Document History
The Introduction has become too big, so I have split it into pieces.
Feedback
If you think I've missed something, something is unclear or simply wrong, please email [email protected].
| The
Basics Last update: 2007Jan15 |
Shutting down network daemons which are not required; securing X-windows; patching your system; using secure services (SSH, etc). |
| Securing Network Services Last update: 2007Jan09 |
wrapping services with inetd/xinetd; chrooting services; chrooting users; application-level proxies; Apache's modsecurity. |
| Miscellaneous Tools Last update: 2007Jan12 |
filesystem attributes (chattr, etc); |
| Packet Filters, Firewalls and ACLs Last update: 2007Jan29 |
packet filters and firewalls; graphical and other firewall frontends; pinprick firewalls; practical steps to developing and testing a firewall on a production machine; router ACLs. |
| Scanners | what's listening on your machine? — nmap; vulnerability detection — Nessus; periodic scans and nmapsql. |
Your Best Friends (lsof only so far| tcpdump, netstat, ntop, ngrep, lsof... |
|
| Some Extended Examples | hardening a Solaris installation; hardening a Linux installation; finding an intruders backdoor. |
| Logging, Host-Based Intrusion Detection and Rootkits | system logs; securing logs; log-monitoring utilites; central log-servers — syslog-ng; file change monitoring; Cheesewire; chkrootkit, rkhunter... |
| Network-Based Intrusion Detection Systems and Dynamic Firewalls | Portsentry and PSAD; Snort and SnortSAM; Netfilter/IPTables PSD Patch. |
| Kernel Patches | Security-related Linux kernel patches, including SE Linux, LIDS, GRSecurity, PaX... are discussed here. |
About this document:
Produced from the SGML: /home/isd/public_html/_unix_security/_reml_grp/unix_security_intro.reml
On: 29/1/2007 at 11:15:51
Options: reml2 -i noindex -l long -o html -p singleframe