Linux Security Cookbook

UDP

    blocking packets on privileged ports 

    probing ports, difficulties of 

    stateful firewall, necessity for 

    testing for open port 

umask

    Linux chmod and umask commands 

    preventing files from being world-writable 

    setting as group writable 

unicast packets 

unique identifier for GnuPG keys 

unsecured IMAP connections 

unshadow command 

urlsnarf command 

Usenet news, tunneling NNTP connections through SSH 

user (inetd.conf file) 

user accounts

    allowing one account to access another with ksu 

    multiple root accounts 

    without a password, finding 

    restricting access to SSH server by 

    restricting hostbased authentication to 

    for SMTP authentication 

    superuser, finding 

    suspicious use, checking for 

        on multiple systems 

    usernames in remote file copying 

    usernames in trusted-host authentication 

user facility, system messages 

user ID of zero (0) (superuser) 

users

    administration of their own machines 

    authorizing to restart sshd 

    changes since last Tripwire check 

    Kerberos credentials for 

    login information about, printing 

    script forcing sudo to prompt for password