New Arrivals Search Results
Mastering Linux security and hardening : a practical guide to protecting your Linux system from cyber attacks
Author
Title
Mastering Linux security and hardening : a practical guide to protecting your Linux system from cyber attacks / Donald A. Tevault.
ISBN
9781837630516
9781837632626
1837632626
Edition
Third edition.
Publication
Birmingham, UK : Packt Publishing Ltd., 2023.
Physical Description
1 online resource (618 pages) : illustrations
Local Notes
Access is available to the Yale community.
Notes
Includes index.
Access and use
Access restricted by licensing agreement.
Summary
The third edition of Mastering Linux Security and Hardening is an updated, comprehensive introduction to implementing the latest Linux security measures, using the latest versions of Ubuntu and AlmaLinux. In this new edition, you will learn how to set up a practice lab, create user accounts with appropriate privilege levels, protect sensitive data with permissions settings and encryption, and configure a firewall with the newest firewall technologies. You'll also explore how to use sudo to set up administrative accounts with only the privileges required to do a specific job, and you'll get a peek at the new sudo features that have been added over the past couple of years. You'll also see updated information on how to set up a local certificate authority for both Ubuntu and AlmaLinux, as well as how to automate system auditing. Other important skills that you'll learn include how to automatically harden systems with OpenSCAP, audit systems with auditd, harden the Linux kernel configuration, protect your systems from malware, and perform vulnerability scans of your systems. As a bonus, you'll see how to use Security Onion to set up an Intrusion Detection System. By the end of this new edition, you will confidently be able to set up a Linux server that will be secure and harder for malicious actors to compromise.
Variant and related titles
O'Reilly Safari. OCLC KB.
Other formats
Print version: Tevault, Donald A. Mastering Linux Security and Hardening Birmingham : Packt Publishing, Limited,c2023
Format
Books / Online
Language
English
Added to Catalog
August 28, 2023
Series
Expert insight
Contents
Cover
CopyRight
Contributors
Table of Contents
Preface
Section I: Setting up a Secure Linux System
Chapter 1: Running Linux in a Virtual Environment
Looking at the threat landscape
Why do security breaches happen?
Keeping up with security news
Differences between physical, virtual, and cloud setups
Introducing VirtualBox and Cygwin
Installing a virtual machine in VirtualBox
Installing the EPEL repository on the CentOS 7 virtual machine
Installing the EPEL repository on the AlmaLinux 8/9 virtual machines
Configuring a network for VirtualBox virtual machines
Creating a virtual machine snapshot with VirtualBox
Using Cygwin to connect to your virtual machines
Installing Cygwin on your Windows host
Using the Windows 10 SSH client to interface with Linux virtual machines
Using the Windows 11 SSH client to interface with Linux virtual machines
Cygwin versus the Windows shell
Keeping the Linux systems updated
Updating Debian-based systems
Configuring auto updates for Ubuntu
Updating Red Hat 7-based systems
Updating Red Hat 8/9-based systems
Managing updates in an enterprise
Summary
Questions
Further reading
Answers
Chapter 2: Securing Administrative User Accounts
The dangers of logging in as the root user
The advantages of using sudo
Setting up sudo privileges for full administrative users
Adding users to a predefined admin group
Creating an entry in the sudo policy file
Setting up sudo for users with only certain delegated privileges
Hands-on lab for assigning limited sudo privileges
Advanced tips and tricks for using sudo
The sudo timer
View your sudo privileges
Hands-on lab for disabling the sudo timer
Preventing users from having root shell access
Preventing users from using shell escapes
Preventing users from using other dangerous programs
Limiting the user's actions with commands
Letting users run as other users
Preventing abuse via a user's shell scripts
Detecting and deleting default user accounts
New sudo features
Special sudo considerations for SUSE and OpenSUSE
Summary
Questions
Further reading
Answers
Chapter 3: Securing Normal User Accounts
Locking down users' home directories the Red Hat way
Locking down users' home directories the Debian/Ubuntu way
useradd on Debian/Ubuntu
adduser on Debian/Ubuntu
Hands-on lab for creating an encrypted home directory with adduser
Enforcing strong password criteria
Installing and configuring pwquality
Hands-on lab for setting password complexity criteria
Setting and enforcing password and account expiration
Configuring default expiry data for useradd for Red Hat-type systems only
Setting expiry data on a per-account basis with useradd and usermod
Setting expiry data on a per-account basis with chage
Subjects
Bookmark As
Citation
