PythonQ 248-8XX Guide d'installation Page 145
- Page / 294
- Table des matières
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Chapter 11.
Tripwire
Tripwire data integrity assurance software monitors the reliability of critical system files and directo-
ries by identifying changes made to them. Tripwire configuration options include the ability to receive
alerts via email if particular files are altered and automated integrity checking via a cron job. Using
Tripwire for intrusion detection and damage assessment helps you keep track of system changes. Be-
cause Tripwire can positively identify files that have been added, modified, or deleted, it can speed
recovery from a break-in by keeping the number of files which must be restored to a minimum.
Tripwire compares files and directories against a database of file locations, dates modified, and other
data. The database contains baselines, which are snapshots of specified files and directories at a spe-
cific point in time. The contents of the baseline database should be generated before the system is at
risk of intrusion. After creating the baseline database, Tripwire then compares the current system to
the baseline and reports any modifications, additions, or deletions.
While Tripwire is a valuable tool for auditing the security state of Red Hat Linux systems, Tripwire is
not supported by Red Hat, Inc. Refer to the Tripwire project’s website (http://www.tripwire.org) for
more information about Tripwire.
11.1. How to Use Tripwire
The following flowchart illustrates how Tripwire works:
Figure 11-1. Using Tripwire
The following describes in more detail the numbered blocks shown in Figure 11-1
- Red Hat Linux 8.0 1
- The Official Red Hat Linux 1
- Reference Guide 1
- Table of Contents 3
- Introduction 7
- 3. Document Conventions 10
- Mail backupfiles mail reports 12
- 4. Using the Mouse 13
- 6. More to Come 13
- 7. Sign Up for Support 14
- System Reference 15
- Chapter 1 17
- File System Structure 17
- 1.2.1. FHS Organization 18
- /usr/local/sbin." 19
- /usr." 20
- 1.3. Special File Locations 21
- Chapter 2 23
- The proc File System 23
- 2.1.2. Changing Virtual Files 24
- 2.2.1. /proc/apm 24
- 2.2.2. /proc/cmdline 25
- 2.2.3. /proc/cpuinfo 25
- 2.2.4. /proc/devices 26
- 2.2.5. /proc/dma 27
- 2.2.6. /proc/execdomains 27
- 2.2.7. /proc/fb 27
- 2.2.8. /proc/filesystems 27
- 2.2.9. /proc/interrupts 28
- 2.2.10. /proc/iomem 29
- 2.2.11. /proc/ioports 29
- 2.2.12. /proc/isapnp 30
- 2.2.13. /proc/kcore 30
- 2.2.14. /proc/kmsg 31
- 2.2.15. /proc/ksyms 31
- 2.2.16. /proc/loadavg 31
- 2.2.17. /proc/locks 31
- 2.2.18. /proc/mdstat 32
- 2.2.19. /proc/meminfo 32
- 2.2.20. /proc/misc 33
- 2.2.21. /proc/modules 33
- 2.2.22. /proc/mounts 34
- 2.2.23. /proc/mtrr 34
- 2.2.24. /proc/partitions 34
- 2.2.25. /proc/pci 35
- 2.2.26. /proc/slabinfo 36
- 2.2.27. /proc/stat 36
- 2.3. Directories in /proc/ 37
- 2.3.2. /proc/bus/ 39
- 2.3.3. /proc/driver/ 40
- 2.3.4. /proc/fs 40
- 2.3.5. /proc/ide/ 41
- 2.3.6. /proc/irq/ 42
- 2.3.7. /proc/net/ 42
- 2.3.8. /proc/scsi/ 43
- 2.3.9. /proc/sys/ 45
- Section 2.4 46
- 57411 52939 45 0 0 0 47
- 2.3.10. /proc/sysvipc/ 51
- 2.3.11. /proc/tty/ 51
- 2.4. Using sysctl 52
- 2.5. Additional Resources 53
- Chapter 3 55
- 3.2.2. The Boot Loader 56
- 3.2.3. The Kernel 57
- 3.2.4. The /sbin/init Program 57
- Web server 59
- 3.5. SysV Init 60
- 3.6. Init Runlevels 61
- 3.6.1. Initscript Utilities 62
- /etc/sysconfig/ Directory 63
- • vncservers 64
- • xinetd 64
- • USEMD5= 64
- DESKTOP="GNOME" 65
- LANG="en_US" 66
- /dev/raw/raw1 /dev/sda1 71
- /dev/raw/raw2 8 5 71
- • DAEMON= 72
- • CARDTYPE= 72
- • SERVER= 73
- • DEVICE= 73
- 3.8. Shutting Down 75
- Chapter 4 77
- Boot Loaders 77
- 4.3. Installing GRUB 78
- 4.4. GRUB Terminology 79
- 4.5. GRUB Interfaces 80
- 4.6. GRUB Commands 81
- 4.8. LILO 84
- 4.8.2. LILO vs. GRUB 85
- 4.11. Additional Resources 87
- 88 Chapter 4. Boot Loaders 88
- Chapter 5 89
- Users and Groups 89
- 5.3. Standard Groups 91
- 5.4. User Private Groups 92
- /usr/sbin/groupadd emacs 93
- 5.5. Shadow Utilities 94
- Chapter 6 97
- The X Window System 97
- 6.2. XFree86 98
- 6.3.1. Window Managers 102
- 6.3.2. Desktop Environments 102
- 6.4. Runlevels 103
- 6.4.2. Runlevel 5: prefdm 104
- 6.5. Fonts 105
- 6.5.2. Adding Fonts 106
- 6.6. Additional Resources 107
- Security Reference 109
- Chapter 7 111
- 7.3. PAM Modules 112
- 7.4. PAM Module Control Flags 113
- 7.5. PAM Module Paths 114
- 7.6. PAM Module Arguments 114
- 7.8. PAM and Device Ownership 116
- 7.9. Additional Resources 117
- Chapter 8 119
- TCP Wrappers and xinetd 119
- 8.2.1. Formatting Rules 120
- EXCEPT operators 121
- /etc/xinetd.conf 123
- 8.4. Additional Resources 127
- Chapter 9 129
- SSH Protocol 129
- 9.3. Layers of SSH Security 130
- 9.3.1. Transport Layer 131
- 9.3.2. Authentication 131
- 9.3.3. Connection 132
- 9.5. More Than a Secure Shell 133
- 9.5.2. Port Forwarding 134
- 136 Chapter 9. SSH Protocol 136
- Chapter 10 137
- Kerberos 137
- 10.3. Kerberos Terminology 138
- 10.4. How Kerberos Works 139
- 10.5. Kerberos and PAM 140
- 10.8. Additional Resources 142
- 10.8.2. Useful Websites 143
- 144 Chapter 10. Kerberos 144
- Chapter 11 145
- Tripwire 145
- 11.3. Customizing Tripwire 147
- /etc/tripwire/twpol.txt 148
- /usr/sbin/tripwire --init 149
- /etc/hosts, use the 152
- EDITOR line of the 152
- Important 153
- 11.8.1. Tripwire and Email 154
- 11.10.1. Tripwire Components 155
- 11.11. Additional Resources 156
- Network Services Reference 157
- Chapter 12 159
- Network Scripts 159
- 12.2.1. Ethernet Interfaces 160
- 12.2.2. Dialup Interfaces 161
- 12.2.3. Other Interfaces 162
- 12.2.4. Alias and Clone Files 163
- 12.4. Network Functions 164
- 12.5. Additional Resources 165
- Chapter 13 167
- Firewalls and iptables 167
- 13.3.1. Tables 169
- 13.3.2. Structure 170
- 13.3.3. Commands 170
- 13.3.4. Parameters 171
- 13.3.5. Match Options 172
- 13.3.6. Target Options 174
- 13.3.7. Listing Options 175
- 13.5. Additional Resources 176
- Chapter 14 177
- Apache HTTP Server 177
- UserDir disable 181
- UserDir public_html 181
- 14.3. After Installation 187
- /sbin/service httpd start 188
- /sbin/service httpd stop 188
- /sbin/service httpd restart 188
- /sbin/service httpd reload 188
- 14.5.1. ServerRoot 189
- 14.5.2. LockFile 189
- 14.5.10. StartServers 191
- 14.5.11. MaxClients 191
- 14.5.12. MaxRequestsPerChild 191
- 14.5.13. Listen 191
- 14.5.14. Include 191
- 14.5.17. ExtendedStatus 192
- 14.5.18. User 192
- 14.5.15. LoadModule 192
- 14.5.16. IfDefine 192
- 14.5.19. Group 193
- 14.5.20. ServerAdmin 193
- 14.5.21. ServerName 193
- 14.5.22. DocumentRoot 193
- 14.5.23. Directory 193
- 14.5.24. Options 194
- 14.5.25. AllowOverride 194
- 14.5.26. Order 194
- 14.5.27. Allow 195
- 14.5.28. Deny 195
- 14.5.29. UserDir 195
- 14.5.30. DirectoryIndex 195
- 14.5.31. AccessFileName 195
- 14.5.38. ErrorLog 197
- 14.5.39. LogLevel 197
- 14.5.40. LogFormat 197
- 14.5.41. CustomLog 197
- 14.5.42. ServerSignature 198
- 14.5.43. Alias 198
- 14.5.44. ScriptAlias 198
- 14.5.45. Redirect 199
- 14.5.46. IndexOptions 199
- 14.5.47. AddIconByEncoding 199
- 14.5.48. AddIconByType 199
- 14.5.56. AddLanguage 201
- 14.5.57. LanguagePriority 201
- 14.5.58. AddType 201
- 14.5.59. AddHandler 201
- 14.5.60. Action 201
- 14.5.61. MetaDir 202
- 14.5.62. MetaSuffix 202
- 14.5.63. ErrorDocument 202
- 14.5.64. BrowserMatch 202
- 14.5.65. Location 202
- 14.5.66. ProxyRequests 203
- 14.5.67. ProxyVia 203
- 14.5.68. Cache Directives 203
- 14.5.69. NameVirtualHost 203
- 14.5.70. VirtualHost 204
- 14.5.71. SetEnvIf 204
- 14.6. Default Modules 205
- 14.8. Using Virtual Hosts 206
- NameVirtualHost * 207
- 14.9. Additional Resources 208
- Chapter 15 209
- 15.1.3. SMTP 210
- 15.2.1. Mail User Agent 211
- 15.2.2. Mail Transfer Agent 211
- 15.3. Sendmail 212
- /etc/mail/sendmail.cf 214
- 15.4. Fetchmail 216
- 15.5. Procmail 220
- 15.5.2. Procmail Recipes 221
- * ^From: [email protected] 224
- /dev/null 224
- 15.6. Security 225
- 15.7. Additional Resources 226
- 15.7.2. Useful Websites 227
- 15.7.3. Related Books 227
- Chapter 16 229
- 16.2. BIND Configuration Files 230
- 16.2.1. /etc/named.conf 231
- • include " 232
- • view " 233
- • zone " 234
- 16.2.2. Zone Files 235
- 16.3. Using rndc 240
- 16.4.2. Multiple Views 243
- 16.4.3. Security 243
- 16.4.4. IP version 6 243
- 16.6. Additional Resources 244
- 16.6.3. Related Books 245
- Chapter 17 247
- Network File System (NFS) 247
- 17.1.1. NFS and portmap 248
- 17.2.1. /etc/exports 250
- 17.3.1. /etc/fstab 251
- 17.3.2. autofs 252
- 17.4. Securing NFS 253
- 17.5. Additional Resources 254
- 17.5.2. Related Books 255
- Chapter 18 257
- 18.2.1. NSS, PAM, and LDAP 259
- 18.3. LDAP Terminology 260
- 18.4.1. slapd.conf 261
- 18.5. OpenLDAP Setup Overview 262
- /sbin/service/ldap start 263
- 18.8. Additional Resources 265
- 18.8.3. Related Books 266
- Appendixes 267
- Appendix A 269
- A.2. CD-ROM Module Parameters 270
- A.3. SCSI parameters 272
- A.4. Ethernet Parameters 275
- Colophon 293
Produits connexes et manuels pour Système de soudage PythonQ 248-8XX
(210 pages)© 2020, manymanuals.fr. Tous droits réservés | 0.020 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels