Index


Symbols

802.11x, Wireless Networks
and security, Wireless Networks

B

basic input output system (see BIOS)
BIOS
non-x86 equivalents
passwords, Securing Non-x86 Platforms
security, BIOS and Boot Loader Security
passwords, BIOS Passwords
black hat hacker (see crackers)
boot loaders
GRUB
password protecting, Password Protecting GRUB
security, Boot Loader Passwords

D

dd
collecting evidence with, Collecting an Evidential Image
file auditing using, Gathering Post-Breach Information
Demilitarized Zone, DMZs and iptables
Denial of Service (DoS)
distributed, Security Today
DMZ (see Demilitarized Zone) (see networks)

E

EFI Shell
security
passwords, Securing Non-x86 Platforms

F

file
file auditing using, Gathering Post-Breach Information
file auditing
tools, Gathering Post-Breach Information
find
file auditing using, Gathering Post-Breach Information
firewall types, Firewalls
network address translation (NAT), Firewalls
packet filter, Firewalls
proxy, Firewalls
firewalls, Firewalls
additional resources, Additional Resources
and connection tracking, iptables and Connection Tracking
and viruses, Viruses and Spoofed IP Addresses
personal, Personal Firewalls
policies, Basic Firewall Policies
stateful, iptables and Connection Tracking
types, Firewalls
Firewalls
iptables, Netfilter and iptables
FTP
anonymous access, Anonymous Access
anonymous upload, Anonymous Upload
greeting banner, FTP Greeting Banner
introducing, Securing FTP
TCP wrappers and, Use TCP Wrappers To Control Access
user accounts, User Accounts
vsftpd, Securing FTP

G

grep
file auditing using, Gathering Post-Breach Information
grey hat hacker (see hackers)

H

hacker ethic, A Quick History of Hackers
hackers
black hat (see cracker)
definition, A Quick History of Hackers
grey hat, Shades of Grey
white hat, Shades of Grey
hardware, Hardware and Network Protection
and security, Hardware Security
laptops, Hardware Security
servers, Hardware Security
workstations, Hardware Security

I

IDS (see intrusion detection systems)
incident response
and legal issues, Legal Considerations
collecting evidence
using dd, Collecting an Evidential Image
computer emergency response team (CERT), The Computer Emergency Response Team (CERT)
creating a plan, Creating an Incident Response Plan
definition of, Defining Incident Response
gathering post-breach information, Gathering Post-Breach Information
implementation, Implementing the Incident Response Plan
introducing, Incident Response
investigation, Investigating the Incident
post-mortem, Investigating the Incident
reporting the incident, Reporting the Incident
restoring and recovering resources, Restoring and Recovering Resources
incident response plan, Creating an Incident Response Plan
insecure services, Insecure Services
rsh, Insecure Services
Telnet, Insecure Services
vsftpd, Insecure Services
introduction, Introduction
categories, using this manual, Introduction
other Red Hat Enterprise Linux manuals, Introduction
topics, Introduction
intrusion detection systems, Intrusion Detection
and log files, Host-based IDS
defining, Defining Intrusion Detection Systems
host-based, Host-based IDS
network-based, Network-based IDS
Snort, Snort
RPM Package Manager (RPM), RPM as an IDS
Tripwire, Tripwire
types, IDS Types
ip6tables, ip6tables
IPsec, IPsec
configuration, IPsec Network-to-Network configuration
host-to-host, IPsec Host-to-Host Configuration
host-to-host, IPsec Host-to-Host Configuration
installing, IPsec Installation
network-to-network, IPsec Network-to-Network configuration
phases, IPsec
iptables, Netfilter and iptables
additional resources, Additional Resources
and DMZs, DMZs and iptables
and viruses, Viruses and Spoofed IP Addresses
chains, Using iptables
FORWARD, FORWARD and NAT Rules
INPUT, Common iptables Filtering
OUTPUT, Common iptables Filtering
POSTROUTING, FORWARD and NAT Rules
PREROUTING, FORWARD and NAT Rules, DMZs and iptables
connection tracking, iptables and Connection Tracking
states, iptables and Connection Tracking
policies, Basic Firewall Policies
rules, Saving and Restoring iptables Rules
common, Common iptables Filtering
forwarding, FORWARD and NAT Rules
NAT, FORWARD and NAT Rules, DMZs and iptables
restoring, Saving and Restoring iptables Rules
saving, Saving and Restoring iptables Rules
stateful inspection, iptables and Connection Tracking
states, iptables and Connection Tracking
using, Using iptables

M

md5sum
file auditing using, Gathering Post-Breach Information

N

NAT (see Network Address Translation)
Nessus, Nessus
Netfilter, Netfilter and iptables
additional resources, Additional Resources
Netfilter 6, ip6tables
netstat, Verifying Which Ports Are Listening
Network Address Translation, FORWARD and NAT Rules
with iptables, FORWARD and NAT Rules
network services, Available Network Services
buffer overflow
ExecShield, Risks To Services
identifying and configuring, Identifying and Configuring Services
risks, Risks To Services
buffer overflow, Risks To Services
denial-of-service, Risks To Services
script vulnerability, Risks To Services
network topologies, Secure Network Topologies
linear bus, Physical Topologies
ring, Physical Topologies
star, Physical Topologies
networks, Hardware and Network Protection
and security, Secure Network Topologies
de-militarized zones (DMZs), Network Segmentation and DMZs
hubs, Transmission Considerations
segmentation, Network Segmentation and DMZs
switches, Transmission Considerations
wireless, Wireless Networks
NFS, Securing NFS
and Sendmail, NFS and Sendmail
network design, Carefully Plan the Network
syntax errors, Beware of Syntax Errors
Nikto, Nikto
NIS
introducing, Securing NIS
IPTables, Assign Static Ports and Use IPTables Rules
Kerberos, Use Kerberos Authentication
NIS domain name, Use a Password-like NIS Domain Name and Hostname
planning network, Carefully Plan the Network
securenets, Edit the /var/yp/securenets File
static ports, Assign Static Ports and Use IPTables Rules
nmap, Verifying Which Ports Are Listening
Nmap, Scanning Hosts with Nmap
command line version, Using Nmap

R

reporting the incident, Reporting the Incident
restoring and recovering resources, Restoring and Recovering Resources
patching the system, Patching the System
reinstalling the system, Reinstalling the System
risks
insecure services, Inherently Insecure Services
networks, Threats to Network Security
architectures, Insecure Architectures
open ports, Unused Services and Open Ports
patches and errata, Unpatched Services
servers, Threats to Server Security
inattentive administration, Inattentive Administration
workstations and PCs, Threats to Workstation and Home PC Security, Bad Passwords
applications, Vulnerable Client Applications
root, Allowing Root Access
allowing access, Allowing Root Access
disallowing access, Disallowing Root Access
limiting access, Limiting Root Access
and su, The su Command
and sudo, The sudo Command
with User Manager, The su Command
methods of disabling, Disallowing Root Access
changing the root shell, Disallowing Root Access
disabling access via tty, Disallowing Root Access
disabling SSH logins, Disallowing Root Access
with PAM, Disallowing Root Access
root user (see root)
RPM
and intrusion detection, RPM as an IDS
importing GPG key, Using the Red Hat Errata Website
verifying signed packages, Verifying Signed Packages, Installing Signed Packages

S

security considerations
hardware, Hardware and Network Protection
network transmission, Transmission Considerations
physical networks, Hardware and Network Protection
wireless, Wireless Networks
security errata, Security Updates
applying changes, Applying the Changes
via Red Hat errata website, Using the Red Hat Errata Website
via Red Hat Network, Using Red Hat Network
when to reboot, Applying the Changes
security overview, Security Overview
conclusion, Conclusion
controls (see controls)
defining computer security, What is Computer Security?
Denial of Service (DoS), Security Today
evolution of computer security, How did Computer Security Come about?
viruses, Security Today
sendmail, Identifying and Configuring Services
Sendmail
and NFS, NFS and Sendmail
introducing, Securing Sendmail
limiting DoS, Limiting a Denial of Service Attack
server security
Apache HTTP Server, Securing the Apache HTTP Server
cgi security, Restrict Permissions for Executable Directories
directives, Securing the Apache HTTP Server
FTP, Securing FTP
anonymous access, Anonymous Access
anonymous upload, Anonymous Upload
greeting banner, FTP Greeting Banner
TCP wrappers and, Use TCP Wrappers To Control Access
user accounts, User Accounts
vsftpd, Securing FTP
NFS, Securing NFS
network design, Carefully Plan the Network
syntax errors, Beware of Syntax Errors
NIS, Securing NIS
IPTables, Assign Static Ports and Use IPTables Rules
Kerberos, Use Kerberos Authentication
NIS domain name, Use a Password-like NIS Domain Name and Hostname
planning network, Carefully Plan the Network
securenets, Edit the /var/yp/securenets File
static ports, Assign Static Ports and Use IPTables Rules
overview of, Server Security
portmap, Securing Portmap
ports
monitoring, Verifying Which Ports Are Listening
Sendmail, Securing Sendmail
and NFS, NFS and Sendmail
limiting DoS, Limiting a Denial of Service Attack
TCP wrappers, Enhancing Security With TCP Wrappers
attack warnings, TCP Wrappers and Attack Warnings
banners, TCP Wrappers and Connection Banners
logging, TCP Wrappers and Enhanced Logging
xinetd, Enhancing Security With xinetd
managing resources with, Controlling Server Resources
preventing DoS with, Controlling Server Resources
SENSOR trap, Setting a Trap
services, Verifying Which Ports Are Listening
Services Configuration Tool, Identifying and Configuring Services
Snort, Snort
sshd, Identifying and Configuring Services
stat
file auditing using, Gathering Post-Breach Information
strings
file auditing using, Gathering Post-Breach Information
su
and root, The su Command
sudo
and root, The sudo Command

U

updates (see security errata)

V

Virtual Private Networks, Virtual Private Networks
IPsec, IPsec
configuration, IPsec Network-to-Network configuration
host-to-host, IPsec Host-to-Host Configuration
installing, IPsec Installation
viruses
trojans, Security Today
VLAD the Scanner, VLAD the Scanner
VPN, Virtual Private Networks
vulnerabilities
assessing with Nessus, Nessus
assessing with Nikto, Nikto
assessing with Nmap, Scanning Hosts with Nmap
assessing with VLAD the Scanner, VLAD the Scanner
assessment, Vulnerability Assessment
defining, Defining Assessment and Testing
establishing a methodology, Establishing a Methodology
testing, Defining Assessment and Testing

W

white hat hacker (see hackers)
Wi-Fi networks (see 802.11x)
wireless security, Wireless Networks
802.11x, Wireless Networks
workstation security, Workstation Security
BIOS, BIOS and Boot Loader Security
boot loaders
passwords, Boot Loader Passwords
evaluating
administrative control, Evaluating Workstation Security
BIOS, Evaluating Workstation Security
boot loaders, Evaluating Workstation Security
communications, Evaluating Workstation Security
passwords, Evaluating Workstation Security
personal firewalls, Evaluating Workstation Security
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.