Building Secure Servers With Linux 2003.pdf
(
2903 KB
)
Pobierz
Untitled Document
Building Secure Server s w it h Linux
By Michael D. Bauer
Copyright © 2003 O'Reilly & Associates, Inc. All rights reserved.
Printed in the United States of America.
Published by O'Reilly & Associates, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472.
O'Reilly & Associates books may be purchased for educational, business, or sales promotional use. Online
editions are also available for most titles (
http://safari.oreilly.com
). For more information contact our
corporate/institutional sales department: 800-998-9938 or
corporate@oreilly.com
.
Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered trademarks of O'Reilly
& Associates, Inc. Many of the designations used by manufacturers and sellers to distinguish their products
are claimed as trademarks. Where those designations appear in this book, and O'Reilly & Associates, Inc.
was aware of a trademark claim, the designations have been printed in caps or initial caps. The association
between a caravan and the topic of building secure servers with Linux is a trademark of O'Reilly &
Associates, Inc.
While every precaution has been taken in the preparation of this book, the publisher and the author assume
no responsibility for errors or omissions, or for damages resulting from the use of the information contained
herein.
Preface
Computer security can be both discouraging and liberating. Once you get past the horror that comes with
fully grasping its futility (a feeling identical to the one that young French horn players get upon realizing no
matter how hard they practice, their instrument will continue to humiliate them periodically without
warning), you realize that there’s nowhere to go but up. But if you approach system security with:
·
Enough curiosity to learn what the risks are
· Enough energy to identify and take the steps necessary to mitigate (and thus intelligently assume)
those risks
·
Enough humility and vision to plan for the possible failure of even your most elaborate security
measures
you
can
greatly reduce your systems’ chances of being compromised. At least as importantly, you can
minimize the duration of and damage caused by any attacks that
do
succeed. This book can help, on both
counts.
What This Book Is About
Acknowledging that system security is, on some level, futile is my way of admitting that this book isn’t
really about "Building Secure Servers."
[]
Clearly, the only way to make a computer
absolutely
secure is to
disconnect it from the network, power it down, repeatedly degauss its hard drive and memory, and pulverize
the whole thing into dust. This book contains very little information on degaussing or pulverizing. However,
it contains a great deal of practical advice on the following:
[]
My original title was
Attempting to Enhance Certain Elements of Linux System Security in the
Face of Overwhelming Odds: Yo’ Arms Too Short to Box with God
, but this was vetoed by my
editor (thanks, Andy!).
·
How to think about threats, risks, and appropriate responses to them
·
How to protect publicly accessible hosts via good network design
· How to "harden" a fresh installation of Linux and keep it patched against newly discovered
vulnerabilities with a minimum of ongoing effort
·
How to make effective use of the security features of some particularly popular and securable
server applications
·
How to implement some powerful security applications, including Nessus and Snort
In particular, this book is about "bastionizing" Linux servers. The term
bastion host
can legitimately be used
several ways, one of which is as a synonym for firewall. (This book
is not
about building Linux firewalls,
though much of what I cover can/should be done on firewalls.) My definition of
bastion host
is a carefully
configured, closely monitored host that provides restricted but publicly accessible services to nontrusted
users and systems. Since the biggest, most important, and least trustworthy public network is the Internet,
my focus is on creating Linux bastion hosts for Internet use.
I have several reasons for this seemingly-narrow focus. First, Linux has been particularly successful as a
server platform: even in organizations that otherwise rely heavily on commercial operating systems such as
Microsoft Windows, Linux is often deployed in "infrastructure" roles, such as SMTP gateway and DNS
server, due to its reliability, low cost, and the outstanding quality of its server applications.
Second, Linux and TCP/IP, the
lingua franca
of the Internet, go together. Anything that can be done on a
TCP/IP network can be done with Linux, and done extremely well, with very few exceptions. There are
many, many different kinds of TCP/IP applications, of which I can only cover a subset if I want to do so in
depth. Internet server applications are an important subset.
Third, this is my area of expertise. Since the mid-nineties my career has focused on network and system
security: I’ve spent a lot of time building Internet-worthy Unix and Linux systems. By reading this book you
will hopefully benefit from some of the experience I’ve gained along the way.
The Paranoid Penguin Connection
Another reason I wrote this book has to do with the fact that I write the monthly "Paranoid Penguin" security
column in
Linux Journal Magazine
. About a year and a half ago, I realized that all my pieces so far had
something in common: each was about a different aspect of building bastion hosts with Linux.
By then, the column had gained a certain amount of notoriety, and I realized that there was enough interest
in this subject to warrant an entire book on Linux bastion hosts.
Linux Journal
generously granted me
permission to adapt my columns for such a book, and under the foolish belief that writing one would amount
mainly to knitting the columns together, updating them, and adding one or two new topics, I proposed this
book to O’Reilly and they accepted.
My folly is your gain: while "Paranoid Penguin" readers may recognize certain diagrams and even
paragraphs from that material, I’ve spent a great deal of effort reresearching and expanding all of it,
including retesting all examples and procedures. I’ve added entire (lengthy) chapters on topics I haven’t
covered at all in the magazine, and I’ve more than doubled the size and scope of others. In short, I allowed
this to become The Book That Ate My Life in the hope of reducing the number of ugly security surprises in
yours.
Audience
Who needs to secure their Linux systems? Arguably, anybody who has one connected to a network. This
book should therefore be useful both for the Linux hobbyist with a web server in the basement and for the
consultant who audits large companies’ enterprise systems.
Obviously, the stakes and the scale differ greatly between those two types of users, but the problems, risks,
and threats they need to consider have more in common than not. The same buffer-overflow that can be used
to "root" a host running "Foo-daemon Version X.Y.Z" is just as much of a threat to a 1,000-host network
with 50 Foo-daemon servers as it is to a 5-host network with one.
This book is addressed, therefore, to all Linux system administrators — whether they administer 1 or 100
networked Linux servers, and whether they run Linux for love or for money.
What This Book Doesn’t Cover
This book covers general Linux system security, perimeter (Internet-accessible) network security, and
server-application security. Specific procedures, as well as tips for specific techniques and software tools,
are discussed throughout, and differences between the Red Hat 7, SuSE 7, and Debian 2.2 GNU/Linux
distributions are addressed in detail.
This book does
not
cover the following explicitly or in detail:
·
Linux distributions besides Red Hat, SuSE, and Debian, although with application security (which
amounts to the better part of the book), this shouldnt be a problem for users of Slackware,
Turbolinux, etc.
·
Other open source operating systems such as OpenBSD (again, much of what is covered
should
be
relevant, especially application security)
· Applications that are inappropriate for or otherwise unlikely to be found on publicly accessible
systems (e.g., SAMBA)
·
Desktop (non-networked) applications
· Dedicated firewall systems (this book contains a
subset
of what is required to build a good firewall
system)
Assumptions This Book Makes
While security itself is too important to relegate to the list of "advanced topics" that youll get around to
addressing at a later date, this book does not assume that you are an absolute beginner at Linux or Unix. If it
did, it would be twice as long: for example, I cant give a very focused description of setting up
syslog
s
startup script if I also have to explain in detail how the System V
init
system works.
Therefore, you need to understand the basic configuration and operation of your Linux system before my
procedures and examples will make much sense. This doesnt mean you need to be a grizzled veteran of
Unix whos been running Linux since kernel Version 0.9 and who cant imagine listing a directorys contents
without piping it through impromptu
awk
and
sed
scripts. But you should have a working grasp of the
following:
·
Basic use of your distributions package manager (
rpm
,
dselect
, etc.)
· Linux directory system hierarchies (e.g., the difference between
/etc
and
/var
)
·
How to manage files, directories, packages, user accounts, and archives from a command prompt
(i.e., without having to rely on X)
· How to compile and install software packages from source
·
Basic installation and setup of your operating system and hardware
Notably absent from this list is any specific
application
expertise: most security applications discussed
herein (e.g., OpenSSH, Swatch, and Tripwire) are covered from the ground up.
I do assume, however, that with non-security-specific applications covered in this book, such as Apache and
BIND, you’re resourceful enough to get any information you need from other sources. In other words, new to
these applications, you shouldn’t have any trouble following my procedures on how to harden them. But
you’ll need to consult their respective manpages, HOWTOs, etc. to learn how to fully configure and maintain
them.
Conventions Used in This Book
I use the following font conventions in this book:
Italic
Indicates Unix pathnames, filenames, and program names; Internet addresses, such as domain
names and URLs; and new terms where they are defined
Boldface
Indicates names of GUI items, such as window names, buttons, menu choices, etc.
Constant width
Indicates command lines and options that should be typed verbatim; names and keywords in
system scripts, including commands, parameter names, and variable names; and XML element
tags
This icon indicates a tip, suggestion, or general note.
This icon indicates a warning or caution.
Request for Comments
Please address comments and questions concerning this book to the publisher:
O’Reilly & Associates, Inc.
1005 Gravenstein Highway North
Sebastopol, CA 95472
(800) 998-9938 (in the United States or Canada)
(707) 829-0515 (international/local)
(707) 829-0104 (fax)
There is a web page for this book, which lists errata, examples, or any additional information. You can
access this page at:
http://www.oreilly.com/catalog/bssrvrlnx/
To comment or ask technical questions about this book, send email to:
bookquestions@oreilly.com
For more information about books, conferences, Resource Centers, and the O’Reilly Network, see the
O’Reilly web site at:
http://www.oreilly.com
Acknowledgments
For the most part, my writing career has centered on describing how to implement and use software that I
didn’t write. I am therefore much indebted to and even a little in awe of the hundreds of outstanding
programmers who create the operating systems and applications I use and write about. They are the
rhinoceroses whose backs I peck for insects.
As if I weren’t beholden to those programmers already, I routinely seek and receive first-hand advice and
information directly from them. Among these generous souls are Jay Beale of the Bastille Linux project, Ron
Forrester of Tripwire Open Source, Balazs "Bazsi" Scheidler of Syslog-ng and Zorp renown, and Renaud
Deraison of the Nessus project.
Special thanks go to Dr. Wietse Venema of the IBM T.J. Watson Research Center for reviewing and helping
me correct the SMTP chapter. Not to belabor the point, but I find it remarkable that people who already
volunteer so much time and energy to create outstanding free software also tend to be both patient and
generous in returning email from complete strangers.
Bill Lubanovic wrote the section on djbdns in
Chapter 4
, and all of
Chapter 6
, — brilliantly, in my humble
opinion. Bill has added a great deal of real-world experience, skill, and humor to those two chapters. I could
not have finished this book on schedule (and its web security chapter, in particular, would be less
convincing!) without Bills contributions.
I absolutely could not have survived juggling my day job, fatherly duties, magazine column, and resulting
sleep deprivation without an exceptionally patient and energetic wife. This book therefore owes its very
existence to Felice Amato Bauer. Im grateful to her for, among many other things, encouraging me to
pursue my book proposal and then for pulling a good deal of
my
parental weight in addition to her own after
the proposal was accepted and I was obliged to actually
write
the thing.
Linux Journal
and its publisher, Specialized Systems Consultants Inc., very graciously allowed me to adapt a
number of my "Paranoid Penguin" columns for inclusion in this book:
Chapter 1
through
Chapter 5
, plus
Chapter 8
,
Chapter 10
, and
Chapter 11
contain (or are descended from) such material. It has been and
continues to be a pleasure to write for
Linux Journal
, and its safe to say that I wouldnt have had enough
credibility as a writer to get this book published had it not been for them.
My approach to security has been strongly influenced by two giants of the field whom I also want to thank:
Bruce Schneier, to whom we all owe a great debt for his ongoing contributions not only to security
technology but, even more importantly, to security
thinking
; and Dr. Martin R. Carmichael, whose
irresistible passion for and unique outlook on what constitutes good security has had an immeasurable
impact on my work.
It should but wont go without saying that Im very grateful to Andy Oram and OReilly & Associates for this
opportunity and for their marvelous support, guidance, and patience. The impressions many people have of
OReilly as being stupendously savvy, well-organized, technologically superior, and in all ways hip are
completely accurate.
A number of technical reviewers also assisted in fact checking and otherwise keeping me honest. Rik
Farrow, Bradford Willke, and Joshua Ball, in particular, helped immensely to improve the books accuracy
and usefulness.
Finally, in the inevitable amorphous list, I want to thank the following valued friends and colleagues, all of
whom have aided, abetted, and encouraged me as both a writer and as a "netspook": Dr. Dennis R. Guster at
St. Cloud State University; KoniKaye and Jerry Jeschke at Upstream Solutions; Steve Rose at Vector
Internet Services (who hired me
way
before I knew anything useful); David W. Stacy of St. Jude Medical;
the entire SAE Design Team (you know who you are —
or do you?
); Marty J. Wolf at Bemidji State
University; John B. Weaver (whom nobody initially believes can possibly be
that
cool, but they soon realize
he can `cause he is); the Reverend Gonzo at Musicscene.org; Richard Vernon and Don Marti at
Linux
Journal
; Jay Gustafson of Ingenious Networks; Tim N. Shea (who, in my day job, had the thankless task of
standing in for me while I finished this book), and, of course, my dizzyingly adept pals Brian Gilbertson,
Paul Cole, Tony Stieber, and Jeffrey Dunitz.
Plik z chomika:
sliwak
Inne pliki z tego folderu:
Hacking Linux Exposed 2001.pdf
(99349 KB)
Advanced Linux Programming 2001.zip
(6088 KB)
Beginning Linux Programming,3rd Ed 2004.pdf
(11589 KB)
beginning red hat linux 9.pdf
(9297 KB)
Building Secure Servers With Linux 2003.pdf
(2903 KB)
Inne foldery tego chomika:
130 linux and unix ebooks
Backtrack 5
Dream Linux
FreeBSD
Kali Linux 64-bit v.2018.4
Zgłoś jeśli
naruszono regulamin