[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] absolute directory names access control lists (ACLs), creating with PAM access_times attribute (xinetd) accounting [See process accounting] acct RPM accton command (for process accounting) addpol command (Kerberos) administrative privileges, Kerberos user administrative system, Kerberos [See kadmin utility] agents, SSH [See also ssh-agent] forwarding, disabling for authorized keys terminating on logout using with Pine Aide (integrity checker) alerts, intrusion detection [See Snort] aliases for hostnames changing SSH client defaults for users and commands (with sudo) ALL keyword user administration of their own machines (not others) AllowUsers keyword (sshd) Andrew Filesystem kaserver ank command (adding new Kerberos principal) apache (/etc/init.d startup file) append-only directories apply keyword (PAM, listfile module) asymmetric encryption 2nd [See also public-key encryption] attacks anti-NIDS attacks buffer overflow detection with ngrep indications from system daemon messages dictionary attacks on terminals dsniff, using to simulate inactive accounts still enabled, using man-in-the-middle (MITM) risk with self-signed certificates services deployed with dummy keys operating system vulnerability to forged connections setuid root program hidden in filesystems on specific protocols system hacked via the network vulnerability to, factors in attributes (file), preserving in remote file copying authconfig utility imapd, use of general system authentication Kerberos option, turning on AUTHENTICATE command (IMAP) authentication cryptographic, for hosts for email sessions [See email IMAP] interactive, without password [See ssh-agent] Internet Protocol Security (IPSec) Kerberos [See Kerberos authentication] OpenSSH [See SSH] PAM (Pluggable Authentication Modules) [See PAM] SMTP [See SMTP] specifying alternate username for remote file copying SSH (Secure Shell) [See SSH] SSL (Secure Sockets Layer) [See SSL] by trusted host [See trusted-host authentication] authentication keys for Kerberos users and hosts authorization root user ksu (Kerberized su) command multiple root accounts privileges, dispensing running root login shell running X programs as SSH, use of 2nd sudo command sharing files using groups sharing root privileges via Kerberos via SSH sudo command allowing user authorization privileges per host bypassing password authentication forcing password authentication granting privileges to a group killing processes with logging remotely password changes read-only access to shared file restricting root privileges running any program in a directory running commands as another user starting/stopping daemons unauthorized attempts to invoke, listing weak controls in trusted-host authentication authorized_keys file (~/.ssh directory) forced commands, adding to authpriv facility (system messages) |