List of Figures


Chapter 1: Critical First Steps

Figure 1-1: Output of w command
Figure 1-2: Example output from the last log file
Figure 1-3: Example var/log/ messages file entries showing attempted failed intrusions

Chapter 2: Hardening Network Access: Disable Unnecessary Services

Figure 2-1: SLES8 YaST2 menu hierarchy for the Runlevel Editor
Figure 2-2: Runlevel Editor detail in SLES8
Figure 2-3: YaST2 menu hierarchy for invoking inetd services GUI
Figure 2-4: Menu hierarchy for serviceconf in Red Hat Enterprise Linux AS 3.0
Figure 2-5: serviceconf window with default services enabled
Figure 2-6: Save changes in serviceconf
Figure 2-7: The TKSYSV GUI
Figure 2-8: Runlevel information for systems services from chkconfig

Chapter 3: Installing Firewalls and Filters

Figure 3-1: Red Hat Linux, no firewall rules present
Figure 3-2: Red Hat Linux, firewall rules enabled
Figure 3-3: The anatomy of a MAC address
Figure 3-4: The addressing layers in TCP/IP
Figure 3-5: Firewall rule bounds in a dual- homed host
Figure 3-6: SUSE Linux Firewall Configuration (Step 1 of 4): Basic Settings
Figure 3-7: SUSE Linux Firewall Configuration (Step 2 of 4): Services
Figure 3-8: SUSE Linux Firewall Configuration (Step 3 of 4): Features
Figure 3-9: SUSE Linux Firewall Configuration (Step 4 of 4): Logging Options
Figure 3-10: SUSE Linux Save settings and activate firewall
Figure 3-11: SUSE Linux Firewall configurationsaving settings
Figure 3-12: The Red Hat firewall configuration tool
Figure 3-13: The Red Hat firewall configuration confirmation

Chapter 4: Hardening Software Accessibility

Figure 4-1: rpm -qa output
Figure 4-2: SUSE package manager
Figure 4-3: Red Hat package manager
Figure 4-4: rpm -qi telnet output
Figure 4-5: SUSE package manager query
Figure 4-6: Red Hat package manager query
Figure 4-7: Sample software list table
Figure 4-8: rpm -q --whatrequires command tree
Figure 4-9: rpm -e --test output
Figure 4-10: SUSE package manager
Figure 4-11: YaST2 search for Nmap
Figure 4-12: YaST2 CD prompt
Figure 4-13: md5sum output
Figure 4-14: MD5 verification
Figure 4-15: GPG import key
Figure 4-16: GPG good signature

Chapter 5: Preparing for Disaster

Figure 5-1: Red Hat Kickstart editor
Figure 5-2: SUSE change source of installation
Figure 5-3: SUSE Autoyast preference settings
Figure 5-4: SUSE Autoyast showing entry of the filename clone.xml
Figure 5-5: SUSE AutoYaST utility ready to save the clone.xml profile file
Figure 5-6: SUSE Autoyast selection of the clone.xml profile
Figure 5-7: SUSE Autoyast Create Custom CD screen
Figure 5-8: SUSE Autoyast ready to create the ISO image
Figure 5-9: SUSE Autoyast ISO file has been created
Figure 5-10: YaST2 backup showing selection of backup archive location and type
Figure 5-11: YaST2 backup showing exclusion of the /nfs mounted resources

Chapter 9: Restricted Execution Environments

Figure 9-1: The make menuconfig step for BusyBox
Figure 9-2: Set the BusyBox installation target to the chroot environment.
Figure 9-3: Example spec file

Chapter 10: Hardening Communications

Figure 10-1: SSH initialization
Figure 10-2: SSH key fingerprint
Figure 10-3: SSH warning message
Figure 10-4: Generating SSH keys
Figure 10-5: Putting a public key on remote server
Figure 10-6: Using ssh-agent
Figure 10-7: Remote command execution
Figure 10-8: scp usage
Figure 10-9: IPSec tunnel set up between two subnetworks

Chapter 11: Install Network Monitoring Software

Figure 11-1: Ethereal startup screen
Figure 11-2: Ethereal Capture options
Figure 11-3: Ethereal protocol statistics
Figure 11-4: Ethereal packet capture
Figure 11-5: Snort-created directories

Chapter 13: Patch Management and Monitoring

Figure 13-1: Root password prompt
Figure 13-2: Select Online Update
Figure 13-3: Main Online Update screen
Figure 13-4: Batch selection
Figure 13-5: Package retrieval
Figure 13-6: Package installation
Figure 13-7: Installation wrap-up
Figure 13-8: Terms of Service
Figure 13-9: Proxy Configuration
Figure 13-10: No registration warning
Figure 13-11: Red Hat Network Configuration
Figure 13-12: Red Hat Network login
Figure 13-13: Hardware profile registration
Figure 13-14: Register profile packages
Figure 13-15: Red Hat Update Agent welcome screen
Figure 13-16: Red Hat channels information
Figure 13-17: Available packages
Figure 13-18: Package dependency resolution
Figure 13-19: Package retrieval
Figure 13-20: Package installation
Figure 13-21: up2date complete

Chapter 14: Self-Monitoring Tools

Figure 14-1: Tripwire installation
Figure 14-2: Sample Tripwire report
Figure 14-3: John the Ripper output
Figure 14-4: Showing passwords in John the Ripper
Figure 14-5: Nmap Front End
Figure 14-6: Default NmapFE scan
Figure 14-7: Nmap with Version Probe
Figure 14-8: Nessus warning screen
Figure 14-9: Nessus initial screen
Figure 14-10: Nessus target selection
Figure 14-11: Nessus scanning host
Figure 14-12: Nessus report
Figure 14-13: HTML Nessus report

Chapter 15: Budget Acquisition and Corporate Commitment to Security

Figure 15-1: Basic risk assessment worksheet
Figure 15-2: Sample completed basic risk assessment worksheet
Figure 15-3: Sample incident cost report

Chapter 16: Establishing a Security Campaign

Figure 16-1: Sample security policy



Hardening Linux
Hardening Linux
ISBN: 0072254971
EAN: 2147483647
Year: 2004
Pages: 113

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net