Introduction

To properly defend anything, from a building to a computer, you have to understand your opponent. You need to learn to think like an attacker. Then again, if you're in the business of defending systems, you'd better also learn how to think like a defender. This book teaches you how to attack and defend Linux specifically, and UNIX in general.

You'll learn how to analyze attacks and construct defenses. Most importantly, you'll learn how to analyze those defenses for weaknesses. You'll learn not to trust any defenses too much, but rather to think critically about each and understand what those defenses buy you. Finally, you'll learn how much security is enough and how much is too much. Remember, any training in this field will give you a totally overactive sense of paranoia at first. This book, along with additional experience, will help you refine that sense of paranoia.

Now, you're not reading an entire book on the Art of War. That one's already been written and the author has been quite dead for years. This book also has a very practical technical purpose. I'm going to teach you how to lock down your machines to make them far more difficult to crack. In the process, we'll learn how people break into computers and networks – using this knowledge, we'll learn how to design defenses to defeat those attacks. We'll learn how much security to apply to each of our systems and what measures are most important.

Management types like to say things like “the first 20 percent of the work achieves 80 percent of the result.” The initial work achieves most of the result – the final minority of the results takes the majority of the time. This is actually fairly true in doing operating system hardening. In the first part of this book, we explore that first 20 percent of the work. If you have limited time, read this part and save the last two parts for later.

The second part of this book explores general miscellaneous operating system security. First, we examine attack methodology, including escalation of privilege and standard attack script components. We'll look at defeating the former with Set-UID audits and the latter with PAM settings. We'll also consider patching processes, logging configurations, and locking down print servers.

The third part of this book explores attack and defense on each of the major type of server that you might run on this machine. From web servers to DNS servers to mail to FTP servers, we explore how attackers penetrate these servers to get to the underlying operating system or to give out disinformation to exploit the public.

While we examine the practical side of this material, we'll examine the automated equivalents in Bastille Linux. Bastille is a proactive defensive measure. It's a hardening script that sysadmins use to tighten a system, while learning a bit about security in the process. Though it has made many, many people's systems much safer from compromise, it will never be as effective as a well-trained (well-read) sysadmin. As you'll see throughout this book, an intelligent, informed sysadmin can do a great deal more than any program every will -- programs just aren't that smart.

As the author, I do recommend that you read this book cover to cover, rather than treat it as a reference book. There's a great deal that you're meant to pick up along the way, as we try to build your sense of intuition, paranoia and perspective in this field. Still, if you're fairly impatient, you can read a single “Part” at a time.

I hope you enjoy reading this book as much as I've enjoyed discovering all of this. You can find updates, tools and errata at www.securinglinux.net.