mirror of https://github.com/tLDP/LDP
DocBook SGML markup fix (<bf/> to <emphasis/>)
Replacing the Linuxdoc tag <bf/> with the SGML tag <emphasis/> solved the validation problem for this document.
This commit is contained in:
parent
4df140ef1b
commit
e15c9bc3b4
|
@ -4568,21 +4568,21 @@ are necessary for moving to 2.2.x is available at <ULink
|
|||
URL="http://www-stu.calvin.edu/~clug/users/jnieho38/goto22.html">
|
||||
http://www-stu.calvin.edu/~clug/users/jnieho38/goto22.html</ULink>; I will
|
||||
attempt to summarize the information below (items marked with a leading
|
||||
``<bf>**</bf>'' indicate you will most likely need to
|
||||
``✶'' indicate you will most likely need to
|
||||
upgrade the item for Red Hat 5.2; items not indicated as such are
|
||||
<Emphasis>probably</Emphasis> okay but probably worth checking).</Para>
|
||||
|
||||
<ItemizedList Mark="Bullet" Spacing="Compact">
|
||||
|
||||
<ListItem><para><bf>**</bf> <Emphasis>initscripts-3.78-2.4 or
|
||||
<ListItem><para>✶ <Emphasis>initscripts-3.78-2.4 or
|
||||
better</Emphasis> (Type ``<Literal>rpm -q initscripts</Literal>'' to check
|
||||
your version)</Para></ListItem>
|
||||
|
||||
<ListItem><Para><bf>**</bf> <Emphasis>modutils-2.1.121 or
|
||||
<ListItem><Para>✶ <Emphasis>modutils-2.1.121 or
|
||||
better</Emphasis> (Type ``<Literal>rpm -q modutils</Literal>'' to check your
|
||||
version)</Para></ListItem>
|
||||
|
||||
<ListItem><Para><bf>**</bf> <Emphasis>mount-2.9-0 or better</Emphasis>
|
||||
<ListItem><Para>✶ <Emphasis>mount-2.9-0 or better</Emphasis>
|
||||
(Type ``<Literal>rpm -q mount</Literal>'' to check your
|
||||
version)</Para></ListItem>
|
||||
|
||||
|
@ -4607,13 +4607,13 @@ glibc</Literal>'')</Para></ListItem>
|
|||
<ListItem><Para><Emphasis>procps-1.2.9 or better</Emphasis> (``<Literal>rpm -q
|
||||
procps</Literal>'')</Para></ListItem>
|
||||
|
||||
<ListItem><Para><bf>**</bf> <Emphasis>procinfo-15 or better</Emphasis>
|
||||
<ListItem><Para>✶ <Emphasis>procinfo-15 or better</Emphasis>
|
||||
(``<Literal>rpm -q procinfo</Literal>'')</Para></ListItem>
|
||||
|
||||
<ListItem><Para><Emphasis>psmisc-17 or better</Emphasis> (``<Literal>rpm -q
|
||||
psmisc</Literal>'')</Para></ListItem>
|
||||
|
||||
<ListItem><Para><bf>**</bf> <Emphasis>net-tools-1.50 or
|
||||
<ListItem><Para>✶ <Emphasis>net-tools-1.50 or
|
||||
better</Emphasis> (``<Literal>rpm -q net-tools</Literal>'')</Para></ListItem>
|
||||
|
||||
<ListItem><Para><Emphasis>loadlin-1.6 or better</Emphasis> (Needed only if
|
||||
|
@ -4651,7 +4651,7 @@ with a modem and PPP.)</Para></ListItem>
|
|||
client to connect to the Internet, such as with a cable
|
||||
modem).</Para></ListItem>
|
||||
|
||||
<ListItem><Para><bf>**</bf> <Emphasis>util-linux-2.9.0</Emphasis>
|
||||
<ListItem><Para>✶ <Emphasis>util-linux-2.9.0</Emphasis>
|
||||
(``<Literal>rpm -q util-linux</Literal>'')</Para></ListItem>
|
||||
|
||||
<ListItem><Para><Emphasis>setserial-2.1 or better</Emphasis>
|
||||
|
@ -4796,11 +4796,11 @@ the scope of this document.</Para>
|
|||
the configuration file to thwart off spammers. These include:</Para>
|
||||
|
||||
<ProgramListing>
|
||||
<bf>O PrivacyOptions=authwarnings</bf>
|
||||
<emphasis>O PrivacyOptions=authwarnings</emphasis>
|
||||
<Emphasis>change to:</Emphasis>
|
||||
O PrivacyOptions=authwarnings,noexpn,novrfy
|
||||
|
||||
<bf>O SmtpGreetingMessage=$j Sendmail $v/$Z; $b</bf>
|
||||
<emphasis>O SmtpGreetingMessage=$j Sendmail $v/$Z; $b</emphasis>
|
||||
<Emphasis>change to:</Emphasis>
|
||||
O SmtpGreetingMessage=$j Sendmail $v/$Z; $b NO UCE C=xx L=xx
|
||||
</ProgramListing>
|
||||
|
@ -5211,7 +5211,7 @@ security:</Para>
|
|||
|
||||
<ItemizedList Mark="Bullet" Spacing="Normal">
|
||||
|
||||
<ListItem><Para><bf>Upgrade system tools, applications, and kernel:</bf>
|
||||
<ListItem><Para><emphasis>Upgrade system tools, applications, and kernel:</emphasis>
|
||||
By far the most common cause of system break-ins is by not exercising
|
||||
diligence in keeping an up-to-date server. Performing regular upgrades of
|
||||
the system kernel, tools and utilities will ensure that your system is not
|
||||
|
@ -5220,19 +5220,19 @@ details on keeping an up-to-date server, see <XRef
|
|||
LinkEnd="update-redhat">, as well as <XRef
|
||||
LinkEnd="keeping-up-to-date">.</Para></ListItem>
|
||||
|
||||
<ListItem><Para><bf>Shadow passwords:</bf> You should definitely be using
|
||||
<ListItem><Para><emphasis>Shadow passwords:</emphasis> You should definitely be using
|
||||
Shadow passwords; switching to this password format is
|
||||
<Emphasis>easy</Emphasis>! For details, see <XRef
|
||||
LinkEnd="shadow-file-formats">.</Para></ListItem>
|
||||
|
||||
<ListItem><Para><bf>Smart password management:</bf> Make sure passwords,
|
||||
<ListItem><Para><emphasis>Smart password management:</emphasis> Make sure passwords,
|
||||
<Emphasis>especially</Emphasis> for users you are providing with shell
|
||||
access, are strong and changed often. Also, if you use multiple servers,
|
||||
resist the temptation to use the same password for all of them (otherwise,
|
||||
if a cracker breaks into one server using a discovered password, he or she
|
||||
can break into them all).</Para></ListItem>
|
||||
|
||||
<ListItem><Para><bf>Use secure shell (ssh):</bf> Switch to using ``ssh''
|
||||
<ListItem><Para><emphasis>Use secure shell (ssh):</emphasis> Switch to using ``ssh''
|
||||
instead of ``telnet''. Telnet is insecure for two reasons: One, sessions
|
||||
are unencrypted, which means everything, including username and passwords,
|
||||
are transmitted as clear text. Second, an open telnet port is one of the
|
||||
|
@ -5310,7 +5310,7 @@ servers and one insecure one is a waste of time,
|
|||
<Emphasis>especially</Emphasis> if you are foolish enough to use the same
|
||||
password for more than one server.</Para></Note></ListItem>
|
||||
|
||||
<ListItem><Para><bf>Restrict access to external services:</bf> Next, you
|
||||
<ListItem><Para><emphasis>Restrict access to external services:</emphasis> Next, you
|
||||
should edit the ``<Literal>/etc/hosts.allow</Literal>'' as well as the
|
||||
``<Literal><Filename>/etc/hosts.deny</Filename></Literal>'' file to
|
||||
restrict access to services to external hosts. Here is an example of how
|
||||
|
@ -5339,7 +5339,7 @@ in.ftpd: ALL
|
|||
|
||||
</ListItem>
|
||||
|
||||
<ListItem><Para><bf>Turn off and uninstall unneeded services:</bf> Edit
|
||||
<ListItem><Para><emphasis>Turn off and uninstall unneeded services:</emphasis> Edit
|
||||
your ``<Literal><Filename>/etc/inetd.conf</Filename></Literal>'' file,
|
||||
and disable (ie. comment out using a ``<Literal>#</Literal>'' character)
|
||||
any services that are not needed (if you're using ssh as recommended
|
||||
|
@ -5348,7 +5348,7 @@ done so, as root type ``<Literal>/etc/rc.d/init.d/inet
|
|||
restart</Literal>'' to restart the inetd daemon with the
|
||||
changes.</Para></ListItem>
|
||||
|
||||
<ListItem><Para><bf>Install a security detection system:</bf> Consider
|
||||
<ListItem><Para><emphasis>Install a security detection system:</emphasis> Consider
|
||||
installing security programs such as ``Tripwire'' (see <ULink
|
||||
URL="http://www.tripwiresecurity.com/">
|
||||
http://www.tripwiresecurity.com/</ULink>) which can detect intrusions, and
|
||||
|
@ -5356,7 +5356,7 @@ http://www.tripwiresecurity.com/</ULink>) which can detect intrusions, and
|
|||
http://www.psionic.com/abacus/</ULink>) which can help prevent
|
||||
them.</Para></ListItem>
|
||||
|
||||
<ListItem><Para><bf>Due diligence:</bf> Keeping your eye on your system, performing
|
||||
<ListItem><Para><emphasis>Due diligence:</emphasis> Keeping your eye on your system, performing
|
||||
random security audits (which can be as simple as checking for suspicious
|
||||
entries in the password files, examining your process list, and checking
|
||||
your log files for suspicious entries) can go a long way towards keeping
|
||||
|
|
Loading…
Reference in New Issue