Linux Server Security (2nd Edition( [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Linux Server Security (2nd Edition( [Electronic resources] - نسخه متنی

Michael D. Bauer

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Section 6.1. DNS Basics

Section 6.2. DNS Security Principles

Section 6.3. Selecting a DNS Software Package

Section 6.4. Securing BIND

Section 6.5. djbdns

Section 6.6. Resources

Chapter 7. Using LDAP for Authentication

Section 7.1. LDAP Basics

Section 7.2. Setting Up the Server

Section 7.3. LDAP Database Management

Section 7.4. Conclusions

Section 7.5. Resources

Chapter 8. Database Security

Section 8.1. Types of Security Problems

Section 8.2. Server Location

Section 8.3. Server Installation

Section 8.4. Database Operation

Section 8.5. Resources

Chapter 9. Securing Internet Email

Section 9.1. Background: MTA and SMTP Security

Section 9.2. Using SMTP Commands to Troubleshootand Test SMTP Servers

Section 9.3. Securing Your MTA

Section 9.4. Sendmail

Section 9.5. Postfix

Section 9.6. Mail Delivery Agents

Section 9.7. A Brief Introduction to Email Encryption

Section 9.8. Resources

Chapter 10. Securing Web Servers

Section 10.1. Web Security

Section 10.2. The Web Server

Section 10.3. Web Content

Section 10.4. Web Applications

Section 10.5. Layers of Defense

Section 10.6. Resources

Chapter 11. Securing File Services

Section 11.1. FTP Security

Section 11.2. Other File-Sharing Methods

Section 11.3. Resources

Chapter 12. System Log Management and Monitoring

Section 12.1. syslog

Section 12.2. Syslog-ng

Section 12.3. Testing System Logging with logger

Section 12.4. Managing System Logfiles with logrotate

Section 12.5. Using Swatch for Automated Log Monitoring

Section 12.6. Some Simple Log-Reporting Tools

Section 12.7. Resources

Chapter 13. Simple Intrusion Detection Techniques

Section 13.1. Principles of Intrusion Detection Systems

Section 13.2. Using Tripwire

Section 13.3. Other Integrity Checkers

Section 13.4. Snort

Section 13.5. Resources

Colophon
توضیحات
افزودن یادداشت جدید







What This Book Is About


Acknowledging that system security is, on some level, futile is my
way of admitting that this book isn't really about
"Linux server security,"[1] at least not in any
absolute sense. Clearly, the only way to make a computer
absolutely secure is to disconnect it from the
network, power it down, repeatedly degauss its hard drive and memory,
and pulverize the whole thing into dust. This book contains very
little information on degaussing or pulverizing. However, it contains
a great deal of practical advice on the following:

[1] My original title was Attempting to Enhance Certain
Elements of Linux System Security in the Face of Overwhelming Odds:
Yo Arms Too Short to Box with God, but this was vetoed by
my editor (thanks, Andy!).


How to think about threats and risks, and the appropriate responses
to them How to protect publicly accessible hosts via good network design How to "harden" a fresh
installation of Linux and keep it patched against newly discovered
vulnerabilities with a minimum of ongoing effort How to make effective use of the security features of some
particularly popular and securable server applications How to implement some powerful security applications, including
Nessus and Snort
In particular, this book is about
"bastionizing" Linux servers. The
term bastion host can legitimately be used several ways,
one of which is as a synonym for firewall. (This book is
not about building Linux firewalls, though much of what I
cover can and should be done on firewalls.) My definition of
bastion host is a carefully configured, closely
monitored host that provides restricted but publicly accessible
services to nontrusted users and systems. Since the biggest, most
important, and least trustworthy public network is the Internet, my
focus is on creating Linux bastion hosts for Internet use.

I have several reasons for this seemingly narrow focus. First, Linux
has been particularly successful as a server platform: even in
organizations that otherwise rely heavily on commercial operating
systems such as Microsoft Windows, Linux is often deployed in
"infrastructure" roles, such as
SMTP gateway and DNS server, due to its reliability, low cost, and
the outstanding quality of its server applications.

Second, Linux and TCP/IP, the lingua franca of
the Internet, go together. Anything that can be done on a TCP/IP
network can be done with Linux, and done extremely well, with very
few exceptions. There are many, many different kinds of TCP/IP
applications, of which I can only cover a subset if I want to do so
in depth. Internet server applications are an important subset.

Third, this is my area of expertise. Since the mid-90s my career has
focused on network and system security; I've spent a
lot of time building Internet-worthy Unix and Linux systems. By
reading this book, you will hopefully benefit from some of the
experience I've gained along the way.


/ 94