Verfügbarkeit: Linux hardening in hostile networks | Technische Universität München

Linux hardening in hostile networks: server security from TLS to Tor

Gespeichert in:

Bibliographische Detailangaben
Beteilige Person:	Rankin, Kyle (VerfasserIn)
Format:	Buch
Sprache:	Englisch
Veröffentlicht:	Boston ; Columbus ; Indianapolis ; New York ; San Francisco ; Amsterdam ; Cape Town ; Dubai ; London ; Madrid ; Milan ; Munich ; Paris ; Montreal ; Toronto ; Delhi ; Mexico City ; São Paulo ; Sidney ; Hong Kong ; Seoul ; Singapore ; Taipei ; Tokyo Addison-Wesley [2018]
Schriftenreihe:	Pearson open source software series
Links:	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029886904&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
Umfang:	xxi, 242 Seiten Illustrationen
ISBN:	9780134173269 0134173260

Internformat

MARC


LEADER	00000nam a2200000 c 4500
001	BV044486856
003	DE-604
005	00000000000000.0
007	t\|
008	170913s2018 xx a\|\|\| \|\|\|\| 00\|\|\| eng d
020			\|a 9780134173269 \|c pbk. \|9 978-0-13-417326-9
020			\|a 0134173260 \|c pbk. \|9 0-13-417326-0
035			\|a (OCoLC)1004315099
035			\|a (DE-599)BVBBV044486856
040			\|a DE-604 \|b ger \|e rda
041	0		\|a eng
049			\|a DE-11
084			\|a ST 261 \|0 (DE-625)143633: \|2 rvk
084			\|a ST 277 \|0 (DE-625)143643: \|2 rvk
100	1		\|a Rankin, Kyle \|e Verfasser \|0 (DE-588)1139140159 \|4 aut
245	1	0	\|a Linux hardening in hostile networks \|b server security from TLS to Tor \|c Kyle Rankin
264		1	\|a Boston ; Columbus ; Indianapolis ; New York ; San Francisco ; Amsterdam ; Cape Town ; Dubai ; London ; Madrid ; Milan ; Munich ; Paris ; Montreal ; Toronto ; Delhi ; Mexico City ; São Paulo ; Sidney ; Hong Kong ; Seoul ; Singapore ; Taipei ; Tokyo \|b Addison-Wesley \|c [2018]
264		4	\|c © 2018
300			\|a xxi, 242 Seiten \|b Illustrationen
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
490	0		\|a Pearson open source software series
856	4	2	\|m HBZ Datenaustausch \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029886904&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
943	1		\|a oai:aleph.bib-bvb.de:BVB01-029886904

Datensatz im Suchindex

_version_	1819364484873977856
adam_text	Titel: Linux® hardening in hostile networks Autor: Rankin, Kyle Jahr: 2018 Contents Foreword xiii Preface xv Acknowledgments xxiii About the Author xxv 1 Overall Security Concepts 1 Section 1: Security Fundamentals 1 Essential Security Principles 2 Basic Password Security 4 Section 2: Security Practices Against a Knowledgeable Attacker 10 Security Best Practices 10 Password-Cracking Techniques 13 Password-Cracking Countermeasures 16 Section 3: Security Practices Against an Advanced Attacker 20 Advanced Password-Cracking Techniques 20 Advanced Password-Cracking Countermeasures Summary 24 2 Workstation Security 25 Section 1: Security Fundamentals 25 Workstation Security Fundamentals 25 Web Security Fundamentals 27 introduction to Tails 29 Download, Validate, and Install Tails 29 Use Tails 30 Section 2: Additional Workstation Hardening 33 Workstation Disk Encryption 33 BIOS Passwords 33 Tails Persistence and Encryption 34 Section 3: Qubes 37 Introduction to Qubes 38 Qubes Download and Installation 41 The Qubes Desktop 43 An AppVM Compartmentalization Example 46 viii Contents Split GPG 49 USB VM 50 Summary 52 3 Server Security 53 Section 1: Server Security Fundamentals 53 Fundamental Server Security Practices 53 SSH Configuration 54 Sudo 55 Section 2: Intermediate Server-Hardening Techniques 58 SSH Key Authentication 58 AppArmor 63 Remote Logging 66 Section 3: Advanced Server-Hardening Techniques 68 Server Disk Encryption 68 Secure NTP Alternatives 70 Two-Factor Authentication with SSH 72 Summary 74 4 Network 75 Section 1: Essential Network Hardening 76 Network Security Fundamentals 76 Man-in-the-Middle Attacks 78 Server Firewall Settings 79 Section 2: Encrypted Networks 87 OpenVPN Configuration 87 SSH Tunnels 93 SSL/TLS-Enabled Load Balancing 95 Section 3: Anonymous Networks 100 Tor Configuration 101 Tor Hidden Services 106 Summary 107 5 Web Servers 109 Section 1: Web Server Security Fundamentals 109 Permissions 109 HTTP Basic Authentication 110 Contents ix Section 2: HTTPS 113 Enable HTTPS 114 Redirect HTTP to HTTPS 115 HTTPS Reverse Proxy 116 HTTPS Client Authentication 117 Section 3: Advanced HTTPS Configuration 118 HSTS 118 HTTPS Forward Secrecy 119 Web Application Firewalls 120 Summary 131 6 Email 133 Section 1: Essential Email Hardening 133 Email Security Fundamentals 134 Basic Email Hardening 135 Section 2: Authentication and Encryption 137 SMTP Authentication 138 SMTPS 139 Section 3: Advanced Hardening 141 SPF 141 DKIM 146 DMARC 152 Summary 156 7 DNS 157 Section 1: DNS Security Fundamentals 158 Authoritative DNS Server Hardening 159 Recursive DNS Server Hardening 160 Section 2: DNS Amplification Attacks and Rate Limiting 161 DNS Query Logging 162 Dynamic DNS Authentication 163 Section 3: DNSSEC 166 How DNS Works 166 DNS Security Issues 168 How DNSSEC Works 168 DNSSEC Terminology 171 Add DNSSEC to a Zone 172 Summary 175 X Contents 8 Database 177 Section 1: Database Security Fundamentals 177 Essential Database Security 177 Local Database Administration 179 Database User Permissions 182 Section 2: Database Hardening 185 Database Network Access Control 186 Enable SSL/TLS 188 Section 3: Database Encryption 191 Full Disk Encryption 192 Application-Side Encryption 192 Client-Side Encryption 195 Summary 195 9 Incident Response 197 Section 1: Incident Response Fundamentals 197 Who Performs Incident Response? 197 Do You Prosecute? 197 Pull the Plug 198 Image the Server 199 Server Redeployment 199 Forensics 199 Section 2: Secure Disk Imaging Techniques 200 Choose the Imaging System 201 Create the Image 201 Introduction to Sleuth Kit and Autopsy 202 Section 3: Walk Through a Sample Investigation 209 Cloud Incident Response 213 Summary 214 A Tor 215 What Is Tor? 215 Why Use Tor? 215 How Tor Works 216 Security Risks 219 Outdated Tor Software 219 Identity Leaks 219 B SSL/TLS 221 What Is TLS? 221 Why Use TLS? 221 How TLS Works 222 Deciphering Cipher Names 223 TLS Troubleshooting Commands 224 View the Contents of a Certificate 224 View the Contents of a CSR 224 Troubleshoot a Protocol over TLS 224 Security Risks 224 Man-in-the-Middle Attacks 225 Downgrade Attacks 225 Forward Secrecy 226 Index 229
any_adam_object	1
author	Rankin, Kyle
author_GND	(DE-588)1139140159
author_facet	Rankin, Kyle
author_role	aut
author_sort	Rankin, Kyle
author_variant	k r kr
building	Verbundindex
bvnumber	BV044486856
classification_rvk	ST 261 ST 277
ctrlnum	(OCoLC)1004315099 (DE-599)BVBBV044486856
discipline	Informatik
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01473nam a2200325 c 4500</leader><controlfield tag="001">BV044486856</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">00000000000000.0</controlfield><controlfield tag="007">t\|</controlfield><controlfield tag="008">170913s2018 xx a\|\|\| \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780134173269</subfield><subfield code="c">pbk.</subfield><subfield code="9">978-0-13-417326-9</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0134173260</subfield><subfield code="c">pbk.</subfield><subfield code="9">0-13-417326-0</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1004315099</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV044486856</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-11</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 261</subfield><subfield code="0">(DE-625)143633:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Rankin, Kyle</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)1139140159</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Linux hardening in hostile networks</subfield><subfield code="b">server security from TLS to Tor</subfield><subfield code="c">Kyle Rankin</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Boston ; Columbus ; Indianapolis ; New York ; San Francisco ; Amsterdam ; Cape Town ; Dubai ; London ; Madrid ; Milan ; Munich ; Paris ; Montreal ; Toronto ; Delhi ; Mexico City ; São Paulo ; Sidney ; Hong Kong ; Seoul ; Singapore ; Taipei ; Tokyo</subfield><subfield code="b">Addison-Wesley</subfield><subfield code="c">[2018]</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">© 2018</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">xxi, 242 Seiten</subfield><subfield code="b">Illustrationen</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="490" ind1="0" ind2=" "><subfield code="a">Pearson open source software series</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">HBZ Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029886904&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="943" ind1="1" ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-029886904</subfield></datafield></record></collection>
id	DE-604.BV044486856
illustrated	Illustrated
indexdate	2024-12-20T18:04:27Z
institution	BVB
isbn	9780134173269 0134173260
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-029886904
oclc_num	1004315099
open_access_boolean
owner	DE-11
owner_facet	DE-11
physical	xxi, 242 Seiten Illustrationen
publishDate	2018
publishDateSearch	2018
publishDateSort	2018
publisher	Addison-Wesley
record_format	marc
series2	Pearson open source software series
spellingShingle	Rankin, Kyle Linux hardening in hostile networks server security from TLS to Tor
title	Linux hardening in hostile networks server security from TLS to Tor
title_auth	Linux hardening in hostile networks server security from TLS to Tor
title_exact_search	Linux hardening in hostile networks server security from TLS to Tor
title_full	Linux hardening in hostile networks server security from TLS to Tor Kyle Rankin
title_fullStr	Linux hardening in hostile networks server security from TLS to Tor Kyle Rankin
title_full_unstemmed	Linux hardening in hostile networks server security from TLS to Tor Kyle Rankin
title_short	Linux hardening in hostile networks
title_sort	linux hardening in hostile networks server security from tls to tor
title_sub	server security from TLS to Tor
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029886904&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT rankinkyle linuxhardeninginhostilenetworksserversecurityfromtlstotor

Verfügbarkeit

‌

Inhaltsverzeichnis