Network Security Hacks: Tips & Tools for Protecting Your Privacy

packages (compromised), finding with RPM 

packet sniffers

    examining SSH connection tunneled through HTTP 

    rpcapd remote capture device, using with 

    WinDump 

PacketFilter (PF) 

    authenticated gateway, creating 

    blocking packets used for operating-system probes 

    pf.conf file, editing

        defining table of IP addresses 

        macros 

        options 

        packet-filtering rules 

        traffic normalization rules 

    SnortSam, using with 

paging file (Windows), clearing at shutdown 

PAM (pluggable authentication modules) 

    pam_access module 

    pam_limits module 

    pam_stack module 

    pam_time module 

partitions (disk), imaging 

passwd program, SUID or SGID bit 

passwords  [See also authentication]

    command execution without password 

patch utility, applying grsecurity patch to kernel 

patching system security holes, automation of 

PaX (grsecurity) 

Pcap-formatted files, creating with Barnyard 

Perl modules, necessary for swatch tool 

Perl scripts, running through CGI interface 

Perl, sensor agents for SnortCenter 

permissions

    creating flexible hierarchies with POSIX ACLs 

    world- and group-writable 

PF  [See PacketFilter]

pfctl command 

PHP

    libraries for SnortCenter 

    programs, running through CGI interface 

    Sebek package, use by 

    using with ACID 

PHPlot 

PIDs (process IDs)

    listing for listening services 

    stunnel PID file 

ping program

    finding system MAC address 

    monitoring statistics from web server 

pipe action, swatch 

PIX firewall, using with SnortSam 

pluggable authentication modules  [See PAM]

pluto 

Point-to-Point Tunneling Protocol  [See PPTP tunneling]

poisioning the ARP cache 

policies, systrace 

    automated generation of 

POP, encrypting with SSL 

POP3 traffic, encrypting and forwarding with SSH 

PoPToP (PPTP server) 

    connecting to with Windows machine 

port forwarding

    honeyd, using with 

    httptunnel, using 

    SSH, using as SOCKS proxy 

    SSH, using for 

    stunnel, using 

port security (Ethernet switches) 

ports

    monitor port 

    open, listing for Windows systems 

    scanning for listening services 

    SnortSam port option 

    specifying for packets in Snort rules 

portscan and stream4 preprocessors, Snort  2nd 

POST method requests, scanning by mod_security 

PPP tunnels, setting up with PPTP tunneling 

PPP, using with SSH to create secure VPN tunnel 

PPTP (Point-to-Point Tunneling Protocol) tunneling 

priorities, for logging 

    configuring for syslog-ng 

process accounting 

    ac command 

    lastcomm command 

    summarizing with sa command 

processes

    increasing security with grsecurity 

    listing for listening services 

    listing for open files on Windows 

    listing for running services on Windows 

    memory address space layouts, randomization with grsecurity 

proftpd, using with MySQL authentication source 

promiscuous mode (network interfaces) 

    detecting to prevent intrusion 

    detection with chkrootkit 

    monitoring with rpcapd 

ProPolice 

protocol analyzers  [See Ethereal protocol analyzer ntop tool]

protocols

    for Snort rule application 

    specifying protocol for Snort rule 

    stateless 

proxies

    httptunnel connections through web proxy 

    squid proxy over SSH 

    SSH, using as SOCKS proxy 

    whois proxy, geektools.com 

proxy arp 

pseudo-TTY interfaces, PPP daemons operating over 

psk.txt file (racoon)