Security Strategies in Linux Platforms and Applications, 3rd EditionКНИГИ » ОС И БД
Название: Security Strategies in Linux Platforms and Applications, 3rd Edition Автор: Ric Messier, Michael Jang Издательство: Jones & Bartlett Learning Год: 2022 Страниц: 500 Язык: английский Формат: epub (true) Размер: 32.1 MB
Security Strategies in Linux Platforms and Applications, Third Edition covers major aspects of security on a Linux system. The first part of this book describes the risks, threats, and vulnerabilities associated with Linux as an operating system. Linux is a common operating system used for Internet infrastructure. As a result, a big focus for this book is on implementing strategies that you can use to protect your system implementations, even in cases where they are public facing. To that end, this book uses examples from two of the major distributions built for the server: Red Hat Enterprise Linux and Ubuntu (Server Edition).
With Linux, security is much more than just firewalls and permissions. Part Two of the book shows you how to take advantage of the layers of security available to Linux—user and group options, filesystems, and security options for important services, as well as the security modules associated with Application Armor (AppArmor) and Security Enhanced Linux (SELinux). It also covers encryption options where available.
The final part of this book explores the use of both open source and proprietary tools when building a layered security strategy for your Linux operating system environments. With these tools, you can define a system baseline, audit the system state, monitor system performance, test network vulnerabilities, detect security breaches, and more. You will also learn basic practices associated with security alerts and updates, which are just as important.
As with any operating system, a Linux implementation requires strategies to harden it against attack. Linux is based on another operating system with a very long history, and it inherits the lessons learned over that history as well as some of the challenges. With Linux, you get a lot of eyes looking at the programs, which many consider to be a benefit of using open source programs and operating systems. While there are advantages, however, there are risks associated as well. Fortunately, a large community is built around improving Linux and the various software packages that go into it. This includes the National Security Agency, which initially developed a set of security extensions that has since been implemented into the Linux kernel itself.
When you are finished with this book, you will understand the importance of custom firewalls, restrictions on key services, golden baseline systems, and custom local repositories. You will even understand how to customize and recompile the Linux kernel. You will be able to use open source and commercial tools to test the integrity of various systems on the network. The data you get from such tools will identify weaknesses and help you create more secure systems.
The writing style of this book is practical and conversational. Each chapter begins with a statement of learning objectives. Step-by-step examples of information security concepts and procedures are presented throughout the text. Illustrations are used both to clarify the material and to vary the presentation. The text is sprinkled with notes, tips, FYIs, warnings, and sidebars to alert the reader to additional helpful information related to the subject under discussion. Chapter assessments appear at the end of each chapter, with solutions provided in the back of the book. Throughout this book are references to commands and directives.
Contents: About the Authors CHAPTER 1 Security Threats to Linux CHAPTER 2 Basic Components of Linux Security CHAPTER 3 Starting Off: Getting Up and Running CHAPTER 4 User Privileges and Permissions CHAPTER 5 Filesystems, Volumes, and Encryption CHAPTER 6 Securing Services CHAPTER 7 Networks, Firewalls, and More CHAPTER 8 Networked Filesystems and Remote Access CHAPTER 9 Networked Application Security CHAPTER 10 Kernel Security Risk Mitigation CHAPTER 11 Managing Security Alerts and Updates CHAPTER 12 Building and Maintaining a Security Baseline CHAPTER 13 Testing and Reporting CHAPTER 14 Detecting and Responding to Security Breaches CHAPTER 15 Best Practices and Emerging Technologies APPENDIX A Answer Key APPENDIX B Standard Acronyms Glossary of Key Terms References Index
Скачать Security Strategies in Linux Platforms and Applications, 3rd Edition