Building Secure Servers with Linux (Paperback)
暫譯: 使用 Linux 建立安全伺服器 (平裝本)

Michael D. Bauer

  • 出版商: O'Reilly
  • 出版日期: 2002-11-01
  • 定價: $1,480
  • 售價: 5.0$740
  • 語言: 英文
  • 頁數: 464
  • 裝訂: Paperback
  • ISBN: 0596002173
  • ISBN-13: 9780596002176
  • 相關分類: Linux
  • 立即出貨(限量) (庫存=1)

買這商品的人也買了...

相關主題

商品描述

Linux consistently turns up high in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services like DNS and routing mail. But security is uppermost on the mind of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well.

As the cost of broadband and other high-speed Internet connectivity has gone down, and its availability has increased, more Linux users are providing or considering providing Internet services such as HTTP, Anonymous FTP, etc., to the world at large. At the same time, some important, powerful, and popular Open Source tools have emerged and rapidly matured--some of which rival expensive commercial equivalents--making Linux a particularly appropriate platform for providing secure Internet services.

Building Secure Servers with Linux will help you master the principles of reliable system and network security by combining practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--as a hub offering services to an organization or the larger Internet--and shows readers how to harden their hosts against attacks. Author Mick Bauer, a security consultant, network architect, and lead author of the popular Paranoid Penguin column in Linux Journal, carefully outlines the security risks, defines precautions that can minimize those risks, and offers recipes for robust security. The book does not cover firewalls, but covers the more common situation where an organization protects its hub using other systems as firewalls, often proprietary firewalls.

The book includes:

  • Precise directions for securing common services, including the Web, mail, DNS, and file transfer.
  • Ancillary tasks, such as hardening Linux, using SSH and certificates for tunneling, and using iptables for firewalling.
  • Basic installation of intrusion detection tools.


Writing for Linux users with little security expertise, the author explains security concepts and techniques in clear language, beginning with the fundamentals. Building Secure Servers with Linux provides a unique balance of "big picture" principles that transcend specific software packages and version numbers, and very clear procedures on securing some of those software packages. An all-inclusive resource for Linux users who wish to harden their systems, the book covers general security as well as key services such as DNS, the Apache Web server, mail, file transfer, and secure shell. With this book in hand, you'll have everything you need to ensure robust security of your Linux system.

Table of Contents

Preface

1. Threat Modeling and Risk Management

2. Designing Perimeter Networks

3. Hardening Linux

4. Secure Remote Administration

5. Tunneling

6. Securing Domain Name Services (DNS)

7. Securing Internet Email

8. Securing Web Services

9. Securing File Services

10. System Log Management and Monitoring

11. Simple Intrusion Detection Techniques

Appendix: Two Complete Iptables Startup Scripts

Index

商品描述(中文翻譯)

Linux 在熱門的網際網路伺服器列表中始終名列前茅,無論是用於網頁、匿名 FTP,還是像 DNS 和郵件路由這樣的一般服務。然而,提供這些服務的人最關心的就是安全性。任何伺服器每天都會遭遇數十次的隨意探測嘗試,並且也會有一定頻率的嚴重入侵嘗試。

隨著寬頻和其他高速網際網路連接的成本下降以及可用性增加,越來越多的 Linux 使用者開始提供或考慮提供 HTTP、匿名 FTP 等網際網路服務給全世界。同時,一些重要、強大且受歡迎的開源工具也相繼出現並迅速成熟,其中一些甚至可以與昂貴的商業同類產品相媲美,使得 Linux 成為提供安全網際網路服務的特別合適平台。

《Building Secure Servers with Linux》將幫助您掌握可靠系統和網路安全的原則,通過實用建議與確保安全所需的技術工具的堅實知識相結合。這本書專注於 Linux 的最常見用途——作為一個為組織或更大網際網路提供服務的中心,並向讀者展示如何加固他們的主機以抵禦攻擊。作者 Mick Bauer 是一位安全顧問、網路架構師,以及《Linux Journal》中受歡迎的 Paranoid Penguin 專欄的首席作者,他仔細概述了安全風險,定義了可以最小化這些風險的預防措施,並提供了強健安全的配方。這本書不涵蓋防火牆,但涵蓋了更常見的情況,即組織使用其他系統作為防火牆來保護其中心,這些系統通常是專有的防火牆。

本書包括:
- 確保常見服務(包括網頁、郵件、DNS 和檔案傳輸)的精確指導。
- 附加任務,例如加固 Linux、使用 SSH 和證書進行隧道傳輸,以及使用 iptables 進行防火牆設置。
- 入侵檢測工具的基本安裝。

本書針對安全專業知識較少的 Linux 使用者,作者以清晰的語言解釋安全概念和技術,從基本原則開始。《Building Secure Servers with Linux》提供了超越特定軟體包和版本號的「大局」原則的獨特平衡,以及針對某些軟體包的非常清晰的安全程序。這是一本針對希望加固其系統的 Linux 使用者的全方位資源,涵蓋一般安全性以及 DNS、Apache 網頁伺服器、郵件、檔案傳輸和安全外殼等關鍵服務。有了這本書,您將擁有確保 Linux 系統強健安全所需的一切。

目錄

前言

1. 威脅建模與風險管理
2. 邊界網路設計
3. 加固 Linux
4. 安全的遠端管理
5. 隧道傳輸
6. 確保域名服務 (DNS)
7. 確保網際網路電子郵件
8. 確保網頁服務
9. 確保檔案服務
10. 系統日誌管理與監控
11. 簡單的入侵檢測技術
附錄:兩個完整的 Iptables 啟動腳本
索引