Linux Security

  1. Network Security
    1. Network Security Fundamentals
      1. TCP/IP Security
        1. Protocol Vulnerabilities
          1. Port Security
            1. Connection Security
            2. Network Reconnaissance
              1. Information Gathering
                1. Port Scanning
                  1. Service Enumeration
                  2. Network Attack Types
                    1. Denial of Service
                      1. Man-in-the-Middle
                        1. Packet Injection
                          1. Session Hijacking
                        2. Firewall Configuration
                          1. Netfilter Framework
                            1. Packet Processing Flow
                              1. Hook Points
                                1. Connection Tracking
                                  1. NAT Functionality
                                  2. iptables
                                    1. Table Structure
                                      1. Chain Organization
                                        1. Rule Syntax
                                          1. Target Actions
                                            1. Rule Management
                                              1. Saving and Restoring Rules
                                                1. Performance Optimization
                                                2. nftables
                                                  1. Syntax Improvements
                                                    1. Table and Chain Structure
                                                      1. Rule Management
                                                        1. Migration from iptables
                                                          1. Advanced Features
                                                          2. High-Level Firewall Tools
                                                            1. firewalld
                                                              1. Zone Concepts
                                                                1. Service Definitions
                                                                  1. Runtime Configuration
                                                                    1. Permanent Configuration
                                                                      1. Rich Rules
                                                                      2. ufw (Uncomplicated Firewall)
                                                                        1. Basic Rule Syntax
                                                                          1. Application Profiles
                                                                            1. Logging Configuration
                                                                              1. IPv6 Support
                                                                          2. Network Service Security
                                                                            1. SSH Hardening
                                                                              1. Configuration File Security
                                                                                1. Authentication Methods
                                                                                  1. Key-based Authentication
                                                                                    1. Access Restrictions
                                                                                      1. Protocol Settings
                                                                                        1. Logging Configuration
                                                                                        2. Web Server Security
                                                                                          1. Apache Hardening
                                                                                            1. Nginx Hardening
                                                                                              1. SSL/TLS Configuration
                                                                                                1. Access Control
                                                                                                2. Database Security
                                                                                                  1. MySQL/MariaDB Security
                                                                                                    1. PostgreSQL Security
                                                                                                      1. Access Control
                                                                                                        1. Encryption
                                                                                                        2. Mail Server Security
                                                                                                          1. Postfix Hardening
                                                                                                            1. Dovecot Hardening
                                                                                                              1. Anti-spam Measures
                                                                                                                1. Encryption
                                                                                                                2. DNS Security
                                                                                                                  1. BIND Hardening
                                                                                                                    1. DNS over HTTPS
                                                                                                                      1. DNS over TLS
                                                                                                                        1. DNSSEC
                                                                                                                      2. Network Access Control
                                                                                                                        1. TCP Wrappers
                                                                                                                          1. hosts.allow Configuration
                                                                                                                            1. hosts.deny Configuration
                                                                                                                              1. Service Integration
                                                                                                                                1. Logging
                                                                                                                                2. Port Knocking
                                                                                                                                  1. Concepts and Implementation
                                                                                                                                    1. Security Benefits
                                                                                                                                      1. Configuration
                                                                                                                                      2. VPN Security
                                                                                                                                        1. OpenVPN Configuration
                                                                                                                                          1. WireGuard Setup
                                                                                                                                            1. IPSec Implementation
                                                                                                                                              1. Certificate Management
                                                                                                                                            2. Network Monitoring and Analysis
                                                                                                                                              1. Traffic Analysis
                                                                                                                                                1. tcpdump Usage
                                                                                                                                                  1. Wireshark Integration
                                                                                                                                                    1. Traffic Filtering
                                                                                                                                                      1. Protocol Analysis
                                                                                                                                                      2. Network Scanning
                                                                                                                                                        1. nmap Techniques
                                                                                                                                                          1. Service Detection
                                                                                                                                                            1. Vulnerability Scanning
                                                                                                                                                              1. Stealth Scanning
                                                                                                                                                              2. Intrusion Detection
                                                                                                                                                                1. Host-based IDS
                                                                                                                                                                  1. OSSEC Configuration
                                                                                                                                                                    1. Samhain Setup
                                                                                                                                                                      1. AIDE Integration
                                                                                                                                                                      2. Network-based IDS
                                                                                                                                                                        1. Snort Configuration
                                                                                                                                                                          1. Suricata Setup
                                                                                                                                                                            1. Rule Management
                                                                                                                                                                              1. Alert Processing
                                                                                                                                                                            2. Network Security Monitoring
                                                                                                                                                                              1. Log Correlation
                                                                                                                                                                                1. Anomaly Detection
                                                                                                                                                                                  1. Threat Intelligence
                                                                                                                                                                                    1. Incident Response Integration

                                                                                                                                                                                Previous

                                                                                                                                                                                4. Mandatory Access Control (MAC) Frameworks

                                                                                                                                                                                Go to top

                                                                                                                                                                                Next

                                                                                                                                                                                6. System Auditing, Logging, and Monitoring