Hack Proofing Sun Solaris 8

Syngress, Ed Mitchell, Ido Dubrawsky, Wyman Miles, F. William Lynch

  • 出版商: Syngress Media
  • 出版日期: 2001-11-30
  • 定價: $1,750
  • 售價: 1.7$299
  • 語言: 英文
  • 頁數: 608
  • 裝訂: Paperback
  • ISBN: 192899444X
  • ISBN-13: 9781928994442
  • 相關分類: 資訊安全Computer-networks
  • 立即出貨(限量) (庫存=9)

買這商品的人也買了...

商品描述

The Complete Guide to Hack Proofing Sun Solaris 8

"As a child, my father and I tried to design a birdfeeder that was easily accessible by birds but impossible to reach by squirrels. Our birdfeeders ranged from the simple to the absurd. Each design worked temporarily, but eventually the squirrels would figure out a way around our defenses. Our efforts were helping breed a smarter, craftier squirrel. The "Ultimate Squirrel-Proof Birdfeeder" scenario is similar to the challenges we face in computer security. How can we provide easy access to resources by the authorized users and still deny unauthorized access? Luckily, as Solaris System Administrators, we have some excellent tools available to us. Sun Microsystems has spent a great deal of effort in designing Solaris to be both stable and secure. This book is your reference guide for not only securing your Solaris systems, but also for securing the environment in which they operate."

1. Configure Default Settings on a Newly Installed Solaris 8 System
Review the basics of testing, monitoring, and documenting security procedures.

2. Learn about Third-Party Security Tools to Secure and Monitor Systems
You will find recommendations of valuable tools to have on hand, where to get them, and how to configure them.

3. Manage How Users Are Authenticated
Securely identify your users, reject those who don't belong, log failed access attempts, and revise the system as new threats arise.

4. Understand How to Secure Your Files
Configure file permissions and commonly used protocols such as FTP and NFS to transfer information safely.

5. Explore Options for Providing Secure Network Services
Provide secure access on both sides of the router.

6. Provide Secure DNS and DHCP Services to Network Clients
Harden your Solaris systems' network services so an attacker won't easily succeed with remote attacks.

7. Configure a Secure Web and E-Mail Server
Provide your network users secure and stable access to e-mail and the Internet.

8. Configure Solaris to Be a Router and Provide Firewall Services
See why Solaris is a good choice for a router. Combat Code Red! Use Perl scripts to identify the Code Red URL and counter attack.

9. Register for Your 1 Year Upgrade
The Syngress Solutions upgrade plan protects you from content obsolescence and provides monthly mailings, whitepapers, and more!

Contents

CHAPTER 1

INTRODUCING SOLARIS SECURITY: EVALUATING YOUR RISK

·     Exposing Default Solaris Security Levels

·     Evaluating Current Solaris Security Configurations

·     Monitoring Solaris systems

·     Testing Security

·     Securing Against Physical Inspections

·     Documenting Security Procedures and Configuration

·     Summary

·     Solutions Fast Track

·     Frequently Asked Questions

CHAPTER 2

SECURING SOLARIS WITH THE BUNDLED SECURITY TOOLS

·     Choosing Trusted Solaris 8

·     Using SunScreen SKIP

·     Understanding Java's Security Measures

·     Using the Solaris Security Toolkit (JASS)

·     Summary

·     Solutions Fast Track

·     Frequently Asked Questions

CHAPTER 3

SECURING SOLARIS WITH FREEWARE SECURITY TOOLS

·     Detecting Vulnerabilities with Port Scanning

·     Discovering Unauthorized Systems Using IP Scanning

·     Detecting Unusual Traffic with Network Traffic Monitoring

·     Using Sudo

·     Summary

·     Solutions Fast Track

·     Frequently Asked Questions

CHAPTER 4

SECURING YOUR USERS

·     Creating Secure Group Memberships

·     Understanding Solaris User Authentication

·     Authenticating Users with NIS and NIS+

·     Authenticating Users with Kerberos

·     Authenticating Users with the Pluggable Authentication Module (PAM)

·     Summary

·     Solutions Fast Track

·     Frequently Asked Questions

CHAPTER 5

SECURING YOUR FILES

·     Establishing Permissions and Ownership

·     Using NFS

·     Locking Down FTP Services

·     Using Samba

·     Restoring Files

·     Summary

·     Solutions Fast Track

·     Frequently Asked Questions

CHAPTER 6

SECURING YOUR NETWORK

·     Configuring Solaris as a DHCP Server

·     Securing DNS Services on Solaris

·     Configuring Solaris to Provide Printing Services

·     Using X-Server Services Securely

·     Using Remote Commands

·     Summary

·     Solutions Fast Track

·     Frequently Asked Questions

CHAPTER 7

PROVIDING SECURE WEB AND MAIL SERVICES

·     Configuring Security Features of an Apache Web Server

·     Monitoring Web Page Usage and Activity

·     Configuring Security Features of Sendmail

·     Configuring Aliases and Mailboxes on a Solaris Sendmail Server

·     Summary

·     Solutions Fast Track

·     Frequently Asked Questions

CHAPTER 8

CONFIGURING SOLARIS AS A SECURE ROUTER, GATEWAY, AND FIREWALL

·     Configuring Solaris as a Secure Router

·     Configuring Solaris as a Secure Gateway

·     Configuring Solaris as a Firewall

·     Guarding Internet Access

·     Summary

·     Solutions Fast Track

·     Frequently Asked Questions

CHAPTER 9

USING SQUID ON SOLARIS

·     The Default Settings of a Squid Installation

·     Configuring Access to Squid Services

·     Excluding Access to Restricted Web Sites

·     Summary

·     Solutions Fast Track

·     Frequently Asked Questions

CHAPTER 10

DISSECTING HACKS

·     Securing Against Denial of Service Hacks

·     Securing Against Buffer Overflow Hacks

·     Securing Against Brute Force Hacks

·     Securing Against Trojan Horse Hacks

·     Securing Against IP Spoofing

·     Summary

·     Solutions Fast Track

·     Frequently Asked Questions

CHAPTER 11

DETECTING AND DENYING HACKS

·     Monitoring for Hacking Activity

·     Using Automated E-mail and Paging to Alert System Administrators

·     What To Do Once a Hack Has Been Detected

·     Monitoring Solaris Log Files

·     Summary

·     Solutions Fast Track

·     Frequently Asked Questions

商品描述(中文翻譯)

《完全指南:防止黑客入侵 Sun Solaris 8》

「當我還是個孩子時,我和父親試圖設計一個鳥食器,讓鳥類可以輕易進入,但松鼠卻無法接近。我們的鳥食器從簡單到荒謬不等。每個設計都暫時有效,但最終松鼠總能找到繞過我們防禦的方法。我們的努力幫助松鼠變得更聰明、更狡猾。『終極防松鼠鳥食器』的情境與我們在電腦安全方面面臨的挑戰相似。我們如何在授權使用者方便存取資源的同時,拒絕未經授權的存取?幸運的是,作為 Solaris 系統管理員,我們有一些優秀的工具可供使用。Sun Microsystems 在設計 Solaris 時花了很多心力,使其既穩定又安全。本書是您保護 Solaris 系統安全的參考指南,同時也是保護其運行環境安全的指南。」


1. 配置新安裝的 Solaris 8 系統的預設設定
回顧測試、監控和記錄安全程序的基礎知識。


2. 了解第三方安全工具以保護和監控系統
您將找到有價值的工具推薦,以及如何獲取和配置這些工具。


3. 管理使用者身份驗證
安全地識別您的使用者,拒絕不合格者,記錄失敗的存取嘗試,並根據新的威脅修訂系統。


4. 瞭解如何保護您的檔案
配置檔案權限和常用的傳輸協議,如 FTP 和 NFS,以安全地傳輸資訊。


5. 探索提供安全網路服務的選項
在路由器的兩側提供安全存取。


6. 為網路客戶端提供安全的 DNS 和 DHCP 服務
加固您的 Solaris 系統的網路服務,使攻擊者難以成功進行遠程攻擊。


7. 配置安全的網頁和電子郵件伺服器
為您的網路使用者提供安全穩定的電子郵件和網際網路存取。


8. 配置 Solaris 成為路由器並提供防火牆服務
了解為何 Solaris 是一個良好的路由器選擇。對抗 Code Red!使用 Perl 腳本識別 Code Red 的 URL 並進行反擊。


9. 註冊您的 1 年升級
Syngress Solutions 升級計劃保護您免受內容過時的影響,並提供每月郵件、白皮書等。


目錄


第 1 章


介紹 Solaris 安全性:評估您的風險


```