skip to content
Hacking exposed Linux : Linux security secrets & solutions Preview this item
ClosePreview this item
Checking...

Hacking exposed Linux : Linux security secrets & solutions

Author: Brian Hatch; ISECOM (Organization)
Publisher: New York, NY : McGraw-Hill, ©2008.
Edition/Format:   Print book : English : 3rd edView all editions and formats
Summary:
Synopsis: The Latest Linux Security Solutions. This authoritative guide will help you secure your Linux network-whether you use Linux as a desktop OS, for Internet services, for telecommunications, or for wireless services. Completely rewritten the ISECOM way, Hacking Exposed Linux, Third Edition provides the most up-to-date coverage available from a large team of topic-focused experts. The book is based on the  Read more...
Rating:

(not yet rated) 0 with reviews - Be the first.

Subjects
More like this

Find a copy in the library

&AllPage.SpinnerRetrieving; Finding libraries that hold this item...

Details

Material Type: Internet resource
Document Type: Book, Internet Resource
All Authors / Contributors: Brian Hatch; ISECOM (Organization)
ISBN: 9780072262575 0072262575
OCLC Number: 234073834
Notes: Previous ed. under title: Hacking Linux exposed / Brian Hatch, 2003.
Description: xxxiii, 613 pages : illustrations ; 23 cm
Contents: Foreword --
Acknowledgments --
Introduction --
Part 1: Security And Controls --
1: Applying security --
Case study --
Free from risk --
Four comprehensive constraints --
Elements of security --
Summary --
2: Applying interactive controls --
Case study --
Five interactive controls --
Summary --
3: Applying process controls --
Case study --
Five process controls --
Summary --
Part 2: Hacking The System --
4: Local access control --
Case study --
Physical access to Linux systems --Console access --
Privilege escalation --
Sudo --
File permissions and attributes --
Chrooting --
Physical access, encryption, and password recovery --
Volatile data --
Summary --
5: Data networks security --
Case study --
Network visibility --
Network and systems profiling --
Network architecture --
Covert communications and clandestine administration --
Summary --
6: Unconventional data attack vectors --
Case study --
Overview of PSTN, ISDN, and PSDN attack vectors --
Introducing PSTN --
Introducing ISDN --
Introducing PSDN and X-25 --
Communication network attacks --
Tests to perform --
PSTN --
ISDN --
PSDN --
Tools to use --
PAW and PAWS --
Intelligent wardialer --
Shokdial --
Ward --
THCscan next generation --
PSDN testing tools --
Admx25 --
Sun solaris multihread and multichannel X-25 scanner --
Vudu --
Tscan --
Common banners --
How X-25 networks work --
Basic elements --
Call setup --
Error codes --
X-3/X-28 PAD answer codes --
X-25 addressing format --
DCC annex list --
Key points for getting X-25 access --
X-28 dialup with NUI --
X-28 dialup via reverse charge --
Private X-28 PAD via a standard or toll-free PSTN or ISDN --
Number --
Internet to x-25 gateways --
Cisco systems --
VAX/VMS or AXP/opens VMS --
NIX systems --
Summary --
7: Voice over IP --
Case study --
VoIP attack taxonomy --
Network attacks --
System attacks --
Signaling attacks --
Introduction to VoIP testing tools --
Transport attacks --
VoIP security challenges --
Firewalls and NAT --
Encryption --
Summary --
8: Wireless networks --
Case study --
State of the wireless --
Wireless hacking physics: radio frequency --
RF spectrum analysis --
Exploiting 802-11 the hacker way --
Wireless auditing activities and procedures --
Auditing wireless policies --
Summary --
9: Input/output devices --
Case study --
About bluetooth --
Bluetooth profiles --
Entities on the bluetooth protocol stack --
Summary --
10: RFID-radio frequency identification --
Case study --
History of RFID: Leon theremin and "the thing" --
Identification-friend-or-foe --
RFID components --
Purpose of RFID --
Passive tags --
Active tags --
RFID uses --
RFID-enabled passports --
Ticketing --
Other current RFID uses --
RFID frequency standards --
RFID technology standards --
RFID attacks --
RFID hacker's toolkit --
Implementing RFID systems using Linux --
RFID readers connected to a Linux system --
RFID readers with embedded Linux --
Linux systems as backend/middleware/database --
Servers in RFID systems --
Linux and RFID-related projects and products --
OpenMRTD --
OpenPCD --
Open PICC --
Magellan technology --
PFIDiot --
RFID guardian --
OpenBeacon --
Ominkey --
Linux RFID kit --
Summary --
11: Emanation attacks --
Case study --
Van Eck Phreaking --
Other "side-channel" attacks --
Summary --
12: Trusted computing --
Case study --
Introduction to trusted computing --
Platform attack taxonomy --
Hardware attacks --
Low-level software attacks --
System software attacks --
Application attacks --
General support for trusted computing applications --
TPM device driver --
TrouSerS --
TPM emulator --
jTSS wrapper --
TPM manager --
Examples of trusted computing applications --
Enforcer --
TrustedGRUB (tGrub) --
TPM keyring --
Turaya, VPN and Turaya-Crypt --
Open trusted computing --
TCG industrial applications --
Summary --
Part 3: Hacking The Users --
13: Web application hacking --
Case study --
Enumeration --
Access and controls exploitation --
Insufficient data validation --
Web 2-0 attacks --
Trust manipulation --
Trust and awareness hijacking --
Man-in-the-middle --
Web infrastructure attacks --
Summary --
14: Mail services --
Case SMTP basics --
Understanding sender and envelope sender --
Email routing --
SMTP attach taxonomy --
Fraud --
Alteration of data or integrity --
Denial of service or availability --
Summary --
15: Name services --
Case study --
DNS basics --
DNS and IPv6 --
Social aspect: DNS and Phishing --
WHOIS and domain registration and domain hijacking --
Technical aspect: spoofing, cache poisoning, and other attacks --
Bind hardening --
Summary --
Part 4: Care And Maintenance --
16: Reliability: static analysis of C code --
Case study --
Formal vs semiformal methods --
Semiformal methods --
Formal methods --
Static analysis --
C code static analysis --
Analyzing C code using hoare logics --
Weakest precondition calculus --
Verification conditions --
Termination --
Methodology --
Some C analysis tools --
Tools based on abstract interpretation --
Tools based on hoare logics --
Tools based on model checking --
Additional references --
Summary --
17: Security tweaks in the Linux kernel --
Linux security modules --
CryptoAPI --
NetFilter enhancements --
Enhanced wireless stack --
File system enhancement --
POSIX access control lists --
NFSv4 --
Additional kernel resources --
Man pages online --
Online documentation --
Other references --
Part 5: Appendixes --
A: Management and maintenance --
Best practices node setup --
Use cryptographically secured services --
Prevention against brute-force --
Deny all, allow specifically --
One-time passwords --
Automated scanning techniques --
Lock out on too high fail count --
Avoid loadable kernel module feature --
Enforce password policy --
Use sudo for system administration tasks --
Check IPv6 status --
Justify enabled daemons --
Set mount and filesystem options --
Harden a system through/proc --
Passwords --
Hardware health --
Checking log files --
Best practices network environment setup --
Ingress and egress filtering --
Build network segments and host-based firewalls --
Perform time synchronization --
Watch security mailing lists --
Collect log files at a central place --
Collect statistics within the network --
Use VPN for remote management --
Additional helpful tools --
Intrusion detection systems --
System monitoring --
Replace legacy applications --
Xinetd --
Syslog-ng --
Daemontools --
Other service management tools --
Automating system administration --
Perl scripting language --
Cfengine --
B: Linux forensics and data recovery --
Hardware: the forensic workstation --
Hardware: other valuable tools --
Software: operating system --
Software tools --
So, where should you start from? --
Live investigation/acquisition --
Post mortem analysis --
Handling electronic evidence --
Legislative regulations --
Definition of electronic evidence --
Equivalence of traditional evidence to electronic evidence --
Advantages and disadvantages of electronic evidence --
Working with electronic evidence --
Requirements that electronic evidence must fulfill to be admitted in court --
C: BSD --
Overview of BSD projects --
Security features found in all BSDs --
Securelevel --
Security scripts --
Sysctl(8) --
Rc-conf --
Rc-subr(8) --
Chflags(1) --
Ttys(5) --
Sshd-config(5) --
Blowfish support --
System accounting --
Ipsec(4) --
Randomness --
Chroot(8) --
FreeBSD --
ACLs --
MAC policies --
OpenBSM --
OpenPAM --
Jail(8) --
VuXML --
Portaudit(1) --
Gbde(4) --
Geli(8) --
NetBSD --
Kauth(9) --
Veriexec(4) --
Pw-policy(3) --
Fileassoc(9) --
Audit-packages --
Vgd(4) --
Clockctl(4) --
OpenBSD --
ProPolice --
WAX --
Systrace(1) --
Encripted swap --
Pf(4) firewall features --
BSD security advisories --
Additional BSD resources --
Online man pages --
Online documentation --
Books --
Index.
Responsibility: ISECOM.
More information:

Abstract:

Based on the Linux 2.6 kernel, this title reveals Linux attacks, countermeasures, and case studies. It helps to learn how to secure any version of Linux that you are running.  Read more...

Reviews

User-contributed reviews
Retrieving GoodReads reviews...
Retrieving DOGObooks reviews...

Tags

Be the first.
Confirm this request

You may have already requested this item. Please select Ok if you would like to proceed with this request anyway.

Linked Data


Primary Entity

<http://www.worldcat.org/oclc/234073834> # Hacking exposed Linux : Linux security secrets & solutions
    a schema:Book, schema:CreativeWork ;
   library:oclcnum "234073834" ;
   library:placeOfPublication <http://experiment.worldcat.org/entity/work/data/3873232786#Place/new_york_ny> ; # New York, NY
   library:placeOfPublication <http://id.loc.gov/vocabulary/countries/nyu> ;
   rdfs:seeAlso <http://experiment.worldcat.org/entity/work/data/3873232786#CreativeWork/hacking_linux_exposed> ; # Hacking Linux exposed.
   schema:about <http://experiment.worldcat.org/entity/work/data/3873232786#Topic/computersicherheit> ; # Computersicherheit
   schema:about <http://id.worldcat.org/fast/1382136> ; # Linux.
   schema:about <http://id.worldcat.org/fast/872484> ; # Computer security
   schema:about <http://dewey.info/class/005.8/e22/> ;
   schema:about <http://experiment.worldcat.org/entity/work/data/3873232786#CreativeWork/linux> ; # Linux.
   schema:about <http://experiment.worldcat.org/entity/work/data/3873232786#Topic/linux> ; # LINUX
   schema:about <http://experiment.worldcat.org/entity/work/data/3873232786#Topic/datensicherung> ; # Datensicherung
   schema:about <http://experiment.worldcat.org/entity/work/data/3873232786#Topic/rechnernetz> ; # Rechnernetz
   schema:about <http://experiment.worldcat.org/entity/work/data/3873232786#Topic/hacker> ; # Hacker
   schema:bookEdition "3rd ed." ;
   schema:bookFormat bgn:PrintBook ;
   schema:contributor <http://viaf.org/viaf/19896849> ; # Brian Hatch
   schema:contributor <http://viaf.org/viaf/132396516> ; # ISECOM (Organization)
   schema:copyrightYear "2008" ;
   schema:datePublished "2008" ;
   schema:description "Foreword -- Acknowledgments -- Introduction -- Part 1: Security And Controls -- 1: Applying security -- Case study -- Free from risk -- Four comprehensive constraints -- Elements of security -- Summary -- 2: Applying interactive controls -- Case study -- Five interactive controls -- Summary -- 3: Applying process controls -- Case study -- Five process controls -- Summary -- Part 2: Hacking The System -- 4: Local access control -- Case study -- Physical access to Linux systems --Console access -- Privilege escalation -- Sudo -- File permissions and attributes -- Chrooting -- Physical access, encryption, and password recovery -- Volatile data -- Summary -- 5: Data networks security -- Case study -- Network visibility -- Network and systems profiling -- Network architecture -- Covert communications and clandestine administration -- Summary -- 6: Unconventional data attack vectors -- Case study -- Overview of PSTN, ISDN, and PSDN attack vectors -- Introducing PSTN -- Introducing ISDN -- Introducing PSDN and X-25 -- Communication network attacks -- Tests to perform -- PSTN -- ISDN -- PSDN -- Tools to use -- PAW and PAWS -- Intelligent wardialer -- Shokdial -- Ward -- THCscan next generation -- PSDN testing tools -- Admx25 -- Sun solaris multihread and multichannel X-25 scanner -- Vudu -- Tscan -- Common banners -- How X-25 networks work -- Basic elements -- Call setup -- Error codes -- X-3/X-28 PAD answer codes -- X-25 addressing format -- DCC annex list -- Key points for getting X-25 access -- X-28 dialup with NUI -- X-28 dialup via reverse charge -- Private X-28 PAD via a standard or toll-free PSTN or ISDN -- Number -- Internet to x-25 gateways -- Cisco systems -- VAX/VMS or AXP/opens VMS -- NIX systems -- Summary -- 7: Voice over IP -- Case study -- VoIP attack taxonomy -- Network attacks -- System attacks -- Signaling attacks -- Introduction to VoIP testing tools -- Transport attacks -- VoIP security challenges -- Firewalls and NAT -- Encryption -- Summary -- 8: Wireless networks -- Case study -- State of the wireless -- Wireless hacking physics: radio frequency -- RF spectrum analysis -- Exploiting 802-11 the hacker way -- Wireless auditing activities and procedures -- Auditing wireless policies -- Summary -- 9: Input/output devices -- Case study -- About bluetooth -- Bluetooth profiles -- Entities on the bluetooth protocol stack -- Summary -- 10: RFID-radio frequency identification -- Case study -- History of RFID: Leon theremin and "the thing" -- Identification-friend-or-foe -- RFID components -- Purpose of RFID -- Passive tags -- Active tags -- RFID uses -- RFID-enabled passports -- Ticketing -- Other current RFID uses -- RFID frequency standards -- RFID technology standards -- RFID attacks -- RFID hacker's toolkit -- Implementing RFID systems using Linux -- RFID readers connected to a Linux system -- RFID readers with embedded Linux -- Linux systems as backend/middleware/database -- Servers in RFID systems -- Linux and RFID-related projects and products -- OpenMRTD -- OpenPCD -- Open PICC -- Magellan technology -- PFIDiot -- RFID guardian -- OpenBeacon -- Ominkey -- Linux RFID kit -- Summary -- 11: Emanation attacks -- Case study -- Van Eck Phreaking -- Other "side-channel" attacks -- Summary -- 12: Trusted computing -- Case study -- Introduction to trusted computing -- Platform attack taxonomy -- Hardware attacks -- Low-level software attacks -- System software attacks -- Application attacks -- General support for trusted computing applications -- TPM device driver -- TrouSerS -- TPM emulator -- jTSS wrapper -- TPM manager -- Examples of trusted computing applications -- Enforcer -- TrustedGRUB (tGrub) -- TPM keyring -- Turaya, VPN and Turaya-Crypt -- Open trusted computing -- TCG industrial applications -- Summary -- Part 3: Hacking The Users -- 13: Web application hacking -- Case study -- Enumeration -- Access and controls exploitation -- Insufficient data validation -- Web 2-0 attacks -- Trust manipulation -- Trust and awareness hijacking -- Man-in-the-middle -- Web infrastructure attacks -- Summary -- 14: Mail services -- Case SMTP basics -- Understanding sender and envelope sender -- Email routing -- SMTP attach taxonomy -- Fraud -- Alteration of data or integrity -- Denial of service or availability -- Summary -- 15: Name services -- Case study -- DNS basics -- DNS and IPv6 -- Social aspect: DNS and Phishing -- WHOIS and domain registration and domain hijacking -- Technical aspect: spoofing, cache poisoning, and other attacks -- Bind hardening -- Summary -- Part 4: Care And Maintenance -- 16: Reliability: static analysis of C code -- Case study -- Formal vs semiformal methods -- Semiformal methods -- Formal methods -- Static analysis -- C code static analysis -- Analyzing C code using hoare logics -- Weakest precondition calculus -- Verification conditions -- Termination -- Methodology -- Some C analysis tools -- Tools based on abstract interpretation -- Tools based on hoare logics -- Tools based on model checking -- Additional references -- Summary -- 17: Security tweaks in the Linux kernel -- Linux security modules -- CryptoAPI -- NetFilter enhancements -- Enhanced wireless stack -- File system enhancement -- POSIX access control lists -- NFSv4 -- Additional kernel resources -- Man pages online -- Online documentation -- Other references -- Part 5: Appendixes -- A: Management and maintenance -- Best practices node setup -- Use cryptographically secured services -- Prevention against brute-force -- Deny all, allow specifically -- One-time passwords -- Automated scanning techniques -- Lock out on too high fail count -- Avoid loadable kernel module feature -- Enforce password policy -- Use sudo for system administration tasks -- Check IPv6 status -- Justify enabled daemons -- Set mount and filesystem options -- Harden a system through/proc -- Passwords -- Hardware health -- Checking log files -- Best practices network environment setup -- Ingress and egress filtering -- Build network segments and host-based firewalls -- Perform time synchronization -- Watch security mailing lists -- Collect log files at a central place -- Collect statistics within the network -- Use VPN for remote management -- Additional helpful tools -- Intrusion detection systems -- System monitoring -- Replace legacy applications -- Xinetd -- Syslog-ng -- Daemontools -- Other service management tools -- Automating system administration -- Perl scripting language -- Cfengine -- B: Linux forensics and data recovery -- Hardware: the forensic workstation -- Hardware: other valuable tools -- Software: operating system -- Software tools -- So, where should you start from? -- Live investigation/acquisition -- Post mortem analysis -- Handling electronic evidence -- Legislative regulations -- Definition of electronic evidence -- Equivalence of traditional evidence to electronic evidence -- Advantages and disadvantages of electronic evidence -- Working with electronic evidence -- Requirements that electronic evidence must fulfill to be admitted in court -- C: BSD -- Overview of BSD projects -- Security features found in all BSDs -- Securelevel -- Security scripts -- Sysctl(8) -- Rc-conf -- Rc-subr(8) -- Chflags(1) -- Ttys(5) -- Sshd-config(5) -- Blowfish support -- System accounting -- Ipsec(4) -- Randomness -- Chroot(8) -- FreeBSD -- ACLs -- MAC policies -- OpenBSM -- OpenPAM -- Jail(8) -- VuXML -- Portaudit(1) -- Gbde(4) -- Geli(8) -- NetBSD -- Kauth(9) -- Veriexec(4) -- Pw-policy(3) -- Fileassoc(9) -- Audit-packages -- Vgd(4) -- Clockctl(4) -- OpenBSD -- ProPolice -- WAX -- Systrace(1) -- Encripted swap -- Pf(4) firewall features -- BSD security advisories -- Additional BSD resources -- Online man pages -- Online documentation -- Books -- Index."@en ;
   schema:description "Synopsis: The Latest Linux Security Solutions. This authoritative guide will help you secure your Linux network-whether you use Linux as a desktop OS, for Internet services, for telecommunications, or for wireless services. Completely rewritten the ISECOM way, Hacking Exposed Linux, Third Edition provides the most up-to-date coverage available from a large team of topic-focused experts. The book is based on the latest ISECOM security research and shows you, in full detail, how to lock out intruders and defend your Linux systems against catastrophic attacks. Secure Linux by using attacks and countermeasures from the latest OSSTMM research; Follow attack techniques of PSTN, ISDN, and PSDN over Linux; Harden VoIP, Bluetooth, RF, RFID, and IR devices on Linux; Block Linux signal jamming, cloning, and eavesdropping attacks; Apply Trusted Computing and cryptography tools for your best defense; Fix vulnerabilities in DNS, SMTP, and Web 2.0 services; Prevent SPAM, Trojan, phishing, DoS, and DDoS exploits; Find and repair errors in C code with static analysis and Hoare Logic."@en ;
   schema:exampleOfWork <http://worldcat.org/entity/work/id/3873232786> ;
   schema:inLanguage "en" ;
   schema:name "Hacking exposed Linux : Linux security secrets & solutions"@en ;
   schema:productID "234073834" ;
   schema:publication <http://www.worldcat.org/title/-/oclc/234073834#PublicationEvent/new_york_ny_mcgraw_hill_2008> ;
   schema:publisher <http://experiment.worldcat.org/entity/work/data/3873232786#Agent/mcgraw_hill> ; # McGraw-Hill
   schema:url <http://catdir.loc.gov/catdir/toc/ecip0823/2008030495.html> ;
   schema:workExample <http://worldcat.org/isbn/9780072262575> ;
   umbel:isLike <http://bnb.data.bl.uk/id/resource/GBA7A1285> ;
   wdrs:describedby <http://www.worldcat.org/title/-/oclc/234073834> ;
    .


Related Entities

<http://id.worldcat.org/fast/1382136> # Linux.
    a schema:CreativeWork ;
   schema:name "Linux." ;
    .

<http://id.worldcat.org/fast/872484> # Computer security
    a schema:Intangible ;
   schema:name "Computer security"@en ;
    .

<http://viaf.org/viaf/132396516> # ISECOM (Organization)
    a schema:Organization ;
   schema:name "ISECOM (Organization)" ;
    .

<http://viaf.org/viaf/19896849> # Brian Hatch
    a schema:Person ;
   schema:familyName "Hatch" ;
   schema:givenName "Brian" ;
   schema:name "Brian Hatch" ;
    .

<http://worldcat.org/isbn/9780072262575>
    a schema:ProductModel ;
   schema:isbn "0072262575" ;
   schema:isbn "9780072262575" ;
    .


Content-negotiable representations

Close Window

Please sign in to WorldCat 

Don't have an account? You can easily create a free account.