Practical Linux or Unix Security
This PDF covers the following topics related to Linux/UNIX Security : Core security concepts, Maintaining confidentiality, Keeping our data safe from intruders, Integrity, Authentication, Security from the start, inetd vs. iptfw, Firewalling, Controlling your users, Cracklib, etc.
Author(s): Hervey Allen, Network Startup Resource Center
71 Pages
This note covers the following topics: modifying and hacking security tools, writing plugins for nessus, developing dissectors and plugins for the ettercap network sniffer, extending hydra and nmap, writing plugins for the nikto vulnerability scanner, writing modules for the metasploit framework, extending code analysis to the webroot, modifying and hacking security tools, fun with linux kernel modules, developing web assessment tools and scripts, automated exploit tools, writing network sniffers, writing packetinjection tools, colophon.
Author(s): Justin Clarke, Nitesh Dhanjani
NA Pages
Secure Programming for Linux and Unix HOWTO (PDF 168P)
This note covers the following topics: background, history of unix, linux, and open source, security principles, why do programmers write insecure code?, is open source good for security?, types of secure programs, paranoia is a virtue, why did i write this document?, sources of design and implementation guidelines, other sources of security information, document conventions, summary of linux and unix security features, processes, files, system v ipc, sockets and network connections, signals, quotas and limits, dynamically linked libraries, audit, pam, specialized security extensions for unix-like systems, security requirements, common criteria introduction, security environment and objectives,validate all input, command line, environment variables, file descriptors, file names, file contents, web-based application inputs (especially cgi scripts), other inputs, human language (locale) selection, character encoding, prevent cross-site malicious content on input, filter html/uris that may be re-presented, remove or forbid some html data, encoding html data, validating html data, validating hypertext links (uris/urls), other html tags, related issues, forbid http get to perform non-queries, counter spam, limit valid input time and load level, avoid buffer overflow, dangers in c/c++, library solutions in c/c++, standard c library solution, static and dynamically allocated buffers, strlcpy and strlcat, libmib, c++ std
Author(s): David A. Wheeler
168 Pages
Linux Administrators Security Guide
We are working on the detailed description of this book, we will update this section soon.
Author(s):
Pages
Linux Security HOWTO (K. Fenzi, D. Wreski)
We are working on the detailed description of this book, we will update this section soon.
Author(s):
Pages
Linux Firewall Configuration Packet Filtering and Netfilter/iptables (O. Andreasson)
We are working on the detailed description of this book, we will update this section soon.
Author(s):
Pages
