[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] packet filtering Linux, website for stateful stateless packet sniffers dsniff, for switched networks enabling unconfigured network interfaces with ifconfig network intrusion detection system (NIDS) ngrep, using for observing network traffic with promiscuous mode on network interfaces unconfigured interface for stealth sniffer Snort, using as packets, refusing with DROP or REJECT PAM (Pluggable Authentication Modules) access control lists (ACLs), creating 2nd controlling imapd password validation creating PAM-aware application enforcing password strength imapd validation of passwords, controlling Kerberos, using with Linux Developers Guide Linux-PAM, web site modules pam_stack module passphrases backing up for GnuPG private keys caching SSH private keys to avoid typing forcing erasure by Mailcrypt with mc-deactivate-passwd secret, for GnuPG public keys SSH passwd file, DES-based crypt( ) hashes in passwd program passwords authorizing changes via sudo dsniff program captured from FTP and Telnet sessions using libnids to reassemble encrypting files with enforcing strength with PAM interactive authentication without (ssh-agent) keeping track of Kerberos (kpasswd command) local, authentication via (Kerberos with PAM) login, testing for strength CrackLib, using John the Ripper, using mail servers (IMAP/POP), protection by SSL master password for KDC database storage of protection with SSH root sudo command bypassing password authentication forcing authentication with testing and monitoring on system PATH environment variable, splitting with Perl script pathnames mutation in attacks against protocols in remote file copying paths search path, testing to server executable (inetd.conf) pattern matching [See regular expressions] payload, observing PEM format (certificates) converting DER format to per_source keyword (xinetd) performance, effects of promiscuous mode period (.), in search path Perl scripts CA.pl canonical hostname for SSH client, finding CrackLib, using with module functions provided by system logger API merging lastlog databases from several systems merging log files process accounting records, reading and unpacking writing system log entries 2nd permissions 2nd changes since last Tripwire check examining carefully for security inability to track with manual integrity check log files preventing directory listings Snort logging directory world-writable files and directories, finding PermitRootLogin (sshd_config) PGP (Pretty Good Privacy) Evolution mailer, using with integrating with MH keys, using in GnuPG operations setting in mutt mailer headers PID (process ID) adding to system log messages looking up pidof command, killing all processes with given name Pine securing POP/IMAP with SSH and Pine securing POP/IMAP with SSL and sending/receiving encrypted email PinePGP pings nmap, use of TCP and ICMP pings for host discovery preventing responses to plaintext keys including in system backups, security risks of using with forced command Pluggable Authentication Modules [See PAM] policies default, for ipchains and iptables Tripwire displaying generating in human-readable format and adding file to modifying signing with site key POP capturing messages from with dsniff mailsnarf command enabling POP daemon within xinetd or inetd Kerberos authentication, using with mail server, running with SSL running mail server with SSL securing email session with SSL and mutt securing mail server with SSH securing mail server with SSH and Pine securing mail server with stunnel and SSL securing with SSL and pine STLS command testing SSL connection to server port forwarding disabling for authorized keys SSH tunneling TCP session through SSH port numbers, conversion to service names by netstat and lsof port scanners, presence evidenced by SYN_RECV state portmappers displaying registrations with lsof +M querying from a different machine ports assigned to RPC services default, IMAP and POP over SSL nonstandard, used by network protocols SSL-port on mail servers testing for open nc command, using nmap command, port scanning capabilities port scans with nmap TCP port, testing with telnet connection TCP RST packets returned by firewalls blocking ports UDP ports, problems with preprocessors, Snort alert messages produced by enabling or tuning prerotate and postrotate scripts Pretty Good Privacy [See PGP] principals, Kerberos adding another principal to your ~/.k5login file adding new with ank command adding to IMAP service on server host database for records for users and hosts database, creating for KDC host principal, testing for new host ksu authentication new host, adding to KDC database POP, adding to setting up with admin privileges and host principal for KDC host priority levels for Snort alerts for system messages private keys [See cryptographic authentication]2nd GnuPG, backing up PGP, exporting and using in GnuPG process accounting displaying all executed commands lastcomm utility, using dump-acct command enabling with accton command process IDs adding to system log messages looking up process substitution processes /proc/<pid> directories killing with pidof command with sudo command listing all open files (and network connections) for all processes all open files for specific command name (lsof -c) by ID (lsof -p) network connections for all by username (lsof -u) owned by others, examination by superuser that use RPC services, examining with losf +M tracing strace command, using promiscuous mode (for network interfaces) enabling for specific interfaces with ifconfig performance and setting for Snort prosum (integrity checker) protocol tree for selected packet (Ethereal) protocols attacks on, detection by Snort preprocessors insecure, detecting use of with ngrep matching a filter expression, searching network traffic for network, detecting insecure ps command, reading /proc files psacct RPM 2nd pseudo-ttys disabling allocation of for authorized keys forcing ssh to allocate PubkeyAuthentication (sshd_config) public keys adding to GnuPG keyring inserting into current mail buffer with mc-insert-public-key keyserver, storing and retrieving with listing for GnuPG PGP, exporting and using in GnuPG public-key authentication [See cryptographic authentication] public-key encryption decrypting files encrypted with GNUPG expiration for keys find method, use by GnuPG 2nd bit length of keys generating key pair secret passphrase for keys sharing public keys unique identifier for keys |