Details
Linux Server Security
Hack and Defend1. Aufl.
|
38,99 € |
|
| Verlag: | Wiley |
| Format: | EPUB |
| Veröffentl.: | 03.05.2016 |
| ISBN/EAN: | 9781119277644 |
| Sprache: | englisch |
| Anzahl Seiten: | 144 |
DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.
Beschreibungen
<p><b>Learn how to attack and defend the world’s most popular web server platform </b></p> <p>Linux Server Security: Hack and Defend presents a detailed guide for experienced admins, aspiring hackers and other IT professionals seeking a more advanced understanding of Linux security. Written by a 20-year veteran of Linux server deployment this book provides the insight of experience along with highly practical instruction.</p> <p>The topics range from the theory of past, current, and future attacks, to the mitigation of a variety of online attacks, all the way to empowering you to perform numerous malicious attacks yourself (in the hope that you will learn how to defend against them). By increasing your understanding of a hacker’s tools and mindset you're less likely to be confronted by the all-too-common reality faced by many admins these days: someone else has control of your systems.</p> <ul> <li>Master hacking tools and launch sophisticated attacks: perform SQL injections, deploy multiple server exploits and crack complex passwords.</li> <li>Defend systems and networks: make your servers invisible, be confident of your security with penetration testing and repel unwelcome attackers.</li> <li>Increase your background knowledge of attacks on systems and networks and improve all-important practical skills required to secure any Linux server.</li> </ul> <p>The techniques presented apply to almost all Linux distributions including the many Debian and Red Hat derivatives and some other Unix-type systems. Further your career with this intriguing, deeply insightful, must-have technical book. Diverse, broadly-applicable and hands-on practical, Linux Server Security: Hack and Defend is an essential resource which will sit proudly on any techie's bookshelf.</p>
Preface xiii <p>Introduction xv</p> <p><b>Chapter 1: Invisibility Cloak 1</b></p> <p>Background 1</p> <p>Probing Ports 1</p> <p>Confusing a Port Scanner 2</p> <p>Installing knockd 2</p> <p>Packages 3</p> <p>Changing Default Settings 3</p> <p>Altering Filesystem Locations 4</p> <p>Some Config Options 5</p> <p>Starting the Service 5</p> <p>Changing the Default Network Interface 5</p> <p>Packet Types and Timing 5</p> <p>Testing Your Install 6</p> <p>Port Knocking Clients 7</p> <p>Making Your Server Invisible 7</p> <p>Testing Your iptables 8</p> <p>Saving iptables Rules 9</p> <p>Further Considerations 10</p> <p>Smartphone Client 10</p> <p>Troubleshooting 10</p> <p>Security Considerations 10</p> <p>Ephemeral Sequences 11</p> <p>Summary 12</p> <p><b>Chapter 2: Digitally Fingerprint Your Files 13</b></p> <p>Filesystem Integrity 13</p> <p>Whole Filesystem 16</p> <p>Rootkits 17</p> <p>Confi guration 19</p> <p>False Positives 21</p> <p>Well Designed 22</p> <p>Summary 23</p> <p><b>Chapter 3: Twenty-First-Century Netcat 25</b></p> <p>History 25</p> <p>Installation Packages 27</p> <p>Getting Started 27</p> <p>Transferring Files 29</p> <p>Chatting Example 30</p> <p>Chaining Commands Together 30</p> <p>Secure Communications 31</p> <p>Executables 33</p> <p>Access Control Lists 34</p> <p>Miscellaneous Options 34</p> <p>Summary 35</p> <p><b>Chapter 4: Denying Service 37</b></p> <p>NTP Infrastructure 37</p> <p>NTP Reflection Attacks 38</p> <p>Attack Reporting 40</p> <p>Preventing SNMP Reflection 41</p> <p>DNS Resolvers 42</p> <p>Complicity 43</p> <p>Bringing a Nation to Its Knees 44</p> <p>Mapping Attacks 45</p> <p>Summary 46</p> <p><b>Chapter 5: Nping 49</b></p> <p>Functionality 49</p> <p>TCP 50</p> <p>Interpreter 51</p> <p>UDP 52</p> <p>ICMP 52</p> <p>ARP 53</p> <p>Payload Options 53</p> <p>Echo Mode 54</p> <p>Other Nping Options 57</p> <p>Summary 58</p> <p><b>Chapter 6: Logging Reconnoiters 59</b></p> <p>ICMP Misconceptions 59</p> <p>tcpdump 60</p> <p>Iptables 61</p> <p>Multipart Rules 64</p> <p>Log Everything for Forensic Analysis 64</p> <p>Hardening 65</p> <p>Summary 67</p> <p><b>Chapter 7: Nmap’s Prodigious NSE 69</b></p> <p>Basic Port Scanning 69</p> <p>The Nmap Scripting Engine 71</p> <p>Timing Templates 73</p> <p>Categorizing Scripts 74</p> <p>Contributing Factors 75</p> <p>Security Holes 75</p> <p>Authentication Checks 77</p> <p>Discovery 78</p> <p>Updating Scripts 79</p> <p>Script Type 80</p> <p>Regular Expressions 80</p> <p>Graphical User Interfaces 81</p> <p>Zenmap 81</p> <p>Summary 82</p> <p><b>Chapter 8: Malware Detection 85</b></p> <p>Getting Started 85</p> <p>Definition Update Frequency 85</p> <p>Malware Hash Registry 86</p> <p>Prevalent Threats 86</p> <p>LMD Features 86</p> <p>Monitoring Filesystems 88</p> <p>Installation 88</p> <p>Monitoring Modes 90</p> <p>Configuration 91</p> <p>Exclusions 91</p> <p>Running from the CLI 92</p> <p>Reporting 92</p> <p>Quarantining and Cleaning 93</p> <p>Updating LMD 94</p> <p>Scanning and Stopping Scans 94</p> <p>Cron Job 96</p> <p>Reporting Malware 96</p> <p>Apache Integration 96</p> <p>Summary 97</p> <p><b>Chapter 9: Password Cracking with Hashcat 99</b></p> <p>History 99</p> <p>Understanding Passwords 99</p> <p>Keyspace 100</p> <p>Hashes101</p> <p>Using Hashcat 103</p> <p>Hashcat Capabilities 103</p> <p>Installation 103</p> <p>Hash Identifi cation104</p> <p>Choosing Attack Mode 106</p> <p>Downloading a Wordlist 106</p> <p>Rainbow Tables 107</p> <p>Running Hashcat 107</p> <p>oclHashcat 110</p> <p>Hashcat-Utils 111</p> <p>Summary 111</p> <p><b>Chapter 10: SQL Injection Attacks 113</b></p> <p>History 113</p> <p>Basic SQLi 114</p> <p>Mitigating SQLi in PHP 115</p> <p>Exploiting SQL Flaws 117</p> <p>Launching an Attack 118</p> <p>Trying SQLi Legally 120</p> <p>Summary 121</p> <p>Index 123</p>
<p><b>CHRIS BINNIE</b> is a Technical Consultant with 20 years of experience working with Linux systems, and a writer for Linux Magazine and Admin Magazine. He built an Autonomous System Network in 2005, and served HD video to 77 countries via a media streaming platform that he architected and built. Over the course of his career, he has deployed many servers in the cloud and on banking and government server estates.
<p><b>LEVERAGE LINUX STABILITY AND SECURITY FEATURES TO KEEP YOUR SYSTEM SAFE</b> <p>Linux has become the most popular web server platform on the planet, which puts Linux security measures at the top of the priority list for every sysadmin—and every hacker. Linux has always been a hotbed of technology and developments in the security realm, with both offensive and defensive tools like knockd, netcat, Nmap, Nping, and others, but knowing how to exploit these tools the way a hacker would is becoming an increasingly essential part of keeping your system safe. Instead of chasing after the bad guy, learn to anticipate and block his every move. <p>Chris Binnie is a Linux veteran with server deployment experience in banking and government where security concerns are critical. Chris walks through challenging scenarios in a diverse array of security areas to demonstrate robust detection, prevention, and defensive techniques, providing the hard-won insight of experience every step of the way. These techniques apply across distributions, including Debian and Red Hat derivatives, and other Unix-type systems, and include the expert touches that make software packages work well with the operating system as well as with other packages. Linux enjoys a well-deserved reputation for bedrock stability, which is why it powers up to 70 percent of the Internet's public servers; this book provides the insight and skill set you need to keep it locked up tight. <p>Covering the hacker's favorite tools and biggest frustrations, <i>Linux Server Security</i> shows you how to: <ul> <li>Make your server invisible without disrupting services in production</li> <li>Fingerprint files to monitor filesystems manually or automatically</li> <li>Turn hacker's favorite tools against them as part of your defense</li> <li>Learn how hackers identify your system's weak points</li> <li>Explore the possibilities of standard Nmap scripts</li> <li>Defend against malware and fight off a DDoS attack</li> <li>Discover how easily websites are compromised and passwords are cracked</li> </ul>
Diese Produkte könnten Sie auch interessieren:
