Linux Server Security. Hack and Defend

  • ID: 3630921
  • Book
  • 144 Pages
  • John Wiley and Sons Ltd
1 of 4

LEVERAGE LINUX STABILITY AND SECURITY FEATURES TO KEEP YOUR SYSTEM SAFE

Linux has become the most popular web server platform on the planet, which puts Linux security measures at the top of the priority list for every sysadmin and every hacker. Linux has always been a hotbed of technology and developments in the security realm, with both offensive and defensive tools like knockd, netcat, Nmap, Nping, and others, but knowing how to exploit these tools the way a hacker would is becoming an increasingly essential part of keeping your system safe. Instead of chasing after the bad guy, learn to anticipate and block his every move.

Chris Binnie is a Linux veteran with server deployment experience in banking and government where security concerns are critical. Chris walks through challenging scenarios in a diverse array of security areas to demonstrate robust detection, prevention, and defensive techniques, providing the hard–won insight of experience every step of the way. These techniques apply across distributions, including Debian and Red Hat derivatives, and other Unix–type systems, and include the expert touches that make software packages work well with the operating system as well as with other packages. Linux enjoys a well–deserved reputation for bedrock stability, which is why it powers up to 70 percent of the Internet′s public servers; this book provides the insight and skill set you need to keep it locked up tight.

Covering the hacker′s favorite tools and biggest frustrations, Linux Server Security shows you how to:

  • Make your server invisible without disrupting services in production
  • Fingerprint files to monitor filesystems manually or automatically
  • Turn hacker′s favorite tools against them as part of your defense
  • Learn how hackers identify your system′s weak points
  • Explore the possibilities of standard Nmap scripts
  • Defend against malware and fight off a DDoS attack
  • Discover how easily websites are compromised and passwords are cracked
READ MORE
Note: Product cover images may vary from those shown
2 of 4
Preface xiii

Introduction xv

Chapter 1: Invisibility Cloak 1

Background 1

Probing Ports 1

Confusing a Port Scanner 2

Installing knockd 2

Packages 3

Changing Default Settings 3

Altering Filesystem Locations 4

Some Config Options 5

Starting the Service 5

Changing the Default Network Interface 5

Packet Types and Timing 5

Testing Your Install 6

Port Knocking Clients 7

Making Your Server Invisible 7

Testing Your iptables 8

Saving iptables Rules 9

Further Considerations 10

Smartphone Client 10

Troubleshooting 10

Security Considerations 10

Ephemeral Sequences 11

Summary 12

Chapter 2: Digitally Fingerprint Your Files 13

Filesystem Integrity 13

Whole Filesystem 16

Rootkits 17

Confi guration 19

False Positives 21

Well Designed 22

Summary 23

Chapter 3: Twenty–First–Century Netcat 25

History 25

Installation Packages 27

Getting Started 27

Transferring Files 29

Chatting Example 30

Chaining Commands Together 30

Secure Communications 31

Executables 33

Access Control Lists 34

Miscellaneous Options 34

Summary 35

Chapter 4: Denying Service 37

NTP Infrastructure 37

NTP Reflection Attacks 38

Attack Reporting 40

Preventing SNMP Reflection 41

DNS Resolvers 42

Complicity 43

Bringing a Nation to Its Knees 44

Mapping Attacks 45

Summary 46

Chapter 5: Nping 49

Functionality 49

TCP 50

Interpreter 51

UDP 52

ICMP 52

ARP 53

Payload Options 53

Echo Mode 54

Other Nping Options 57

Summary 58

Chapter 6: Logging Reconnoiters 59

ICMP Misconceptions 59

tcpdump 60

Iptables 61

Multipart Rules 64

Log Everything for Forensic Analysis 64

Hardening 65

Summary 67

Chapter 7: Nmap s Prodigious NSE 69

Basic Port Scanning 69

The Nmap Scripting Engine 71

Timing Templates 73

Categorizing Scripts 74

Contributing Factors 75

Security Holes 75

Authentication Checks 77

Discovery 78

Updating Scripts 79

Script Type 80

Regular Expressions 80

Graphical User Interfaces 81

Zenmap 81

Summary 82

Chapter 8: Malware Detection 85

Getting Started 85

Definition Update Frequency 85

Malware Hash Registry 86

Prevalent Threats 86

LMD Features 86

Monitoring Filesystems 88

Installation 88

Monitoring Modes 90

Configuration 91

Exclusions 91

Running from the CLI 92

Reporting 92

Quarantining and Cleaning 93

Updating LMD 94

Scanning and Stopping Scans 94

Cron Job 96

Reporting Malware 96

Apache Integration 96

Summary 97

Chapter 9: Password Cracking with Hashcat 99

History 99

Understanding Passwords 99

Keyspace 100

Hashes101

Using Hashcat 103

Hashcat Capabilities 103

Installation 103

Hash Identifi cation104

Choosing Attack Mode 106

Downloading a Wordlist 106

Rainbow Tables 107

Running Hashcat 107

oclHashcat 110

Hashcat–Utils 111

Summary 111

Chapter 10: SQL Injection Attacks 113

History 113

Basic SQLi 114

Mitigating SQLi in PHP 115

Exploiting SQL Flaws 117

Launching an Attack 118

Trying SQLi Legally 120

Summary 121

Index 123

Note: Product cover images may vary from those shown
3 of 4

Loading
LOADING...

4 of 4

CHRIS BINNIE is a Technical Consultant with 20 years of experience working with Linux systems, and a writer for Linux Magazine and Admin Magazine. He built an Autonomous System Network in 2005, and served HD video to 77 countries via a media streaming platform that he architected and built. Over the course of his career, he has deployed many servers in the cloud and on banking and government server estates.

Note: Product cover images may vary from those shown
5 of 4
Note: Product cover images may vary from those shown
Adroll
adroll