hack proofing linux a Guide to Open Source Security phần 9 docx

... rules database One of the common moves by a hacker is to alter the rules database in subtle ways that make it easier for the hacker to gain access to the network. Check your rules and compare them ... problems, because it will require you to ensure that this daemon is not sub- ject to bugs that can cause a security problem. Any daemon, such as Cron, that acts automatically can...

Ngày tải lên: 08/08/2014, 21:23

... to Open Source Security ™ 1 YEAR UPGRADE BUYER PROTECTION PLAN Linux: A Guide to Open Source Security The Only Way to Stop a Hacker Is to Think Like One James Stanger Patrick T. Lane 138 _linux_ FM ... such as IBM, Compaq, and Intel. 138 _linux_ FM 6/20/01 9: 29 AM Page viii 14 Chapter 1 • Introduction to Open Source Security Packetstorm Packetstorm is spe...

Ngày tải lên: 08/08/2014, 21:23

... supplied a username and password. If a user attempts to run the command via sudo and that user is not in the sudoers file, an e-mail is automatically sent to the administrator, indicating that an unauthorized ... filenames are now represented as variables. These variables are set automatically at runtime. ■ Undo feature Administrators can undo settings through various methods that are l...

Ngày tải lên: 08/08/2014, 21:23

... Snort’s analysis feature is able to read the contents of the captured packets and then inform you about any attacks waged against your network. ; Snort is able to automatically detect attacks based ... directories, and databases. ; An IDS can act as a supplement to a firewall, because it can help you monitor traffic on the internal network. Sometimes it may be useful to place an IDS...

Ngày tải lên: 08/08/2014, 21:23

... Red Hat Package Manager (RPM) packages are already installed (you may need to update them later in this section). To check if an RPM is installed, enter rpm -qa | grep rpm_name .To install an RPM, ... time and trouble by acquiring FreeS/WAN through one of these alternate sources. Some available script sets are designed to allow you to manage firewalls that also serve as FreeS/WAN IPSe...

Ngày tải lên: 08/08/2014, 21:23

... packets.This way, a fire- wall will not be able to capture and log the packets as easily. ■ -S Address Allows you to specify the originating address of the scan. Originally meant to allow Nmap to work ... uses SNMP, a protocol that allows you to monitor remote systems. Both Cheops and HP OpenView allow you to create a graphical map of the net- work, and then manage any host o...

Ngày tải lên: 08/08/2014, 21:23

... creates its database, it is said to enter database initialization mode. 5. You can then set Tripwire to rescan these files and compare their signa- tures to the signatures stored in the database.This ... generally extends your logging capability by placing additional information into a log file or into a database. Alerting An IDS often has the ability to send alert messages to...

Ngày tải lên: 08/08/2014, 21:23

... and /var/kerberos/krb5kdc/kdc.acl files to reflect your Kerberos realm and DNS domain names.You must then add an administrative user, as well as additional principals, to the database. Using kadmin.local Because ... a Kerberos administrator uses the kadmin pro- gram to add a principal to the database. Note that the ticket does not actually contain the password. It is only signed by...

Ngày tải lên: 08/08/2014, 21:23

... Firestarter 138 _linux_ 09 6/20/01 9: 49 AM Page 494 Implementing a Firewall with Ipchains and Iptables • Chapter 9 487 already set, whereas the other actually sets the values .To create a rule that matches a ToS ... Ipchains and Iptables also allow you to configure your Linux router to masquerade traffic (i.e., to rewrite IP headers so that a packet appears to originat...

Ngày tải lên: 08/08/2014, 21:23

... that all Application layer data is encrypted. No passwords, usernames, or usable data www.syngress.com Chapter 7 Continued 138 _linux_ AppB 6/20/01 9: 55 AM Page 624 Hack Proofing Linux Fast Track ... database. Determine if any unauthorized changes have been made to your database. Use the diff command to compare the two files to see if any changes have occurred.You may also use md5...

Ngày tải lên: 08/08/2014, 21:23