Linux Security Cookbook

Table of Contents 7 Preface 13 A Cookbook About Security?!? 13 Intended Audience 14 Roadmap of the Book 14 Our Security Philosophy 15 Supported Linux Distributions 16 Trying the Recipes 16 Conventions Used in This Book 17 We’d Like to Hear from You 18 Acknowledgments 19 System Snapshots with Tripwire 21 1.0 Introduction 21 1.1 Setting Up Tripwire 24 Problem 24 Solution 24 Discussion 24 See Also 25 1.2 Displaying the Policy and Configuration 25 Problem 25 Solution 26 Discussion 26 See Also 26 1.3 Modifying the Policy and Configuration 26 Problem 26 Solution 26 Discussion 27 See Also 27 1.4 Basic Integrity Checking 27 Problem 27 Solution 27 Discussion 27 See Also 28 1.5 Read-Only Integrity Checking 28 Problem 28 Solution 28 Discussion 29 See Also 29 1.6 Remote Integrity Checking 29 Problem 29 Solution 30 Discussion 30 See Also 31 1.7 Ultra-Paranoid Integrity Checking 31 Problem 31 Solution 31 Discussion 32 See Also 32 1.8 Expensive, Ultra-Paranoid Security Checking 33 Problem 33 Solution 33 Discussion 33 1.9 Automated Integrity Checking 33 Problem 33 Solution 33 Discussion 34 See Also 34 1.10 Printing the Latest Tripwire Report 34 Problem 34 Solution 34 Discussion 34 See Also 35 1.11 Updating the Database 35 Problem 35 Solution 35 Discussion 35 See Also 35 1.12 Adding Files to the Database 36 Problem 36 Solution 36 Discussion 36 See Also 36 1.13 Excluding Files from the Database 37 Problem 37 Solution 37 Discussion 37 See Also 37 1.14 Checking Windows VFAT Filesystems 37 Problem 37 Solution 37 Discussion 38 See Also 38 1.15 Verifying RPM-Installed Files 38 Problem 38 Solution 38 Discussion 38 See Also 39 1.16 Integrity Checking with rsync 39 Problem 39 Solution 39 Discussion 39 See Also 40 1.17 Integrity Checking Manually 40 Problem 40 Solution 40 Discussion 40 See Also 42 Firewalls with iptables and ipchains 43 2.0 Introduction 43 2.1 Enabling Source Address Verification 44 Problem 44 Solution 44 Discussion 46 See Also 46 2.2 Blocking Spoofed Addresses 46 Problem 46 Solution 46 Discussion 47 See Also 47 2.3 Blocking All Network Traffic 48 Problem 48 Solution 48 Discussion 48 See Also 48 2.4 Blocking Incoming Traffic 48 Problem 48 Solution 49 Discussion 49 See Also 49 2.5 Blocking Outgoing Traffic 50 Problem 50 Solution 50 Discussion 50 See Also 50 2.6 Blocking Incoming Service Requests 50 Problem 50 Solution 51 Discussion 51 See Also 51 2.7 Blocking Access from a Remote Host 51 Problem 51 Solution 51 Discussion 52 See Also 52 2.8 Blocking Access to a Remote Host 52 Problem 52 Solution 52 Discussion 53 See Also 53 2.9 Blocking Outgoing Access to All Web Servers on a Network 53 Problem 53 Solution 53 Discussion 53 See Also 53 2.10 Blocking Remote Access, but Permitting Local 54 Problem 54 Solution 54 Discussion 55 See Also 55 2.11 Controlling Access by MAC Address 55 Problem 55 Solution 55 Discussion 56 See Also 56 2.12 Permitting SSH Access Only 56 Problem 56 Solution 56 Discussion 56 See Also 57 2.13 Prohibiting Outgoing Telnet Connections 57 Problem 57 Solution 57 Discussion 58 See Also 58 2.14 Protecting a Dedicated Server 58 Problem 58 Solution 58 Discussion 58 See Also 59 2.15 Preventing pings 59 Problem 59 Solution 59 Discussion 59 See Also 59 2.16 Listing Your Firewall Rules 59 Problem 59 Solution 60 Discussion 60 See Also 60 2.17 Deleting Firewall Rules 61 Problem 61 Solution 61 Discussion 61 See Also 61 2.18 Inserting Firewall Rules 62 Problem 62 Solution 62 Discussion 62 See Also 62 2.19 Saving a Firewall Configuration 62 Problem 62 Solution 62 Discussion 63 See Also 63 2.20 Loading a Firewall Configuration 63 Problem 63 Solution 63 Discussion 64 See Also 64 2.21 Testing a Firewall Configuration 65 Problem 65 Solution 65 Discussion 65 See Also 66 2.22 Building Complex Rule Trees 66 Problem 66 Solution 66 Discussion 67 See Also 67 2.23 Logging Simplified 67 Problem 67 Solution 67 Discussion 68 See Also 68 Network Access Control 69 3.0 Introduction 69 3.1 Listing Your Network Interfaces 71 Problem 71 Solution 72 Discussion 72 See Also 72 3.2 Starting and Stopping the Network Interface 72 Problem 72 Solution 72 Discussion 73 See Also 73 3.3 Enabling/Disabling a Service (xinetd) 73 Problem 73 Solution 74 Discussion 74 See Also 74 3.4 Enabling/Disabling a Service (inetd) 74 Problem 74 Solution 74 Discussion 75 See Also 75 3.5 Adding a New Service (xinetd) 75 Problem 75 Solution 75 Discussion 75 See Also 76 3.6 Adding a New Service (inetd) 76 Problem 76 Solution 76 Discussion 76 See Also 77 3.7 Restricting Access by Remote Users 77 Problem 77 Solution 77 Discussion 77 See Also 78 3.8 Restricting Access by Remote Hosts (xinetd) 78 Problem 78 Solution 78 Discussion 79 See Also 79 3.9 Restricting Access by Remote Hosts (xinetd with libwrap) 79 Problem 79 Solution 80 Discussion 80 See Also 80 3.10 Restricting Access by Remote Hosts (xinetd with tcpd) 80 Problem 80 Solution 80 Discussion 81 See Also 81 3.11 Restricting Access by Remote Hosts (inetd) 81 Problem 81 Solution 82 Discussion 82 See Also 82 3.12 Restricting Access by Time of Day 82 Problem 82 Solution 82 Discussion 83 See Also 83 3.13 Restricting Access to an SSH Server by Host 84 Problem 84 Solution 84 Discussion 84 See Also 84 3.14 Restricting Access to an SSH Server by Account 84 Problem 84 Solution 85 Discussion 85 See Also 85 3.15 Restricting Services to Specific Filesystem Directories 85 Problem 85 Solution 86 Discussion 86 See Also 87 3.16 Preventing Denial of Service Attacks 87 Problem 87 Solution 87 Discussion 88 See Also 88 3.17 Redirecting to Another Socket 89 Problem 89 Solution 89 Discussion 89 See Also 90 3.18 Logging Access to Your Services 90 Problem 90 Solution 90 Discussion 90 See Also 91 3.19 Prohibiting root Logins on Terminal Devices 91 Problem 91 Solution 91 Discussion 91 See Also 91 Authentication Techniques and Infrastructures 92 4.0 Introduction 92 4.1 Creating a PAM-Aware Application 94 Problem 94 Solution 94 Discussion 95 See Also 95 4.2 Enforcing Password Strength with PAM 95 Problem 95 Solution 95 Discussion 96 See Also 96 4.3 Creating Access Control Lists with PAM 96 Problem 96 Solution 96 Discussion 97 See Also 98 4.4 Validating an SSL Certificate 98 Problem 98 Solution 98 Discussion 99 See Also 99 4.5 Decoding an SSL Certificate 99 Problem 99 Solution 99 Discussion 100 See Also 100 4.6 Installing a New SSL Certificate 100 Problem 100 Solution 100 Discussion 101 See Also 101 4.7 Generating an SSL Certificate Signing Request (CSR) 101 Problem 101 Solution 101 Discussion 102 See Also 103 4.8 Creating a Self-Signed SSL Certificate 103 Problem 103 Solution 103 Discussion 103 See Also 104 4.9 Setting Up a Certifying Authority 104 Problem 104 Solution 104 Discussion 104 See Also 107 4.10 Converting SSL Certificates from DER to PEM 107 Problem 107 Solution 107 Discussion 107 See Also 107 4.11 Getting Started with Kerberos 108 Problem 108 Solution 108 Discussion 109 See Also 112 4.12 Adding Users to a Kerberos Realm 112 Problem 112 Solution 112 Discussion 113 See Also 113 4.13 Adding Hosts to a Kerberos Realm 113 Problem 113 Solution 113 Discussion 113 See Also 114 4.14 Using Kerberos with SSH 114 Problem 114 Solution 114 Discussion 115 See Also 116 4.15 Using Kerberos with Telnet 116 Problem 116 Solution 117 Discussion 117 See Also 118 4.16 Securing IMAP with Kerberos 118 Problem 118 Solution 118 Discussion 120 See Also 120 4.17 Using Kerberos with PAM for System-Wide Authentication 120 Problem 120 Solution 120 Discussion 120 See Also 121 Authorization Controls 122 5.0 Introduction 122 5.1 Running a root Login Shell 124 Problem 124 Solution 124 Discussion 124 See Also 125 5.2 Running X Programs as root 125 Problem 125 Solution 125 Discussion 125 See Also 126 5.3 Running Commands as Another User via sudo 126 Problem 126 Solution 126 Discussion 126 See Also 126 5.4 Bypassing Password Authentication in sudo 126 Problem 126 Solution 127 Discussion 127 See Also 127 5.5 Forcing Password Authentication in sudo 128 Problem 128 Solution 128 Discussion 128 See Also 128 5.6 Authorizing per Host in sudo 128 Problem 128 Solution 129 Discussion 129 See Also 129 5.7 Granting Privileges to a Group via sudo 130 Problem 130 Solution 130 See Also 130 5.8 Running Any Program in a Directory via sudo 130 Problem 130 Solution 130 See Also 130 5.9 Prohibiting Command Arguments with sudo 131 Problem 131 Solution 131 Discussion 131 See Also 131 5.10 Sharing Files Using Groups 131 Problem 131 Solution 131 Discussion 132 See Also 132 5.11 Permitting Read-Only Access to a Shared File via sudo 132 Problem 132 Solution 133 Discussion 133 See Also 133 5.12 Authorizing Password Changes via sudo 133 Problem 133 Solution 133 Discussion 134 See Also 134 5.13 Starting/Stopping Daemons via sudo 134 Problem 134 Solution 134 Discussion 134 See Also 134 5.14 Restricting root’s Abilities via sudo 135 Problem 135 Solution 135 Discussion 135 See Also 135 5.15 Killing Processes via sudo 135 Problem 135 Solution 135 Discussion 136 See Also 137 5.16 Listing sudo Invocations 137 Problem 137 Solution 137 Discussion 137 See Also 137 5.17 Logging sudo Remotely 138 Problem 138 Solution 138 Discussion 138 See Also 138 5.18 Sharing root Privileges via SSH 138 Problem 138 Solution 138 Discussion 139 See Also 139 5.19 Running root Commands via SSH 140 Problem 140 Solution 140 Discussion 140 See Also 141 5.20 Sharing root Privileges via Kerberos su 141 Problem 141 Solution 141 Discussion 141 Authentication 142 Authorization 142 See Also 143 Protecting Outgoing Network Connections 144 6.0 Introduction 144 6.1 Logging into a Remote Host 145 Problem 145 Solution 145 Discussion 145 See Also 146 6.2 Invoking Remote Programs 146 Problem 146 Solution 146 Discussion 146 See Also 147 6.3 Copying Files Remotely 147 Problem 147 Solution 147 Discussion 148 See Also 149 6.4 Authenticating by Public Key (OpenSSH) 149 Problem 149 Solution 149 Discussion 150 See Also 151 6.5 Authenticating by Public Key (OpenSSH Client, SSH2 Server, OpenSSH Key) 151 Problem 151 Solution 151 Discussion 152 See Also 153 6.6 Authenticating by Public Key (OpenSSH Client, SSH2 Server, SSH2 Key) 153 Problem 153 Solution 153 Discussion 154 See Also 154 6.7 Authenticating by Public Key (SSH2 Client, OpenSSH Server) 154 Problem 154 Solution 154 Description 155 See Also 155 6.8 Authenticating by Trusted Host 155 Problem 155 Solution 155 Discussion 156 See Also 158 6.9 Authenticating Without a Password (Interactively) 158 Problem 158 Solution 158 Discussion 159 See Also 160 6.10 Authenticating in cron Jobs 160 Problem 160 Solution 160 Discussion 160 See Also 161 6.11 Terminating an SSH Agent on Logout 161 Problem 161 Solution 162 Discussion 162 See Also 162 6.12 Tailoring SSH per Host 162 Problem 162 Solution 162 Discussion 162 See Also 163 6.13 Changing SSH Client Defaults 163 Problem 163 Solution 163 Discussion 163 See Also 164 6.14 Tunneling Another TCP Session Through SSH 164 Problem 164 Solution 164 Discussion 164 See Also 165 6.15 Keeping Track of Passwords 166 Problem 166 Solution 166 Discussion 166 See Also 166 Protecting Files 167 7.0 Introduction 167 7.1 Using File Permissions 168 Problem 168 Solution 168 Discussion 169 See Also 169 7.2 Securing a Shared Directory 169 Problem 169 Solution 169 Discussion 169 See Also 169 7.3 Prohibiting Directory Listings 170 Problem 170 Solution 170 Discussion 170 See Also 170 7.4 Encrypting Files with a Password 171 Problem 171 Solution 171 Discussion 171 See Also 171 7.5 Decrypting Files 172 Problem 172 Solution 172 Discussion 172 See Also 172 7.6 Setting Up GnuPG for Public-Key Encryption 172 Problem 172 Solution 172 Discussion 173 See Also 174 7.7 Listing Your Keyring 174 Problem 174 Solution 174 Discussion 175 See Also 175 7.8 Setting a Default Key 175 Problem 175 Solution 175 Discussion 175 See Also 176 7.9 Sharing Public Keys 176 Problem 176 Solution 176 Discussion 177 See Also 177 7.10 Adding Keys to Your Keyring 177 Problem 177 Solution 177 Discussion 178 See Also 178 7.11 Encrypting Files for Others 178 Problem 178 Solution 178 Discussion 178 See Also 178 7.12 Signing a Text File 179 Problem 179 Solution 179 Discussion 179 See Also 179 7.13 Signing and Encrypting Files 179 Problem 179 Solution 180 Discussion 180 See Also 180 7.14 Creating a Detached Signature File 180 Problem 180 Solution 180 Discussion 180 See Also 181 7.15 Checking a Signature 181 Problem 181 Solution 181 Discussion 181 See Also 181 7.16 Printing Public Keys 182 Problem 182 Solution 182 Discussion 182 See Also 182 7.17 Backing Up a Private Key 182 Problem 182 Solution 183 Discussion 183 See Also 184 7.18 Encrypting Directories 184 Problem 184 Solution 184 Discussion 184 See Also 184 7.19 Adding Your Key to a Keyserver 185 Problem 185 Solution 185 Discussion 185 See Also 185 7.20 Uploading New Signatures to a Keyserver 185 Problem 185 Solution 185 7.21 Obtaining Keys from a Keyserver 186 Problem 186 Solution 186 Discussion 186 See Also 188 7.22 Revoking a Key 188 Problem 188 Solution 188 Discussion 188 See Also 189 7.23 Maintaining Encrypted Files with Emacs 189 Problem 189 Solution 189 Discussion 190 See Also 190 7.24 Maintaining Encrypted Files with vim 190 Problem 190 Solution 190 Discussion 191 See Also 191 7.25 Encrypting Backups 191 Problem 191 Solution 192 Discussion 192 See Also 193 7.26 Using PGP Keys with GnuPG 193 Problem 193 Solution 193 Discussion 193 See Also 194 Protecting Email 195 8.0 Introduction 195 8.1 Encrypted Mail with Emacs 195 Problem 195 Solution 196 Discussion 196 See Also 197 8.2 Encrypted Mail with vim 197 Problem 197 Solution 197 Discussion 198 See Also 198 8.3 Encrypted Mail with Pine 198 Problem 198 Solution 198 Description 198 See Also 199 8.4 Encrypted Mail with Mozilla 199 Problem 199 Solution 200 Discussion 200 See Also 200 8.5 Encrypted Mail with Evolution 200 Problem 200 Solution 200 Discussion 201 See Also 201 8.6 Encrypted Mail with mutt 201 Problem 201 Solution 201 Discussion 201 See Also 202 8.7 Encrypted Mail with elm 202 Problem 202 Solution 202 Discussion 202 See Also 202 8.8 Encrypted Mail with MH 203 Problem 203 Solution 203 Discussion 203 See Also 203 8.9 Running a POP/IMAP Mail Server with SSL 203 Problem 203 Solution 203 Discussion 206 See Also 207 8.10 Testing an SSL Mail Connection 208 Problem 208 Solution 208 Discussion 208 See Also 208 8.11 Securing POP/IMAP with SSL and Pine 208 Problem 208 Solution 209 Discussion 209 See Also 209 8.12 Securing POP/IMAP with SSL and mutt 210 Problem 210 Solution 210 Discussion 211 See Also 211 8.13 Securing POP/IMAP with SSL and Evolution 211 Problem 211 Solution 211 Discussion 211 See Also 212 8.14 Securing POP/IMAP with stunnel and SSL 212 Problem 212 Solution 212 Discussion 213 See Also 213 8.15 Securing POP/IMAP with SSH 213 Problem 213 Solution 213 Discussion 214 See Also 214 8.16 Securing POP/IMAP with SSH and Pine 215 Problem 215 Solution 215 Discussion 215 See Also 217 8.17 Receiving Mail Without a Visible Server 217 Problem 217 Solution 217 Discussion 218 See Also 218 8.18 Using an SMTP Server from Arbitrary Clients 218 Problem 218 Solution 219 Discussion 220 See Also 221 Testing and Monitoring 222 9.0 Introduction 222 9.1 Testing Login Passwords (John the Ripper) 223 Problem 223 Solution 223 Discussion 223 See Also 225 9.2 Testing Login Passwords (CrackLib) 225 Problem 225 Solution 225 Discussion 226 See Also 226 9.3 Finding Accounts with No Password 226 Problem 226 Solution 226 Discussion 226 See Also 227 9.4 Finding Superuser Accounts 227 Problem 227 Solution 227 Discussion 227 See Also 227 9.5 Checking for Suspicious Account Use 227 Problem 227 Solution 227 Discussion 228 See Also 229 9.6 Checking for Suspicious Account Use, Multiple Systems 229 Problem 229 Solution 229 Discussion 230 See Also 231 9.7 Testing Your Search Path 231 Problem 231 Solution 231 Discussion 231 See Also 232 9.8 Searching Filesystems Effectively 232 Problem 232 Solution 232 Discussion 233 See Also 235 9.9 Finding setuid (or setgid) Programs 235 Problem 235 Solution 235 Discussion 236 See Also 237 9.10 Securing Device Special Files 237 Problem 237 Solution 237 Discussion 238 See Also 238 9.11 Finding Writable Files 238 Problem 238 Solution 238 Discussion 239 See Also 239 9.12 Looking for Rootkits 239 Problem 239 Solution 239 Discussion 240 See Also 240 9.13 Testing for Open Ports 240 Problem 240 Solution 240 Discussion 241 See Also 246 9.14 Examining Local Network Activities 246 Problem 246 Solution 246 Discussion 246 See Also 251 9.15 Tracing Processes 251 Problem 251 Solution 251 Discussion 251 See Also 252 9.16 Observing Network Traffic 253 Problem 253 Solution 253 Discussion 253 See Also 258 9.17 Observing Network Traffic (GUI) 258 Problem 258 Solution 258 Discussion 258 See Also 260 9.18 Searching for Strings in Network Traffic 260 Problem 260 Solution 260 Discussion 260 See Also 262 9.19 Detecting Insecure Network Protocols 263 Problem 263 Solution 263 Discussion 263 See Also 267 9.20 Getting Started with Snort 267 Problem 267 Solution 268 Discussion 268 See Also 268 9.21 Packet Sniffing with Snort 268 Problem 268 Solution 269 Discussion 269 See Also 270 9.22 Detecting Intrusions with Snort 270 Problem 270 Solution 270 Discussion 270 See Also 272 9.23 Decoding Snort Alert Messages 272 Problem 272 Solution 272 Discussion 272 See Also 273 9.24 Logging with Snort 273 Problem 273 Solution 274 Discussion 274 See Also 275 9.25 Partitioning Snort Logs Into Separate Files 275 Problem 275 Solution 275 Discussion 275 See Also 276 9.26 Upgrading and Tuning Snort’s Ruleset 276 Problem 276 Solution 276 Discussion 276 See Also 277 9.27 Directing System Messages to Log Files (syslog) 277 Problem 277 Solution 278 Discussion 278 See Also 281 9.28 Testing a syslog Configuration 281 Problem 281 Solution 281 Discussion 281 See Also 281 9.29 Logging Remotely 282 Problem 282 Solution 282 Discussion 282 See Also 283 9.30 Rotating Log Files 283 Problem 283 Solution 283 Discussion 283 See Also 284 9.31 Sending Messages to the System Logger 284 Problem 284 Solution 284 Discussion 284 See Also 285 9.32 Writing Log Entries via Shell Scripts 285 Problem 285 Solution 286 Discussion 287 See Also 287 9.33 Writing Log Entries via Perl 287 Problem 287 Solution 288 Discussion 288 See Also 288 9.34 Writing Log Entries via C 288 Problem 288 Solution 289 Discussion 289 See Also 289 9.35 Combining Log Files 289 Problem 289 Solution 289 Discussion 290 See Also 291 9.36 Summarizing Your Logs with logwatch 291 Problem 291 Solution 291 Discussion 291 See Also 292 9.37 Defining a logwatch Filter 292 Problem 292 Solution 292 Discussion 293 See Also 293 9.38 Monitoring All Executed Commands 293 Problem 293 Solution 294 Discussion 294 See Also 295 9.39 Displaying All Executed Commands 295 Problem 295 Solution 296 Discussion 296 See Also 297 9.40 Parsing the Process Accounting Log 298 Problem 298 Solution 298 Discussion 298 See Also 299 9.41 Recovering from a Hack 299 Problem 299 Solution 299 Discussion 300 See Also 300 9.42 Filing an Incident Report 300 Problem 300 Solution 300 Discussion 301 See Also 302 Index 303 Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes—short, focused pieces of code that administrators can use to improve security and perform common tasks securely. The Linux Security Cookbook includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure. Some of the "recipes" you'll find in this book are: Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more Monitoring your network with tcpdump, dsniff, netstat, and other tools Protecting network connections with Secure Shell (SSH) and stunnel Safeguarding email sessions with Secure Sockets Layer (SSL) Encrypting files and email messages with GnuPG Probing your own security with password crackers, nmap, and handy scripts This cookbook's proven techniques are derived from hard-won experience. Whether you're responsible for security on a home Linux system or for a large corporation, or somewhere in between, you'll find valuable, to-the-point, practical recipes for dealing with everyday security issues. This book is a system saver. Table of Contents; Preface; A Cookbook About Security?!?; Intended Audience; Roadmap of the Book; Our Security Philosophy; Supported Linux Distributions; Trying the Recipes; Conventions Used in This Book; We'd Like to Hear from You; Acknowledgments; System Snapshots with Tripwire; 1.0 Introduction; 1.1 Setting Up Tripwire; Problem; Solution; Discussion; See Also; 1.2 Displaying the Policy and Configuration; Problem; Solution; Discussion; See Also; 1.3 Modifying the Policy and Configuration; Problem; Solution; Discussion; See Also; 1.4 Basic Integrity Checking; Problem; Solution; Discussion.;Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-fol.