Linux Server Security (2nd Edition( [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Linux Server Security (2nd Edition( [Electronic resources] - نسخه متنی

Michael D. Bauer

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Section 6.1. DNS Basics

Section 6.2. DNS Security Principles

Section 6.3. Selecting a DNS Software Package

Section 6.4. Securing BIND

Section 6.5. djbdns

Section 6.6. Resources

Chapter 7. Using LDAP for Authentication

Section 7.1. LDAP Basics

Section 7.2. Setting Up the Server

Section 7.3. LDAP Database Management

Section 7.4. Conclusions

Section 7.5. Resources

Chapter 8. Database Security

Section 8.1. Types of Security Problems

Section 8.2. Server Location

Section 8.3. Server Installation

Section 8.4. Database Operation

Section 8.5. Resources

Chapter 9. Securing Internet Email

Section 9.1. Background: MTA and SMTP Security

Section 9.2. Using SMTP Commands to Troubleshootand Test SMTP Servers

Section 9.3. Securing Your MTA

Section 9.4. Sendmail

Section 9.5. Postfix

Section 9.6. Mail Delivery Agents

Section 9.7. A Brief Introduction to Email Encryption

Section 9.8. Resources

Chapter 10. Securing Web Servers

Section 10.1. Web Security

Section 10.2. The Web Server

Section 10.3. Web Content

Section 10.4. Web Applications

Section 10.5. Layers of Defense

Section 10.6. Resources

Chapter 11. Securing File Services

Section 11.1. FTP Security

Section 11.2. Other File-Sharing Methods

Section 11.3. Resources

Chapter 12. System Log Management and Monitoring

Section 12.1. syslog

Section 12.2. Syslog-ng

Section 12.3. Testing System Logging with logger

Section 12.4. Managing System Logfiles with logrotate

Section 12.5. Using Swatch for Automated Log Monitoring

Section 12.6. Some Simple Log-Reporting Tools

Section 12.7. Resources

Chapter 13. Simple Intrusion Detection Techniques

Section 13.1. Principles of Intrusion Detection Systems

Section 13.2. Using Tripwire

Section 13.3. Other Integrity Checkers

Section 13.4. Snort

Section 13.5. Resources

Colophon
توضیحات
افزودن یادداشت جدید







Chapter 9. Securing Internet Email


Like DNS, email's
importance and ubiquity make it a prime target for vandals, thieves,
and pranksters. Common types of email abuse include the following:

Eavesdropping confidential data sent via email "Mail-bombing" people with bogus
messages that fill up their mailboxes or crash their email servers Sending messages with forged sender addresses to impersonate someone
else Propagating viruses Starting chain letters (hoaxes) Hijacking the email server itself to launch other types of attacks Sending unsolicited commercial email (UCE), a.k.a.
"spam"
The scope and severity of these threats are not helped by the
complexity of running Internet email services, including both
Mail Transfer Agents (MTAs) and Mail
Delivery Agents (MDAs). Email administration requires a working
understanding of the Simple Mail
Transfer Protocol (SMTP) plus your MDA protocol of choice (typically
IMAP or POP3), as well as a mastery of your MTA and MDA applications
of choice. There really aren't any shortcuts around
either requirement (although some MTAs and MDAs are easier to master
than others).

There are a number of MTAs in common use.
Sendmail is the
oldest and traditionally the most popular.
Postfix is a more
modular, simpler, and more secure alternative by Wietse
Venema.
Qmail is another
modular and secure alternative by Daniel J. Bernstein.
Exim is the default MTA
in Debian GNU/Linux.
And those are just a few!

In this chapter, we'll cover some general email
security concepts, and then we'll explore specific
techniques for securing two different MTAs: Sendmail, because of its
popularity, and Postfix, because it's my preferred
MTA. But we won't stop there!

As important as MTAs are, your users don't interact
directly with them; most users retrieve mail via a Mail Delivery
Agent (MDA) service such as POP3 or IMAP (or a web interface that
interacts with an MDA). Therefore we'll also cover
MDA security basics, how to secure the popular Cyrus IMAP MDA with
both SSL and LDAP, and then end with a brief discussion of email
encryption.


/ 94