LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/LDP/solrhe/Securing-Optimizing-Linux-R.../gen-syssecured.html

357 lines
5.2 KiB
HTML
Raw Permalink Blame History

<HTML
><HEAD
><TITLE
>General System Security</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.60"><LINK
REL="HOME"
TITLE="Securing and Optimizing Linux"
HREF="index.html"><LINK
REL="UP"
TITLE="Security, Optimization and Upgrade"
HREF="Secure-optimize.html"><LINK
REL="PREVIOUS"
TITLE="Security, Optimization and Upgrade"
HREF="Secure-optimize.html"><LINK
REL="NEXT"
TITLE="BIOS"
HREF="chap5sec29.html"></HEAD
><BODY
CLASS="chapter"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>Securing and Optimizing Linux: RedHat Edition -A Hands on Guide</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="Secure-optimize.html"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="chap5sec29.html"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="chapter"
><H1
><A
NAME="prt2ch1gss"
>Chapter 5. General System Security</A
></H1
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>5.1. <A
HREF="chap5sec29.html"
>BIOS</A
></DT
><DT
>5.2. <A
HREF="chap5sec30.html"
>Security as a Policy</A
></DT
><DT
>5.3. <A
HREF="chap5sec31.html"
>Choose a right Password</A
></DT
><DT
>5.4. <A
HREF="chap5sec32.html"
>The root account</A
></DT
><DT
>5.5. <A
HREF="chap5sec33.html"
>The <TT
CLASS="filename"
>/etc/exports</TT
> file</A
></DT
><DT
>5.6. <A
HREF="chap5sec34.html"
>Disable console program access</A
></DT
><DT
>5.7. <A
HREF="chap5sec35.html"
>Disable all console access</A
></DT
><DT
>5.8. <A
HREF="chap5sec36.html"
>The inetd - <TT
CLASS="filename"
>/etc/inetd.conf</TT
> file</A
></DT
><DT
>5.9. <A
HREF="chap5sec37.html"
>TCP_WRAPPERS</A
></DT
><DT
>5.10. <A
HREF="chap5sec39.html"
>The <TT
CLASS="filename"
>/etc/host.conf</TT
> file</A
></DT
><DT
>5.11. <A
HREF="chap5sec40.html"
>The /etc/services file</A
></DT
><DT
>5.12. <A
HREF="chap5sec41.html"
>The <TT
CLASS="filename"
>/etc/securetty</TT
> file</A
></DT
><DT
>5.13. <A
HREF="chap5sec42.html"
>Special accounts</A
></DT
><DT
>5.14. <A
HREF="chap5sec43.html"
>Blocking; <B
CLASS="command"
>su</B
> to root, by one and sundry</A
></DT
><DT
>5.15. <A
HREF="chap5sec44.html"
>Put limits on resource</A
></DT
><DT
>5.16. <A
HREF="chap5sec45.html"
>Control mounting a file system</A
></DT
><DT
>5.17. <A
HREF="chap5sec46.html"
>Conceal binary <SPAN
CLASS="acronym"
>RPM</SPAN
></A
></DT
><DT
>5.18. <A
HREF="chap5sec47.html"
>Shell logging</A
></DT
><DT
>5.19. <A
HREF="chap5sec48.html"
>The LILO and <TT
CLASS="filename"
>lilo.conf</TT
> file</A
></DT
><DT
>5.20. <A
HREF="chap5sec49.html"
>Disable <B
CLASS="keycap"
>Ctrl-Alt-Delete</B
> keyboard shutdown command</A
></DT
><DT
>5.21. <A
HREF="chap5sec50.html"
>Physical hard copies of all-important logs</A
></DT
><DT
>5.22. <A
HREF="chap5sec51.html"
>Tighten scripts under <TT
CLASS="filename"
>/etc/rc.d/</TT
></A
></DT
><DT
>5.23. <A
HREF="chap5sec52.html"
>Bits from root-owned programs</A
></DT
><DT
>5.24. <A
HREF="chap5sec53.html"
>The kernel tunable parameters</A
></DT
><DT
>5.25. <A
HREF="chap5sec54.html"
>Refuse responding to broadcasts request</A
></DT
><DT
>5.26. <A
HREF="chap5sec55.html"
>Routing Protocols</A
></DT
><DT
>5.27. <A
HREF="chap5sec56.html"
>Enable TCP SYN Cookie Protection</A
></DT
><DT
>5.28. <A
HREF="chap5sec57.html"
>Disable ICMP Redirect Acceptance</A
></DT
><DT
>5.29. <A
HREF="chap5sec58.html"
>Enable always-defragging Protection</A
></DT
><DT
>5.30. <A
HREF="chap5sec59.html"
>Enable bad error message Protection</A
></DT
><DT
>5.31. <A
HREF="chap5sec60.html"
>Enable <SPAN
CLASS="acronym"
>IP</SPAN
> spoofing protection</A
></DT
><DT
>5.32. <A
HREF="chap5sec61.html"
>Log Spoofed, Source Routed and Redirect Packets</A
></DT
><DT
>5.33. <A
HREF="chap5sec62.html"
>Unusual or hidden files</A
></DT
><DT
>5.34. <A
HREF="chap5sec63.html"
>System is compromised !</A
></DT
></DL
></DIV
><DIV
CLASS="highlights"
><A
NAME="AEN3190"
></A
><P
>&#13; A secure Linux server depends on how the administrator configures it to be. Once we have eliminated the potential securities risk by removing <SPAN
CLASS="acronym"
>RPM</SPAN
>
services not needed, we can start to secure our existing services and software on our server. In this chapter we will discuss some of the more general, basic techniques used
to secure your system. The following is a list of features that can be used to help prevent attacks from external and internal sources.
</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="Secure-optimize.html"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="chap5sec29.html"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Security, Optimization and Upgrade</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="Secure-optimize.html"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>BIOS</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
Reference in New Issue View Git Blame Copy Permalink