Mastering Linux Security and Hardening: A practical guide to protecting your Linux system from cyber attacks Paperback – 28 Feb. 2023

This book teaches security points that other famous Linux books don't.It really dives into Linux security.Definitely a must have for serious system admins.

Mastering Linux Security and Hardening: Safeguard Your Linux Systems from Cyber Threats – 3rd Edition by Donald A. Tevault is a comprehensive guide to securing Linux systems. It covers creating secure systems, advanced security techniques, and hands-on labs. The book is well-structured and caters to Linux administrators, system administrators, and network engineers. The author's expertise shines through, and the book offers valuable hands-on experience. Highly recommended for enhancing Linux security skills.

I was sent a copy of the book for a review. I don’t review or write much, but the book has helped me with my interviews. I was asked several times how to secure a Linux systems. It highlighted Bunch of commands and examples for you to help understand.

Found this book a great read lots of useful information on configuring Linux firewalls with practical examples and goes into lots of detail on services such as SSH and best way to lock down these services. Some good examples here on automating the processes such as standard firewall and standard SSH configuration and deploying across many systems. Book is great at getting into practical example code showing howto do stuff with some theory explaining it as opposed to the other way around

Quick disclaimer. Packt asked me to review this book, i have been technical reviewer for other books in the past. I have worked in Cyber Security for nearly 10+ years, so i know a little bit about this sort of thing.First off, TL;DR, this is a great book. I'm not just saying that, it actually is. I've been doing this sort of thing for years and i wish i had it way back when. As each section progresses it provides enough detail that (without going too deep) those with a little initial understanding you can grok it (get it). Plus at the tail end you get some introduction to some more advanced features or apps that are worth considering. Then you get the labs - the labs are easy to work through but tackle the previous chapters sub-topics so you get a good feel for it. If you are starting out in Cyber this is going to help.The first chapter explains as all these books tend to do is how to build a test or lab box to work on. Hidden away at the end of this chapter is the important How to patch your server, with unattended updates covered - the author opined that it is not good to auto update, but as anyone with experience knows that in production this tends to lead to issues.The second chapter starts out with the basics that every SysAdmin needs securing accounts admin (root) and normal users.Next up is firewalls; iptables, nftables, ufw, and firewalld. Covered in enough detail that a beginner can get started very quickly.File and Disk Encryption is handled well. GPG, LUKS, eCryptfs OpenSSL, PKI. These are not easy topics but are explained well.SSH hardening is covered in detail well.Access Control is done over two chapters though split into two sections, DAC (files/directories) the easier to do and MAC (selinux and apparmor) much harder. Both topics are not easy subjects but are detailed thoroughly with good examples that you can follow and get a good understanding to the requirements and how to implement.Kernel Hardening is next with the well known sysctl kernel parameters, cgroups, namespaces and seccomp with a little diversion into docker and it's vulnerabilities that it creates for the host. Hacking hosts from containers is great fun an this gives a little taster.The chapter on AntiVirus and RootKits starts off with the usual "you only needs AV on Linux to keep your Windows safe". The part on rootkits was interesting enough with the authors option that the FOSS rootkit hunter software doesn't find much anyway - something i agree with. File analysis with VirusTotal was a good addition, though a mention that it does have some false positives occasionally may help others. I didn't see anything on yara which would have been good. Using auditd was done well with good introductions on how to use the search and reporting facilities.A chapter on logging with rsyslog looked at in depth and journald touched on lightly. Journald has a lot going for it and it would have benefited from a more closer look by the author.Vulnerability Scanning and Intrusion Detection picks some useful FOSS tooling which is great for the beginner but for enterprise you'll need to dig deep and purchase something better IMHO.The penultimate chapter is about preventing unwanted programs from running using partition options and fapolicyd. This is useful and required in many compliance/benchmark policies but seemed it should have been as early chapter maybe.The final chapter touches on system service auditing, boot loader protection and bios protection. These are important topics and covered well.There is a lot to be gained from this book and all in all, it does what it says on the tin, it is "A practical guide to protecting your Linux system from cyber attacks"Well worth a read for those (beginner or experienced) needing to do Linux hardening.