SELinux: NSA's Open Source Security Enhanced Linux by Bill Mccarty (English) Pap

Description: FREE SHIPPING UK WIDE SELinux by Bill Mccarty The intensive search for a more secure operating system has often left everyday, production computers far behind their experimental, research cousins. Now SELinux (Security Enhanced Linux) dramatically changes this. This best-known and most respected security-related extension to Linux embodies the key advances of the security field. Better yet, SELinux is available in widespread and popular distributions of the Linux operating system—including for Debian, Fedora, Gentoo, Red Hat Enterprise Linux, and SUSE—all of it free and open source.SELinux emerged from research by the National Security Agency and implements classic strong-security measures such as role-based access controls, mandatory access controls, and fine-grained transitions and privilege escalation following the principle of least privilege. It compensates for the inevitable buffer overflows and other weaknesses in applications by isolating them and preventing flaws in one application from spreading to others. The scenarios that cause the most cyber-damage these days—when someone gets a toe-hold on a computer through a vulnerability in a local networked application, such as a Web server, and parlays that toe-hold into pervasive control over the computer system—are prevented on a properly administered SELinux system.The key, of course, lies in the words "properly administered." A system administrator for SELinux needs a wide range of knowledge, such as the principles behind the system, how to assign different privileges to different groups of users, how to change policies to accommodate new software, and how to log and track what is going on. And this is where SELinux is invaluable. Author Bill McCarty, asecurity consultant who has briefed numerous government agencies, incorporates his intensive research into SELinux into this small but information-packed book. Topics include:A readable and concrete explanation of SELinux concepts and the SELinux security modelInstallation instructions for numerous distributionsBasic system and user administrationA detailed dissection of the SELinux policy languageExamples and guidelines for altering and adding policiesWith "SELinux," a high-security computer is within reach of any system administrator. If you want an effective means of securing your Linux system—and who doesn't?—this book provides the means. FORMAT Paperback LANGUAGE English CONDITION Brand New Publisher Description The intensive search for a more secure operating system has often left everyday, production computers far behind their experimental, research cousins. Now SELinux (Security Enhanced Linux) dramatically changes this. This best-known and most respected security-related extension to Linux embodies the key advances of the security field. Better yet, SELinux is available in widespread and popular distributions of the Linux operating system--including for Debian, Fedora, Gentoo, Red Hat Enterprise Linux, and SUSE--all of it free and open source.SELinux emerged from research by the National Security Agency and implements classic strong-security measures such as role-based access controls, mandatory access controls, and fine-grained transitions and privilege escalation following the principle of least privilege. It compensates for the inevitable buffer overflows and other weaknesses in applications by isolating them and preventing flaws in one application from spreading to others. The scenarios that cause the most cyber-damage these days--when someone gets a toe-hold on a computer through a vulnerability in a local networked application, such as a Web server, and parlays that toe-hold into pervasive control over the computer system--are prevented on a properly administered SELinux system.The key, of course, lies in the words properly administered. A system administrator for SELinux needs a wide range of knowledge, such as the principles behind the system, how to assign different privileges to different groups of users, how to change policies to accommodate new software, and how to log and track what is going on. And this is where SELinux is invaluable. Author Bill McCarty, a security consultant who has briefed numerous government agencies, incorporates his intensive research into SELinux into this small but information-packed book. Topics include: A readable and concrete explanation of SELinux concepts and the SELinux security modelInstallation instructions for numerous distributionsBasic system and user administrationA detailed dissection of the SELinux policy languageExamples and guidelines for altering and adding policiesWith SELinux, a high-security computer is within reach of any system administrator. If you want an effective means of securing your Linux system--and who doesnt?--this book provides the means. Author Biography Bill McCarty is associate professor of management information systems in the School of Business and Management of Azusa Pacific University, Azusa, California, and was previously associate professor of computer science, in which capacity he taught for ten years in Azusa Pacifics Master of Applied Computer Science program. Bill holds a Ph.D. in the management of information systems from the Claremont Graduate University, Claremont, California, and worked for 15 years as a software developer and manager. Table of Contents Preface; 1. Introducing SELinux; Software Threats and the Internet; SELinux Features; Applications of SELinux; SELinux History; Web and FTP Sites; 2. Overview of the SELinux Security Model; Subjects and Objects; Security Contexts; Transient and Persistent Objects; Access Decisions; Transition Decisions SELinux Architecture; 3. Installing and Initially Configuring SELinux; SELinux Versions; Installing SELinux; Linux Distributions Supporting SELinux; Installation Overview; Installing SELinux from Binary or Source Packages; Installing from Source; 4. Using and Administering SELinux; System Modes and SELinux Tuning; Controlling SELinux; Routine SELinux System Use and Administration; Monitoring SELinux; Troubleshooting SELinux 5. SELinux Policy and Policy Language Overview; The SELinux Policy Two Forms of an SELinux Policy; Anatomy of a Simple SELinux Policy Domain; SELinux Policy Structure; 6. Role-Based Access Control The SELinux Role-Based Access Control Model; Railroad Diagrams SELinux Policy Syntax; User Declarations; Role-Based Access Control Declarations; 7. Type Enforcement; The SELinux Type-Enforcement Model; Review of SELinux Policy Syntax; Type-Enforcement Declarations; Examining a Sample Policy; 8. Ancillary Policy Statements; Constraint Declarations; Other Context-Related Declarations; Flask-Related Declarations 9. Customizing SELinux Policies; The SELinux Policy Source Tree On the Topics of Difficulty and Discretion; Using the SELinux Makefile; Creating an SELinux User; Customizing Roles Adding Permissions; Allowing a User Access to an Existing Domain Creating a New Domain; Using Audit2allow; Policy Management Tools; The Road Ahead; A. Security Object Classes; B. SELinux Operations; C. SELinux Macros Defined in src/policy/macros D. SELinux General Types; E. SELinux Type Attributes; Index Review "Sicherheit und kein Ende! Fakt ist, dass es "da draußen" in der Tat reale Bedrohungen gibt und dass sich die Lage eher verschlechtern als Verbessern wird. Der OReilly-Verlag hat einmal mehr auf diese Situation reagiert und einen neuen sicherheitsrelevanten Titel veröffentlicht. [...]Mit SELinux steht eine gute durchdachte und ausgereifte Sicherheitslösung zur VerfÜgung. Vor diesem Hintergrund dÜrfte es kaum verwunderlich sein, dass die LektÜre besonders fÜr Administratoren spannend ist. Wenn Ihnen umgehend Schlagworte wie Buffer Overflows, Denial of Service, Exploits und dergleichen mehr in den Sinn kommen, liegen Sie genau richtig. Dennoch versucht Bill McCarty in verständlicher Art und Weise auch den normalen Leser anzusprechen. SELinux ist mittlerweile Bestandteil wichtiger Distributionen wie Fedora Core, Gentoo und SuSE Linux. Red Hat Enterprise Linux 4 wird SELinux ebenfalls enthalten." - Thomas Kaufmann, Entwickler Magazin, 06/2005"Das Buch kann als die derzeitige Referenz zum Thema SELinux angesehen werden. (...) Bei der Entwicklung von SELinux als Forschungsprojekt hatte die Funktionalität eindeutig Vorrang vor der Benutzbarkeit, so daß man ohne tiefergehendes Verständnis der Materie, wie es in diesem Buch vermittelt wird, ein SELinux-System praktisch nicht betreiben kann. Vor allem die Kapitel Über die Policy-Sprache, sowie die Anhänge sind als Nachschlagewerk unverzichtbar.Das Buch ist verständlich geschrieben, die komplexen Zusammenhänge werden gut erklärt." -- Linux Usergroup der Studentensiedlung Freiburg, 03/05Lesen Sie die vollständige Rezension unter: php"Fazit: Mit SELinux kann man die Sicherheit eines Servers deutlich erhöhen. Allerdings ist die Servererweiterung ales andere als Plug and Play. Wer SELinux einsetzen will, muss die Konzepte dahinter verstehen. Die Informationen dazu kann man sich im Internet zusammensuchen. Weit einfacher, schneller und besser beschrieben erledigt das SELinux von Bill McCarty." --www.it-administrator.de, 01/2005, Elmar Tötök Long Description The intensive search for a more secure operating system has often left everyday, production computers far behind their experimental, research cousins. Now SELinux (Security Enhanced Linux) dramatically changes this. This best-known and most respected security-related extension to Linux embodies the key advances of the security field. Better yet, SELinux is available in widespread and popular distributions of the Linux operating system--including for Debian, Fedora, Gentoo, Red Hat Enterprise Linux, and SUSE--all of it free and open source. SELinux emerged from research by the National Security Agency and implements classic strong-security measures such as role-based access controls, mandatory access controls, and fine-grained transitions and privilege escalation following the principle of least privilege. It compensates for the inevitable buffer overflows and other weaknesses in applications by isolating them and preventing flaws in one application from spreading to others. The scenarios that cause the most cyber-damage these days--when someone gets a toe-hold on a computer through a vulnerability in a local networked application, such as a Web server, and parlays that toe-hold into pervasive control over the computer system--are prevented on a properly administered SELinux system. The key, of course, lies in the words "properly administered." A system administrator for SELinux needs a wide range of knowledge, such as the principles behind the system, how to assign different privileges to different groups of users, how to change policies to accommodate new software, and how to log and track what is going on. And this is where SELinux is invaluable. Author Bill McCarty, asecurity consultant who has briefed numerous government agencies, incorporates his intensive research into SELinux into this small but information-packed book. Topics include: A readable and concrete explanation of SELinux concepts and the SELinux security model Installation instructions for numerous distributions Basic system and user administration A detailed dissection of the SELinux policy language Examples and guidelines for altering and adding policies With "SELinux, a high-security computer is within reach of any system administrator. If you want an effective means of securing your Linux system--and who doesnt?--this book provides the means. Promotional "Headline" Beating the 0-day Vulnerability Threat Details ISBN0596007167 Short Title SELINUX Publisher OReilly Media Language English ISBN-10 0596007167 ISBN-13 9780596007164 Media Book Format Paperback Year 2004 Country of Publication United States Series Oreilly Subtitle NSAs Open Source Security Enhanced Linux Place of Publication Sebastopol DOI 10.1604/9780596007164 AU Release Date 2004-11-02 NZ Release Date 2004-11-02 UK Release Date 2004-11-02 Imprint OReilly Media Author Bill Mccarty Pages 264 DEWEY 005.4469 Illustrations Illustrations Audience General Publication Date 2004-11-16 US Release Date 2004-11-16 We've got this At The Nile, if you're looking for it, we've got it. With fast shipping, low prices, friendly service and well over a million items - you're bound to find what you want, at a price you'll love! 30 DAY RETURN POLICY No questions asked, 30 day returns! FREE DELIVERY No matter where you are in the UK, delivery is free. SECURE PAYMENT Peace of mind by paying through PayPal and eBay Buyer Protection TheNile_Item_ID:161840742;

Price: 38.99 GBP

Location: London

End Time: 2024-11-03T08:48:48.000Z

Shipping Cost: 3.37 GBP