UKUUG home

UKUUG

(the UK's Unix & Open Systems User Group)

Home

Events

About UKUUG

UKUUG Diary

Membership

Book Discounts

Other Discounts

Mailing lists

Sponsors

Newsletter

Consulting

 


 

Linux Server Security (2nd edition) Michael D Bauer
Published by O'Reilly Media
ISBN:0-596-00670-5
544 pages
£ 31.95
Published: 21st January 2005
reviewed by Mick Farmer
   in the June 2005 issue (pdf), (html)
bookcover  

I haven't read the first edition of this book, entitled ``Building Secure Servers with Linux'', so I can't say how much the book has changed. The blurb on the back states that five or more new security topics have been added, including OpenLDAP for authentication and the popular Cyrus IMAP service.

My plan for this review was to understand each chapter and then to apply that understanding to the Linux machine that I use daily, where appropriate. Although my computer runs Apache for serving web pages, it is also the machine on my desktop -- Red Hat 9, 2.4.20 kernel, kept up to date with apt-get and RPMs.

The book is based on the articles written for a monthly security column (Paranoid Penguin) in the Linux Journal Magazine, updated for the second edition with tips and techniques for Red Hat Enterprise Linux, Fedora, SUSE, and Debian. Each chapter covers a particular group of services.

Chapter 1 (Threat Modelling and Risk Management) sets the scene for the subsequent chapters by discussing what assets we're trying to protect and what levels of protection each asset requires. It starts with some general sections on data confidentiality and integrity, system integrity, and network availability. It follows with sections on who might attack our systems and some of their motives. It finishes with simple risk analysis using Annualised Loss Expectancies (ALEs) and Bruce Schneier's attack trees.

ALEs sound daunting until you see the calculation:

Single Loss Expected Annual

ALE (cost/year) = Expectancy (cost) Rate of Occurrences

Working in a University has shielded me from itemising single-loss expectancies, but the author provides some nice examples based on an SMTP gateway -- there's even a cost for sendmail bugs!

An attack tree starts with a root node, the attacker's objective (e.g. steal customer data), and a number of leaf nodes which are the subgoals (e.g. obtain backup media, intercept e-mail, or hack into file server). The process is repeated for each of the subgoals until you have a complete attack tree. Now comes the interesting bit -- attach a ``cost'' to each node resulting in a cost for each possible attack path. You're now looking at risk analysis from the attacker's point of view.

Chapter 2 (Designing Perimeter Networks) looks at firewalls and different DMZ (demilitarised zone) architectures. Frankly, I skipped this chapter because I wasn't in the position to install a DMZ and because the topic of firewalls would be covered in the next chapter!

Chapter 3 (Hardening Linux and Using Iptables) started with the usual guidelines about what software should actually be running on a server. I was able to heed some of this advice and turned off a number of services, and learnt about Red Hat's chkconfig and Debian's apt-get at the same time.

I've been using iptables for some time, but finally bit the bullet and took the author's advice of dropping every packet by default and then allowing in and out only those packets I really wanted. This took some time as I slowly found services which weren't running correctly and deciding how this translated into IP address, protocol, and port combinations that would be accepted. There are excellent iptables scripts in this chapter and in the Appendix.

This chapter continues with a thorough discussion of port scanners, such as nmap, and security scanners, such as Nessus. I've used both of these to check both my work machine and my home ADSL router with built-in firewall.

The chapter concludes with Bastille Linux, a tool for hardening mainly Red Hat-centric systems. Again, I ran this on my work machine to really batten down the hatches. For those who want to know more about Bastille, there's a good review in the November 2004 issue of Sys Admin.

Chapter 4 (Secure Remote Administration) is perhaps mis-titled as it's all about the Secure Shell (SSH) which provides encrypted connections using public-key cryptography. It replaces telnet, rsh, rcp, and rlogin.

I must own up to only skimming over the next three chapters. These cover OpenSSL (Chapter 5), DNS (Chapter 6), and LDAP (Chapter 7). These are technologies that I don't need to consider in my workstation environment.

Chapter 8 (Database Security) is mainly concerned with configuring and administrating MySQL, which I use in association with my web pages (PHP being the glue). It was satisfying to see that my server and configuration matched the points made by the author.

Chapter 9 (Securing Internet Email) covers general e-mail security with details for securing two popular Message Transfer Agents (MTAs), sendmail and postfix. I use sendmail purely to send mail so most of the chapter was academic. I don't use postfix so find it difficult to comment on that material.

Chapter 10 (Securing Web Servers) is concerned with installing, configuring, and administrating Apache, with additional material on using CGI scripts in PHP and Perl. Very good advice it is too. I certainly picked up some techniques for hardening my web service.

Chapter 11 (Securing File Services) is really for people providing an FTP service, which I don't. It considers two replacements for traditional ftp, namely ProFTP and vsftpd, with details on how to install and configure both, especially for anonymous FTP.

This chapter finishes with a section on rsync, a file-transfer tool capable of performing differential uploads and downloads of files. It can work with SSH to provide encrypted connections.

Chapter 12 (System Log Management and Monitoring) starts with sections on configuring syslog and running syslogd. It follows with sections on syslog-ng, a flexible replacement for syslog that's already a standard package in Debian and SuSe distributions. Judging by the number of examples, syslog-ng is an extremely powerful package. It finishes with details about swatch (Simple WATCHer), which is a log monitoring utility written in Perl.

Chapter 13 (Simple Intrusion Detection Techniques) is concerned with host-based Intrusion Detection Systems (IDS) which alert you to unexpected changes in important system files. Most of the chapter is devoted to Tripwire, a popular IDS. It finishes with Snort, which also sniffs packets ``on the wire'' so it's capable of reporting ``attempted intrusion'' detection while the attack is happening. I haven't tried it yet, but it's on my to-do list.

A most enjoyable and interesting read. The author has managed to condense down most of the information about a number of utilities which themselves are described in complete books (the Sendmail tome and the various MySQL books come to mind here).

Yes, my machine is now that bit more secure.

Back to reviews list

Tel: 01763 273 475
Fax: 01763 273 255
Web: Webmaster
Queries: Ask Here
Join UKUUG Today!

UKUUG Secretariat
PO BOX 37
Buntingford
Herts
SG9 9UQ
More information

Page last modified 02 Apr 2007
Copyright © 1995-2011 UKUUG Ltd.