Linux Security Cookbook
| [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] facilities, system messages sensitive information in messages FascistCheck function (CrackLib) fetchmail mail delivery with fgrep command file attributes, preserving in remote file copying file command file permissions [See permissions] files, protecting [See also Gnu Privacy Guard]2nd encrypted, maintaining with Emacs encrypting directories encrypting with password encryption, using maintaining encrypted files with vim permissions [See permissions] PGP keys, using with GnuPG prohibiting directory listings revoking a public key shared directory sharing public keys uploading new signatures to keyserver world-writable, finding files, searching effectively [See find command] filesnarf command filesystems /proc Andrew Filesystem kaserver device special files, potential security risks mounted, listing in /proc/mounts searching for security risks filenames, handling carefully information about your filesystems local vs. remote filesystems permissions, examining preventing crossing filesystem boundaries (find -xdev) rootkits skipping directories (find -prune) Windows VFAT, checking integrity of filtered email messages (PineGPG) filters capture expressions Ethereal, using with selecting specific packets display expressions Ethereal, using with tcpdump, using with logwatch, designing for protocols matching filter expression, searching network traffic for Snort, use by find command device special files, searching for manual integrity checks, running with searching filesystems effectively -exec option (one file at a time) -perm (permissions) option -print0 option -prune option -xdev option, preventing crossing filesystem boundaries running locally on its server setuid and setgid bits world-writable files, finding and fixing finger connections redirecting to another machine redirecting to another service fingerprints checking for keys imported from keyserver operating system 2nd nmap -O command public key, verifying for firewalls blocking access from a remote host blocking access to a remote host blocking all network traffic blocking incoming network traffic blocking incoming service requests blocking incoming TCP port for service blocking outgoing access to all web servers on a network blocking outgoing network traffic blocking outgoing Telnet connections blocking remote access while permitting local blocking spoofed addresses controlling remote access by MAC address decisions based on source addresses, testing with nmap designing for Linux host, philosophies for limiting number of incoming connections Linux machine acting as loading configuration logging network access control open ports not protected by, finding with nmap permitting SSH access only pings, blocking 2nd portmapper access, reason to block protecting dedicated server remote logging host, protecting rules building complex rule trees deleting hostnames instead of IP addresses, using in rules inserting listing loading at boot time saving configuration source address verification, enabling TCP ports blocked by TCP RST packets for blocked ports, returning testing configuration vulnerability to attacks and flushing a chain forced commands limiting programs user can run as root plaintext key, using with security considerations with server-side restrictions on public keys in authorized keys Forum of Incident Response and Security Teams (FIRST) home page forwardable credentials (Kerberized Telnet) FreeS/WAN (IPSec implementation) fstab file grpid, setting nodev option to prohibit device special files prohibiting executables setuid or setgid attributes for executables FTP open server, testing for exploitation as a proxy passwords captured from sessions with dsniff sftp fully-qualified directory name |