hack proofing linux a Guide to Open Source Security phần 4 pdf

... creates its database, it is said to enter database initialization mode. 5. You can then set Tripwire to rescan these files and compare their signa- tures to the signatures stored in the database.This ... generally extends your logging capability by placing additional information into a log file or into a database. Alerting An IDS often has the ability to send alert messages to...

Ngày tải lên: 08/08/2014, 21:23

... Service (ToS) in a Linux Router 48 4 Setting ToS Values in Ipchains and Iptables 48 6 Using and Obtaining Automated Firewall Scripts and Graphical Firewall Utilities 48 8 Understand Essential Linux ... to Open Source Security ™ 1 YEAR UPGRADE BUYER PROTECTION PLAN Linux: A Guide to Open Source Security The Only Way to Stop a Hacker Is to Think Like One Jame...

Ngày tải lên: 08/08/2014, 21:23

... supplied a username and password. If a user attempts to run the command via sudo and that user is not in the sudoers file, an e-mail is automatically sent to the administrator, indicating that an unauthorized ... filenames are now represented as variables. These variables are set automatically at runtime. ■ Undo feature Administrators can undo settings through various methods that are l...

Ngày tải lên: 08/08/2014, 21:23

... may wish to use Nmap in a network that uses a well-configured firewall or an IDS). If so, you may want to conduct scans that cannot be easily detected, or are actually able to traverse a firewall ... 9:35 AM Page 1 24 152 Chapter 3 • System Scanning and Probing ■ The ability to add an entire IP network or DNS domain to the map, and then have Cheops automatically add new hosts t...

Ngày tải lên: 08/08/2014, 21:23

... data? A: As you have learned, packet sniffing is a powerful tool. It allows malicious hackers to capture packets that contain passwords and usernames.The only way to protect yourself against hackers ... directories, and databases. ; An IDS can act as a supplement to a firewall, because it can help you monitor traffic on the internal network. Sometimes it may be useful to place an...

Ngày tải lên: 08/08/2014, 21:23

... and /var/kerberos/krb5kdc/kdc.acl files to reflect your Kerberos realm and DNS domain names.You must then add an administrative user, as well as additional principals, to the database. Using kadmin.local Because ... a Kerberos administrator uses the kadmin pro- gram to add a principal to the database. Note that the ticket does not actually contain the password. It is only signed by...

Ngày tải lên: 08/08/2014, 21:23

... time and trouble by acquiring FreeS/WAN through one of these alternate sources. Some available script sets are designed to allow you to manage firewalls that also serve as FreeS/WAN IPSec gateways.You ... 9 :46 AM Page 42 4 Creating Virtual Private Networks • Chapter 8 40 3 Table 8.2 IPSec Protocols Used in FreeS/WAN Protocol Description Authentication Header (AH) Performs authentication...

Ngày tải lên: 08/08/2014, 21:23

... Firestarter 138 _linux_ 09 6/20/01 9 :49 AM Page 49 4 Implementing a Firewall with Ipchains and Iptables • Chapter 9 48 7 already set, whereas the other actually sets the values .To create a rule that matches a ToS ... firewall can take action. Some actions the firewall can take may include automatic firewall reconfiguration and automatic alerts. Exercise: Using Firestarter to Create...

Ngày tải lên: 08/08/2014, 21:23

... rules database One of the common moves by a hacker is to alter the rules database in subtle ways that make it easier for the hacker to gain access to the network. Check your rules and compare them ... Frequently Asked Questions Chapter 11 543 138 _linux_ 11 6/20/01 9:51 AM Page 543 Maintaining Firewalls • Chapter 11 549 employee morale. Make sure that upper management understands...

Ngày tải lên: 08/08/2014, 21:23

... with, 46 6 46 7 listing tables and chains, 46 4 46 5 logging packets, 47 1, 48 2 masquerading IP traffic with, 45 7, 45 9, 46 7 46 8 packet accounting and, 48 3 48 4 personal firewall configuration and, 47 4 47 7 port ... command, 43 4 ipsec pluto command, 43 4 ipsec whack command, 43 4 Iptables, 44 6 44 7, 45 1, 46 1 46 2, 597 acquiring, 44 6 adding packet filtering rules wit...

Ngày tải lên: 08/08/2014, 21:23