Book: LPI Linux Certification in a NutshellSection: Chapter 24. Exam 102 Highlighter's Index 24.9 Security 24.9.1 Objective 1: Perform Security Administration Tasks 24.9.1.1 TCP Wrappers -
Configuring TCP wrappers (tcpd) using /etc/hosts.allow and /etc/hosts.deny can enhance security for daemons controlled by inetd. -
tcpd is often configured to deny access to all systems for all services (a blanket deny), then specific systems are specified for legitimate access to services (limited allow). -
tcpd logs using syslog, commonly to /var/log/secure. 24.9.1.2 Finding executable SUID files 24.9.1.3 Verifying packages -
RPM packages are verified using the Verify mode, enabled using the -V (capital) option. -
The output for each package contains a string of eight characters that are set to dots when the attribute has not changed. The columns represent each of eight different attributes: MD5 checksum, file size, symlink attributes, the file's mtime, device file change, user/owner change, group change, and mode change. 24.9.1.4 SGID workgroups 24.9.1.5 The Secure Shell -
The Secure Shell, or SSH, can be used as an alternative to Telnet for secure communications. -
SSH can also protect FTP and other data streams, including X sessions. -
The Secure Shell daemon is sshd. 24.9.2 Objective 2: Set Up Host Security 24.9.2.1 Shadow passwords -
Enabling the use of shadow passwords can enhance local security by making encrypted passwords harder to steal. -
The use of shadow passwords causes the removal of password information from the publicly readable passwd file and places it in shadow, readable only by root. -
A similar system is implemented for shadow groups, using the gshadow file. 24.9.3 Objective 3: Set Up User-Level Security | | |