Your cart is empty.
  • Home

    Hacking exposed Linux : Linux security secrets & solutions / ISECOM.

    Contributor(s): Hatch, Brian. Hacking Linux exposed | ISECOM (Organization)Material type: TextTextPublisher: New York, NY : McGraw-Hill, c2008Edition: 3rd edDescription: xxxiii, 613 p. : ill. ; 23 cmISBN: 9780072262575 (alk. paper); 0072262575 (alk. paper)Subject(s): Linux | Computer securityDDC classification: 005.8 LOC classification: QA76.76.O63 | H375 2008Online resources: Table of contents only
    Contents:
    Foreword -- Acknowledgments -- Introduction -- Part 1: Security And Controls -- 1: Applying security -- Case study -- Free from risk -- Four comprehensive constraints -- Elements of security -- Summary -- 2: Applying interactive controls -- Case study -- Five interactive controls -- Summary -- 3: Applying process controls -- Case study -- Five process controls -- Summary -- Part 2: Hacking The System -- 4: Local access control -- Case study -- Physical access to Linux systems --Console access -- Privilege escalation -- Sudo -- File permissions and attributes -- Chrooting -- Physical access, encryption, and password recovery -- Volatile data -- Summary -- 5: Data networks security -- Case study -- Network visibility -- Network and systems profiling -- Network architecture -- Covert communications and clandestine administration -- Summary -- 6: Unconventional data attack vectors -- Case study -- Overview of PSTN, ISDN, and PSDN attack vectors -- Introducing PSTN -- Introducing ISDN -- Introducing PSDN and X-25 -- Communication network attacks -- Tests to perform -- PSTN -- ISDN -- PSDN -- Tools to use -- PAW and PAWS -- Intelligent wardialer -- Shokdial -- Ward -- THCscan next generation -- PSDN testing tools -- Admx25 -- Sun solaris multihread and multichannel X-25 scanner -- Vudu -- Tscan -- Common banners -- How X-25 networks work -- Basic elements -- Call setup -- Error codes -- X-3/X-28 PAD answer codes -- X-25 addressing format -- DCC annex list -- Key points for getting X-25 access -- X-28 dialup with NUI -- X-28 dialup via reverse charge -- Private X-28 PAD via a standard or toll-free PSTN or ISDN -- Number -- Internet to x-25 gateways -- Cisco systems -- VAX/VMS or AXP/opens VMS -- NIX systems -- Summary -- 7: Voice over IP -- Case study -- VoIP attack taxonomy -- Network attacks -- System attacks -- Signaling attacks -- Introduction to VoIP testing tools -- Transport attacks -- VoIP security challenges -- Firewalls and NAT -- Encryption -- Summary -- 8: Wireless networks -- Case study -- State of the wireless -- Wireless hacking physics: radio frequency -- RF spectrum analysis -- Exploiting 802-11 the hacker way -- Wireless auditing activities and procedures -- Auditing wireless policies -- Summary -- 9: Input/output devices -- Case study -- About bluetooth -- Bluetooth profiles -- Entities on the bluetooth protocol stack -- Summary -- 10: RFID-radio frequency identification -- Case study -- History of RFID: Leon theremin and "the thing" -- Identification-friend-or-foe -- RFID components -- Purpose of RFID -- Passive tags -- Active tags -- RFID uses -- RFID-enabled passports -- Ticketing -- Other current RFID uses -- RFID frequency standards -- RFID technology standards -- RFID attacks -- RFID hacker's toolkit -- Implementing RFID systems using Linux -- RFID readers connected to a Linux system -- RFID readers with embedded Linux -- Linux systems as backend/middleware/database -- Servers in RFID systems -- Linux and RFID-related projects and products -- OpenMRTD -- OpenPCD -- Open PICC -- Magellan technology -- PFIDiot -- RFID guardian -- OpenBeacon -- Ominkey -- Linux RFID kit -- Summary -- 11: Emanation attacks -- Case study -- Van Eck Phreaking -- Other "side-channel" attacks -- Summary -- 12: Trusted computing -- Case study -- Introduction to trusted computing -- Platform attack taxonomy -- Hardware attacks -- Low-level software attacks -- System software attacks -- Application attacks -- General support for trusted computing applications -- TPM device driver -- TrouSerS -- TPM emulator -- jTSS wrapper -- TPM manager -- Examples of trusted computing applications -- Enforcer -- TrustedGRUB (tGrub) -- TPM keyring -- Turaya, VPN and Turaya-Crypt -- Open trusted computing -- TCG industrial applications -- Summary -- Part 3: Hacking The Users -- 13: Web application hacking -- Case study -- Enumeration -- Access and controls exploitation -- Insufficient data validation -- Web 2-0 attacks -- Trust manipulation -- Trust and awareness hijacking -- Man-in-the-middle -- Web infrastructure attacks -- Summary -- 14: Mail services -- Case SMTP basics -- Understanding sender and envelope sender -- Email routing -- SMTP attach taxonomy -- Fraud -- Alteration of data or integrity -- Denial of service or availability -- Summary -- 15: Name services -- Case study -- DNS basics -- DNS and IPv6 -- Social aspect: DNS and Phishing -- WHOIS and domain registration and domain hijacking -- Technical aspect: spoofing, cache poisoning, and other attacks -- Bind hardening -- Summary -- Part 4: Care And Maintenance -- 16: Reliability: static analysis of C code -- Case study -- Formal vs semiformal methods -- Semiformal methods -- Formal methods -- Static analysis -- C code static analysis -- Analyzing C code using hoare logics -- Weakest precondition calculus -- Verification conditions -- Termination -- Methodology -- Some C analysis tools -- Tools based on abstract interpretation -- Tools based on hoare logics -- Tools based on model checking -- Additional references -- Summary -- 17: Security tweaks in the Linux kernel -- Linux security modules -- CryptoAPI -- NetFilter enhancements -- Enhanced wireless stack -- File system enhancement -- POSIX access control lists -- NFSv4 -- Additional kernel resources -- Man pages online -- Online documentation -- Other references -- Part 5: Appendixes -- A: Management and maintenance -- Best practices node setup -- Use cryptographically secured services -- Prevention against brute-force -- Deny all, allow specifically -- One-time passwords -- Automated scanning techniques -- Lock out on too high fail count -- Avoid loadable kernel module feature -- Enforce password policy -- Use sudo for system administration tasks -- Check IPv6 status -- Justify enabled daemons -- Set mount and filesystem options -- Harden a system through/proc -- Passwords -- Hardware health -- Checking log files -- Best practices network environment setup -- Ingress and egress filtering -- Build network segments and host-based firewalls -- Perform time synchronization -- Watch security mailing lists -- Collect log files at a central place -- Collect statistics within the network -- Use VPN for remote management -- Additional helpful tools -- Intrusion detection systems -- System monitoring -- Replace legacy applications -- Xinetd -- Syslog-ng -- Daemontools -- Other service management tools -- Automating system administration -- Perl scripting language -- Cfengine -- B: Linux forensics and data recovery -- Hardware: the forensic workstation -- Hardware: other valuable tools -- Software: operating system -- Software tools -- So, where should you start from? -- Live investigation/acquisition -- Post mortem analysis -- Handling electronic evidence -- Legislative regulations -- Definition of electronic evidence -- Equivalence of traditional evidence to electronic evidence -- Advantages and disadvantages of electronic evidence -- Working with electronic evidence -- Requirements that electronic evidence must fulfill to be admitted in court -- C: BSD -- Overview of BSD projects -- Security features found in all BSDs -- Securelevel -- Security scripts -- Sysctl(8) -- Rc-conf -- Rc-subr(8) -- Chflags(1) -- Ttys(5) -- Sshd-config(5) -- Blowfish support -- System accounting -- Ipsec(4) -- Randomness -- Chroot(8) -- FreeBSD -- ACLs -- MAC policies -- OpenBSM -- OpenPAM -- Jail(8) -- VuXML -- Portaudit(1) -- Gbde(4) -- Geli(8) -- NetBSD -- Kauth(9) -- Veriexec(4) -- Pw-policy(3) -- Fileassoc(9) -- Audit-packages -- Vgd(4) -- Clockctl(4) -- OpenBSD -- ProPolice -- WAX -- Systrace(1) -- Encripted swap -- Pf(4) firewall features -- BSD security advisories -- Additional BSD resources -- Online man pages -- Online documentation -- Books -- Index.
    Summary: Synopsis: The Latest Linux Security Solutions. This authoritative guide will help you secure your Linux network-whether you use Linux as a desktop OS, for Internet services, for telecommunications, or for wireless services. Completely rewritten the ISECOM way, Hacking Exposed Linux, Third Edition provides the most up-to-date coverage available from a large team of topic-focused experts. The book is based on the latest ISECOM security research and shows you, in full detail, how to lock out intruders and defend your Linux systems against catastrophic attacks. Secure Linux by using attacks and countermeasures from the latest OSSTMM research; Follow attack techniques of PSTN, ISDN, and PSDN over Linux; Harden VoIP, Bluetooth, RF, RFID, and IR devices on Linux; Block Linux signal jamming, cloning, and eavesdropping attacks; Apply Trusted Computing and cryptography tools for your best defense; Fix vulnerabilities in DNS, SMTP, and Web 2.0 services; Prevent SPAM, Trojan, phishing, DoS, and DDoS exploits; Find and repair errors in C code with static analysis and Hoare Logic.
    Tags from this library: No tags from this library for this title. Log in to add tags.
        Average rating: 0.0 (0 votes)
    Item type Current library Call number Copy number Status Notes Date due Barcode
    Books Books Main Library
    		QA76.76 .O63 H375 2008 (Browse shelf (Opens below)) 1 In transit from Main Library to Female Library since 12/26/2021 STACKS 51952000089193
    Books Books Main Library
    		QA76.76 .O63 H375 2008 (Browse shelf (Opens below)) 1 Available STACKS 51952000069188

    Previous ed. under title: Hacking Linux exposed / Brian Hatch, 2003.

    Includes bibliographical references and index.

    Foreword -- Acknowledgments -- Introduction -- Part 1: Security And Controls -- 1: Applying security -- Case study -- Free from risk -- Four comprehensive constraints -- Elements of security -- Summary -- 2: Applying interactive controls -- Case study -- Five interactive controls -- Summary -- 3: Applying process controls -- Case study -- Five process controls -- Summary -- Part 2: Hacking The System -- 4: Local access control -- Case study -- Physical access to Linux systems --Console access -- Privilege escalation -- Sudo -- File permissions and attributes -- Chrooting -- Physical access, encryption, and password recovery -- Volatile data -- Summary -- 5: Data networks security -- Case study -- Network visibility -- Network and systems profiling -- Network architecture -- Covert communications and clandestine administration -- Summary -- 6: Unconventional data attack vectors -- Case study -- Overview of PSTN, ISDN, and PSDN attack vectors -- Introducing PSTN -- Introducing ISDN -- Introducing PSDN and X-25 -- Communication network attacks -- Tests to perform -- PSTN -- ISDN -- PSDN -- Tools to use -- PAW and PAWS -- Intelligent wardialer -- Shokdial -- Ward -- THCscan next generation -- PSDN testing tools -- Admx25 -- Sun solaris multihread and multichannel X-25 scanner -- Vudu -- Tscan -- Common banners -- How X-25 networks work -- Basic elements -- Call setup -- Error codes -- X-3/X-28 PAD answer codes -- X-25 addressing format -- DCC annex list -- Key points for getting X-25 access -- X-28 dialup with NUI -- X-28 dialup via reverse charge -- Private X-28 PAD via a standard or toll-free PSTN or ISDN -- Number -- Internet to x-25 gateways -- Cisco systems -- VAX/VMS or AXP/opens VMS -- NIX systems -- Summary -- 7: Voice over IP -- Case study -- VoIP attack taxonomy -- Network attacks -- System attacks -- Signaling attacks -- Introduction to VoIP testing tools -- Transport attacks -- VoIP security challenges -- Firewalls and NAT -- Encryption -- Summary -- 8: Wireless networks -- Case study -- State of the wireless -- Wireless hacking physics: radio frequency -- RF spectrum analysis -- Exploiting 802-11 the hacker way -- Wireless auditing activities and procedures -- Auditing wireless policies -- Summary -- 9: Input/output devices -- Case study -- About bluetooth -- Bluetooth profiles -- Entities on the bluetooth protocol stack -- Summary -- 10: RFID-radio frequency identification -- Case study -- History of RFID: Leon theremin and "the thing" -- Identification-friend-or-foe -- RFID components -- Purpose of RFID -- Passive tags -- Active tags -- RFID uses -- RFID-enabled passports -- Ticketing -- Other current RFID uses -- RFID frequency standards -- RFID technology standards -- RFID attacks -- RFID hacker's toolkit -- Implementing RFID systems using Linux -- RFID readers connected to a Linux system -- RFID readers with embedded Linux -- Linux systems as backend/middleware/database -- Servers in RFID systems -- Linux and RFID-related projects and products -- OpenMRTD -- OpenPCD -- Open PICC -- Magellan technology -- PFIDiot -- RFID guardian -- OpenBeacon -- Ominkey -- Linux RFID kit -- Summary -- 11: Emanation attacks -- Case study -- Van Eck Phreaking -- Other "side-channel" attacks -- Summary -- 12: Trusted computing -- Case study -- Introduction to trusted computing -- Platform attack taxonomy -- Hardware attacks -- Low-level software attacks -- System software attacks -- Application attacks -- General support for trusted computing applications -- TPM device driver -- TrouSerS -- TPM emulator -- jTSS wrapper -- TPM manager -- Examples of trusted computing applications -- Enforcer -- TrustedGRUB (tGrub) -- TPM keyring -- Turaya, VPN and Turaya-Crypt -- Open trusted computing -- TCG industrial applications -- Summary -- Part 3: Hacking The Users -- 13: Web application hacking -- Case study -- Enumeration -- Access and controls exploitation -- Insufficient data validation -- Web 2-0 attacks -- Trust manipulation -- Trust and awareness hijacking -- Man-in-the-middle -- Web infrastructure attacks -- Summary -- 14: Mail services -- Case SMTP basics -- Understanding sender and envelope sender -- Email routing -- SMTP attach taxonomy -- Fraud -- Alteration of data or integrity -- Denial of service or availability -- Summary -- 15: Name services -- Case study -- DNS basics -- DNS and IPv6 -- Social aspect: DNS and Phishing -- WHOIS and domain registration and domain hijacking -- Technical aspect: spoofing, cache poisoning, and other attacks -- Bind hardening -- Summary -- Part 4: Care And Maintenance -- 16: Reliability: static analysis of C code -- Case study -- Formal vs semiformal methods -- Semiformal methods -- Formal methods -- Static analysis -- C code static analysis -- Analyzing C code using hoare logics -- Weakest precondition calculus -- Verification conditions -- Termination -- Methodology -- Some C analysis tools -- Tools based on abstract interpretation -- Tools based on hoare logics -- Tools based on model checking -- Additional references -- Summary -- 17: Security tweaks in the Linux kernel -- Linux security modules -- CryptoAPI -- NetFilter enhancements -- Enhanced wireless stack -- File system enhancement -- POSIX access control lists -- NFSv4 -- Additional kernel resources -- Man pages online -- Online documentation -- Other references -- Part 5: Appendixes -- A: Management and maintenance -- Best practices node setup -- Use cryptographically secured services -- Prevention against brute-force -- Deny all, allow specifically -- One-time passwords -- Automated scanning techniques -- Lock out on too high fail count -- Avoid loadable kernel module feature -- Enforce password policy -- Use sudo for system administration tasks -- Check IPv6 status -- Justify enabled daemons -- Set mount and filesystem options -- Harden a system through/proc -- Passwords -- Hardware health -- Checking log files -- Best practices network environment setup -- Ingress and egress filtering -- Build network segments and host-based firewalls -- Perform time synchronization -- Watch security mailing lists -- Collect log files at a central place -- Collect statistics within the network -- Use VPN for remote management -- Additional helpful tools -- Intrusion detection systems -- System monitoring -- Replace legacy applications -- Xinetd -- Syslog-ng -- Daemontools -- Other service management tools -- Automating system administration -- Perl scripting language -- Cfengine -- B: Linux forensics and data recovery -- Hardware: the forensic workstation -- Hardware: other valuable tools -- Software: operating system -- Software tools -- So, where should you start from? -- Live investigation/acquisition -- Post mortem analysis -- Handling electronic evidence -- Legislative regulations -- Definition of electronic evidence -- Equivalence of traditional evidence to electronic evidence -- Advantages and disadvantages of electronic evidence -- Working with electronic evidence -- Requirements that electronic evidence must fulfill to be admitted in court -- C: BSD -- Overview of BSD projects -- Security features found in all BSDs -- Securelevel -- Security scripts -- Sysctl(8) -- Rc-conf -- Rc-subr(8) -- Chflags(1) -- Ttys(5) -- Sshd-config(5) -- Blowfish support -- System accounting -- Ipsec(4) -- Randomness -- Chroot(8) -- FreeBSD -- ACLs -- MAC policies -- OpenBSM -- OpenPAM -- Jail(8) -- VuXML -- Portaudit(1) -- Gbde(4) -- Geli(8) -- NetBSD -- Kauth(9) -- Veriexec(4) -- Pw-policy(3) -- Fileassoc(9) -- Audit-packages -- Vgd(4) -- Clockctl(4) -- OpenBSD -- ProPolice -- WAX -- Systrace(1) -- Encripted swap -- Pf(4) firewall features -- BSD security advisories -- Additional BSD resources -- Online man pages -- Online documentation -- Books -- Index.

    Synopsis: The Latest Linux Security Solutions. This authoritative guide will help you secure your Linux network-whether you use Linux as a desktop OS, for Internet services, for telecommunications, or for wireless services. Completely rewritten the ISECOM way, Hacking Exposed Linux, Third Edition provides the most up-to-date coverage available from a large team of topic-focused experts. The book is based on the latest ISECOM security research and shows you, in full detail, how to lock out intruders and defend your Linux systems against catastrophic attacks. Secure Linux by using attacks and countermeasures from the latest OSSTMM research; Follow attack techniques of PSTN, ISDN, and PSDN over Linux; Harden VoIP, Bluetooth, RF, RFID, and IR devices on Linux; Block Linux signal jamming, cloning, and eavesdropping attacks; Apply Trusted Computing and cryptography tools for your best defense; Fix vulnerabilities in DNS, SMTP, and Web 2.0 services; Prevent SPAM, Trojan, phishing, DoS, and DDoS exploits; Find and repair errors in C code with static analysis and Hoare Logic.

    1 2

    There are no comments on this title.

    to post a comment.