linux and unix security portable reference

... HACKNOTES ™ Linux and Unix Security Portable Reference “A virtual arms cache at your fingertips HackNotes Linux and Unix Security Portable Reference is a valuable reference for busy administrators and ... clear, concise, and to the point xv xvi HackNotes Linux and Unix Security Portable Reference Whether you are brand new to the information security field and need useful starting points and essential ... Corporation “HackNotes Linux and Unix Security Portable Reference is a valuable practical guide to protecting Linux and Unix systems from attack Many books give general (and often vague) advice,...

Ngày tải lên: 25/03/2014, 11:22

... basics Linux and Unix are fundamentally divided into two parts: the kernel and “user space” Most programs execute in user space (on top of the kernel) Linux 31 Chapter Summary of Linux and Unix Security ... due to random input) 2.1.5 Comparing Linux and Unix This book uses the term Unix- like” to describe systems intentionally like Unix In particular, the term Unix- like” includes all major Unix variants ... on Unix systems, including their basic security mechanisms Chapter summarizes key security features of Unix and Linux 16 Chapter Background 2.2 Security Principles There are many general security...

Ngày tải lên: 24/03/2014, 04:20

... Commands RC Windows Enumeration Commands and Tools RC Common DOS Commands RC UNIX System and Network Commands RC Specific UNIX Enumeration Commands ... file and directory trees UNIX System and Network Commands The following is a list of the most common commands found on most UNIX and Linux distributions For more information on a particular command, ... xi xii HackNotes Network Security Portable Reference Part I Network Security Principles and Methodologies ■ ■ Security Principles and Components Asset and Risk Based INFOSEC...

Ngày tải lên: 25/03/2014, 11:22

... clear, concise, and to the point xv xvi HackNotes Web Security Portable Reference Whether you are brand new to the information security field and need useful starting points and essential facts ... Series Commands and Code Listings Throughout the book, user input for commands has been highlighted as bold, for example: [bash]# whoami root In addition, common Linux and Unix commands and parameters ... HACKNOTES ™ Web Security Portable Reference This page intentionally left blank HACKNOTES ™ Web Security Portable Reference MIKE SHEMA McGraw-Hill/Osborne New York...

Ngày tải lên: 25/03/2014, 11:22

... created a brand-new series of portable reference books for security professionals These are quick-study books kept to an acceptable number of pages and meant to be a truly portable reference The ... writing clear, concise, and to the point xi xii HackNotes Windows Security Portable Reference Whether you are new to the information security field and need useful starting points and essential facts ... NOT AND && Logical modifier AND OR || Logical modifier OR Reference Center WinPcap/libpcap Filter Reference Filter RC 30 Reference Center nslookup Command Reference Command Description server =...

Ngày tải lên: 25/03/2014, 11:22

... created a brand-new series of portable reference books for security professionals These are quick-study books kept to an acceptable number of pages and meant to be a truly portable reference The ... writing clear, concise, and to the point xi xii HackNotes Windows Security Portable Reference Whether you are new to the information security field and need useful starting points and essential facts ... Cyber-Terrorism and award-winning senior writer for Computerworld “HackNotes Windows Security Portable Reference covers very interesting and pertinent topics, especially ones such as common ports and services,...

Ngày tải lên: 07/08/2014, 17:20

... NOT AND && Logical modifier AND OR || Logical modifier OR Reference Center WinPcap/libpcap Filter Reference Filter RC 30 Reference Center nslookup Command Reference Command Description server = ... MyConsole.msc RC 32 Reference Center Online References General Security Archives Web Site SecurityFocus http://www.securityfocus.com PacketStorm Security http://packetstormsecurity.nl Securiteam ... brute-force or dictionary attack and applying the hash LSA Comprised of the Local Security Authority Subsystem (LSASS) and the Security Reference Monitor (SRM), the Local Security Authority is the system...

Ngày tải lên: 07/08/2014, 17:20

... (TCP/63, UDP/63) that can be queried by command-line clients The whois protocol defines a communication standard for querying system and network information, and can be used to determine what organization ... hacker-friendly The TCP Handshake: A Brief Review Every TCP connection must first be established with a three-way handshake between the client host and the server This handshake sets the initial ... open Command Prompt window and firing: E:\hacknotes>nmap -sS -p 22,25,80,443 192.168.100.0/24 In this section, we’ll cover the command-line port scanners ScanLine by Foundstone, Inc and the Win32...

Ngày tải lên: 07/08/2014, 17:20

... queries and zone transfers, telnet, and SMTP C:\Snort\bin>snort -v icmp or (udp and port 53) or (tcp and (port 25 or 53)) As you can see, we can create complex filters using the logical operators AND ... for the decision making and verification Security Operators: Users and User Contexts Any access control decision is based on at least two elements, a who and a what The who and what may be interchangeable, ... default This can be changed using the Local Security Policy and the Domain Security Policies in Windows XP and 2003 by enabling the option Network security: Do not store LAN manager hash value...

Ngày tải lên: 07/08/2014, 17:20

... authentication and access control These responsibilities are handled by two primary security providers, a user mode component (the Local Security Authority ) and a kernel mode component (the Security Reference ... 2000 and 2003 Server Hacking Techniques & Defenses On Windows 2003 and XP, this setting is available under Security Settings | Local Policies | Security Options and goes by the name Network security: ... file handle if the security token matched for Read access only) After the process receives its handle, it will no longer have to check with the SRM for access, but if the handle is closed and then...

Ngày tải lên: 07/08/2014, 17:20

... subject, including the HackNotes Web hacking reference (Hacknotes Web Security Portable Reference by Mike Shema [McGraw-Hill/Osborne, 2003]) The Big Nasties: Command Execution In this section, we’ll ... including the excellent security web sites http://www.securiteam.com and http://packetstormsecurity.nl When you find the Perl script, simply copy and paste the script into a text file and save it with ... use in authoring and managing web content WebDAV stands for Web-based Distributed Authoring and Versioning, and is supported in IIS v5.0 by default In March 2003, Microsoft issued security bulletin...

Ngày tải lên: 07/08/2014, 17:20

... groups Creating a Group Expand Local Users and Groups and select the Groups container Right-click in the right-hand pane and select New Group Enter the group name and a description of the group’s ... secure and powerful Group Policies, exposing many more system properties and applying settings more logically and with better security All the security settings discussed in the previous chapters and ... remotely as an RPC service, and steps should be taken to ensure proper security You can review and manage WMI security from Computer Management: 134 Part III: Windows Hardening and can be disabled with...

Ngày tải lên: 07/08/2014, 17:20

... specialized Windows security tools for managing data security and integrity, specifically the IP security and encrypting filesystem features in Windows 2000 and above Part IV Windows Security Tools ... 15 IP Security Policies Encrypting File System Security IIS 5.0 Windows 2003 Security Advancements This page intentionally left blank Chapter 12 IP Security Policies IN THIS CHAPTER: ■ IP Security ... negotiation of the data integrity and confidentiality options and the establishment of the keys to support them, and creates a set of security associations Security associations define one-way...

Ngày tải lên: 07/08/2014, 17:20

... case, and as you see how flexible the IP security rules can be, you’ll no doubt find applications for this more surgical approach to IP security policies Developing IP Security Rules IP security ... enforces security for systems connecting from any other network These are the two filter rules and actions we will define in this policy In the left-hand pane, right-click IP Security Policies… and ... select Create IP Security Policy to start the IP Security Policy Wizard Click Next and then specify a name and description for the new policy Uncheck the Default Response Rule option, and then click...

Ngày tải lên: 07/08/2014, 17:20

... (SAM) database, 63 security associations, 185 Security Policy editor, 43–44, 80, 88 Security Reference Monitor (SRM), 69–70 Security Rule Wizard, 193–194 security tokens, 69 security zones, Internet ... http://www.microsoft.com/technet /security/ tools/ tools/locktool.asp and save the file to disk Open a command prompt and navigate to the directory where you saved iislockd.exe Use command-line switches to ... user management, 64–66 GTWhois, 11 H Hacknotes Web Security Portable Reference (Shema), 102 half-open TCP scanning, 18, 26 handshake, TCP, 17 Help and Support Services, 126 HFNetChk tool, 177–179...

Ngày tải lên: 07/08/2014, 17:20

... quietly and automatically from within a standard UNIX or Linux system Automation is already a core part of UNIX philosophy, and cron jobs have historically been the de facto method for automating UNIX ... to set up your own UNIX- based environment This book isn’t like most UNIX /Linux administration books, because it illustrates techniques and principles by building a real UNIX /Linux environment ... tasks on a stand-alone system It makes security checks, updates databases with information on file locations (e.g., ), and collects system accounting and performance information All this and more...

Ngày tải lên: 13/08/2014, 04:21

... checks and fixes the ownership and permissions on , , and It also calculates and records the MD5 checksum of On any system in the class , the permissions on are checked because that is the standard ... accomplish the goal It is high-level enough that someone familiar with UNIX concepts and usage can read a cfengine configuration and understand what is being done without any prior cfengine knowledge The ... (the heart of the framework) This command can be run manually (on demand), by on a regular basis, and/ or by when triggered by a remote invocation The necessary and sufficient condition for using...

Ngày tải lên: 13/08/2014, 04:21

... command is executed to synchronize the system’s clock Cfengine terminates this command in 30 seconds if it has not completed On systems running Red Hat Linux, a script runs between 2:00 a.m and ... automated and fully functional UNIX infrastructure 77 CHAPT ER Bootstrapping a New Infrastructure H ow would you feel if you were offered the opportunity to install and configure all the systems and ... system upgrade, and patching procedures is easy before the systems and procedures are put into use Once you’ve been deploying and updating systems using automated means, reorganizing and rebuilding...

Ngày tải lên: 13/08/2014, 04:21

... Pre-Installation Script in the left-hand pane and leave the screen’s text box blank: Postinstallation Script Screen Select Post-Installation Script in the left-hand pane and paste in this small script ... FAI is a pleasure to work with The directory names and scripts are selfexplanatory, the class mechanism is intuitive and easy to work with, and the packages put useful starting configuration ... of the configuration such as the software group to install and the disk partition (slice) layout The format is easy to understand, and because we’re taking advantage of the sample configuration...

Ngày tải lên: 13/08/2014, 04:21

... ฀ ฀ and On Solaris, the files are and The and files map filesystem paths to files that contain the commands to mount a remote share at that path The and files have the actual mount commands ... infrastructure: a Cisco router at that handles routing, Network Address Translation (NAT), and DNS-caching services After we get DNS up and running on one or more of our UNIX systems, we’ll have cfengine ... successful results We had to modify only three included files ( , , and ), and create two new ones ( and ) Now we know the file locations and file contents that we need in order to host our private DNS...

Ngày tải lên: 13/08/2014, 04:21