Index A

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X]

absolute directory names 
access control lists (ACLs), creating with PAM 
access_times attribute (xinetd) 
accounting  [See process accounting]
acct RPM 
accton command (for process accounting) 
addpol command (Kerberos) 
administrative privileges, Kerberos user 
administrative system, Kerberos  [See kadmin utility]
agents, SSH  [See also ssh-agent]
    forwarding, disabling for authorized keys 
    terminating on logout 
    using with Pine 
Aide (integrity checker) 
alerts, intrusion detection  [See Snort]
aliases
    for hostnames 
        changing SSH client defaults 
    for users and commands (with sudo) 
ALL keyword 
    user administration of their own machines (not others) 
AllowUsers keyword (sshd) 
Andrew Filesystem kaserver 
ank command (adding new Kerberos principal) 
apache (/etc/init.d startup file) 
append-only directories 
apply keyword (PAM, listfile module) 
asymmetric encryption  2nd  [See also public-key encryption]
attacks
    anti-NIDS attacks 
    buffer overflow
        detection with ngrep 
        indications from system daemon messages 
    dictionary attacks on terminals 
    dsniff, using to simulate 
    inactive accounts still enabled, using 
    man-in-the-middle (MITM)
        risk with self-signed certificates 
        services deployed with dummy keys 
    operating system vulnerability to forged connections 
    setuid root program hidden in filesystems 
    on specific protocols 
    system hacked via the network 
    vulnerability to, factors in 
attributes (file), preserving in remote file copying 
authconfig utility 
    imapd, use of general system authentication 
    Kerberos option, turning on 
AUTHENTICATE command (IMAP) 
authentication
    cryptographic, for hosts 
    for email sessions  [See email IMAP]
    interactive, without password  [See ssh-agent]
    Internet Protocol Security (IPSec) 
    Kerberos  [See Kerberos authentication]
    OpenSSH  [See SSH]
    PAM (Pluggable Authentication Modules)  [See PAM]
    SMTP  [See SMTP]
    specifying alternate username for remote file copying 
    SSH (Secure Shell)  [See SSH]
    SSL (Secure Sockets Layer)  [See SSL]
    by trusted host  [See trusted-host authentication]
authentication keys for Kerberos users and hosts 
authorization 
    root user
        ksu (Kerberized su) command 
        multiple root accounts 
        privileges, dispensing 
        running root login shell 
        running X programs as 
        SSH, use of  2nd 
        sudo command 
    sharing files using groups 
    sharing root privileges
        via Kerberos 
        via SSH 
    sudo command
        allowing user authorization privileges per host 
        bypassing password authentication 
        forcing password authentication 
        granting privileges to a group 
        killing processes with 
        logging remotely 
        password changes 
        read-only access to shared file 
        restricting root privileges 
        running any program in a directory 
        running commands as another user 
        starting/stopping daemons 
        unauthorized attempts to invoke, listing 
    weak controls in trusted-host authentication 
authorized_keys file (~/.ssh directory) 
    forced commands, adding to 
authpriv facility (system messages) 



Linux Security Cookbook
Linux Security Cookbook
ISBN: 0596003919
EAN: 2147483647
Year: 2006
Pages: 247

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net