Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
---|---|---|---|---|---|
Searching... | 30000003863911 | QA76.76.O63 G37 1996 | Closed Access Book | 1:BOOK_ARC | Searching... |
On Order
Summary
Summary
When Practical UNIX Security was first published in 1991, it became an instant classic. Crammed with information about host security, it saved many a UNIX system administrator and user from disaster.This second edition is a complete rewrite of the original book. It's packed with twice the pages and offers even more practical information for UNIX users and administrators. It covers features of many types of UNIX systems, including SunOS, Solaris, BSDI, AIX, HP-UX, Digital UNIX, Linux, and others. The first edition was practical, entertaining, and full of useful scripts, tips, and warnings. This edition is all those things -- and more.If you are a UNIX system administrator or user in this security-conscious age, you need this book. It's a practical guide that spells out, in readable and entertaining language, the threats, the system vulnerabilities, and the countermeasures you can adopt to protect your UNIX system, network, and Internet connection. It's complete -- covering both host and network security -- and doesn't require that you be a programmer or a UNIX guru to use it. Practical UNIX & Internet Security describes the issues, approaches, and methods for implementing security measures. It covers UNIX basics, the details of security, the ways that intruders can get into your system, and the ways you can detect them, clean up after them, and even prosecute them if they do get in. Filled with practical scripts, tricks, and warnings, Practical UNIX & Internet Security tells you everything you need to know to make your UNIX system as secure as it possible can be.Contents include:
Part I: Computer Security Basics. Introduction and security policies. Part II: User Responsibilities. Users and their passwords, groups, the superuser, the UNIX filesystem, and cryptography. Part III: System Administrator Responsibilities. Backups, defending accounts, integrity checking, log files, programmed threats, physical security, and personnel security. Part IV: Network and Internet Security: telephone security, UUCP, TCP/IP networks, TCP/IP services, WWW, RPC, NIS, NIS+, Kerberos, and NFS. Part V: Advanced Topics: firewalls, wrappers, proxies, and secure programming. Part VI: Handling Security Incidents: discovering a breakin, U.S. law, and trust. VII: Appendixes. UNIX system security checklist, important files, UNIX processes, paper and electronic sources, security organizations, and table of IP services.Author Notes
Gene Spafford, Ph.D., CISSP, is an internationally renowned scientist, professor, and director of Purdue University CERIAS, the Center for Education and Research in Information Assurance and Security
Alan Schwartz, Ph.D., is assistant professor of clinical decision making in the Departments of Medical Education and Pediatrics at the University of Illinois at Chicago
Table of Contents
Preface | p. xiii |
Part I. Computer Security Basics | |
1. Introduction: Some Fundamental Questions | p. 3 |
What Is Computer Security? | p. 5 |
What Is an Operating System? | p. 6 |
What Is a Deployment Environment? | p. 8 |
2. Unix History and Lineage | p. 11 |
History of Unix | p. 12 |
Security and Unix | p. 23 |
Role of This Book | p. 30 |
3. Policies and Guidelines | p. 32 |
Planning Your Security Needs | p. 33 |
Risk Assessment | p. 35 |
Cost-Benefit Analysis and Best Practices | p. 38 |
Policy | p. 45 |
Compliance Audits | p. 53 |
Outsourcing Options | p. 54 |
The Problem with Security Through Obscurity | p. 61 |
Part II. Security Building Blocks | |
4. Users, Passwords, and Authentication | p. 67 |
Logging in with Usernames and Passwords | p. 68 |
The Care and Feeding of Passwords | p. 76 |
How Unix Implements Passwords | p. 82 |
Network Account and Authorization Systems | p. 91 |
Pluggable Authentication Modules (PAM) | p. 94 |
5. Users, Groups, and the Superuser | p. 98 |
Users and Groups | p. 98 |
The Superuser (root) | p. 105 |
The su Command: Changing Who You Claim to Be | p. 109 |
Restrictions on the Superuser | p. 117 |
6. Filesystems and Security | p. 122 |
Understanding Filesystems | p. 122 |
File Attributes and Permissions | p. 127 |
chmod: Changing a File's Permissions | p. 136 |
The umask | p. 142 |
SUID and SGID | p. 145 |
Device Files | p. 155 |
Changing a File's Owner or Group | p. 157 |
7. Cryptography Basics | p. 161 |
Understanding Cryptography | p. 161 |
Symmetric Key Algorithms | p. 169 |
Public Key Algorithms | p. 180 |
Message Digest Functions | p. 187 |
8. Physical Security for Servers | p. 194 |
Planning for the Forgotten Threats | p. 194 |
Protecting Computer Hardware | p. 197 |
Preventing Theft | p. 211 |
Protecting Your Data | p. 216 |
Story: A Failed Site Inspection | p. 226 |
9. Personnel Security | p. 230 |
Background Checks | p. 231 |
On the Job | p. 233 |
Departure | p. 236 |
Other People | p. 237 |
Part III. Network and Internet Security | |
10. Modems and Dialup Security | p. 241 |
Modems: Theory of Operation | p. 242 |
Modems and Security | p. 246 |
Modems and Unix | p. 257 |
Additional Security for Modems | p. 265 |
11. TCP/IP Networks | p. 267 |
Networking | p. 267 |
IP: The Internet Protocol | p. 271 |
IP Security | p. 290 |
12. Securing TCP and UDP Services | p. 305 |
Understanding Unix Internet Servers and Services | p. 306 |
Controlling Access to Servers | p. 314 |
Primary Unix Network Services | p. 329 |
Managing Services Securely | p. 389 |
Putting It All Together: An Example | p. 399 |
13. Sun RPC | p. 407 |
Remote Procedure Call (RPC) | p. 408 |
Secure RPC (AUTH_DES) | p. 411 |
14. Network-Based Authentication Systems | p. 421 |
Sun's Network Information Service (NIS) | p. 422 |
Sun's NIS+ | p. 431 |
Kerberos | p. 438 |
LDAP | p. 447 |
Other Network Authentication Systems | p. 453 |
15. Network Filesystems | p. 456 |
Understanding NFS | p. 457 |
Server-Side NFS Security | p. 468 |
Client-Side NFS Security | p. 473 |
Improving NFS Security | p. 474 |
Some Last Comments on NFS | p. 483 |
Understanding SMB | p. 485 |
16. Secure Programming Techniques | p. 498 |
One Bug Can Ruin Your Whole Day... | p. 498 |
Tips on Avoiding Security-Related Bugs | p. 505 |
Tips on Writing Network Programs | p. 514 |
Tips on Writing SUID/SGID Programs | p. 516 |
Using chroot() | p. 519 |
Tips on Using Passwords | p. 520 |
Tips on Generating Random Numbers | p. 522 |
Part IV. Secure Operations | |
17. Keeping Up to Date | p. 533 |
Software Management Systems | p. 533 |
Updating System Software | p. 538 |
18. Backups | p. 544 |
Why Make Backups? | p. 545 |
Backing Up System Files | p. 561 |
Software for Backups | p. 565 |
19. Defending Accounts | p. 571 |
Dangerous Accounts | p. 571 |
Monitoring File Format | p. 583 |
Restricting Logins | p. 584 |
Managing Dormant Accounts | p. 586 |
Protecting the root Account | p. 591 |
One-Time Passwords | p. 595 |
Administrative Techniques for Conventional Passwords | p. 600 |
Intrusion Detection Systems | p. 613 |
20. Integrity Management | p. 616 |
The Need for Integrity | p. 616 |
Protecting Integrity | p. 618 |
Detecting Changes After the Fact | p. 622 |
Integrity-Checking Tools | p. 630 |
21. Auditing, Logging, and Forensics | p. 641 |
Unix Log File Utilities | p. 642 |
Process Accounting: The acct/pacct File | p. 664 |
Program-Specific Log Files | p. 666 |
Designing a Site-Wide Log Policy | p. 670 |
Handwritten Logs | p. 673 |
Managing Log Files | p. 676 |
Unix Forensics | p. 677 |
Part V. Handling Security Incidents | |
22. Discovering a Break-in | p. 683 |
Prelude | p. 683 |
Discovering an Intruder | p. 686 |
Cleaning Up After the Intruder | p. 700 |
Case Studies | p. 713 |
23. Protecting Against Programmed Threats | p. 734 |
Programmed Threats: Definitions | p. 735 |
Damage | p. 746 |
Authors | p. 747 |
Entry | p. 749 |
Protecting Yourself | p. 750 |
Preventing Attacks | p. 762 |
24. Denial of Service Attacks and Solutions | p. 767 |
Types of Attacks | p. 767 |
Destructive Attacks | p. 769 |
Overload Attacks | p. 769 |
Network Denial of Service Attacks | p. 787 |
25. Computer Crime | p. 795 |
Your Legal Options After a Break-in | p. 795 |
Criminal Hazards | p. 801 |
Criminal Subject Matter | p. 805 |
26. Who Do You Trust? | p. 811 |
Can You Trust Your Computer? | p. 811 |
Can You Trust Your Suppliers? | p. 815 |
Can You Trust People? | p. 823 |
Part VI. Appendixes | |
A. Unix Security Checklist | p. 831 |
B. Unix Processes | p. 850 |
C. Paper Sources | p. 873 |
D. Electronic Resources | p. 883 |
E. Organizations | p. 896 |
Index | p. 907 |