Linux Security Cookbook

Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new "Linux Security Cookbook" does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes-short, focused pieces of code that administrators can use to improve security and perform common tasks securely. The book includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure. Some of the "recipes" you'll find in this book are: controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more; monitoring your network with tcpdump, dsniff, netstat, and other tools; protecting network connections with Secure Shell (SSH) and stunnel; safeguarding email sessions with Secure Sockets Layer (SSL); encrypting files and email messages with GnuPG; and probing your own security with password crackers, nmap, and handy scripts.