Linux Security Cookbook - Helion
ebook
Autor: Daniel J. Barrett, Richard E. Silverman, Robert G. ByrnesISBN: 978-14-493-6676-6
stron: 336, Format: ebook
Data wydania: 2003-06-02
Księgarnia: Helion
Cena książki: 118,15 zł (poprzednio: 137,38 zł)
Oszczędzasz: 14% (-19,23 zł)
Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes--short, focused pieces of code that administrators can use to improve security and perform common tasks securely.The Linux Security Cookbook includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure.Some of the "recipes" you'll find in this book are:
- Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more
- Monitoring your network with tcpdump, dsniff, netstat, and other tools
- Protecting network connections with Secure Shell (SSH) and stunnel
- Safeguarding email sessions with Secure Sockets Layer (SSL)
- Encrypting files and email messages with GnuPG
- Probing your own security with password crackers, nmap, and handy scripts
Osoby które kupowały "Linux Security Cookbook", wybierały także:
- Profesjonalne testy penetracyjne. Zbuduj własne środowisko do testów 67,42 zł, (20,90 zł -69%)
- Spring Security. Kurs video. Metody zabezpieczania aplikacji webowych 69,00 zł, (31,05 zł -55%)
- Bezpieczeństwo systemów informatycznych. Zasady i praktyka. Wydanie IV. Tom 2 99,00 zł, (49,50 zł -50%)
- Hartowanie Linuksa we wrogich środowiskach sieciowych. Ochrona serwera od TLS po Tor 59,00 zł, (29,50 zł -50%)
- Przetwarzanie danych w dużej skali. Niezawodność, skalowalność i łatwość konserwacji systemów 89,00 zł, (44,50 zł -50%)
Spis treści
Linux Security Cookbook eBook -- spis treści
- Linux Security Cookbook
- Preface
- A Cookbook About Security?!?
- Intended Audience
- Roadmap of the Book
- Our Security Philosophy
- Supported Linux Distributions
- Trying the Recipes
- Conventions Used in This Book
- Wed Like to Hear from You
- Acknowledgments
- 1. System Snapshots with Tripwire
- 1.1. Setting Up Tripwire
- 1.1.1. Problem
- 1.1.2. Solution
- 1.1.3. Discussion
- 1.1.4. See Also
- 1.2. Displaying the Policy and Configuration
- 1.2.1. Problem
- 1.2.2. Solution
- 1.2.3. Discussion
- 1.2.4. See Also
- 1.3. Modifying the Policy and Configuration
- 1.3.1. Problem
- 1.3.2. Solution
- 1.3.3. Discussion
- 1.3.4. See Also
- 1.4. Basic Integrity Checking
- 1.4.1. Problem
- 1.4.2. Solution
- 1.4.3. Discussion
- 1.4.4. See Also
- 1.5. Read-Only Integrity Checking
- 1.5.1. Problem
- 1.5.2. Solution
- 1.5.3. Discussion
- 1.5.4. See Also
- 1.6. Remote Integrity Checking
- 1.6.1. Problem
- 1.6.2. Solution
- 1.6.3. Discussion
- 1.6.4. See Also
- 1.7. Ultra-Paranoid Integrity Checking
- 1.7.1. Problem
- 1.7.2. Solution
- 1.7.3. Discussion
- 1.7.4. See Also
- 1.8. Expensive, Ultra-Paranoid Security Checking
- 1.8.1. Problem
- 1.8.2. Solution
- 1.8.3. Discussion
- 1.9. Automated Integrity Checking
- 1.9.1. Problem
- 1.9.2. Solution
- 1.9.3. Discussion
- 1.9.4. See Also
- 1.10. Printing the Latest Tripwire Report
- 1.10.1. Problem
- 1.10.2. Solution
- 1.10.3. Discussion
- 1.10.4. See Also
- 1.11. Updating the Database
- 1.11.1. Problem
- 1.11.2. Solution
- 1.11.3. Discussion
- 1.11.4. See Also
- 1.12. Adding Files to the Database
- 1.12.1. Problem
- 1.12.2. Solution
- 1.12.3. Discussion
- 1.12.4. See Also
- 1.13. Excluding Files from the Database
- 1.13.1. Problem
- 1.13.2. Solution
- 1.13.3. Discussion
- 1.13.4. See Also
- 1.14. Checking Windows VFAT Filesystems
- 1.14.1. Problem
- 1.14.2. Solution
- 1.14.3. Discussion
- 1.14.4. See Also
- 1.15. Verifying RPM-Installed Files
- 1.15.1. Problem
- 1.15.2. Solution
- 1.15.3. Discussion
- 1.15.4. See Also
- 1.16. Integrity Checking with rsync
- 1.16.1. Problem
- 1.16.2. Solution
- 1.16.3. Discussion
- 1.16.4. See Also
- 1.17. Integrity Checking Manually
- 1.17.1. Problem
- 1.17.2. Solution
- 1.17.3. Discussion
- 1.17.4. See Also
- 1.1. Setting Up Tripwire
- 2. Firewalls with iptables and ipchains
- 2.1. Enabling Source Address Verification
- 2.1.1. Problem
- 2.1.2. Solution
- 2.1.3. Discussion
- 2.1.4. See Also
- 2.2. Blocking Spoofed Addresses
- 2.2.1. Problem
- 2.2.2. Solution
- 2.2.3. Discussion
- 2.2.4. See Also
- 2.3. Blocking All Network Traffic
- 2.3.1. Problem
- 2.3.2. Solution
- 2.3.3. Discussion
- 2.3.4. See Also
- 2.4. Blocking Incoming Traffic
- 2.4.1. Problem
- 2.4.2. Solution
- 2.4.3. Discussion
- 2.4.4. See Also
- 2.5. Blocking Outgoing Traffic
- 2.5.1. Problem
- 2.5.2. Solution
- 2.5.3. Discussion
- 2.5.4. See Also
- 2.6. Blocking Incoming Service Requests
- 2.6.1. Problem
- 2.6.2. Solution
- 2.6.3. Discussion
- 2.6.4. See Also
- 2.7. Blocking Access from a Remote Host
- 2.7.1. Problem
- 2.7.2. Solution
- 2.7.3. Discussion
- 2.7.4. See Also
- 2.8. Blocking Access to a Remote Host
- 2.8.1. Problem
- 2.8.2. Solution
- 2.8.3. Discussion
- 2.8.4. See Also
- 2.9. Blocking Outgoing Access to All Web Servers on a Network
- 2.9.1. Problem
- 2.9.2. Solution
- 2.9.3. Discussion
- 2.9.4. See Also
- 2.10. Blocking Remote Access, but Permitting Local
- 2.10.1. Problem
- 2.10.2. Solution
- 2.10.3. Discussion
- 2.10.4. See Also
- 2.11. Controlling Access by MAC Address
- 2.11.1. Problem
- 2.11.2. Solution
- 2.11.3. Discussion
- 2.11.4. See Also
- 2.12. Permitting SSH Access Only
- 2.12.1. Problem
- 2.12.2. Solution
- 2.12.3. Discussion
- 2.12.4. See Also
- 2.13. Prohibiting Outgoing Telnet Connections
- 2.13.1. Problem
- 2.13.2. Solution
- 2.13.3. Discussion
- 2.13.4. See Also
- 2.14. Protecting a Dedicated Server
- 2.14.1. Problem
- 2.14.2. Solution
- 2.14.3. Discussion
- 2.14.4. See Also
- 2.15. Preventing pings
- 2.15.1. Problem
- 2.15.2. Solution
- 2.15.3. Discussion
- 2.15.4. See Also
- 2.16. Listing Your Firewall Rules
- 2.16.1. Problem
- 2.16.2. Solution
- 2.16.3. Discussion
- 2.16.4. See Also
- 2.17. Deleting Firewall Rules
- 2.17.1. Problem
- 2.17.2. Solution
- 2.17.3. Discussion
- 2.17.4. See Also
- 2.18. Inserting Firewall Rules
- 2.18.1. Problem
- 2.18.2. Solution
- 2.18.3. Discussion
- 2.18.4. See Also
- 2.19. Saving a Firewall Configuration
- 2.19.1. Problem
- 2.19.2. Solution
- 2.19.3. Discussion
- 2.19.4. See Also
- 2.20. Loading a Firewall Configuration
- 2.20.1. Problem
- 2.20.2. Solution
- 2.20.3. Discussion
- 2.20.4. See Also
- 2.21. Testing a Firewall Configuration
- 2.21.1. Problem
- 2.21.2. Solution
- 2.21.3. Discussion
- 2.21.4. See Also
- 2.22. Building Complex Rule Trees
- 2.22.1. Problem
- 2.22.2. Solution
- 2.22.3. Discussion
- 2.22.4. See Also
- 2.23. Logging Simplified
- 2.23.1. Problem
- 2.23.2. Solution
- 2.23.3. Discussion
- 2.23.4. See Also
- 2.1. Enabling Source Address Verification
- 3. Network Access Control
- 3.1. Listing Your Network Interfaces
- 3.1.1. Problem
- 3.1.2. Solution
- 3.1.3. Discussion
- 3.1.4. See Also
- 3.2. Starting and Stopping the Network Interface
- 3.2.1. Problem
- 3.2.2. Solution
- 3.2.3. Discussion
- 3.2.4. See Also
- 3.3. Enabling/Disabling a Service (xinetd)
- 3.3.1. Problem
- 3.3.2. Solution
- 3.3.3. Discussion
- 3.3.4. See Also
- 3.4. Enabling/Disabling a Service (inetd)
- 3.4.1. Problem
- 3.4.2. Solution
- 3.4.3. Discussion
- 3.4.4. See Also
- 3.5. Adding a New Service (xinetd)
- 3.5.1. Problem
- 3.5.2. Solution
- 3.5.3. Discussion
- 3.5.4. See Also
- 3.6. Adding a New Service (inetd)
- 3.6.1. Problem
- 3.6.2. Solution
- 3.6.3. Discussion
- 3.6.4. See Also
- 3.7. Restricting Access by Remote Users
- 3.7.1. Problem
- 3.7.2. Solution
- 3.7.3. Discussion
- 3.7.4. See Also
- 3.8. Restricting Access by Remote Hosts (xinetd)
- 3.8.1. Problem
- 3.8.2. Solution
- 3.8.3. Discussion
- 3.8.4. See Also
- 3.9. Restricting Access by Remote Hosts (xinetd with libwrap)
- 3.9.1. Problem
- 3.9.2. Solution
- 3.9.3. Discussion
- 3.9.4. See Also
- 3.10. Restricting Access by Remote Hosts (xinetd with tcpd)
- 3.10.1. Problem
- 3.10.2. Solution
- 3.10.3. Discussion
- 3.10.4. See Also
- 3.11. Restricting Access by Remote Hosts (inetd)
- 3.11.1. Problem
- 3.11.2. Solution
- 3.11.3. Discussion
- 3.11.4. See Also
- 3.12. Restricting Access by Time of Day
- 3.12.1. Problem
- 3.12.2. Solution
- 3.12.3. Discussion
- 3.12.4. See Also
- 3.13. Restricting Access to an SSH Server by Host
- 3.13.1. Problem
- 3.13.2. Solution
- 3.13.3. Discussion
- 3.13.4. See Also
- 3.14. Restricting Access to an SSH Server by Account
- 3.14.1. Problem
- 3.14.2. Solution
- 3.14.3. Discussion
- 3.14.4. See Also
- 3.15. Restricting Services to Specific Filesystem Directories
- 3.15.1. Problem
- 3.15.2. Solution
- 3.15.3. Discussion
- 3.15.4. See Also
- 3.16. Preventing Denial of Service Attacks
- 3.16.1. Problem
- 3.16.2. Solution
- 3.16.3. Discussion
- 3.16.4. See Also
- 3.17. Redirecting to Another Socket
- 3.17.1. Problem
- 3.17.2. Solution
- 3.17.3. Discussion
- 3.17.4. See Also
- 3.18. Logging Access to Your Services
- 3.18.1. Problem
- 3.18.2. Solution
- 3.18.3. Discussion
- 3.18.4. See Also
- 3.19. Prohibiting root Logins on Terminal Devices
- 3.19.1. Problem
- 3.19.2. Solution
- 3.19.3. Discussion
- 3.19.4. See Also
- 3.1. Listing Your Network Interfaces
- 4. Authentication Techniques and Infrastructures
- 4.1. Creating a PAM-Aware Application
- 4.1.1. Problem
- 4.1.2. Solution
- 4.1.3. Discussion
- 4.1.4. See Also
- 4.2. Enforcing Password Strength with PAM
- 4.2.1. Problem
- 4.2.2. Solution
- 4.2.3. Discussion
- 4.2.4. See Also
- 4.3. Creating Access Control Lists with PAM
- 4.3.1. Problem
- 4.3.2. Solution
- 4.3.3. Discussion
- 4.3.4. See Also
- 4.4. Validating an SSL Certificate
- 4.4.1. Problem
- 4.4.2. Solution
- 4.4.3. Discussion
- 4.4.4. See Also
- 4.5. Decoding an SSL Certificate
- 4.5.1. Problem
- 4.5.2. Solution
- 4.5.3. Discussion
- 4.5.4. See Also
- 4.6. Installing a New SSL Certificate
- 4.6.1. Problem
- 4.6.2. Solution
- 4.6.3. Discussion
- 4.6.4. See Also
- 4.7. Generating an SSL Certificate Signing Request (CSR)
- 4.7.1. Problem
- 4.7.2. Solution
- 4.7.3. Discussion
- 4.7.4. See Also
- 4.8. Creating a Self-Signed SSL Certificate
- 4.8.1. Problem
- 4.8.2. Solution
- 4.8.3. Discussion
- 4.8.4. See Also
- 4.9. Setting Up a Certifying Authority
- 4.9.1. Problem
- 4.9.2. Solution
- 4.9.3. Discussion
- 4.9.4. See Also
- 4.10. Converting SSL Certificates from DER to PEM
- 4.10.1. Problem
- 4.10.2. Solution
- 4.10.3. Discussion
- 4.10.4. See Also
- 4.11. Getting Started with Kerberos
- 4.11.1. Problem
- 4.11.2. Solution
- 4.11.3. Discussion
- 4.11.4. See Also
- 4.12. Adding Users to a Kerberos Realm
- 4.12.1. Problem
- 4.12.2. Solution
- 4.12.3. Discussion
- 4.12.4. See Also
- 4.13. Adding Hosts to a Kerberos Realm
- 4.13.1. Problem
- 4.13.2. Solution
- 4.13.3. Discussion
- 4.13.4. See Also
- 4.14. Using Kerberos with SSH
- 4.14.1. Problem
- 4.14.2. Solution
- 4.14.3. Discussion
- 4.14.4. See Also
- 4.15. Using Kerberos with Telnet
- 4.15.1. Problem
- 4.15.2. Solution
- 4.15.3. Discussion
- 4.15.4. See Also
- 4.16. Securing IMAP with Kerberos
- 4.16.1. Problem
- 4.16.2. Solution
- 4.16.3. Discussion
- 4.16.4. See Also
- 4.17. Using Kerberos with PAM for System-Wide Authentication
- 4.17.1. Problem
- 4.17.2. Solution
- 4.17.3. Discussion
- 4.17.4. See Also
- 4.1. Creating a PAM-Aware Application
- 5. Authorization Controls
- 5.1. Running a root Login Shell
- 5.1.1. Problem
- 5.1.2. Solution
- 5.1.3. Discussion
- 5.1.4. See Also
- 5.2. Running X Programs as root
- 5.2.1. Problem
- 5.2.2. Solution
- 5.2.3. Discussion
- 5.2.4. See Also
- 5.3. Running Commands as Another User via sudo
- 5.3.1. Problem
- 5.3.2. Solution
- 5.3.3. Discussion
- 5.3.4. See Also
- 5.4. Bypassing Password Authentication in sudo
- 5.4.1. Problem
- 5.4.2. Solution
- 5.4.3. Discussion
- 5.4.4. See Also
- 5.5. Forcing Password Authentication in sudo
- 5.5.1. Problem
- 5.5.2. Solution
- 5.5.3. Discussion
- 5.5.4. See Also
- 5.6. Authorizing per Host in sudo
- 5.6.1. Problem
- 5.6.2. Solution
- 5.6.3. Discussion
- 5.6.4. See Also
- 5.7. Granting Privileges to a Group via sudo
- 5.7.1. Problem
- 5.7.2. Solution
- 5.7.3. See Also
- 5.8. Running Any Program in a Directory via sudo
- 5.8.1. Problem
- 5.8.2. Solution
- 5.8.3. See Also
- 5.9. Prohibiting Command Arguments with sudo
- 5.9.1. Problem
- 5.9.2. Solution
- 5.9.3. Discussion
- 5.9.4. See Also
- 5.10. Sharing Files Using Groups
- 5.10.1. Problem
- 5.10.2. Solution
- 5.10.3. Discussion
- 5.10.4. See Also
- 5.11. Permitting Read-Only Access to a Shared File via sudo
- 5.11.1. Problem
- 5.11.2. Solution
- 5.11.3. Discussion
- 5.11.4. See Also
- 5.12. Authorizing Password Changes via sudo
- 5.12.1. Problem
- 5.12.2. Solution
- 5.12.3. Discussion
- 5.12.4. See Also
- 5.13. Starting/Stopping Daemons via sudo
- 5.13.1. Problem
- 5.13.2. Solution
- 5.13.3. Discussion
- 5.13.4. See Also
- 5.14. Restricting roots Abilities via sudo
- 5.14.1. Problem
- 5.14.2. Solution
- 5.14.3. Discussion
- 5.14.4. See Also
- 5.15. Killing Processes via sudo
- 5.15.1. Problem
- 5.15.2. Solution
- 5.15.3. Discussion
- 5.15.4. See Also
- 5.16. Listing sudo Invocations
- 5.16.1. Problem
- 5.16.2. Solution
- 5.16.3. Discussion
- 5.16.4. See Also
- 5.17. Logging sudo Remotely
- 5.17.1. Problem
- 5.17.2. Solution
- 5.17.3. Discussion
- 5.17.4. See Also
- 5.18. Sharing root Privileges via SSH
- 5.18.1. Problem
- 5.18.2. Solution
- 5.18.3. Discussion
- 5.18.4. See Also
- 5.19. Running root Commands via SSH
- 5.19.1. Problem
- 5.19.2. Solution
- 5.19.3. Discussion
- 5.19.4. See Also
- 5.20. Sharing root Privileges via Kerberos su
- 5.20.1. Problem
- 5.20.2. Solution
- 5.20.3. Discussion
- 5.20.3.1. Authentication
- 5.20.3.2. Authorization
- 5.20.4. See Also
- 5.1. Running a root Login Shell
- 6. Protecting Outgoing Network Connections
- 6.1. Logging into a Remote Host
- 6.1.1. Problem
- 6.1.2. Solution
- 6.1.3. Discussion
- 6.1.4. See Also
- 6.2. Invoking Remote Programs
- 6.2.1. Problem
- 6.2.2. Solution
- 6.2.3. Discussion
- 6.2.4. See Also
- 6.3. Copying Files Remotely
- 6.3.1. Problem
- 6.3.2. Solution
- 6.3.3. Discussion
- 6.3.4. See Also
- 6.4. Authenticating by Public Key (OpenSSH)
- 6.4.1. Problem
- 6.4.2. Solution
- 6.4.3. Discussion
- 6.4.4. See Also
- 6.5. Authenticating by Public Key (OpenSSH Client, SSH2 Server, OpenSSH Key)
- 6.5.1. Problem
- 6.5.2. Solution
- 6.5.3. Discussion
- 6.5.4. See Also
- 6.6. Authenticating by Public Key (OpenSSH Client, SSH2 Server, SSH2 Key)
- 6.6.1. Problem
- 6.6.2. Solution
- 6.6.3. Discussion
- 6.6.4. See Also
- 6.7. Authenticating by Public Key (SSH2 Client, OpenSSH Server)
- 6.7.1. Problem
- 6.7.2. Solution
- 6.7.3. Description
- 6.7.4. See Also
- 6.8. Authenticating by Trusted Host
- 6.8.1. Problem
- 6.8.2. Solution
- 6.8.3. Discussion
- 6.8.4. See Also
- 6.9. Authenticating Without a Password (Interactively)
- 6.9.1. Problem
- 6.9.2. Solution
- 6.9.3. Discussion
- 6.9.4. See Also
- 6.10. Authenticating in cron Jobs
- 6.10.1. Problem
- 6.10.2. Solution
- 6.10.3. Discussion
- 6.10.4. See Also
- 6.11. Terminating an SSH Agent on Logout
- 6.11.1. Problem
- 6.11.2. Solution
- 6.11.3. Discussion
- 6.11.4. See Also
- 6.12. Tailoring SSH per Host
- 6.12.1. Problem
- 6.12.2. Solution
- 6.12.3. Discussion
- 6.12.4. See Also
- 6.13. Changing SSH Client Defaults
- 6.13.1. Problem
- 6.13.2. Solution
- 6.13.3. Discussion
- 6.13.4. See Also
- 6.14. Tunneling Another TCP Session Through SSH
- 6.14.1. Problem
- 6.14.2. Solution
- 6.14.3. Discussion
- 6.14.4. See Also
- 6.15. Keeping Track of Passwords
- 6.15.1. Problem
- 6.15.2. Solution
- 6.15.3. Discussion
- 6.15.4. See Also
- 6.1. Logging into a Remote Host
- 7. Protecting Files
- 7.1. Using File Permissions
- 7.1.1. Problem
- 7.1.2. Solution
- 7.1.3. Discussion
- 7.1.4. See Also
- 7.2. Securing a Shared Directory
- 7.2.1. Problem
- 7.2.2. Solution
- 7.2.3. Discussion
- 7.2.4. See Also
- 7.3. Prohibiting Directory Listings
- 7.3.1. Problem
- 7.3.2. Solution
- 7.3.3. Discussion
- 7.3.4. See Also
- 7.4. Encrypting Files with a Password
- 7.4.1. Problem
- 7.4.2. Solution
- 7.4.3. Discussion
- 7.4.4. See Also
- 7.5. Decrypting Files
- 7.5.1. Problem
- 7.5.2. Solution
- 7.5.3. Discussion
- 7.5.4. See Also
- 7.6. Setting Up GnuPG for Public-Key Encryption
- 7.6.1. Problem
- 7.6.2. Solution
- 7.6.3. Discussion
- 7.6.4. See Also
- 7.7. Listing Your Keyring
- 7.7.1. Problem
- 7.7.2. Solution
- 7.7.3. Discussion
- 7.7.4. See Also
- 7.8. Setting a Default Key
- 7.8.1. Problem
- 7.8.2. Solution
- 7.8.3. Discussion
- 7.8.4. See Also
- 7.9. Sharing Public Keys
- 7.9.1. Problem
- 7.9.2. Solution
- 7.9.3. Discussion
- 7.9.4. See Also
- 7.10. Adding Keys to Your Keyring
- 7.10.1. Problem
- 7.10.2. Solution
- 7.10.3. Discussion
- 7.10.4. See Also
- 7.11. Encrypting Files for Others
- 7.11.1. Problem
- 7.11.2. Solution
- 7.11.3. Discussion
- 7.11.4. See Also
- 7.12. Signing a Text File
- 7.12.1. Problem
- 7.12.2. Solution
- 7.12.3. Discussion
- 7.12.4. See Also
- 7.13. Signing and Encrypting Files
- 7.13.1. Problem
- 7.13.2. Solution
- 7.13.3. Discussion
- 7.13.4. See Also
- 7.14. Creating a Detached Signature File
- 7.14.1. Problem
- 7.14.2. Solution
- 7.14.3. Discussion
- 7.14.4. See Also
- 7.15. Checking a Signature
- 7.15.1. Problem
- 7.15.2. Solution
- 7.15.3. Discussion
- 7.15.4. See Also
- 7.16. Printing Public Keys
- 7.16.1. Problem
- 7.16.2. Solution
- 7.16.3. Discussion
- 7.16.4. See Also
- 7.17. Backing Up a Private Key
- 7.17.1. Problem
- 7.17.2. Solution
- 7.17.3. Discussion
- 7.17.4. See Also
- 7.18. Encrypting Directories
- 7.18.1. Problem
- 7.18.2. Solution
- 7.18.3. Discussion
- 7.18.4. See Also
- 7.19. Adding Your Key to a Keyserver
- 7.19.1. Problem
- 7.19.2. Solution
- 7.19.3. Discussion
- 7.19.4. See Also
- 7.20. Uploading New Signatures to a Keyserver
- 7.20.1. Problem
- 7.20.2. Solution
- 7.21. Obtaining Keys from a Keyserver
- 7.21.1. Problem
- 7.21.2. Solution
- 7.21.3. Discussion
- 7.21.4. See Also
- 7.22. Revoking a Key
- 7.22.1. Problem
- 7.22.2. Solution
- 7.22.3. Discussion
- 7.22.4. See Also
- 7.23. Maintaining Encrypted Files with Emacs
- 7.23.1. Problem
- 7.23.2. Solution
- 7.23.3. Discussion
- 7.23.4. See Also
- 7.24. Maintaining Encrypted Files with vim
- 7.24.1. Problem
- 7.24.2. Solution
- 7.24.3. Discussion
- 7.24.4. See Also
- 7.25. Encrypting Backups
- 7.25.1. Problem
- 7.25.2. Solution
- 7.25.3. Discussion
- 7.25.4. See Also
- 7.26. Using PGP Keys with GnuPG
- 7.26.1. Problem
- 7.26.2. Solution
- 7.26.3. Discussion
- 7.26.4. See Also
- 7.1. Using File Permissions
- 8. Protecting Email
- 8.1. Encrypted Mail with Emacs
- 8.1.1. Problem
- 8.1.2. Solution
- 8.1.3. Discussion
- 8.1.4. See Also
- 8.2. Encrypted Mail with vim
- 8.2.1. Problem
- 8.2.2. Solution
- 8.2.3. Discussion
- 8.2.4. See Also
- 8.3. Encrypted Mail with Pine
- 8.3.1. Problem
- 8.3.2. Solution
- 8.3.3. Description
- 8.3.4. See Also
- 8.4. Encrypted Mail with Mozilla
- 8.4.1. Problem
- 8.4.2. Solution
- 8.4.3. Discussion
- 8.4.4. See Also
- 8.5. Encrypted Mail with Evolution
- 8.5.1. Problem
- 8.5.2. Solution
- 8.5.3. Discussion
- 8.5.4. See Also
- 8.6. Encrypted Mail with mutt
- 8.6.1. Problem
- 8.6.2. Solution
- 8.6.3. Discussion
- 8.6.4. See Also
- 8.7. Encrypted Mail with elm
- 8.7.1. Problem
- 8.7.2. Solution
- 8.7.3. Discussion
- 8.7.4. See Also
- 8.8. Encrypted Mail with MH
- 8.8.1. Problem
- 8.8.2. Solution
- 8.8.3. Discussion
- 8.8.4. See Also
- 8.9. Running a POP/IMAP Mail Server with SSL
- 8.9.1. Problem
- 8.9.2. Solution
- 8.9.3. Discussion
- 8.9.4. See Also
- 8.10. Testing an SSL Mail Connection
- 8.10.1. Problem
- 8.10.2. Solution
- 8.10.3. Discussion
- 8.10.4. See Also
- 8.11. Securing POP/IMAP with SSL and Pine
- 8.11.1. Problem
- 8.11.2. Solution
- 8.11.3. Discussion
- 8.11.4. See Also
- 8.12. Securing POP/IMAP with SSL and mutt
- 8.12.1. Problem
- 8.12.2. Solution
- 8.12.3. Discussion
- 8.12.4. See Also
- 8.13. Securing POP/IMAP with SSL and Evolution
- 8.13.1. Problem
- 8.13.2. Solution
- 8.13.3. Discussion
- 8.13.4. See Also
- 8.14. Securing POP/IMAP with stunnel and SSL
- 8.14.1. Problem
- 8.14.2. Solution
- 8.14.3. Discussion
- 8.14.4. See Also
- 8.15. Securing POP/IMAP with SSH
- 8.15.1. Problem
- 8.15.2. Solution
- 8.15.3. Discussion
- 8.15.4. See Also
- 8.16. Securing POP/IMAP with SSH and Pine
- 8.16.1. Problem
- 8.16.2. Solution
- 8.16.3. Discussion
- 8.16.4. See Also
- 8.17. Receiving Mail Without a Visible Server
- 8.17.1. Problem
- 8.17.2. Solution
- 8.17.3. Discussion
- 8.17.4. See Also
- 8.18. Using an SMTP Server from Arbitrary Clients
- 8.18.1. Problem
- 8.18.2. Solution
- 8.18.3. Discussion
- 8.18.4. See Also
- 8.1. Encrypted Mail with Emacs
- 9. Testing and Monitoring
- 9.1. Testing Login Passwords (John the Ripper)
- 9.1.1. Problem
- 9.1.2. Solution
- 9.1.3. Discussion
- 9.1.4. See Also
- 9.2. Testing Login Passwords (CrackLib)
- 9.2.1. Problem
- 9.2.2. Solution
- 9.2.3. Discussion
- 9.2.4. See Also
- 9.3. Finding Accounts with No Password
- 9.3.1. Problem
- 9.3.2. Solution
- 9.3.3. Discussion
- 9.3.4. See Also
- 9.4. Finding Superuser Accounts
- 9.4.1. Problem
- 9.4.2. Solution
- 9.4.3. Discussion
- 9.4.4. See Also
- 9.5. Checking for Suspicious Account Use
- 9.5.1. Problem
- 9.5.2. Solution
- 9.5.3. Discussion
- 9.5.4. See Also
- 9.6. Checking for Suspicious Account Use, Multiple Systems
- 9.6.1. Problem
- 9.6.2. Solution
- 9.6.3. Discussion
- 9.6.4. See Also
- 9.7. Testing Your Search Path
- 9.7.1. Problem
- 9.7.2. Solution
- 9.7.3. Discussion
- 9.7.4. See Also
- 9.8. Searching Filesystems Effectively
- 9.8.1. Problem
- 9.8.2. Solution
- 9.8.3. Discussion
- 9.8.4. See Also
- 9.9. Finding setuid (or setgid) Programs
- 9.9.1. Problem
- 9.9.2. Solution
- 9.9.3. Discussion
- 9.9.4. See Also
- 9.10. Securing Device Special Files
- 9.10.1. Problem
- 9.10.2. Solution
- 9.10.3. Discussion
- 9.10.4. See Also
- 9.11. Finding Writable Files
- 9.11.1. Problem
- 9.11.2. Solution
- 9.11.3. Discussion
- 9.11.4. See Also
- 9.12. Looking for Rootkits
- 9.12.1. Problem
- 9.12.2. Solution
- 9.12.3. Discussion
- 9.12.4. See Also
- 9.13. Testing for Open Ports
- 9.13.1. Problem
- 9.13.2. Solution
- 9.13.3. Discussion
- 9.13.4. See Also
- 9.14. Examining Local Network Activities
- 9.14.1. Problem
- 9.14.2. Solution
- 9.14.3. Discussion
- 9.14.4. See Also
- 9.15. Tracing Processes
- 9.15.1. Problem
- 9.15.2. Solution
- 9.15.3. Discussion
- 9.15.4. See Also
- 9.16. Observing Network Traffic
- 9.16.1. Problem
- 9.16.2. Solution
- 9.16.3. Discussion
- 9.16.4. See Also
- 9.17. Observing Network Traffic (GUI)
- 9.17.1. Problem
- 9.17.2. Solution
- 9.17.3. Discussion
- 9.17.4. See Also
- 9.18. Searching for Strings in Network Traffic
- 9.18.1. Problem
- 9.18.2. Solution
- 9.18.3. Discussion
- 9.18.4. See Also
- 9.19. Detecting Insecure Network Protocols
- 9.19.1. Problem
- 9.19.2. Solution
- 9.19.3. Discussion
- 9.19.4. See Also
- 9.20. Getting Started with Snort
- 9.20.1. Problem
- 9.20.2. Solution
- 9.20.3. Discussion
- 9.20.4. See Also
- 9.21. Packet Sniffing with Snort
- 9.21.1. Problem
- 9.21.2. Solution
- 9.21.3. Discussion
- 9.21.4. See Also
- 9.22. Detecting Intrusions with Snort
- 9.22.1. Problem
- 9.22.2. Solution
- 9.22.3. Discussion
- 9.22.4. See Also
- 9.23. Decoding Snort Alert Messages
- 9.23.1. Problem
- 9.23.2. Solution
- 9.23.3. Discussion
- 9.23.4. See Also
- 9.24. Logging with Snort
- 9.24.1. Problem
- 9.24.2. Solution
- 9.24.3. Discussion
- 9.24.4. See Also
- 9.25. Partitioning Snort Logs Into Separate Files
- 9.25.1. Problem
- 9.25.2. Solution
- 9.25.3. Discussion
- 9.25.4. See Also
- 9.26. Upgrading and Tuning Snorts Ruleset
- 9.26.1. Problem
- 9.26.2. Solution
- 9.26.3. Discussion
- 9.26.4. See Also
- 9.27. Directing System Messages to Log Files (syslog)
- 9.27.1. Problem
- 9.27.2. Solution
- 9.27.3. Discussion
- 9.27.4. See Also
- 9.28. Testing a syslog Configuration
- 9.28.1. Problem
- 9.28.2. Solution
- 9.28.3. Discussion
- 9.28.4. See Also
- 9.29. Logging Remotely
- 9.29.1. Problem
- 9.29.2. Solution
- 9.29.3. Discussion
- 9.29.4. See Also
- 9.30. Rotating Log Files
- 9.30.1. Problem
- 9.30.2. Solution
- 9.30.3. Discussion
- 9.30.4. See Also
- 9.31. Sending Messages to the System Logger
- 9.31.1. Problem
- 9.31.2. Solution
- 9.31.3. Discussion
- 9.31.4. See Also
- 9.32. Writing Log Entries via Shell Scripts
- 9.32.1. Problem
- 9.32.2. Solution
- 9.32.3. Discussion
- 9.32.4. See Also
- 9.33. Writing Log Entries via Perl
- 9.33.1. Problem
- 9.33.2. Solution
- 9.33.3. Discussion
- 9.33.4. See Also
- 9.34. Writing Log Entries via C
- 9.34.1. Problem
- 9.34.2. Solution
- 9.34.3. Discussion
- 9.34.4. See Also
- 9.35. Combining Log Files
- 9.35.1. Problem
- 9.35.2. Solution
- 9.35.3. Discussion
- 9.35.4. See Also
- 9.36. Summarizing Your Logs with logwatch
- 9.36.1. Problem
- 9.36.2. Solution
- 9.36.3. Discussion
- 9.36.4. See Also
- 9.37. Defining a logwatch Filter
- 9.37.1. Problem
- 9.37.2. Solution
- 9.37.3. Discussion
- 9.37.4. See Also
- 9.38. Monitoring All Executed Commands
- 9.38.1. Problem
- 9.38.2. Solution
- 9.38.3. Discussion
- 9.38.4. See Also
- 9.39. Displaying All Executed Commands
- 9.39.1. Problem
- 9.39.2. Solution
- 9.39.3. Discussion
- 9.39.4. See Also
- 9.40. Parsing the Process Accounting Log
- 9.40.1. Problem
- 9.40.2. Solution
- 9.40.3. Discussion
- 9.40.4. See Also
- 9.41. Recovering from a Hack
- 9.41.1. Problem
- 9.41.2. Solution
- 9.41.3. Discussion
- 9.41.4. See Also
- 9.42. Filing an Incident Report
- 9.42.1. Problem
- 9.42.2. Solution
- 9.42.3. Discussion
- 9.42.4. See Also
- 9.1. Testing Login Passwords (John the Ripper)
- Index
- About the Authors
- Colophon
- Copyright