- Main Page
- Main Page
- Table of content
- Copyright
- Preface
- A Cookbook About Security??
- Intended Audience
- Roadmap of the Book
- Our Security Philosophy
- Supported Linux Distributions
- Trying the Recipes
- Conventions Used in This Book
- We d Like to Hear from You
- Acknowledgments
- Chapter 1. System Snapshots with Tripwire
- Recipe 1.1 Setting Up Tripwire
- Recipe 1.2 Displaying the Policy and Configuration
- Recipe 1.3 Modifying the Policy and Configuration
- Recipe 1.4 Basic Integrity Checking
- Recipe 1.5 Read-Only Integrity Checking
- Recipe 1.6 Remote Integrity Checking
- Recipe 1.7 Ultra-Paranoid Integrity Checking
- Recipe 1.8 Expensive, Ultra-Paranoid Security Checking
- Recipe 1.9 Automated Integrity Checking
- Recipe 1.10 Printing the Latest Tripwire Report
- Recipe 1.11 Updating the Database
- Recipe 1.12 Adding Files to the Database
- Recipe 1.13 Excluding Files from the Database
- Recipe 1.14 Checking Windows VFAT Filesystems
- Recipe 1.15 Verifying RPM-Installed Files
- Recipe 1.16 Integrity Checking with rsync
- Recipe 1.17 Integrity Checking Manually
- Chapter 2. Firewalls with iptables and ipchains
- Recipe 2.1 Enabling Source Address Verification
- Recipe 2.2 Blocking Spoofed Addresses
- Recipe 2.3 Blocking All Network Traffic
- Recipe 2.4 Blocking Incoming Traffic
- Recipe 2.5 Blocking Outgoing Traffic
- Recipe 2.6 Blocking Incoming Service Requests
- Recipe 2.7 Blocking Access from a Remote Host
- Recipe 2.8 Blocking Access to a Remote Host
- Recipe 2.9 Blocking Outgoing Access to All Web Servers on a Network
- Recipe 2.10 Blocking Remote Access, but Permitting Local
- Recipe 2.11 Controlling Access by MAC Address
- Recipe 2.12 Permitting SSH Access Only
- Recipe 2.13 Prohibiting Outgoing Telnet Connections
- Recipe 2.14 Protecting a Dedicated Server
- Recipe 2.15 Preventing pings
- Recipe 2.16 Listing Your Firewall Rules
- Recipe 2.17 Deleting Firewall Rules
- Recipe 2.18 Inserting Firewall Rules
- Recipe 2.19 Saving a Firewall Configuration
- Recipe 2.20 Loading a Firewall Configuration
- Recipe 2.21 Testing a Firewall Configuration
- Recipe 2.22 Building Complex Rule Trees
- Recipe 2.23 Logging Simplified
- Chapter 3. Network Access Control
- Recipe 3.1 Listing Your Network Interfaces
- Recipe 3.2 Starting and Stopping the Network Interface
- Recipe 3.3 EnablingDisabling a Service (xinetd)
- Recipe 3.4 EnablingDisabling a Service (inetd)
- Recipe 3.5 Adding a New Service (xinetd)
- Recipe 3.6 Adding a New Service (inetd)
- Recipe 3.7 Restricting Access by Remote Users
- Recipe 3.8 Restricting Access by Remote Hosts (xinetd)
- Recipe 3.9 Restricting Access by Remote Hosts (xinetd with libwrap)
- Recipe 3.10 Restricting Access by Remote Hosts (xinetd with tcpd)
- Recipe 3.11 Restricting Access by Remote Hosts (inetd)
- Recipe 3.12 Restricting Access by Time of Day
- Recipe 3.13 Restricting Access to an SSH Server by Host
- Recipe 3.14 Restricting Access to an SSH Server by Account
- Recipe 3.15 Restricting Services to Specific Filesystem Directories
- Recipe 3.16 Preventing Denial of Service Attacks
- Recipe 3.17 Redirecting to Another Socket
- Recipe 3.18 Logging Access to Your Services
- Recipe 3.19 Prohibiting root Logins on Terminal Devices
- Chapter 4. Authentication Techniques and Infrastructures
- Recipe 4.1 Creating a PAM-Aware Application
- Recipe 4.2 Enforcing Password Strength with PAM
- Recipe 4.3 Creating Access Control Lists with PAM
