SecurityQuick−StartHOWTOfor,Security

Quick−StartHOWTOforLinux HalBurgiss hal@ v.1.2,2002−07−21 RevisionHistory Revisionv.1.2 2002−07−21 Afewsmalladditions,andfixtheusualbrokenlinks. Revisionv.1.1 2002−02−06 Afewfixes,someadditionsandmanytouch−upsfromtheoriginal. Revisionv.1.0 2001−11−07 InitialRelease. Revisedby:hbRevisedby:hbRevisedby:hb ThisdocumentisaanoverviewofthebasicstepsrequiredtosecureaLinuxinstallationfromintrusion.Itisintendedtobeanintroduction. SecurityQuick−StartHOWTOforLinux TableofContents
1.Introduction.....................................................................................................................................................11.1.Whyme?
...........................................................................................................................................11.2.Copyright..........................................................................................................................................21.3.Credits...............................................................................................................................................21.4.Disclaimer.........................................................................................................................................31.5.NewVersionsandChangelog...........................................................................................................31.6.Feedback...........................................................................................................................................3
2.

Foreword..........................................................................................................................................................52.1.TheOptimumConfiguration............................................................................................................62.2.BeforeWeStart.................................................................................................................................6
3.

Step1:Whichservicesdowereallyneed?
...................................................................................................73.1.SystemAudit.....................................................................................................................................73.2.TheDangerZone(orr00tm3pl34s3)..............................................................................................93.3.pingServices.............................................................................................................................93.3.1.pingInitServices.....................................................................................................103.3.2.d................................................................................................................................113.3.3.d..............................................................................................................................123.3.4.WhenAllElseFails........................................................................................................133.4.Exceptions.......................................................................................................................................143.5.SummaryandConclusionsforStep1.............................................................................................15
4.

Step2:Updating............................................................................................................................................164.1.SummaryandConclusionsforStep2.............................................................................................16
5.

Step3:FirewallsandSettingessPolicies.............................................................................................185.1.Strategy...........................................................................................................................................185.2.PacketFilters−−IpchainsandIptables..........................................................................................185.2.1.ipchains...........................................................................................................................195.2.2.iptables............................................................................................................................225.3.Tcpwrappers(libwrap)....................................................................................................................245.3.1.d..............................................................................................................................265.4.PortSentry.......................................................................................................................................275.5.Proxies............................................................................................................................................285.6.IndividualApplications...................................................................................................................285.7.Verifying.........................................................................................................................................305.8.Logging...........................................................................................................................................315.9.WheretoStart.................................................................................................................................325.10.SummaryandConclusionsforStep3...........................................................................................32
6.

IntrusionDetection.......................................................................................................................................346.1.IntrusionDetectionSystems(IDS).................................................................................................346.2.HaveIBeenHacked?
......................................................................................................................356.3.ReclaimingaCompromisedSystem...............................................................................................36
7.

GeneralTips..................................................................................................................................................38 i SecurityQuick−StartHOWTOforLinux TableofContents
8.Appendix........................................................................................................................................................418.1.Servers,Ports,andPackets.............................................................................................................418.2.CommonPorts................................................................................................................................438.3.NetstatTutorial...............................................................................................................................468.3.1.Overview.........................................................................................................................468.3.2.PortandProcessOwners................................................................................................508.4.AttacksandThreats.........................................................................................................................548.4.1.PortScansandProbes.....................................................................................................548.4.2.Rootkits...........................................................................................................................558.4.3.WormsandZombies.......................................................................................................558.4.4.ScriptKiddies.................................................................................................................568.4.5.SpoofedIPs.....................................................................................................................568.4.6.TargetedAttacks.............................................................................................................568.4.7.DenialofService(DoS)..................................................................................................578.4.8.BruteForce.....................................................................................................................578.4.9.Viruses............................................................................................................................588.5.Links...............................................................................................................................................588.6.EditingTextFiles............................................................................................................................608.7.nmap................................................................................................................................................638.8.SysctlOptions.................................................................................................................................668.9.SecureAlternatives.........................................................................................................................678.10.IpchainsandIptablesRedux.........................................................................................................678.10.1.ipchainsII.....................................................................................................................678.10.2.iptablesII......................................................................................................................718.10.3.Summary.......................................................................................................................758.10.4.iptablesmini−me..........................................................................................................76 ii
1.

本文地址：https://www.apjn.cn/w/27/3799.html

声明：该资讯来自于互联网网友发布，如有侵犯您的权益请联系我们。

标签： #文件转换成 #文件 #文件夹 #驾驶证 #certainly怎么读 #文件 #clothes #crayon