Hatch B., Lee J., Kurtz G. — Hacking linux exposed: linux security secrets & solutions :: Электронная библиотека попечительского совета мехмата МГУ

Главная Ex Libris Книги Журналы Статьи Серии Каталог Wanted Загрузка ХудЛит Справка Поиск по индексам Поиск Форум

Авторизация

Поиск по указателям

Hatch B., Lee J., Kurtz G. — Hacking linux exposed: linux security secrets & solutions

Обсудите книгу на научном форуме

Нашли опечатку?
Выделите ее мышкой и нажмите Ctrl+Enter

Название: Hacking linux exposed: linux security secrets & solutions

Авторы: Hatch B., Lee J., Kurtz G.

Аннотация:

If you have a vulnerable computer attached to the BIG BAD INTERNET, sooner or later your box will be compromised. Notice I prefer the term compromised to hacked. Hacking is a benign activity. You hack out of curiosity and [hopefully] with prior permission. Can this be done? Can I get into this box? How is he trying to keep me out? What stone has he left unturned? Woops: He has a bulletproof firewall but he left this one vulnerable cgi script in his httpd directory: HA! I'M IN! At that point the correct thing to do is to stop and notify the hackee. But once a hacker gets in, (especially if he is there without permission) the temptation to quietly mess around and cover his guilty tracks is usually overwhelming. Then it has gone from hacking to compromising someone else's box.

Язык:

Рубрика: Технология/

Статус предметного указателя: Готов указатель с номерами страниц

ed2k: ed2k stats

Год издания: 2001

Количество страниц: 566

Добавлена в каталог: 02.12.2005

Операции: Положить на полку | Скопировать ссылку для форума | Скопировать ID

Предметный указатель

RCP servers      109
rctab program      506—507
read access      35
Realtime Blackhole List (RBL)      383
Recoveries      59—66
Red Hat Linux distribution, chkconfig program      504—505
Red Hat Linux distribution, managing rc#.d entries      504—505
Red Hat Linux distribution, Piranha password insecurity      190—191
Red Hat Linux distribution, turning off services      504—505
Red Hat Package Manager (RPM)      492—494
Referer headers      447—448
Reinstalling system      63
Remote access, exploits      250
Remote access, hackers and      61
Remote access, passwordless      323—326
Remote access, r-commands and      323—326
Remote access, sniffers and      193 194
Remote Procedure Call      See "RPC"
Reporter program      294
Resource-exhaustion attacks      475—476
Resources      509—512
Retaliation attacks      65—66
RETR command      409
RETR entries      414
Reverse attacks      65—66
Reverse DNS entries      469—471
Reverse identd scanning      97 100
reverse lookups      86—87
RhostsAuthentication variable      328
RhostsRSAAuthentication variable      327
RID      236
RIP (Routing Information Protocol)      219
RIPEMD-160 hash function      56
Rkdet tool      365
rlogin command      323—324
rmmod program      353
Root account, access to      321—323
Root account, creation of      320
Root account, described      4
Root account, hacking      4—5
Root account, hosts.equiv file and      324—325
Root account, inetd file and      332
Root account, log files and      40
Root account, NFS volumes      111
Root account, password for      294
Root account, preventing attacks against      198
Root account, setXid program and      348—349
Root account, weak user accounts and      282
Root shells, adding to inetd.conf file      330—331
Root shells, countermeasures      331 335 337—338
Root shells, creating with Netcat      332—335
Root shells, network accessible      329—338
Root shells, single-user mode and      167
root user      8—9
Root user, binding to ports      21
Root user, boot access and      163—173
Root user, creating additional      249
Root user, killing processes      21
Root user, mail server and      373—374
Root user, privileged ports      21
Root user, privileges and      248—250
Root user, Trojan horses and      139
Root user, viruses and      148
Root user, web servers and      426
Root user, X11 forwarding and      190
rootkits      161 362—365
Rootlevels      168
Rot13 algorithm      286
Route daemon (routed)      220
routers      217—220
Routing      217—218
routing daemons      220
Routing Information Protocol      See "RIP"
routing packets      220
RPC (Remote Procedure Call)      108—110
RPC ports      108
RPC scans      96
RPC services      108—110
rpc.mountd service      200 201
rpc.statd service      200
rpcinfo command      108—109 319
rpm command      264 493—494
rpm utility      143 492—494
RSA algorithm      423
RSA SecurelD token      185
RSAREF library      423—424
rsh clients      21
rsh command      323—324
RST flag      182
Run file      292
Runlevels, boot process and      168
Runlevels, changing between      503
Runlevels, default runlevel      502
Runlevels, described      502
Runlevels, directories for      503
Runlevels, Red Hat Linux      504—505
Runlevels, single-user mode      168
Runlevels, standard definitions      502
Runlevels, SuSE Linux      505—507
rсp command      323—324
S files      503
s/Key authentication      185 199
S/Key OTP system      312
SAINT (Security Administrator's Integrated Network Tool)      118—119
Salt argument      287
Samba package      254
SARA (Security Auditor's Research Assistant)      120
SATAN (Security Administrator Tool for Analyzing Networks)      30 118—119
Scanlogd scan detector      30—31
Scanning for network services      539—540
Scanning from third-party networks/machines      28—29
Scanning, log files      39—40
Scanning, network scanners      24 25 27—32
Scanning, scan detectors      29—32 97 125
Scanning, security scanners      24—29
Scanning, speed of      97
Scanning, system scanners      24—27
Scanning, TCP ports      91—100
Scanning, UDP ports      91—32
Scanning, web servers      528—529
SCP      194
screen savers      160—161
ScriptAlias directive      431
Scripts for screen snapshots      189
Scripts, buffer overflows      146—147 201—202
scripts, CGI      440—442
Scripts, conditional      281—282
Scripts, countermeasures      202
Scripts, default      202
Scripts, exploit scripts      145—146
Scripts, IRC access      152
Scripts, IRC scripts      152—153
scripts, Perl      536—537
Scripts, permissions for      48
scripts, StartUp scripts      48
Scripts, Unix shell access      153
Scripts, vulnerabilities      201—202
Search engines      71
Searches, mailing lists      71—73
Searches, newsgroups      71—73
Searches, online      70—73
secure FTP (sftp)      194 326
Secure Hash Algorithm      56
Secure HTTP connections      422—424
Secure Shell      See "SSH"
Secure Sockets Layer      See "SSL"
SecurelD system      199 312
Security Administrator Tool for Analyzing Networks (SATAN)      30 118—119
Security Administrator's Integrated Network Tool (SAINT)      118—119
Security Auditor's Research Assistant (SARA)      120

Security bugs      420
Security exploits      145
Security Focus web site      440
Security, "through obscurity"      429—430
Security, Apache web server      426
Security, assessing breaches of      62—63
Security, automatic controls for      20—22
Security, detecting break-ins      59—62
Security, disabling local security tools      343
Security, editors and      261—263
Security, email      370—391
Security, fake security fixes/tests      144
Security, FTP      391—114
Security, FTP servers      391 392
Security, getting back online      64—65
Security, handling sensitive information      159
Security, laptop theft      162—163
Security, mail servers      373—391
Security, mailing lists      511
Security, managing users      6—22
Security, memory and      21—22
Security, newsgroups      512
Security, open source software and      5—6
Security, physical security      155—175
Security, precautions      174—175
Security, proactive measures      24—60
Security, purging hackers from system      64—65
Security, recovering from break ins      59—66
Security, scan detectors      29—32
Security, scanners      24—29
Security, surveillance cameras      166 167
Security, system hardening      32—36
Security, traveling and      162—163
sendmail      371—372
Sendmail file      102—103
Sendmail server      374—375
Sendmail, banners      102 375
Sendmail, email relaying and      381—382
Sendmail, encryption and      388
Sendmail, EXPN command      378—379
Sendmail, mail server file permissions      380
Sendmail, probing      529
Sendmail, resource restrictions      384—385
Sendmail, running as non-root      374
Sendmail, security and      414
Sendmail, SMTP banner      375
Sendmail, spam and      381—383
Sendmail, VRFY command      376—377
server certificates      232
Server room, access to      521
Server Side Includes (SSIs)      437
Servers      367—457 See
Servers, AOL server      456
Servers, Apache Web server      See "Apache Web server"
servers, DNS servers      84—86
Servers, email security      370—391
servers, file servers      147
Servers, FTP security      391—414
Servers, FTP servers      See "FTP servers"
servers, mail servers      373—391 414—415
Servers, NFS servers      111—114 270—271
servers, proxy servers      438—439 476 477
Servers, Sendmail server      374—375
Servers, SSH server      228—229
Servers, SuiteSpot server      187
Servers, turning off identd      100
Services, buffer overflows      200—201
Services, DoS attacks      202—204
Services, identifying      206—207
Services, TCP wrappers and      208
services, turning off      207—208 503—508
Services, unneeded      501—508
Session hijacking      220—232
Setgroupid programs      25 252—253 265—271 387
setreuid() call      355 356
setuid() call      355—357 360
Setuserid programs      25 62 252—253 265—271
Setuserid, binaries      270
Setuserid, game attacks      269
Setuserid, mounted filesystems and      269—271
Setuserid, precautions      269
Setuserid, root shells      321—323
setXid bits      25
setXid programs      25 49 348—349
sftp (secure FTP)      194 326
sh (Bourne shell)      8
Shadmrg.sv script      292
shadow passwords      299—303
Shadow passwords, benefits of      310
Shadow passwords, commands      302—303
Shadow passwords, Crack program and      292
Shadow passwords, described      300—301
Shadow passwords, enabling      301—302
Shadow passwords, John the Ripper program and      296
Shadow passwords, password expiration      311—312
Shadow passwords, removing      302
shell accounts      516—517
shell environment      8
Shells, daemon accounts      321
Shells, default      7
Shells, types of      8
showmount command      111—114
Signals, described      20
Signals, HUP signal      21
Signals, to processes      20—21
Signatures, PGP      143—144
Simple Network Management Protocol      See "SNMP"
Simple Watchdog (Swatch)      42—44
single-user mode      62 167—172 362
SINUS firewall      486
Siphon tool      106—107
Slackware packages      498—499
Slocate process      61
Slurpie program      298
smbmnt utility      268
smbmount program      268
Smbprint passwords      254—255
smrsh binary      380
SMTP (Simple Mail Transfer Protocol)      387—389
SMTP AUTH extension      388
SMTP banner      375
SMTP EXPN command      377—379
SMTP port      478
SMTP servers      374—375
SMTP VRFY command      376—377
Smurf attack      235
Sniffer traces      106
Sniffers, accessing network servers      525
Sniffers, capturing passwords      193—194
Sniffers, capturing usernames      193—194
Sniffers, common      194—196
Sniffers, countermeasures      193—194
Sniffers, described      192—193
Sniffers, Dsniff program      196 216 226—229
Sniffers, encryption and      194
Sniffers, Ethereal program      196
Sniffers, Gnusniff program      196
Sniffers, hackers and      194
Sniffers, Hunt program      195 221—226
Sniffers, Karpski program      196
Sniffers, Linux-sniff program      195
Sniffers, network switches      525 526
Sniffers, overview      192—194
Sniffers, passwords      226
Sniffers, resources for      196
Sniffers, session hijacking      220—232
Sniffers, sniffing network traffic      192—196
Sniffers, Sniffit program      196
Sniffers, Snort program      196
Sniffers, switched networks and      193—194

1 2 3 4 5 6 7 8

О проекте