[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [X] [Z] lastcomm command (process accounting) lastlog files (altered), detection by chkrootkit lcap utility ldd command libdnet libevent libipq library (Netfilter) libnet packet injection library 2nd 3rd libol library package libpcap 2nd libraries C library calls supported by Unix GMP (GNU multiple precision math librry) LibSafe, protecting against buffer overflows limits.conf file (pam_limits module) Linux /etc/pam.d contents on RedHat Linux system binary formats used by bypassing noexec option for fileysytem mount capabilities model, modifying grsecurity kernel patch IPsec connections, configuring kernel support for IP queue LibSafe technology listening ports and their owning processes, listing Netfilter Sebek honeypot monitoring module system update package (AutoRPM) tunneling with VTun and SSH list open files (lsof) utility listening services, checking for listing listening ports and owning processes with sockstat lsof utility, using netstat program, using on BSD netstat program, using on Linux log files, protecting from tampering log levels for syslog facilities logging aggregating logs from remote sites Barnyard, used with Snort changing maximum log file size (on Windows) filesystem mounting with grsecurity integrating Windows into syslog monitoring logs automatically network traffic audit with Argus running central syslog server securing Windows event logs Snort NIDS unified output format 2nd SnortSam Spade IDS summarizing logs automatically syslog, filtering information into separate files user activity with process accounting login access, controlling with PAM login keys for SSH logins quick, using SSH client keys security concerns with public keys logon event auditing (Windows) logwatch tool loopback interface keeping unfiltered (PacketFilter) removing filtering from ls -l command lsof (list open files) utility LZO compression |