Авторизация
Поиск по указателям
Bauer M.D. — Linux Server Security
Обсудите книгу на научном форуме Нашли опечатку?
Название: Linux Server SecurityАвтор: Bauer M.D. Аннотация: Linux consistently appears high up in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well. This highly regarded book, originally titled Building Secure Servers with Linux, combines practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux — as a hub offering services to an organization or the Internet — and shows readers how to harden their hosts against attacks. An all-inclusive resource for Linux users who wish to harden their systems, Linux Server Security covers general security such as intrusion detection and firewalling a hub, as well as key services such as DNS, the Apache Web server, mail, and secure shell. Author Michael D. Bauer, a security consultant, network architect, and lead author of the popular Paranoid Penguin column in the Linux Journal, carefully outlines the security risks, defines precautions that can minimize those risks, and offers recipes for robust security. He is joined on several chapters by administrator and developer Bill Lubanovic. A number of new security topics have been added for this edition, including:
Язык: Рубрика: Технология /Статус предметного указателя: Готов указатель с номерами страниц ed2k: ed2k stats Издание: 2-ndГод издания: 2005Количество страниц: 542Добавлена в каталог: 14.06.2007Операции: Положить на полку |
Скопировать ссылку для форума | Скопировать ID
Предметный указатель
.htaccess file .htaccess file, in Apache configuration .htaccess files .htaccess files, preventing users from installing .swatchrc file /etc/mail/certs directory 3DES (Triple-DES) 2nd <Anonymous ~ftp> configuration block, ProFTPD <applet> configuration block, web security <embed> configuration block, web security <object> configuration block, web security <script> configuration block, web security A-records (address records) 2nd Access control 2nd access control, access control mechanisms access control, ACLs in access control, TCPwrappers access database in Sendmail 2nd 3rd 4th access restriction access restriction, client-certificate authentication access restriction, SSH and access-control mechanisms access.conf file accounts accounts, deleting unnecessary accounts, restricting access to known users AccountSecurity.pm, InteractiveBastille module ACID (Analysis Console for Intrusion Databases) 2nd ACID, up-to-date details on ACK scanning acl{} sections in named.conf file actions allowed in access database (Sendmail) actions, syslog actions, syslog, chart summary Active queue (Postfix) active-mode FTP address records (A-records) 2nd Advanced Intrusion Detection Environment (AIDE) ALEs (Annualized Loss Expectancies) Aliases 2nd aliases, converting to map file aliases, creating IP aliases aliases, mailing lists 2nd Allman, Eric allow-query, BIND global option allow-recursion, BIND global option allow-transfer, BIND global option AllowRetrieveRestart, ProFTPD setting AllowTcpForwarding, sshd_config parameter Amoroso, Ed Analysis Console for Intrusion Databases [See ACID] Annualized Loss Expectancies (ALEs) anomaly detection systems 2nd Anonymous ftp 2nd Anonymous FTP Abuses Anonymous FTP Configuration Guidelines anonymous FTP, chroot jail, building anonymous FTP, configuring FTP user accounts anonymous FTP, ProFTPD anonymous FTP, proftpd.conf settings anonymous FTP, proftpd.conf settings, <Anonymous ~ftp> configuration block, ProFTPD anonymous FTP, proftpd.conf settings, <Directory> configuration block, ProFTPD anonymous FTP, proftpd.conf settings, <Limit LOGIN> configuration block, ProFTPD anonymous FTP, proftpd.conf settings, <Limit READ DIRS CWD> configuration block, ProFTPD anonymous FTP, proftpd.conf settings, <Limit STOR> configuration block, ProFTPD anonymous FTP, proftpd.conf settings, <Limit WRITE> configuration block, ProFTPD anonymous FTP, proftpd.conf settings, <VirtualHost> configuration block, ProFTPD anonymous FTP, proftpd.conf settings, AllowFilter directive anonymous FTP, proftpd.conf settings, DisplayLogin directive anonymous FTP, proftpd.conf settings, ExtendedLog directive anonymous FTP, proftpd.conf settings, MaxClients anonymous FTP, proftpd.conf settings, User, Group directives anonymous FTP, proftpd.conf settings, UserAlias directive anonymous FTP, securing anonymous FTP, setting up secure site anonymous FTP, setup anonymous uploads using rsync anonymous_enable (vsftpd.conf) anon_max_rate (vsftpd.conf) anon_mkdir_write_enable (vsftpd.conf) anon_other_write_enable (vsftpd.conf) anon_root (vsftpd.conf) anon_upload_enable (vsftpd.conf) anon_world_readable_only (vsftpd.conf) anti-spoofing [See spoofing] Apache Apache modules Apache modules, mod_backhand Apache modules, mod_bandwidth Apache modules, mod_choke Apache modules, mod_dav Apache modules, mod_perl Apache modules, mod_php Apache modules, mod_pubcookie Apache modules, mod_security Apache, .htaccess files Apache, combined access Apache, configuration files Apache, configuration options Apache, configuring Apache, dynamically linked versions of Apache, environment variable Apache, file hierarchy, securing Apache, file locations Apache, firewall, setting up Apache, host-based Apache, installation defaults Apache, linking Apache, log directories Apache, resource limits Apache, resource options Apache, RPM Apache, running an older version of Apache, static content and Apache, statically linked versions of Apache, user directories Apache, version checking Apache.pm, InteractiveBastille module application gateways application gateways, versus circuit relay proxies application-layer proxies [See application gateways] apt-get 2nd 3rd arachNIDS arachNIDS, arachNIDS attack signature database arachNIDS, project site ascii_download_enable (vsftpd.conf) ascii_upload_enable (vsftpd.conf) Asmann, Claus asset devaluation assigning new ports attackers, detecting Attacks 2nd 3rd attacks, buffer-overflow 2nd attacks, cache poisoning 2nd 3rd attacks, Code Red attacks, cost estimates for attacks, defenses against attacks, Denial of Service (DoS) 2nd 3rd 4th attacks, Distributed Denial of Service (DDoS) attacks, hijacked attacks, IP spoofing [See spoofing] attacks, message forgery attacks, mitigation of attacks, Nimda attacks, PORT Theft attacks, spoofing 2nd 3rd audit-based IDS auth facility, syslog auth users, rsync option auth-priv facility, syslog Authentication 2nd authentication, basic authentication, certificate-based 2nd [See also CAs] authentication, certificate-based, Stunnel and authentication, combining with rhosts access authentication, mechanisms authentication, peer-to-peer model for authentication, rhosts and shosts authentication, safer authentication, SSH and authentication, username/password Authorization authorized_keys file 2nd 3rd automated hardening axfr-get, djbdns service 2nd 3rd 4th axfrdns, djbdns service 2nd axfrdns, djbdns service, running backups, database back_log server variable (MySQL) Baker, Andrew bare-metal recovery 2nd Barnyard Basic Security Profile Bastille Linux 2nd 3rd Bastille Linux, download site Bastille Linux, logs Bastille Linux, modules bastion hosts 2nd 3rd 4th 5th bastion hosts, defined bastion hosts, documenting configurations Beale, Jay 2nd 3rd Berners-Lee, Tim Bernstein, Daniel J. 2nd 3rd 4th 5th 6th bind BIND, getting and installing BIND, global options BIND, installing in a nonstandard directory tree BIND, logging categories related to security BIND, migrating from BIND, preparing to run BIND, resources 2nd BIND, security advisories BIND, version differences BIND, versus djbdns BIND, weaknesses Block ciphers 2nd block ciphers, defined Blowfish 2nd bo (Snort preprocessor plug-in) BootSecurity.pm, InteractiveBastille module Borland's InterBase Brauer, Henning btree, database format buffer-overflow attacks 2nd BUGTRAQ CA-signed certificates cache poisoning 2nd 3rd 4th cache poisoning, best defense against Caching 2nd caching, caching-only nameservers 2nd 3rd Campin, Nate Card, Remy Carmichael, Martin R. Carnegie Mellon University (CERT Coordination Center) CAs (Certificate Authorities) 2nd CAs, how to become small-time CA CAs, transactions CAs, what they do Caswell, Brian central log server Central Loghost Mini-HOWTO cert scheme 2nd certificate authorities [See CAs] certificate-based authentication 2nd 3rd certificate-based authentication, specifying where to keep certificates certificates certificates, CA-signed certificates, client certificates, how SSL clients, servers, and CAs use certificates certificates, passphrase-free, danger of certificates, public certificates, self-signed certificates, Stunnel client systems certificates, X.509 2nd CERT_DIR (sendmail.mc directive) CGI (Common Gateway Interface) CGI, built-in programs CGI, FastCGI CGI, languages CGI, runaway programs CGI, standalone programs Cgiwrap chain_hostnames, syslog-ng global option challenge-response challenge-response, mechanisms channellist, logging option in named.conf file Check Point, stateful packet filtering firewall checksums chkconfig chkconfig, managing startup services chkrootkit shell script 2nd chroot filesystems, running services in chroot jail 2nd 3rd chroot jail, BIND v8 chroot jail, BIND v9 chroot jail, chroot jail, building chroot jail, Sendmail and chroot jail, subversion cipher, defined ciphertext, defined circuit relay proxies versus application gateways Cisco PIX Cleartext cleartext, administration tools cleartext, defined cmds_allowed (vsftpd.conf) CNAME records COAST project web site Code Red attacks Cohen, Fred 2nd combined access control comment, rsync option Common Gateway Interface [See CGI] compromised system [See system integrity] confCACERT (sendmail.mc directive) confCACERT_PATH (sendmail.mc directive) confCLIENT_CERT (sendmail.mc directive) confCLIENT_KEY (sendmail.mc directive) confDEF_AUTH_INFO definition confDEF_USER_ID definition (sendmail.mc) confidentiality of data, overview ConfigureMiscPAM.pm, InteractiveBastille module confPRIVACY_FLAGS definition (sendmail.mc) confSAFE_FILE_ENV definition (sendmail.mc) confSERVER_CERT (sendmail.mc directive) confSERVER_KEY (sendmail.mc directive) confSMTP_LOGIN_MSG variable (sendmail.mc) confUNSAFE_GROUP_WRITES definition (sendmail.mc) connection-oriented applications connect_from_port_20 (vsftpd.conf) cookies and sessions explained core.schema file (LDAP) cosine.schema (LDAP) cost estimates for attacks Costales, Bryan Courier IMAP Courier IMAP, home page CPAN (Comprehensive Perl Archive Network) CRAM-MD5 CRC-32 hashes, caution
Реклама
|
|
О проекте