Linux Server Security Hack and Defend

Linux Server Security Hack and Defend – Free Book Download

Linux Server Security Hack and Defend – Free Book Download

Chapter 1: Invisibility Cloak 1

  • Background 1
  • Probing Ports 1
  • Confusing a Port Scanner 2
  • Installing knockd 2
  • Packages 3
  • Changing Default Settings 3
  • Altering Filesystem Locations 4
  • Some Confi g Options 5
  • Starting the Service 5
  • Changing the Default Network Interface 5
  • Packet Types and Timing 5
  • Testing Your Install 6
  • Port Knocking Clients 7
  • Making Your Server Invisible 7
  • Testing Your iptables 8
  • Saving iptables Rules 9
  • Further Considerations 10
  • Smartphone Client 10
  • Troubleshooting 10
  • Security Considerations 10
  • Ephemeral Sequences 11

Chapter 2: Digitally Fingerprint Your Files 13

  • Filesystem Integrity 13
  • Whole Filesystem 16
  • Rootkits 17
  • Confi guration 19
  • False Positives 21
  • Well Designed 22

Chapter 3: Twenty-First-Century Netcat 25

  • History 25
  • Installation Packages 27
  • Getting Started 27
  • Transferring Files 29
  • Chatting Example 30
  • Chaining Commands Together 30
  • Secure Communications 31
  • Executables 33
  • Access Control Lists 34
  • Miscellaneous Options 34

Chapter 4: Denying Service 37

  • NTP Infrastructure 37
  • NTP Refl ection Attacks 38
  • Attack Reporting 40
  • Preventing SNMP Refl ection 41
  • DNS Resolvers 42
  • Complicity 43
  • Bringing a Nation to Its Knees 44
  • Mapping Attacks 45

Chapter 5: Nping g 49

  • Functionality 49
  • TCP 50
  • Interpreter 51
  • UDP 52
  • ICMP 52
  • ARP 53
  • Payload Options 53
  • Echo Mode 54
  • Other Nping Options 57

Chapter 6: Logging Reconnoiters 59

  • ICMP Misconceptions 59
  • tcpdump 60
  • Iptables 61
  • Multipart Rules 64
  • Log Everything for Forensic Analysis 64
  • Hardening 65

Chapter 7: Nmap’s Prodigious NSE 69

  • Basic Port Scanning 69
  • The Nmap Scripting Engine 71
  • Timing Templates 73
  • Categorizing Scripts 74
  • Contributing Factors 75
  • Security Holes 75
  • Authentication Checks 77
  • Discovery 78
  • Updating Scripts 79
  • Script Type 80
  • Regular Expressions 80
  • Graphical User Interfaces 81
  • Zenmap 81

Chapter 8: Malware Detection 85

  • Getting Started 85
  • Defi nition Update Frequency 85
  • Malware Hash Registry 86
  • Prevalent Threats 86
  • LMD Features 86
  • Monitoring Filesystems 88
  • Installation 88
  • Monitoring Modes 90
  • Confi guration 91
  • Exclusions 91
  • Running from the CLI 92
  • Reporting 92
  • Quarantining and Cleaning 93
  • Updating LMD 94
  • Scanning and Stopping Scans 94
  • Cron Job 96
  • Reporting Malware 96
  • Apache Integration 96

Chapter 9: Password Cracking with Hashcat 99

  • History 99
  • Understanding Passwords 99
  • Keyspace 100
  • Hashes 101
  • Using Hashcat 103
  • Hashcat Capabilities 103
  • Installation 103
  • Hash Identification 104
  • Choosing Attack Mode 106
  • Downloading a Wordlist 106
  • Rainbow Tables 107
  • Running Hashcat 107
  • oclHashcat 110
  • Hashcat-Utils 111

Chapter 10: SQL Injection Attacks 113

  • History 113
  • Basic SQLi 114
  • Mitigating SQLi in PHP 115
  • Exploiting SQL Flaws 117
  • Launching an Attack 118
  • Trying SQLi Legally 120

Index 123

Linux Server Security – Hack and Defend Free Book Download

The chapters contained within this book can be read in any order and are a collection of security topics that have interested the author on his journey as an Internet user over the years

The topics vary from the theory of past, current, and future attacks, to the mitigation and defense from a variety of online attacks, all the way to empowering readers to perform malicious attacks themselves (in the hope they will learn how to defend against such attacks)

By separating the various topics into chapters, the subjects can be referenced and returned to in the future to allow the reader to recount the content in greater detail The content of each chapters is as follows:

Chapter 1: Invisibility Cloak: If an attacker can’t see your server and isn’t aware of its existence, then there isn’t any attack vector to exploit in the fi rst place We discuss and demonstrate how to continue using services in production but without the unwelcome attention of attackers

Chapter 2: Digitally Fingerprint Your Files: There are a number ways of keeping an eye on the integrity of your server’s fi lesystems to ensure attackers haven’t gained access In this chapter we look at both a manual method and an automated tool that checks for rootkits

Chapter 3: Twenty-First-Century Netcat: Steeped in history, the modern-day version of Netcat, thanks to its multitude of advanced features, has become a hacker’s tool of choice Learn how to spot if such a tool is being used against your servers and additionally how to utilize its industry-leading functionality

Chapter 4: Denying Service: Only a handful of the world’s largest Internet infrastructure providers can withstand the devastating effects of a full-fl edged, high-capacity Distributed Denial of Service attack In this chapter we discuss the topic in detail and even comment on an entire country losing Internet connectivity for three weeks due to such an attack

Chapter 5: Nping: Knowing which services a host is running is only half the battle This extension of the powerful Nmap security tool allows you to check just that on any host and also craft custom packets with unique payloads

Chapter 6: Logging Reconnoiters: Although certain probes executed against your server might seem harmless enough, there is little doubt that being aware of how they work helps you secure your server further We examine several facets of an attacker reconnoitering your server’s vulnerable points

Chapter 7: Nmap’s Prodigious NSE: Many users will have used Nmap for simple port scans, but few know that the security tool includes the ability to exploit remote machines too Weexplore just some of the many possibilities starting with the plethora of scripts that Nmapships with by default

Chapter 8: Malware Detection: A sometimes entirely silent threat that has plagued Windows systems for years comes in the form of illegitimately installed software The damage that can be done to a system by malware ranges from annoying pop-up windows to full-fl edged online banking compromises In this chapter we learn how to deploy a sophisticated, frequently updated anti-malware solution on Linux

Chapter 9: Password Cracking with Hashcat: Technical professionals might be alarmed to discover that one password-cracking tool all but guarantees that it can crack a hashed password This means that if access to your hashed password is gained illegitimately, then it’s just a matter of time before an attacker can see your password in plain text This chapter walks you through the process, step by step

Chapter 10: SQL Injection Attacks: In one prominent survey, SQL injection attacks were listed as the most prevalent online attack Despite the fact that this type of attack dates back to the late 1990s, even today a frighteningly large number of such attacks successfully exploit websites belonging to enterprises and key online services through poor programming practices This chapter offers some useful historical information along with step-bystep instructions on how to identify and exploit vulnerable online services

Linux Server Security – Hack and Defend

Free Book Download

Maintain Security During a Recession

Budget Squeeze: How to Maintain Security During a Recession

Learn how the Depository Trust and Clearing Corporation is keeping information security costs in check by automating processes with the Archer SmartSuite Framework.

The Depository Trust and Clearing Corporation (DTCC) isn’t backing down on information security innovation in the face of a troubled economy. Instead, the company is using technology for knowledge management and automation. DTCC relies on the Archer SmartSuite Framework, a platform for governance, risk and compliance management from Archer Technologies, to:

  • Optimize workflow processes
  • Gather and share documents
  • Respond to requests for additional information from regulators and auditors

In this article from Information Security Magazine, you’ll learn how DTCC has cut the cost of vendor site assessments from $300,000 in 2007 to $1,100 in 2008, and how DTCC’s Chief Information Security Officer has reduced his time spent demonstrating due diligence from 35% to 15%.

Download Book Now