Muutke küpsiste eelistusi

SUSE LINUX Enterprise Server 9 Administrator's Handbook [Pehme köide]

,
  • Formaat: Paperback / softback, 552 pages, kõrgus x laius x paksus: 229x152x30 mm, kaal: 744 g
  • Ilmumisaeg: 21-Jul-2005
  • Kirjastus: Novell Press
  • ISBN-10: 067232735X
  • ISBN-13: 9780672327353
Teised raamatud teemal:
  • Pehme köide
  • Hind: 58,59 €*
  • * saadame teile pakkumise kasutatud raamatule, mille hind võib erineda kodulehel olevast hinnast
  • See raamat on trükist otsas, kuid me saadame teile pakkumise kasutatud raamatule.
  • Kogus:
  • Lisa ostukorvi
  • Tasuta tarne
  • Lisa soovinimekirja
SUSE LINUX Enterprise Server 9 Administrator's HandbookSuurem pilt
  • Formaat: Paperback / softback, 552 pages, kõrgus x laius x paksus: 229x152x30 mm, kaal: 744 g
  • Ilmumisaeg: 21-Jul-2005
  • Kirjastus: Novell Press
  • ISBN-10: 067232735X
  • ISBN-13: 9780672327353
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9780672327353.html
Märksõnad:
As a system administrator, you are justly concerned about the security of your infrastructure. SUSE Linux Enterprise Server (SLES 9) can lead the way to infrastructure security and SUSE Linux Enterprise Server Administrator's Handbook is the authoritative source for information on this secure server. Step-by-step procedures will walk you through installing and securing a SLES 9 system, and it will focus on the specific security features that make SLES 9 an important platform for all system administrators. Some of what you will cover is:





SuSE server installation User access and security Installing and configuring networking services Securing your SuSE server

Leverage Linux and open source with SLES 9 and SUSE Linux Enterprise Server Administrator's Handbook to build a secure computing network for your company.

Muu info

SuSE Linux Enterprise Server 9 Administrator's Handbook (0-672-32735-X)

Written by a Novell/SUSE insider and an IBM Linux insider providing in depth information on SUSE Security





SUSE is the second largest distribution of Linux in the world and the largest selling Linux distribution in Europe IBM, HP and the extensive network of Novell channel partners are pushing the acceptance of SUSE to the main stream in North America The authoritative source on why and how SUSE Linux Enterprise Server (SLES 9) leads the way to infrastructure security

SuSE Linux Enterprise Server 9 Administrator's Handbook will provide a single source of information covering the depth needed to build a secure SLES 9 platform. It is written by a Novell/SUSE employee and an IBM employee the two organizations responsible for SUSE and its success. This book will provide step-by-step procedures for installing and securing a SLES 9 system. This administrators handbook will focus on the security features that make SLES 9 an important platform for administrators concerned with security in their infrastructure. Tom Fulton has been involved in designing and implementing security infrastructure as a field engineer for Netegrity and Network Associates. He has designed, installed, and configured security for companies such as Hewlett Packard, Cisco, E*Trade and Wells Fargo. Tom is active in the security community speaking at the HTCIA International Conference in Washington, DC, and well as to Linux and Novell users groups on security. He is a seasoned speaker at Novells annual Brainshare on topics Snort and Authenticating Solaris Accounts to eDirectory. Niki Rahimi is currently a Security Developer for IBM/s Linux Technology. She began her career as an intern at IBM in 1998 and had worked in the security realm ever since. . Niki has work on various projects including enabling the Bastille-Linux security hardening system on SUSE and TurboLinux. She created a Linux Security Module (LSM) called Trusted Path Execution which is now a part of the LSM patch for the Linux Kernel.
Part I: SUSE Server Installation and Configuration
CHAPTER 1: Installing SUSE LINUX Enterprise Server
3(28)
Installation Methods and Overview
4(6)
CD-ROM-Based Installation
6(1)
VNC-Based Installation
6(3)
Network-Based Installation
9(1)
AutoYaST-Based Installation
9(1)
Pre-Installation Planning
10(7)
Ten Easy Steps to SLES 9 Installation
17(12)
Selecting an Installation Method
17(1)
Selecting the Language
18(1)
Choosing Installation Settings
18(2)
Preparing the Hard Disks
20(2)
Configuring the System
22(1)
Specifying Network Settings
23(1)
Applying Online Updates
24(1)
Configuring Services
24(1)
Configuring User Information
25(3)
Configuring Hardware
28(1)
Troubleshooting
29(1)
Summary
30(1)
CHAPTER 2: Updating the Server
31(34)
Maintaining Your System Configuration
31(5)
SuSEconfig
32(1)
YaST (Yet another Setup Tool)
33(3)
Adding and Removing Packages
36(8)
Installing a Package
36(5)
Removing a Package or Subcomponents
41(3)
Adding and Removing Hardware
44(13)
Preparations
44(1)
Adding a Disk
45(12)
Changing Network Configuration
57(6)
Network Parameters
58(1)
Using YaST to Manage the Network Configuration
59(4)
Summary
63(2)
CHAPTER 3: Booting and Shutting Down the Server
65(16)
Boot Loaders
65(6)
LILO
67(1)
Grub
68(3)
Kernel Boot
71(1)
init and Understanding Runlevels
72(2)
System Shutdown
74(1)
Emergency Boot and Recovery
75(2)
Summary
77(4)
Part II: User Access and Security Management
CHAPTER 4: User and Group Administration
81(44)
User and Group IDs
81(7)
User and Group Data Files
88(7)
The /etc/passwd File
89(2)
The /etc/shadow File
91(2)
The /etc/group File
93(2)
User Account and Group Management Applications
95(15)
Creating and Editing User Accounts
97(8)
Setting Default User Account Properties
105(3)
Creating and Editing Groups
108(2)
Security Considerations
110(12)
Using Strong Passwords
111(8)
Auditing Default Accounts
119(1)
The Root Account
120(2)
User in Too Many Groups?
122(1)
Summary
122(3)
CHAPTER 5: User Environment Management and Security
125(28)
Account Auditing
126(1)
Configuring the User Environment
127(6)
Default Shell
127(3)
Login Scripts and Environment Variables
130(3)
User Resource Management
133(15)
Authentication Using PAM
133(3)
PAM Module Configuration
136(1)
Resource Management
137(2)
Access Time Management
139(2)
Quota Management
141(7)
su or sudo
148(4)
Summary
152(1)
CHAPTER 6: Filesystem Security
153(40)
A Review of File and Directory Permissions
153(13)
Changing Permissions
159(4)
Changing User and Group Ownership
163(1)
Security Considerations
163(3)
Default Access Permissions
166(2)
Special File Permissions
168(10)
Security Implications of SUID/SGID
170(2)
SGID and File Sharing
172(2)
A SUID Sample Program
174(2)
Securing Against SUID Programs
176(1)
Sticky Business
177(1)
Extended Attributes
178(5)
Data and Filesystem Encryption
183(5)
Secure File Deletion
188(2)
Journaled Filesystems
190(1)
Summary
191(2)
CHAPTER 7: System Management and Monitoring
193(26)
Common Linux Commands
194(2)
Basic Commands
194(2)
Additional Tools
196(1)
The root Filesystem
196(2)
Health Checks and System Monitoring
198(12)
Machine Uptime
199(1)
Log Review
200(1)
Top Consumers
201(2)
Application Check
203(1)
System Resource Check
204(2)
User Login Activity
206(4)
System Tuning
210(6)
Tuning Kernel Parameters
211(2)
Tuning Filesystem Access
213(3)
Summary
216(3)
Part III: Installing and Configuring Networking Services
CHAPTER 8: Network Services
219(86)
Angels and Daemons
220(14)
Configuring xinetd
221(7)
The /etc/xinetd.conf File
228(4)
Applying Access Control
232(2)
Security Considerations
234(1)
Network Time Services
234(15)
Configuring the NTP Client
237(6)
Configuring an NTP Server
243(3)
Troubleshooting Tips
246(3)
Email Services
249(6)
File Transfer Services
255(12)
Using Pure-FTPd
256(6)
Using vsftpd
262(4)
Using the Standard TFTP Server
266(1)
Network File-Sharing Services
267(13)
Setting Up an NFS Server
268(4)
Setting Up a Samba Server
272(8)
Remote Management Services
280(7)
Telnet
281(1)
ssh
281(2)
VNC and XDMCP
283(1)
Securing System Management Conversations
284(2)
Restricting Connections by IP Address
286(1)
A Secure System Management Environment
287(1)
Network Name Services
287(9)
Samba
287(1)
Service Location Protocol (SLP)
288(1)
Domain Name Service (DNS)
288(4)
Dynamic Host Configuration Protocol (DHCP)
292(3)
DNS and DHCP
295(1)
Web Services
296(5)
Authentication Services
301(3)
Network Information Services (NIS)
301(1)
Samba Domains
302(1)
Lightweight Directory Access Protocol (LDAP)
302(1)
Kerberos
303(1)
Summary
304(1)
CHAPTER 9: Printing Services
305(20)
Printer Configuration
306(7)
Local Printers
306(1)
Network Printers
307(1)
Adding a Local Printer
307(3)
Adding a Network Printer
310(3)
Print Job Lifecycle
313(1)
Job Spooling
313(1)
Applying Filters
313(1)
Printing the Information
314(1)
Queue Management
314(10)
YaST Queue Configuration
315(1)
Command-Line Queue Configuration
316(2)
Printer Queue Basics
318(1)
The CUPS Web Interface
319(5)
Summary
324(1)
CHAPTER 10: Data Backup and Disaster Recovery
325(50)
A Look at Backup Strategies
326(2)
Implementing a Backup Strategy
328(9)
Grandfather-Father-Son Rotation Method
330(2)
Tower of Hanoi Rotation Method
332(1)
Some Tips and Tricks
333(3)
Database Backups: Cold or Hot?
336(1)
Backup and Restore Tools
337(32)
Making Tarballs
339(4)
Archiving Data with cpio
343(2)
Converting and Copying Data Using dd
345(3)
Using dump and restore
348(10)
Data Mirroring Using rsync
358(2)
YaST's System Backup and Restore Modules
360(4)
Getting to Know AMANDA
364(2)
Scheduling Backups
366(1)
Commercial Backup Products
367(2)
SLES Boot and Rescue Disks
369(2)
Summary
371(4)
Part IV: Securing Your SUSE Server
CHAPTER 11: Network Security Concepts
375(28)
Corporate Security Policies
376(25)
Physical Security
379(3)
User Accounts
382(2)
Strong Passwords
384(7)
Remote Access
391(1)
Firewalls
392(4)
Acceptable Use Policy
396(1)
Information Protection
397(2)
Incident Response
399(2)
Summary
401(2)
CHAPTER 12: Intrusion Detection
403(38)
Defining Intrusions
403(2)
Reducing Your Target Size
405(2)
Vulnerability Assessments
407(11)
nmap
407(3)
Nessus
410(8)
Detecting a Network-based Intrusion
418(10)
Know Your Traffic, Tune Your Firewall
418(1)
Network Intrusion Detection Systems
419(1)
Snort
420(2)
Analysis Console for Intrusion Databases
422(6)
Detecting a Host Intrusion
428(8)
Log Files
429(1)
chkrootkit
429(2)
Advanced Intrusion Detection Environment (AIDE)
431(5)
Additional Tools
436(3)
Scan Detection Tools
436(1)
MRTG and Cacti
437(1)
Ethereal
438(1)
Summary
439(2)
CHAPTER 13: System Security
441(44)
System Hardening Principles
442(2)
Using a Central syslog Server
444(7)
Hardening the Central Syslog Host
447(3)
A Stealth Logging Host
450(1)
Avoid Logging in As Root
451(1)
Securing Network Services
452(25)
Hardening Remote Services
453(2)
Limiting Rights of Services
455(2)
Using chroot Jails and User Mode Linux
457(3)
Packet Filtering Using iptables
460(3)
Hardening Your Physical Network Infrastructure
463(3)
Wireless Security
466(11)
System Hardening Packages
477(2)
Automating SLES Hardening
479(2)
Learning More About Threats
481(1)
Summary
482(3)
Part V: Appendixes
APPENDIX A: Security Certifications
485(8)
APPENDIX B: Resources
493(10)
Linux Editors
493(5)
Website Resources
498(5)
Security and Linux-Related Websites
499(1)
SUSE-Specific Newsgroups and Websites
500(3)
Index 503
Peter Kuo is a Novell Master CNI, Master CNE, NCIP, CNS and one of the first CDEs. He is the co-author of Novell's Guide to Troubleshooting NDS and has authored or coauthored several NetWare and networking titles.