Главная    Ex Libris    Книги    Журналы    Статьи    Серии    Каталог    Wanted    Загрузка    ХудЛит    Справка    Поиск по индексам    Поиск    Форум   

Поиск по указателям

Bauer M.D. — Linux Server Security
Bauer M.D. — Linux Server Security

Обсудите книгу на научном форуме

Нашли опечатку?
Выделите ее мышкой и нажмите Ctrl+Enter

Название: Linux Server Security

Автор: Bauer M.D.


Linux consistently appears high up in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well. This highly regarded book, originally titled Building Secure Servers with Linux, combines practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux — as a hub offering services to an organization or the Internet — and shows readers how to harden their hosts against attacks. An all-inclusive resource for Linux users who wish to harden their systems, Linux Server Security covers general security such as intrusion detection and firewalling a hub, as well as key services such as DNS, the Apache Web server, mail, and secure shell. Author Michael D. Bauer, a security consultant, network architect, and lead author of the popular Paranoid Penguin column in the Linux Journal, carefully outlines the security risks, defines precautions that can minimize those risks, and offers recipes for robust security. He is joined on several chapters by administrator and developer Bill Lubanovic. A number of new security topics have been added for this edition, including:

* Database security, with a focus on MySQL
* Using OpenLDAP for authentication
* An introduction to email encryption
* The Cyrus IMAP service, a popular mail delivery agent
* The vsftpd FTP server

Язык: en

Рубрика: Технология/

Статус предметного указателя: Готов указатель с номерами страниц

ed2k: ed2k stats

Издание: 2-nd

Год издания: 2005

Количество страниц: 542

Добавлена в каталог: 14.06.2007

Операции: Положить на полку | Скопировать ссылку для форума | Скопировать ID
Предметный указатель
.htaccess file      
.htaccess file, in Apache configuration      
.htaccess files      
.htaccess files, preventing users from installing      
.swatchrc file      
/etc/mail/certs directory      
3DES (Triple-DES)      2nd
<Anonymous ~ftp> configuration block, ProFTPD
<applet> configuration block, web security
<embed> configuration block, web security
<object> configuration block, web security
<script> configuration block, web security
A-records (address records)      2nd
Access control      2nd
access control, access control mechanisms      
access control, ACLs in      
access control, TCPwrappers      
access database in Sendmail      2nd 3rd 4th
access restriction      
access restriction, client-certificate authentication      
access restriction, SSH and      
access-control mechanisms      
access.conf file      
accounts, deleting unnecessary      
accounts, restricting access to known users      
AccountSecurity.pm, InteractiveBastille module      
ACID (Analysis Console for Intrusion Databases)      2nd
ACID, up-to-date details on      
ACK scanning      
acl{} sections in named.conf file      
actions allowed in access database (Sendmail)      
actions, syslog      
actions, syslog, chart summary      
Active queue (Postfix)      
active-mode FTP      
address records (A-records)      2nd
Advanced Intrusion Detection Environment (AIDE)      
ALEs (Annualized Loss Expectancies)      
Aliases      2nd
aliases, converting to map file      
aliases, creating IP aliases      
aliases, mailing lists      2nd
Allman, Eric      
allow-query, BIND global option      
allow-recursion, BIND global option      
allow-transfer, BIND global option      
AllowRetrieveRestart, ProFTPD setting      
AllowTcpForwarding, sshd_config parameter      
Amoroso, Ed      
Analysis Console for Intrusion Databases      [See ACID]
Annualized Loss Expectancies (ALEs)      
anomaly detection systems      2nd
Anonymous ftp      2nd
Anonymous FTP Abuses      
Anonymous FTP Configuration Guidelines      
anonymous FTP, chroot jail, building      
anonymous FTP, configuring FTP user accounts      
anonymous FTP, ProFTPD      
anonymous FTP, proftpd.conf settings      
anonymous FTP, proftpd.conf settings, <Anonymous ~ftp> configuration block, ProFTPD
anonymous FTP, proftpd.conf settings, <Directory> configuration block, ProFTPD
anonymous FTP, proftpd.conf settings, <Limit LOGIN> configuration block, ProFTPD
anonymous FTP, proftpd.conf settings, <Limit READ DIRS CWD> configuration block, ProFTPD
anonymous FTP, proftpd.conf settings, <Limit STOR> configuration block, ProFTPD
anonymous FTP, proftpd.conf settings, <Limit WRITE> configuration block, ProFTPD
anonymous FTP, proftpd.conf settings, <VirtualHost> configuration block, ProFTPD
anonymous FTP, proftpd.conf settings, AllowFilter directive      
anonymous FTP, proftpd.conf settings, DisplayLogin directive      
anonymous FTP, proftpd.conf settings, ExtendedLog directive      
anonymous FTP, proftpd.conf settings, MaxClients      
anonymous FTP, proftpd.conf settings, User, Group directives      
anonymous FTP, proftpd.conf settings, UserAlias directive      
anonymous FTP, securing      
anonymous FTP, setting up secure site      
anonymous FTP, setup      
anonymous uploads using rsync      
anonymous_enable (vsftpd.conf)      
anon_max_rate (vsftpd.conf)      
anon_mkdir_write_enable (vsftpd.conf)      
anon_other_write_enable (vsftpd.conf)      
anon_root (vsftpd.conf)      
anon_upload_enable (vsftpd.conf)      
anon_world_readable_only (vsftpd.conf)      
anti-spoofing      [See spoofing]
Apache modules      
Apache modules, mod_backhand      
Apache modules, mod_bandwidth      
Apache modules, mod_choke      
Apache modules, mod_dav      
Apache modules, mod_perl      
Apache modules, mod_php      
Apache modules, mod_pubcookie      
Apache modules, mod_security      
Apache, .htaccess files      
Apache, combined access      
Apache, configuration files      
Apache, configuration options      
Apache, configuring      
Apache, dynamically linked versions of      
Apache, environment variable      
Apache, file hierarchy, securing      
Apache, file locations      
Apache, firewall, setting up      
Apache, host-based      
Apache, installation defaults      
Apache, linking      
Apache, log directories      
Apache, resource limits      
Apache, resource options      
Apache, RPM      
Apache, running an older version of      
Apache, static content and      
Apache, statically linked versions of      
Apache, user directories      
Apache, version checking      
Apache.pm, InteractiveBastille module      
application gateways      
application gateways, versus circuit relay proxies      
application-layer proxies      [See application gateways]
apt-get      2nd 3rd
arachNIDS, arachNIDS attack signature database      
arachNIDS, project site      
ascii_download_enable (vsftpd.conf)      
ascii_upload_enable (vsftpd.conf)      
Asmann, Claus      
asset devaluation      
assigning new ports      
attackers, detecting      
Attacks      2nd 3rd
attacks, buffer-overflow      2nd
attacks, cache poisoning      2nd 3rd
attacks, Code Red      
attacks, cost estimates for      
attacks, defenses against      
attacks, Denial of Service (DoS)      2nd 3rd 4th
attacks, Distributed Denial of Service (DDoS)      
attacks, hijacked      
attacks, IP spoofing      [See spoofing]
attacks, message forgery      
attacks, mitigation of      
attacks, Nimda      
attacks, PORT Theft      
attacks, spoofing      2nd 3rd
audit-based IDS      
auth facility, syslog      
auth users, rsync option      
auth-priv facility, syslog      
Authentication      2nd
authentication, basic      
authentication, certificate-based      2nd [See also CAs]
authentication, certificate-based, Stunnel and      
authentication, combining with rhosts access      
authentication, mechanisms      
authentication, peer-to-peer model for      
authentication, rhosts and shosts      
authentication, safer      
authentication, SSH and      
authentication, username/password      
authorized_keys file      2nd 3rd
automated hardening      
axfr-get, djbdns service      2nd 3rd 4th
axfrdns, djbdns service      2nd
axfrdns, djbdns service, running      
backups, database      
back_log server variable (MySQL)      
Baker, Andrew      
bare-metal recovery      2nd
Basic Security Profile      
Bastille Linux      2nd 3rd
Bastille Linux, download site      
Bastille Linux, logs      
Bastille Linux, modules      
bastion hosts      2nd 3rd 4th 5th
bastion hosts, defined      
bastion hosts, documenting configurations      
Beale, Jay      2nd 3rd
Berners-Lee, Tim      
Bernstein, Daniel J.      2nd 3rd 4th 5th 6th
BIND, getting and installing      
BIND, global options      
BIND, installing in a nonstandard directory tree      
BIND, logging categories related to security      
BIND, migrating from      
BIND, preparing to run      
BIND, resources      2nd
BIND, security advisories      
BIND, version differences      
BIND, versus djbdns      
BIND, weaknesses      
Block ciphers      2nd
block ciphers, defined      
Blowfish      2nd
bo (Snort preprocessor plug-in)      
BootSecurity.pm, InteractiveBastille module      
Borland's InterBase      
Brauer, Henning      
btree, database format      
buffer-overflow attacks      2nd
CA-signed certificates      
cache poisoning      2nd 3rd 4th
cache poisoning, best defense against      
Caching      2nd
caching, caching-only nameservers      2nd 3rd
Campin, Nate      
Card, Remy      
Carmichael, Martin R.      
Carnegie Mellon University (CERT Coordination Center)      
CAs (Certificate Authorities)      2nd
CAs, how to become small-time CA      
CAs, transactions      
CAs, what they do      
Caswell, Brian      
central log server      
Central Loghost Mini-HOWTO      
cert scheme      2nd
certificate authorities      [See CAs]
certificate-based authentication      2nd 3rd
certificate-based authentication, specifying where to keep certificates      
certificates, CA-signed      
certificates, client      
certificates, how SSL clients, servers, and CAs use certificates      
certificates, passphrase-free, danger of      
certificates, public      
certificates, self-signed      
certificates, Stunnel client systems      
certificates, X.509      2nd
CERT_DIR (sendmail.mc directive)      
CGI (Common Gateway Interface)      
CGI, built-in programs      
CGI, FastCGI      
CGI, languages      
CGI, runaway programs      
CGI, standalone programs      
chain_hostnames, syslog-ng global option      
challenge-response, mechanisms      
channellist, logging option in named.conf file      
Check Point, stateful packet filtering firewall      
chkconfig, managing startup services      
chkrootkit shell script      2nd
chroot filesystems, running services in      
chroot jail      2nd 3rd
chroot jail, BIND v8      
chroot jail, BIND v9      
chroot jail, chroot jail, building      
chroot jail, Sendmail and      
chroot jail, subversion      
cipher, defined      
ciphertext, defined      
circuit relay proxies versus application gateways      
Cisco PIX      
cleartext, administration tools      
cleartext, defined      
cmds_allowed (vsftpd.conf)      
CNAME records      
COAST project web site      
Code Red attacks      
Cohen, Fred      2nd
combined access control      
comment, rsync option      
Common Gateway Interface      [See CGI]
compromised system      [See system integrity]
confCACERT (sendmail.mc directive)      
confCACERT_PATH (sendmail.mc directive)      
confCLIENT_CERT (sendmail.mc directive)      
confCLIENT_KEY (sendmail.mc directive)      
confDEF_AUTH_INFO definition      
confDEF_USER_ID definition (sendmail.mc)      
confidentiality of data, overview      
ConfigureMiscPAM.pm, InteractiveBastille module      
confPRIVACY_FLAGS definition (sendmail.mc)      
confSAFE_FILE_ENV definition (sendmail.mc)      
confSERVER_CERT (sendmail.mc directive)      
confSERVER_KEY (sendmail.mc directive)      
confSMTP_LOGIN_MSG variable (sendmail.mc)      
confUNSAFE_GROUP_WRITES definition (sendmail.mc)      
connection-oriented applications      
connect_from_port_20 (vsftpd.conf)      
cookies and sessions explained      
core.schema file (LDAP)      
cosine.schema (LDAP)      
cost estimates for attacks      
Costales, Bryan      
Courier IMAP      
Courier IMAP, home page      
CPAN (Comprehensive Perl Archive Network)      
CRC-32 hashes, caution
1 2 3 4 5 6 7
       © Электронная библиотека попечительского совета мехмата МГУ, 2004-2024
Электронная библиотека мехмата МГУ | Valid HTML 4.01! | Valid CSS! О проекте