Jump To Close Expand all Collapse all Table of contents Security Guide Introduction Expand section "Introduction" Collapse section "Introduction" 1. More to Come Expand section "1. More to Come" Collapse section "1. More to Come" 1.1. Send in Your Feedback I. A General Introduction to Security Expand section "I. A General Introduction to Security" Collapse section "I. A General Introduction to Security" 1. Security Overview Expand section "1. Security Overview" Collapse section "1. Security Overview" 1.1. What is Computer Security? Expand section "1.1. What is Computer Security?" Collapse section "1.1. What is Computer Security?" 1.1.1. How did Computer Security Come about? 1.1.2. Computer Security Timeline Expand section "1.1.2. Computer Security Timeline" Collapse section "1.1.2. Computer Security Timeline" 1.1.2.1. The 1960s 1.1.2.2. The 1970s 1.1.2.3. The 1980s 1.1.2.4. The 1990s 1.1.3. Security Today 1.1.4. Standardizing Security 1.2. Security Controls Expand section "1.2. Security Controls" Collapse section "1.2. Security Controls" 1.2.1. Physical Controls 1.2.2. Technical Controls 1.2.3. Administrative Controls 1.3. Conclusion 2. Attackers and Vulnerabilities Expand section "2. Attackers and Vulnerabilities" Collapse section "2. Attackers and Vulnerabilities" 2.1. A Quick History of Hackers Expand section "2.1. A Quick History of Hackers" Collapse section "2.1. A Quick History of Hackers" 2.1.1. Shades of Grey 2.2. Threats to Network Security Expand section "2.2. Threats to Network Security" Collapse section "2.2. Threats to Network Security" 2.2.1. Insecure Architectures Expand section "2.2.1. Insecure Architectures" Collapse section "2.2.1. Insecure Architectures" 2.2.1.1. Broadcast Networks 2.2.1.2. Centralized Servers 2.3. Threats to Server Security Expand section "2.3. Threats to Server Security" Collapse section "2.3. Threats to Server Security" 2.3.1. Unused Services and Open Ports 2.3.2. Unpatched Services 2.3.3. Inattentive Administration 2.3.4. Inherently Insecure Services 2.4. Threats to Workstation and Home PC Security Expand section "2.4. Threats to Workstation and Home PC Security" Collapse section "2.4. Threats to Workstation and Home PC Security" 2.4.1. Bad Passwords 2.4.2. Vulnerable Client Applications II. Configuring Red Hat Enterprise Linux for Security Expand section "II. Configuring Red Hat Enterprise Linux for Security" Collapse section "II. Configuring Red Hat Enterprise Linux for Security" 3. Security Updates Expand section "3. Security Updates" Collapse section "3. Security Updates" 3.1. Updating Packages Expand section "3.1. Updating Packages" Collapse section "3.1. Updating Packages" 3.1.1. Using Red Hat Network 3.1.2. Using the Red Hat Errata Website 3.1.3. Verifying Signed Packages 3.1.4. Installing Signed Packages 3.1.5. Applying the Changes 4. Workstation Security Expand section "4. Workstation Security" Collapse section "4. Workstation Security" 4.1. Evaluating Workstation Security 4.2. BIOS and Boot Loader Security Expand section "4.2. BIOS and Boot Loader Security" Collapse section "4.2. BIOS and Boot Loader Security" 4.2.1. BIOS Passwords Expand section "4.2.1. BIOS Passwords" Collapse section "4.2.1. BIOS Passwords" 4.2.1.1. Securing Non-x86 Platforms 4.2.2. Boot Loader Passwords Expand section "4.2.2. Boot Loader Passwords" Collapse section "4.2.2. Boot Loader Passwords" 4.2.2.1. Password Protecting GRUB 4.3. Password Security Expand section "4.3. Password Security" Collapse section "4.3. Password Security" 4.3.1. Creating Strong Passwords Expand section "4.3.1. Creating Strong Passwords" Collapse section "4.3.1. Creating Strong Passwords" 4.3.1.1. Secure Password Creation Methodology 4.3.2. Creating User Passwords Within an Organization Expand section "4.3.2. Creating User Passwords Within an Organization" Collapse section "4.3.2. Creating User Passwords Within an Organization" 4.3.2.1. Forcing Strong Passwords 4.3.2.2. Password Aging 4.4. Administrative Controls Expand section "4.4. Administrative Controls" Collapse section "4.4. Administrative Controls" 4.4.1. Allowing Root Access 4.4.2. Disallowing Root Access 4.4.3. Limiting Root Access Expand section "4.4.3. Limiting Root Access" Collapse section "4.4.3. Limiting Root Access" 4.4.3.1. The su Command 4.4.3.2. The sudo Command 4.5. Available Network Services Expand section "4.5. Available Network Services" Collapse section "4.5. Available Network Services" 4.5.1. Risks To Services 4.5.2. Identifying and Configuring Services 4.5.3. Insecure Services 4.6. Personal Firewalls 4.7. Security Enhanced Communication Tools 5. Server Security Expand section "5. Server Security" Collapse section "5. Server Security" 5.1. Securing Services With TCP Wrappers and xinetd Expand section "5.1. Securing Services With TCP Wrappers and xinetd" Collapse section "5.1. Securing Services With TCP Wrappers and xinetd" 5.1.1. Enhancing Security With TCP Wrappers Expand section "5.1.1. Enhancing Security With TCP Wrappers" Collapse section "5.1.1. Enhancing Security With TCP Wrappers" 5.1.1.1. TCP Wrappers and Connection Banners 5.1.1.2. TCP Wrappers and Attack Warnings 5.1.1.3. TCP Wrappers and Enhanced Logging 5.1.2. Enhancing Security With xinetd Expand section "5.1.2. Enhancing Security With xinetd" Collapse section "5.1.2. Enhancing Security With xinetd" 5.1.2.1. Setting a Trap 5.1.2.2. Controlling Server Resources 5.2. Securing Portmap Expand section "5.2. Securing Portmap" Collapse section "5.2. Securing Portmap" 5.2.1. Protect portmap With TCP Wrappers 5.2.2. Protect portmap With IPTables 5.3. Securing NIS Expand section "5.3. Securing NIS" Collapse section "5.3. Securing NIS" 5.3.1. Carefully Plan the Network 5.3.2. Use a Password-like NIS Domain Name and Hostname 5.3.3. Edit the /var/yp/securenets File 5.3.4. Assign Static Ports and Use IPTables Rules 5.3.5. Use Kerberos Authentication 5.4. Securing NFS Expand section "5.4. Securing NFS" Collapse section "5.4. Securing NFS" 5.4.1. Carefully Plan the Network 5.4.2. Beware of Syntax Errors 5.4.3. Do Not Use the no_root_squash Option 5.5. Securing the Apache HTTP Server Expand section "5.5. Securing the Apache HTTP Server" Collapse section "5.5. Securing the Apache HTTP Server" 5.5.1. FollowSymLinks 5.5.2. The Indexes Directive 5.5.3. The UserDir Directive 5.5.4. Do Not Remove the IncludesNoExec Directive 5.5.5. Restrict Permissions for Executable Directories 5.6. Securing FTP Expand section "5.6. Securing FTP" Collapse section "5.6. Securing FTP" 5.6.1. FTP Greeting Banner 5.6.2. Anonymous Access Expand section "5.6.2. Anonymous Access" Collapse section "5.6.2. Anonymous Access" 5.6.2.1. Anonymous Upload 5.6.3. User Accounts Expand section "5.6.3. User Accounts" Collapse section "5.6.3. User Accounts" 5.6.3.1. Restricting User Accounts 5.6.4. Use TCP Wrappers To Control Access 5.7. Securing Sendmail Expand section "5.7. Securing Sendmail" Collapse section "5.7. Securing Sendmail" 5.7.1. Limiting a Denial of Service Attack 5.7.2. NFS and Sendmail 5.7.3. Mail-only Users 5.8. Verifying Which Ports Are Listening 6. Virtual Private Networks Expand section "6. Virtual Private Networks" Collapse section "6. Virtual Private Networks" 6.1. VPNs and Red Hat Enterprise Linux 6.2. IPsec 6.3. IPsec Installation 6.4. IPsec Host-to-Host Configuration 6.5. IPsec Network-to-Network configuration 7. Firewalls Expand section "7. Firewalls" Collapse section "7. Firewalls" 7.1. Netfilter and iptables Expand section "7.1. Netfilter and iptables" Collapse section "7.1. Netfilter and iptables" 7.1.1. iptables Overview 7.2. Using iptables Expand section "7.2. Using iptables" Collapse section "7.2. Using iptables" 7.2.1. Basic Firewall Policies 7.2.2. Saving and Restoring iptables Rules 7.3. Common iptables Filtering 7.4. FORWARD and NAT Rules Expand section "7.4. FORWARD and NAT Rules" Collapse section "7.4. FORWARD and NAT Rules" 7.4.1. DMZs and iptables 7.5. Viruses and Spoofed IP Addresses 7.6. iptables and Connection Tracking 7.7. ip6tables 7.8. Additional Resources Expand section "7.8. Additional Resources" Collapse section "7.8. Additional Resources" 7.8.1. Installed Documentation 7.8.2. Useful Websites 7.8.3. Related Documentation III. Assessing Your Security Expand section "III. Assessing Your Security" Collapse section "III. Assessing Your Security" 8. Vulnerability Assessment Expand section "8. Vulnerability Assessment" Collapse section "8. Vulnerability Assessment" 8.1. Thinking Like the Enemy 8.2. Defining Assessment and Testing Expand section "8.2. Defining Assessment and Testing" Collapse section "8.2. Defining Assessment and Testing" 8.2.1. Establishing a Methodology 8.3. Evaluating the Tools Expand section "8.3. Evaluating the Tools" Collapse section "8.3. Evaluating the Tools" 8.3.1. Scanning Hosts with Nmap Expand section "8.3.1. Scanning Hosts with Nmap" Collapse section "8.3.1. Scanning Hosts with Nmap" 8.3.1.1. Using Nmap 8.3.2. Nessus 8.3.3. Nikto 8.3.4. VLAD the Scanner 8.3.5. Anticipating Your Future Needs IV. Intrusions and Incident Response Expand section "IV. Intrusions and Incident Response" Collapse section "IV. Intrusions and Incident Response" 9. Intrusion Detection Expand section "9. Intrusion Detection" Collapse section "9. Intrusion Detection" 9.1. Defining Intrusion Detection Systems Expand section "9.1. Defining Intrusion Detection Systems" Collapse section "9.1. Defining Intrusion Detection Systems" 9.1.1. IDS Types 9.2. Host-based IDS Expand section "9.2. Host-based IDS" Collapse section "9.2. Host-based IDS" 9.2.1. Tripwire 9.2.2. RPM as an IDS 9.2.3. Other Host-based IDSes 9.3. Network-based IDS Expand section "9.3. Network-based IDS" Collapse section "9.3. Network-based IDS" 9.3.1. Snort 10. Incident Response Expand section "10. Incident Response" Collapse section "10. Incident Response" 10.1. Defining Incident Response 10.2. Creating an Incident Response Plan Expand section "10.2. Creating an Incident Response Plan" Collapse section "10.2. Creating an Incident Response Plan" 10.2.1. The Computer Emergency Response Team (CERT) 10.2.2. Legal Considerations 10.3. Implementing the Incident Response Plan 10.4. Investigating the Incident Expand section "10.4. Investigating the Incident" Collapse section "10.4. Investigating the Incident" 10.4.1. Collecting an Evidential Image 10.4.2. Gathering Post-Breach Information 10.5. Restoring and Recovering Resources Expand section "10.5. Restoring and Recovering Resources" Collapse section "10.5. Restoring and Recovering Resources" 10.5.1. Reinstalling the System 10.5.2. Patching the System 10.6. Reporting the Incident V. Appendixes Expand section "V. Appendixes" Collapse section "V. Appendixes" A. Hardware and Network Protection Expand section "A. Hardware and Network Protection" Collapse section "A. Hardware and Network Protection" A.1. Secure Network Topologies Expand section "A.1. Secure Network Topologies" Collapse section "A.1. Secure Network Topologies" A.1.1. Physical Topologies Expand section "A.1.1. Physical Topologies" Collapse section "A.1.1. Physical Topologies" A.1.1.1. Ring Topology A.1.1.2. Linear Bus Topology A.1.1.3. Star Topology A.1.2. Transmission Considerations A.1.3. Wireless Networks Expand section "A.1.3. Wireless Networks" Collapse section "A.1.3. Wireless Networks" A.1.3.1. 802.11x Security A.1.4. Network Segmentation and DMZs A.2. Hardware Security B. Common Exploits and Attacks C. Common Ports D. Revision History Index Legal Notice Settings Close Language: English Format: Multi-page Single-page PDF Format: Multi-page Single-page PDF Language and Page Formatting Options Language: English Format: Multi-page Single-page PDF Format: Multi-page Single-page PDF Appendix D. Revision History Revision HistoryRevision 2-9.402Fri Oct 25 2013Rüdiger Landmann Rebuild with Publican 4.0.0 Revision 2-92012-07-18Anthony Towns Rebuild for Publican 3.0 Revision 1-0Wed Sep 17 2008Don Domingo migrated to new automated build system Previous Next