Real world Linux security : intrusion prevention, detection, and recovery /
Bob Toxen.
- 2nd edition.
- Upper Saddle River, NJ : Prentice Hall, c2003.
- xxxi, 810 p. : ill. ; 24 cm. 1 CD-ROM (4 3/4 in.)
- Prentice Hall PTR open source technology series .
Chapter 1 Introduction 1.1 introduction to the second edition 1.2 who should read this book 1.3 how this book is organized, etc
Part 1 Securing your system
Chapter 2. Quick fixes for common problems 2.1 understanding Linux security 2.2 the seven most deadly sins 2.3 passwords-A key point for good security, etc
Chapter 3. Quick and easy hacking and how to avoid it 3.1 X marks the Hole 3.2 law of the Jungle-physical security 3.3 physical actions, etc
Chapter 4. Common Hacking by the subsystems 4.1 NFS, mountd, and portmap 4.2 sendmail 4.3 Telnet, etc
Chapter 5. Common Hacker Attacks 5.1 Rootkit attacks (script kiddies) 5.2 packet spoofing explained 5.3 SYN Flood Attack Explained, etc
Chapter 6. Advanced security issues 6.1 configuring netscape for higher security 6.2 stopping access to I/O devices 6.3 scouting Out Apache (httpd) problems, etc
Chapter 7. Establishing security policies 7.1 General policy 7.2 personal use policy 7.3 Accounts policy, etc
Chapter 8. Trusting other computers 8.1 secure systems and insecure systems 8.2 Trust no one-The highest security 8.3 Linux and Unix systems within your control, etc
Chapter 10. Case studies 10.1 Confessions of a Berkeley system mole 10.2 Knights of the realm (forensics) 10.3 Ken Thompson cracks the Navy, etc
Chapter 11. Recent Break-Ins 11.1 Fragmentation Attacks 11.2 IP masquerading fails for ICMP 11.3 The Ping of Death Sinks Dutch Shipping Company, etc
Part II Preparing for an intrusion
Chapter 12. Hardening your system 12.1 protecting user sessions with SSH 12.2 Virtual Private Networks (VPN) 12.3 Pretty Good Privacy (PGP), ETC
Chapter 13. Preparing your hardware 13.1 Timing Is Everything 13.2 Advanced preparation 13.3 Switch to Auxiliary control (Hot Backups), etc
Chapter 14. Preparing your configurations 14.1 TCP wrappers 14.2 Adaptive firewalls: Raising the Drawbridge with the cracker trap 14.3 Ending cracker servers with a Kernel Mod, etc
Chapter 15. Scanning your system 15.1 The nessus security scanner 15.2 The SARA and SAINT security Auditors 15.3 The nmap network mapper, etc
Part III Detecting an Intrusion
Chapter 16. Monitoring the Activity 16.1 Log files 16.2 log files: measures and countermeasures 16.3 Using Logcheck to check log files you never check, etc
Chapter 17. Scanning your system for anomalies 17.1 Finding suspicious files 17.2 Tripwire 17.3 Detecting deleted Executables, etc
Part IV Recovering from an Intrusion
Chapter 18. Regaining control of your system 18.1 finding the crackers running process 18.2 handling running cracker processes 18.3 Drop the modems, networks, printers and systems, etc
Chapter 19. Finding and repairing the damage 19.1 check your / var / log Logs 19.2 The syslogd and klogd Daemons 19.3 Interpreting log file entries, etc
Chapter 20. Finding the attacker's system 20.1 Tracing a numeric IP Address with nslookup 20.2 Tracing a numeric IP Address with dig 20.3 who is a commie: Finding . com Owners, etc
Chapter 21. Having the Cracker crack Rocks 21.1 police: Dragnet or keystone kops? 21.2 prosecution 21.3 Liability of ISPs allowing illegal activity, etc