Hardening Linux
Chapter 1: Critical First Steps
- Figure 1-1: Output of w command
- Figure 1-2: Example output from the last log file
- Figure 1-3: Example var/log/ messages file entries showing attempted failed intrusions
Chapter 2: Hardening Network Access: Disable Unnecessary Services
- Figure 2-1: SLES8 YaST2 menu hierarchy for the Runlevel Editor
- Figure 2-2: Runlevel Editor detail in SLES8
- Figure 2-3: YaST2 menu hierarchy for invoking inetd services GUI
- Figure 2-4: Menu hierarchy for serviceconf in Red Hat Enterprise Linux AS 3.0
- Figure 2-5: serviceconf window with default services enabled
- Figure 2-6: Save changes in serviceconf
- Figure 2-7: The TKSYSV GUI
- Figure 2-8: Runlevel information for systems services from chkconfig
Chapter 3: Installing Firewalls and Filters
- Figure 3-1: Red Hat Linux, no firewall rules present
- Figure 3-2: Red Hat Linux, firewall rules enabled
- Figure 3-3: The anatomy of a MAC address
- Figure 3-4: The addressing layers in TCP/IP
- Figure 3-5: Firewall rule bounds in a dual- homed host
- Figure 3-6: SUSE Linux Firewall Configuration (Step 1 of 4): Basic Settings
- Figure 3-7: SUSE Linux Firewall Configuration (Step 2 of 4): Services
- Figure 3-8: SUSE Linux Firewall Configuration (Step 3 of 4): Features
- Figure 3-9: SUSE Linux Firewall Configuration (Step 4 of 4): Logging Options
- Figure 3-10: SUSE Linux Save settings and activate firewall
- Figure 3-11: SUSE Linux Firewall configurationsaving settings
- Figure 3-12: The Red Hat firewall configuration tool
- Figure 3-13: The Red Hat firewall configuration confirmation
Chapter 4: Hardening Software Accessibility
- Figure 4-1: rpm -qa output
- Figure 4-2: SUSE package manager
- Figure 4-3: Red Hat package manager
- Figure 4-4: rpm -qi telnet output
- Figure 4-5: SUSE package manager query
- Figure 4-6: Red Hat package manager query
- Figure 4-7: Sample software list table
- Figure 4-8: rpm -q --whatrequires command tree
- Figure 4-9: rpm -e --test output
- Figure 4-10: SUSE package manager
- Figure 4-11: YaST2 search for Nmap
- Figure 4-12: YaST2 CD prompt
- Figure 4-13: md5sum output
- Figure 4-14: MD5 verification
- Figure 4-15: GPG import key
- Figure 4-16: GPG good signature
Chapter 5: Preparing for Disaster
- Figure 5-1: Red Hat Kickstart editor
- Figure 5-2: SUSE change source of installation
- Figure 5-3: SUSE Autoyast preference settings
- Figure 5-4: SUSE Autoyast showing entry of the filename clone.xml
- Figure 5-5: SUSE AutoYaST utility ready to save the clone.xml profile file
- Figure 5-6: SUSE Autoyast selection of the clone.xml profile
- Figure 5-7: SUSE Autoyast Create Custom CD screen
- Figure 5-8: SUSE Autoyast ready to create the ISO image
- Figure 5-9: SUSE Autoyast ISO file has been created
- Figure 5-10: YaST2 backup showing selection of backup archive location and type
- Figure 5-11: YaST2 backup showing exclusion of the /nfs mounted resources
Chapter 9: Restricted Execution Environments
- Figure 9-1: The make menuconfig step for BusyBox
- Figure 9-2: Set the BusyBox installation target to the chroot environment.
- Figure 9-3: Example spec file
Chapter 10: Hardening Communications
- Figure 10-1: SSH initialization
- Figure 10-2: SSH key fingerprint
- Figure 10-3: SSH warning message
- Figure 10-4: Generating SSH keys
- Figure 10-5: Putting a public key on remote server
- Figure 10-6: Using ssh-agent
- Figure 10-7: Remote command execution
- Figure 10-8: scp usage
- Figure 10-9: IPSec tunnel set up between two subnetworks
Chapter 11: Install Network Monitoring Software
- Figure 11-1: Ethereal startup screen
- Figure 11-2: Ethereal Capture options
- Figure 11-3: Ethereal protocol statistics
- Figure 11-4: Ethereal packet capture
- Figure 11-5: Snort-created directories
Chapter 13: Patch Management and Monitoring
- Figure 13-1: Root password prompt
- Figure 13-2: Select Online Update
- Figure 13-3: Main Online Update screen
- Figure 13-4: Batch selection
- Figure 13-5: Package retrieval
- Figure 13-6: Package installation
- Figure 13-7: Installation wrap-up
- Figure 13-8: Terms of Service
- Figure 13-9: Proxy Configuration
- Figure 13-10: No registration warning
- Figure 13-11: Red Hat Network Configuration
- Figure 13-12: Red Hat Network login
- Figure 13-13: Hardware profile registration
- Figure 13-14: Register profile packages
- Figure 13-15: Red Hat Update Agent welcome screen
- Figure 13-16: Red Hat channels information
- Figure 13-17: Available packages
- Figure 13-18: Package dependency resolution
- Figure 13-19: Package retrieval
- Figure 13-20: Package installation
- Figure 13-21: up2date complete
Chapter 14: Self-Monitoring Tools
- Figure 14-1: Tripwire installation
- Figure 14-2: Sample Tripwire report
- Figure 14-3: John the Ripper output
- Figure 14-4: Showing passwords in John the Ripper
- Figure 14-5: Nmap Front End
- Figure 14-6: Default NmapFE scan
- Figure 14-7: Nmap with Version Probe
- Figure 14-8: Nessus warning screen
- Figure 14-9: Nessus initial screen
- Figure 14-10: Nessus target selection
- Figure 14-11: Nessus scanning host
- Figure 14-12: Nessus report
- Figure 14-13: HTML Nessus report
Chapter 15: Budget Acquisition and Corporate Commitment to Security
- Figure 15-1: Basic risk assessment worksheet
- Figure 15-2: Sample completed basic risk assessment worksheet
- Figure 15-3: Sample incident cost report
Chapter 16: Establishing a Security Campaign
- Figure 16-1: Sample security policy