Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE Manual page 132

Index
vsftpd, 47
G
grep
file auditing using, 92
grey hat hacker (see hackers)
H
hacker ethic, 9
hackers
black hat (see cracker)
definition, 9
grey hat, 9
white hat, 9
hardware, 97
and security, 100
laptops, 100
servers, 100
workstations, 100
I
IDS (see intrusion detection systems)
incident response
and legal issues, 90
collecting evidence
using dd, 92
computer emergency response team (CERT),
90
creating a plan, 89
definition of, 89
gathering post-breach information, 92
implementation, 91
introducing, 89
investigation, 91
post-mortem, 91
reporting the incident, 94
restoring and recovering resources, 94
incident response plan, 89
insecure services, 35
rsh, 36
Telnet, 36
vsftpd, 36
introduction, vii
categories, using this manual, vii
other Red Hat Enterprise Linux manuals, vii
topics, vii
intrusion detection systems, 83
and log files, 84
defining, 83
host-based, 84
network-based, 86
120
Snort, 88
RPM Package Manager (RPM), 84
Tripwire, 84
types, 83
ip6tables, 70
IPsec, 53
configuration, 58
host-to-host, 54
host-to-host, 54
installing, 54
network-to-network, 58
phases, 54
iptables, 64
additional resources, 71
and DMZs, 69
and viruses, 69
chains, 65
FORWARD, 67
INPUT, 66
OUTPUT, 66
POSTROUTING, 68
PREROUTING, 68, 69
connection tracking, 70
states, 70
policies, 65
rules, 66
common, 66
forwarding, 67
NAT, 68, 69
restoring, 66
saving, 66
stateful inspection, 70
states, 70
using, 64
K
Kerberos
NIS, 45
L
legal issues, 90
lpd, 34
lsof, 50
M
md5sum
file auditing using, 92
N
NAT (see Network Address Translation)
Nessus, 78