LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/HOWTO/Security-HOWTO/index.html

603 lines
8.7 KiB
HTML
Raw Permalink Blame History

<HTML
><HEAD
><TITLE
>Linux Security HOWTO</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="NEXT"
TITLE="Introduction"
HREF="x21.html"></HEAD
><BODY
CLASS="article"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="ARTICLE"
><DIV
CLASS="TITLEPAGE"
><H1
CLASS="title"
><A
NAME="AEN2"
></A
>Linux Security HOWTO</H1
><H3
CLASS="author"
><A
NAME="AEN4"
>Kevin Fenzi</A
></H3
><DIV
CLASS="affiliation"
><SPAN
CLASS="orgname"
>tummy.com, ltd.<BR></SPAN
><DIV
CLASS="address"
><P
CLASS="address"
><TT
CLASS="email"
>&#60;<A
HREF="mailto:kevin-securityhowto@tummy.com"
>kevin-securityhowto@tummy.com</A
>&#62;</TT
></P
></DIV
></DIV
><H3
CLASS="author"
><A
NAME="AEN11"
>Dave Wreski</A
></H3
><DIV
CLASS="affiliation"
><SPAN
CLASS="orgname"
>linuxsecurity.com<BR></SPAN
><DIV
CLASS="address"
><P
CLASS="address"
><TT
CLASS="email"
>&#60;<A
HREF="mailto:dave@linuxsecurity.com"
>dave@linuxsecurity.com</A
>&#62;</TT
></P
></DIV
></DIV
><P
CLASS="pubdate"
>v2.3, 22 January 2004<BR></P
><DIV
><DIV
CLASS="abstract"
><A
NAME="AEN19"
></A
><P
></P
><P
>&#13;This document is a general overview of security issues that face the
administrator of Linux systems. It covers general security philosophy
and a number of specific examples of how to better secure your Linux
system from intruders. Also included are pointers to security-related
material and programs. Improvements, constructive criticism, additions and corrections are
gratefully accepted. Please mail your feedback to both authors,
with "Security HOWTO" in the subject.
</P
><P
></P
></DIV
></DIV
><HR></DIV
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>1. <A
HREF="x21.html"
>Introduction</A
></DT
><DD
><DL
><DT
>1.1. <A
HREF="x21.html#AEN27"
>New Versions of this Document</A
></DT
><DT
>1.2. <A
HREF="x21.html#AEN49"
>Feedback</A
></DT
><DT
>1.3. <A
HREF="x21.html#AEN62"
>Disclaimer</A
></DT
><DT
>1.4. <A
HREF="x21.html#AEN68"
>Copyright Information</A
></DT
></DL
></DD
><DT
>2. <A
HREF="x82.html"
>Overview</A
></DT
><DD
><DL
><DT
>2.1. <A
HREF="x82.html#AEN85"
>Why Do We Need Security?</A
></DT
><DT
>2.2. <A
HREF="x82.html#AEN89"
>How Secure Is Secure?</A
></DT
><DT
>2.3. <A
HREF="x82.html#AEN95"
>What Are You Trying to Protect?</A
></DT
><DT
>2.4. <A
HREF="x82.html#AEN133"
>Developing A Security Policy</A
></DT
><DT
>2.5. <A
HREF="x82.html#AEN147"
>Means of Securing Your Site</A
></DT
><DT
>2.6. <A
HREF="x82.html#AEN162"
>Organization of This Document</A
></DT
></DL
></DD
><DT
>3. <A
HREF="physical-security.html"
>Physical Security</A
></DT
><DD
><DL
><DT
>3.1. <A
HREF="physical-security.html#AEN190"
>Computer locks</A
></DT
><DT
>3.2. <A
HREF="physical-security.html#AEN195"
>BIOS Security</A
></DT
><DT
>3.3. <A
HREF="physical-security.html#AEN206"
>Boot Loader Security</A
></DT
><DT
>3.4. <A
HREF="physical-security.html#AEN234"
>xlock and vlock</A
></DT
><DT
>3.5. <A
HREF="physical-security.html#AEN247"
>Security of local devices</A
></DT
><DT
>3.6. <A
HREF="physical-security.html#AEN250"
>Detecting Physical Security Compromises</A
></DT
></DL
></DD
><DT
>4. <A
HREF="local-security.html"
>Local Security</A
></DT
><DD
><DL
><DT
>4.1. <A
HREF="local-security.html#AEN281"
>Creating New Accounts</A
></DT
><DT
>4.2. <A
HREF="local-security.html#root-security"
>Root Security</A
></DT
></DL
></DD
><DT
>5. <A
HREF="file-security.html"
>Files and File system Security</A
></DT
><DD
><DL
><DT
>5.1. <A
HREF="file-security.html#umask"
>Umask Settings</A
></DT
><DT
>5.2. <A
HREF="file-security.html#AEN432"
>File Permissions</A
></DT
><DT
>5.3. <A
HREF="file-security.html#AEN513"
>Integrity Checking</A
></DT
><DT
>5.4. <A
HREF="file-security.html#AEN533"
>Trojan Horses</A
></DT
></DL
></DD
><DT
>6. <A
HREF="password-security.html"
>Password Security and Encryption</A
></DT
><DD
><DL
><DT
>6.1. <A
HREF="password-security.html#AEN553"
>PGP and Public-Key Cryptography</A
></DT
><DT
>6.2. <A
HREF="password-security.html#AEN571"
>SSL, S-HTTP and S/MIME</A
></DT
><DT
>6.3. <A
HREF="password-security.html#AEN588"
>Linux IPSEC Implementations</A
></DT
><DT
>6.4. <A
HREF="password-security.html#ssh"
><TT
CLASS="literal"
>ssh</TT
> (Secure Shell) and <TT
CLASS="literal"
>stelnet</TT
></A
></DT
><DT
>6.5. <A
HREF="password-security.html#AEN631"
>PAM - Pluggable Authentication Modules</A
></DT
><DT
>6.6. <A
HREF="password-security.html#AEN650"
>Cryptographic IP Encapsulation (CIPE)</A
></DT
><DT
>6.7. <A
HREF="password-security.html#AEN662"
>Kerberos</A
></DT
><DT
>6.8. <A
HREF="password-security.html#AEN674"
>Shadow Passwords.</A
></DT
><DT
>6.9. <A
HREF="password-security.html#crack"
>"Crack" and "John the Ripper"</A
></DT
><DT
>6.10. <A
HREF="password-security.html#AEN690"
>CFS - Cryptographic File System and TCFS - Transparent Cryptographic File System</A
></DT
><DT
>6.11. <A
HREF="password-security.html#AEN698"
>X11, SVGA and display security</A
></DT
></DL
></DD
><DT
>7. <A
HREF="kernel-security.html"
>Kernel Security</A
></DT
><DD
><DL
><DT
>7.1. <A
HREF="kernel-security.html#AEN735"
>2.0 Kernel Compile Options</A
></DT
><DT
>7.2. <A
HREF="kernel-security.html#AEN783"
>2.2 Kernel Compile Options</A
></DT
><DT
>7.3. <A
HREF="kernel-security.html#AEN806"
>Kernel Devices</A
></DT
></DL
></DD
><DT
>8. <A
HREF="network-security.html"
>Network Security</A
></DT
><DD
><DL
><DT
>8.1. <A
HREF="network-security.html#AEN835"
>Packet Sniffers</A
></DT
><DT
>8.2. <A
HREF="network-security.html#AEN847"
>System services and tcp_wrappers</A
></DT
><DT
>8.3. <A
HREF="network-security.html#AEN914"
>Verify Your DNS Information</A
></DT
><DT
>8.4. <A
HREF="network-security.html#AEN917"
>identd</A
></DT
><DT
>8.5. <A
HREF="network-security.html#AEN935"
>Configuring and Securing the Postfix MTA</A
></DT
><DT
>8.6. <A
HREF="network-security.html#AEN941"
>SATAN, ISS, and Other Network Scanners</A
></DT
><DT
>8.7. <A
HREF="network-security.html#AEN961"
>sendmail, qmail and MTA's</A
></DT
><DT
>8.8. <A
HREF="network-security.html#AEN976"
>Denial of Service Attacks</A
></DT
><DT
>8.9. <A
HREF="network-security.html#AEN1003"
>NFS (Network File System) Security.</A
></DT
><DT
>8.10. <A
HREF="network-security.html#AEN1019"
>NIS (Network Information Service) (formerly YP).</A
></DT
><DT
>8.11. <A
HREF="network-security.html#AEN1026"
>Firewalls</A
></DT
><DT
>8.12. <A
HREF="network-security.html#AEN1054"
>IP Chains - Linux Kernel 2.2.x Firewalling</A
></DT
><DT
>8.13. <A
HREF="network-security.html#AEN1076"
>Netfilter - Linux Kernel 2.4.x Firewalling</A
></DT
><DT
>8.14. <A
HREF="network-security.html#AEN1104"
>VPNs - Virtual Private Networks</A
></DT
></DL
></DD
><DT
>9. <A
HREF="secure-prep.html"
>Security Preparation (before you go on-line)</A
></DT
><DD
><DL
><DT
>9.1. <A
HREF="secure-prep.html#AEN1129"
>Make a Full Backup of Your Machine</A
></DT
><DT
>9.2. <A
HREF="secure-prep.html#AEN1133"
>Choosing a Good Backup Schedule</A
></DT
><DT
>9.3. <A
HREF="secure-prep.html#AEN1136"
>Testing your backups</A
></DT
><DT
>9.4. <A
HREF="secure-prep.html#AEN1139"
>Backup Your RPM or Debian File Database</A
></DT
><DT
>9.5. <A
HREF="secure-prep.html#logs"
>Keep Track of Your System Accounting Data</A
></DT
><DT
>9.6. <A
HREF="secure-prep.html#AEN1183"
>Apply All New System Updates.</A
></DT
></DL
></DD
><DT
>10. <A
HREF="after-breakin.html"
>What To Do During and After a Breakin</A
></DT
><DD
><DL
><DT
>10.1. <A
HREF="after-breakin.html#AEN1189"
>Security Compromise Underway.</A
></DT
><DT
>10.2. <A
HREF="after-breakin.html#AEN1202"
>Security Compromise has already happened</A
></DT
></DL
></DD
><DT
>11. <A
HREF="sources.html"
>Security Sources</A
></DT
><DD
><DL
><DT
>11.1. <A
HREF="sources.html#linuxsecurity"
>LinuxSecurity.com References</A
></DT
><DT
>11.2. <A
HREF="sources.html#ftpsites"
>FTP Sites</A
></DT
><DT
>11.3. <A
HREF="sources.html#websites"
>Web Sites</A
></DT
><DT
>11.4. <A
HREF="sources.html#AEN1324"
>Mailing Lists</A
></DT
><DT
>11.5. <A
HREF="sources.html#AEN1332"
>Books - Printed Reading Material</A
></DT
></DL
></DD
><DT
>12. <A
HREF="x1357.html"
>Glossary</A
></DT
><DT
>13. <A
HREF="q-and-a.html"
>Frequently Asked Questions</A
></DT
><DT
>14. <A
HREF="conclusion.html"
>Conclusion</A
></DT
><DT
>15. <A
HREF="x1505.html"
>Acknowledgments</A
></DT
></DL
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="x21.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Introduction</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
Reference in New Issue View Git Blame Copy Permalink