Hacking Linux Exposed [Anglais] [Broché]

"Throw up a Linux box," comes the chorus whenever there's a need to provide some network service or other without impinging upon the boss's martini budget. Fair enough, but by doing so are you opening security holes you don't know how to find or fix? The newest edition of Hacking Linux Exposed helps you answer that question and solve many of the security problems you find. To a certain extent this book is a recipe collection in that it describes weaknesses in Linux (calling attention to specific distributions where appropriate). The authors stop short of explicitly showing you how to wage most kinds of attacks, a reasonable thing to do from an ethical point of view even though the instructions can be found easily on the Internet. Rather than do that, they give step-by-step instructions on how to defend against the attacks they catalog. The point is not, "Here's precisely how to bring down a server by means of an ACK storm," but rather, "Here's how to defend against such problems." They do demonstrate plenty of weaknesses, though, as in their coverage of the conversation that goes back and forth between an FTP server and its client.

This book covers pretty much everything you'd want to do with a Linux machine as a network server. Read it and see some of the weaknesses in your system--and do something about them before someone else does. --David Wall

Topics covered: Security best practices, approached from the perspective of what can go wrong and what can be done about the problems. Specific coverage goes to all major services, including user management, FTP, HTTP, and firewalling.

Tighten holes and maintain security on your Linux system! From the publisher of the international best-seller, Hacking Exposed: Network Security Secrets & Solutions, comes this must-have security handbook for anyone running Linux. This up-to-date edition shows you how to think like a Linux hacker in order to beat the Linux hacker. You'll get detailed information on Linux-specific hacks, both internal and external, and how to stop them.

Provides new coverage of wireless hacking. Includes new examples of Linux attacks and countermeasures throughout. Case studies are included. Softcover.

Guide to preventing Linux attacks
News reports about network security intrusions, violations or hacking incidents have recently been all too frequent. Open-source Linux is especially vulnerable to hacks and exploits, and Linux professionals are striving to keep their systems secure. Hacking Linux Exposed: Linux Security Secrets & Solutions by McGraw-Hill/Osborne Media, provides step-by-step defence secrets against Linux attacks by understanding the hacker's methods. Authors Brian Hatch, James Lee, and George Kurtz show how adversaries gather information, acquire targets, escalate privilege, gain control, plant back doors, and cover their tracks.

"Knowing how attackers work and how a system can be broken into is the key to preventing unwanted break-ins. Hacking Linux Exposed strips away the ‘black magic’ image of hacking and sheds light on the prevention techniques that can protect Linux systems from the ravages of attackers," said Christopher Klaus, Founder and CTO of Internet Security Systems (ISS).

Each chapter of the book is divided into bite-sized chunks, covering highly publicised as well as little known break-ins, tips on why they occurred, and detailed countermeasures. Those who explore the book will find the following:

- Details on the security features of each Linux distribution, including Red Hat Linux, SuSE, Debian, and Slackware

- Methods to find vulnerable systems using whois, traceroute, DNS zone transfers, OS detection, ping sweeps, and port scans

- Ways to detect Trojan horses, backdoors, password cracking, IP spoofing, session hijacking, and trail hiding

- How to implement log analysis tools such as the Advanced Intrusion Detection Environment (AIDE) and advanced kernel security patches, including the Linux Intrusion Detection System (LIDS)

- How to prevent local users from getting root privileges

- How to prevent Denial of Service and other network attacks

- How to configure FTP sites, DNS servers, and other daemons

- How to plug common and obscure security holes in Sendmail, Qmail, Postfix, POP, and IMAP servers

- Tips on defending against Web server attacks using secure scripting techniques, user verification, and secure Apache Server configurations

- How to design, position, and test secure firewalls and other network access restrictions, and more. --Ce texte fait référence à lédition Broché .

"Years of collective hands-on expertise for those who want to actually understand the Linux threats and countermeasures. Excellent!" --Dave Wreski, CEO, Guardian Digital and co-author of Linux Security HOTWO

Secure your Linux network by thinking like an attacker

Evolving Web technology and new software releases make online security more challenging than ever. The number of hackers--both sophisticated crackers and script-kiddies--is growing constantly, and it's just a matter of time before your network becomes a target. Hacking Linux Exposed, Second Edition shows you, step-by-step, how to proactively defend against the latest Linux-specific attacks by getting inside the mind of today's most devious hackers. You'll learn how intruders gather information, specify targets, exploit weak spots, and gain control--usually while remaining undetected. Read case studies about both common and little-known break-ins, tips on how and why they occurred, and detailed countermeasures against these attacks. If you're a Linux professional who's serious about security, this is the one book you can't afford to be without.

What you'll learn:

• The proven Hacking Exposed methodology to locate and fix vulnerable points in networks and Linux software
• Details on security features of all Linux distributions--including Red Hat, Debian, SuSE, and Slackware
• How to successfully use vulnerability scanning tools, intrusion detections systems, honeypots, and log analysis software
• Best practices for using whois databases, ping sweeps, DNS zone transfers, and port scans
• Common mail server bugs, tips for email encryption, and spam prevention
• Latest attack methods involving Trojaned programs, back doors, kernel hacks, password cracks, and session hijacking
• Ways to protect against Denial of Service and wireless network attacks
• Methods for preventing local users from getting root privileges
• Rules for using TCP wrappers and firewall strategies with ipchains and iptables
• Valuable checklists and tips on hardening your system based on the authors' real-world experience