Linux System Security, 2/e

Scott Mann, Ellen L. Mitchell, Mitchell Krell, Mitch Krell

  • 出版商: Prentice Hall
  • 出版日期: 2002-09-18
  • 定價: $1,900
  • 售價: 8.0$1,520
  • 語言: 英文
  • 頁數: 896
  • 裝訂: Hardcover
  • ISBN: 0130470112
  • ISBN-13: 9780130470119
  • 相關分類: Linux資訊安全
  • 立即出貨(限量) (庫存=2)






Lock down your Linux system NOW!



  • Up-to-the-minute security techniques for your entire Linux environment!
  • NEW! In-depth coverage of Bastille, the breakthrough Linux lockdown tool!
  • NEW! Intrusion detection with network sniffers and port scanners
  • NEW! Complete coverage of the OpenSSH encryption suite
  • Firewalls, email, Web services, filesystems, applications, and more
  • Completely updated for RedHat 7.2

Now there's an up-to-the-minute, hands-on guide to using open source tools to protect any Linux system! Completely updated for the newest tools and distributions, Linux System Security, Second Edition covers virtually every facet of Linux security, from firewalls and intrusion detection to authentication and secure Web services. You'll master over a dozen crucial open source security tools, including sudo, portmap, xinetd, tiger, tripwire, ipchains, pam, crack, and more. Along the way, three long-time Linux sysadmins will show you the "gotchas," rules of thumb, and undocumented tricks it would take you years to learn on your own!

  • Preparing Linux systems for a production environment
  • Using Bastille to lock down Linux systems without unnecessarily compromising their functionality
  • Combatting Trojan horses, backdoors, password cracking, buffer overflows, spoofing, DoS, and more
  • OpenSSH: eliminating eavesdropping, connection hijacking, and other network-level attacks
  • Detecting intrusions with network sniffers and port scanners
  • Firewalls, email, Web services, filesystems, applications, and much more
  • Protecting mixed Linux/UNIX(r) environments
  • Includes a concise introduction to security policies

Want the benefits of Linux without the security risks? Get Linux System Security, Second Edition!

Prentice Hall Series on Computer Networking and Distributed Systems, Radia Perlman, Series Advisor

Table of Contents

1. How Did That Happen?: Vulnerability Survey.
2. Imagine That! You're Big Brother! Security Policies.
3. This 'n That: Background Information.
4. Of Course I Trust My Users! Users, Permissions, and Filesystems.
5. Been Cracked? Just Put PAM on It! Pluggable Authentication Modules.
6. Just Once, Only Once! One-Time Passwords.
7. Bean Counting: System Accounting.
8. And You Thought Wiretapping Was for the Feds! System Logging.
9. Want To Be Root? Superuser Do (sudo).
10. Which Doors Are Open? Securing Network Services: xinetd.
11. Let 'Em Sniff the Net! The Secure Shell.
12. So You Think You've Got a Good Password! Crack.
13. What's Been Happening? Auditing Your System with Bastille.
14. Setting the Trap: Tripwire.
15. We Must Censor! Part 1: ipchains.
16. We Must Censor! Part 2: iptables.
17. Who's Watching Now? Scanners, Sniffers, and Detectors.
18. Wiretapping Is Not So Much Fun after All! Log File Management.
19. This Is an Awful Lot of Work! Implementing and Managing Security.
Appendix A. Keeping Up to Date.
Appendix B. Tools Not Covered.
Appendix C. OPIE.
Appendix D. Securing Network Services: TCP_Wrappers and portmap.
Appendix E. The Cryptographic and Transparent Cryptographic Filesystems.








  • 最新的安全技術,適用於您的整個Linux環境!

  • 全面介紹突破性的Linux鎖定工具Bastille!

  • 使用網絡嗅探器和端口掃描器進行入侵檢測

  • 完整介紹OpenSSH加密套件

  • 防火牆、電子郵件、Web服務、文件系統、應用程序等等

  • 完全更新至RedHat 7.2


  • 為生產環境準備Linux系統

  • 使用Bastille鎖定Linux系統,而不會不必要地犧牲其功能

  • 對抗特洛伊木馬、後門、破解密碼、緩衝區溢出、欺騙、DoS等等

  • OpenSSH:消除竊聽、連接劫持和其他網絡層攻擊

  • 使用網絡嗅探器和端口掃描器進行入侵檢測

  • 防火牆、電子郵件、Web服務、文件系統、應用程序等等

  • 保護混合的Linux/UNIX(r)環境

  • 包括簡明的安全策略介紹


Prentice Hall計算機網絡和分散系統系列,Radia Perlman,系列顧問



1. 發生了什麼?漏洞調查。

2. 想像一下!你是大哥!安全策略。

3. 這個和那個:背景信息。

4. 當然我相信我的用戶!用戶、權限和文件系統。

5. 被破解了嗎?只需在上面放置PAM!可插拔身份驗證模塊。

6. 只有一次!一次性密碼。

7. 算帳:系統會計。

8. 你以為竊聽只是聯邦政府的事情!系統日誌。

9. 想成為root用戶嗎?超級用戶Do(sudo)。

10. 哪些門是開著的?保護網絡服務:xinetd。

11. 讓他們嗅探網絡!安全外殼。

12. 所以你認為你有一個好密碼!Crack。

13. 發生了什麼事?使用Bastille審計您的系統。

14. 設置陷阱:Tripwire。

15. 我們必須審查!第1部分:ipchains。

16. 我們必須審查!第2部分:iptables。

17. 誰在監視?掃描器、嗅探器和檢測器。

18. 竊聽其實並不那麼有趣!日誌文件管理。

19. 這是非常多的工作!實施和管理安全。

附錄A. 保持最新。

附錄B. 未涵蓋的工具。

附錄C. OPIE。

附錄D. 保護網絡服務:TCP_Wrappers和portmap。

附錄E. 加密和透明加密文件系統。