Авторизация
Поиск по указателям
Bauer M.D. — Building Secure Servers With Linux
Обсудите книгу на научном форуме
Нашли опечатку? Выделите ее мышкой и нажмите Ctrl+Enter
Название: Building Secure Servers With Linux
Автор: Bauer M.D.
Аннотация: Linux consistently turns up high in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services like DNS and routing mail. But security is uppermost on the mind of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well.
As the cost of broadband and other high-speed Internet connectivity has gone down, and its availability has increased, more Linux users are providing or considering providing Internet services such as HTTP, Anonymous FTP, etc., to the world at large. At the same time, some important, powerful, and popular Open Source tools have emerged and rapidly matured — some of which rival expensive commercial equivalents — making Linux a particularly appropriate platform for providing secure Internet services.
Язык:
Рубрика: Технология /
Статус предметного указателя: Готов указатель с номерами страниц
ed2k: ed2k stats
Год издания: 2002
Количество страниц: 448
Добавлена в каталог: 05.03.2007
Операции: Положить на полку |
Скопировать ссылку для форума | Скопировать ID
Предметный указатель
(unencrypted) keys and server certificates
.htaccess files
.htaccess files in Apache configuration
.swatchrc file
3DES (Triple-DES) 2nd
<applet>
<embed>
<Object>
<script>
A-records (address records)
A-records (address records)[A}
abuse
accepting anonymous uploads
ACCESS
Access control
Access Control Lists (ACLs) in BIND
access control mechanisms
access database in Sendmail 2nd
access database, configuring
access restriction 2nd 3rd
access.conf file 2nd
accessing databases
accounts, deleting unnecessary
AccountSecurity.pm, InteractiveBastille module
ACK scanning
ACLs in
acl{} sections
acl{} sections in named.conf file
Actions
actions, syslog
active mode versus passive mode
adding to remote host
address records (A-records) 2nd
Administration Tools
AIDE (Advanced Intrusion Detection Environment)
ALEs
ALEs (Annualized Loss Expectancies)
algorithm, defined
Aliases 2nd
aliases database, and
Allman, Eric
allow-query, BIND global option
allow-recursion, BIND global option
allow-transfer, BIND global option
allowed properties
AllowRetrieveRestart, ProFTPD setting
Alternation
Amoroso, Ed
Analysis
Analysis Console for Intrusion Databases (ACID)
Annualized Loss Expectancies (ALEs)
anomaly detection systems
anomaly detection systems, and
Anonymous ftp 2nd
anonymous FTP, and
anonymous rsync
anonymous uploads using rsync
anti-IP-spoofing rules
anti-spoofing [See spoofing]
anti-spoofing features, configure
anti-spoofing rules
aolserver
Apache
Apache Configuration Tool
Apache, and
Apache.pm, InteractiveBastille module
application gateways
application servers
application that analyzes IDS data in real time
application-layer [See application gateways]
application-layer proxies [See application gateways]
applications
arachNIDS
arachNIDS attack signature database
Architecture
architecture and dataflow
as its own log watcher, example
asset devaluation
assigning IP aliases
assigning new ports
Atkins, Todd
Attack
attack signature database
Attack trees
attackers scanning ranges of IP addresses for
attackers, detecting
Attacks [See also threats]
attacks and TSIG
Audit Based
Audit Based IDS
auth
auth facility, syslog
auth users, rsync option
auth-priv facility, syslog
auth-priv, syslog
Authentication
Authorization
authorized_keys file 2nd 3rd
Automated
automated checks, script for
automated hardening
Availability
axfr-get 2nd
axfr-get, djbdns service
axfrdns 2nd
axfrdns, djbdns service
A§mann, Claus
bare-metal recovery 2nd
base-server settings
base-server-but-actually-global settings
BASIC
basic scans [See simple port scans]
basic server-side
basics
Bastille Linux 2nd
bastion hosts 2nd
bastion hosts, and
Beale, Jay 2nd
Beck, Bob
Bernstein, Daniel J. 2nd 3rd 4th
best defense against
bind
BIND v8
BIND v9
BIND, and
Block ciphers 2nd 3rd
Blowfish 2nd
BootSecurity.pm, InteractiveBastille module
Brauer, Henning
btree
btree, database format
buffer-overflow 2nd
buffer-overflow attacks 2nd
bug affecting Nessus port scans
BUGTRAQ
built-in programs
CA key
cache poisoning 2nd 3rd 4th
Caching 2nd
caching servers, and
caching-only name servers 2nd 3rd
calculating ALEs for
Campbell, Aaron
categories related to security
central log server
certificate authorities (CAs) 2nd
certificate-based
certificate-based authentication 2nd
certificates
CGI (Common Gateway Interface)
CGI directories, and
CGI scripts
CGI, and
challenge-response
changing
channel syntax
channellist
channellist, logging option in named.conf file
chart summary
Check Point, stateful packet filtering firewall
CheckHostIP
CheckHostIP, ssh_config parameter
checksums
chkconfig, managing startup services
Chkrootkit
choosing which one to use
chroot filesystems, running services in
chroot jail
chroot jail example
chroot jail, building
chroot jail, running in
Cipher
cipher, defined
Cipher, ssh_config parameter
ciphers
Ciphers, ssh_config parameter
ciphertext, defined
circuit relay
circuit relay proxies versus application gateways
Cisco PIX
Cleartext
Client 2nd
client certificate-based
client certificates [See certificates]
client certificates, and
client programs
client-based authentication
Client-certificate authentication
Client-server
client-server authentication, for
client-server email relays
client-sever authentication, for
clients as email readers
CNAME records
Code Red
Code Red attacks
coexisting with
Cohen, Fred 2nd
combined access
combined access control in Apache
combing with rhosts access
command-line flag support
Commands
commands, long-form versus short form
commands, SSH and
comment
comment, rsync option
commercial and free proxy
Common Gateway Interface [See CGI]
common options used in
common options used in Rule Specifications
compared to Telnet
compile-time options
compiling
compiling and installing
complete documentation
component and associated packages
Compression
Compression, ssh_config parameter
compromised system [See system integrity]
concepts
confidentiality of data, overview
Configuration
configuration guidelines
configuration preparation
configure options
ConfigureMiscPAM.pm, InteractiveBastille module
Configuring
configuring and running
configuring FTP user accounts
configuring to drop or reject packets
connecting a client to an rsync server
connection-oriented applications
converting to map file
cookies and sessions explained
cost estimates for
cost estimates for attacks
Costales, Bryan
CPAN (Comprehensive Perl Archive Network)
CRAM-MD5
creating a database for
creating Certificate Authorities
creating IP aliases
creating new directories for its log files
creating using OpenSSL
cron jobs and authentication
cryptographic
Curl
CyberCop Scanner
Cyrus SASL, obtaining
c_rehash
Daemon
daemon facility, syslog 2nd
daemon mode
daemon, kernel
daemontools
daemontools, and
Dante
data confidentiality
data confidentiality, and
Data integrity
Data transmission
data, overview
database access, security guidelines
database and SMTP gateways
database formats
database formats in Sendmail, determining which formats are supported
DBFILE, Tripwire setting
dbm
dbm database format
DDoS (Distributed Denial of Service)
de Raadt, Theo
Debian
Debian, and
default
default behavior
default behavior in daemon mode
Defense in depth 2nd
defenses against
defenses against attacks
defined
demilitarized zone [See DMZ]
Denial of Service (DoS) 2nd 3rd 4th
denial of service (DoS) attacks 2nd 3rd 4th
DenyAll, ProFTPD setting
Deraison, Renaud
Design
designing
destination drivers
destination ports
detecting
determining which formats are supported
differences between running in client and server mode
Digest authentication
digest authentication, Apache
DIGEST-MD5
Digital
Digital certificates [See certificates]
Digital signatures [See signatures]
digital signatures, and
Реклама