Free Linux Security Cookbook

Rating:
Author: Daniel J. Barrett
ISBN : B00BJ9A8S0
New from $17.99
Format: PDF, EPUB

Download books file now Free Linux Security Cookbook from with Mediafire Link Download Link

Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes--short, focused pieces of code that administrators can use to improve security and perform common tasks securely.

The Linux Security Cookbook includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure.

Some of the "recipes" you'll find in this book are:

• Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more


• Monitoring your network with tcpdump, dsniff, netstat, and other tools


• Protecting network connections with Secure Shell (SSH) and stunnel


• Safeguarding email sessions with Secure Sockets Layer (SSL)


• Encrypting files and email messages with GnuPG


• Probing your own security with password crackers, nmap, and handy scripts

This cookbook's proven techniques are derived from hard-won experience. Whether you're responsible for security on a home Linux system or for a large corporation, or somewhere in between, you'll find valuable, to-the-point, practical recipes for dealing with everyday security issues. This book is a system saver.

Download latest books on mediafire and other links compilation Free Linux Security Cookbook [Kindle Edition]

• Product Details
• Table of Contents
• Reviews

• File Size: 751 KB
• Print Length: 336 pages
• Simultaneous Device Usage: Unlimited
• Publisher: O'Reilly Media; 1 edition (February 21, 2013)
• Sold by: Amazon Digital Services, Inc.
  
• Language: English
• ASIN: B00BJ9A8S0
• Text-to-Speech: Enabled
• X-Ray:
  Not Enabled
• Lending: Not Enabled
• Amazon Best Sellers Rank: #143,113 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
  • #36
    in Kindle Store > Kindle eBooks > Computers & Technology > Operating Systems > Unix
  • #47
    in Books > Computers & Technology > Operating Systems > Linux > Programming
  • #75
    in Books > Computers & Technology > Operating Systems > Unix
• #36
  in Kindle Store > Kindle eBooks > Computers & Technology > Operating Systems > Unix
• #47
  in Books > Computers & Technology > Operating Systems > Linux > Programming
• #75
  in Books > Computers & Technology > Operating Systems > Unix

Free Linux Security Cookbook

I read this book from cover to cover and consider it a great effort by the authors to cover many security issues related to not just Linux, but most *nix operating systems. Here's a chapter by chapter review of what I've observed in the book:

Chapter 1 - System Snapshots with Tripwire

I liked the discussion of Tripwire and its configuration options. The sections on "Ultra-Paranoid Integrity Checking" were great! A decent introduction to Tripwire and some of its features.

Chapter 2 - Firewalls with iptables and ipchains

The difference between "Drop versus Reject" targets was good. So many books have info on iptables, but none discusses these issues. Also the point made about dropping ICMP messages was good. Quick to learn and implement recipes presented in this chapter.

Chapter 3 - Restricting Access by Remote Users

Recipe 3.7 was very neat. Allowing users to access a service only by port-forwarding over ssh allows the administrator to restrict access by user names. A smart way of imposing restrictions!
Also, in recipe 3.9, I liked the authors' approach to finding if xinetd is compiled with libwrap support.

All recipes regarding tweaking xinetd were good. It isn't always possible to look at all the configurable options with xinetd, and the authors did a good job in mentioning a few useful options.

Chapter 4 - Authentication Techniques and Infrastructures

Quick tips with PAM, openssl and kerberos. I couldnt get some of the recipes to work on my machine, but got most openssl stuff to work.

Chapter 5 - Authorization Controls

I liked this chapter the best. The discussion on sudo was enlightening, and I was able to effectively tweak most recipes to my needs. The man page would never have provided me with such a good explanation.

As the title suggests, LSC is a series of different Linux security "recipes." I found the cookbook-style of presentation both good and bad. Some recipes were a breeze to follow (such as the gpg recipes). Other recipes were difficult, but not impossible to follow.

As a "desktop" Linux user who only administers a desktop machine and notebook the chapters I found most useful were those on intrusion detection systems (Chapter 1) and GPG (Chapters 7 & 8). That said, LSC contains dozens of useful recipes for administrators from PAM authentication to monitoring who is doing what on your system. Some of the programs covered are programs I've never heard of before, John the Ripper for example. Other recipes cover those programs I know I should check out, like Snort, but have never taken the time to.

LSC is for the most part very easy to follow. The authors have been very careful to mention when software (snort for example) might or might not be included and how to find and install it. I got tripped up a little in the first chapter (which covers tripwire), because I tried downloading and compiling the tripwire source found at the tripwire web site. I obtained the source from a couple of recommended sites. In one instance tripwire failed to compile correctly, in another it compiled but kept segfaulting when I tried to initialize the database. It wasn't until after I emailed O'Reilly that I saw mention further in Chapter 1 that tripwire is included with Red Hat Linux. One of the authors, Daniel J. Barrett, also emailed me to tell me that it was on the third CD - doh! The upside of this little tale is that I got to know aide (another intrusion detection system) a little better after I installed it on my Debian-based notebook.

... it is certainly money well spent.

Download Link 1 - Download Link 2