Linux Hardening in Hostile Networks

Server Security from TLS to Tor

Nonfiction, Computers, Operating Systems, Linux, Networking & Communications
Cover of the book Linux Hardening in Hostile Networks by Kyle Rankin, Pearson Education
View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart
Author: Kyle Rankin ISBN: 9780134173320
Publisher: Pearson Education Publication: July 17, 2017
Imprint: Addison-Wesley Professional Language: English
Author: Kyle Rankin
ISBN: 9780134173320
Publisher: Pearson Education
Publication: July 17, 2017
Imprint: Addison-Wesley Professional
Language: English

Implement Industrial-Strength Security on Any Linux Server

 

In an age of mass surveillance, when advanced cyberwarfare weapons rapidly migrate into every hacker’s toolkit, you can’t rely on outdated security methods–especially if you’re responsible for Internet-facing services. In Linux® Hardening in Hostile Networks, Kyle Rankin helps you to implement modern safeguards that provide maximum impact with minimum effort and to strip away old techniques that are no longer worth your time.

 

Rankin provides clear, concise guidance on modern workstation, server, and network hardening, and explains how to harden specific services, such as web servers, email, DNS, and databases. Along the way, he demystifies technologies once viewed as too complex or mysterious but now essential to mainstream Linux security. He also includes a full chapter on effective incident response that both DevOps and SecOps can use to write their own incident response plan.

 

Each chapter begins with techniques any sysadmin can use quickly to protect against entry-level hackers and presents intermediate and advanced techniques to safeguard against sophisticated and knowledgeable attackers, perhaps even state actors. Throughout, you learn what each technique does, how it works, what it does and doesn’t protect against, and whether it would be useful in your environment.

  • Apply core security techniques including 2FA and strong passwords
  • Protect admin workstations via lock screens, disk encryption, BIOS passwords, and other methods
  • Use the security-focused Tails distribution as a quick path to a hardened workstation
  • Compartmentalize workstation tasks into VMs with varying levels of trust
  • Harden servers with SSH, use apparmor and sudo to limit the damage attackers can do, and set up remote syslog servers to track their actions
  • Establish secure VPNs with OpenVPN, and leverage SSH to tunnel traffic when VPNs can’t be used
  • Configure a software load balancer to terminate SSL/TLS connections and initiate new ones downstream
  • Set up standalone Tor services and hidden Tor services and relays
  • Secure Apache and Nginx web servers, and take full advantage of HTTPS
  • Perform advanced web server hardening with HTTPS forward secrecy and ModSecurity web application firewalls
  • Strengthen email security with SMTP relay authentication, SMTPS, SPF records, DKIM, and DMARC
  • Harden DNS servers, deter their use in DDoS attacks, and fully implement DNSSEC
  • Systematically protect databases via network access control, TLS traffic encryption, and encrypted data storage
  • Respond to a compromised server, collect evidence, and prevent future attacks

Register your product at informit.com/register for convenient access to downloads, updates, and corrections as they become available.

View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart

Implement Industrial-Strength Security on Any Linux Server

 

In an age of mass surveillance, when advanced cyberwarfare weapons rapidly migrate into every hacker’s toolkit, you can’t rely on outdated security methods–especially if you’re responsible for Internet-facing services. In Linux® Hardening in Hostile Networks, Kyle Rankin helps you to implement modern safeguards that provide maximum impact with minimum effort and to strip away old techniques that are no longer worth your time.

 

Rankin provides clear, concise guidance on modern workstation, server, and network hardening, and explains how to harden specific services, such as web servers, email, DNS, and databases. Along the way, he demystifies technologies once viewed as too complex or mysterious but now essential to mainstream Linux security. He also includes a full chapter on effective incident response that both DevOps and SecOps can use to write their own incident response plan.

 

Each chapter begins with techniques any sysadmin can use quickly to protect against entry-level hackers and presents intermediate and advanced techniques to safeguard against sophisticated and knowledgeable attackers, perhaps even state actors. Throughout, you learn what each technique does, how it works, what it does and doesn’t protect against, and whether it would be useful in your environment.

Register your product at informit.com/register for convenient access to downloads, updates, and corrections as they become available.

More books from Pearson Education

Cover of the book Acquisition Essentials by Kyle Rankin
Cover of the book Market Volume is the Force by Kyle Rankin
Cover of the book Microsoft OneNote 2013 Plain & Simple by Kyle Rankin
Cover of the book Using Kindle by Kyle Rankin
Cover of the book My Office 2013 RT by Kyle Rankin
Cover of the book Sams Teach Yourself Java in 24 Hours by Kyle Rankin
Cover of the book Presentation Now by Kyle Rankin
Cover of the book Learning Android Game Programming by Kyle Rankin
Cover of the book Basic Candlestick Chart Investing by Kyle Rankin
Cover of the book Mastering the Model Shoot by Kyle Rankin
Cover of the book Enterprise Software Security by Kyle Rankin
Cover of the book Making Meaning: How Successful Businesses Deliver Meaningful Customer Experiences by Kyle Rankin
Cover of the book The Addicted Brain: Why We Abuse Drugs, Alcohol, and Nicotine by Kyle Rankin
Cover of the book Sams Teach Yourself Web Services in 24 Hours by Kyle Rankin
Cover of the book MOS 2016 Study Guide for Microsoft Access by Kyle Rankin
We use our own "cookies" and third party cookies to improve services and to see statistical information. By using this website, you agree to our Privacy Policy