Index D

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X]

daemons
    IMAP, within xinetd 
    imapd  [See imapd]
    inetd  [See inetd]
    Kerberized Telnet daemon, enabling 
    mail, receiving mail without running 
    POP, enabling within xinetd or inetd 
    sendmail, security risks with visibility of 
    Snort, running as 
    sshd  [See sshd]
    starting/stopping via sudo 
    tcpd
        using with inetd 
        using with xinetd 
    Telnet, disabling standard 
    xinetd  [See xinetd]
dangling network connections, avoiding 
date command 
DATE environment variable 
datestamps, handling by logwatch 
Debian Linux, debsums tool 
debugging
    debug facility, system messages 
    Kerberized authentication on Telnet 
    Kerberos authentication on POP 
    Kerberos for SSH 
    PAM modules 
    SSL connection problems from server-side 
dedicated server, protecting with firewall 
denial-of-service (DOS) attacks
    preventing 
    Snort detection of 
    vulnerability to using REJECT 
DENY
    absorbing incoming packets (ipchains) with no response 
    pings, preventing 
    REJECT vs. (firewalls) 
DER (binary format for certificates) 
    converting to PEM 
DES-based crypt( ) hashes in passwd file 
destination name for remote file copying 
detached digital signature (GnuPG) 
devfs 
device special files
    inability to verify with manual integrity check 
    securing 
DHCP, initialization scripts 
dictionary attacks against terminals 
diff command, using for integrity checks 
DIGEST-MD5 authentication (SMTP) 
digital signatures 
    ASCII-format detached signature, creating in GnuPG 
    binary-format detached signature (GnuPG), creating 
    email messages, verifying with mc-verify function 
    encrypted email messages, checking with mc-verify 
    GnuPG-signed file, checking for alteration 
    signing a text file with GnuPG 
    signing and encrypting files 
    signing email messages with mc-sign function 
    uploading new to keyserver 
    verifying for keys imported from keyserver 
    verifying on downloaded software 
    for X.509 certificates 
directories
    encrypting entire directory tree 
    fully-qualified name 
    inability to verify with manual integrity check 
    marking files for inclusion or exclusion from Tripwire database 
    recurse=n attribute (Tripwire) 
    recursive remote copying with scp 
    restricting a service to a particular directory 
    setgid bit 
    shared, securing 
    skipping with find -prune command 
    specifying another directory for remote file copying 
    sticky bit set on 
disallowed connections  [See hosts.deny file]
DISPLAY environment variable (X windows)  2nd 
display filter expressions
    using with Ethereal 
    using with tcpdump 
display-filters for email (PinePGP) 
Distinguished Encoding Rules  [See DER]
DNS
    Common Name for certificate subjects 
    using domain name in Kerberos realm name 
dormant accounts 
    monitoring login activity 
DOS  [See denial-of-service attacks]
DROP
    pings, preventing 
    REJECT and, refusing packets (iptables) 
    specifying targets for iptables 
dsniff program 
    -m option (matching protocols used on nonstandard ports) 
    Berkeley database library, requirement of 
    downloading and installing 
    filesnarf command 
    insecure network protocols
        auditing use of 
        detecting 
    libnet, downloading and compiling 
    libnids
        downloading and installing 
        reassembling TCP streams with 
    libpcap snapshot, adjusting size of 
    mailsnarf command 
    urlsnarf command 
dual-ported disk array 
dump-acct command 



Linux Security Cookbook
Linux Security Cookbook
ISBN: 0596003919
EAN: 2147483647
Year: 2006
Pages: 247

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net