Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new
Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes—short, focused pieces of code that administrators can use to improve security and perform common tasks securely. The
Linux Security Cookbook includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure. Some of the "recipes" you'll find in this book are:
- Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more
- Monitoring your network with tcpdump, dsniff, netstat, and other tools
- Protecting network connections with Secure Shell (SSH) and stunnel
- Safeguarding email sessions with Secure Sockets Layer (SSL)
- Encrypting files and email messages with GnuPG
- Probing your own security with password crackers, nmap, and handy scripts
This cookbook's proven techniques are derived from hard-won experience. Whether you're responsible for security on a home Linux system or for a large corporation, or somewhere in between, you'll find valuable, to-the-point, practical recipes for dealing with everyday security issues. This book is a system saver.
