Linux Security Cookbook [Electronic resources]

Daniel J. Barrett, Robert G. Byrnes, Richard Silverman

نسخه متنی -صفحه : 247/ 232

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X]

ICMP

blocking messages

blocking some messages

closed ports, detecting with messages

pings for host discovery, use by nmap

rate-limiting functions of Linux kernel

IDENT

checking with TCP-wrappers

DROP, problems with

testing server with nmap -I for security

identification file (SSH2 key files) 2nd

idfile script (manual integrity checker)

IDs for cryptographic keys (GnuPG default secret key)

ifconfig program

-a option (information about all network interfaces and loaded drivers)

controlling network interfaces

enabling promiscuous mode for specific interfaces

enabling unconfigured interface

listing network interfaces

observing network traffic

stopping network device

IgnoreRhosts option

IMAP

access control list (ACL) for server, creating with PAM

enabling IMAP daemon within xinetd or inetd

in /etc/pam.d startup file

Kerberos authentication, using with

mail session security

with SSH and Pine

with SSL and Evolution

with SSL and mutt 2nd

with SSL and Pine

with SSL and stunnel

with stunnel and SSL

remote polling of server by fetchmail

SSL certificate, validating server with

STARTTLS command

testing SSL connection to server

unsecured connections, permitting

IMAP/SSL certificate on Red Hat server

imapd

enabling within xinetd or inetd

Kerberos support

SSL, using with

validation of passwords, controlling with PAM

importing keys

from a keyserver

PGP, importing into GnuPG

incident report (security), filing

gathering information for

includedir (xinetd.conf)

incoming network traffic, controlling [See firewalls networks, access control]

incorrect net address (sshd)

-R option, preventing denial-of-service attacks 2nd

adding new network service

enabling/disabling TCP service invocation by

IMAP daemon, enabling

POP daemon, enabling

restricting access by remote hosts 2nd

inetd.conf file

adding new network service

restricting service access by time of day

inode numbers

changes since last Tripwire check

rsync tool, inability to check with

Windows VFAT filesystems, instructing Tripwire not to compare

input/output

capturing stdout/stderr from programs not using system logger

stunnel messages

Insecure.orgÕs top 50 security tools

instances keyword (xinetd)

instruction sequence mutations (attacks against protocols)

integrity checkers 2nd [See also Tripwire]

runtime, for the kernel

integrity checks

checking for file alteration since last snapshot

dual-ported disk array, using

printing latest tripwire report

rsync, using for

interactive programs, invoking on remote machine

interfaces, network

enabling/disabling, levels of control

Internet email, acceptance by SMTP server

Internet Protocol Security (IPSec)

Internet protocols, references for

Internet services daemon [See inetd]

intrusion detection for networks

anti-NIDS attacks

decoding alert messages

detecting intrusions

ruleset, upgrading and tuning

testing with nmap stealth operations

IP addresses

conversion to hostnames by netstat and lsof commands

in firewall rules, using hostnames instead of

host discovery for (without port scanning)

for SSH client host

IP forwarding flag

blocking access for particular remote host for a particular service

blocking access for some remote hosts but not others

blocking all access by particular remote host

blocking all incoming HTTP traffic

blocking incoming HTTP traffic while permitting local HTTP traffic

blocking incoming network traffic

blocking outgoing access to all web servers on a network

blocking outgoing Telnet connections

blocking outgoing traffic

blocking outgoing traffic to particular remote host

blocking remote access, while permitting local

blocking spoofed addresses

building chain structures

default policies

deleting firewall rules

DENY and REJECT. DROP, refusing packets with

disabling TCP service invocation by remote request

inserting firewall rules in particular position

listing firewall rules

logging and dropping certain packets

permitting incoming SSH access only

preventing pings

protecting dedicated server

restricting telnet service access by source address

simulating packet traversal through to verify firewall operation

testing firewall configuration

ipchains-restore

loading firewall configuration

ipchains-save

checking IP addresses

saving firewall configuration

viewing rules with

--syn flag to process TCP packets

blocking access for particular remote host for a particular service

blocking access for some remote hosts but not others

blocking all access by particular remote host

blocking all incoming HTTP traffic

blocking incoming HTTP traffic while permitting local HTTP traffic

blocking incoming network traffic

blocking outgoing access to all web servers on a network

blocking outgoing Telnet connections

blocking outgoing traffic

blocking outgoing traffic to particular remote host

blocking remote access, while permitting local

blocking spoofed addresses

building chain structures

controlling access by MAC address

default policies

deleting firewall rules

disabling reverse DNS lookups (-n option)

disabling TCP service invocation by remote request

DROP and REJECT, refusing packets with

error packets, tailoring

inserting firewall rules in particular position

listing firewall rules

permitting incoming SSH access only

preventing pings

protecting dedicated server

restricting telnet service access by source address

rule chain for logging and dropping certain packets

testing firewall configuration

iptables-restore

loading firewall configuration

iptables-save

checking IP addresses

saving firewall configuration

viewing rules with

IPv4-in-IPv6 addresses, problems with

ISP mail servers, acceptance of relay mail

issuer (certificates)