Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z] SAs (security associations) 2nd scans incoming packets general port scans responding to port scans 2nd stealth scans targeted port scans 2nd 3rd service port targets 2nd TCP stealth scans scheduling AIDE (Advanced Intrusion Detection Environment) Schneier, Bruce screened-subnet firewalls 2nd AUTH user identification service, filtering choke firewalls as local DHCP servers 2nd DNS 2nd 3rd choke DMZ configuration 2nd DMZ name server gateway configuration 2nd forwarding through gateways 2nd retrieving as IMAP client retrieving as POP client FTP choke firewalls as conduits/clients to remote FTP servers gateway firewalls as conduits to FTP DMZ servers gateway firewalls as conduits to remote FTP servers 2nd ICMP control and status messages, filtering rule checking, bypassing source-address spoofing 2nd SSH choke SSH configuration gateway SSH configurations TCP stealth scans and TCP state flags Telnet 2nd Usenet news services choke NNTP client DMZ configurations gateway NNTP conduit and server DMZ configurations web services choke firewalls as forwarders and web clients gateway firewalls as conduits for local web clients public web servers in DMZ web proxies in DMZ 2nd scripts iptables choke firewall 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th iptables firewall for standalone system 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th optimized iptables firewall 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th Secure Message Transport Protocol [See SMTP] Secure Network Address Translation [See SNAT] Secure Shell [See SSH] Secure Socket Layer (SSL) 2nd security associations (SAs) 2nd Security Enhanced Linux (SELinux) 2nd 3rd Security Identifiers (SIDs) selective internal access by host, address range, or ports configuration options for internal LANS 2nd configuration options for multiple LANS 2nd 3rd 4th 5th SELinux 2nd 3rd sending email as SMTP clients and receiving as IMAP clients 2nd as SMTP clients and receiving as POP clients 2nd as SMTP clients and receiving as SMTP servers 2nd as SMTP servers and receiving as SMTP servers 2nd service daemons, syslogd service port targets 2nd service ports 2nd 3rd services 2nd 3rd [See also TCP (Transmission Control Protocol)] AUTH user identification service 2nd 3rd choosing which services to run network-based services 2nd 3rd nonsecure local services, protecting protecting on assigned unprivileged ports 2nd local TCP services 2nd 3rd local UDP services 2nd public versus private 2nd Usenet news services news servers, hosting 2nd NNTP 2nd 3rd 4th peer news feeds reading and posting news Session layer (OSI model) SIDs (Security Identifiers) SKEME SMTP (Secure Message Transport Protocol) 2nd choke configurations conversations, capturing with TCPDump 2nd receiving as local SMTP servers 2nd relaying mail through external gateway SMTP servers 2nd sending as SMTP clients and receiving as IMAP clients 2nd sending as SMTP clients and receiving as POP clients 2nd sending as SMTP clients and receiving as SMTP servers 2nd sending as SMTP servers and receiving as SMTP servers 2nd sending to any external mail servers smurf attacks 2nd SNAT (Source Network Address Translation) 2nd 3rd 4th applying to LAN traffic 2nd MASQUERADE SNAT masquerading LAN traffic 2nd 3rd nat table target extensions 2nd rules standard SNAT 2nd sniffers 2nd 3rd 4th ARPWatch 2nd 3rd 4th Cricket MRTG ntop placement of Snort 2nd 3rd 4th alerts configuring 2nd 3rd downloading installing 2nd Swatch testing 2nd switches/hubs 2nd TCPDump 2nd 3rd 4th abnormal packet activity 2nd command-line options 2nd DNS queries, capturing downloading expressions 2nd 3rd FTP conversations, capturing HTTP conversations, capturing 2nd 3rd 4th 5th 6th ICMP pings, capturing installing LAND attacks 2nd normal scan (nmap) attacks 2nd 3rd recording traffic with 2nd 3rd SMTP conversations, capturing 2nd Smurf attacks SSH conversations, capturing Xmas Tree attacks Snort 2nd 3rd 4th alerts configuring 2nd 3rd downloading installing 2nd Swatch testing 2nd sockets source addresses iptables 2nd source address checking, bypassing spoofing 2nd 3rd 4th 5th 6th 7th 8th 9th loopback addresses routers screened-subnet firewalls 2nd Source Network Address Translation [See SNAT] Source Quench messages source-address-check chain 2nd 3rd source-routed packets spoofing source addresses 2nd 3rd 4th 5th 6th 7th 8th 9th loopback addresses routers screened-subnet firewalls 2nd squid SSH (Secure Shell) 2nd choke SSH configuration client access to remote SSH servers 2nd conversations, capturing with TCPDump gateway SSH configurations login failures, monitoring 2nd SSL (Secure Socket Layer) 2nd standalone systems iptables choke firewall 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th limitations of 2nd 3rd optimized iptables firewall 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th sample iptables firewall script 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th standard DNAT standard SNAT 2nd starting firewalls on boot Debian 2nd Red Hat and SUSE state filter table match extensions 2nd 3rd 4th 5th state flags (TCP) stateful firewalls stateless firewalls status messages (ICMP) 2nd Destination Unreachable echo-reply echo-request 2nd fragmented messages Parameter Problem Source Quench Time Exceeded 2nd STDERR STDIN STDOUT 2nd stealth scans 2nd incoming packets, filtering TCP "Steps for Recovering from a UNIX or NT System Compromise"(paper) Stevens, Richard stock kernel strobe 2nd subjects (SELinux) subnet masks subnets 2nd 3rd 4th 5th 6th 7th 8th SUSE Linux Swatch 2nd 3rd 4th switches 2nd symbolic constants 2nd 3rd private choke firewalls public gateway firewalls 2nd SYN ACK SYN flag 2nd 3rd 4th 5th 6th 7th Sysctl support (GrSec) syslog 2nd 3rd 4th syslogd 2nd 3rd 4th system logs firewall log messages 2nd 3rd 4th duplicating TCP example 2nd UDP example 2nd intrusion detection 2nd syslog configuration 2nd 3rd 4th |