Building Secure Servers with Linux (Paperback)

Michael D. Bauer

  • 出版商: O'Reilly|英文2書85折
  • 出版日期: 2002-11-01
  • 定價: $1,480
  • 售價: 5.0$740
  • 語言: 英文
  • 頁數: 464
  • 裝訂: Paperback
  • ISBN: 0596002173
  • ISBN-13: 9780596002176
  • 相關分類: Linux
  • 立即出貨(限量) (庫存=1)




Linux consistently turns up high in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services like DNS and routing mail. But security is uppermost on the mind of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well.

As the cost of broadband and other high-speed Internet connectivity has gone down, and its availability has increased, more Linux users are providing or considering providing Internet services such as HTTP, Anonymous FTP, etc., to the world at large. At the same time, some important, powerful, and popular Open Source tools have emerged and rapidly matured--some of which rival expensive commercial equivalents--making Linux a particularly appropriate platform for providing secure Internet services.

Building Secure Servers with Linux will help you master the principles of reliable system and network security by combining practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--as a hub offering services to an organization or the larger Internet--and shows readers how to harden their hosts against attacks. Author Mick Bauer, a security consultant, network architect, and lead author of the popular Paranoid Penguin column in Linux Journal, carefully outlines the security risks, defines precautions that can minimize those risks, and offers recipes for robust security. The book does not cover firewalls, but covers the more common situation where an organization protects its hub using other systems as firewalls, often proprietary firewalls.

The book includes:

  • Precise directions for securing common services, including the Web, mail, DNS, and file transfer.
  • Ancillary tasks, such as hardening Linux, using SSH and certificates for tunneling, and using iptables for firewalling.
  • Basic installation of intrusion detection tools.

Writing for Linux users with little security expertise, the author explains security concepts and techniques in clear language, beginning with the fundamentals. Building Secure Servers with Linux provides a unique balance of "big picture" principles that transcend specific software packages and version numbers, and very clear procedures on securing some of those software packages. An all-inclusive resource for Linux users who wish to harden their systems, the book covers general security as well as key services such as DNS, the Apache Web server, mail, file transfer, and secure shell. With this book in hand, you'll have everything you need to ensure robust security of your Linux system.

Table of Contents


1. Threat Modeling and Risk Management

2. Designing Perimeter Networks

3. Hardening Linux

4. Secure Remote Administration

5. Tunneling

6. Securing Domain Name Services (DNS)

7. Securing Internet Email

8. Securing Web Services

9. Securing File Services

10. System Log Management and Monitoring

11. Simple Intrusion Detection Techniques

Appendix: Two Complete Iptables Startup Scripts





《使用Linux建立安全伺服器》將幫助您通過結合實用建議和對確保安全所需的技術工具的深入了解,掌握可靠的系統和網路安全原則。本書專注於Linux的最常見用途,即作為向組織或更大的網際網路提供服務的樞紐,並向讀者展示如何加強其主機的防禦能力以抵禦攻擊。作者Mick Bauer是一位安全顧問、網路架構師,也是Linux Journal中受歡迎的Paranoid Penguin專欄的主要作者,他仔細概述了安全風險,定義了可以減少這些風險的預防措施,並提供了強大安全的方法。本書不涵蓋防火牆,但涵蓋了更常見的情況,即組織使用其他系統作為防火牆來保護其樞紐,通常是專有防火牆。

- 精確指南,用於保護常見服務,包括網頁、郵件、DNS和檔案傳輸。
- 附加任務,例如加固Linux、使用SSH和憑證進行隧道連接,以及使用iptables進行防火牆設定。
- 基本入侵檢測工具的安裝。


1. 威脅建模和風險管理
2. 設計邊界網路
3. 加固Linux
4. 安全遠程管理
5. 隧道連接
6. 保護域名服務(DNS)
7. 保護網際網路郵件
8. 保護網頁服務
9. 保護檔案服務
10. 系統日誌管理和監控
11. 簡單入侵檢測技術