Toggle navigation
Home
Linux systems
Ppractical unix & internet security
Preface
Unix 'Security'?
Scope of This Book
Which Unix System?
Conventions Used in This Book
Comments and Questions
Acknowledgments
A Note to Would-Be Attackers
Part I: Computer Security Basics
Chapter 1. Introduction: Some Fundamental Questions
1.1 What Is Computer Security?
1.2 What Is an Operating System?
1.3 What Is a Deployment Environment?
1.4 Summary
Chapter 2. Unix History and Lineage
2.1 History of Unix
2.2 Security and Unix
2.3 Role of This Book
2.4 Summary
Chapter 3. Policies and Guidelines
3.1 Planning Your Security Needs
3.2 Risk Assessment
3.3 Cost-Benefit Analysis and Best Practices
3.4 Policy
3.5 Compliance Audits
3.6 Outsourcing Options
3.7 The Problem with Security Through Obscurity
3.8 Summary
Part II: Security Building Blocks
Chapter 4. Users, Passwords, and Authentication
4.1 Logging in with Usernames and Passwords
4.2 The Care and Feeding of Passwords
4.3 How Unix Implements Passwords
4.4 Network Account and Authorization Systems
4.5 Pluggable Authentication Modules (PAM)
4.6 Summary
Chapter 5. Users, Groups, and the Superuser
5.1 Users and Groups
5.2 The Superuser (root)
5.3 The su Command: Changing Who You Claim to Be
5.4 Restrictions on the Superuser
5.5 Summary
Chapter 6. Filesystems and Security
6.1 Understanding Filesystems
6.2 File Attributes and Permissions
6.3 chmod: Changing a File's Permissions
6.4 The umask
6.5 SUID and SGID
6.6 Device Files
6.7 Changing a File's Owner or Group
6.8 Summary
Chapter 7. Cryptography Basics
7.1 Understanding Cryptography
7.2 Symmetric Key Algorithms
7.3 Public Key Algorithms
7.4 Message Digest Functions
7.5 Summary
Chapter 8. Physical Security for Servers
8.1 Planning for the Forgotten Threats
8.2 Protecting Computer Hardware
8.3 Preventing Theft
8.4 Protecting Your Data
8.5 Story: A Failed Site Inspection
8.6 Summary
Chapter 9. Personnel Security
9.1 Background Checks
9.2 On the Job
9.3 Departure
9.4 Other People
9.5 Summary
Part III: Network and Internet Security
Chapter 10. Modems and Dialup Security
10.1 Modems: Theory of Operation
10.2 Modems and Security
10.3 Modems and Unix
10.4 Additional Security for Modems
10.5 Summary
Chapter 11. TCP/IP Networks
11.1 Networking
11.2 IP: The Internet Protocol
11.3 IP Security
11.4 Summary
Chapter 12. Securing TCP and UDP Services
12.1 Understanding Unix Internet Servers and Services
12.2 Controlling Access to Servers
12.3 Primary Unix Network Services
12.4 Managing Services Securely
12.5 Putting It All Together: An Example
12.6 Summary
Chapter 13. Sun RPC
13.1 Remote Procedure Call (RPC)
13.2 Secure RPC (AUTH_DES)
13.3 Summary
Chapter 14. Network-Based Authentication Systems
14.1 Sun's Network Information Service (NIS)
14.2 Sun's NIS+
14.3 Kerberos
14.4 LDAP
14.5 Other Network Authentication Systems
14.6 Summary
Chapter 15. Network Filesystems
15.1 Understanding NFS
15.2 Server-Side NFS Security
15.3 Client-Side NFS Security
15.4 Improving NFS Security
15.5 Some Last Comments on NFS
15.6 Understanding SMB
15.7 Summary
Chapter 16. Secure Programming Techniques
16.1 One Bug Can Ruin Your Whole Day . . .
16.2 Tips on Avoiding Security-Related Bugs
16.3 Tips on Writing Network Programs
16.4 Tips on Writing SUID/SGID Programs
16.5 Using chroot( )
16.6 Tips on Using Passwords
16.7 Tips on Generating Random Numbers
16.8 Summary
Part IV: Secure Operations
Chapter 17. Keeping Up to Date
17.1 Software Management Systems
17.2 Updating System Software
17.3 Summary
Chapter 18. Backups
18.1 Why Make Backups?
18.2 Backing Up System Files
18.3 Software for Backups
18.4 Summary
Chapter 19. Defending Accounts
19.1 Dangerous Accounts
19.2 Monitoring File Format
19.3 Restricting Logins
19.4 Managing Dormant Accounts
19.5 Protecting the root Account
19.6 One-Time Passwords
19.7 Administrative Techniques for Conventional Passwords
19.8 Intrusion Detection Systems
19.9 Summary
Chapter 20. Integrity Management
20.1 The Need for Integrity
20.2 Protecting Integrity
20.3 Detecting Changes After the Fact
20.4 Integrity-Checking Tools
20.5 Summary
Chapter 21. Auditing, Logging, and Forensics
21.1 Unix Log File Utilities
21.2 Process Accounting: The acct/pacct File
21.3 Program-Specific Log Files
21.4 Designing a Site-Wide Log Policy
21.5 Handwritten Logs
21.6 Managing Log Files
21.7 Unix Forensics
21.8 Summary
Part V: Handling Security Incidents
Chapter 22. Discovering a Break-in
22.1 Prelude
22.2 Discovering an Intruder
22.3 Cleaning Up After the Intruder
22.4 Case Studies
22.5 Summary
Chapter 23. Protecting Against Programmed Threats
23.1 Programmed Threats: Definitions
23.2 Damage
23.3 Authors
23.4 Entry
23.5 Protecting Yourself
23.6 Preventing Attacks
23.7 Summary
Chapter 24. Denial of Service Attacks and Solutions
24.1 Types of Attacks
24.2 Destructive Attacks
24.3 Overload Attacks
24.4 Network Denial of Service Attacks
24.5 Summary
Chapter 25. Computer Crime
25.1 Your Legal Options After a Break-in
25.2 Criminal Hazards
25.3 Criminal Subject Matter
25.4 Summary
Chapter 26. Who Do You Trust?
26.1 Can You Trust Your Computer?
26.2 Can You Trust Your Suppliers?
26.3 Can You Trust People?
26.4 Summary
Part VI: Appendixes
Appendix A. Unix Security Checklist
A.1 Preface
A.2 Chapter 1: Introduction: Some Fundamental Questions
A.3 Chapter 2: Unix History and Lineage
A.4 Chapter 3: Policies and Guidelines
A.5 Chapter 4: Users, Passwords, and Authentication
A.6 Chapter 5: Users, Groups, and the Superuser
A.7 Chapter 6: Filesystems and Security
A.8 Chapter 7: Cryptography Basics
A.9 Chapter 8: Physical Security for Servers
A.10 Chapter 9: Personnel Security
A.11 Chapter 10: Modems and Dialup Security
A.12 Chapter 11: TCP/IP Networks
A.13 Chapter 12: Securing TCP and UDP Services
A.14 Chapter 13: Sun RPC
A.15 Chapter 14: Network-Based Authentication Systems
A.16 Chapter 15: Network Filesystems
A.17 Chapter 16: Secure Programming Techniques
A.18 Chapter 17: Keeping Up to Date
A.19 Chapter 18: Backups
A.20 Chapter 19: Defending Accounts
A.21 Chapter 20: Integrity Management
A.22 Chapter 21: Auditing, Logging, and Forensics
A.23 Chapter 22: Discovering a Break-In
A.24 Chapter 23: Protecting Against Programmed Threats
A.25 Chapter 24: Denial of Service Attacks and Solutions
A.26 Chapter 25: Computer Crime
A.27 Chapter 26: Who Do You Trust?
A.28 Appendix A: Unix Security Checklist
A.29 Appendix B: Unix Processes
A.30 Appendixes C, D, and E: Paper Sources, Electronic Sources, and Organizations
Appendix B. Unix Processes
B.1 About Processes
B.2 Signals
B.3 Controlling and Examining Processes
B.4 Starting Up Unix and Logging In
Appendix C. Paper Sources
C.1 Unix Security References
C.2 Other Computer References
Appendix D. Electronic Resources
D.1 Mailing Lists
D.2 Web Sites
D.3 Usenet Groups
D.4 Software Resources
Appendix E. Organizations
E.1 Professional Organizations
E.2 U.S. Government Organizations
E.3 Emergency Response Organizations
Colophon
Remember the name: eTutorials.org
Copyright eTutorials.org 2008-2024. All rights reserved.
