We bring 13 interesting and helpful ebooks to help you upgrade your skills and knowledge. This time on Unix and Linux Security.
For a long time security was considered as the last thing in Linux and Unix. But with more and more security threats like hacking rising every day, Linux and Unix security is becoming the hottest thing in the IT job market. Here we bring to you 13 free ebooks to help you upgrade your Unix/Linux security skills. |
Author: Kurt Seifried
The book was one of the very first on Linux security. From the table of content, the book covers:
Linux Physical and Console Security, Linux Administration, Linux Backup Guide, Linux File System and File Security, Linux User Authentication, Linux System and User Logging and much more.
Author(s) Richard Haines
Publisher: Richard Haines (2010)
This Notebook has been assembled from information that is available within the public domain and where necessary, updated to reflect the Linux Security Module (LSM) and Security-Enhanced Linux (SELinux) services as built into the Fedora 10 release of GNU/Linux. It explains:
SELinux and its purpose in life.
The LSM / SELinux architecture, its supporting services and how they are implemented within GNU/Linux.
The core SELinux policy language and how basic policy modules can be constructed for instructional purposes.
The core SELinux policy management tools with examples of usage.
The Reference Policy architecture, its supporting services and how it is implemented.
Author(s) Justin Clarke, Nitesh Dhanjani
Publisher: O'Reilly Media; 1 edition (April 11, 2005)
As the introduction of the book says, “If you're an advanced security professional, then you know that the battle to protect online privacy continues to rage on. Security chat rooms, especially, are resounding with calls for vendors to take more responsibility to release products that are more secure. In fact, with all the information and code that is passed on a daily basis, it's a fight that may never end. Fortunately, there are a number of open source security tools that give you a leg up in the battle.
Often a security tool does exactly what you want, right out of the box. More frequently, you need to customize the tool to fit the needs of your network structure. Network Security Tools shows experienced administrators how to modify, customize, and extend popular open source security tools such as Nikto, Ettercap, and Nessus.
This concise, high-end guide discusses the common customizations and extensions for these tools, then shows you how to write even more specialized attack and penetration reviews that are suited to your unique network environment. It also explains how tools like port scanners, packet injectors, network sniffers, and web assessment tools function.”
Author(s) Simson Garfinkel, Gene Spafford
Publisher: O'Reilly Media; Second Edition (April 1996); Third Edition edition (February 28, 2003)
As the introduction of the book says, “If you are a UNIX system administrator or user in this security conscious age, you need this book. It's a practical guide that spells out, in readable and entertaining language, the threats, the system vulnerabilities, and the countermeasures you can adopt to protect your UNIX system, network, and Internet connection. It's complete -- covering both host and network security -- and doesn't require that you be a programmer or a UNIX guru to use it.
Practical UNIX & Internet Security describes the issues, approaches, and methods for implementing security measures. It covers UNIX basics, the details of security, the ways that intruders can get into your system, and the ways you can detect them, clean up after them, and even prosecute them if they do get in. Filled with practical scripts, tricks, and warnings,Practical UNIX & Internet Security tells you everything you need to know to make your UNIX system as secure as it possible can be.”
Author(s) K. Fenzi, D. Wreski
This read covers some of the main issues that affect Linux security. General philosophy and net-born resources are discussed.
A number of other HOWTO documents overlap with security issues, and those documents have been pointed to wherever appropriate.
This document is not meant to be a up-to-date exploits document. Large numbers of new exploits happen all the time. This document will tell you where to look for such up-to-date information, and will give some general methods to prevent such exploits from taking place.
Author(s)Neil A. Smyth
As the name suggests this book explains the aspects of Linux security to the beginners. Will take you right from the basics explaining why do you need it, to firewalls, configuration and encryptions!
Author(s) Faye Coker
This document was put together in response to people asking if an intro level HOWTO was available for getting started with SE Linux. It covers the more basic aspects of SE Linux such as terminology, installation and adding users in addition to a few other areas.
Author(s) Elizabeth D. Zwicky, Simon Cooper and D. Brent Chapman
Publisher: O'Reilly Media; Second Edition edition (January 15, 2000)
Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes:
- Firewall technologies: packet filtering, proxying, network address translation, virtual private networks
- Architectures such as screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewalls
- Issues involved in a variety of new Internet services and protocols through a firewall
- Email and News
- Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo)
- File transfer and sharing services such as NFS, Samba
- Remote access services such as Telnet, the BSD "r" commands, SSH, BackOrifice 2000
- Real-time conferencing services such as ICQ and talk
- Naming and directory services (e.g., DNS, NetBT, the Windows Browser)
- Authentication and auditing services (e.g., PAM, Kerberos, RADIUS);
- Administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics)
- Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP)
- Database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server)
Author(s) O. Andreasson
The author found a big empty space in the HOWTO's out there lacking in information about the iptables and Netfilter functions in the new Linux 2.4.x kernels. Among other things, he has tried to answer questions that some might have about the new possibilities like state matching. Most of this will be illustrated with an example rc.firewall.txt file that you can use in your /etc/rc.d/ scripts. Yes, this file was originally based upon the masquerading HOWTO for those of you who recognize it.
Author(s) J.F. Peña
This document describes security in the Debian project and in the Debian operating system. Starting with the process of securing and hardening the default Debian GNU/Linux distribution installation, it also covers some of the common tasks to set up a secure network environment using Debian GNU/Linux, gives additional information on the security tools available and talks about how security is enforced in Debian by the security and audit team.
Author(s) Dave Wreski
This document is a general overview of security issues that face the administrator of Linux systems. It covers general security philosophy and a number of specific examples of how to better secure your Linux system from intruders. Also included are pointers to security related material and programs.
Author(s) David A. Wheeler
This book provides a set of design and implementation guidelines for writing secure programs for Linux and Unix systems. Such programs include application programs used as viewers of remote data, web applications (including CGI scripts), network servers, and setuid/setgid programs. Specific guidelines for C, C++, Java, Perl, PHP, Python, Tcl, and Ada95 are included.
Author(s) Werner Puschitz
This article is a practical step-by-step guide for securing Linux production systems. It discusses basic Linux Security requirements for systems that need to pass various audits in an enterprise environment. If you work on a corporate Linux Security Standard, or if you do Sarbanes-Oxley Act (SOX) or Statement on Auditing Standards No. 70 (SAS 70) related work, then this article should provide you a good baseline.