| Credits | p. xi |
| Preface | p. xv |
| Unix Host Security | p. 1 |
| Secure Mount Points | p. 2 |
| Scan for SUID and SGID Programs | p. 3 |
| Scan for World- and Group-Writable Directories | p. 5 |
| Create Flexible Permissions Hierarchies with POSIX ACLs | p. 5 |
| Protect Your Logs from Tampering | p. 9 |
| Delegate Administrative Roles | p. 11 |
| Automate Cryptographic Signature Verification | p. 13 |
| Check for Listening Services | p. 15 |
| Prevent Services from Binding to an Interface | p. 17 |
| Restrict Services with Sandboxed Environments | p. 19 |
| Use proftpd with a MySQL Authentication Source | p. 23 |
| Prevent Stack-Smashing Attacks | p. 26 |
| Lock Down Your Kernel with grsecurity | p. 28 |
| Restrict Applications with grsecurity | p. 33 |
| Restrict System Calls with systrace | p. 36 |
| Create systrace Policies Automatically | p. 39 |
| Control Login Access with PAM | p. 41 |
| Restrict Users to SCP and SFTP | p. 46 |
| Use Single-Use Passwords for Authentication | p. 49 |
| Restrict Shell Environments | p. 52 |
| Enforce User and Group Resource Limits | p. 54 |
| Automate System Updates | p. 55 |
| Windows Host Security | p. 58 |
| Check Servers for Applied Patches | p. 59 |
| Use Group Policy to Configure Automatic Updates | p. 63 |
| List Open Files and Their Owning Processes | p. 66 |
| List Running Services and Open Ports | p. 68 |
| Enable Auditing | p. 69 |
| Enumerate Automatically Executed Programs | p. 71 |
| Secure Your Event Logs | p. 73 |
| Change Your Maximum Log File Sizes | p. 73 |
| Back Up and Clear the Event Logs | p. 75 |
| Disable Default Shares | p. 78 |
| Encrypt Your Temp Folder | p. 79 |
| Back Up EFS | p. 80 |
| Clear the Paging File at Shutdown | p. 86 |
| Check for Passwords That Never Expire | p. 88 |
| Privacy and Anonymity | p. 91 |
| Evade Traffic Analysis | p. 91 |
| Tunnel SSH Through Tor | p. 95 |
| Encrypt Your Files Seamlessly | p. 96 |
| Guard Against Phishing | p. 100 |
| Use the Web with Fewer Passwords | p. 105 |
| Encrypt Your Email with Thunderbird | p. 107 |
| Encrypt Your Email in Mac OS X | p. 112 |
| Firewalling | p. 117 |
| Firewall with Netfilter | p. 117 |
| Firewall with OpenBSD's PacketFilter | p. 122 |
| Protect Your Computer with the Windows Firewall | p. 128 |
| Close Down Open Ports and Block Protocols | p. 137 |
| Replace the Windows Firewall | p. 139 |
| Create an Authenticated Gateway | p. 147 |
| Keep Your Network Self-Contained | p. 149 |
| Test Your Firewall | p. 151 |
| MAC Filter with Netfilter | p. 154 |
| Block Tor | p. 156 |
| Encrypting and Securing Services | p. 158 |
| Encrypt IMAP and POP with SSL | p. 158 |
| Use TLS-Enabled SMTP with Sendmail | p. 161 |
| Use TLS-Enabled SMTP with Qmail | p. 163 |
| Install Apache with SSL and suEXEC | p. 164 |
| Secure BIND | p. 169 |
| Set Up a Minimal and Secure DNS Server | p. 172 |
| Secure MySQL | p. 176 |
| Share Files Securely in Unix | p. 178 |
| Network Security | p. 183 |
| Detect ARP Spoofing | p. 184 |
| Create a Static ARP Table | p. 186 |
| Protect Against SSH Brute-Force Attacks | p. 188 |
| Fool Remote Operating System Detection Software | p. 190 |
| Keep an Inventory of Your Network | p. 194 |
| Scan Your Network for Vulnerabilities | p. 197 |
| Keep Server Clocks Synchronized | p. 207 |
| Create Your Own Certificate Authority | p. 209 |
| Distribute Your CA to Clients | p. 213 |
| Back Up and Restore a Certificate Authority with Certificate Services | p. 214 |
| Detect Ethernet Sniffers Remotely | p. 221 |
| Help Track Attackers | p. 227 |
| Scan for Viruses on Your Unix Servers | p. 229 |
| Track Vulnerabilities | p. 233 |
| Wireless Security | p. 236 |
| Turn Your Commodity Wireless Routers into a Sophisticated Security Platform | p. 236 |
| Use Fine-Grained Authentication for Your Wireless Network | p. 240 |
| Deploy a Captive Portal | p. 244 |
| Logging | p. 250 |
| Run a Central Syslog Server | p. 251 |
| Steer Syslog | p. 252 |
| Integrate Windows into Your Syslog Infrastructure | p. 254 |
| Summarize Your Logs Automatically | p. 262 |
| Monitor Your Logs Automatically | p. 263 |
| Aggregate Logs from Remote Sites | p. 266 |
| Log User Activity with Process Accounting | p. 272 |
| Centrally Monitor the Security Posture of Your Servers | p. 273 |
| Monitoring and Trending | p. 282 |
| Monitor Availability | p. 283 |
| Graph Trends | p. 291 |
| Get Real-Time Network Stats | p. 293 |
| Collect Statistics with Firewall Rules | p. 295 |
| Sniff the Ether Remotely | p. 297 |
| Secure Tunnels | p. 301 |
| Set Up IPsec Under Linux | p. 301 |
| Set Up IPsec Under FreeBSD | p. 306 |
| Set Up IPsec in OpenBSD | p. 309 |
| Encrypt Traffic Automatically with Openswan | p. 314 |
| Forward and Encrypt Traffic with SSH | p. 316 |
| Automate Logins with SSH Client Keys | p. 318 |
| Use a Squid Proxy over SSH | p. 320 |
| Use SSH As a SOCKS Proxy | p. 322 |
| Encrypt and Tunnel Traffic with SSL | p. 324 |
| Tunnel Connections Inside HTTP | p. 327 |
| Tunnel with VTun and SSH | p. 329 |
| Generate VTun Configurations Automatically | p. 334 |
| Create a Cross-Platform VPN | p. 339 |
| Tunnel PPP | p. 345 |
| Network Intrusion Detection | p. 348 |
| Detect Intrusions with Snort | p. 349 |
| Keep Track of Alerts | p. 353 |
| Monitor Your IDS in Real Time | p. 356 |
| Manage a Sensor Network | p. 363 |
| Write Your Own Snort Rules | p. 370 |
| Prevent and Contain Intrusions with Snort_inline | p. 377 |
| Automatically Firewall Attackers with SnortSam | p. 380 |
| Detect Anomalous Behavior | p. 384 |
| Automatically Update Snort's Rules | p. 385 |
| Create a Distributed Stealth Sensor Network | p. 388 |
| Use Snort in High-Performance Environments with Barnyard | p. 389 |
| Detect and Prevent Web Application Intrusions | p. 392 |
| Scan Network Traffic for Viruses | p. 397 |
| Simulate a Network of Vulnerable Hosts | p. 400 |
| Record Honeypot Activity | p. 407 |
| Recovery and Response | p. 413 |
| Image Mounted Filesystems | p. 413 |
| Verify File Integrity and Find Compromised Files | p. 415 |
| Find Compromised Packages | p. 420 |
| Scan for Rootkits | p. 422 |
| Find the Owner of a Network | p. 425 |
| Index | p. 429 |
| Table of Contents provided by Ingram. All Rights Reserved. |
