Linux Security Cookbook
| [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] race conditions during snapshot generation rc files, storing load commands for firewall read permission, preventing directory listing read-only access to shared file via sudo read-only integrity checks realms, Kerberos adding hosts to existing realm adding users to existing realm choosing name for 2nd reboots, records of recent logins to system accounts, checking for recipes in this book, trying recurse=n attribute (Tripwire) recursion in PAM modules recursive copying of remote directory Red Hat Linux authconfig utility default dummy keypairs and certificates for imapd and pop3d Evolution, testing of pre-installed trusted SSL certificates facility local7, use for boot messages firewall rules, saving and restoring Guide to Password Security IMAP/SSL certificate on server imapd with Kerberos support Kerberos packages, installing loading firewall rules at boot time rc files ÒiptablesÓ and ÒipchainsÓ MD5-hashed passwords stored in shadow file (v. 8.0) MIT Kerberos-5 PAM, enforcing password strength requirements preconfiguration to run tripwire nightly via cron process accounting RPM script allowing users to start/stop daemons Snort, starting at boot SSL certificates adding new certificate TCP wrappers 2nd redirect keyword (xinetd) redirecting blocking redirects connections to another socket standard input from /dev/null regular expressions (and pattern matching) extracting passwords with grep patterns fgrep command and identifying encrypted mail messages ngrep, finding strings in network traffic urlsnarf, use with REJECT blocking incoming packet and sending error message DROP and, refusing packets (iptables) pings and preventing only SSH connections from nonapproved hosts relative pathnames directories in search path in remote file copying relay server for non-local mail remote filesystems, searching remote hosts blocking access for some but not others blocking access from particular remote host blocking access to particular host preventing from pretending to be local to network restricting access by (xinetd with libwrap) restricting access to TCP service inetd via xinetd remote integrity checking remote programs, invoking securely interactive programs noninteractive commands remote users, restricting access to network services renamed file, copying remotely with scp reports, Tripwire ignoring discrepancies by updating database printing latest revocation certificate distributing for revoked key revoking a public key rhost item (PAM) RhostsRSAAuthentication keyword (OpenSSH) rlogin session that used no password, detection with dsniff root logins, preventing on terminal devices multiple root accounts packet-sniffing programs, running as PermitRootLogin (sshd_config) privileges, dispensing root login shell, running running nmap as running root commands via SSH running X programs as root (while logged in as normal user) setuid root for ssh-keysign program setuid root program hidden in filesystems sharing privileges via Kerberos via multiple superuser accounts via SSH (without revealing password) sharing root password sudo command invoking programs with restricting privileges via running commands as another user rootkits looking for searching system for subversion of exec call to tripwire rotating log files process accounting routers firewalls for hosts configured as packet sniffers and RPC services displaying information about with nmap -sR port numbers assigned to printing dynamically assigned ports for processes that use, examining with lsof +M rpcinfo command 2nd RPM-installed files, verifying rsync utility --progress option -n option (not copying files) integrity checking with remote integrity checking with ssh, mirroring set of files securely between machines runlevel changes, records of runlevels (networking), loading firewall rules for runtime kernel integrity checkers |