Computing Reviews

Linux hardening in hostile networks : server security from TLS to Tor
Rankin K., Addison-Wesley Professional, Boston, MA, 2017. 272 pp. Type: Book
Date Reviewed: 11/15/18

The book’s preface notes that many of the available hardening guides were written some years ago. Its chapters are therefore intended to replace the outdated information found in those guides with recommendations that provide maximum impact with minimum effort and favor simplicity over complexity.

The first chapter (“Overall Security Concepts”) illustrates the use of password-cracking techniques now available, like rainbow tables, and provides some guidelines for password policies. The author observes that password rotation can compromise security and instead suggests using two-factor authentication. In this context, there are some brief instructions in a later chapter for installing Google Authenticator, to enable the use of a smartphone as an authentication device.

I was under the impression that only drug dealers and pedophiles used the Tails operating system (OS) and its associated set of Tor servers. The second chapter notes that Tails can also be used to enhance the security of an administrator workstation; some installation instructions are provided. The potential benefits of the Qubes OS are then outlined. Qubes uses the Xen hypervisor to support a number of virtual machines having varying degrees of security. Procedures for enhancing server security are discussed in chapter 3. There are configuration recommendations for secure shell (SSH), sudo, and AppArmor. Command-line variants for both Debian and Red Hat systems are shown. The tlsdate daemon can be installed for network time protocol (NTP) purposes, so as to eliminate the possibility of man-in-the-middle (MITM) attacks that can occur when the user datagram protocol (UDP) is used.

Many companies now use cloud-based servers, and this is making it easier for attackers to gain access to their content. Chapter 4 (“Network”) addresses this issue, suggesting that filtering should now be applied to outgoing traffic as well as incoming traffic, so as to inhibit the use of local resources for illegal downloads and attack tool execution. A number of iptables command examples are shown, and it is noted that the iptables6 command can be used to establish Internet Protocol version 6 (IPv6) firewall rules. It is also suggested that network traffic should be encrypted. Most readers will have used OpenVPN for connecting their home computers to their company machines, and several pages are devoted to illustrating OpenVPN server and client configuration details. The author also illustrates how SSH tunnels can be used for securely accessing a remote host through an intermediate host. For reliability purposes, many enterprises now use load-balancer hardware at their network edges. HAProxy software can be installed on Linux servers at network edge locations for load balancing, and this software is able to provide transport layer security (TLS) protection for incoming traffic.

Chapter 5 (“Web Servers”) illustrates why many websites now restrict access to hypertext transfer protocol secure (HTTPS) connections so that traffic between client and server can be encrypted using TLS (previously known as the secure sockets layer (SSL)). The chapter discusses certificate acquisition and provides configuration details for both Apache and Nginx servers. As suggested, the HTTP strict transport security (HSTS) protocol can be used on web servers to mitigate the possibility of MITM attack.

I am about to switch my Internet provider to one that does not provide a mail relay host, so I’ve switched to using a commercial email service. I therefore found chapter 6 (“Email”) immensely helpful. It illustrates how to configure Postfix to use simple authentication and security layer (SASL) authentication, so that the commercial service can validate a host and accept encrypted email from it. I also learned how to better authenticate sender domains using sender policy framework (SPF) and DomainKeys identified mail (DKIM) settings.

Chapter 7 (“DNS”) notes that misconfigured domain name system (DNS) servers can be used in distributed denial-of-service (DDoS) attacks. Small UDP queries are placed using a forged Internet protocol (IP) address, and huge reply packets are sent to that address. When possible, DNS servers should only allow queries from designated networks and employ response rate limiting. It is further suggested that the domain name system security extensions (DNSSEC) protocol may offer some additional benefits when it becomes more widely accepted.

The “Database” chapter (8) offers some valuable guidelines for both MySQL and Postgres installations. Managers are encouraged to set an administrator password, delete anonymous accounts, and grant reduced database permissions. They should ensure that database servers can only be accessed from application servers, and use separate databases for each application so as to minimize the impact of a compromise. Some issues related to database encryption are addressed. Both MySQL and Postgres are able to encrypt data sent from an application server; query samples are provided. The author recommends full disk encryption, since it will minimize the possibility of data recovery from a disk that has been removed during a hot swap.

The final chapter (“Incident Response”) addresses the importance of having a recovery game plan. It is suggested that this should encompass immediate removal of power from a compromised server so that the exact state of its disk(s) is preserved; it should also include a step-by-step guide to creating images of all such disks in their current state. System recovery should be accomplished by rebuilding the impacted server(s) from scratch and then rolling back database files from previous backups as appropriate. The forensic investigation of server images can be made easier via open-source Sleuth Kit and Autopsy toolkits. By generating file-access timelines, an attacker’s steps can be followed. A walk-through of a sample investigation is included. The book ends with appendices that detail the mechanisms used in Tor and SSL/TLS. The latter appendix includes some example OpenSSL command lines for viewing the contents of certificates and certificate requests.

In an age when we are seeing well-funded nation-state hackers with sophisticated tools and methods at their disposal, it has become essential for server administrators to implement the best available security safeguards. This book is an invaluable guide to such safeguards.

More reviews about this item: Amazon

Reviewer:  G. K. Jenkins Review #: CR146322

Reproduction in whole or in part without permission is prohibited.   Copyright 2018™
Terms of Use
| Privacy Policy