Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this
1Activity

Table Of Contents

Editing files with the vi editor tool
Recommended software to include in each type of servers
Know your Hardware!
Creating the Linux Boot Disk
Beginning the installation of Linux
Installation Class and Method (Install Options)
Partition your system for Linux
Disk Partition (Manual Partitioning)
Selecting Package Groups
Boot Disk Creation
How to use RPM Commands
Starting and stopping daemon services
Software that must be uninstalled after installation of the server
Remove unnecessary documentation files
Remove unnecessary/empty files and directories
Software that must be installed after installation of the server
BIOS
Unplug your server from the network
Security as a policy
Choose a right password
The root account
Set login time out for the root account
Shell logging
The single-user login mode of Linux
Disabling Ctrl-Alt-Delete keyboard shutdown command
Limiting the default number of started ttys on the server
The LILO and /etc/lilo.conf file
The GRUB and /boot/grub/grub.conf file
The /etc/services file
The /etc/securetty file
Special accounts
Control mounting a file system
Mounting the /usr directory of Linux as read-only
Tighten scripts under /etc/init.d
Tighten scripts under /etc/cron.daily/
Bits from root-owned programs
Don’t let internal machines tell the server what their MAC address is
Unusual or hidden files
Finding Group and World Writable files and directories
Unowned files
Finding .rhosts files
Physical hard copies of all-important logs
Getting some more security by removing manual pages
System is compromised!
The password length
Disabling console program access
Disabling all console access
The Login access control table
Tighten console permissions for privileged users
Putting limits on resource
Controlling access time to services
Blocking; su to root, by one and sundry
Using sudo instead of su for logging as super-user
Static vs. shared libraries
The Glibc 2.2 library of Linux
Why Linux programs are distributed as source
Some misunderstanding in the compiler flags options
The gcc specs file
Striping all binaries and libraries files
Tuning IDE Hard Disk Performance
Difference between a Modularized Kernel and a Monolithic Kernel
Making an emergency boot floppy
Preparing the Kernel for the installation
Applying the Grsecurity kernel patch
Obtaining and Installing Grsecurity
Tuning the Kernel
Cleaning up the Kernel
Configuring the Kernel
Compiling the Kernel
Installing the Kernel
Verifying or upgrading your boot loader
Reconfiguring /etc/modules.conf file
Rebooting your system to load the new kernel
Delete programs, edit files pertaining to modules
Making a new rescue floppy for Modularized Kernel
Making a emergency boot floppy disk for Monolithic Kernel
What is sysctl?
/proc/sys/vm: The virtual memory subsystem of Linux
/proc/sys/fs: The file system data of Linux
/proc/sys/net/ipv4: IPV4 settings of Linux
Other possible optimization of the system
TCP/IP security problem overview
Installing more than one Ethernet Card per Machine
Files-Networking Functionality
Testing TCP/IP Networking
The last checkup
What is the IANA?
The ports numbers
What is a Firewall?
Packet Filter vs. Application Gateway
What is a Network Firewall Security Policy?
The Demilitarized Zone
Linux IPTables Firewall Packet Filter
The Netfilter Architecture
Building a kernel with IPTables support
Compiling - Optimizing & Installing GIPTables
Configuring GIPTables
/etc/giptables.conf: The GIPTables Configuration File
/etc/rc.d/rc.giptables.blocked: The GIPTables Blocked File
/etc/init.d/giptables: The GIPTables Initialization File
The GIPTables Firewall Module Files
How GIPTables parameters work?
Running the type of GIPTables firewall that you need
The GIPTables configuration file for a Gateway/Proxy Server
GIPTables-Firewall Administrative Tools
Compiling - Optimizing & Installing Squid
Configuring Squid
Running Squid with Users Authentication Support
Securing Squid
Optimizing Squid
Squid Administrative Tools
The cachemgr.cgi program utility of Squid
Compiling - Optimizing & Installing SquidGuard
Configuring SquidGuard
Testing SquidGuard
Optimizing SquidGuard
Compiling - Optimizing & Installing FreeS/WAN
Configuring FreeS/WAN
Configuring RSA private keys secrets
Requiring network setup for IPSec
Testing the FreeS/WAN installation
Compiling - Optimizing & Installing GnuPG
Using GnuPG under Linux terminal
Compiling - Optimizing & Installing OpenSSL
Configuring OpenSSL
OpenSSL Administrative Tools
Securing OpenSSL
Compiling - Optimizing & Installing OpenSSH
Configuring OpenSSH
Running OpenSSH in a chroot jail
Creating OpenSSH private & public keys
OpenSSH Users Tools
Compiling - Optimizing & Installing Sudo
Configuring Sudo
A more complex sudoers configuration file
Securing Sudo
Sudo Users Tools
Compiling - Optimizing & Installing sXid
Configuring sXid
sXid Administrative Tools
Compiling - Optimizing & Installing LogSentry
Configuring LogSentry
Compiling - Optimizing & Installing HostSentry
Configuring HostSentry
Compiling - Optimizing & Installing PortSentry
Configuring PortSentry
Removing hosts that have been blocked by PortSentry
Compiling - Optimizing & Installing Snort
Configuring Snort
Running Snort in a chroot jail
Compiling - Optimizing & Installing Tripwire
Configuring Tripwire
Running Tripwire for the first time
Securing Tripwire
Tripwire Administrative Tools
Compiling - Optimizing & Installing ucsip-tcp
Using ucsip-tcp
Compiling - Optimizing & Installing Xinetd
Configuring Xinetd
The /etc/xinetd.d directory
Compiling - Optimizing & Installing NTP
Configuring NTP
Running NTP in Client Mode
Running NTP in Server Mode
Running NTP in a chroot jail
NTP Administrative Tools
Build a kernel with Quota support enable
Compiling - Optimizing & Installing Quota
Modifying the /etc/fstab file
Creating the aquota.user and aquota.group files
Assigning Quota for Users and Groups
Quota Administrative Tools
Compiling - Optimizing & Installing ISC BIND & DNS
Configuring ISC BIND & DNS
Running ISC BIND & DNS as Caching-Only Name Server
Running ISC BIND & DNS as Primary Master Name Server
Running ISC BIND & DNS as Secondary Slave Name Server
Running ISC BIND & DNS in a chroot jail
running ISC BIND & DNS in a chroot jail
Securing ISC BIND & DNS
Optimizing ISC BIND & DNS
ISC BIND & DNS Administrative Tools
ISC BIND & DNS Users Tools
Building a kernel with ISC DHCP support
Compiling - Optimizing & Installing ISC DHCP
Configuring ISC DHCP
Testing the DHCP server
Running ISC DHCP in a chroot jail
Securing ISC DHCP
Running the DHCP client for Linux
Compiling - Optimizing & Installing Exim
Configuring Exim
Testing Exim
Allowing Users to authenticate with Exim before relaying
Running Exim with SSL support
Running Exim with Virtual Hosts support
Running Exim with Maildir support
Running Exim with mail quota support
Running Exim as a Null Client Mail Server
Exim Administrative Tools
Compiling, Optimizing & Installing Qmail
Running Qmail as a Mini-Qmail Mail Server
Running qmail-pop3d with SSL support
Qmail Administrative Tools
Qmail Users Tools
Compiling - Optimizing & Installing tpop3d
Configuring tpop3d
Securing tpop3d
Compiling - Optimizing & Installing UW IMAP
Configuring UW IMAP
Enable IMAP or POP services via UCSPI-TCP
Enable IMAP or POP services via Xinetd
Securing UW IMAP
Running UW IMAP with SSL support
Compiling - Optimizing & Installing Qpopper
Configuring Qpopper
Securing Qpopper
Running Qpopper with SSL support
Compiling - Optimizing & Installing SpamAssassin
Configuring SpamAssassin
Testing SpamAssassin
Running SpamAssassin with Exim
Running SpamAssassin with Qmail
Compiling & Installing Sophos
Configuring Sophos
Testing Sophos
Verifying & installing all the additional prerequisites to run AMaViS
Compiling - Optimizing & Installing AMaViS
Optimizing MySQL
MySQL Administrative Tools
Compiling - Optimizing & Installing PostgreSQL
Configuring PostgreSQL
Running PostgreSQL with SSL support
Securing PostgreSQL
Optimizing PostgreSQL
PostgreSQL Administrative Tools
Compiling - Optimizing & Installing OpenLDAP
Configuring OpenLDAP
Running OpenLDAP with TLS/SSL support
Running OpenLDAP in a chroot jail
Securing OpenLDAP
Optimizing OpenLDAP
OpenLDAP Administrative Tools
OpenLDAP Users Tools
Compiling - Optimizing & Installing ProFTPD
Configuring ProFTPD
Creating an account for FTP client to connect to the FTP server
Setup an anonymous FTP server
Allow anonymous users to upload to the FTP server
Running ProFTPD with SSL support
Securing ProFTPD
ProFTPD Administrative Tools
Compiling - Optimizing & Installing vsFTPd
Configuring vsFTPd
Compiling - Optimizing & Installing Apache
Configuring Apache
Running Apache with TLS/SSL support
Running Apache in a chroot jail
Running Apache with users authentication support
Caching frequently requested static files
Some statistics about Apache and Linux
Compiling - Optimizing & Installing PHP
Configuring PHP
Running Mod_Perl in a chroot jail
Compiling - Optimizing & Installing Samba
Configuring Samba
Running Samba with TLS/SSL support
Securing Samba
Optimizing Samba
Samba Administrative Tools
Samba Users Tools
The tar backup program
Making backups with tar
Automating tasks of backups made with tar
Restoring files with tar
The dump backup program
Making backups with dump
Restoring files with dump
Backing up and restoring over the network
0 of .
Results for:
No results containing your search query
P. 1
Securing Optimizing Linux the Hacking Solution v3.0

Securing Optimizing Linux the Hacking Solution v3.0

Ratings: (0)|Views: 20 |Likes:
Published by Neacsu Nusicor

More info:

Published by: Neacsu Nusicor on Nov 28, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

06/10/2013

pdf

text

original

You're Reading a Free Preview
Pages 25 to 163 are not shown in this preview.
You're Reading a Free Preview
Pages 188 to 750 are not shown in this preview.
You're Reading a Free Preview
Pages 775 to 873 are not shown in this preview.
You're Reading a Free Preview
Pages 898 to 1077 are not shown in this preview.
You're Reading a Free Preview
Pages 1102 to 1208 are not shown in this preview.