SANS InfoSec Reading Room - Linux Issues

<<Reading Room Home
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

HPEnterpriseSecurity3

Featuring 15 papers as of May 21, 2013
PDF Securing Blackboard Learn on Linux
By: David Lyon (posted on December 1, 2011)
Blackboard Learn (Bb Learn) is an application suite providing educational technology to facilitate online, web based learning. It is typical to see Bb Learn hosting courses and content. Common add-ons include the Community and Content systems which are licensed separately.
PDF Hardening Debian 4.0 – Creating a simple and solid foundation for your applications
By: Alexandre Dery (posted on January 14, 2008)
PDF NFS Security in Both Trusted and Untrusted Environments
By: Jakub Dlugolecki (posted on November 1, 2007)
PDF Secure Network Configuration Management for Linux based Routers
By: Ron Young (posted on May 5, 2005)
This paper presents a detailed implementation and operation plan for remote configuration management of a research network infrastructure. GIAC University is currently involved with several large-scale research projects that utilize individually identifiable medical records.
PDF Step by Step Installation of a Secure Linux Web, DNS and Mail Server
By: John Holbrook (posted on April 8, 2004)
This paper will show how the author configured a Linux based web and e-mail server for a small company. This server is co-located at a local ISP. Because of budget limitations, the company can only locate one physical box at the ISP which limits what security measures that can be installed.
PDF Linux Kernel Hardening
By: Taylor Merry (posted on December 21, 2003)
This paper outlines the installation and configuration of a Grsecurity-enhanced kernel.
PDF Linux Process Containment - A practical look at chroot and User Mode
By: Paul Lessard (posted on October 31, 2003)
This document will explore some of the general ideas of how process containment is performed with chroot and User-mode Linux, and how to help ensure that a successful attack on a jailed process does not affect the main system.
PDF Secure OS Environments for Linux
By: Pedro Luz-Romero (posted on October 31, 2003)
In this paper I make a review of the main set of tools and resources available for Linux system administrators willing to build an operating system with enhanced security features that allow applications to run securely in a network accessible from the Internet.
PDF Linux RootKits For Beginners - From Prevention to Removal
By: Jeromey Hannel (posted on October 31, 2003)
This paper provides an understanding of rootkits and will discuss how to monitor for a rootkit, and the steps taken to remove one.
PDF Security Applications of Bootable Linux CD-ROMs
By: Richard Bajusz (posted on October 31, 2003)
This paper examines the security applications of bootable Linux CD-ROMs.
PDF The Easily Recoverable CD-ROM Booted Linux Internet Server: A How-To
By: Brian C. Otto (posted on October 31, 2003)
The purpose of this paper is to detail the general steps to create a read-only Internet Server providing DNS and static web pages (bind and Apache).
PDF The Role of Bastille Linux in Information Security
By: Michael Russell Grimaila (posted on October 31, 2003)
In this paper, the author will briefly examine the evolution of Linux, discuss its popularity, and examine in detail Bastille Linux, which is used to increase the security of RedHat and Mandrake Linux distributions.
PDF Aggressive Patching and the Use of a Standard Build: An OpenBSD Example
By: Michael Sullenszino (posted on October 31, 2003)
This paper discusses the importance of a standard build and defines Aggressive Patching as a vital part of defense in depth. It then goes on to demonstrate how to implement Aggressive Patching by creating a Standard Build internet server farm and support structures that allow for automated patching and rapid deployment of hardened servers.
PDF Using Linux Scripts to Monitor Security
By: Harvey Newstrom (posted on October 31, 2003)
This paper will demonstrate how to create a generic tool using Linux scripting to enable network security monitoring.
PDF An Introduction to the NSA's Security-Enhanced Linux: SELinux
By: Susan Rajnic (posted on October 31, 2003)
This paper will introduce the NSA's research project termed "Security-enhanced" Linux.
SANS Reading Room

This is the only conference/training I've ever attended at which I learned techniques and found tools I could apply immediately.
-Dwight Leo, Defense Logistics Agency

vLive LEG523

Latest Whitepapers

Event Monitoring and Incident Response
By Ryan Boyle

Dead Linux Machines Do Tell Tales
By James Fung

Setting Up a Database Security Logging and Monitoring Program
By Jim Horwath

Latest Tweets

DFIR Webcast starts in 75 minutes - 50 Shades of Hidden - Di [...]
May 17, 2013 - 3:46 PM

New blog post by @yorikv on pen test tips for file analysis. [...]
May 16, 2013 - 5:07 PM

New Blog Post: SANS EU #DFIR Summit in Prague - Call for Spe [...]
May 16, 2013 - 12:33 AM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"It has really been an eye opener concerning the depth of security training & awareness that SANS has to offer."
- Michael Hall, Drivesavers

"As a security professional, this info is foundational to do a competent job, let alone be successful."
- Michael Foster, Providence Health & Security

"SANS always provides you what you need to become a better security professional at the right price."
- Rasik Vekaria, BP