Index
C
- CIPE,
Crypto IP Encapsulation (CIPE)
- customizing,
Customizing CIPE
- installation,
CIPE Installation
- co-location services,
Hardware Security
- collecting evidence
- See incident response
- file auditing tools,
Gathering Post-Breach Information
- dd,
Gathering Post-Breach Information
- file,
Gathering Post-Breach Information
- find,
Gathering Post-Breach Information
- grep,
Gathering Post-Breach Information
- md5sum,
Gathering Post-Breach Information
- script,
Investigating the Incident
- stat,
Gathering Post-Breach Information
- strings,
Gathering Post-Breach Information
- common exploits and attacks,
Common Exploits and Attacks
- table,
Common Exploits and Attacks
- common ports
- table,
Common Ports
- communication ports,
Common Ports
- communication tools
- secure,
Security Enhanced Communication Tools
- GPG,
Security Enhanced Communication Tools
- OpenSSH,
Security Enhanced Communication Tools
- computer emergency response team,
The Computer Emergency Response Team (CERT)
- controls,
Security Controls
- administrative,
Administrative Controls
- physical,
Physical Controls
- technical,
Technical Controls
- conventions
- document,
Document Conventions
- cracker
- black hat hacker,
Shades of Grey
- crackers
- definition,
A Quick History of Hackers
- cupsd,
Identifying and Configuring Services
F
- file
- file auditing using,
Gathering Post-Breach Information
- file auditing
- tools,
Gathering Post-Breach Information
- find
- file auditing using,
Gathering Post-Breach Information
- firewall types,
Firewalls
- network address translation (NAT),
Firewalls
- packet filter,
Firewalls
- proxy,
Firewalls
- firewalls,
Firewalls
- additional resources,
Additional Resources
- personal,
Personal Firewalls
- types,
Firewalls
- FTP
- anonymous access,
Anonymous Access
- anonymous upload,
Anonymous Upload
- greeting banner,
FTP Greeting Banner
- introducing,
Securing FTP
- TCP wrappers and,
Use TCP Wrappers To Control Access
- user accounts,
User Accounts
- vsftpd,
Securing FTP
I
- IDS
- See intrusion detection systems
- incident response
- and legal issues,
Legal Considerations
- collecting evidence
- using dd,
Collecting an Evidential Image
- computer emergency response team (CERT),
The Computer Emergency Response Team (CERT)
- creating a plan,
Creating an Incident Response Plan
- definition of,
Defining Incident Response
- gathering post-breach information,
Gathering Post-Breach Information
- implementation,
Implementing the Incident Response Plan
- introducing,
Incident Response
- investigation,
Investigating the Incident
- post-mortem,
Investigating the Incident
- reporting the incident,
Reporting the Incident
- restoring and recovering resources,
Restoring and Recovering Resources
- incident response plan,
Creating an Incident Response Plan
- insecure services,
Insecure Services
- rsh,
Insecure Services
- Telnet,
Insecure Services
- vsftpd,
Insecure Services
- introduction,
Introduction
- categories, using this manual,
Introduction
- other Red Hat Enterprise Linux manuals,
Introduction
- topics,
Introduction
- intrusion detection systems,
Intrusion Detection
- and log files,
Host-based IDS
- defining,
Defining Intrusion Detection Systems
- host-based,
Host-based IDS
- network-based,
Network-based IDS
- Snort,
Snort
- RPM Package Manager (RPM),
RPM as an IDS
- Tripwire,
Tripwire
- types,
IDS Types
- ip6tables,
IP6Tables
- IPsec,
IPsec
- configuration,
IPsec Network-to-Network configuration
- host-to-host,
IPsec Host-to-Host Configuration
- host-to-host,
IPsec Host-to-Host Configuration
- installing,
IPsec Installation
- network-to-network,
IPsec Network-to-Network configuration
- iptables,
Netfilter and IPTables
- additional resources,
Additional Resources
- and DMZs,
DMZs and iptables
- using,
Using IPTables
N
- Nessus,
Nessus
- Netfilter,
Netfilter and IPTables
- additional resources,
Additional Resources
- Netfilter 6,
IP6Tables
- netstat,
Verifying Which Ports Are Listening
- network services,
Available Network Services
- identifying and configuring,
Identifying and Configuring Services
- risks,
Risks To Services
- buffer overflow,
Risks To Services
- denial-of-service,
Risks To Services
- script vulnerability,
Risks To Services
- network topologies,
Secure Network Topologies
- linear bus,
Physical Topologies
- ring,
Physical Topologies
- star,
Physical Topologies
- networks,
Hardware and Network Protection
- and security,
Secure Network Topologies
- de-militarized zones (DMZs),
Network Segmentation and DMZs
- hubs,
Transmission Considerations
- segmentation,
Network Segmentation and DMZs
- switches,
Transmission Considerations
- wireless,
Wireless Networks
- NFS,
Securing NFS
- and Sendmail,
NFS and Sendmail
- network design,
Carefully Plan the Network
- syntax errors,
Beware of Syntax Errors
- Nikto,
Nikto
- NIS
- introducing,
Securing NIS
- IPTables,
Assign Static Ports and Use IPTables Rules
- Kerberos,
Use Kerberos Authentication
- NIS domain name,
Use a Password-Like NIS Domain Name and Hostname
- planning network,
Carefully Plan the Network
- securenets,
Edit the /var/yp/securenets File
- static ports,
Assign Static Ports and Use IPTables Rules
- nmap,
Verifying Which Ports Are Listening,
Scanning Hosts with Nmap
- command line version,
Using Nmap
P
- password aging,
Password Aging
- password security,
Password Security
- aging,
Password Aging
- and PAM,
Forcing Strong Passwords
- auditing tools,
Forcing Strong Passwords
- Crack,
Forcing Strong Passwords
- John the Ripper,
Forcing Strong Passwords
- Slurpie,
Forcing Strong Passwords
- enforcement,
Forcing Strong Passwords
- in an organization,
Creating User Passwords Within an Organization
- methodology,
Secure Password Creation Methodology
- strong passwords,
Creating Strong Passwords
- passwords
- within an organization,
Creating User Passwords Within an Organization
- pluggable authentication modules (PAM)
- strong password enforcement,
Forcing Strong Passwords
- portmap,
Identifying and Configuring Services
- and IPTables,
Protect portmap With IPTables
- and TCP wrappers,
Protect portmap With TCP Wrappers
- ports
- common,
Common Ports
- monitoring,
Verifying Which Ports Are Listening
- post-mortem,
Investigating the Incident
R
- reporting the incident,
Reporting the Incident
- restoring and recovering resources,
Restoring and Recovering Resources
- patching the system,
Patching the System
- reinstalling the system,
Reinstalling the System
- risks
- insecure services,
Inherently Insecure Services
- networks,
Threats to Network Security
- architectures,
Insecure Architectures
- open ports,
Unused Services and Open Ports
- patches and errata,
Unpatched Services
- servers,
Threats to Server Security
- inattentive administration,
Inattentive Administration
- workstations and PCs,
Threats to Workstation and Home PC Security,
Bad Passwords
- applications,
Vulnerable Client Applications
- root,
Allowing Root Access
- allowing access,
Allowing Root Access
- disallowing access,
Disallowing Root Access
- limiting access,
Limiting Root Access
- and su,
The su Command
- and sudo,
The sudo Command
- with User Manager,
The su Command
- methods of disabling,
Disallowing Root Access
- changing the root shell,
Disabling Root Logins
- disabling SSH logins,
Disabling Root SSH Logins
- with PAM,
Disabling Root Using PAM
- root user
- See root
- RPM
- and intrusion detection,
RPM as an IDS
- check GPG signature,
Using the Red Hat Errata Website
- importing GPG key,
Using the Red Hat Errata Website
S
- security considerations
- hardware,
Hardware and Network Protection
- network transmission,
Transmission Considerations
- physical networks,
Hardware and Network Protection
- wireless,
Wireless Networks
- security errata,
Security Updates
- applying changes,
Applying the Changes
- via Red Hat errata website,
Using the Red Hat Errata Website
- via Red Hat Network,
Using Red Hat Network
- when to reboot,
Applying the Changes
- security overview,
Security Overview
- conclusion,
Conclusion
- controls
- See controls
- defining computer security,
What is Computer Security?
- Denial of Service (DoS),
Security Today
- evolution of computer security,
How did Computer Security Come about?
- viruses,
Security Today
- sendmail,
Identifying and Configuring Services
- and NFS,
NFS and Sendmail
- introducing,
Securing Sendmail
- limiting DoS,
Limiting Denial of Service Attack
- server security
- Apache HTTP Server,
Securing the Apache HTTP Server
- cgi security,
Restrict Permissions for Executable Directories
- directives,
Securing the Apache HTTP Server
- FTP,
Securing FTP
- anonymous access,
Anonymous Access
- anonymous upload,
Anonymous Upload
- greeting banner,
FTP Greeting Banner
- TCP wrappers and,
Use TCP Wrappers To Control Access
- user accounts,
User Accounts
- vsftpd,
Securing FTP
- NFS,
Securing NFS
- network design,
Carefully Plan the Network
- syntax errors,
Beware of Syntax Errors
- NIS,
Securing NIS
- IPTables,
Assign Static Ports and Use IPTables Rules
- Kerberos,
Use Kerberos Authentication
- NIS domain name,
Use a Password-Like NIS Domain Name and Hostname
- planning network,
Carefully Plan the Network
- securenets,
Edit the /var/yp/securenets File
- static ports,
Assign Static Ports and Use IPTables Rules
- overview of,
Server Security
- portmap,
Securing Portmap
- ports
- monitoring,
Verifying Which Ports Are Listening
- Sendmail,
Securing Sendmail
- and NFS,
NFS and Sendmail
- limiting DoS,
Limiting Denial of Service Attack
- TCP wrappers,
Enhancing Security With TCP Wrappers
- attack warnings,
TCP Wrappers and Attack Warnings
- banners,
TCP Wrappers and Connection Banners
- logging,
TCP Wrappers and Enhanced Logging
- xinetd,
Enhancing Security With xinetd
- managing resources with,
Controlling Server Resources
- preventing DoS with,
Controlling Server Resources
- SENSOR trap,
Setting a Trap
- services,
Verifying Which Ports Are Listening
- Services Configuration Tool,
Identifying and Configuring Services
- Snort,
Snort
- sshd,
Identifying and Configuring Services
- stat
- file auditing using,
Gathering Post-Breach Information
- strings
- file auditing using,
Gathering Post-Breach Information
- su
- and root,
The su Command
- sudo
- and root,
The sudo Command
U
- updates
- See security errata
V
- Virtual Private Networks,
Virtual Private Networks
- CIPE,
Crypto IP Encapsulation (CIPE)
- IPsec,
IPsec
- configuration,
IPsec Network-to-Network configuration
- host-to-host,
IPsec Host-to-Host Configuration
- installing,
IPsec Installation
- viruses
- trojans,
Security Today
- VLAD the Scanner,
VLAD the Scanner
- VPN,
Virtual Private Networks
- vulnerabilities
- assessing with Nessus,
Nessus
- assessing with Nikto,
Nikto
- assessing with Nmap,
Scanning Hosts with Nmap
- assessing with VLAD the Scanner,
VLAD the Scanner
- assessment,
Vulnerability Assessment
- defining,
Defining Assessment and Testing
- establishing a methodology,
Establishing a Methodology
- testing,
Defining Assessment and Testing
W
- white hat hacker
- See hackers
- Wi-Fi networks
- See 802.11x
- wireless security,
Wireless Networks
- 802.11x,
Wireless Networks
- workstation security,
Workstation Security
- BIOS,
BIOS and Boot Loader Security
- boot loaders
- passwords,
Boot Loader Passwords
- evaluating
- administrative control,
Evaluating Workstation Security
- BIOS,
Evaluating Workstation Security
- boot loaders,
Evaluating Workstation Security
- communications,
Evaluating Workstation Security
- passwords,
Evaluating Workstation Security
- personal firewalls,
Evaluating Workstation Security