Linux Essentials for Cybersecurity

About

Features

• Review Linux operating system components from the standpoint of security
• Master key commands, tools, and skills for securing Linux systems
• Troubleshoot common Linux security problems, one step at a time
• Protect user and group accounts with Pluggable Authentication
• Modules (PAM), SELinux, passwords, and policies
• Safeguard files and directories with permissions and attributes
• Create, manage, and protect storage devices: both local and networked
• Automate system security 24/7 by writing and scheduling scripts
• Maintain network services, encrypt network connections, and secure network-accessible processes
• Examine which processes are running—and which may represent a threat
• Use system logs to pinpoint potential vulnerabilities
• Keep Linux up-to-date with Red Hat or Debian software management tools
• Modify boot processes to harden security
• Master advanced techniques for gathering system information
• Designed for one of the courses in Pearson’s IT Cybersecurity Curriculum

Description

ALL YOU NEED TO KNOW TO SECURE LINUX SYSTEMS, NETWORKS, APPLICATIONS, AND DATA–IN ONE BOOK

From the basics to advanced techniques: no Linux security experience necessary
Realistic examples & step-by-step activities: practice hands-on without costly equipment
The perfect introduction to Linux-based security for all students and IT professionals

Linux distributions are widely used to support mission-critical applications and manage crucial data. But safeguarding modern Linux systems is complex, and many Linux books have inadequate or outdated security coverage.

Linux Essentials for Cybersecurity is your complete solution. Leading Linux certification and security experts William “Bo” Rothwell and Dr. Denise Kinsey introduce Linux with the primary goal of enforcing and troubleshooting security. Their practical approach will help you protect systems, even if one or more layers are penetrated.

First, you’ll learn how to install Linux to achieve optimal security upfront, even if you have no Linux experience. Next, you’ll master best practices for securely administering accounts, devices, services, processes, data, and networks. Then, you’ll master powerful tools and automated scripting techniques for footprinting, penetration testing, threat detection, logging, auditing, software management, and more.

To help you earn certification and demonstrate skills, this guide covers many key topics on CompTIA Linux+ and LPIC-1 exams. Everything is organized clearly and logically for easy understanding, effective classroom use, and rapid on-the-job training.

LEARN HOW TO:

• Review Linux operating system components from the standpoint of security
• Master key commands, tools, and skills for securing Linux systems
• Troubleshoot common Linux security problems, one step at a time
• Protect user and group accounts with Pluggable Authentication
• Modules (PAM), SELinux, passwords, and policies
• Safeguard files and directories with permissions and attributes
• Create, manage, and protect storage devices: both local and networked
• Automate system security 24/7 by writing and scheduling scripts
• Maintain network services, encrypt network connections, and secure network-accessible processes
• Examine which processes are running–and which may represent a threat
• Use system logs to pinpoint potential vulnerabilities
• Keep Linux up-to-date with Red Hat or Debian software management tools
• Modify boot processes to harden security
• Master advanced techniques for gathering system information

Sample Content

Online Sample Chapter

Managing Group Accounts in Ubuntu

Table of Contents

Introduction xxix
Part I: Introducing Linux 2
Chapter 1 Distributions and Key Components 4
    Introducing Linux 4
    Linux Distributions 5
        Shells 6
        GUI Software 7
    Installing Linux 7
        Which Distro? 8
        Native or Virtual Machine? 9
        Installing a Distro 10
    Summary 12
        Key Terms 12
        Review Questions 12
Chapter 2 Working on the Command Line 14
    File Management 14
        The Linux Filesystem 14
        Command Execution 16
        The pwd Command 16
        The cd Command 16
        The ls Command 17
        File Globbing 18
        The file Command 19
        The less Command 19
        The head Command 19
        The tail Command 20
        The mdkir Command 20
        The cp Command 20
        The mv Command 21
        The rm Command 21
        The rmdir Command 22
        The touch Command 22
    Shell Features 22
        Shell Variables 22
        Initialization Files 27
        Alias 28
        Command History 29
        Redirecting Input and Output 30
    Advanced Commands 33
        The find Command 33
        Regular Expressions 35
        The grep Command 36
        The sed Command 37
        Compression Commands 38
    Summary 40
        Key Terms 40
        Review Questions 41
Chapter 3 Getting Help 42
    Man Pages 42
        Man Page Components 42
        Man Page Sections 43
        Man Page Locations 46
    Command Help Options 46
    The help Command 46
    The info Command 47
    The /usr/share/doc Directory 48
    Internet Resources 49
    Summary 50
        Key terms 50
        Review Questions 51
Chapter 4 Editing Files 52
    The vi Editor 52
        What Is vim? 53
        Essential vi Commands 54
        Use Basic vi Modes 54
        Entering the Insert Mode 55
        Movement Commands 56
        Repeater Modifiers 57
        Undoing 57
        Copying, Deleting, and Pasting 58
        Finding Text 59
        Find and Replace 60
        Saving and Quitting 61
        Expand Your vi Knowledge 62
    Additional Editors 63
        Emacs 63
        gedit and kwrite 65
        nano and joe 65
        lime and bluefish 65
    Summary 66
        Key Terms 66
        Review Questions 66
Chapter 5 When Things Go Wrong 68
    The Science of Troubleshooting 68
        Step 1: Gathering Information 69
        Step 2: Determine the Likely Cause 70
        Step 3: Document Your Plan of Attack (POA) 71
        Step 4: Perform the Actions 71
        Steps 5 and 6: Is the Problem Solved? 71
        Step 7: Are There Other Problems? 71
        Step 8: Store the Documentation 72
        Step 9: Prevent Future Problems 72
    Notifying Users 72
        Pre- and Post-login Messages 72
        Broadcasting Messages 77
    Summary 79
        Review Questions 79
Part II: User and Group Accounts 80
Chapter 6 Managing Group Accounts 82
    What Are Groups Used For? 82
        Primary versus Secondary Groups 82
        The /etc/group File 84
        Special Groups 85
        User Private Groups 86
        The /etc/gshadow File 88
    Managing Groups 90
        Creating Groups 90
        Modifying Groups 91
        Deleting Groups 91
        Adding Users to Groups 92
        Group Administrators 93
    Summary 93
        Key Terms 93
        Review Questions 94
Chapter 7 Managing User Accounts 96
    The Importance of User Accounts 96
        User Account Information 96
        The /etc/passwd File 97
        Special Users 98
        The /etc/shadow File 99
    Managing Users 102
        Creating Users 102
        Modifying Users 105
        Managing GECOS 105
        Deleting Users 107
        Restricted Shell Accounts 107
    Network-Based User Accounts 108
    Using su and sudo 108
    Restricting User Accounts 111
    Summary 116
        Key Terms 116
        Review Questions 117
Chapter 8 Develop an Account Security Policy 118
    Introducing Kali Linux 118
    Security Principles 119
    Creating a Security Policy 120
    Securing Accounts 120
        Physical Security 120
        Educating Users 121
        Account Security 121
    Security Tools 124
        The john and Johnny Tools 124
        The hydra tool 125
    Summary 126
        Review Questions 126
Part III File and Data Storage 128
Chapter 9 File Permissions 130
    Standard Permissions 130
        Viewing Permissions 130
        Files Versus Directories 131
        Changing Permissions 131
    Default Permissions 132
    Special Permissions 134
        SUID 134
        SGID 136
        Sticky Bit 138
    Access Control Lists (ACLs) 139
        The mask Value 141
        Default ACLs 141
    Changing Ownership 143
        chown 143
        chgrp 144
    File Attributes 145
    Introduction to SELinux 146
        Users Create Security Holes 146
        Daemon Processes Create Security Holes 146
        SELinux Essentials 147
    Summary 149
        Key Terms 150
        Review Questions 150
Chapter 10 Manage Local Storage: Essentials 152
    Filesystem Essentials 152
        Partitions 152
        Filesystems 153
        Why So Many Partitions/Filesystems? 154
        Which Partitions/Filesystems Should Be Created? 155
    Filesystem Types 155
        Managing Partitions 156
        Ext-Based Filesystem Tools 161
        Xfs-Based Filesystem Tools 166
    Additional Filesystem Tools 170
        du 170
        df 170
    Mounting Filesystems 170
        The umount Command 171
        The mount Command 171
        Mounting Filesystems Manually 173
        Problems Unmounting Filesystems 174
        Mounting Filesystems Automatically 175
        Device Descriptors 176
        Mount Options 177
        Mounting Removable Media 179
        Swap Space 179
        Creating Swap Devices 180
    Summary 181
        Key Terms 181
        Review Questions 181
Chapter 11 Manage Local Storage: Advanced Features 184
    Encrypted Filesystems 184
    Managing autofs 186
    Logical Volume Manager 189
        Logical Volume Manager Concepts 190
        LVM Essentials 192
        Using Logical Volumes and Additional LVM Commands 197
        Resizing Logical Volumes 201
        LVM Snapshots 204
    Disk Quotas 206
        Setting Up a Disk Quota for a Filesystem 207
        Editing, Checking, and Generating User Quota Reports 207
    Hard and Soft Links 210
        Why Use Links? 211
        Creating Links 211
        Displaying Linked Files 212
    Summary 212
        Key Terms 212
        Review Questions 212
Chapter 12 Manage Network Storage 214
    Samba 214
        SAMBA Configuration 215
        SAMBA Server 218
        SAMBA Accounts 220
        Accessing SAMBA Servers 221
    Network File System 223
        Configuring an NFS Server 224
        Configuring an NFS Client 229
        iSCSI 230
    Summary 236
        Key Terms 236
        Review Questions 236
Chapter 13 Develop a Storage Security Policy 240
    Developing the Plan 240
    Backing Up Data 241
        Creating a Backup Strategy 241
        Standard Backup Utilities 246
        Third-party Backup Utilities 250
    Summary 250
        Key Terms 251
        Review Questions 251
Part IV: Automation 252
Chapter 14 crontab and at 254
    Using crontab 254
        Configure User Access to the cron Service 256
        /etc/crontab 258
        /etc/anacrontab 260
    Using at 261
        atq 261
        atrm 262
        Configure User Access to at Services 262
    Summary 263
        Key Terms 263
        Review Questions 263
Chapter 15 Scripting 264
    Linux Programming 264
        BASH Shell Scripting 265
        Perl Scripting 265
        Python Scripting 266
    Basics of BASH Scripting 268
        Conditional Expressions 269
    Flow Control Statements 271
        The while Loop 272
        The for Loop 272
        Loop Control 272
        The case Statement 272
    User Interaction 273
    Using Command Substitution 274
    Additional Information 274
    Summary 274
        Key Terms 274
        Review Questions 275
Chapter 16 Common Automation Tasks 276
    Exploring Scripts that Already Exist on Your System 276
        The /etc/cron.* Directories 276
        Repositories 279
    Creating Your Own Automation Scripts 280
    Summary 281
        Key Terms 281
        Review Questions 281
Chapter 17 Develop an Automation Security Policy 282
    Securing crontab and at 282
    Securing BASH Scripts 283
        Access to Scripts 283
        Script Contents 284
        Dealing with Data 284
        Shell Settings 284
        Shell Style 285
    Summary 285
        Review Questions 285
Part V: Networking 286
Chapter 18 Networking Basics 288
    Network Terminology 288
    IPv4 Versus IPv6 290
    IPv4 Addresses 292
        Determining a Network Address from an IP Address and Subnet 293
        Private IP Addresses 294
    Common Protocol Suites 294
    Network Ports 295
    Summary 297
        Key Terms 297
        Review Questions 297
Chapter 19 Network Configuration 298
    Ethernet Network Interfaces 298
        Displaying Ethernet Port Configurations 299
        Changing Ethernet Port Settings 300
        Network Configuration Tools 301
        The arp Command 302
        The route Command 303
        The ip Command 304
        The hostname Command 305
        The host Command 305
        The dig Command 306
        The netstat Command 307
    Persistent Network Configurations 307
        The /etc/hostname File (Universal) 307
        The /etc/hosts File (Universal) 307
        The /etc/resolv.conf File (Universal) 308
        The /etc/nsswitch.conf File (Universal) 308
        The /etc/sysctl.conf File (Universal) 309
        The /etc/sysconfig/network File (Red Hat) 310
        The /etc/sysconfig/network-scripts/ifcfg-interface-name Files (Red Hat) 310
        The /etc/network/interfaces File (Debian) 311
    Network Troubleshooting Commands 311
        The ping Command 311
        The traceroute Command 312
        The netcat Command 313
    Access to Wireless Networks 314
        The iwconfig Command 314
        The iwlist Command 315
    Summary 316
        Key Terms 316
        Review Questions 317
Chapter 20 Network Service Configuration: Essential Services 318
    DNS Servers 318
        Essential Terms 319
        How Name Resolution Works 320
        Basic BIND Configuration 322
    Zone Files 326
        Zone File Basics 326
        Zone File Entries in the /etc/named.conf File 327
        Zone File Syntax 328
        Zone Record Types 329
        Putting It All Together 333
        Slave BIND Servers 335
        Testing the DNS Server 336
        The dig Command 336
    Securing BIND 337
        Sending BIND to Jail 337
        Split BIND Configuration 340
        Transaction Signatures 341
    DHCP Server 343
        DHCP Configuration Basics 344
        Configuring Static Hosts 346
        DHCP Log Files 347
    Email Servers 347
        SMTP Basics 348
        Configuring Postfix 349
    Managing Local Email Delivery 353
        procmail Basics 354
        procmail Rules 355
        procmail Examples 357
        mbox and Maildir Formats 357
    Remote Email Delivery 358
        IMAP and POP Essentials 358
        The Dovecot Server 359
    Summary 362
        Key Terms 362
        Review Questions 362
Chapter 21 Network Service Configuration: Web Services 364
    Apache Web Server 364
    Basic Apache Web Server Configuration 365
        Starting the Apache Web Server 366
        Apache Web Server Log Files 367
        Enable Scripting 367
    Apache Web Server Security 370
        Essential Settings 370
        User Authentication 372
    Virtual Hosts 372
        Configuring IP-Based Virtual Hosts 373
        Configuring Name-Based Virtual Hosts 373
    HTTPS 374
        SSL Essentials 375
        SSL Issues 375
        Self-Signing 376
    SSL and Apache 376
        SSL Server Certificate 377
        Apache SSL Directives 381
    Proxy Servers 382
        Tunneling Proxy 383
        Forward Proxy 383
        Reverse Proxy 383
        Squid Basics 384
        Nginx Configuration 387
        Client Configuration 389
    Summary 391
        Key Terms 391
        Review Questions 391
Chapter 22 Connecting to Remote Systems 394
    LDAP 394
        Key LDAP Terms 395
        The slapd.conf File 397
        Starting the LDAP Server 399
        OpenLDAP Objects 401
        OpenLDAP Schemas 401
        OpenLDAP Database Changes 402
        Using the ldapdelete Command 404
        Using the ldapsearch Command 405
        Using the ldappasswd Command 407
        Connecting to an LDAP Server 408
    FTP Servers 408
        Configuring vsftpd 409
        Connecting to an FTP server 412
    Secure Shell 415
        Configuring the Secure Shell Server 416
        Secure Shell Client Commands 418
        Advanced SSH Features 421
    Summary 423
        Key Terms 423
        Review Questions 423
Chapter 23 Develop a Network Security Policy 426
    Kernel Parameters 426
        The /etc/sysctl.conf File 426
        Ignoring ping Requests 427
        Ignoring Broadcast Requests 428
        Enabling TCP SYN Protection 428
        Disabling IP Source Routing 428
    TCP Wrappers 428
    Network Time Protocol 430
        Setting the System Clock Manually 430
        Setting the System Time Zone Manually 432
        Setting the System Date Using NTP 434
    Summary 436
        Key Terms 436
        Review Questions 436
Part VI: Process and Log Administration 438
Chapter 24 Process Control 440
    Viewing Processes 440
        The ps Command 440
        The pgrep Command 442
        The top Command 442
        The uptime Command 444
        The free Command 445
    Running Processes 445
        Pausing and Restarting Processes 446
    Killing Processes 447
        The kill Command 447
        The pkill Command 448
        The killall Command 448
        The xkill Command 449
    The nohup Command 450
    Process Priority 450
        The nice Command 450
        The renice Command 450
    Summary 451
        Key Terms 451
        Review Questions 451
Chapter 25 System Logging 452
    Syslog 452
        The syslogd Daemon 452
        The /var/log Directory 453
        The /etc/syslog.conf File 454
        Creating Your Own /etc/syslog.conf Entry 457
    The logrotate Command 458
        The /etc/logrotate.conf File 458
    The journalctl Command 459
        The /etc/systemd/journald.conf file 460
    Summary 461
        Key Terms 461
        Review Questions 461
Part VII: Software Management 462
Chapter 26 Red Hat—Based Software Management 464
    Red Hat Packages 464
        How to Obtain Packages 465
        The /var/lib/rpm Directory 465
    Using the rpm Command 466
        Listing rpm Information 466
        Installing Packages with rpm 472
        Removing Packages with rpm 474
        rpm2cpio 475
    The yum Command 475
        Repositories 475
        Using the yum Command 477
    Additional Tools 484
    Summary 484
        Key Terms 485
        Review Questions 485
Chapter 27 Debian-Based Software Management 486
    Managing Packages with dpkg 486
        Listing Package Information with dpkg 486
        Installing Software with dpkg 489
        Reconfiguring Software with dpkg 490
        Extracting Files from a Debian Package 490
        Removing Packages with the dpkg Command 491
    Managing Packages with APT 492
        APT Repositories 492
        Creating a Source Repository 494
    Listing Package Information with APT Commands 494
        Installing Packages with APT Commands 496
        Removing Packages with APT Commands 499
        Additional APT Features 500
    Summary 500
        Key Terms 500
        Review Questions 500
Chapter 28 System Booting 502
    Phases of the Boot Process 502
        The BIOS/UEFI Phase 502
        The Bootloader Phase 503
        The Kernel Phase 503
        The Post-Kernel Phase 504
    GRUB 504
        Legacy GRUB Configuration 504
        GRUB 2 Configuration 512
    Kernel Components 517
        Kernel Documentation 517
        Tweaking the Kernel 517
        Kernel Images 518
        Kernel Modules 519
        The /proc/sys Filesystem 526
    The init Phase 528
        Configuring Systemd 528
    Summary 531
        Key Terms 531
        Review Questions 532
Chapter 29 Develop a Software Management Security Policy 534
    Ensuring Software Security 534
        Keep Packages Up to Date 534
        Consider Removing Unnecessary Packages 535
        Ensure You Install from Trusted Sources 536
        CVE 537
        Distribution-Specific Security Alerts 538
    xinetd 539
    Summary 540
        Key Terms 540
        Review Questions 541
Part VIII: Security Tasks 542
Chapter 30 Footprinting 544
    Understanding Footprinting 544
    Common Footprinting Tools 545
        The nmap Command 545
        The netstat Command 548
        The lsof Command 551
        The nc Command 552
        The tcpdump Command 554
        Additional Utilities 555
    Kali Linux Utilities 555
        Essential Information Gathering 555
        DNS Analysis Tools 556
        Host Identification Tools 557
        OSINT Tools 557
        Route Analysis Tools 558
    Summary 559
        Key Terms 559
        Review Questions 559
Chapter 31 Firewalls 560
    Introduction to Firewalls 560
    Essentials of the iptables Command 560
        Overview of Filtering Packets 561
        Important Terms 563
    Using iptables to Filter Incoming Packets 564
        Filtering by Protocol 566
        Multiple Criteria 567
        Filtering Based on Destination 567
        Changing the Default Policy 568
        Revisiting the Original Rules 569
        Saving the Rules 569
    Using iptables to Filter Outgoing Packets 569
    Implementing NAT 570
    Summary 571
        Key Terms 571
        Review Questions 571
Chapter 32 Intrusion Detection 572
    Introduction to Intrusion Detection Tools 572
        Determining If a Security Breach Has Occurred 572
        Taking Action 573
    Intrusion Detection Network Tools 573
        The netstat Command 573
        The nmap Command 574
        The tcpdump Command 575
    Intrusion Detection File Tools 575
        Modifying the /etc/passwd and /etc/shadow Files to Create a Backdoor 575
        Creating an SUID Program to Create a Backdoor 576
        Incorporating File-Change Tools in the Intrusion Detection Plan 577
    Additional Intrusion Detection Tools 577
    Summary 579
        Key Terms 579
        Review Questions 579
Chapter 33 Additional Security Tasks 580
    The fail2ban Service 580
    OpenVPN 581
        Configuring the Certificate Authority 582
        Generating the VPN Server Certificate 583
        Generating the VPN Client Certificate 585
        Setting Up the Basic Server 586
        Setting Up the Basic Client 587
    gpg 589
    Security Alert Services 591
    Summary 591
        Key Terms 591
        Review Questions 592
Appendix A Answers to Review Questions 594
Appendix B Resource Guide 604
Glossary 612
9780789759351, TOC, 6/22/2018

Updates

Submit Errata