109

O

limiting access, 38

and su, 38

OpenSSH, 43

and sudo, 39

scp, 43

with User Manager, 38

sftp, 43

methods of disabling, 35

ssh, 43

changing the root shell, 37

overview, 11

disabling SSH logins, 37

with PAM, 37

P

root user

(See root)

password aging, 34

RPM

password security, 30

and intrusion detection, 90

aging, 34

check GPG signature, 26

and PAM, 33

importing GPG key, 26

auditing tools, 33

Crack, 33

John the Ripper, 33

S

Slurpie, 33

security considerations

enforcement, 33

hardware, 75

in an organization, 33

network transmission, 76

methodology, 32

physical networks, 75

strong passwords, 31

wireless, 76

passwords

security overview, 11

within an organization, 33

conclusion, 16

pluggable authentication modules (PAM)

controls

strong password enforcement, 33

(See controls)

portmap, 40

defining computer security, 11

and iptables, 48

Denial of Service (DoS), 14

and TCP wrappers, 48

evolution of computer security, 11

ports

viruses, 14

monitoring, 56

sendmail, 40

post mortem, 97

and NFS, 55

introducing, 55

R

limiting DoS, 55

server security

RAZOR, 85

Apache HTTP Server, 51

reporting the incident, 100

cgi security, 52

restoring and recovering resources, 99

directives, 51

patching the system, 99

FTP, 52

reinstalling the system, 99

anonymous access, 53

risks

anonymous upload, 54

encryption, 18

greeting banner, 53

insecure services, 20

TCP wrappers and, 55

networks, 18

user accounts, 54

architectures, 18

vsftpd, 52

open ports, 19

warning banner, 53

patches and errata, 20

wu ftpd, 52

servers, 19

NFS, 50

inattentive administration, 20

network design, 50

wireless LAN (WLAN), 19

syntax errors, 51

workstations and PCs, 21, 21

NIS, 48

applications, 21

iptables, 50

root, 35

Kerberos, 50

allowing access, 35

NIS domain name, 49

disallowing access, 35

planning network, 49