LINUX ADMINISTRATION TYBSC-IT SEM V
|
|
- Corey Malone
- 6 years ago
- Views:
Transcription
1 1 LINUX ADMINISTRATION TYBSC-IT SEM V
2 2 UNIT 4
3 CHAPTER 1 : INTERNET SERVICES WHAT IS AN INTERNET SERVICE? Internet Service can be defined as any service that can be accessed through TCP/IP based networks, whether an internal network (Intranet) or external network (Internet) Internet services can be provided through either secure or non-secure TCP/IP connections. Common services are Telnet, FTP, SMTP, HTTP, ICMP, ARP, DNS, ssh, scp, sftp, and others. 3
4 Secure Services Plain text traffic is extremely easyto eavesdrop on by anyone Since the Internet has exploded in popularity, running insecure services such as these is not a good idea. That s why secure replacements have been developed These replacements provide stronger Authentication controls and encrypt all their traffic to keep your data safe. 4
5 Ssh Secure Shell, also known as ssh, is a secure telnet replacement that encrypts all traffic, including passwords, using a public/private encryption key exchange protocol. ssh vnavrat@woolf.xena.edu you start ssh, it asks for your password, and then you have a regular terminal screen. 5
6 scp Secure Copy, also known as scp, is part of the ssh package. It is a secure alternative to rcp and ftp You can scp files to any machine that has an ssh daemon running 6
7 sftp Secure File Transfer Program, also known as sftp, is an FTP client that performs all its functions over ssh. The syntax for sftp is sftp file 7
8 Less Secure Services These are insecure services that should not be used, since they trust that the network is absolutely secure. telnet Telnet is an application that s available almost everywhere. All telnet traffic, including passwords, is sent in plain text. [vnavrat@buffy vnavrat]$ telnet xena Trying Connected to xena. Escape character is ^]. Welcome to null.xena.edu login: 8
9 Rsync rsync is an unencrypted file transfer program that is similar to rcp. Differences between two sets of files on two machines to be transferred across the network. Rsh rsh is an unencrypted mechanism to execute commands on remote hosts. rsh remotehostname remotecommand rlogin rlogin is a remote login program that connects your terminal to a remote machine s terminal. Finger finger enables users on remote systems to look up information about users on another system. Generally finger displays a user s login name, real name, terminal name, idle time, login time, office location, and phone number. 9
10 talk and ntalk Talk and ntalk are real-time chat protocols. The talk server runs on port 517 The ntalk server runs on port
11 USING YOUR LINUX MACHINE AS A SERVER http The most common Web server used on Linux is Apache configuration files live in /etc/httpd/conf/. Sshd The secure shell daemon (sshd) is started out of the system s rc scripts. global system configuration files are in /etc/ssh user s ssh configuration files are in $HOME/.ssh/. 11
12 Ftpd The FTP daemon uses ports 20 and 21 to listen for and initiate FTP requests Its configuration files ftpaccess ftpconversions ftpgroups ftphosts ftpusers located in the /etc directory. dns The Domain Name Service (DNS), which maps IP addresses to hostnames, It is served by the named program on port 53. Its configuration file is named.conf in the /etc directory. 12
13 The Inetd Server inetd is called an Internet superserver. It is launched at boot time, and listens for connections on network sockets. It checks the inetd.conf file to see what services should be running. It then reads the /etc/services file to see what ports those services should be running on. Xinetd xinetd is a replacement for inetd, that adds more security and functionality. great reason to run xinetd is that it can run alongside inetd inetd and xinetd behave the same way 13
14 INETD AND XINETD 14
15 SERVICES ARE SPAWNED FROM SUPERSERVERS SUCH AS INETD AND XINETD 1. chargen random character generator that sends its traffic over tcp 2. daytime-udp gives you the time over udp 3. finger user information lookup program 4. kshell restricts user access to the shell 5. rlogin service similar to telnet, but enables trust relationships between machines 6. swat Samba Web Administration Tool 7. time gives you the time 8. chargen-udp random character generator that sends its traffic over udp 9. echo echoes back all characters sent to it over tcp 10. gssftp kerberized FTP server 15
16 11. rsh remote shell 12. talk a talk (real-time chat) server 13. time-udp gives you the time over udp 14. comsat notifies users if they have new mail 15. echo-udp echoes back all characters sent to it over udp 16. klogin kerberos s answer to rlogin 17. ntalk a talk (real-time chat) server 18. rsync remote file transfer protocol 19. telnet telnet server 20. wu-ftpd an ftp server 21. daytime gives you the time over tcp 22. eklogin encrypting kerberized rlogin server 16
17 23. krb5-telnet kerberized telnet server 24. rexec provides remote execution facilities 25. sgi_fam file monitoring daemon 26. tftp trivial file transfer program 17
18 STAND-ALONE SERVICES These services are started from the rc scripts specifically written for them in the rc directories. You can enable or disable these services from those directories. 18
19 1. apache Web server 2. sshd ssh server 3. sendmail mail server 4. qmail mail server 5. postfix mail server 6. thttpd semilightweight Web server 7. boa lightweight Web server 8. named dns server 9. xfs X font server 10. xdm X display manager 19
20 11. portmap maps RPC services to ports 12. rpc.quotad serves quota information 13. knfsd userspace portion of the NFS daemon 14. rpc.mountd NFS mount server 15. rpc.ypbind NIS server 16. squid Web proxy server 17. nessusd penetration testing server 18. postgresql database server 19. mysql database server 20. oracle database server 20
21 LINUX FIREWALL PACKAGES Linux provides a few different mechanisms for system security. One of these mechanisms is Linux s firewall packages. Two of the firewalling packages available are tcpwrappers and ipchains. tcp-wrappers is a minimalistic packet filtering application to protect certain network ports ipchains is a packet filtering firewall. 21
22 TCP wrappers works only on programs that are started from inetd. An inetd.conf without tcp-wrappers would look like this: telnet stream tcp nowait root /usr/sbin/in.telnetd in.telnetd An inetd.conf with tcp-wrappers looks like this: telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd 22
23 WHAT DOES WITH AND WITHOUT WRAPPER MEANS If your system does not have TCP Wrappers built in your configuration will have to use the tcpd program that is part of TCP Wrappers to wrap inetd services. In order to wrap an inetd service.you simply change its entry in /etc/inetd.conf so that tcpd is executed telnet stream tcp nowait root /usr/sbin/in.telnetd in.telnetd telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd In other words, replace the pathname of the daemon with the full path to tcpd, leaving everything else untouched. 23
24 When inetd starts up, it looks through /etc/inetd. to see what network service connections it should start listening for. tcpd is then called and reads the /etc/hosts.allow file to see if the hostname is allowed. If the hostname is in /etc/hosts.deny, the connection is closed. 24
25 SYNTAX OF AN ALLOW OR DENY RULE service: hostname : options Add rules host.allow or in host.deny hosts.allow file in.telnetd:.xena.edu : ALLOW To enable only machines from the xena.edu domain to telnet into your machine hosts.deny file in.telnetd:.xena.edu : DENY 25
26 IPCHAINS ipchains is Linux s built-in IP firewall administration tool Using ipchains enables you to run a personal firewall to protect your Linux machine. If the Linux machine is a routing gateway for other machines on your network, it can act as a packet filtering network firewall if more than one network interface is installed. 26
27 27 END OF CHAPTER 1
TCP Wrapper. Provides host-based access control to network services
1 TCP Wrapper Provides host-based access control to network services It has the following features: Logging Access Control Host Name Verification User Name Verification Spoofing Protection 2 TCP Wrapper
More informationTELE 301 Lecture 8: Post
Last Lecture System installation This Lecture Post installation Next Lecture Wireless networking Overview TELE 301 Lecture 8: Post 1 Post-configuration Create user accounts and environments Sort out the
More information10 Defense Mechanisms
SE 4C03 Winter 2006 10 Defense Mechanisms Instructor: W. M. Farmer Revised: 23 March 2006 1 Defensive Services Authentication (subject, source) Access control (network, host, file) Data protection (privacy
More informationXinted. 1.1 Brief introduction. 1.2 Configuration of Xinetd
Xinted 1.1 Brief introduction Xinetd provides visiting control, improved log function and resource management. It is standard super guardian process of Internet in Asianux 2.0 system. Inetd is called super
More informationNETWORK CONFIGURATION AND SERVICES. route add default gw /etc/init.d/apache restart
NETWORK CONFIGURATION AND SERVICES route add default gw 192.168.0.1 /etc/init.d/apache restart NETWORK CONFIGURATION There are two main approaches to configuring a machine for network access: Static configuration
More informationCSE 265: System and Network Administration
CSE 265: System and Network Administration Daemons init cron and atd inetd and xinetd Kernel daemons File service daemons Internet daemons Time synchronization daemons Booting and configuration daemons
More informationRFC RFC. Configuring FTP Server. FTP Clients
RFC slide 1 RFC slide 2 as a network manager it is important to understand some of the subtle issues within networking within the TCP/IP suite of protocols including: TCP, UDP, IP, SNMP, ICMP, SMTP, FTP,
More informationINSE 6130 Operating System Security
INSE 6130 Operating System Security Secure Booting Prof. Lingyu Wang 1 Overview AEGIS: Secure Bootstrap Architecture TPM: Trusted Platform Module 2 1 The Problem All security controls are initiated by...
More informationServices and Security
Services and Security Find out what's listening to the net Find out what services are running Find out what they do Disable or remove any that you don't need References http://techrepublic.com.com/5100-6270-1053043.html
More informationTCP wrappers and IP filtering (UKERNA security workshop)
CP wrappers and P filtering (KA security workshop) eorge oss gdmr@dcs.ed.ac.uk ovember 22nd 2000 gdmr@dcs.ed.ac.uk KA workshop: P filtering 2000/11/22 (v2.6) ntroduction 1 his talk is based on our experiences
More information7 Distributed File Systems
Single tree /etc Global File system /progs Drives mounted over the network to create a single tree /user /sys Network Forest of drives 7 Distributed File Systems C: D: E: F: Drives mounted over the network
More information1. Add these options in kernel configuration file and recompile the kernel
Chapter 21 Security Firewall (1) Using ipfw 1. Add these options in kernel configuration file and recompile the kernel options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_FORWARD options IPFIREWALL_DEFAULT_TO_ACCEPT
More informationPreface to the First Edition Preface to the Second Edition Acknowledgments UNIX Operating System Environment p. 1 UNIX: Past and Present p.
Preface to the First Edition p. xv Preface to the Second Edition p. xvii Acknowledgments p. xix UNIX Operating System Environment p. 1 UNIX: Past and Present p. 2 History and Growth of UNIX p. 2 Flavors
More informationSecuring Linux Systems Before Deployment
Securing Linux Systems Before Deployment Richard Williams Senior Support Services Specialist Symark Why secure Linux systems? Your Linux enterprise installation is growing Assets on Linux systems are becoming
More informationUbuntu Sever Administration. Duration:40 Hrs
Ubuntu 12.04 Sever Administration Duration:40 Hrs 1. Introduction to Ubuntu Linux Ubuntu Server Ubuntu Server 12.04 Server Installation Alternatives and Options Server on the Desktop Installation Desktop
More informationNetworking Operating Systems (CO32010)
Networking Operating Systems (CO32010) 1. Operating Systems 2. Processes and scheduling Objectives: To discuss the advantages of a distributed file system. To outline the different methods of mounting
More informationIntroduction to UNIX/LINUX Security. Hu Weiwei
Introduction to UNIX/LINUX Security Hu Weiwei Operation System Security The Security Problems in Operation Systems become more and more important The Security techniques improved rapidly The number of
More informationFreeBSD Security Advisories (1)
Security FreeBSD Security Advisories (1) http://www.freebsd.org/security/advisories.html 2 FreeBSD Security Advisories (2) 3 FreeBSD Security Advisories (3) freebsd-security-notifications Mailing list
More informationSecurity for All Jaqui Lynch
Page 1 of 5 Issue Date: IBM edition for UNIX October 2003, Posted On: 10/1/2003 Security for All Jaqui Lynch With the increase of e-commerce and on demand computing, security has never been more critical
More informationProtocol Filters APPENDIX
APPENDIX B The tables in this appendix list some of the protocols that you can filter on the access point. The tables include: Table A-1, Ethertype s Table A-2, IP s Table A-3, IP Port s In each table,
More informationOPERATING SYSTEMS. Božo Krstajić, PhD, University of Montenegro Podgorica.
OPERATING SYSTEMS Božo Krstajić, PhD, University of Montenegro Podgorica bozok@cg.ac.yu 1 The /etc/rc.d directory The system initialization files are stored in the /etc/rc.d directory. Each task or runlevel
More informationApplication Layer: OSI and TCP/IP Models
Application Layer Application Layer: OSI and TCP/IP Models The communication process between two communicating nodes is actually a communication process between two applications on these devices. Service
More informationTCP, UDP Ports, and ICMP Message Types1
Appendix A APPENDIX A TCP, UDP Ports, and ICMP Message Types1 I list useful TCP, UDP ports, and ICMP message types in this appendix. A comprehensive list of registered TCP and UDP services may be found
More informationLinux Network Administration
Secure Remote Connections with OpenSSH Objective At the conclusion of this module, the student will be able to: Configure the ssh daemon start, stop, and restart sshd 17 January 2005 NETW 111 - SSH 2 SSH
More informationAddresses, Protocols, and Ports Reference
APPENDIXA Addresses, Protocols, and Ports Reference This appendix provides a quick reference for the following topics: IP Addresses and Subnet Masks Protocols and Applications TCP and UDP Ports ICMP Types
More informationFreeBSD Security Advisories
Security FreeBSD Security Advisories http://www.freebsd.org/security/advisories.html 2 FreeBSD Security Advisories Advisory Security information Where to find it Web page (Security Advisories Channel)
More informationExam Questions SY0-401
Exam Questions SY0-401 CompTIA Security+ Certification https://www.2passeasy.com/dumps/sy0-401/ 1. A company has implemented PPTP as a VPN solution. Which of the following ports would need to be opened
More informationFreeBSD Security Advisories
Security FreeBSD Security Advisories http://www.freebsd.org/security/advisories.html 2 FreeBSD Security Advisories Advisory Security information Where to find it Web page (Security Advisories Channel)
More informationLinux Administration
Linux Administration This course will cover all aspects of Linux Certification. At the end of the course delegates will have the skills required to administer a Linux System. It is designed for professionals
More informationLPI202 - LPIC-2 Exam Prep (Course 2) (LPI202) HL966S
Course data sheet LPI202 - LPIC-2 Exam Prep (Course 2) (LPI202) HL966S Prerequisites Supported distributions Course data sheet Page 1 Detailed course outline Module 5: Maintaining a Web Server Module 6:
More informationSecurity Policy Document Version 3.3. Tropos Networks
Tropos Control Element Management System Security Policy Document Version 3.3 Tropos Networks October 1 st, 2009 Copyright 2009 Tropos Networks. This document may be freely reproduced whole and intact
More information14. Configuring Telnet in Knoppix
14. Configuring Telnet in Knoppix Estimated Time: 45 Minutes Objective In this lab, the student will learn how to configure the Telnet service on a system so that the user can remotely administer a Knoppix
More informationNetwork-Based Application Recognition
Network-Based Application Recognition Last updated: September 2008 Common questions and answers regarding Cisco Network-Based Application Recognition (NBAR) follow. Q. What is NBAR? A. NBAR, an important
More informationEXAMGOOD QUESTION & ANSWER. Accurate study guides High passing rate! Exam Good provides update free of charge in one year!
EXAMGOOD QUESTION & ANSWER Exam Good provides update free of charge in one year! Accurate study guides High passing rate! http://www.examgood.com Exam : 3X0-103 Title : Linux Networking (Level 1) Version
More informationCisco WAAS Software Command Summary
2 CHAPTER This chapter summarizes the Cisco WAAS 4.0.7 software commands. lists the WAAS commands (alphabetically) and indicates the command mode for each command. The commands used to access modes are
More informationVB Socket Visual Basic socket implementation
10 VB Socket. 10.1 Visual Basic socket implementation Visual Basic support a WinSock control which allows the connection of hosts over a network. It supports both UDP and TCP. Figure 10. shows a sample
More informationNessus Scan Report. Hosts Summary (Executive) Hosts Summary (Executive) Mon, 15 May :27:44 EDT
Nessus Scan Report Mon, 15 May 2017 15:27:44 EDT Table Of Contents Hosts Summary (Executive) 192.168.168.134 Hosts Summary (Executive) [-] Collapse All [+] Expand All 192.168.168.134 Summary Critical High
More informationPractical Magic with SSH. By David F. Skoll Roaring Penguin Software Inc. 1 February
Practical Magic with SSH By David F. Skoll Roaring Penguin Software Inc. 1 February 2001 http://www.roaringpenguin.com dfs@roaringpenguin.com Overview of Presentation Why SSH? Problems with Telnet & Friends
More informationCourse Outline: Linux Professional Institute-LPI 202. Learning Method: Instructor-led Classroom Learning. Duration: 5.00 Day(s)/ 40 hrs.
Course Outline: Linux Professional Institute-LPI 202 Learning Method: Instructor-led Classroom Learning Duration: 5.00 Day(s)/ 40 hrs Overview: The LPI certification is a vendor-neutral Linux credential
More informationProcesses are subjects.
Identification and Authentication Access Control Other security related things: Devices, mounting filesystems Search path TCP wrappers Race conditions NOTE: filenames may differ between OS/distributions
More informationHP HP-UX Networking and Security. Download Full Version :
HP HP0-094 HP-UX Networking and Security Download Full Version : https://killexams.com/pass4sure/exam-detail/hp0-094 QUESTION: 168 In order to restrict the access to the /etc/passwd file through ftp, which
More informationLinux+ Guide to Linux Certification, Third Edition. Chapter 12 Network Configuration
Linux+ Guide to Linux Certification, Third Edition Chapter 12 Network Configuration Objectives Describe the purpose and types of networks, protocols, and media access methods Explain the basic configuration
More informationGlobal Information Assurance Certification Paper
Global Information Assurance Certification Paper Copyright SANS Institute Author Retains Full Rights This paper is taken from the GIAC directory of certified professionals. Reposting is not permited without
More informationNetwork Working Group. Category: Informational July 1997
Network Working Group A. Gwinn Request for Comments: 2179 Networld+Interop NOC Team Category: Informational July 1997 Status of this Memo Network Security For Trade Shows This memo provides information
More informationUnix Security Guidelines This document is a general overview of the security considerations for a Unix based server implementation.
Unix Security Guidelines This document is a general overview of the security considerations for a Unix based server implementation. Table of Contents Password Security...1 Account Security...1 Software
More informationIntroduction to Linux Workshop 2. The George Washington University SEAS Computing Facility
Introduction to Linux Workshop 2 The George Washington University SEAS Computing Facility Course Goals SSH and communicating with other machines Public/Private key generation,.ssh directory, and the config
More informationLinux Networking: network services
Linux Networking: network services David Morgan Client and server: matched pairs Client process inter-process communication Server process 1 OK as long as there s a way to talk Client process Server process
More informationTCP/IP Filtering. Main TCP/IP Filtering Dialog Box. Route Filters Button. Packet Filters Button CHAPTER
CHAPTER 11 Main Dialog Box To access this dialog box (Figure 11-1), select Global/Filtering/ from the Device View. Figure 11-1 Main Configuration Dialog Box Route Filters Button This button brings up a
More informationRHCSA BOOT CAMP. Network Security
RHCSA BOOT CAMP Network Security TCP WRAPPERS TCP Wrappers was originally written to provide host based access control for services which did not already include it. It was one of the first firewalls of
More informationTELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the local terminal appears to be the
Telnet/SSH TELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the local terminal appears to be the terminal at the remote location. Usually establishes
More informationProject 4: Penetration Test
Project description Project 4: Penetration Test April 28, 2014 Bing Hao The learning objective of this project is to gain hands on experiences with the usage and functionality of Nmap, Neussus and Metsploit.
More informationCluster Computing Spring 2004 Paul A. Farrell
Configuring & Tuning Cluster Networks Node connectivity Node visibility Networking Services Security Performance Enhancement Internet Protocol Stack and Parameters NIC/OS Driver Maximum Amount of Data
More informationContext Based Access Control (CBAC): Introduction and Configuration
Context Based Access Control (CBAC): Introduction and Configuration Document ID: 13814 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information What Traffic Do
More informationProject #4: Implementing NFS
Project #4: Implementing NFS Distributed File Systems NFS Ports and Network Conversations Destination and Return Ports RPC-based Services Configuring Server Daemons /etc/exports autofs Sharing home directories
More informationLinux Security & Firewall
Linux Security & Firewall Linux is not secure No computer system can ever be "completely secure". make it increasingly difficult for someone to compromise your system. The more secure your system, the
More informationGlobal Information Assurance Certification Paper
Global Information Assurance Certification Paper Copyright SANS Institute Author Retains Full Rights This paper is taken from the GIAC directory of certified professionals. Reposting is not permited without
More informationLPI102 EXAM PREPARATION LPIC-1 (LINUX PROFESSIONAL INSTITUTE)
LPI102 EXAM PREPARATION LPIC-1 (LINUX PROFESSIONAL INSTITUTE) COURSE DESCRIPTION: This course prepares students to take the LPI 102 exam of the LPI level 1 certification. The LPI objectives covered are
More informationRedHat Certified Engineer
RedHat Certified Engineer Red Hat Certified Engineer (RHCE) is a performance-based test that measures actual competency on live systems. Called the "crown jewel of Linux certifications," RHCE proves an
More informationParanoid Penguin rsync, Part I
Paranoid Penguin rsync, Part I rsync makes efficient use of the network by only transferring the parts of files that are different from one host to the next. Here's how to use it securely. by Mick Bauer
More informationSupport for policy-based routing applies to the Barracuda Web Security Gateway running version 6.x only.
Support for policy-based routing applies to the Barracuda Web Security Gateway running version 6.x only. Transparently Routing Web Traffic to the Barracuda Web Security Gateway This article demonstrates
More informationWhy Firewalls? Firewall Characteristics
Why Firewalls? Firewalls are effective to: Protect local systems. Protect network-based security threats. Provide secured and controlled access to Internet. Provide restricted and controlled access from
More informationVII. Corente Services SSL Client
VII. Corente Services SSL Client Corente Release 9.1 Manual 9.1.1 Copyright 2014, Oracle and/or its affiliates. All rights reserved. Table of Contents Preface... 5 I. Introduction... 6 Chapter 1. Requirements...
More informationThe Internet: what it looks like, how it works, and how it is abused
The Internet: what it looks like, how it works, and how it is abused Bill Cheswick ches@cheswick.com Visiting Scholar, University of Pennsylvania 1 What Does the Internet Look Like? 2 Science Seminar 3
More informationIBM AIX Operating System Courses
IBM AIX Operating System Courses (Platforms: POWER4+ based) AIX Basics Fundamentals (3 days) AIX Basics Shell Scripting (Korn / Bash ) and awk Programming (3 days) Advanced IBM AIX Systems Programming
More informationOverview of Kerberos(I)
Overview of Kerberos(I) Network Authentication Protocol for C/S application based on symmetric cryptosystem TTP authentication service Based on secret key, single login Part of MIT's project Athena (public
More informationProject #6: Using ssh, scp and sftp with Key-Based Authentication
Project #6: Using ssh, scp and sftp with Key-Based Authentication ssh, scp and sftp Going beyond Password Protection Creating Keys Creating Keys with a Passphrase Using Key-Based Authentication in Our
More informationInterWorx Server Administrator SSH Guide. by InterWorx LLC
InterWorx Server Administrator SSH Guide by InterWorx LLC Contents 1 SSH guide 2 1.1 History.................................................. 2 1.2 Shell Users graph.............................................
More informationEthernet / TCP-IP - Training Suite Application level protocols
Ethernet / TCP-IP - Training Suite 05 - Application level protocols Application layer protocols 2 World Wide Web HTTP I want HTTP this resource. Hypertext Transfer Protocol (HTTP) Used by the World Wide
More informationnetcat Johannes Franken
netcat Johannes Franken On this page I show example uses of netcat - a command line tool to create network connections over tcp or udp. Contents 1. Intended purpose 2. Usage as client
More informationHow to Use This Lab Manual
3 Contents How to Use This Lab Manual........................................ 5 Lab 1: Setting Up the Student System.................................. 7 Lab 2: Installing Fedora............................................
More informationFundamentals of Linux Platform Security
Fundamentals of Linux Platform Security Security Training Course Dr. Charles J. Antonelli The University of Michigan 2012 Linux Platform Security Module 9 Application Security Roadmap ssh SSL IPsec & VPNs
More informationSoftware Engineering 4C03 Answer Key
Software Engineering 4C03 Answer Key DAY CLASS Dr. William M. Farmer DURATION OF EXAMINATION: 2 Hours MCMASTER UNIVERSITY FINAL EXAMINATION April 2002 (1) [2 pts.] Conventional encryption cannot be used
More informationTELE301 Lab16 - The Secure Shell
TELE301 Lab16 - The Secure Shell Department of Telecommunications May 7, 2002 Contents 1 Introduction 2 2 OpenSSH 2 3 Replacing Telnet 2 4 Logging in without a password 2 5 SSH Agent 3 5.1 SSH Add..............................
More informationLOMBA KETERAMPILAN SISWA
LOMBA KETERAMPILAN SISWA SEKOLAH MENENGAH KEJURUAN TINGKAT NASIONAL XXV 2017 MODUL A LINUX ISLAND IT NETWORK SYSTEMS ADMINISTRATION LKS2017_ITNSA_MODUL_A 2 ISLAND A LINUX ISLAND CONTENTS This Test Project
More information1 of 5 5/19/05 9:48 AM
1 of 5 5/19/05 9:48 AM "Well Known" TCP and UDP Ports Used By Apple Software Products This document lists TCP and UDP ports used by Apple software products, such as Mac OS 9, Mac OS X, Mac OS X Server,
More informationCluster Computing Spring 2004 Paul A. Farrell 4/25/2006. Dept of Computer Science Kent State University 1. Configuring & Tuning Cluster Networks
Configuring & Tuning Cluster Networks Node connectivity Node visibility Networking Services Security Performance Enhancement Network Designs Impact of Network Design Security from outside attack Usability
More informationReplacing Windows Servers with Linux
Replacing Windows Servers with Linux Mark Post Novell, Inc. Wednesday, February 14, 2007 Session 9281 Agenda Reasons to move away from Microsoft Windows What Windows functions can be replaced? What can
More informationSpecialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com
Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE s3security.com Security Professional Services S3 offers security services through its Security Professional Services (SPS) group, the security-consulting
More informationLaboratory assignment 5 Sunscreen firewall Applied Computer Security B, 5p DTAB80
1/5 Laboratory assignment 5 Sunscreen firewall Applied Computer Security B, 5p DTAB80 IN GENERAL...1 5.1 SUNSCREEN...2 Reading...2 Download...2 Installing...2 Configuration...3 Start...5 Testing...5 In
More informationCryptography Application : SSH. 7 Sept 2017, Taichung, Taiwan
Cryptography Application : SSH 7 Sept 2017, Taichung, Taiwan What is Safely Authentication I am Assured of Which Host I am Talking With Authentication - The Host Knows Who I Am The Traffic is Encrypted
More informationOPERATING SYSTEMS LINUX
OPERATING SYSTEMS LINUX Božo Krstajić, PhD, University of Montenegro Podgorica bozok@cg.ac.yu Process management Linux operating systems work with processes. Basically a process consists of program code
More informationExtended ACL Configuration Mode Commands
Extended ACL Configuration Mode Commands To create and modify extended access lists on a WAAS device for controlling access to interfaces or applications, use the ip access-list extended global configuration
More informationAdmin Guide ( Unix System Administration )
Admin Guide ( Unix System Administration ) ProFTPD Server Configuration ProFTPD is a secure and configurable FTP server, written for use on Unix and Unix-like operating systems. ProFTPD is modeled around
More informationSCS3004 Networking Technologies Application Layer Protocols
SCS3004 Networking Technologies Application Layer Protocols Dr. Ajantha Atukorale University of Colombo School of Computing (UCSC) 2 TCP/IP Suit Applications and application-layer layer protocols Application:
More informationUNIVERSITY OF MUMBAI OCTOBER 2014 LINUX ADMINISTRATION
Seat No: 1. a. Implement a linux server system with an ip address 192.168.0.45 and update 20 the hostname as ServerXX (XX stands for rollno) b. Implement a linux client system with an ip address 192.168.0.24
More informationIntroduction to Firewalls using IPTables
Introduction to Firewalls using IPTables The goal of this lab is to implement a firewall solution using IPTables, and to write and to customize new rules to achieve security. You will need to turn in your
More informationLecture 08: Networking services: there s no place like
Lecture 08: services: there s no place like 127.0.0.1 Hands-on Unix system administration DeCal 2012-10-15 1 / 22 About Common records Other records 2 / 22 About About Common records Other records Domain
More informationAddresses, Protocols, and Ports
APPENDIXB This appendix provides a quick reference for IP addresses, protocols, and applications. This appendix includes the following sections: IPv4 Addresses and Subnet Masks, page B-1 IPv6 Addresses,
More informationSecurity Design in. Avaya Aura Presence Services. Release 5.2. Issue 1
Security Design in Avaya Aura Presence Services Release 5.2 Issue 1 November 2009 2009 Avaya Inc. All Rights Reserved. Notice While reasonable efforts were made to ensure that the information in this document
More informationSecurity. Advanced Operating Systems and Virtualization Alessandro Pellegrini A.Y. 2017/2018
Security Advanced Operating Systems and Virtualization Alessandro Pellegrini A.Y. 2017/2018 Basic Security Aspects 1. Systems must be usable by legitimate users only 2. Access is granted on the basis of
More informationMaster Informatique NetArch Network Architecture. NetArch - Lab n 2. Application Layer (1): Telnet, SSH, FTP, TFTP and Web
Master Informatique NetArch Network Architecture NetArch - Lab n 2 Application Layer (1): Telnet, SSH, FTP, TFTP and Web In Lab n 1, you learned how to use the networking testbed and you used it to generate,
More informationIntroduction to Networking
Introduction to Networking Chapters 1 and 2 Outline Computer Network Fundamentals Defining a Network Networks Defined by Geography Networks Defined by Topology Networks Defined by Resource Location OSI
More informationFtp Command Line Manual Windows Username Password Linux
Ftp Command Line Manual Windows Username Password Linux Midnight Commander is a console based full-screen text mode File Manager that allows you to copy, MC has many features which are useful for a user
More informationLatest IT Exam Questions & Answers
DumpKiller Latest IT Exam Questions & Answers http://www.dumpkiller.com No help, Full refund! Exam : LX0-104 Title : CompTIA Linux+ [Powered by LPI] - Exam 2 Vendor : CompTIA Version : DEMO Get Latest
More informationConfiguration Examples
CHAPTER 4 Before using this chapter, be sure that you have planned your site s security policy, as described in Chapter 1, Introduction, and configured the PIX Firewall, as described in Chapter 2, Configuring
More informationTelnet/SSH. Connecting to Hosts. Internet Technology 1
Telnet/SSH Connecting to Hosts Internet Technology 1 What is Telnet? Method for connecting to hosts Enables remote login (rlogin) to computers on the Internet One computer can connect to another to use
More informationJ.K. MANDAL. Dean, Faculty of Engineering, Technology & Management Professor, Department of Computer Science & Engineering University of Kalyani
J.K. MANDAL Dean, Faculty of Engineering, Technology & Management Professor, Department of Computer Science & Engineering University of Kalyani Kalyani, Nadia, West Bengal E-mail:jkmandal@klyuniv.ac.in
More informationIntroduction to TCP/IP
Introduction to TCP/IP Properties and characteristics of TCP/IP IPv4 IPv6 Public vs private vs APIPA/link local Static vs dynamic Client-side DNS settings Client-side DHCP Subnet mask vs CIDR Gateway TCP/IP
More informationInt ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28
Int ernet w orking Internet Security Literature: Forouzan: TCP/IP Protocol Suite : Ch 28 Internet Security Internet security is difficult Internet protocols were not originally designed for security The
More informationInstallation Manual InfraManage.NET Installation Instructions for Ubuntu
Installation Manual InfraManage.NET Installation Instructions for Ubuntu Copyright 1996 2017 Timothy Ste. Marie Version 7.5.72SQL InfraManage.NET Installing InfraManage.NET Page 1 of 78 Table of Contents
More information