Linux Server Security (2nd Edition( [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Linux Server Security (2nd Edition( [Electronic resources] - نسخه متنی

Michael D. Bauer

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Section 6.1. DNS Basics

Section 6.2. DNS Security Principles

Section 6.3. Selecting a DNS Software Package

Section 6.4. Securing BIND

Section 6.5. djbdns

Section 6.6. Resources

Chapter 7. Using LDAP for Authentication

Section 7.1. LDAP Basics

Section 7.2. Setting Up the Server

Section 7.3. LDAP Database Management

Section 7.4. Conclusions

Section 7.5. Resources

Chapter 8. Database Security

Section 8.1. Types of Security Problems

Section 8.2. Server Location

Section 8.3. Server Installation

Section 8.4. Database Operation

Section 8.5. Resources

Chapter 9. Securing Internet Email

Section 9.1. Background: MTA and SMTP Security

Section 9.2. Using SMTP Commands to Troubleshootand Test SMTP Servers

Section 9.3. Securing Your MTA

Section 9.4. Sendmail

Section 9.5. Postfix

Section 9.6. Mail Delivery Agents

Section 9.7. A Brief Introduction to Email Encryption

Section 9.8. Resources

Chapter 10. Securing Web Servers

Section 10.1. Web Security

Section 10.2. The Web Server

Section 10.3. Web Content

Section 10.4. Web Applications

Section 10.5. Layers of Defense

Section 10.6. Resources

Chapter 11. Securing File Services

Section 11.1. FTP Security

Section 11.2. Other File-Sharing Methods

Section 11.3. Resources

Chapter 12. System Log Management and Monitoring

Section 12.1. syslog

Section 12.2. Syslog-ng

Section 12.3. Testing System Logging with logger

Section 12.4. Managing System Logfiles with logrotate

Section 12.5. Using Swatch for Automated Log Monitoring

Section 12.6. Some Simple Log-Reporting Tools

Section 12.7. Resources

Chapter 13. Simple Intrusion Detection Techniques

Section 13.1. Principles of Intrusion Detection Systems

Section 13.2. Using Tripwire

Section 13.3. Other Integrity Checkers

Section 13.4. Snort

Section 13.5. Resources

Colophon
توضیحات
افزودن یادداشت جدید







9.3. Securing Your MTA


Now we come to the specifics: how to
configure SMTP server software securely. But which software should
you use?

My own favorite MTA is
Postfix. Wietse
Venema, its
creator, has outstanding credentials as an expert and pioneer in
TCP/IP application security, making security one of the primary
design goals. What's more, Postfix has a very low
learning curve: simplicity is another design goal. Finally, Postfix
is extremely fast and reliable. I've never had a bad
experience with Postfix in any context (except the self-inflicted
kind).

Qmail also has an
enthusiastic user base. Even though it's only
slightly less difficult to configure than Sendmail,
it's worth considering for its excellent security
and performance. D. J. Bernstein's official Qmail
web site is at http://cr.yp.to/qmaill.

Exim, another highly
regarded mailer, is the default MTA in Debian GNU/Linux. The official
Exim home page is http://www.exim.org, and its creator, Philip
Hazel, has
written a book on it, Exim: The Mail Transfer
Agent (O'Reilly).

I mention Qmail and Exim because they each have their proponents,
including some people I respect a great deal. But as I mentioned at
the beginning of the chapter, Sendmail and Postfix are the MTAs
we're going to cover in depth here. So if
you're interested in Qmail or Exim,
you'll need to refer to the URLs I just pointed out.

After you've decided which MTA
to run, you need to consider how
you'll run it. An SMTP gateway that handles
all email entering an organization from the Internet and vice versa
but doesn't actually host any user accounts will
need to be configured differently from an SMTP server with local user
accounts and local mailboxes.

The next two sections are selective tutorials on Sendmail and
Postfix. I'll cover some basic aspects (but by no
means all) of what you need to know to get started on each
application, and then I'll cover as much as possible
on how to secure it. Where applicable, we'll
consider configuration differences between two of the most common
roles for SMTP servers: gateways and what I'll call
"shell servers" (SMTP servers with
local user accounts).

Both Sendmail and Postfix are capable of serving in a wide variety of
roles and therefore support many more features and options than I can
cover in a book on security. Sources of additional information are
listed at the end of this chapter.


/ 94