Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

NOTE: CentOS Enterprise Linux is built from the Red Hat Enterprise Linux source code. Other than logo and name changes CentOS Enterprise Linux is compatible with the equivalent Red Hat version. This document applies equally to both Red Hat and CentOS Enterprise Linux.

Index

A

activating your subscription, Activate Your Subscription
Apache HTTP Server
cgi security, Restrict Permissions for Executable Directories
directives, Securing the Apache HTTP Server
introducing, Securing the Apache HTTP Server
attackers and risks, Attackers and Vulnerabilities

B

basic input output system
see BIOS
BIOS
non-x86 equivalents
passwords, Securing Non-x86 Platforms
security, BIOS and Boot Loader Security
passwords, BIOS Passwords
black hat hacker
see crackers
boot loaders
GRUB
password protecting, Password Protecting GRUB
security, Boot Loader Passwords

D

dd
collecting evidence with, Collecting an Evidential Image
file auditing using, Gathering Post-Breach Information
Demilitarized Zone, DMZs and iptables
Denial of Service (DoS)
distributed, Security Today
DMZ
see Demilitarized Zone
see networks

E

EFI Shell
security
passwords, Securing Non-x86 Platforms

F

file
file auditing using, Gathering Post-Breach Information
file auditing
tools, Gathering Post-Breach Information
find
file auditing using, Gathering Post-Breach Information
firewall types, Firewalls
network address translation (NAT), Firewalls
packet filter, Firewalls
proxy, Firewalls
firewalls, Firewalls
additional resources, Additional Resources
and connection tracking, iptables and Connection Tracking
and viruses, Viruses and Spoofed IP Addresses
iptables, Netfilter and iptables
personal, Personal Firewalls
policies, Basic Firewall Policies
stateful, iptables and Connection Tracking
types, Firewalls
FTP
anonymous access, Anonymous Access
anonymous upload, Anonymous Upload
greeting banner, FTP Greeting Banner
introducing, Securing FTP
TCP wrappers and, Use TCP Wrappers To Control Access
user accounts, User Accounts
vsftpd, Securing FTP

G

grep
file auditing using, Gathering Post-Breach Information
grey hat hacker
see hackers

H

hacker ethic, A Quick History of Hackers
hackers
black hat
see cracker
definition, A Quick History of Hackers
grey hat, Shades of Grey
white hat, Shades of Grey
hardware, Hardware and Network Protection
and security, Hardware Security
laptops, Hardware Security
servers, Hardware Security
workstations, Hardware Security

I

IDS
see intrusion detection systems
incident response
and legal issues, Legal Considerations
collecting evidence
using dd, Collecting an Evidential Image
computer emergency response team (CERT), The Computer Emergency Response Team (CERT)
creating a plan, Creating an Incident Response Plan
definition of, Defining Incident Response
gathering post-breach information, Gathering Post-Breach Information
implementation, Implementing the Incident Response Plan
introducing, Incident Response
investigation, Investigating the Incident
post-mortem, Investigating the Incident
reporting the incident, Reporting the Incident
restoring and recovering resources, Restoring and Recovering Resources
incident response plan, Creating an Incident Response Plan
insecure services, Insecure Services
rsh, Insecure Services
Telnet, Insecure Services
vsftpd, Insecure Services
introduction, Introduction
categories, using this manual, Introduction
other Red Hat Enterprise Linux manuals, Introduction
topics, Introduction
intrusion detection systems, Intrusion Detection
and log files, Host-based IDS
defining, Defining Intrusion Detection Systems
host-based, Host-based IDS
network-based, Network-based IDS
Snort, Snort
RPM Package Manager (RPM), RPM as an IDS
Tripwire, Tripwire
types, IDS Types
ip6tables, ip6tables
IPsec, IPsec
configuration, IPsec Network-to-Network configuration
host-to-host, IPsec Host-to-Host Configuration
host-to-host, IPsec Host-to-Host Configuration
installing, IPsec Installation
network-to-network, IPsec Network-to-Network configuration
phases, IPsec
iptables, Netfilter and iptables
additional resources, Additional Resources
and DMZs, DMZs and iptables
and viruses, Viruses and Spoofed IP Addresses
chains, Using iptables
FORWARD, FORWARD and NAT Rules
INPUT, Common iptables Filtering
OUTPUT, Common iptables Filtering
POSTROUTING, FORWARD and NAT Rules
PREROUTING, FORWARD and NAT Rules, DMZs and iptables
connection tracking, iptables and Connection Tracking
states, iptables and Connection Tracking
policies, Basic Firewall Policies
rules, Saving and Restoring iptables Rules
common, Common iptables Filtering
forwarding, FORWARD and NAT Rules
NAT, FORWARD and NAT Rules, DMZs and iptables
restoring, Saving and Restoring iptables Rules
saving, Saving and Restoring iptables Rules
stateful inspection, iptables and Connection Tracking
states, iptables and Connection Tracking
using, Using iptables

M

md5sum
file auditing using, Gathering Post-Breach Information

N

NAT
see Network Address Translation
Nessus, Nessus
Netfilter, Netfilter and iptables
additional resources, Additional Resources
Netfilter 6, ip6tables
netstat, Verifying Which Ports Are Listening
Network Address Translation, FORWARD and NAT Rules
with iptables, FORWARD and NAT Rules
network services, Available Network Services
buffer overflow
ExecShield, Risks To Services
identifying and configuring, Identifying and Configuring Services
risks, Risks To Services
buffer overflow, Risks To Services
denial-of-service, Risks To Services
script vulnerability, Risks To Services
network topologies, Secure Network Topologies
linear bus, Physical Topologies
ring, Physical Topologies
star, Physical Topologies
networks, Hardware and Network Protection
and security, Secure Network Topologies
de-militarized zones (DMZs), Network Segmentation and DMZs
hubs, Transmission Considerations
segmentation, Network Segmentation and DMZs
switches, Transmission Considerations
wireless, Wireless Networks
NFS, Securing NFS
and Sendmail, NFS and Sendmail
network design, Carefully Plan the Network
syntax errors, Beware of Syntax Errors
Nikto, Nikto
NIS
introducing, Securing NIS
IPTables, Assign Static Ports and Use IPTables Rules
Kerberos, Use Kerberos Authentication
NIS domain name, Use a Password-like NIS Domain Name and Hostname
planning network, Carefully Plan the Network
securenets, Edit the /var/yp/securenets File
static ports, Assign Static Ports and Use IPTables Rules
nmap, Verifying Which Ports Are Listening, Scanning Hosts with Nmap
command line version, Using Nmap

P

password aging, Password Aging
password security, Password Security
aging, Password Aging
and PAM, Forcing Strong Passwords
auditing tools, Forcing Strong Passwords
Crack, Forcing Strong Passwords
John the Ripper, Forcing Strong Passwords
Slurpie, Forcing Strong Passwords
enforcement, Forcing Strong Passwords
in an organization, Creating User Passwords Within an Organization
methodology, Secure Password Creation Methodology
strong passwords, Creating Strong Passwords
passwords
within an organization, Creating User Passwords Within an Organization
pluggable authentication modules (PAM)
strong password enforcement, Forcing Strong Passwords
portmap, Identifying and Configuring Services
and IPTables, Protect portmap With IPTables
and TCP wrappers, Protect portmap With TCP Wrappers
ports
common, Common Ports
monitoring, Verifying Which Ports Are Listening
post-mortem, Investigating the Incident

R

registering your subscription, Activate Your Subscription
reporting the incident, Reporting the Incident
restoring and recovering resources, Restoring and Recovering Resources
patching the system, Patching the System
reinstalling the system, Reinstalling the System
risks
insecure services, Inherently Insecure Services
networks, Threats to Network Security
architectures, Insecure Architectures
open ports, Unused Services and Open Ports
patches and errata, Unpatched Services
servers, Threats to Server Security
inattentive administration, Inattentive Administration
workstations and PCs, Threats to Workstation and Home PC Security, Bad Passwords
applications, Vulnerable Client Applications
root, Allowing Root Access
allowing access, Allowing Root Access
disallowing access, Disallowing Root Access
limiting access, Limiting Root Access
and su, The su Command
and sudo, The sudo Command
with User Manager, The su Command
methods of disabling, Disallowing Root Access
changing the root shell, Disabling Root Logins
disabling SSH logins, Disabling Root SSH Logins
with PAM, Disabling Root Using PAM
root user
see root
RPM
and intrusion detection, RPM as an IDS
importing GPG key, Using the Red Hat Errata Website
verifying signed packages, Verifying Signed Packages, Installing Signed Packages

S

security considerations
hardware, Hardware and Network Protection
network transmission, Transmission Considerations
physical networks, Hardware and Network Protection
wireless, Wireless Networks
security errata, Security Updates
applying changes, Applying the Changes
via Red Hat errata website, Using the Red Hat Errata Website
via Red Hat Network, Using Red Hat Network
when to reboot, Applying the Changes
security overview, Security Overview
conclusion, Conclusion
controls
see controls
defining computer security, What is Computer Security?
Denial of Service (DoS), Security Today
evolution of computer security, How did Computer Security Come about?
viruses, Security Today
sendmail, Identifying and Configuring Services
and NFS, NFS and Sendmail
introducing, Securing Sendmail
limiting DoS, Limiting a Denial of Service Attack
server security
Apache HTTP Server, Securing the Apache HTTP Server
cgi security, Restrict Permissions for Executable Directories
directives, Securing the Apache HTTP Server
FTP, Securing FTP
anonymous access, Anonymous Access
anonymous upload, Anonymous Upload
greeting banner, FTP Greeting Banner
TCP wrappers and, Use TCP Wrappers To Control Access
user accounts, User Accounts
vsftpd, Securing FTP
NFS, Securing NFS
network design, Carefully Plan the Network
syntax errors, Beware of Syntax Errors
NIS, Securing NIS
IPTables, Assign Static Ports and Use IPTables Rules
Kerberos, Use Kerberos Authentication
NIS domain name, Use a Password-like NIS Domain Name and Hostname
planning network, Carefully Plan the Network
securenets, Edit the /var/yp/securenets File
static ports, Assign Static Ports and Use IPTables Rules
overview of, Server Security
portmap, Securing Portmap
ports
monitoring, Verifying Which Ports Are Listening
Sendmail, Securing Sendmail
and NFS, NFS and Sendmail
limiting DoS, Limiting a Denial of Service Attack
TCP wrappers, Enhancing Security With TCP Wrappers
attack warnings, TCP Wrappers and Attack Warnings
banners, TCP Wrappers and Connection Banners
logging, TCP Wrappers and Enhanced Logging
xinetd, Enhancing Security With xinetd
managing resources with, Controlling Server Resources
preventing DoS with, Controlling Server Resources
SENSOR trap, Setting a Trap
services, Verifying Which Ports Are Listening
Services Configuration Tool, Identifying and Configuring Services
Snort, Snort
sshd, Identifying and Configuring Services
stat
file auditing using, Gathering Post-Breach Information
strings
file auditing using, Gathering Post-Breach Information
su
and root, The su Command
subscription registration, Activate Your Subscription
sudo
and root, The sudo Command

U

updates
see security errata

V

Virtual Private Networks, Virtual Private Networks
IPsec, IPsec
configuration, IPsec Network-to-Network configuration
host-to-host, IPsec Host-to-Host Configuration
installing, IPsec Installation
viruses
trojans, Security Today
VLAD the Scanner, VLAD the Scanner
VPN, Virtual Private Networks
vulnerabilities
assessing with Nessus, Nessus
assessing with Nikto, Nikto
assessing with Nmap, Scanning Hosts with Nmap
assessing with VLAD the Scanner, VLAD the Scanner
assessment, Vulnerability Assessment
defining, Defining Assessment and Testing
establishing a methodology, Establishing a Methodology
testing, Defining Assessment and Testing

W

white hat hacker
see hackers
Wi-Fi networks
see 802.11x
wireless security, Wireless Networks
802.11x, Wireless Networks
workstation security, Workstation Security
BIOS, BIOS and Boot Loader Security
boot loaders
passwords, Boot Loader Passwords
evaluating
administrative control, Evaluating Workstation Security
BIOS, Evaluating Workstation Security
boot loaders, Evaluating Workstation Security
communications, Evaluating Workstation Security
passwords, Evaluating Workstation Security
personal firewalls, Evaluating Workstation Security

X

xinetd, Identifying and Configuring Services
managing resources with, Controlling Server Resources
preventing DoS with, Controlling Server Resources
SENSOR trap, Setting a Trap

 
 
  Published under the terms of the GNU General Public License Design by Interspire