SUSE LINUX Enterprise Server 9 Administrator's Handbook (Paperback)
暫譯: SUSE LINUX 企業伺服器 9 管理員手冊 (平裝本)
Peter Kuo, Jacques Beland
- 出版商: Novell Press
- 出版日期: 2005-07-09
- 售價: $1,890
- 貴賓價: 9.5 折 $1,796
- 語言: 英文
- 頁數: 552
- 裝訂: Paperback
- ISBN: 067232735X
- ISBN-13: 9780672327353
-
相關分類:
Linux
已過版
買這商品的人也買了...
-
The Book of VMware: The Complete Guide to VMware Workstation$1,460$1,387 -
Visual C#.NET 程式設計經典$650$514 -
C++ Builder 6 完全攻略$690$587 -
ASP.NET 程式設計徹底研究$590$466 -
鳥哥的 Linux 私房菜─基礎學習篇增訂版$560$476 -
Windows 程式設計使用 MFC (Programming Windows with MFC, 2/e)$990$782 -
ASP.NET 徹底研究進階技巧─高階技巧與控制項實作$650$507 -
Sniffer Pro 網路最佳化與故障排除手冊$580$452 -
Linux iptables 技術實務─防火牆、頻寬管理、連線管制$620$527 -
打造個性化 XOOPS2 網站─佈景設計、模組開發$580$493 -
Fedora Core 4 Linux 實務應用 DVD 版$650$553 -
The Zen of CSS Design─網頁視覺設計的王道 (The Zen of CSS Design: Visual Enlightenment for The Web)$780$663 -
線上開店商品攝影技術修煉 (Digital Photographing Course for Web Shop)$520$406 -
計算機組織與設計 (Computer Organization and Design: The Hardware/Software Interface, 3/e)$680$646 -
最新詳解 Javascript & HTML & CSS 語法辭典(增訂新版)$490$382 -
bash Shell 入門 (Learning the bash Shell, 3/e)
$580$458 -
Linux 核心開發指南 (Linux Kernel Development, 2/e)$550$495 -
Postfix 技術手札─郵件伺服器應用全攻略 (The Book of Postfix: State-of-the-Art Message Transport)$580$493 -
Dreamweaver 搞不定的網頁設計效果:CSS 關鍵救援密碼
$520$442 -
Visual C# 2005 程式開發與介面設計秘訣$750$593 -
Effective C++, 3/e (中文版) (Effective C++: 55 Specific Ways to Improve Your Programs and Designs, 3/e)$500$450 -
Ajax 技術手冊 (Foundations of Ajax)$450$356 -
世紀末軟體革命復刻版:C++、GUI 與物件導向理論$620$527 -
一次擁有 Linux 雙認證-LPIC Level I + Novell CLA 11 自學手冊, 2/e$750$593 -
Linux Shell 程式設計與管理實務(完整涵蓋 Bash 4.x)$650$514
相關主題
商品描述
Description:
As a system administrator, you are justly concerned about the security of your infrastructure. SUSE Linux Enterprise Server (SLES 9) can lead the way to infrastructure security and SUSE Linux Enterprise Server Administrator's Handbook is the authoritative source for information on this secure server. Step-by-step procedures will walk you through installing and securing a SLES 9 system, and it will focus on the specific security features that make SLES 9 an important platform for all system administrators. Some of what you will cover is:
- SuSE server installation
- User access and security
- Installing and configuring networking services
- Securing your SuSE server
Leverage Linux and open source with SLES 9 and SUSE Linux Enterprise Server Administrator's Handbook to build a secure computing network for your company.
Table of Contents:
I. SUSE SERVER INSTALLATION AND CONFIGURATION.
1. Installing SUSE LINUX Enterprise Server.
Installation Methods and Overview.
CD-ROM—Based Installation.
VNC-Based Installation.
Network-Based Installation.
AutoYaST-Based Installation.
Pre-Installation Planning.
Ten Easy Steps to SLES 9 Installation.
Selecting an Installation Method.
Selecting the Language.
Choosing Installation Settings.
Preparing the Hard Disks.
Configuring the System.
Specifying Network Settings.
Applying Online Updates.
Configuring Services.
Configuring User Information.
Configuring Hardware.
Troubleshooting.
Summary.
2. Updating the Server.
Maintaining Your System Configuration.
SuSEconfig.
YaST (Yet another Setup Tool).
Adding and Removing Packages.
Installing a Package.
Removing a Package or Subcomponents.
Adding and Removing Hardware.
Preparations.
Adding a Disk.
Changing Network Configuration.
Network Parameters.
Using YaST to Manage the Network Configuration.
Summary.
3. Booting and Shutting Down the Server.
Boot Loaders.
LILO.
Grub.
Kernel Boot.
init and Understanding Runlevels.
System Shutdown.
Emergency Boot and Recovery.
Summary.
II. USER ACCESS AND SECURITY MANAGEMENT.
4. User and Group Administration.
User and Group IDs.
User and Group Data Files.
The /etc/passwd File.
The /etc/shadow File.
The /etc/group File.
User Account and Group Management Applications.
Creating and Editing User Accounts.
Setting Default User Account Properties.
Creating and Editing Groups.
Security Considerations.
Using Strong Passwords.
Auditing Default Accounts.
The Root Account.
User in Too Many Groups?
Summary.
5. User Environment Management and Security.
Account Auditing.
Configuring the User Environment.
Default Shell.
Login Scripts and Environment Variables.
User Resource Management.
Authentication Using PAM.
PAM Module Configuration.
Resource Management.
Access Time Management.
Quota Management.
su or sudo.
Summary.
6. Filesystem Security.
A Review of File and Directory Permissions.
Changing Permissions.
Changing User and Group Ownership.
Security Considerations.
Default Access Permissions.
Special File Permissions.
Security Implications of SUID/SGID.
SGID and File Sharing.
A SUID Sample Program.
Securing Against SUID Programs.
Sticky Business.
Extended Attributes.
Data and Filesystem Encryption.
Secure File Deletion.
Journaled Filesystems.
Summary.
7. System Management and Monitoring.
Common Linux Commands.
Basic Commands.
Additional Tools.
The root Filesystem.
Health Checks and System Monitoring.
Machine Uptime.
Log Review.
Top Consumers.
Application Check.
System Resource Check.
User Login Activity.
System Tuning.
Tuning Kernel Parameters.
Tuning Filesystem Access.
Summary.
III. INSTALLING AND CONFIGURING NETWORKING SERVICES.
8. Network Services.
Angels and Daemons.
Configuring xinetd.
The /etc/xinetd.conf File.
Applying Access Control.
Security Considerations.
Network Time Services.
Configuring the NTP Client.
Configuring an NTP Server.
Troubleshooting Tips.
Email Services.
File Transfer Services.
Using Pure-FTPd.
Using vsftpd.
Using the Standard TFTP Server.
Network File-Sharing Services.
Setting Up an NFS Server.
Setting Up a Samba Server.
Remote Management Services.
Telnet.
ssh.
VNC and XDMCP.
Securing System Management Conversations.
Restricting Connections by IP Address.
A Secure System Management Environment.
Network Name Services.
Samba.
Service Location Protocol (SLP).
Domain Name Service (DNS).
Dynamic Host Configuration Protocol (DHCP).
DNS and DHCP.
Web Services.
Authentication Services.
Network Information Services (NIS).
Samba Domains.
Lightweight Directory Access Protocol (LDAP).
Kerberos.
Summary.
9. Printing Services.
Printer Configuration.
Local Printers.
Network Printers.
Adding a Local Printer.
Adding a Network Printer.
Print Job Lifecycle.
Job Spooling.
Applying Filters.
Printing the Information.
Queue Management.
YaST Queue Configuration.
Command-Line Queue Configuration.
Printer Queue Basics.
The CUPS Web Interface.
Summary.
10. Data Backup and Disaster Recovery.
A Look at Backup Strategies.
Implementing a Backup Strategy.
Grandfather-Father-Son Rotation Method.
Tower of Hanoi Rotation Method.
Some Tips and Tricks.
Database Backups: Cold or Hot?
Backup and Restore Tools.
Making Tarballs.
Archiving Data with cpio.
Converting and Copying Data Using dd.
Using dump and restore.
Data Mirroring Using rsync.
YaST’s System Backup and Restore Modules.
Getting to Know AMANDA.
Scheduling Backups.
Commercial Backup Products.
SLES Boot and Rescue Disks.
Summary.
IV. SECURING YOUR SUSE SERVER.
11. Network Security Concepts.
Corporate Security Policies.
Physical Security.
User Accounts.
Strong Passwords.
Remote Access.
Firewalls.
Acceptable Use Policy.
Information Protection.
Incident Response.
Summary.
12. Intrusion Detection.
Defining Intrusions.
Reducing Your Target Size.
Vulnerability Assessments.
nmap.
Nessus.
Detecting a Network-based Intrusion.
Know Your Traffic, Tune Your Firewall.
Network Intrusion Detection Systems.
Snort.
Analysis Console for Intrusion Databases.
Detecting a Host Intrusion.
Log Files.
chkrootkit.
Advanced Intrusion Detection Environment (AIDE).
Additional Tools.
Scan Detection Tools.
MRTG and Cacti.
Ethereal.
Summary.
13. System Security.
System Hardening Principles.
Using a Central syslog Server.
Hardening the Central Syslog Host.
A Stealth Logging Host.
Avoid Logging in As Root.
Securing Network Services.
Hardening Remote Services.
Limiting Rights of Services.
Using chroot Jails and User Mode Linux.
Packet Filtering Using iptables.
Hardening Your Physical Network Infrastructure.
Wireless Security.
System Hardening Packages.
Automating SLES Hardening.
Learning More About Threats.
Summary.
V. APPENDIXES.
Appendix A. Security Certifications.
Appendix B. Resources.
Linux Editors.
Website Resources.
Security and Linux-Related Websites.
SUSE-Specific Newsgroups and Websites.
Index.
商品描述(中文翻譯)
描述:
作為系統管理員,您對基礎設施的安全性非常關注。SUSE Linux Enterprise Server (SLES 9) 可以引領基礎設施安全,而《SUSE Linux Enterprise Server Administrator's Handbook》是有關這個安全伺服器的權威資訊來源。逐步的程序將指導您安裝和保護 SLES 9 系統,並將重點放在使 SLES 9 成為所有系統管理員重要平台的特定安全功能上。您將涵蓋的內容包括:
- SuSE 伺服器安裝
- 使用者訪問和安全性
- 安裝和配置網路服務
- 保護您的 SuSE 伺服器
利用 Linux 和開源技術,使用 SLES 9 和《SUSE Linux Enterprise Server Administrator's Handbook》為您的公司建立一個安全的計算網路。
目錄:
I. SUSE 伺服器安裝與配置
1. 安裝 SUSE LINUX Enterprise Server
- 安裝方法與概述
- 基於 CD-ROM 的安裝
- 基於 VNC 的安裝
- 基於網路的安裝
- 基於 AutoYaST 的安裝
- 安裝前規劃
- 十個簡單步驟安裝 SLES 9
- 選擇安裝方法
- 選擇語言
- 選擇安裝設定
- 準備硬碟
- 配置系統
- 指定網路設定
- 應用線上更新
- 配置服務
- 配置使用者資訊
- 配置硬體
- 故障排除
- 總結
2. 更新伺服器
- 維護您的系統配置
- SuSEconfig
- YaST (Yet another Setup Tool)
- 添加和移除套件
- 安裝套件
- 移除套件或子組件
- 添加和移除硬體
- 準備工作
- 添加磁碟
- 更改網路配置
- 網路參數
- 使用 YaST 管理網路配置
- 總結
3. 啟動和關閉伺服器
- 啟動載入程式
- LILO
- Grub
- 核心啟動
- init 和理解運行級別
- 系統關閉
- 緊急啟動和恢復
- 總結
II. 使用者訪問和安全管理
4. 使用者和群組管理
- 使用者和群組 ID
- 使用者和群組數據檔
- /etc/passwd 檔
- /etc/shadow 檔
- /etc/group 檔
- 使用者帳戶和群組管理應用程式
- 創建和編輯使用者帳戶
- 設定預設使用者帳戶屬性
- 創建和編輯群組
- 安全考量
- 使用強密碼
- 審核預設帳戶
- 根帳戶
- 使用者在太多群組中?
- 總結
5. 使用者環境管理與安全
- 帳戶審核
- 配置使用者環境
