Books : Computers & Internet : Security & Encryption : Linux Security

• Home
• US Store
• Electronics
• Computers
• Sitemap

Books : Computers & Internet : Security & Encryption : Linux Security

• Linux Pocket Guide

  Daniel J. Barrett

  
  O'Reilly's Pocket Guides have earned a reputation as inexpensive, comprehensive, and compact guides that have the stuff but not the fluff. Every page of Linux Pocket Guide lives up to this billing. It clearly explains how to get up to speed quickly on day-to-day Linux use. Once you're up and running, Linux Pocket Guide provides an easy-to-use reference that you can keep by your keyboard for those times when you want a fast, useful answer, not hours in the man pages. Linux Pocket Guide is organized the way you use Linux: by function, not just alphabetically. It's not the 'bible of Linux; it's a practical and concise guide to the options and commands you need most. It starts with general concepts like files and directories, the shell, and X windows, and then presents detailed overviews of the most essential commands, with clear examples. You'll learn each command's purpose, usage, options, location on disk, and even the RPM package that installed it. The Linux Pocket Guide is tailored to Fedora Linux--the latest spin-off of Red Hat Linux--but most of the information applies to any Linux system. Throw in a host of valuable power user tips and a friendly and accessible style, and you'll quickly find this practical, to-the-point book a small but mighty resource for Linux users.
  
   

• Linux Server Hacks, Volume Two: Tips & Tools for Connecting, Monitoring, and Troubleshooting (Hacks)

  William von Hagen, Brian Jones

  
  Today's system administrators deal with a vast number of situations, operating systems, software packages, and problems. Those who are in the know have kept their copy of Linux Server Hacks close at hand to ease their burden. And while this helps, it's not enough: any sys admin knows there are many more hacks, cool tips, and ways of solving problems than can fit in a single volume (one that mere mortals can lift, that is).

  Which is why we created Linux Server Hacks, Volume Two, a second collection of incredibly useful tips and tricks for finding and using dozens of open source tools you can apply to solve your sys admin problems. The power and flexibility of Linux and Open Source means that there is an astounding amount of great software out there waiting to be applied to your sys admin problems -- if only you knew about it and had enough information to get started. Hence, Linux Server Hacks, Volume Two.

  This handy reference offers 100 completely new server management tips and techniques designed to improve your productivity and sharpen your administrative skills. Each hack represents a clever way to accomplish a specific task, saving you countless hours of searching for the right answer. No more sifting through man pages, HOWTO websites, or source code comments -- the only resource you need is right here. And you don't have to be a system administrator with hundreds of boxen to get something useful from this book as many of the hacks apply equally well to a single system or a home network.

  Compiled by experts, these hacks not only give you the step-by-step instructions necessary to implement the software, but they also provide the context to truly enable you to learn the technology. Topics include:

  • Authentication
  • Remote GUI connectivity
  • Storage management
  • File sharing and synchronizing resources
  • Security/lockdown instruction
  • Log files and monitoring
  • Troubleshooting
  • System rescue, recovery, and repair

  Whether they help you recover lost data, collect information from distributed clients, or synchronize administrative environments, the solutions found in Linux Server Hacks, Volume Two will simplify your life as a system administrator.

  
   

• Running Linux

  Matthias Dalheimer, Matt Welsh

  
  
   

• Linux iptables Pocket Reference

  Gregor N. Purdy

  
  Firewalls, Network Address Translation (NAT), network logging and accounting are all provided by Linux's Netfilter system, also known by the name of the command used to administer it, iptables. The iptables interface is the most sophisticated ever offered on Linux and makes Linux an extremely flexible system for any kind of network filtering you might do. Large sets of filtering rules can be grouped in ways that makes it easy to test them and turn them on and off. Do you watch for all types of ICMP traffic--some of them quite dangerous? Can you take advantage of stateful filtering to simplify the management of TCP connections? Would you like to track how much traffic of various types you get? This pocket reference will help you at those critical moments when someone asks you to open or close a port in a hurry, either to enable some important traffic or to block an attack. The book will keep the subtle syntax straight and help you remember all the values you have to enter in order to be as secure as possible. The book has an introductory section that describes applications,followed by a reference/encyclopaedic section with all the matches and targets arranged alphabetically.
  
   

• Linux Server Hacks: 100 Industrial-Strength Tips and Tools

  Rob Flickenger

  
  A competent system administrator knows that a Linux server is a high performance system for routing large amounts of information through a network connection. Setting up and maintaining a Linux server requires understanding not only the hardware, but the ins and outs of the Linux operating system along with its supporting cast of utilities as well as layers of applications software. There's basic documentation online but there's a lot beyond the basics you have to know, and this only comes from people with hands-on, real-world experience. This kind of "know how" is what we sought to capture in "Linux Server Hacks,"

  "Linux Server Hacks" is a collection of 100 industrial-strength hacks, providing tips and tools that solve practical problems for Linux system administrators. Every hack can be read in just a few minutes but will save hours of searching for the right answer. Some of the hacks are subtle, many of them are non-obvious, and all of them demonstrate the power and flexibility of a Linux system. You'll find hacks devoted to tuning the Linux kernel to make your system run more efficiently, as well as using CVS or RCS to track the revision to system files. You'll learn alternative ways to do backups, how to use system monitoring tools to track system performance and a variety of secure networking solutions. "Linux Server Hacks" also helps you manage large-scale Web installations running Apache, MySQL, and other open source tools that are typically part of a Linux system.

  O'Reilly's new Hacks Series proudly reclaims the term "hacking" for the good guys. Hackers use their ingenuity to solve interesting problems. Rob Flickenger is an experienced system administrator, havingmanaged the systems for O'Reilly Network for several years. (He's also into community wireless networking and he's written a book on that subject for O'Reilly.) Rob has also collected the best ideas and tools from a number of other highly skilled contributors.

  Written for users who already understand the basics, "Linux Server Hacks" is built upon the expertise of people who really know what they're doing.

  
   

• Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort

  Michael Rash

  
  
   

• Hacking Exposed Linux (Hacking Exposed)

  ISECOM

  

  The Latest Linux Security Solutions

  This authoritative guide will help you secure your Linux network--whether you use Linux as a desktop OS, for Internet services, for telecommunications, or for wireless services. Completely rewritten the ISECOM way, Hacking Exposed Linux, Third Edition provides the most up-to-date coverage available from a large team of topic-focused experts. The book is based on the latest ISECOM security research and shows you, in full detail, how to lock out intruders  and defend your Linux systems against catastrophic attacks.

  • Secure Linux by using attacks and countermeasures from the latest OSSTMM research
  • Follow attack techniques of PSTN, ISDN, and PSDN over Linux
  • Harden VoIP, Bluetooth, RF, RFID, and IR devices on Linux
  • Block Linux signal jamming, cloning, and eavesdropping attacks
  • Apply Trusted Computing and cryptography tools for your best defense
  • Fix vulnerabilities in DNS, SMTP, and Web 2.0 services
  • Prevent SPAM, Trojan, phishing, DoS, and DDoS exploits
  • Find and repair errors in C code with static analysis and Hoare Logic
  
   

• Advanced Guide to Linux Networking and Security

  Ed Sawicki

  
  Linux is the fastest growing operating system. As the number of companies implementing Linux increases, so too does the rapidly-developing need for skilled users, developers and administrators. Advanced Guide to Linux Networking and Security was especially designed for individuals who want to move beyond just the basics of Linux installation and administration into a broader study of the many security issues surrounding this operating system. With its comprehensive Linux security coverage, this text can fit into any Linux Security course and is intended to follow the Complete Guide to Linux System Administration by Nick Wells.
  
   

• Linux Enterprise Cluster: Build a Highly Available Cluster with Commodity Hardware and Free Software

  Karl Kopper

  
  The Linux Enterprise Cluster explains how to take a number of inexpensive computers with limited resources, place them on a normal computer network, and install free software so that the computers act together like one powerful server. This makes it possible to build a very inexpensive and reliable business system for a small business or a large corporation. The book includes information on how to build a high-availability server pair using the Heartbeat package, how to use the Linux Virtual Server load balancing software, how to configure a reliable printing system in a Linux cluster environment, and how to build a job scheduling system in Linux with no single point of failure. The book also includes information on high availability techniques that can be used with or without a cluster, making it helpful for System Administrators even if they are not building a cluster. Anyone interested in deploying Linux in an environment where low cost computer reliability is important will find this book useful. The CD-ROM includes all of the software needed to build a Linux Enterprise Cluster, including the Linux kernel, rsync, the SystemImager package, the Heartbeat package, the Linux Virtual Server package, the Mon monitoring package, and the Ganglia package. All figures in the book are also included on the CD-ROM.
  
   

• UNIX and Linux Forensic Analysis DVD Toolkit

  Chris Pogue, Cory Altheide, Todd Haverkos

  
  This book addresses topics in the area of forensic analysis of systems running on variants of the UNIX operating system, which is the choice of hackers for their attack platforms. According to a 2007 IDC report, UNIX servers account for the second-largest segment of spending (behind Windows) in the worldwide server market with $4.2 billion in 2Q07, representing 31.7% of corporate server spending. UNIX systems have not been analyzed to any significant depth largely due to a lack of understanding on the part of the investigator, an understanding and knowledge base that has been achieved by the attacker. The companion DVD provides a simulated or "live" UNIX environment where readers can test the skills they've learned in the book and use custom tools developed by the authors.
  
  The book begins with a chapter to describe why and how the book was written, and for whom, and then immediately begins addressing the issues of live response (volatile) data collection and analysis. The book continues by addressing issues of collecting and analyzing the contents of physical memory (i.e., RAM). The following chapters address /proc analysis, revealing the wealth of significant evidence, and analysis of files created by or on UNIX systems. Then the book addresses the underground world of UNIX hacking and reveals methods and techniques used by hackers, malware coders, and anti-forensic developers. The book then illustrates to the investigator how to analyze these files and extract the information they need to perform a comprehensive forensic analysis. The final chapter includes a detailed discussion of Loadable Kernel Modules and Malware. The companion DVD provides a simulated or "live" UNIX environment where readers can test the skills they've learned in the book and use custom tools developed by the authors.
  
  Throughout the book the author provides a wealth of unique information, providing tools, techniques and information that won't be found anywhere else. Not only are the tools provided, but the author also provides sample files so that after completing a detailed walk-through, the reader can immediately practice the new-found skills.
  
  * The companion DVD for the book contains significant, unique materials (movies, spreadsheet, code, etc.) not available any place else.
  * This book contains information about UNIX forensic analysis that is not available anywhere else. Much of the information is a result of the author?s own unique research and work.
  * The authors have the combined experience of Law Enforcement, Military, and Corporate forensics. This unique perspective makes this book attractive to ALL forensic investigators.
  
   

• Fedora 9 Linux Administration and Security

  Richard L Petersen

  
  Fedora 9 Administration and Security examines topics in system administration, security, and file and device management, including the Fedora system-config administration tools. System administration covers software installation and update with PackageKit, User management, start up and service management using Upstart, virtualization, and system logs, and shell configuration. Security includes PolicyKit authorization, public and private key encryption (GPG and seahorse), SE Linux, firewalls using IPtables, the Secure SHell (SSH), and Kerberos. Device and file system management topics cover udev, the Hardware Abstraction Layer (HAL), Logical Volume Manager (LVM), Linux software RAID, and backups.
  
   

• Linux Desktop Hacks: Tips & Tools for Customizing and Optimizing your OS (Hacks)

  Nicholas Petreley, Jono Bacon

  
  The KDE and Gnome desktops have developed into mature operating environments. These technologies not only act as interfaces between the user, the powerful Linux kernel and GNU operating system, but they do so in a fun and intuitive way. Many users are content with the tools and facilities included with these desktops, but--for those who are ready to probe a little deeper--much more functionality can be found by going under the hood. With hacks that any user can follow, Linux Desktop Hacks demonstrates how easy it is to modify Linux to suit your desires. The book is packed with tips on customizing and improving the interface, boosting performance, administering your desktop, and generally making the most out of what X, KDE, Gnome, and the console have to offer. From the practical to the whimsical, and some things you never thought of trying, the hacks in the book include the following, and more:

  • Kill and Resurrect the Master Boot Record
  • Jazz Up Your Debian System Boot
  • Energize Your Console with Macro Music Magic
  • Konquer Remote Systems Without Passwords
  • Run KDE on the Bleeding Edge
  • View Microsoft Word Documents in a Terminal
  • Read Yahoo! Mail from Any Email Client
  • Motion Capture and Video Conferencing Fun
  • Automate Your Life with cron
  • Protect Yourself from Windows Applications
  • Make an Internet Connection Using Bluetooth and a Mobile Phone
  • Print to Unsupported Printers
  • Accelerate Your Gaming

  If you're yearning for information to make the Linux desktop easier, more powerful, and more fun, Linux Desktop Hacks is just the ticket.
  
   

• Hardening Linux

  James Turnbull

  

  Hardening Linux by James Turnbull belongs on the shelf of anyone who installs and maintains Linux servers.

  — Ray Lodato, Slashdot Contributor

  I felt like I learned more about Linux reading this book than I've learned during the last year at work.

  — Lasse Koskela, JavaRanch Sheriff

  I think Hardening Linux may be the best example I've seen of a practical book on the subject.

  — Anomaly - G. Wade Johnson

  I was a bit surprised when I scanned the table of contents. The first thought in my head was, 'hey, this has everything in it.' And it does.

  — Joe Topjian, Adminspotting.net

  "Hardening" is the process of protecting a system and its applications against unknown threats. Hardening Linux identifies many of the risks of running Linux hosts and applications and provides practical examples and methods to minimize those risks. The book is written for Linux/UNIX administrators who do not necessarily have in-depth knowledge of security but need to know how to secure their networks.

  In this book, you'll learn how to secure:

  • The base operating system and firewall with iptables
  • Connections to your hosts
  • Fie systems and files
  • Email servers
  • IMAP and POP servers
  • FTP servers

  A quick reference of the procedures discussed in each chapter are summarized in Appendix C.

  
   

• Linux Troubleshooting Bible

  Christopher Negus, Thomas Weeks

  
  * An indispensable resource for Fedora users who must now work without customer support from Red Hat, Inc., covering critical troubleshooting techniques for networks, internal servers, and external servers
  * Chris Negus is a well-known Linux authority and also the author of the top-selling Red Hat Linux Bible (0-7645-4333-4); Thomas Weeks is a trainer and administrator who manages hundreds of Red Hat Linux systems
  * Covers all of the most common Fedora problem areas: firewalls, DNS servers, print servers, Samba, NFS, Web servers, FTP servers, e-mail servers, modems, adding hardware, and hardware certification
  * Features easy-to-use flowcharts that guide administrators step by step through common Fedora troubleshooting scenarios
  * A companion Web site offers troubleshooting updates to keep pace with the frequent Fedora Core releases as well as a forum for exchanging troubleshooting tips
  
   

• Linux Server Security

  Michael D. Bauer

  
  Linux consistently appears high up in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well. This highly regarded book, originally titled Building Secure Servers with Linux, combines practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--as a hub offering services to an organization or the Internet--and shows readers how to harden their hosts against attacks. An all-inclusive resource for Linux users who wish to harden their systems, Linux Server Security covers general security such as intrusion detection and firewalling a hub, as well as key services such as DNS, the Apache Web server, mail, and secure shell. Author Michael D. Bauer, a security consultant, network architect, and lead author of the popular Paranoid Penguin column in the Linux Journal, carefully outlines the security risks, defines precautions that can minimize those risks, and offers recipes for robust security. He is joined on several chapters by administrator and developer Bill Lubanovic. A number of new security topics have been added for this edition, including:

  • Database security, with a focus on MySQL
  • Using OpenLDAP for authentication
  • An introduction to email encryption
  • The Cyrus IMAP service, a popular mail delivery agent
  • The vsftpd FTP server

  Geared toward Linux users with little security expertise, the author explains security concepts and techniques in clear language, beginning with the fundamentals. Linux Server Security with Linux provides a unique balance of "big picture" principles that transcend specific software packages and version numbers, and very clear procedures on securing some of those software packages on several popular distributions. With this book in hand, you'll have both the expertise and the tools to comprehensively secure your Linux system.
  
   

• Linux Security Cookbook

  Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes

  
  Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new "Linux Security Cookbook" does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes--short, focused pieces of code that administrators can use to improve security and perform common tasks securely.

  The "Linux Security Cookbook" includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure.

  Some of the "recipes" you'll find in this book are:

  Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more

  Monitoring your network with tcpdump, dsniff, netstat, and other tools

  Protecting network connections with Secure Shell (SSH) and stunnel

  Safeguarding email sessions with Secure Sockets Layer (SSL)

  Encrypting files and email messages with GnuPG

  Probing your own security with password crackers, nmap, and handy scripts

  This cookbook's proven techniques are derived from hard-won experience. Whether you're responsible for security on a home Linux system or for a large corporation, or somewhere in between, you'll find valuable, to-the-point, practical recipes for dealing with everyday security issues. This book is a system saver.

  
   

• Designing and Implementing Linux Firewalls with QoS using netfilter, iproute2, NAT and L7-filter

  Lucian Gheorghe

  
  Learn how to secure your system and implement QoS using real-world scenarios for networks of all sizes using this unique book. The book covers:
  Implementing Packet filtering, NAT, bandwidth shaping, packet prioritization using netfilter/iptables, iproute2, Class Based Queuing (CBQ) and Hierarchical Token Bucket (HTB)
  Designing and implementing 5 real-world firewalls and QoS scenarios ranging from small SOHO offices to a large Learn how to secure your system and implement QoS using real-world scenarios for networks of all sizes using this unique book. The book covers:
  Implementing Packet filtering, NAT, bandwidth shaping, packet prioritization using netfilter/iptables, iproute2, Class Based Queuing (CBQ) and Hierarchical Token Bucket (HTB)
  Designing and implementing 5 real-world firewalls and QoS scenarios ranging from small SOHO offices to a large scale ISP network that spans many cities
  Building intelligent networks by marking, queuing, and prioritizing different types of traffic

  This practical guide teaches you how to implement effective network protection by using your own customized firewall solution. Based on extensive practical experience, this book distills a unique set of scenario based scripts and guidelines for a proven firewall solution, into one succinct and precise book.

  After giving us a background of network security, the book moves on to explain the basic technologies we will work with, namely netfilter, iproute2, NAT and l7-filter. These form the crux of building Linux firewalls and QOS. The later part of the book covers 5 real-world networks for which we design the security policies, build the firewall, setup the script, and verify our installation.Providing only necessary theoretical background, the book takes a practical approach, presenting case studies and plenty of illustrative examples.

  Chapter 1 is a brief introduction to networking concepts. It covers OSI and TCP/IP networking models with explanations on their layers, TCP and UDP as Layer 4 protocols and then rounds off the chapter with a discussion on IP addresses, Subnetting, and Supernetting.

  Chapter 2 discusses possible security threats and vulnerabilities found at each of the OSI layers. The goal here is to understand where and how these threats can affect us and to stay protected from attackers. It then rounds off the discussion by sketching out the basic steps required to protect the services that run on our system.

  Chapter 3 introduces two tools needed to build Linux firewalls and QoS. We first learn the workings of netfilter, which is a packet filtering framework, and implement what we have learnt to build a basic firewall for a Linux workstation. We then see how to perform advanced routing and traffic shaping using the IP and TC tools provided by the iproute2 package. The chapter ends with another example scenario where we implement the concepts learnt in the chapter.

  Chapter 4 discusses NAT, the types of NAT, how they work and how they can be implemented with Linux by giving practical examples. It also describe packet mangling, when to use it, and why to use it.

  Chapter 5 covers layer 7 filtering in detail. We see how to install the l7-filter package, apply the necessary Linux kernel and ip table patches, and test our installation. We then learn the different applications of l7-filter and see how to put them to practical use. We will also see how to install and use IPP2P, which is an alternative to the l7-filter package but only for P2P traffic, and finally we set up a test between the two packages.

  Chapter 6 raises two very popular scenarios, for which we design, implement, and test firewalls and a small QoS configuration. In the first scenario, we configure Linux as a SOHO router.

  Chapter 7 covers the design of a firewall system for a hypermarket having the headquarters in one location, one store in the same city and several stores in other cities. The hypermarket has an application that uses MSSQL databases in each location which is replicated at the headquarters.

  Chapter 8 covers the design of a three-layered network deployed at a large provider of Internet and IP telephony services, the three layers being Core, Distribution and Access. It explains network configuration first on the core and distribution levels and then moves on to building firewalls. The huge size of the network also means that there is a need to tackle newer security threats. As seen in the figure we have 4 Cores running BGP under Zebra and each one peculiar in its own way.

  Throughout the book, the author draws on his experience to offer the reader valuable advice on the best practices. Providing only necessary theoretical background, the book takes a practical approach, presenting case studies and plenty of illustrative examples. This book is aimed at Linux Network administrators with some understanding of Linux security threats and issues, or any one interested in securing their systems behind a firewall. Basic knowledge of Linux is presumed but other than that this book shows you how to do the rest, from configuring your system to dealing with security breaches.

  
   

• SELinux: NSA's Open Source Security Enhanced Linux

  Bill McCarty

  
  The intensive search for a more secure operating system has often left everyday, production computers far behind their experimental, research cousins. Now SELinux (Security Enhanced Linux) dramatically changes this. This best-known and most respected security-related extension to Linux embodies the key advances of the security field. Better yet, SELinux is available in widespread and popular distributions of the Linux operating system--including for Debian, Fedora, Gentoo, Red Hat Enterprise Linux, and SUSE--all of it free and open source. SELinux emerged from research by the National Security Agency and implements classic strong-security measures such as role-based access controls, mandatory access controls, and fine-grained transitions and privilege escalation following the principle of least privilege. It compensates for the inevitable buffer overflows and other weaknesses in applications by isolating them and preventing flaws in one application from spreading to others. The scenarios that cause the most cyber-damage these days--when someone gets a toe-hold on a computer through a vulnerability in a local networked application, such as a Web server, and parlays that toe-hold into pervasive control over the computer system--are prevented on a properly administered SELinux system. The key, of course, lies in the words "properly administered." A system administrator for SELinux needs a wide range of knowledge, such as the principles behind the system, how to assign different privileges to different groups of users, how to change policies to accommodate new software, and how to log and track what is going on. And this is where SELinux is invaluable. Author Bill McCarty, a security consultant who has briefed numerous government agencies, incorporates his intensive research into SELinux into this small but information-packed book. Topics include:

  • A readable and concrete explanation of SELinux concepts and the SELinux security model
  • Installation instructions for numerous distributions
  • Basic system and user administration
  • A detailed dissection of the SELinux policy language
  • Examples and guidelines for altering and adding policies

  With SELinux, a high-security computer is within reach of any system administrator. If you want an effective means of securing your Linux system--and who doesn't?--this book provides the means.
  
   

• SELinux by Example: Using Security Enhanced Linux (Prentice Hall Open Source Software Development Series)

  Frank Mayer, Karl MacMillan, David Caplan

  
  SELinux: Bring World-Class Security to Any Linux Environment! SELinux offers Linux/UNIX integrators, administrators, and developers a state-of-the-art platform for building and maintaining highly secure solutions. Now that SELinux is included in the Linux 2.6 kernel--and delivered by default in Fedora Core, Red Hat Enterprise Linux, and other major distributions--it's easier than ever to take advantage of its benefits. SELinux by Example is the first complete, hands-on guide to using SELinux in production environments. Authored by three leading SELinux researchers and developers, it illuminates every facet of working with SELinux, from its architecture and security object model to its policy language. The book thoroughly explains SELinux sample policies-- including the powerful new Reference Policy--showing how to quickly adapt them to your unique environment. It also contains a comprehensive SELinux policy language reference and covers exciting new features in Fedora Core 5 and the upcoming Red Hat Enterprise Linux version 5./ Thoroughly understand SELinux's access control and security mechanisms / Use SELinux to construct secure systems from the ground up / Gain fine-grained control over kernel resources / Write policy statements for type enforcement, roles, users, and constraints / Use optional multilevel security to enforce information classification and manage users with diverse clearances / Create conditional policies that can be changed on-the-fly / Define, manage, and maintain SELinux security policies / Develop and write new SELinux security policy modules / Leverage emerging SELinux technologies to gain even greater flexibility / Effectively administer any SELinux system
  
   

• Learning Red Hat Enterprise Linux and Fedora

  Bill McCarty

  
  The GNU/Linux® success story is well known. Firmly established as a high-performance operating system, its worldwide installations are increasing at phenomenal rates. Much of this success has been on the server side, but more and more PC users are turning to Linux on the desktop, as well. For those grounded in Microsoft Windows® or Apple Macintosh® graphical interfaces, the first look at a powerful Unix-style operating system can be daunting. This book provides a clear, no-nonsense introduction to the popular Red Hat® distribution of Linux. It takes you through installation and shows you the key parts of the system, always with an eye toward what can go wrong and what you need to know to get over the humps. Linux is known as a secure environment and a good platform to run a web server. These topics are among the many covered in this book. But did you know you can also burn CDs, sync a PalmPilot™, and edit slideshow presentations with powerful tools on Linux? Those topics are covered here, too. Red Hat currently provides two distributions, both documented in this book. The first is their commercial, subscription-based product, called Red Hat Enterprise Linux and also available through retail channels as Red Hat Professional Workstation. The second is the freely distributed Fedora distribution. The Publisher's Edition of Fedora is included in this book on two disks. New in this edition are installation instructions for Red Hat Enterprise Linux and Fedora, package updating for Red Hat Enterprise Linux and Fedora, information on the GRUB bootloader, and the CUPS printer system. Learning Red Hat Enterprise Linux and Fedora tells you how to:

  • Prepare your system for installing Linux
  • Install and configure Linux and the two popular desktop environments, GNOME and KDE.
  • Run the most popular productivity tools on Linux: mailers, web browsers, OpenOffice, and Evolution.
  • Obtain and set up software through the Red Hat Package Manager (RPM)
  • Set up a Linux system for networking, either on your local area network (LAN), or via a dialup connection to the Internet.
  • Use the system-administration tools included with Red Hat, GNOME, and KDE, including such valuable utilities as Samba file-sharing and the Apache web server.
  • Understand and write shell scripts so you can peek under the hood and extend the power of Linux.