Linux Administrator's Security Guide

 

By Kurt Seifried (seifried@seifried.org) (encryption keys here), the LASG is licensed under the OpenContent license (http://www.opencontent.org/).

The latest (1 September 2001) LASG is available at: http://www.seifried.org/lasg/index.html. 

I am currently re-organizing the LASG a bit.


Getting started - general concepts

Installing Linux - how to get linux loaded safely

System security - physical and boot security

Authentication - PAM, smartcards, passwords

Files / filesystem security - file permissions, system files

Encryption - filesystem and files

Network security - PPP, TCP-IP, etc

Network servers - Email, FTP, WWW, SSH, etc

Firewalling - IPFWADM, IPCHAINS, IPFW, Phoenix, Sinus

IPSec - IPSecurity setup (recommended for VPN's)

VPN - other alternatives to IPSec

Administration tools - see shell servers for remote access

Limiting and monitoring users - ulimit, ttysnoop, quotas and more

General security techniques - chroot, non root user, subDomain, etc.

System /user logging - syslog

Attack detection - audits, logging and baselines

Intrusion testing - the tools that will be used against you

Software - keeping software up to date, secure programming, software protection methods

Viruses - Anti virus scanners for Linux (think windows clients)

Distribution information - specifics, vendor contact information, etc

Backups - ensuring data continuity

Linux kernel - patching, updating and security

Checklists - some quick to-do lists

Appendices 

Contributors

Daily tarball of the LASG is available here.

Security Portal

Written by Kurt Seifried