In my early career, I ventured into the realm of application support and to ensure that the critical software tools, indispensable to the work of geologists and paraphysicists, operated seamlessly. This was the backdrop for my journey into the world of Linux.
During those days, the mighty Red Hat Enterprise Linux 5 machine was my go-to and to this day, it remains a cornerstone of my Linux experience. Nowadays, my go-to build is Parrot, but the essence of Linux’s open-source ethos and robust architecture still captivates me.
Intrigued by Linux’s depth, I began to explore Linux administration during this period. This exploration led to a mastery of its intricacies, setting the stage for my future endeavours.
Today, my Linux expertise and my experiences in application support continue to shape my perspective on technology. Specifically, they’ve influenced my work in Cybersecurity and Digital Forensics (DFIR), where securing systems against intruders and cyber threats is paramount.
Now, let’s dive into the essence of this review:
Mastering Linux Security and Hardening: Safeguard Your Linux Systems from Cyber Threats – 3rd Edition by Donald A. Tevault
This book is a comprehensive guide to securing your Linux system against cyberattacks and intruders. It equips you with the knowledge and tools needed to reduce the risk of security breaches effectively.
- Create a secure Linux system that minimizes the risk of hacking.
- Explore advanced Linux security techniques through hands-on labs.
- Master the art of securing Linux with this practical, end-to-end guide.
Table of Contents
- Running Linux in a Virtual Environment
- Securing Administrative User Accounts
- Securing Normal User Accounts
- Securing Your Server with a Firewall – Part 1
- Securing Your Server with a Firewall – Part 2
- Encryption Technologies
- SSH Hardening
- Mastering Discretionary Access Control
- Access Control Lists and Shared Directory Management
- Implementing Mandatory Access Control with SELinux and AppArmor
- Kernel Hardening and Process Isolation
- Scanning, Auditing and Hardening
- Logging and Log Security
- Vulnerability Scanning and Intrusion Detection
- Prevent Unwanted Programs from Running
- Security Tips & Tricks for the Busy Bee
Over the last couple of decades, Linux has gained immense popularity among system administrators for tasks ranging from setting up networks and servers to automating entire work environments. However, security has always been a critical concern. This book addresses the need for proper Linux system security in a field often characterized by limited resources.
With clear explanations, practical examples, and self-assessment questions, this book begins by guiding you through setting up a practice lab environment. From there, it covers the core principles of securing Linux systems. You’ll learn various Linux hardening techniques and progress to establishing a locked-down Linux server. As you advance, you’ll gain insight into creating user accounts with appropriate privilege levels, securing sensitive data with permissions and encryption, and configuring firewalls. The book also delves into mandatory access control, system auditing, security profiles, kernel hardening, best practices, and troubleshooting techniques to efficiently secure your Linux environment.
By the time you finish this book, you’ll have the confidence to set up a Linux server that’s substantially more resilient against malicious actors.
In this new edition, you will learn how to set up a practice lab, create user accounts with appropriate privilege levels, protect sensitive data with permissions settings and encryption, and configure a firewall with the newest firewall technologies. You’ll also explore how to use sudo to set up administrative accounts with only the privileges required to do a specific job, and you’ll get a peek at the new sudo features that have been added over the past couple of years.
You’ll also see updated information on how to set up a local certificate authority for both Ubuntu and AlmaLinux, as well as how to automate system auditing. Other important skills that you’ll learn include how to automatically harden systems with OpenSCAP, audit systems with auditd, harden the Linux kernel configuration, protect your systems from malware, and perform vulnerability scans of your systems. As a bonus, you’ll see how to use Security Onion to set up an Intrusion Detection System.
By the end of this new edition, you will confidently be able to set up a Linux server that will be secure and harder for malicious actors to compromise.
What You Will Learn:
- Create secure user accounts with robust passwords.
- Configure firewalls using iptables, UFW, nftables, and firewalld.
- Implement various encryption technologies to protect your data.
- Harden the secure shell service to prevent security breaches.
- Utilize mandatory access control to guard against system exploits.
- Secure kernel parameters and establish a kernel-level auditing system.
- Apply OpenSCAP security profiles and set up intrusion detection.
- Securely configure the GRUB 2 bootloader and BIOS/UEFI.
Who Should Read This Book:
This book is a valuable resource for Linux administrators, system administrators, and network engineers seeking to secure moderate to complex Linux environments. Security consultants aiming to enhance their Linux security skills will also find it beneficial. Familiarity with the Linux command line and package management is necessary to grasp the concepts covered in this book.
About the Author:
The book’s author, Donald A. Tevault, also known as Donnie, ventured into the world of Linux back in 2006 and has remained an active participant ever since. Donnie holds the Linux Professional Institute Level 3-Security certification and the GIAC Incident Handler certification. He is a professional Linux trainer, teaching Linux classes worldwide from the comfort of his living room. Additionally, Donnie serves as a Linux security researcher for an IoT security company.
If you’re a Linux user who has been using the system for a few years or even decades but haven’t delved into the intricacies of system hardening, this book is tailored to your needs. Whether you’re a developer, casual Linux user, system administrator, dev ops professional, or any variation thereof, this book provides the tools and knowledge to enhance your system’s security.
Setting the Context:
Before delving into the book’s content, it’s crucial to understand why Linux security matters. In a world where cyber threats loom large, leaving non-secure systems on the internet can have dire consequences. The default settings in most Linux distributions tend to be inherently insecure, making it imperative to bolster security measures.
Content Organization and Style:
The book kicks off by providing context on security and directing readers to prominent security news websites for up-to-date information. It then introduces the lab environment necessary for the book’s lessons, accommodating both Linux newcomers and those without direct access to Linux systems. The content caters primarily to two popular Linux distributions: RedHat (or CentOS) and Ubuntu. While the book assumes familiarity with the Linux command line, it also showcases graphical user interface tools where appropriate.
You can have a look at the book on the official Packt website as it actually gives you chapter 1 for free.
The reviewer, mainly a Windows Sysadmin, found the content impressive and accessible. The book covers a wide array of topics essential for Linux machine administrators, ranging from configuring user accounts and firewall management to diving deep into encryption technologies like GPG, VeraCrypt, and PKI. One standout moment was the realization of how sudo privileges could be restricted, highlighting the potential backdoor risks within applications like Vim. Overall, the book is recommended for anyone looking to elevate their Linux security game.
In summary, “Mastering Linux Security and Hardening” lives up to its promise as a practical guide to fortifying Linux systems against cyber threats. It’s a valuable resource for both beginners and experienced Linux users, providing a comprehensive understanding of Linux security principles. Whether you’re a Linux veteran or just starting your security journey, this book is a must-read for those aiming to enhance their system security.
Reviewer’s Additional Comments:
This book maintains a cohesive and singular voice throughout. The author’s expertise shines through, and the content is well-structured and easy to grasp. The labs included in the book offer hands-on experience and reinforce the knowledge gained from each chapter. Overall, this book delivers substantial value to readers seeking to bolster their Linux security skills.
Very good read and enjoyable tasks to work through so never seems like a slog or a chore, well-paced and I would definitely look at any more books from the author.
Take it easy