726 lines
9.9 KiB
HTML
726 lines
9.9 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Securing and Optimizing Linux</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.60"><LINK
|
|
REL="NEXT"
|
|
TITLE="Preface"
|
|
HREF="preface.html"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="RedHat"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="redhat"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="maddy"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="linus"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="linux"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="Linux"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="Securing"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="Optimising"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="security"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="secure"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="openna"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="gerhard"></HEAD
|
|
><BODY
|
|
CLASS="book"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="BOOK"
|
|
><A
|
|
NAME="AEN1"
|
|
></A
|
|
><DIV
|
|
CLASS="TITLEPAGE"
|
|
><H1
|
|
CLASS="title"
|
|
><A
|
|
NAME="AEN2"
|
|
>Securing and Optimizing Linux</A
|
|
></H1
|
|
><H2
|
|
CLASS="subtitle"
|
|
>RedHat Edition -A Hands on Guide</H2
|
|
><DIV
|
|
CLASS="mediaobject"
|
|
><P
|
|
><IMG
|
|
SRC="./Annimals/Chapter3.gif"
|
|
ALT="Wolf"
|
|
></IMG
|
|
></P
|
|
></DIV
|
|
><DIV
|
|
CLASS="mediaobject"
|
|
><P
|
|
><IMG
|
|
SRC="./images/OpenNA-NewLogo-Penguin.gif"
|
|
ALT="openNA logo"
|
|
></IMG
|
|
></P
|
|
></DIV
|
|
><H3
|
|
CLASS="author"
|
|
><A
|
|
NAME="AEN16"
|
|
>Gerhard Mourani</A
|
|
></H3
|
|
><DIV
|
|
CLASS="affiliation"
|
|
><SPAN
|
|
CLASS="orgname"
|
|
>Open Network Architecture
|
|
<A
|
|
HREF="appendixa.html#rsrcofwbi1"
|
|
>www.openna.com</A
|
|
>
|
|
<BR></SPAN
|
|
><DIV
|
|
CLASS="address"
|
|
><P
|
|
CLASS="address"
|
|
><br>
|
|
gmourani@openna.com<br>
|
|
gmourani@netscape.net<br>
|
|
</P
|
|
></DIV
|
|
></DIV
|
|
><H3
|
|
CLASS="othercredit"
|
|
><A
|
|
NAME="AEN25"
|
|
>Madhu "Maddy"</A
|
|
></H3
|
|
><P
|
|
CLASS="copyright"
|
|
><A
|
|
HREF="ln36.html"
|
|
>Copyright</A
|
|
> © 2000 by Gerhard Mourani and OpenDocs, LLC.</P
|
|
><P
|
|
CLASS="copyright"
|
|
><A
|
|
HREF="ln36.html"
|
|
>Copyright</A
|
|
> © 2000 by
|
|
Madhusudan (Madhu "Maddy") XML Source
|
|
</P
|
|
><HR></DIV
|
|
><DIV
|
|
CLASS="TOC"
|
|
><DL
|
|
><DT
|
|
><B
|
|
>Table of Contents</B
|
|
></DT
|
|
><DT
|
|
><A
|
|
HREF="preface.html"
|
|
>Preface</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>1. <A
|
|
HREF="preface1.html"
|
|
>Why did i write this book?</A
|
|
></DT
|
|
><DT
|
|
>2. <A
|
|
HREF="preface2.html"
|
|
>Why fiddle?</A
|
|
></DT
|
|
><DT
|
|
>3. <A
|
|
HREF="preface3.html"
|
|
>DocBook !</A
|
|
></DT
|
|
><DT
|
|
>4. <A
|
|
HREF="preface4.html"
|
|
>DocBook/<SPAN
|
|
CLASS="acronym"
|
|
>XML</SPAN
|
|
></A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>1. <A
|
|
HREF="get-start.html"
|
|
>Getting Started</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>1. <A
|
|
HREF="intro.html"
|
|
>Introduction</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>2. <A
|
|
HREF="install.html"
|
|
>Installation</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>2. <A
|
|
HREF="overview.html"
|
|
>Overview of OS Linux</A
|
|
></DT
|
|
><DT
|
|
>3. <A
|
|
HREF="installlin.html"
|
|
>Installation of your Linux Server</A
|
|
></DT
|
|
><DT
|
|
>4. <A
|
|
HREF="linpostinstall.html"
|
|
>Post-Install</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>3. <A
|
|
HREF="Secure-optimize.html"
|
|
>Security, Optimization and Upgrade</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>5. <A
|
|
HREF="gen-syssecured.html"
|
|
>General System Security</A
|
|
></DT
|
|
><DT
|
|
>6. <A
|
|
HREF="gen-optim.html"
|
|
>Linux General Optimization</A
|
|
></DT
|
|
><DT
|
|
>7. <A
|
|
HREF="secopt-kernel.html"
|
|
>Configuring and Building a Secure, Optimized Kernel</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>4. <A
|
|
HREF="net-manage.html"
|
|
>Networking -Management, Firewall, Masquerading and Forwarding</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>8. <A
|
|
HREF="tcp-ip.html"
|
|
><SPAN
|
|
CLASS="acronym"
|
|
>TCP/IP</SPAN
|
|
> -Network Management</A
|
|
></DT
|
|
><DT
|
|
>9. <A
|
|
HREF="file-netfunc.html"
|
|
>Files -Networking Functionality</A
|
|
></DT
|
|
><DT
|
|
>10. <A
|
|
HREF="soft-netfirew.html"
|
|
>Networking -Firewall</A
|
|
></DT
|
|
><DT
|
|
>11. <A
|
|
HREF="fwall-scripts.html"
|
|
>The firewall scripts files</A
|
|
></DT
|
|
><DT
|
|
>12. <A
|
|
HREF="Masq-forward.html"
|
|
>Networking Firewall -Masquerading and Forwarding</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>5. <A
|
|
HREF="soft-secure.html"
|
|
>Software -Security</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>13. <A
|
|
HREF="lin-compiler.html"
|
|
>Linux -The Compiler functionality</A
|
|
></DT
|
|
><DT
|
|
>14. <A
|
|
HREF="soft-secmonitor.html"
|
|
>Software -Security/Monitoring</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>6. <A
|
|
HREF="soft-net.html"
|
|
>Software -Networking</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>15. <A
|
|
HREF="soft-netsecured.html"
|
|
>Software -Securities</A
|
|
></DT
|
|
><DT
|
|
>16. <A
|
|
HREF="softsec-com.html"
|
|
>Software -Securties(commercial)</A
|
|
></DT
|
|
><DT
|
|
>17. <A
|
|
HREF="sysintegrity.html"
|
|
>Software -Securities/System Integrity</A
|
|
></DT
|
|
><DT
|
|
>18. <A
|
|
HREF="tripwireASR.html"
|
|
>Linux Tripwire ASR 1.3.1</A
|
|
></DT
|
|
><DT
|
|
>19. <A
|
|
HREF="soft-limits.html"
|
|
>Software -Securities/Management & Limitation</A
|
|
></DT
|
|
><DT
|
|
>20. <A
|
|
HREF="quota.html"
|
|
>Set Limits using Qouta</A
|
|
></DT
|
|
><DT
|
|
>21. <A
|
|
HREF="soft-netwrkng.html"
|
|
>Software -Networking</A
|
|
></DT
|
|
><DT
|
|
>22. <A
|
|
HREF="soser-mailn.html"
|
|
>Software -Server/Mail Network</A
|
|
></DT
|
|
><DT
|
|
>23. <A
|
|
HREF="imapop.html"
|
|
>Linux <SPAN
|
|
CLASS="acronym"
|
|
>IMAP</SPAN
|
|
> & <SPAN
|
|
CLASS="acronym"
|
|
>POP</SPAN
|
|
> Server</A
|
|
></DT
|
|
><DT
|
|
>24. <A
|
|
HREF="netencrypt.html"
|
|
>Software -Networking/Encryption</A
|
|
></DT
|
|
><DT
|
|
>25. <A
|
|
HREF="fSWAn.html"
|
|
>Linux FreeS/WAN VPN</A
|
|
></DT
|
|
><DT
|
|
>26. <A
|
|
HREF="net-oLDAP.html"
|
|
>Linux OpenLDAP Server</A
|
|
></DT
|
|
><DT
|
|
>27. <A
|
|
HREF="datab-pSQL.html"
|
|
>Linux PostgreSQL Database Server</A
|
|
></DT
|
|
><DT
|
|
>28. <A
|
|
HREF="netproxy-squid.html"
|
|
>Software -Server/Proxy Network</A
|
|
></DT
|
|
><DT
|
|
>29. <A
|
|
HREF="netweb-Apache.html"
|
|
>Software -Network Server, web/Apache</A
|
|
></DT
|
|
><DT
|
|
>30. <A
|
|
HREF="opt-Apache.html"
|
|
>Optional component to install with Apache</A
|
|
></DT
|
|
><DT
|
|
>31. <A
|
|
HREF="soft-fileshrng.html"
|
|
>Software -Server/File Sharing-Network</A
|
|
></DT
|
|
><DT
|
|
>32. <A
|
|
HREF="ftpd.html"
|
|
>Linux <TT
|
|
CLASS="literal"
|
|
>FTP</TT
|
|
> Server</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>7. <A
|
|
HREF="backup-rest.html"
|
|
>Backup and Restore</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>33. <A
|
|
HREF="whywhen.html"
|
|
>Why's and When's of Backup and Restore</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>I. <A
|
|
HREF="Appendix.html"
|
|
>Appendixes</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>A. <A
|
|
HREF="appendixa.html"
|
|
>Resources</A
|
|
></DT
|
|
><DT
|
|
>B. <A
|
|
HREF="appendixb.html"
|
|
>Tweaks, Tips and Administration tasks</A
|
|
></DT
|
|
><DT
|
|
>C. <A
|
|
HREF="appendixc.html"
|
|
>Obtaining Requests for Comments (RFCs)</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
><DIV
|
|
CLASS="LOT"
|
|
><DL
|
|
CLASS="LOT"
|
|
><DT
|
|
><B
|
|
>List of Tables</B
|
|
></DT
|
|
><DT
|
|
>3-1. <A
|
|
HREF="chap3sec15.html#AEN907"
|
|
>Sample representaion of partitions</A
|
|
></DT
|
|
><DT
|
|
>33-1. <A
|
|
HREF="back-dump.html#AEN23759"
|
|
>Dump scheme</A
|
|
></DT
|
|
></DL
|
|
></DIV
|
|
><DIV
|
|
CLASS="LOT"
|
|
><DL
|
|
CLASS="LOT"
|
|
><DT
|
|
><B
|
|
>List of Examples</B
|
|
></DT
|
|
><DT
|
|
>3-1. <A
|
|
HREF="chap3sec21.html#AEN1574"
|
|
>Starting and Stopping various Daemon's</A
|
|
></DT
|
|
><DT
|
|
>5-1. <A
|
|
HREF="chap5sec33.html#AEN3270"
|
|
>Export file systems using <SPAN
|
|
CLASS="acronym"
|
|
>NFS</SPAN
|
|
></A
|
|
></DT
|
|
><DT
|
|
>5-2. <A
|
|
HREF="chap5sec34.html#AEN3307"
|
|
>Disable console-equivalent access</A
|
|
></DT
|
|
><DT
|
|
>5-3. <A
|
|
HREF="chap5sec50.html#AEN3854"
|
|
>Print log reports</A
|
|
></DT
|
|
><DT
|
|
>5-4. <A
|
|
HREF="chap5sec52.html#AEN4016"
|
|
>Use man pages</A
|
|
></DT
|
|
><DT
|
|
>5-5. <A
|
|
HREF="chap5sec62.html#AEN4250"
|
|
>Use find to find</A
|
|
></DT
|
|
><DT
|
|
>6-1. <A
|
|
HREF="chap6sec69.html#AEN4625"
|
|
>For 128 MB of RAM</A
|
|
></DT
|
|
><DT
|
|
>7-1. <A
|
|
HREF="chap7sec80.html#AEN5283"
|
|
>SMP support</A
|
|
></DT
|
|
><DT
|
|
>8-1. <A
|
|
HREF="chap8sec88.html#AEN5920"
|
|
>Two ISA ethernet cards</A
|
|
></DT
|
|
><DT
|
|
>12-1. <A
|
|
HREF="chap12sec107.html#AEN6898"
|
|
><TT
|
|
CLASS="filename"
|
|
>rc.firewall.blocked</TT
|
|
></A
|
|
></DT
|
|
><DT
|
|
>13-1. <A
|
|
HREF="chap13sec111.html#AEN7175"
|
|
>Using tar</A
|
|
></DT
|
|
><DT
|
|
>15-1. <A
|
|
HREF="chap15sec125.html#AEN8487"
|
|
>Remote login using ssh</A
|
|
></DT
|
|
><DT
|
|
>15-2. <A
|
|
HREF="chap15sec125.html#AEN8501"
|
|
>scp Secure Copy utility</A
|
|
></DT
|
|
><DT
|
|
>15-3. <A
|
|
HREF="chap15sec125.html#AEN8511"
|
|
>local to remote</A
|
|
></DT
|
|
><DT
|
|
>16-1. <A
|
|
HREF="chap16sec134.html#AEN9187"
|
|
>login to a remote using ssh2</A
|
|
></DT
|
|
><DT
|
|
>16-2. <A
|
|
HREF="chap16sec134.html#AEN9200"
|
|
>sftp2, Secure File Transfer</A
|
|
></DT
|
|
><DT
|
|
>18-1. <A
|
|
HREF="chap18sec149.html#AEN9929"
|
|
>Usage of Tripwire</A
|
|
></DT
|
|
><DT
|
|
>19-1. <A
|
|
HREF="chap19sec154.html#AEN10076"
|
|
>Importing using gpg</A
|
|
></DT
|
|
><DT
|
|
>19-2. <A
|
|
HREF="chap19sec154.html#AEN10089"
|
|
>Signing key</A
|
|
></DT
|
|
><DT
|
|
>19-3. <A
|
|
HREF="chap19sec155.html#AEN10109"
|
|
>Encrypting</A
|
|
></DT
|
|
><DT
|
|
>19-4. <A
|
|
HREF="chap19sec155.html#AEN10132"
|
|
>Decrypting</A
|
|
></DT
|
|
><DT
|
|
>20-1. <A
|
|
HREF="chap20sec156.html#AEN10233"
|
|
><TT
|
|
CLASS="literal"
|
|
>usrquota</TT
|
|
></A
|
|
></DT
|
|
><DT
|
|
>20-2. <A
|
|
HREF="chap20sec156.html#AEN10253"
|
|
><TT
|
|
CLASS="literal"
|
|
>grpquota</TT
|
|
></A
|
|
></DT
|
|
><DT
|
|
>21-1. <A
|
|
HREF="chap21sec171.html#AEN11472"
|
|
>dnsquery</A
|
|
></DT
|
|
><DT
|
|
>21-2. <A
|
|
HREF="chap21sec171.html#AEN11485"
|
|
>Look up host names</A
|
|
></DT
|
|
><DT
|
|
>21-3. <A
|
|
HREF="chap21sec171.html#AEN11500"
|
|
>Using host</A
|
|
></DT
|
|
><DT
|
|
>21-4. <A
|
|
HREF="chap21sec171.html#AEN11511"
|
|
>List a complete domain</A
|
|
></DT
|
|
><DT
|
|
>22-1. <A
|
|
HREF="chap22sec176.html#AEN12140"
|
|
>Overriding <SPAN
|
|
CLASS="acronym"
|
|
>RBL</SPAN
|
|
></A
|
|
></DT
|
|
><DT
|
|
>22-2. <A
|
|
HREF="chap22sec180.html#AEN12401"
|
|
>Alternative names</A
|
|
></DT
|
|
><DT
|
|
>22-3. <A
|
|
HREF="chap22sec182.html#AEN12549"
|
|
><TT
|
|
CLASS="filename"
|
|
>sendmail.cf</TT
|
|
></A
|
|
></DT
|
|
><DT
|
|
>26-1. <A
|
|
HREF="chap26sec216.html#AEN16477"
|
|
><TT
|
|
CLASS="filename"
|
|
>my-data-file</TT
|
|
></A
|
|
></DT
|
|
><DT
|
|
>26-2. <A
|
|
HREF="chap26sec217.html#AEN16513"
|
|
><SPAN
|
|
CLASS="acronym"
|
|
>LDMB</SPAN
|
|
> backend</A
|
|
></DT
|
|
><DT
|
|
>26-3. <A
|
|
HREF="chap26sec217.html#AEN16549"
|
|
><TT
|
|
CLASS="filename"
|
|
>modifyentry</TT
|
|
></A
|
|
></DT
|
|
><DT
|
|
>26-4. <A
|
|
HREF="chap26sec218.html#AEN16613"
|
|
>Address Book</A
|
|
></DT
|
|
><DT
|
|
>30-1. <A
|
|
HREF="chap29sec271.html#AEN21301"
|
|
>Using Netscape browser</A
|
|
></DT
|
|
><DT
|
|
>33-1. <A
|
|
HREF="chap29sec306.html#AEN23634"
|
|
>Backup directory of a week</A
|
|
></DT
|
|
><DT
|
|
>33-2. <A
|
|
HREF="chap29sec311.html#AEN24103"
|
|
>scp SSH command</A
|
|
></DT
|
|
><DT
|
|
>33-3. <A
|
|
HREF="chap29sec311.html#AEN24141"
|
|
>scp SSH command</A
|
|
></DT
|
|
></DL
|
|
></DIV
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="preface.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Preface</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |