TY - BOOK AU - Toxen,Bob TI - Real world Linux security: intrusion prevention, detection, and recovery SN - 0130464562 (pbk.) U1 - 005.8 21 PY - 2003/// CY - Upper Saddle River, NJ PB - Prentice Hall KW - Linux KW - Operating systems (Computers) KW - Computer security N1 - Chapter 1 Introduction 1.1 introduction to the second edition 1.2 who should read this book 1.3 how this book is organized, etc Part 1 Securing your system Chapter 2. Quick fixes for common problems 2.1 understanding Linux security 2.2 the seven most deadly sins 2.3 passwords-A key point for good security, etc Chapter 3. Quick and easy hacking and how to avoid it 3.1 X marks the Hole 3.2 law of the Jungle-physical security 3.3 physical actions, etc Chapter 4. Common Hacking by the subsystems 4.1 NFS, mountd, and portmap 4.2 sendmail 4.3 Telnet, etc Chapter 5. Common Hacker Attacks 5.1 Rootkit attacks (script kiddies) 5.2 packet spoofing explained 5.3 SYN Flood Attack Explained, etc Chapter 6. Advanced security issues 6.1 configuring netscape for higher security 6.2 stopping access to I/O devices 6.3 scouting Out Apache (httpd) problems, etc Chapter 7. Establishing security policies 7.1 General policy 7.2 personal use policy 7.3 Accounts policy, etc Chapter 8. Trusting other computers 8.1 secure systems and insecure systems 8.2 Trust no one-The highest security 8.3 Linux and Unix systems within your control, etc Chapter 9. Gusty Break-Ins 9.1 Mission impossible techniques 9.2 Spies 9.3 Fanatics and suicide Attacks Chapter 10. Case studies 10.1 Confessions of a Berkeley system mole 10.2 Knights of the realm (forensics) 10.3 Ken Thompson cracks the Navy, etc Chapter 11. Recent Break-Ins 11.1 Fragmentation Attacks 11.2 IP masquerading fails for ICMP 11.3 The Ping of Death Sinks Dutch Shipping Company, etc Part II Preparing for an intrusion Chapter 12. Hardening your system 12.1 protecting user sessions with SSH 12.2 Virtual Private Networks (VPN) 12.3 Pretty Good Privacy (PGP), ETC Chapter 13. Preparing your hardware 13.1 Timing Is Everything 13.2 Advanced preparation 13.3 Switch to Auxiliary control (Hot Backups), etc Chapter 14. Preparing your configurations 14.1 TCP wrappers 14.2 Adaptive firewalls: Raising the Drawbridge with the cracker trap 14.3 Ending cracker servers with a Kernel Mod, etc Chapter 15. Scanning your system 15.1 The nessus security scanner 15.2 The SARA and SAINT security Auditors 15.3 The nmap network mapper, etc Part III Detecting an Intrusion Chapter 16. Monitoring the Activity 16.1 Log files 16.2 log files: measures and countermeasures 16.3 Using Logcheck to check log files you never check, etc Chapter 17. Scanning your system for anomalies 17.1 Finding suspicious files 17.2 Tripwire 17.3 Detecting deleted Executables, etc Part IV Recovering from an Intrusion Chapter 18. Regaining control of your system 18.1 finding the crackers running process 18.2 handling running cracker processes 18.3 Drop the modems, networks, printers and systems, etc Chapter 19. Finding and repairing the damage 19.1 check your / var / log Logs 19.2 The syslogd and klogd Daemons 19.3 Interpreting log file entries, etc Chapter 20. Finding the attacker's system 20.1 Tracing a numeric IP Address with nslookup 20.2 Tracing a numeric IP Address with dig 20.3 who is a commie: Finding . com Owners, etc Chapter 21. Having the Cracker crack Rocks 21.1 police: Dragnet or keystone kops? 21.2 prosecution 21.3 Liability of ISPs allowing illegal activity, etc ; Index : p. 795-810 ER -