Chapter 1. Unix Host Security

    Hacks #1-20

    Section 1.  Secure Mount Points

    Section 2.  Scan for SUID and SGID Programs

    Section 3.  Scan For World- and Group-Writable Directories

    Section 4.  Create Flexible Permissions Hierarchies with POSIX ACLs

    Section 5.  Protect Your Logs from Tampering

    Section 6.  Delegate Administrative Roles

    Section 7.  Automate Cryptographic Signature Verification

    Section 8.  Check for Listening Services

    Section 9.  Prevent Services from Binding to an Interface

    Section 10.  Restrict Services with Sandboxed Environments

    Section 11.  Use proftp with a MySQL Authentication Source

    Section 12.  Prevent Stack-Smashing Attacks

    Section 13.  Lock Down Your Kernel with grsecurity

    Section 14.  Restrict Applications with grsecurity

    Section 15.  Restrict System Calls with Systrace

    Section 16.  Automated Systrace Policy Creation

    Section 17.  Control Login Access with PAM

    Section 18.  Restricted Shell Environments

    Section 19.  Enforce User and Group Resource Limits

    Section 20.  Automate System Updates