Linux Security HOWTO
Linux Security HOWTO
Kevin Fenzi, kevin@scrye.com & Dave Wreski, dave@nic.comv0.9.11, 1 May 1998This document is a general overview of security issues that face the
administrator of Linux systems. It covers general security philosophy
and a number of specific examples of how to better secure your Linux
system from intruders. Also included are pointers to security related
material and programs. NOTE: This is a beta version of this document. Improvements,
constructive criticism, additions and corrections are gratefully
accepted. Please mail your feedback to both authors. Be sure and
include "Linux", "security" or "HOWTO" in the subject line of your
mail to avoid spam filters and to bring your mail to the quick
attention of the authors.1. Introduction1.1 New Versions of this Document1.2 Feedback1.3 Disclaimer1.4 Copyright Information2. Overview2.1 Why Do We Need Security?2.2 How Secure Is Secure?2.3 What Are You Trying to Protect?2.4 Developing A Security Policy2.5 Means of Securing Your Site2.6 Organization of This Document3. Physical Security3.1 Computer locks3.2 BIOS Security3.3 Boot Loader Security3.4 xlock and vlock3.5 Detecting Physical Security Compromises4. Local Security4.1 Creating New Accounts4.2 Root Security5. Files and Filesystem Security5.1 Umask Settings5.2 File Permissions5.3 Integrity Checking with Tripwire5.4 Trojan Horses6. Password Security & Encryption6.1 PGP and Public Key Cryptography6.2 SSL, S-HTTP, HTTPS and S/MIME6.3 Linux x-kernel IPSEC Implementation6.4 SSH (Secure Shell), stelnet6.5 PAM - Pluggable Authentication Modules6.6 Cryptographic IP Encapsulation (CIPE)6.7 Kerberos6.8 Shadow Passwords.6.9 Crack and John the Ripper6.10 CFS - Cryptographic File System and TCFS - transparent cryptographic File System6.11 X11, SVGA and display security7. Kernel Security7.1 Kernel Compile Options7.2 Kernel Devices8. Network Security8.1 Packet Sniffers8.2 System services and tcp_wrappers8.3 Verify Your DNS Information8.4 identd8.5 SATAN , ISS, and Other Network Scanners8.6 Sendmail, qmail and MTA's.8.7 Denial of Service Attacks8.8 NFS (Network File System) Security.8.9 NIS (Network Information Service) (formerly YP).8.10 Firewalls9. Security Preparation (before you go on-line)9.1 Make a Full Backup of Your Machine9.2 Choosing a Good Backup Schedule9.3 Backup Your RPM or Debian File Database9.4 Keep Track of Your System Accounting Data9.5 Apply All New System Updates.10. What To Do During and After a Breakin10.1 Security Compromise under way.10.2 Security Compromise has already happened11. Security Sources11.1 FTP sites11.2 Web Sites11.3 Mailing Lists11.4 Books - Printed Reading Material.12. Glossary13. Frequently Asked Questions14. Conclusion15. Thanks to
n
Wyszukiwarka
Podobne podstrony:
security howto 7 bif7pmbdlmrob6tcblpvwkf37huqfjqc5eeufry bif7pmbdlmrob6tcblpvwkf37huqfjqc5eeufrysecurity howto 12 sezbwv7n6y47gabon75tio6lcgxevwjrrm4eeta sezbwv7n6y47gabon75tio6lcgxevwjrrm4eetasecurity howto 10 tvgtmcpwo322hl5vo7uep26qcjhacrhtfsnf7nq tvgtmcpwo322hl5vo7uep26qcjhacrhtfsnf7nqsecurity howto 13 442ylxnyi72eqfya3rkcmf3aqybwose2mqs7tha 442ylxnyi72eqfya3rkcmf3aqybwose2mqs7thasecurity howto 3 zpephbiqdl4t6dtrzvfpzajgtecytw6eezc3z3q zpephbiqdl4t6dtrzvfpzajgtecytw6eezc3z3qsecurity howto 14 z3b5loblb2pw4qjxpvcaxiw3pe7hvjayyyf5esq z3b5loblb2pw4qjxpvcaxiw3pe7hvjayyyf5esqsecurity howto 2 chtz4dahk7w65lxpd7g56vamt2uy3fxv4rogaky chtz4dahk7w65lxpd7g56vamt2uy3fxv4rogakysecurity howto 9 f7342fcwwas3fsaa4esqnbl3i7fjisuryfs5aci f7342fcwwas3fsaa4esqnbl3i7fjisuryfs5acisecurity howto 15 3zax2ehwxqawfacyqfs7solwqd6wh2ertk6x4ci 3zax2ehwxqawfacyqfs7solwqd6wh2ertk6x4cisecurity howto 4 oyn2jwy6vqxvea42zoci4csptsaomiur256qxpq oyn2jwy6vqxvea42zoci4csptsaomiur256qxpqsecurity howto 5 jbeju3l27fjg2sip3a2spfnomfbvrsveawv6qta jbeju3l27fjg2sip3a2spfnomfbvrsveawv6qtasecurity howto 1 kjo6rgmlpqtrvnnuy2jaa2bcaxpunloicb7tgva kjo6rgmlpqtrvnnuy2jaa2bcaxpunloicb7tgvasecurity howto 11 li7hwsfwf7ghxwhasbk4mhnborud6d6pibtdg3i li7hwsfwf7ghxwhasbk4mhnborud6d6pibtdg3isecuring debian howto enbootdisk howto pl 8PPP HOWTO pl 6 (2)NIS HOWTO pl 1 (2)kernel howto 3 clbigwpagydoy3epnkmic3ys7wlqwsg4rlwwgvq clbigwpagydoy3epnkmic3ys7wlqwsg4rlwwgvqconsultants howto 18więcej podobnych podstron