Hacking Linux Exposed

Learn how to think like a hacker in order to secure your Linux network.

In the ever-changing world of global data communications, inexpensive Internet connections, and fast-paced software development, security is constantly being compromised. Linux has always been considered the digital playground for hackers. Many hacks, exploits, and network security tools are written on Linux because it's readily available. Hacking Linux Exposed: Linux Security Secrets and Solutions shows you, step-by-step, how to defend against the latest Linux attacks by understanding the hacker's methods and sinister thought processes. You'll learn how your adversaries gather information, acquire targets, escalate privilege, gain control, plant back doors, and cover their tracks. Each chapter is divided into bite-sized chunks, covering highly publicized and little-known break-ins, tips on why they occured, and detailed countermeasures that no Linux professional can afford to be without.

• Get details on the security features of each Linux distribution, including Red Hat Linux, SuSE, Debian, and SLackware
• Zero in on vulnerable systems using whois, traceroute, DNS zone transfers, OS detection, ping sweeps, and port scans
• Detect Trojan horses, backdoors, password cracking, IP spoofing, session hijacking. amd trail hiding
• Implement log analysis tools such as the Advanced Intrusion Detection Environment (AIDE) and advanced kernel security patches, including the Linux Intrusion Detection System (LIDS)
• Learn how to prevent local users from getting root privileges
• Prevent Denial of Service and other network attacks
• Configure FTP sites, DNS servers, and other daemons securely
• Plug common and obscure security holes in Sendmail, Qmail, Postfix, POP, and IMAP servers
• Defend against web server attacks using secure scripting techniques, user verification, and secure Apache Server configurations
• Design, position, and test secure firewalls and other network access restrictions

1. Locking into Linux
1. Linux Security Overview
• Why They Want to Root Your Box
• The Open Source Movement
• Open Source and Security
• Linux Users
• /etc/passwd
• How to Place Controls on Users
• Other Security Controls
• Summary
2. Proactive Measures and Recovering from a Break-In
• Proactive Measures
• Insecurity Scanners
• Scan Detectors
• Hardening Your System
• Log File Analysis
• Filesystem Integrity Checks
• Recovering from a Hack
• How to Know When You've Been Hacked
• What to Do After a Break-In
• Summary
3. Mapping Your Machine and Network
• Online Searches
• Whois Databases
• Ping Sweeps
• DNS Issues
• Example DNS Lookups
• DNS Query Security Issues
• DNSSEC
• Traceroutes
• Port Scanning
• OS Detection
• Active Stack Fingerprinting
• Passive Stack Fingerprinting
• Enumerating RPC Services
• File Sharing with NFS
• Simple Network Management Protocol (SNMP)
• Network Insecurity Scanners
• Summary
2. Getting In from the Outside
4. Social Engineering, Trojans, and Other Hacker Trickery
• Social Engineering
• Social Engineering Categories
• What to Do to Avoid Being Socially Engineered
• Hackers Do Their Homework
• Trojan Horses
• Methods of Trojan Delivery
• Viruses and Worms
• How Viruses and Worms Spread
• Viruses and Linux
• Worms and Linux
• IRC Backdoors
• Summary
5. Physical Attacks
• Attacking the Office
• Boot Access Is Root Access
• Encrypted Filesystems
• Summary
6. Attacking Over the Network
• Using the Network
• TCP/IP Networks
• Public Phone Networks
• Default or Bad Configurations
• NFS Mounts
• Netscape Default Configurations
• Squid
• X Windows System
• Default Passwords
• Sniffing Traffic
• How Sniffers Work
• Common Sniffers
• Guessing Passwords
• Vulnerabilities
• Buffer Overflows
• Vulnerable Services
• Vulnerable Scripts
• Unnecessary Services
• Using Netstat
• Using Lsof
• Using Nmap to Identify Services
• Turning Off Services
• Summary
7. Abusing the Network Itself
• DNS Exploits
• Routing Issues
• Advanced Sniffing and Session Hijacking
• Hunt
• Dsniff
• Man-in-the-Middle Attacks
• Denial-of-Service Attacks
• Floods
• TCP/IP Exploits
• Abusing Trust Relationships
• Implementing Egress Filtering
• Summary
3. Local User Attacks
8. Elevating User Privileges
• Users and Privileges
• Elevation of Privilege
• Trusted Paths and Trojan Horses
• Password Storage and Use
• Group Membership
• Special-Purpose Groups and Device Access
• Sudo
• Setuserid Programs
• Hacker Setuserid Programs on Mounted Filesystems
• Attacks Against Poor Programming
• Hardlinks and Symlinks
• Input Validation
• Summary
9. Password Cracking
• How Passwords Work in Linux
• /etc/passwd
• Linux Encryption Algorithms
• Password Cracking Programs
• Other Cracking Programs
• Availability of Dictionaries
• Shadow Passwords and /etc/shadow
• Shadow Passwords Explained
• Shadow Passwords Command Suite
• Apache Password Files
• Pluggable Authentication Modules
• Password Protection
• Summary
10. How Hackers Maintain Access
• Host-Based Authentication and User Access
• Passwordless Remote Access with the r-Commands
• Passwordless Logons with Ssh
• Network Accessible Root Shells
• Trojaned System Programs
• Trail Hiding
• Back Doors
• Kernel Hacks
• Rootkits
• Summary
4. Server Issues
11. Mail and FTP Security
• Mail Security
• Mail Transfer Agents
• Mail Server Insecurities
• File Transfer Protocol (FTP)
• The FTP Protocol
• Sample FTP Session
• Active Mode FTP
• Passive Mode FTP
• Port Scanning Through Third-Party FTP Servers
• Enabling Third-Party FTP
• Insecure Stateful FTP Firewall Rules
• Anonymous FTP Problems
• Summary
• Mail Servers
• FTP
12. Web Servers and Dynamic Content
• Making an HTTP Request
• Apache Web Server
• Apache Configuration
• Problems with CGI Programs
• Insecure CGI Programs
• Other Linux Web Servers
• Summary
13. Access Control and Firewalls
• An Overview of inetd and xinted
• inetd
• xinetd
• Firewalls: Kernel-Level Access Control
• Types of Firewalls
• Linux Packet Filtering
• Blocking Specific Network Access
• Firewall Strategy
• Firewall Products
• Summary
5. Appendixes
1. Keeping Your Programs Current
• Red Hat's Rpm
• Debian's Dpkg and Apt
• Slackware Packages
2. Turning Off Unneeded Services
• Runlevels
• The /etc/rc#.d Directories
• Turning Off Specific Services
• Red Hat
• SuSE
• Inetd Network Services
3. Online Resources
• Vendor Mailing Lists
• Other Security Mailing Lists
• Security and Hacking Web Sites
• Newsgroups
• The Hacking Linux Exposed Web Site
4. Case Studies
• Case Study A
• Background
• Sleuthing
• Attempting to Log In
• Looking for Another Door
• Intruder Expelled
• Case Study B
• Scoping Out the Target
• Mapping the Network
• Getting In
• Entering the Server Room
• Breaking into the Monitoring Host
• Investigating the Compromised Host
• Sniffing the Network
• Watching the Logs
• Turning Sniffing Back Off
• Where to Go Now?
• The Chase
• Out, but Not Forever
• Case Study C
• Scanning the Machine
• Probing Sendmail
• Probing the Web Server
• Looking for CGIs
• Attacking the CGIs
• Hiding His Tracks
• Creating a Permanent Connection
• Firewall Interference
• Hacking from a Local Account
• Scanning for Network Services, Take 2
• Attacking the FTP Server
• Wrapping Things Up

If you work with Linux and security, you need this. There exists a number of editions, which seems to indicate that they are trying to make a fast buck from current trends. Just buy one edition.