22.9. Security (Topic 1.114)
by James Stanger, Jeff Dean, Nicolai Langfeldt, Bruno Gomes Pessanha, Steven Pritch
LPI Linux Certification in a Nutshell, 2nd Edition
- LPI Linux Certification in a Nutshell
- Preface
- I. General Linux Exam 101
- 1. LPI Exams
- 2. Exam 101 Study Guide
- 3. Hardware and Architecture (Topic 1.101)
- 4. Linux Installation and Package Management (Topic 1.102)
- 5. GNU and Unix Commands (Topic 1.103)
- 5.1. Objective 1: Work on the Command Line
- 5.2. Objective 2: Process Text Streams Using Filters
- 5.4. Objective 3: Perform Basic File Management
- 5.5. Objective 4: Use Streams, Pipes, and Redirects
- 5.6. Objective 5: Create, Monitor, and Kill Processes
- 5.7. Objective 6: Modify Process Execution Priorities
- 5.8. Objective 7: Search Text Files Using Regular Expressions
- 5.9. Objective 8: Perform Basic File Editing Operations Using vi
- 6. Devices, Linux Filesystems, and the Filesystem Hierarchy Standard (Topic 1.104)
- 6.1. Objective 1: Create Partitions and Filesystems
- 6.2. Objective 2: Maintain the Integrity of Filesystems
- 6.3. Objective 3: Control Filesystem Mounting and Unmounting
- 6.4. Objective 4: Set and View Disk Quotas
- 6.5. Objective 5: Use File Permissions to Control Access to Files
- 6.6. Setting Up a Workgroup Directory
- 6.7. Objective 6: Manage File Ownership
- 6.8. Objective 7: Create and Change Hard and Symbolic Links
- 6.9. Objective 8: Find System Files and Place Files in the Correct Location
- 7. The X Window System (Topic 1.1.10)
- 8. Exam 101 Review Questions and Exercises
- 9. Exam 101 Practice Test
- 10. Exam 101 Highlighter's Index
- 10.1. Hardware and Architecture
- 10.1.1. Objective 1: Configure Fundamental BIOS Settings
- 10.1.2. Objective 3: Configure Modems and Sound Cards
- 10.1.3. Objective 4: Set Up Non-IDE Devices
- 10.1.4. Objective 5: Set Up PC Different Expansion Cards
- 10.1.5. Objective 6: Configure Communication Devices
- 10.1.6. Objective 7: Configure USB Devices
- 10.2. Linux Installation and Package Management
- 10.2.1. Objective 1: Design a Hard Disk Layout
- 10.2.2. Objective 2: Install a Boot Manager
- 10.2.3. Objective 3: Make and Install Programs from Source
- 10.2.4. Objective 4: Manage Shared Libraries
- 10.2.5. Objective 5: Use Debian Package Management
- 10.2.6. Objective 6: Use Red Hat Package Manager (RPM)
- 10.3. GNU and Unix Commands
- 10.3.1. Objective 1: Work Effectively on the Command Line
- 10.3.2. Objective 2: Process Text Streams Using Filters
- 10.3.3. Objective 3: Perform Basic File Management
- 10.3.4. Objective 4: Use Unix Streams, Pipes, and Redirects
- 10.3.5. Objective 5: Create, Monitor, and Kill Processes
- 10.3.6. Objective 6: Modify Process Execution Priorities
- 10.3.7. Objective 7: Search Text Files Using Regular Expressions
- 10.3.8. Objective 8: Using vi
- 10.4. Devices, Linux Filesystems, and the Filesystem Hierarchy Standard
- 10.4.1. Objective 1: Create Partitions and Filesystems
- 10.4.2. Objective 2: Maintain the Integrity of Filesystems
- 10.4.3. Objective 3: Control Filesystem Mounting and Unmounting
- 10.4.4. Objective 4: Managing Disk Quota
- 10.4.5. Objective 5: Use File Permissions to Control Access to Files
- 10.4.6. Objective 6: Manage File Ownership
- 10.4.7. Objective 7: Create and Change Hard and Symbolic Links
- 10.4.8. Objective 8: Find System Files and Place Files in the Correct Location
- 10.5. The X Window System
- 10.5.1. Objective 1: Install and Configure X11
- 10.5.2. Objective 2: Setup A Display Manager
- 10.5.3. Objective 4: Install and Customize a Window Manager Environment
- 10.5.3.1. Concepts
- 10.5.3.2. Window managers
- 10.5.3.3. xterm
- 10.5.3.4. X libraries
- 10.5.3.5. Remote X clients
- II. General Linux Exam 102
- 11. Exam 102 Overview
- 12. Exam 102 Study Guide
- 13. Kernel (Topic 1.105)
- 14. Boot, Initialization, Shutdown, and Runlevels (Topic 1.106)
- 15. Printing (Topic 1.107)
- 16. Documentation (Topic 1.108)
- 17. Shells, Scripting, Programming, and Compiling (Topic 1.109)
- 18. Administrative Tasks (Topic 1.111)
- 18.1. Objective 1: Manage Users and Group Accounts and Related System Files
- 18.2. Objective 2: Tune the User Environment and System Environment Variables
- 18.3. Objective 3: Configure and Use System Log Files to Meet Administrative and Security Needs
- 18.4. Objective 4: Automate System Administration Tasks by Scheduling Jobs to Run in the Future
- 18.5. Objective 5: Maintain an Effective Data Backup Strategy
- 18.6. Objective 6: Maintain System Time
- 19. Networking Fundamentals (Topic 1.112)
- 20. Networking Services (Topic 1.113)
- 20.1. Objective 1: Configure and Manage inetd, xinetd, and Related Services
- 20.2. Objective 2: Operate and Perform Basic Configuration of Mail Transfer Agent (MTA)
- 20.3. Objective 3: Operate and Perform Basic Configuration of Apache
- 20.4. Objective 4: Properly Manage the NFS and Samba Daemons
- 20.5. Objective 5: Set Up and Configure Basic DNS Services
- 20.6. Objective 7: Set Up Secure Shell (OpenSSH)
- 21. Security (Topic 1.114)
- 22. Exam 102 Review Questions and Exercises
- 22.1. Kernel (Topic 1.105)
- 22.2. Boot, Initialization, Shutdown, and Runlevels (Topic 1.106)
- 22.3. Printing (Topic 1.107)
- 22.4. Documentation (Topic 1.108)
- 22.5. Shells, Scripting, Programming, and Compiling (Topic 1.109)
- 22.6. Administrative Tasks (Topic 1.111)
- 22.7. Networking Fundamentals (Topic 1.112)
- 22.8. Networking Services (Topic 1.113)
- 22.9. Security (Topic 1.114)
- 23. Exam 102 Practice Test
- 24. Exam 102 Highlighter's Index
- 24.1. Kernel (Topic 1.105)
- 24.2. Boot, Initialization, Shutdown, and Runlevels (Topic 1.106)
- 24.3. Printing (Topic 1.107)
- 24.4. Documentation (Topic 1.108)
- 24.5. Shells, Scripting, Programming, and Compiling
- 24.6. Administrative Tasks (Topic 1.111)
- 24.6.1. Objective 1: Manage Users and Group Accounts and Related System Files
- 24.6.2. Objective 2: Tune the User Environment and System Environment Variables
- 24.6.3. Objective 3: Configure and Use System Log Files to Meet Administrative and Security Needs
- 24.6.4. Objective 4: Automate System Administration Tasks by Scheduling Jobs to Run in the Future
- 24.6.5. Objective 5: Maintain an Effective Data Backup Strategy
- 24.6.6. Objective 6: Maintain System Time
- 24.7. Networking Fundamentals (Topic 1.112)
- 24.8. Networking Services (Topic 1.113)
- 24.8.1. Objective 1: Configure and Manage inetd, xinetd, and Related Services
- 24.8.2. Objective 2: Operate and Perform Basic Configuration of Mail Transfer Agent (MTA)
- 24.8.3. Objective 3: Operate and Perform Basic Configuration of Apache
- 24.8.4. Objective 4: Properly Manage the NFS and Samba Daemons
- 24.8.5. Objective 5: Set Up and Configure Basic DNS Services
- 24.8.6. Objective 7: Set Up Secure Shell (OpenSSH)
- 24.9. Security (Topic 1.114)
- III. General Linux Exam 201
- 25. Linux Kernel
- 26. System Startup
- 27. Filesystem
- 28. Hardware (Topic 2.204)
- 28.1. Objective 1: Configuring RAID
- 28.2. Objective 2: Adding New Hardware
- 28.3. Objective 3: Software and Kernel Configuration
- 28.3.1. hdparm
- 28.3.2. tune2fs
- 28.3.3. Supporting IDE CD Burners
- 28.3.4. Logical Volume Manager (LVM)
- 28.3.4.1. Initializing a disk or partition
- 28.3.4.2. Creating a volume group
- 28.3.4.3. Making a logical volume
- 28.3.4.4. Displaying physical volume properties
- 28.3.4.5. Displaying volume group properties
- 28.3.4.6. Displaying logical volume properties
- 28.3.4.7. Listing disks and volume groups
- 28.3.4.8. Adding disks to a volume group
- 28.3.4.9. Removing a disk from a volume group
- 28.3.4.10. Expanding a logical volume
- 28.3.4.11. Shrinking a logical volume
- 28.3.4.12. Removing a logical volume
- 28.3.4.13. Removing a volume group
- 28.3.4.14. Removing a physical volume
- 28.3.4.15. Starting and stopping LVM
- 28.3.4.16. LVM snapshots
- 28.3.5. Runtime Kernel Configuration
- 28.4. Objective 4: Configuring PCMCIA Devices
- 29. File and Service Sharing (Topic 2.209)
- 30. System Maintenance (Topic 2.211)
- 31. System Customization and Automation (Topic 2.213)
- 32. Troubleshooting (Topic 2.214)
- 33. LPI Exam 201 Review Questions and Exercises
- 33.1. Linux Kernel (Topic 2.201)
- 33.2. System Startup (Topic 2.202)
- 33.3. Filesystem (Topic 2.203)
- 33.4. Hardware (Topic 2.204)
- 33.5. File and Service Sharing (Topic 2.209)
- 33.6. System Maintenance (Topic 2.211)
- 33.7. System Customization and Automation (Topic 2.213)
- 33.8. Troubleshooting (Topic 2.214)
- 34. Exam 201 Practice Test
- IV. General Linux Exam 202
- 35. Networking Configuration (Topic 2.205)
- 35.1. Objective 1: Basic Networking Configuration
- 35.1.1. Network Configuration Utilities, and What Lies Beneath
- 35.1.2. Common Network Configuration Files
- 35.1.3. Using ifconfig
- 35.1.4. The route Command
- 35.1.5. Common Uses
- 35.1.6. ARP and Related Commands
- 35.1.7. The arpwatch Command
- 35.1.8. Dial-up Connections
- 35.1.8.1. Connecting with a modem
- 35.1.8.2. Configuration files
- 35.1.8.3. pon
- 35.1.8.4. Checking a dial-up network connection
- 35.1.8.5. The poff command
- 35.1.8.6. The wvdial command
- 35.1.8.7. Configuring wvdial: wvdialconf
- 35.1.8.8. wvdialconf examples
- 35.1.8.9. Sample /etc/wvdial.conf file
- 35.1.8.10. ISDN connections
- 35.1.8.11. The ipppd daemon
- 35.1.8.12. The isdnctrl command
- 35.1.8.13. Using isdnctrl
- 35.1.8.14. Multihomed systems
- 35.1.8.15. IP routing configuration
- 35.1.8.16. IP forwarding versus firewalling and Network Address Translation (NAT)
- 35.2. Objective 2: Advanced Network Configuration and Troubleshooting
- 35.2.1. Simple Connectivity Example: Telnet
- 35.2.1.1. Using tcpdump
- 35.2.1.2. tcpdump expressions
- 35.2.1.3. Example #1
- 35.2.1.4. Example #2
- 35.2.1.5. Example #3
- 35.2.1.6. Example #4
- 35.2.1.7. ethereal and tethereal
- 35.2.1.8. The lsof command
- 35.2.1.9. Example #1
- 35.2.1.10. Example #2
- 35.2.1.11. Example #3
- 35.2.1.12. Example #4
- 35.2.1.13. Example #5
- 35.2.1.14. The netstat command
- 35.2.1.15. Example #1
- 35.2.1.16. Example #2
- 35.2.1.17. Example #3
- 35.2.2. netcat (nc)
- 35.2.1. Simple Connectivity Example: Telnet
- 35.1. Objective 1: Basic Networking Configuration
- 36. Mail and News (Topic 2.206)
- 36.1. Objective 2: Using Sendmail
- 36.1.1. Sendmail Configuration
- 36.1.2. Securing Sendmail
- 36.1.3. Delivering Email
- 36.1.4. Manual Entries
- 36.1.5. Local Delivery
- 36.1.6. Using virtusertable
- 36.1.7. Checking Virtual Users
- 36.1.8. Email Aliases
- 36.1.9. Bastion Host Sendmail Server
- 36.1.10. Managing Mail Traffic
- 36.1.11. Monitoring Mail
- 36.1.12. Log Configuration
- 36.2. Objective 3: Managing Mail Traffic
- 36.3. Objective 1: Configuring Mailing Lists
- 36.4. Objective 4: Serving News
- 36.5. Conclusion
- 36.1. Objective 2: Using Sendmail
- 37. DNS (Topic 2.207)
- 38. Web Services (Apache and Squid, Topic 2.208)
- 39. Network Client Management (Topic 2.210)
- 40. System Security (Topic 2.212)
- 40.1. Objective 2: Configuring a Router
- 40.2. Objective 3: Securing FTP Servers
- 40.3. Objective 4: Secure Shell (SSH)
- 40.4. Objective 5: TCP Wrappers
- 40.5. Objective 6: Security Tasks
- 40.5.1. Kerberos
- 40.5.2. Security Auditing Source Code
- 40.5.3. IDS
- 40.5.4. Miscellaneous
- 40.5.4.1. Scanning in general
- 40.5.4.2. Security alerts
- 40.5.4.3. Updating Linux
- 40.5.4.3.1. Keeping Debian up-to-date
- 40.5.4.3.2. Keeping Red Hat up-to-date
- 41. Network Troubleshooting (Topic 214)
- 41.1. Network Troubleshooting Essentials
- 41.2. Common Troubleshooting Commands
- 41.3. Hardware Problems
- 41.4. Network Device Configuration Files
- 41.5. DNS Errors
- 41.6. Determining the Cause of Inaccessible Services
- 41.7. Conclusion
- 42. Exam 202 Review Questions and Exercises
- 43. Exam 202 Practice Test
- Index
- About the Authors
- Colophon
- Copyright
- 35. Networking Configuration (Topic 2.205)
- 10.1. Hardware and Architecture
What daemon is associated with the control files /etc/hosts.allow and /etc/hosts.deny.
In general terms, describe a method to locate setuid programs in the local filesystem. Why might an administrator do this routinely?
What is the function of the md5sum utility?
Why might a user run ssh instead of telnet?
Describe shadow passwords and the file where the passwords are stored.
Use find as described in Chapter 21 to locate setuid files. Is the list larger than you expected? Are the entries on your list justifiably setuid programs?
Use the md5sum utility on a binary program file and examine its output.
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.