Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE Manual Manual pdf 57 page image
Manuals database logo
manualsdatabase
Your AI-powered manual search engine

Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE Manual

Also see for ENTERPRISE LINUX 4 - DEVELOPER TOOLS GUIDE: Installation guideInstallation guideTuning guideInstallation guideManual

Page 1 previewPage 2 previewPage 3 previewPage 4 previewPage 5 previewPage 6 previewPage 7 previewPage 8 previewPage 9 previewPage 10 previewPage 11 previewPage 12 previewPage 13 previewPage 14 previewPage 15 previewPage 16 previewPage 17 previewPage 18 previewPage 19 previewPage 20 previewPage 21 previewPage 22 previewPage 23 previewPage 24 previewPage 25 previewPage 26 previewPage 27 previewPage 28 previewPage 29 previewPage 30 previewPage 31 previewPage 32 previewPage 33 previewPage 34 previewPage 35 previewPage 36 previewPage 37 previewPage 38 previewPage 39 previewPage 40 previewPage 41 previewPage 42 previewPage 43 previewPage 44 previewPage 45 previewPage 46 previewPage 47 previewPage 48 previewPage 49 previewPage 50 previewPage 51 previewPage 52 previewPage 53 previewPage 54 previewPage 55 previewPage 56 previewPage 57 previewPage 58 previewPage 59 previewPage 60 previewPage 61 previewPage 62 previewPage 63 previewPage 64 previewPage 65 previewPage 66 previewPage 67 previewPage 68 previewPage 69 previewPage 70 previewPage 71 previewPage 72 previewPage 73 previewPage 74 previewPage 75 previewPage 76 previewPage 77 previewPage 78 previewPage 79 previewPage 80 previewPage 81 previewPage 82 previewPage 83 previewPage 84 previewPage 85 previewPage 86 previewPage 87 previewPage 88 previewPage 89 previewPage 90 previewPage 91 previewPage 92 previewPage 93 previewPage 94 previewPage 95 previewPage 96 previewPage 97 previewPage 98 previewPage 99 previewPage 100 previewPage 101 previewPage 102 previewPage 103 previewPage 104 previewPage 105 previewPage 106 previewPage 107 previewPage 108 previewPage 109 previewPage 110 previewPage 111 previewPage 112 previewPage 113 previewPage 114 previewPage 115 previewPage 116 previewPage 117 previewPage 118 previewPage 119 previewPage 120 previewPage 121 previewPage 122 previewPage 123 previewPage 124 previewPage 125 previewPage 126 previewPage 127 previewPage 128 previewPage 129 previewPage 130 previewPage 131 previewPage 132 previewPage 133 previewPage 134 previewPage 135 previewPage 136 preview
Contents
  1. red hat enterprise linux
  2. Table Of Contents
  3. Table Of Contents
  4. Table Of Contents
  5. Table Of Contents
  6. document conventions
  7. I. A General Introduction to Security
  8. Security Overview
  9. Computer Security Timeline
  10. Security Today
  11. Standardizing Security
  12. Technical Controls
  13. Attackers and Vulnerabilities
  14. Threats to Network Security
  15. Unpatched Services
  16. Threats to Workstation and Home PC Security
  17. II. Configuring Red Hat Enterprise Linux for Security
  18. Security Updates
  19. Using the Red Hat Errata Website
  20. Installing Signed Packages
  21. Applying the Changes
  22. Workstation Security
  23. Boot Loader Passwords
  24. Password Security
  25. Creating Strong Passwords
  26. Creating User Passwords Within an Organization
  27. password aging
  28. Administrative Controls
  29. Allowing Root Access
  30. Limiting Root Access
  31. Available Network Services
  32. Risks To Services
  33. Insecure Services
  34. Personal Firewalls
  35. Security Enhanced Communication Tools
  36. Enhancing Security With TCP Wrappers
  37. Enhancing Security With xinetd
  38. Securing Portmap
  39. Securing NIS
  40. Edit the /var/yp/securenets File
  41. Use Kerberos Authentication
  42. Do Not Use the no_root_squash Option
  43. Do Not Remove the IncludesNoExec Directive
  44. Anonymous Access
  45. User Accounts
  46. Limiting a Denial of Service Attack
  47. vpns and red hat enterprise linux
  48. IPsec Installation
  49. IPsec Network-to-Network configuration
  50. Netfilter and iptables
  51. Basic Firewall Policies
  52. Saving and Restoring iptables Rules
  53. FORWARD and NAT Rules
  54. DMZs and iptables
  55. iptables and Connection Tracking
  56. Additional Resources
  57. vulnerability assessment
  58. Defining Assessment and Testing
  59. Establishing a Methodology
  60. Nessus
  61. Nikto
  62. IDS Types
  63. Host-based IDS
  64. Other Host-based IDSes
  65. Snort
  66. Creating an Incident Response Plan
  67. The Computer Emergency Response Team (CERT)
  68. Implementing the Incident Response Plan
  69. Collecting an Evidential Image
  70. Restoring and Recovering Resources
  71. V. Appendixes
  72. A. Hardware and Network Protection
  73. A.1.2. Transmission Considerations
  74. A.1.4. Network Segmentation and DMZs
  75. B. Common Exploits and Attacks
  76. C. Common Ports
  77. D. Revision History
  78. Index
Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE Manual Manual pdf 57 page image
Use Kerberos Authentication45iptables -A INPUT -p ALL -s! 192.168.0.0/24 --dport 834 -j DROP iptables -A INPUT -p ALL -s!192.168.0.0/24 --dport 835 -j DROPNote>Refer to Chapter 7, Firewalls for more information about implementing firewalls withIPTables commands.5.3.5. Use Kerberos AuthenticationOne of the most glaring flaws inherent when NIS is used for authentication is that whenever a userlogs into a machine, a password hash from the /etc/shadow map is sent over the network. If anintruder gains access to an NIS domain and sniffs network traffic, usernames and password hashescan be quietly collected. With enough time, a password cracking program can guess weak passwords,and an attacker can gain access to a valid account on the network.Since Kerberos uses secret-key cryptography, no password hashes are ever sent over the network,making the system far more secure. For more about Kerberos, refer to the chapter titled Kerberos inthe Reference Guide.5.4. Securing NFSThe Network File System, or NFS, is service that provides network accessible file systems for clientmachines. For more information on how NFS works, refer to the chapter titled Network File System(NFS) in the Reference Guide. For more information about configuring NFS, refer to the SystemAdministrators Guide. The following subsections assume a basic knowledge of NFS.ImportantThe version of NFS included in Red Hat Enterprise Linux, NFSv4, no longer requiresthe portmap service as outlined in Section 5.2, “Securing Portmap”. NFS traffic nowutilizes TCP in all versions, rather than UDP, and requires it when using NFSv4. NFSv4now includes Kerberos user and group authentication, as part of the RPCSEC_GSS kernelmodule. Information on portmap is still included, since Red Hat Enterprise Linux supportsNFSv2 and NFSv3 which utilize it.5.4.1. Carefully Plan the NetworkNow that NFSv4 has the ability to pass all information encrypted using Kerberos over a network, it isimportant that the service be configured correctly if it is behind a firewall or on a segmented network.NFSv2 and NFSv3 still pass data insecurely, and concerns should be taken into consideration. Carefulnetwork design in all of these regards can help prevent security breaches.5.4.2. Beware of Syntax ErrorsThe NFS server determines which file systems to export and which hosts to export these directories tovia the /etc/exports file. Be careful not to add extraneous spaces when editing this file.For instance, the following line in the /etc/exports file shares the directory /tmp/nfs/ to the hostbob.example.com with read/write permissions.
/ 136
Related manuals for Red Hat ENTERPRISE LINUX 4 - DEVELOPER TOOLS GUIDE
Red Hat ENTERPRISE LINUX 3 - SECURITY GUIDE Manual first page preview
Red Hat ENTERPRISE LINUX 3 - SECURITY GUIDE Manual
Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE Manual first page preview
Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE Manual
Red Hat ENTERPRISE LINUX 4 - STEP BY STEP GUIDE Manual first page preview
Red Hat ENTERPRISE LINUX 4 - STEP BY STEP GUIDE Manual
Red Hat ENTERPRISE LINUX 4 Manual first page preview
Red Hat ENTERPRISE LINUX 4 Manual
Red Hat ENTERPRISE LINUX 4 Manual first page preview
Red Hat ENTERPRISE LINUX 4 Manual
Red Hat ENTERPRISE LINUX 3 - STEP BY STEP GUIDE Manual first page preview
Red Hat ENTERPRISE LINUX 3 - STEP BY STEP GUIDE Manual
Red Hat ENTERPRISE LINUX 4 - DEVELOPER TOOLS GUIDE Manual first page preview
Red Hat ENTERPRISE LINUX 4 - DEVELOPER TOOLS GUIDE Manual
Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE Manual first page preview
Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE Manual
Red Hat ENTERPRISE LINUX 5.5 - ONLINE STORAGE GUIDE Manual first page preview
Red Hat ENTERPRISE LINUX 5.5 - ONLINE STORAGE GUIDE Manual
Red Hat ENTERPRISE LINUX 4 - USING AS Using Manual first page preview
Red Hat ENTERPRISE LINUX 4 - USING AS Using Manual
This manual is suitable for:
ENTERPRISE LINUX 4 - DEVELOPER TOOLS GUIDE
Manuals database logo
manualsdatabase
Your AI-powered manual search engine