Linux Administrator's Security Guide

Table of Contents

By Kurt Seifried [email protected], Copyright Kurt Seifried 2001. License is here. Chapters with listed sections are "completed", the rest is still being rewritten.

I will be speaking at CSICON, August 19-21, Calgary, Alberta, Canada

Latest major update: Introduction to computer security


Preface

About this book
Acknowledgements
Contacts and mailing lists
Typographical conventions
Errata and bugs


Introduction to computer security

What is computer security?
Security Policy
Acceptable Use Policy
Privacy Policy
Security as a process
Defense in depth
Technical problems


Installation

Verifying packages and files
Installation media

Automating installs
Filesystem layout and structuring
Hardening your installation

Summary


Physical and console security

Physical security
Console security
Summary


Administration

Overview
Local tools
WWW based tools
Other network based tools


backups

Non-commercial backup programs for Linux
Commercial backup programs for Linux
Backup media


Filesystem and files

Basic file commands
Secure file deletion
Access control lists (ACL’s)
Critical system configuration files
File encryption
Filesystem encryption
Hiding data


Authentication

PAM
Authentication services
Passwords
Cracking passwords
Password storage


logging

 


attack-detection

Baselines
File system monitoring
Network monitoring / attack detection
Intrusion Detection Papers
Dealing with attacks
Packet sniffers
Packet sniffer detection


intrusion-testing

Host scanners
Network scanners
Application level Scanners
Exploits


firewall

Firewalling concepts
Firewalling with IPTables (Linux Kernel 2.4 and 2.5)
Firewalling with IPChains (Linux Kernel 2.2, 2.3, 2.4 and 2.5)
Firewalling with IPFWADM (Linux Kernel 2.0)

 


network

 


network servers

 


software

 


encryption

 


Limiting and monitoring users

Limiting users
Monitoring users


viruses

 


vpn

 


kernel

 


security-techniques

 


checklists

 


distributions

 


appendices

 


glossary

 


vendor keys

 


Changelog

 


Last updated on 1/10/2001

Copyright Kurt Seifried 2001 [email protected]