Table of Contents
Network Security using Linux.........................................................
Credits.............................................................................................X
Preface............................................................................................xii
Who is this book for?......................................................................................xiii
How the book was written..............................................................................xiii
Credits.............................................................................................X
Preface............................................................................................xii
Who is this book for?......................................................................................xiii
How the book was written..............................................................................xiii
Chapter 1..........................................................................................1
TCP/IP Fundamentals.........................................................................................1
Layers.................................................................................................................2
TCP/IP Addressing.............................................................................................3
Subnetting with CIDR...................................................................................6
Subnetting with VLSM..................................................................................7
TCP/IP Version 6...............................................................................................8
IPv6 and the Kernel.....................................................................................11
Constructing Packets........................................................................................14
TCP Communication........................................................................................16
Any port will do...........................................................................................18
What does a router really do?...........................................................................18
Open Source Linux Routers........................................................................20
Is a Linux router secure?..................................................................................22
Shutting off the unwanted services.............................................................22
Chapter 2........................................................................................24
Firewalling the Network...................................................................................24
Isn’t a router a firewall?...................................................................................26
IP v6 and IPTables...........................................................................................28
Patch-O-Matic.............................................................................................29
Firewalling 101................................................................................................31
Papers Please....................................................................................................34
The Penguin Builds a Wall...............................................................................34
TOC p:v
Bastille Linux...................................................................................................36
Free is good......................................................................................................37
IPCOP..........................................................................................................38
Firestarter.....................................................................................................40
Shorewall.....................................................................................................41
Web Based Tools.........................................................................................43
Commercial Firewalls......................................................................................44
Astaro..........................................................................................................44
Smoothwall..................................................................................................46
Gibraltar.......................................................................................................47
Resources.....................................................................................................50
Chapter 3........................................................................................52
IP Tables, Rules and Filters..............................................................................52
Chain Syntax...........................................................................................53
Rules.......................................................................................................53
Building of a Basic Rule..............................................................................54
Demonstrating rules................................................................................55
Advanced Rules...........................................................................................56
Matching Connection States...................................................................56
Configuring NAT...................................................................................57
Defending Against Basic Attacks ..........................................................59
Examing The Rules ................................................................................60
Strengthen Your Rules with ROPE .......................................................60
Your Basic Firewall.....................................................................................62
Firewall Testing...........................................................................................63
Firewall Script........................................................................................65
Resources.....................................................................................................72
Chapter 4........................................................................................73
Updating Linux................................................................................................73
RPMs................................................................................................................73
Red Hat Up2date..............................................................................................81
TOC p:vi
YUM.................................................................................................................84
APT..................................................................................................................86
What is a kernel update?..................................................................................87
How do I tell which kernel I have installed?...................................................88
How do I update the kernel?............................................................................88
Alternative Security Kernels............................................................................90
Keeping the LID on.....................................................................................91
Resources.....................................................................................................92
Chapter 5........................................................................................93
Encryption or protecting your Data..................................................................93
What is encryption?..........................................................................................93
What is this alphabet soup?..............................................................................94
How does encryption work?............................................................................95
What are keys all about?..................................................................................96
Why do I need encryption?..............................................................................98
How do I use GPG?..........................................................................................98
Managing keys...........................................................................................106
Revoking a Key....................................................................................106
Key Signing Parties..............................................................................107
Additional Notes About GnuPG................................................................108
Securing Data with SSH.................................................................................109
What is OpenSSH?.........................................................................................109
The basics of SSH..........................................................................................111
What else can SSH do?.............................................................................112
SSH Port Forwarding ...............................................................................115
What is a X.509 Certificate?..........................................................................118
Make Your Own Certificates.....................................................................118
Are You Certified?....................................................................................119
How to use the Certificate.........................................................................125
Secure Socket Layer.......................................................................................128
SSL and Apache.............................................................................................128
TOC p:vii
Resources...................................................................................................129
Chapter 6......................................................................................130
Detecting Intruders.........................................................................................130
Deploying an IDS...........................................................................................131
What is Snort..................................................................................................132
Building a Sensor...........................................................................................133
Secure Communications.................................................................................138
Making the Pig Fly.........................................................................................139
Installing MySQL......................................................................................139
Installing Snort..........................................................................................144
Snort Configuration...................................................................................146
Syslog Notes..............................................................................................147
Configuring Snort’s New Database...........................................................149
Starting the Pig..........................................................................................152
Apache.......................................................................................................153
Installing PHP............................................................................................154
Snort on ACID...........................................................................................156
Securing the Pig.........................................................................................160
Multiple NIC cards...............................................................................161
Rules? What Rules?.......................................................................................162
Updating the Rules...............................................................................166
Deploying Snort.............................................................................................167
Tapping the network..................................................................................168
Where to place Snort.................................................................................171
Managing Snort..............................................................................................171
Webmin.....................................................................................................171
Snort Center...............................................................................................173
Resources:..................................................................................................173
Chapter 7......................................................................................174
Virtual Private Networks................................................................................174
IPsec...........................................................................................................174
TOC p:viii
L2TP..........................................................................................................176
PPTP..........................................................................................................177
VPN Utilities..................................................................................................177
PPTP Client...............................................................................................177
OpenSwan..................................................................................................181
Installing and Configuring Openswan.......................................................183
Certificates and Keys............................................................................184
Configuration........................................................................................186
Resources...................................................................................................188
Chapter 8......................................................................................190
Logging for Fun and Profit............................................................................190
NTP for Linux...........................................................................................192
Monitoring and Analyzing the Logs.........................................................195
What to Look for..................................................................................202
Tuning Syslog.......................................................................................202
Rotating Logs........................................................................................204
Syslog Improved...................................................................................206
Securing Syslog Traffic........................................................................208
Windows to Syslog Converters............................................................208
Configuration Guides...........................................................................208
Sawmill.................................................................................................209
Logwatch..............................................................................................211
Swatch...................................................................................................213
LogSurfer..............................................................................................216
Nagios...................................................................................................217
Resources...................................................................................................219
Chapter 9......................................................................................220
Summary........................................................................................................220
Appendix 1...................................................................................223
INDEX..........................................................................................226
