Linux Security Cookbook
| [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] ICMP blocking messages blocking some messages closed ports, detecting with messages pings for host discovery, use by nmap rate-limiting functions of Linux kernel IDENT checking with TCP-wrappers DROP, problems with testing server with nmap -I for security identification file (SSH2 key files) 2nd identity idfile script (manual integrity checker) IDs for cryptographic keys (GnuPG default secret key) ifconfig program -a option (information about all network interfaces and loaded drivers) controlling network interfaces enabling promiscuous mode for specific interfaces enabling unconfigured interface listing network interfaces observing network traffic stopping network device ifdown script ifup script IgnoreRhosts option IMAP access control list (ACL) for server, creating with PAM enabling IMAP daemon within xinetd or inetd in /etc/pam.d startup file Kerberos authentication, using with mail session security with SSH 2nd with SSH and Pine with SSL with SSL and Evolution with SSL and mutt 2nd with SSL and Pine with SSL and stunnel with stunnel and SSL remote polling of server by fetchmail SSL certificate, validating server with STARTTLS command testing SSL connection to server unsecured connections, permitting IMAP/SSL certificate on Red Hat server imapd enabling within xinetd or inetd Kerberos support SSL, using with validation of passwords, controlling with PAM importing keys from a keyserver PGP, importing into GnuPG incident report (security), filing gathering information for includedir (xinetd.conf) incoming network traffic, controlling [See firewalls networks, access control] incorrect net address (sshd) inetd -R option, preventing denial-of-service attacks 2nd adding new network service enabling/disabling TCP service invocation by IMAP daemon, enabling POP daemon, enabling restricting access by remote hosts 2nd inetd.conf file adding new network service restricting service access by time of day inode numbers changes since last Tripwire check rsync tool, inability to check with Windows VFAT filesystems, instructing Tripwire not to compare input/output capturing stdout/stderr from programs not using system logger Snort alerts stunnel messages Insecure.orgÕs top 50 security tools instances keyword (xinetd) instruction sequence mutations (attacks against protocols) integrity checkers 2nd [See also Tripwire] Aide runtime, for the kernel Samhain integrity checks automated checking for file alteration since last snapshot highly secure dual-ported disk array, using manual printing latest tripwire report read-only remote reports rsync, using for interactive programs, invoking on remote machine interfaces, network bringing up enabling/disabling, levels of control listing 2nd Internet email, acceptance by SMTP server Internet Protocol Security (IPSec) Internet protocols, references for Internet services daemon [See inetd] intrusion detection for networks anti-NIDS attacks Snort system decoding alert messages detecting intrusions logging ruleset, upgrading and tuning testing with nmap stealth operations IP addresses conversion to hostnames by netstat and lsof commands in firewall rules, using hostnames instead of host discovery for (without port scanning) for SSH client host IP forwarding flag ipchains blocking access for particular remote host for a particular service blocking access for some remote hosts but not others blocking all access by particular remote host blocking all incoming HTTP traffic blocking incoming HTTP traffic while permitting local HTTP traffic blocking incoming network traffic blocking outgoing access to all web servers on a network blocking outgoing Telnet connections blocking outgoing traffic blocking outgoing traffic to particular remote host blocking remote access, while permitting local blocking spoofed addresses building chain structures default policies deleting firewall rules DENY and REJECT. DROP, refusing packets with disabling TCP service invocation by remote request inserting firewall rules in particular position listing firewall rules logging and dropping certain packets permitting incoming SSH access only preventing pings protecting dedicated server restricting telnet service access by source address simulating packet traversal through to verify firewall operation testing firewall configuration ipchains-restore loading firewall configuration ipchains-save checking IP addresses saving firewall configuration viewing rules with IPSec iptables --syn flag to process TCP packets blocking access for particular remote host for a particular service blocking access for some remote hosts but not others blocking all access by particular remote host blocking all incoming HTTP traffic blocking incoming HTTP traffic while permitting local HTTP traffic blocking incoming network traffic blocking outgoing access to all web servers on a network blocking outgoing Telnet connections blocking outgoing traffic blocking outgoing traffic to particular remote host blocking remote access, while permitting local blocking spoofed addresses building chain structures controlling access by MAC address default policies deleting firewall rules disabling reverse DNS lookups (-n option) disabling TCP service invocation by remote request DROP and REJECT, refusing packets with error packets, tailoring inserting firewall rules in particular position listing firewall rules permitting incoming SSH access only preventing pings protecting dedicated server restricting telnet service access by source address rule chain for logging and dropping certain packets testing firewall configuration website iptables-restore loading firewall configuration iptables-save checking IP addresses saving firewall configuration viewing rules with IPv4-in-IPv6 addresses, problems with ISP mail servers, acceptance of relay mail issuer (certificates) self-signed |