Linux Security Cookbook
| [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] tar utility bundling files into single file and encrypting the tarball encrypted backups, creating with gpg encrypting all files in directory TCP enabling/disabling service invocation by inetd IPID Sequence tests and, measuring vulnerability to forged connections pings for host discovery, use by nmap preventing service invocation by xinetd reassembling streams with libnids redirection of connections with SSH tunneling restricting access by remote hosts (inetd) restricting access by remote hosts (xinetd) restricting access by remote users RST packets for blocked ports, returned by firewall slowing or killing connections, simulation with dsniff stream reassembly with libnids testing for open port testing port by trying to connect with Telnet tunneling session through SSH TCP-wrappers controlling incoming access by particular hosts or domains sshd, built-in support for TCP/IP connections DROP vs. REJECT rejecting TCP packets that initiate connections tcpd restricting access by remote hosts using with xinetd using with inetd to restrict remote host access tcpdump (packet sniffer) -i any options, using ifconfig before -i option (to listen on a specific interface) -r option, reading/displaying network trace data -w option (saving packets to file) libcap (packet capture library) payload display printing information about nmap port scan selecting specific packets with capture filter expression snapshot length verifying secure mail traffic tcsh shell terminating SSH agent on logout TCT (The CoronerÕs Toolkit) tee command Telnet access control blocking all outgoing connections restricting access by time of day restricting for remote hosts (xinetd with libwrap) disabling/enabling invocation by xinetd Kerberos authentication with PAM Kerberos authentication, using with passwords captured from sessions with dsniff security risks of testing TCP port by trying to connect telnetd, configuring to require strong authentication terminals Linux recording of for each user preventing superuser (root) from logging in via testing systems for security holes [See monitoring systems for suspicious activity] tethereal text editors, using encryption features for email text-based certificate format [See PEM format] Thawte (Certifying Authority) threading, listing for new service in inetd.conf tickets, Kerberos for IMAP on the mail server SSH client, obtaining for ticks time of day, restricting service access by timestamps recorded by system logger for each message in Snort filenames sorting log files by verifying for RPM-installed files TLS (Transport Layer Security) [See SSL] tracing network system calls Transport Layer Security (TLS) [See SSL] Tripwire checking Windows VFAT filesystems configuration database adding files to excluding files from updating to ignore discrepancies displaying policy and configuration download site for latest version download sites highly secure integrity checks integrity check integrity checking, basic manual integrity checks, using instead of policy policy and configuration, modifying printing latest report protecting files against attacks read-only integrity checks remote integrity checking RPM-installed files, verifying setting up twinstall.sh script using rsync instead of weaknesses Trojan horses checking for with chkrootkit planted in commonly-used software packages trust, web of trusted certificates trusted public keys (GnuPG) trusted-host authentication canonical hostname, finding for client implications of strong trust of client host weak authorization controls tty item (PAM) tunneling TCP session through SSH transferring your email from another ISP with SSH twcfg.txt file twinstall.sh script (Tripwire) twpol.txt file twprint program |