Books & Videos

Table of Contents

  1. Chapter 1 Unix Host Security

    1. Hacks #1-20

    2. Secure Mount Points

    3. Scan for SUID and SGID Programs

    4. Scan For World- and Group-Writable Directories

    5. Create Flexible Permissions Hierarchies with POSIX ACLs

    6. Protect Your Logs from Tampering

    7. Delegate Administrative Roles

    8. Automate Cryptographic Signature Verification

    9. Check for Listening Services

    10. Prevent Services from Binding to an Interface

    11. Restrict Services with Sandboxed Environments

    12. Use proftp with a MySQL Authentication Source

    13. Prevent Stack-Smashing Attacks

    14. Lock Down Your Kernel with grsecurity

    15. Restrict Applications with grsecurity

    16. Restrict System Calls with Systrace

    17. Automated Systrace Policy Creation

    18. Control Login Access with PAM

    19. Restricted Shell Environments

    20. Enforce User and Group Resource Limits

    21. Automate System Updates

  2. Chapter 2 Windows Host Security

    1. Hacks #21-30

    2. Check Servers for Applied Patches

    3. Get a List of Open Files and Their Owning Processes

    4. List Running Services and Open Ports

    5. Enable Auditing

    6. Secure Your Event Logs

    7. Change Your Maximum Log File Sizes

    8. Disable Default Shares

    9. Encrypt Your Temp Folder

    10. Clear the Paging File at Shutdown

    11. Restrict Applications Available to Users

  3. Chapter 3 Network Security

    1. Hacks #31-53

    2. Detect ARP Spoofing

    3. Create a Static ARP Table

    4. Firewall with Netfilter

    5. Firewall with OpenBSD’s PacketFilter

    6. Create an Authenticated Gateway

    7. Firewall with Windows

    8. Keep Your Network Self-Contained

    9. Test Your Firewall

    10. MAC Filtering with Netfilter

    11. Block OS Fingerprinting

    12. Fool Remote Operating System Detection Software

    13. Keep an Inventory of Your Network

    14. Scan Your Network for Vulnerabilities

    15. Keep Server Clocks Synchronized

    16. Create Your Own Certificate Authority

    17. Distribute Your CA to Clients

    18. Encrypt IMAP and POP with SSL

    19. Set Up TLS-Enabled SMTP

    20. Detect Ethernet Sniffers Remotely

    21. Install Apache with SSL and suEXEC

    22. Secure BIND

    23. Secure MySQL

    24. Share Files Securely in Unix

  4. Chapter 4 Logging

    1. Hacks #54-60

    2. Run a Central Syslog Server

    3. Steer Syslog

    4. Integrate Windows into Your Syslog Infrastructure

    5. Automatically Summarize Your Logs

    6. Monitor Your Logs Automatically

    7. Aggregate Logs from Remote Sites

    8. Log User Activity with Process Accounting

  5. Chapter 5 Monitoring and Trending

    1. Hacks #61-66

    2. Monitor Availability

    3. Graph Trends

    4. Run ntop for Real-Time Network Stats

    5. Audit Network Traffic

    6. Collect Statistics with Firewall Rules

    7. Sniff the Ether Remotely

  6. Chapter 6 Secure Tunnels

    1. Hacks #67-81

    2. Set Up IPsec Under Linux

    3. Set Up IPsec Under FreeBSD

    4. Set Up IPsec in OpenBSD

    5. PPTP Tunneling

    6. Opportunistic Encryption with FreeS/WAN

    7. Forward and Encrypt Traffic with SSH

    8. Quick Logins with SSH Client Keys

    9. Squid Proxy over SSH

    10. Use SSH as a SOCKS Proxy

    11. Encrypt and Tunnel Traffic with SSL

    12. Tunnel Connections Inside HTTP

    13. Tunnel with VTun and SSH

    14. Automatic vtund.conf Generator

    15. Create a Cross-Platform VPN

    16. Tunnel PPP

  7. Chapter 7 Network Intrusion Detection

    1. Hacks #82-95

    2. Detect Intrusions with Snort

    3. Keep Track of Alerts

    4. Real-Time Monitoring

    5. Manage a Sensor Network

    6. Write Your Own Snort Rules

    7. Prevent and Contain Intrusions with Snort_inline

    8. Automated Dynamic Firewalling with SnortSam

    9. Detect Anomalous Behavior

    10. Automatically Update Snort’s Rules

    11. Create a Distributed Stealth Sensor Network

    12. Use Snort in High-Performance Environments with Barnyard

    13. Detect and Prevent Web Application Intrusions

    14. Simulate a Network of Vulnerable Hosts

    15. Record Honeypot Activity

  8. Chapter 8 Recovery and Response

    1. Hacks #96-100

    2. Image Mounted Filesystems

    3. Verify File Integrity and Find Compromised Files

    4. Find Compromised Packages with RPM

    5. Scan for Root Kits

    6. Find the Owner of a Network

  1. Colophon