By James Turnbull
After studying this booklet, i feel it will likely be the required better half I hand out to new Linux directors, in addition to crucial method management. the 1st 6 chapters are remarkable. i will not say adequate good stuff approximately them. The insurance of PAM is best than something i've got visible. The insurance of authentication, teams, clients and top practices surrounding them used to be first-class in addition. The logging bankruptcy on my own is maybe definitely worth the buy of the ebook.
After the 1st part, the booklet covers extra particular issues which are of much less curiosity to me. I detect lot of individuals use e mail, of all types. bankruptcy 7, eight and nine conceal electronic mail, and that i simply wasn't that fascinated about it.
Chapter 10 coated securing FTP, that is great, and eleven covers Bind. i suppose i'm wondering why a few of the issues have been selected. there are complete books on electronic mail and bind, to be had, yet there's not regularly strong fabric for another providers, like CUPS, might be a few web-based management instruments, or SELinux. The insurance of subject matters that made the desk of contents are excellent.
I could say while you're new to Linux safety, or a professional participant trying to find simply one other reference, this ebook is excellent.
Read Online or Download Hardening Linux (Volume 0) PDF
Similar linux books
Make a journey into the area of platforms management, programming, networking, tech aid, and residing in Silicon Valley. The Bozo Loop is a suite of news from 2011 which reveal the interior workings of items a few humans might quite preserve quiet.
Inside, you will discover out what it's prefer to be a lady operating at one of many tech sector's darling businesses, and while advertising and marketing doesn't fit truth. See the side-effects of bean-counters arriving and commencing to squeeze the lifestyles out of a formerly-vibrant engineering culture.
You're alongside for the trip as undesirable consumer interfaces are known as out and ripped aside piece via piece. it's also possible to see what occurs while technicians mutiny and the real that means of "Project Darkness" and "Umbrellagate", together with pictures!
There also are stories of troubleshooting loopy difficulties for hosting buyers and rigging actually evil hacks to maintain badly-designed platforms working. eventually, you could find out about more moderen initiatives just like the large Trunking Scanner, and what it takes to construct a method that no-one has ever attempted before.
Hosers, ramrods and bozos alike, watch out!
Up to date for the newest LPIC-1 checks a hundred and one and 102
The LPIC-1 certification measures your knowing of the Linux Kernel. because the Linux server industry keeps to develop, so does the call for for qualified Linux directors. arrange for the most recent models of the LPIC-1 assessments one hundred and one and 102 with the hot version of this targeted research advisor. This sensible booklet covers key Linux management issues and all examination pursuits and comprises real-world examples and assessment inquiries to assist you perform your talents. additionally, you'll achieve entry to a whole set of on-line research instruments, together with bonus perform assessments, digital flashcards, and more.
• Prepares applicants to take the Linux expert Institute checks a hundred and one and 102 and accomplish their LPIC-1 certification
• Covers all examination pursuits and lines accelerated assurance on key issues within the exam
• contains real-world situations, and not easy evaluation questions
• themes comprise method structure, install, GNU and Unix instructions, Linux filesystems, crucial approach prone, networking basics, safety, and more
Approach the LPIC-1 certification assessments with self assurance, with LPIC-1: Linux expert Institute Certification learn advisor, 3rd version.
As Linux raises its presence through the international as a objective platform for pro program improvement, its progress as a strong, versatile process delivering many unfastened improvement instruments assures its position sooner or later. by way of supplying you with easy accessibility to this accomplished variety of instruments, aiding new and nascent applied sciences, at very little expense, constructing with Linux lets you observe the answer that is good for you.
The Debian GNU/Linux working approach techniques Linux procedure management another way than different renowned Linux distributions, favoring text-based configuration mechanisms over graphical person interfaces (GUIs). Debian might sound simplistic or even a bit outmoded, however it is admittedly very powerful, scalable, and safe.
- Official Red Hat Linux User's Guide
- Red Hat Linux Unleashed, 2nd edition
- Red Hat Linux networking & system administration
- The GNU Make Book
- Linux Universe: Installation and Configuration
Additional resources for Hardening Linux (Volume 0)
O noshell Now you can use /sbin/noshell as the shell for those users for which you do not want a shell login. daemon:x:2:2:daemon:/sbin:/sbin/noshell When a user with their shell set to noshell attempts a log into the system, the following log entry will be generated to the auth facility with a log level of warning, and you can monitor for this. Jul 25 14:51:47 puppy -noshell: Titan warning: user bob login from a ➥ disabled shell ■Caution Just remember to ensure the noshell binary is not added to your /etc/shells file.
This allows you, for example, to create an additional menu of other kernels or boot options available only to those users who provide the required password. Like LILO, Grub allows you to protect a specific boot entry. It offers two ways of protecting a particular entry. If you specify the option lock directly after the title entry, then you will not be able to run that boot entry without entering a password previously specified by the password option. 7) kernel image. You can also use the password option within a boot entry to allow you to specify a particular password for each boot entry; Listing 1-4 shows you how to do it.
The useradd -D Defaults Option Description -b path/to/default/home Specifies the initial path prefix of a new user’s home directory -e date Specifies the default expiry date -f days Specifies the number of days after a password has expired before the account will be disabled -g group Specifies the default group -s shell Specifies the default shell As I have shown in Table 1-2 another option in the /etc/defaults/useradd file, the SKEL option, specifies a location under which you can create the required default directory and file structure for all of your users.