Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this
1Activity

Table Of Contents

Acknowledgments
What is Linux?
Some good reasons to use Linux
Let's dispel some of the fear, uncertainty, and doubt about Linux
Why choose Pristine source?
Compiling software on your system
Build & install software on your system
Editing files with the vi editor tool
Recommended software to include in each type of servers
Some last comments
Know your Hardware!
Creating the Linux Boot Disk
Beginning the installation of Linux
Installation Class and Method (Install Options)
Partition your system for Linux
Disk Partition (Manual Partitioning)
Selecting Package Groups
How to use RPM Commands
Starting and stopping daemon services
Software that must be uninstalled after installation of the server
Remove unnecessary documentation files
Remove unnecessary/empty files and directories
Software that must be installed after installation of the server
Verifying installed programs on your Server
Update of the latest software
BIOS
Unplug your server from the network
Security as a policy
Choose a right password
The root account
Set login time out for the root account
The /etc/exports file
The single-user login mode of Linux
The LILO and /etc/lilo.conf file
Disabling Ctrl-Alt-Delete keyboard shutdown command
The /etc/services file
The /etc/securetty file
Special accounts
Control mounting a file system
Mounting the /boot directory of Linux as read-only
Conceal binary RPM
Shell logging
Physical hard copies of all-important logs
Tighten scripts under /etc/rc.d/init.d/
The /etc/rc.local file
Bits from root-owned programs
Finding all files with the SUID/SGID bit enabled
Don’t let internal machines tell the server what their MAC address is
Unusual or hidden files
Finding Group and World Writable files and directories
Unowned files
Finding .rhosts files
System is compromised!
The password length
Disabling console program access
Disabling all console access
The Login access control table
Tighten console permissions for privileged users
Putting limits on resource
Controlling access time to services
Blocking; su to root, by one and sundry
Static vs. shared libraries
The Glibc 2.2 library of Linux
Why Linux programs are distributed as source
Some misunderstanding in the compiler flags options
The gcc 2.96 specs file
Tuning IDE Hard Disk Performance
Making an emergency boot floppy
Checking the /boot partition of Linux
Tuning the Kernel
Applying the Openwall kernel patch
Cleaning up the Kernel
Configuring the Kernel
Compiling the Kernel
Installing the Kernel
Reconfiguring /etc/modules.conf file
Delete programs, edit files pertaining to modules
Remounting the /boot partition of Linux as read-only
Rebooting your system to load the new kernel
Making a new rescue floppy for Modularized Kernel
Making a emergency boot floppy disk for Monolithic Kernel
Optimizing Kernel
TCP/IP security problem overview
Installing more than one Ethernet Card per Machine
Files-Networking Functionality
Securing TCP/IP Networking
Optimizing TCP/IP Networking
Testing TCP/IP Networking
The last checkup
What is a Network Firewall Security Policy?
The Demilitarized Zone
What is Packet Filtering?
The topology
Building a kernel with IPTABLES Firewall support
Rules used in the firewall script files
/etc/rc.d/init.d/iptables: The Web Server File
/etc/rc.d/init.d/iptables: The Mail Server File
/etc/rc.d/init.d/iptables: The Primary Domain Name Server File
/etc/rc.d/init.d/iptables: The Secondary Domain Name Server File
Recommended RPM packages to be installed for a Gateway Server
Building a kernel with Firewall Masquerading & Forwarding support
/etc/rc.d/init.d/iptables: The Gateway Server File
Deny access to some address
IPTABLES Administrative Tools
Compiling - Optimizing & Installing GnuPG
GnuPG Administrative Tools
Compiling - Optimizing & Installing OpenSSL
Configuring OpenSSL
OpenSSL Administrative Tools
Securing OpenSSL
Compiling - Optimizing & Installing OpenSSH
Configuring OpenSSH
OpenSSH Per-User Configuration
OpenSSH Users Tools
Compiling - Optimizing & Installing sXid
Configuring sXid
Configuring PortSentry
Compiling - Optimizing & Installing Tripwire
Configuring Tripwire
Securing Tripwire
Tripwire Administrative Tools
Compiling - Optimizing & Installing Xinetd
Configuring Xinetd
Securing Xinetd
Build a kernel with Quota support enable
Modifying the /etc/fstab file
Caching-Only Name Server
Primary Master Name Server
Secondary Slave Name Server
Running ISC BIND & DNS in a chroot jail
running ISC BIND & DNS in a chroot jail
Securing ISC BIND & DNS
Optimizing ISC BIND & DNS
ISC BIND & DNS Administrative Tools
ISC BIND & DNS Users Tools
Recommended RPM packages to be installed for a Mail Server
Compiling - Optimizing & Installing Sendmail
Configuring Sendmail
Running Sendmail with SSL support
Securing Sendmail
Sendmail Administrative Tools
Sendmail Users Tools
Verifying & installing all the prerequisites to run qmail
Compiling, Optimizing & Installing ucspi-tcp
Compiling, Optimizing & Installing checkpassword
Compiling, Optimizing & Installing qmail
Configuring qmail
Compiling - Optimizing & Installing UW IMAP
Configuring UW IMAP
Enable IMAP or POP services via Xinetd
Securing UW IMAP
Running UW IMAP with SSL support
Recommended RPM packages to be installed for a SQL Server
Compiling - Optimizing & Installing MySQL
Configuring MySQL
Securing MySQL
Optimizing MySQL
MySQL Administrative Tools
Compiling - Optimizing & Installing PostgreSQL
Configuring PostgreSQL
Running PostgreSQL with SSL support
Securing PostgreSQL
Optimizing PostgreSQL
PostgreSQL Administrative Tools
Recommended RPM packages to be installed for a LDAP Server
Compiling - Optimizing & Installing OpenLDAP
Configuring OpenLDAP
Running OpenLDAP in a chroot jail
Running OpenLDAP with TLS/SSL support
Securing OpenLDAP
Optimizing OpenLDAP
OpenLDAP Administrative Tools
OpenLDAP Users Tools
Recommended RPM packages to be installed for a Proxy Server
Compiling - Optimizing & Installing Squid
Using GNU malloc library to improve cache performance of Squid
Configuring Squid
Securing Squid
Optimizing Squid
The cachemgr.cgi program utility of Squid
Recommended RPM packages to be installed for a VPN Server
Compiling - Optimizing & Installing FreeS/WAN
Configuring RSA private keys secrets
Requiring network setup for IPSec
Testing the FreeS/WAN installation
Recommended RPM packages to be installed for a FTP Server
Compiling - Optimizing & Installing Wu-ftpd
Running Wu-ftpd in a chroot jail
Configuring Wu-ftpd
Securing Wu-ftpd
Setup an Anonymous FTP server
Wu-ftpd Administrative Tools
Compiling - Optimizing & Installing MM
Some statistics about Apache and Linux
Recommended RPM packages to be installed for a Web Server
Compiling - Optimizing & Installing Apache
Configuring Apache
Enable PHP4 server-side scripting language with the Web Server
Securing Apache
Optimizing Apache
Running Apache in a chroot jail
Recommended RPM packages to be installed for a Samba Server
Compiling - Optimizing & Installing Samba
Configuring Samba
Running Samba with SSL support
Securing Samba
Optimizing Samba
Samba Administrative Tools
Samba Users Tools
Recommended RPM packages to be installed for a Backup Server
The tar backup program
Making backups with tar
Automating tasks of backups made with tar
Restoring files with tar
The dump backup program
Making backups with dump
Restoring files with dump
Backing up and restoring over the network
0 of .
Results for:
No results containing your search query
P. 1
null

null

Ratings: (0)|Views: 17 |Likes:
Published by Pearltrees

More info:

Published by: Pearltrees on Oct 22, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

05/19/2012

pdf

text

original

You're Reading a Free Preview
Pages 18 to 307 are not shown in this preview.
You're Reading a Free Preview
Pages 328 to 366 are not shown in this preview.
You're Reading a Free Preview
Pages 384 to 490 are not shown in this preview.
You're Reading a Free Preview
Pages 508 to 876 are not shown in this preview.

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->