Linux Security Cookbook [Electronic resources]

Daniel J. Barrett, Robert G. Byrnes, Richard Silverman

نسخه متنی -صفحه : 247/ 243

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X]

tar utility

bundling files into single file and encrypting the tarball

encrypted backups, creating with gpg

encrypting all files in directory

TCP

enabling/disabling service invocation by inetd

IPID Sequence tests and, measuring vulnerability to forged connections

pings for host discovery, use by nmap

preventing service invocation by xinetd

reassembling streams with libnids

redirection of connections with SSH tunneling

restricting access by remote hosts (inetd)

restricting access by remote hosts (xinetd)

restricting access by remote users

RST packets for blocked ports, returned by firewall

slowing or killing connections, simulation with dsniff

stream reassembly with libnids

testing for open port

testing port by trying to connect with Telnet

tunneling session through SSH

TCP-wrappers

controlling incoming access by particular hosts or domains

sshd, built-in support for

TCP/IP connections

DROP vs. REJECT

rejecting TCP packets that initiate connections

tcpd

restricting access by remote hosts

using with xinetd

using with inetd to restrict remote host access

tcpdump (packet sniffer)

-i any options, using ifconfig before

-i option (to listen on a specific interface)

-r option, reading/displaying network trace data

-w option (saving packets to file)

libcap (packet capture library)

payload display

printing information about nmap port scan

selecting specific packets with capture filter expression

snapshot length

verifying secure mail traffic

tcsh shell

terminating SSH agent on logout

TCT (The CoronerÕs Toolkit)

Telnet

access control

blocking all outgoing connections

restricting access by time of day

restricting for remote hosts (xinetd with libwrap)

disabling/enabling invocation by xinetd

Kerberos authentication with PAM

Kerberos authentication, using with

passwords captured from sessions with dsniff

security risks of

testing TCP port by trying to connect

telnetd, configuring to require strong authentication

terminals

Linux recording of for each user

preventing superuser (root) from logging in via

testing systems for security holes [See monitoring systems for suspicious activity]

text editors, using encryption features for email

text-based certificate format [See PEM format]

Thawte (Certifying Authority)

threading, listing for new service in inetd.conf

tickets, Kerberos

for IMAP on the mail server

SSH client, obtaining for

time of day, restricting service access by

timestamps

recorded by system logger for each message

in Snort filenames

sorting log files by

verifying for RPM-installed files

TLS (Transport Layer Security) [See SSL]

tracing network system calls

Transport Layer Security (TLS) [See SSL]

checking Windows VFAT filesystems

adding files to

excluding files from

updating to ignore discrepancies

displaying policy and configuration

download site for latest version

highly secure integrity checks

integrity check

integrity checking, basic

manual integrity checks, using instead of

policy and configuration, modifying

printing latest report

protecting files against attacks

read-only integrity checks

remote integrity checking

RPM-installed files, verifying

twinstall.sh script

using rsync instead of

Trojan horses

checking for with chkrootkit

planted in commonly-used software packages

trusted certificates

trusted public keys (GnuPG)

trusted-host authentication

canonical hostname, finding for client

implications of

strong trust of client host

weak authorization controls

tunneling

TCP session through SSH

transferring your email from another ISP with SSH

twinstall.sh script (Tripwire)

twprint program