing with Snort
  - 9.21.1. Problem
  - 9.21.2. Solution
  - 9.21.3. Discussion
  - 9.21.4. See Also
- 9.22. Detecting Intrusions with Snort
  - 9.22.1. Problem
  - 9.22.2. Solution
  - 9.22.3. Discussion
  - 9.22.4. See Also
- 9.23. Decoding Snort Alert Messages
  - 9.23.1. Problem
  - 9.23.2. Solution
  - 9.23.3. Discussion
  - 9.23.4. See Also
- 9.24. Logging with Snort
  - 9.24.1. Problem
  - 9.24.2. Solution
  - 9.24.3. Discussion
  - 9.24.4. See Also
- 9.25. Partitioning Snort Logs Into Separate Files
  - 9.25.1. Problem
  - 9.25.2. Solution
  - 9.25.3. Discussion
  - 9.25.4. See Also
- 9.26. Upgrading and Tuning Snorts Ruleset
  - 9.26.1. Problem
  - 9.26.2. Solution
  - 9.26.3. Discussion
  - 9.26.4. See Also
- 9.27. Directing System Messages to Log Files (syslog)
  - 9.27.1. Problem
  - 9.27.2. Solution
  - 9.27.3. Discussion
  - 9.27.4. See Also
- 9.28. Testing a syslog Configuration
  - 9.28.1. Problem
  - 9.28.2. Solution
  - 9.28.3. Discussion
  - 9.28.4. See Also
- 9.29. Logging Remotely
  - 9.29.1. Problem
  - 9.29.2. Solution
  - 9.29.3. Discussion
  - 9.29.4. See Also
- 9.30. Rotating Log Files
  - 9.30.1. Problem
  - 9.30.2. Solution
  - 9.30.3. Discussion
  - 9.30.4. See Also
- 9.31. Sending Messages to the System Logger
  - 9.31.1. Problem
  - 9.31.2. Solution
  - 9.31.3. Discussion
  - 9.31.4. See Also
- 9.32. Writing Log Entries via Shell Scripts
  - 9.32.1. Problem
  - 9.32.2. Solution
  - 9.32.3. Discussion
  - 9.32.4. See Also
- 9.33. Writing Log Entries via Perl
  - 9.33.1. Problem
  - 9.33.2. Solution
  - 9.33.3. Discussion
  - 9.33.4. See Also
- 9.34. Writing Log Entries via C
  - 9.34.1. Problem
  - 9.34.2. Solution
  - 9.34.3. Discussion
  - 9.34.4. See Also
- 9.35. Combining Log Files
  - 9.35.1. Problem
  - 9.35.2. Solution
  - 9.35.3. Discussion
  - 9.35.4. See Also
- 9.36. Summarizing Your Logs with logwatch
  - 9.36.1. Problem
  - 9.36.2. Solution
  - 9.36.3. Discussion
  - 9.36.4. See Also
- 9.37. Defining a logwatch Filter
  - 9.37.1. Problem
  - 9.37.2. Solution
  - 9.37.3. Discussion
  - 9.37.4. See Also
- 9.38. Monitoring All Executed Commands
  - 9.38.1. Problem
  - 9.38.2. Solution
  - 9.38.3. Discussion
  - 9.38.4. See Also
- 9.39. Displaying All Executed Commands
  - 9.39.1. Problem
  - 9.39.2. Solution
  - 9.39.3. Discussion
  - 9.39.4. See Also
- 9.40. Parsing the Process Accounting Log
  - 9.40.1. Problem
  - 9.40.2. Solution
  - 9.40.3. Discussion
  - 9.40.4. See Also
- 9.41. Recovering from a Hack
  - 9.41.1. Problem
  - 9.41.2. Solution
  - 9.41.3. Discussion
  - 9.41.4. See Also
- 9.42. Filing an Incident Report
  - 9.42.1. Problem
  - 9.42.2. Solution
  - 9.42.3. Discussion
  - 9.42.4. See Also
Index
About the Authors
Colophon
Copyright