hack proofing linux a Guide to Open Source Security phần 5 docx

... Snort’s analysis feature is able to read the contents of the captured packets and then inform you about any attacks waged against your network. ; Snort is able to automatically detect attacks based ... appearing in reports unless you update your database. Database update mode allows you to update the database so that it no www.syngress.com 138 _linux_ 04 6/20/01 9:38 AM Page 255 274 Ch...

Ngày tải lên: 08/08/2014, 21:23

... to Open Source Security ™ 1 YEAR UPGRADE BUYER PROTECTION PLAN Linux: A Guide to Open Source Security The Only Way to Stop a Hacker Is to Think Like One James Stanger Patrick T. Lane 138 _linux_ FM ... One-way encryp- tion is also used to read a file and then create a hash of that file.The resulting hash value is said to be mathematically unrecoverable. You sh...

Ngày tải lên: 08/08/2014, 21:23

... supplied a username and password. If a user attempts to run the command via sudo and that user is not in the sudoers file, an e-mail is automatically sent to the administrator, indicating that an unauthorized ... that all administrators down- load and install the security upgrades to avoid denial-of-service (DoS) and intrusion attacks that can result from these weaknesses. For exam...

Ngày tải lên: 08/08/2014, 21:23

... Red Hat Package Manager (RPM) packages are already installed (you may need to update them later in this section). To check if an RPM is installed, enter rpm -qa | grep rpm_name .To install an RPM, ... time and trouble by acquiring FreeS/WAN through one of these alternate sources. Some available script sets are designed to allow you to manage firewalls that also serve as FreeS/WAN IPSe...

Ngày tải lên: 08/08/2014, 21:23

... be preludes to an attack. Following is a more detailed discussion concerning each of these issues. Maintaining Firewalls • Chapter 11 54 5 138 _linux_ 11 6/20/01 9 :51 AM Page 54 5 55 0 Chapter 11 • Maintaining ... rules database One of the common moves by a hacker is to alter the rules database in subtle ways that make it easier for the hacker to gain access to the network. Ch...

Ngày tải lên: 08/08/2014, 21:23

... 6/20/01 9: 35 AM Page 124 152 Chapter 3 • System Scanning and Probing ■ The ability to add an entire IP network or DNS domain to the map, and then have Cheops automatically add new hosts to the map ■ The ... packets.This way, a fire- wall will not be able to capture and log the packets as easily. ■ -S Address Allows you to specify the originating address of the scan. Originally m...

Ngày tải lên: 08/08/2014, 21:23

... creates its database, it is said to enter database initialization mode. 5. You can then set Tripwire to rescan these files and compare their signa- tures to the signatures stored in the database.This ... generally extends your logging capability by placing additional information into a log file or into a database. Alerting An IDS often has the ability to send alert messages to...

Ngày tải lên: 08/08/2014, 21:23

... the /etc/krb5.conf and /var/kerberos/krb5kdc/kdc.acl files to reflect your Kerberos realm and DNS domain names.You must then add an administrative user, as well as additional principals, to the database. Using ... of OpenSSH has already been created. It is a Red Hat Package Manager (RPM) that is included into the base system of Red Hat Linux 7.These installation files are also located on...

Ngày tải lên: 08/08/2014, 21:23

... firewall can take action. Some actions the firewall can take may include automatic firewall reconfiguration and automatic alerts. Exercise: Using Firestarter to Create a Personal Firewall 1. Make ... Ipchains and Iptables also allow you to configure your Linux router to masquerade traffic (i.e., to rewrite IP headers so that a packet appears to originate from a certain host), and...

Ngày tải lên: 08/08/2014, 21:23

... 55 2 55 8 acquiring, 55 2 command syntax, 55 4 exercise in using, 55 7 55 8 IP spoofing with, 55 5 55 6 options available in, 55 3 55 4 port scanning with, 55 3, 55 4 55 5 testing DNS connectivity with, 55 7 testing ... blocking, 53 54 registered, 50 , 51 52 scanning with Gnome Service Scan (GSS), 129, 131, 132 scanning with Netcat, 55 2 55 3, 55 4 55 5, 55 7 55 8 scanning wi...

Ngày tải lên: 08/08/2014, 21:23