Gain a firm practical understanding of how to secure your Linux system from intruders, malware attacks, and other cyber threats

Key Features

• Discover security techniques to prevent malware from infecting a Linux system, and detect it
• Prevent unauthorized people from breaking into a Linux system
• Protect important and sensitive data from being revealed to unauthorized persons

Book Description

The third edition of Mastering Linux Security and Hardening is an updated, comprehensive introduction to implementing the latest Linux security measures, using the latest versions of Ubuntu and AlmaLinux.

In this new edition, you will learn how to set up a practice lab, create user accounts with appropriate privilege levels, protect sensitive data with permissions settings and encryption, and configure a firewall with the newest firewall technologies. You'll also explore how to use sudo to set up administrative accounts with only the privileges required to do a specific job, and you'll get a peek at the new sudo features that have been added over the past couple of years. You'll also see updated information on how to set up a local certificate authority for both Ubuntu and AlmaLinux, as well as how to automate system auditing. Other important skills that you'll learn include how to automatically harden systems with OpenSCAP, audit systems with auditd, harden the Linux kernel configuration, protect your systems from malware, and perform vulnerability scans of your systems. As a bonus, you'll see how to use Security Onion to set up an Intrusion Detection System.

By the end of this new edition, you will confidently be able to set up a Linux server that will be secure and harder for malicious actors to compromise.

What you will learn

• Prevent malicious actors from compromising a production Linux system
• Leverage additional features and capabilities of Linux in this new version
• Use locked-down home directories and strong passwords to create user accounts
• Prevent unauthorized people from breaking into a Linux system
• Configure file and directory permissions to protect sensitive data
• Harden the Secure Shell service in order to prevent break-ins and data loss
• Apply security templates and set up auditing

Who this book is for

This book is for Linux administrators, system administrators, and network engineers interested in securing moderate to complex Linux environments. Security consultants looking to enhance their Linux security skills will also find this book useful. Working experience with the Linux command line and package management is necessary to understand the concepts covered in this book.

Table of Contents

1. Running Linux in a Virtual Environment
2. Securing Administrative User Accounts
3. Securing Normal User Accounts
4. Securing Your Server with a Firewall - Part 1
5. Securing Your Server with a Firewall - Part 2
6. Encryption Technologies
7. SSH Hardening
8. Mastering Discretionary Access Control
9. Access Control Lists and Shared Directory Management
10. Implementing Mandatory Access Control with SELinux and AppArmor
11. Kernel Hardening and Process Isolation
12. Scanning, Auditing and Hardening
13. Logging and Log Security
14. Vulnerability Scanning and Intrusion Detection
15. Prevent Unwanted Programs from Running
16. Security Tips & Tricks for the Busy Bee

About the Author

Donald A. Tevault - but you can call him Donnie - got involved with Linux way back in 2006, and has been working with it ever since. He holds the Linux Professional Institute Level 3-Security certification, and the GIAC Incident Handler certification. Donnie is a professional Linux trainer, and thanks to the magic of the internet, teaches Linux classes literally the world over from the comfort of his living room. He's also a Linux security researcher for an IoT security company.