Linux Hardening In Hostile Networks

In an age of massive global surveillance, when last year's most advanced cyberwarfare weapons quickly migrate into every hacker's toolkit, you can no longer afford to rely on outdated security methods. If you care about privacy and security today, you need to step up your game -- especially if you're a sysadmin responsible for Internet-facing services.

That means you need to master and use advanced security technologies like the TLS communications security protocol, PGP encryption, and the Tor anonymity network. Tools like these have often been viewed as too complex or mysterious for mainstream use. In Linux Hardening in Hostile Networks, Kyle Rankin completely demystifies them, and offers practical, accessible guidance on protecting yourself and your users with them.

Rankin begins with a user-oriented guide to safeguarding your own personal data with PGP, Off-the-Record Messaging (OTR), Tor, and the Tails "amnesic incognito" live Linux distribution. Next, he guides you through setting up secured versions of the services you manage every day, including web, email, and database servers that communicate over TLS; locked-down DNS servers with DNSSEC; Tor servers, and hidden services.

Each category of solution is presented in its own chapter, with techniques organized based on difficulty level, time commitment, and overall threat. In each case, Rankin begins with techniques any system administrator can quickly implement to protect against entry-level hackers. Next, he moves on to intermediate and advanced techniques intended to safeguard against sophisticated and knowledgeable attackers. An accompanying CDROM contains a full, pre-configured copy of the Tails live Linux distribution, making it simple for any sysadmin to bootstrap a highly-secure, privacy-protecting environment in minutes.