%!PS-Adobe-2.0 %%Creator: dvips(k) 5.86 Copyright 1999 Radical Eye Software %%Title: Security-HOWTO.dvi %%Pages: 52 %%PageOrder: Ascend %%BoundingBox: 0 0 596 842 %%DocumentFonts: Helvetica-Bold Palatino-Roman Palatino-Bold %%+ Palatino-Italic Courier Courier-Oblique Courier-Bold %%EndComments %DVIPSWebPage: (www.radicaleye.com) %DVIPSCommandLine: dvips -q Security-HOWTO.dvi -o Security-HOWTO.ps %DVIPSParameters: dpi=600, compressed %DVIPSSource: TeX output 2002.11.05:1516 %%BeginProcSet: texc.pro %! /TeXDict 300 dict def TeXDict begin/N{def}def/B{bind def}N/S{exch}N/X{S N}B/A{dup}B/TR{translate}N/isls false N/vsize 11 72 mul N/hsize 8.5 72 mul N/landplus90{false}def/@rigin{isls{[0 landplus90{1 -1}{-1 1}ifelse 0 0 0]concat}if 72 Resolution div 72 VResolution div neg scale isls{ landplus90{VResolution 72 div vsize mul 0 exch}{Resolution -72 div hsize mul 0}ifelse TR}if Resolution VResolution vsize -72 div 1 add mul TR[ matrix currentmatrix{A A round sub abs 0.00001 lt{round}if}forall round exch round exch]setmatrix}N/@landscape{/isls true N}B/@manualfeed{ statusdict/manualfeed true put}B/@copies{/#copies X}B/FMat[1 0 0 -1 0 0] N/FBB[0 0 0 0]N/nn 0 N/IEn 0 N/ctr 0 N/df-tail{/nn 8 dict N nn begin /FontType 3 N/FontMatrix fntrx N/FontBBox FBB N string/base X array /BitMaps X/BuildChar{CharBuilder}N/Encoding IEn N end A{/foo setfont}2 array copy cvx N load 0 nn put/ctr 0 N[}B/sf 0 N/df{/sf 1 N/fntrx FMat N df-tail}B/dfs{div/sf X/fntrx[sf 0 0 sf neg 0 0]N df-tail}B/E{pop nn A definefont setfont}B/Cw{Cd A length 5 sub get}B/Ch{Cd A length 4 sub get }B/Cx{128 Cd A length 3 sub get sub}B/Cy{Cd A length 2 sub get 127 sub} B/Cdx{Cd A length 1 sub get}B/Ci{Cd A type/stringtype ne{ctr get/ctr ctr 1 add N}if}B/id 0 N/rw 0 N/rc 0 N/gp 0 N/cp 0 N/G 0 N/CharBuilder{save 3 1 roll S A/base get 2 index get S/BitMaps get S get/Cd X pop/ctr 0 N Cdx 0 Cx Cy Ch sub Cx Cw add Cy setcachedevice Cw Ch true[1 0 0 -1 -.1 Cx sub Cy .1 sub]/id Ci N/rw Cw 7 add 8 idiv string N/rc 0 N/gp 0 N/cp 0 N{ rc 0 ne{rc 1 sub/rc X rw}{G}ifelse}imagemask restore}B/G{{id gp get/gp gp 1 add N A 18 mod S 18 idiv pl S get exec}loop}B/adv{cp add/cp X}B /chg{rw cp id gp 4 index getinterval putinterval A gp add/gp X adv}B/nd{ /cp 0 N rw exit}B/lsh{rw cp 2 copy get A 0 eq{pop 1}{A 255 eq{pop 254}{ A A add 255 and S 1 and or}ifelse}ifelse put 1 adv}B/rsh{rw cp 2 copy get A 0 eq{pop 128}{A 255 eq{pop 127}{A 2 idiv S 128 and or}ifelse} ifelse put 1 adv}B/clr{rw cp 2 index string putinterval adv}B/set{rw cp fillstr 0 4 index getinterval putinterval adv}B/fillstr 18 string 0 1 17 {2 copy 255 put pop}for N/pl[{adv 1 chg}{adv 1 chg nd}{1 add chg}{1 add chg nd}{adv lsh}{adv lsh nd}{adv rsh}{adv rsh nd}{1 add adv}{/rc X nd}{ 1 add set}{1 add clr}{adv 2 chg}{adv 2 chg nd}{pop nd}]A{bind pop} forall N/D{/cc X A type/stringtype ne{]}if nn/base get cc ctr put nn /BitMaps get S ctr S sf 1 ne{A A length 1 sub A 2 index S get sf div put }if put/ctr ctr 1 add N}B/I{cc 1 add D}B/bop{userdict/bop-hook known{ bop-hook}if/SI save N @rigin 0 0 moveto/V matrix currentmatrix A 1 get A mul exch 0 get A mul add .99 lt{/QV}{/RV}ifelse load def pop pop}N/eop{ SI restore userdict/eop-hook known{eop-hook}if showpage}N/@start{ userdict/start-hook known{start-hook}if pop/VResolution X/Resolution X 1000 div/DVImag X/IEn 256 array N 2 string 0 1 255{IEn S A 360 add 36 4 index cvrs cvn put}for pop 65781.76 div/vsize X 65781.76 div/hsize X}N /p{show}N/RMat[1 0 0 -1 0 0]N/BDot 260 string N/Rx 0 N/Ry 0 N/V{}B/RV/v{ /Ry X/Rx X V}B statusdict begin/product where{pop false[(Display)(NeXT) (LaserWriter 16/600)]{A length product length le{A length product exch 0 exch getinterval eq{pop true exit}if}{pop}ifelse}forall}{false}ifelse end{{gsave TR -.1 .1 TR 1 1 scale Rx Ry false RMat{BDot}imagemask grestore}}{{gsave TR -.1 .1 TR Rx Ry scale 1 1 false RMat{BDot} imagemask grestore}}ifelse B/QV{gsave newpath transform round exch round exch itransform moveto Rx 0 rlineto 0 Ry neg rlineto Rx neg 0 rlineto fill grestore}B/a{moveto}B/delta 0 N/tail{A/delta X 0 rmoveto}B/M{S p delta add tail}B/b{S p tail}B/c{-4 M}B/d{-3 M}B/e{-2 M}B/f{-1 M}B/g{0 M} B/h{1 M}B/i{2 M}B/j{3 M}B/k{4 M}B/w{0 rmoveto}B/l{p -4 w}B/m{p -3 w}B/n{ p -2 w}B/o{p -1 w}B/q{p 1 w}B/r{p 2 w}B/s{p 3 w}B/t{p 4 w}B/x{0 S rmoveto}B/y{3 2 roll p a}B/bos{/SS save N}B/eos{SS restore}B end %%EndProcSet %%BeginProcSet: 8r.enc % @@psencodingfile@{ % author = "S. Rahtz, P. MacKay, Alan Jeffrey, B. Horn, K. Berry", % version = "0.6", % date = "22 June 1996", % filename = "8r.enc", % email = "kb@@mail.tug.org", % address = "135 Center Hill Rd. // Plymouth, MA 02360", % codetable = "ISO/ASCII", % checksum = "119 662 4424", % docstring = "Encoding for TrueType or Type 1 fonts to be used with TeX." % @} % % Idea is to have all the characters normally included in Type 1 fonts % available for typesetting. This is effectively the characters in Adobe % Standard Encoding + ISO Latin 1 + extra characters from Lucida. % % Character code assignments were made as follows: % % (1) the Windows ANSI characters are almost all in their Windows ANSI % positions, because some Windows users cannot easily reencode the % fonts, and it makes no difference on other systems. The only Windows % ANSI characters not available are those that make no sense for % typesetting -- rubout (127 decimal), nobreakspace (160), softhyphen % (173). quotesingle and grave are moved just because it's such an % irritation not having them in TeX positions. % % (2) Remaining characters are assigned arbitrarily to the lower part % of the range, avoiding 0, 10 and 13 in case we meet dumb software. % % (3) Y&Y Lucida Bright includes some extra text characters; in the % hopes that other PostScript fonts, perhaps created for public % consumption, will include them, they are included starting at 0x12. % % (4) Remaining positions left undefined are for use in (hopefully) % upward-compatible revisions, if someday more characters are generally % available. % % (5) hyphen appears twice for compatibility with both ASCII and Windows. % /TeXBase1Encoding [ % 0x00 (encoded characters from Adobe Standard not in Windows 3.1) /.notdef /dotaccent /fi /fl /fraction /hungarumlaut /Lslash /lslash /ogonek /ring /.notdef /breve /minus /.notdef % These are the only two remaining unencoded characters, so may as % well include them. /Zcaron /zcaron % 0x10 /caron /dotlessi % (unusual TeX characters available in, e.g., Lucida Bright) /dotlessj /ff /ffi /ffl /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef % very contentious; it's so painful not having quoteleft and quoteright % at 96 and 145 that we move the things normally found there down to here. /grave /quotesingle % 0x20 (ASCII begins) /space /exclam /quotedbl /numbersign /dollar /percent /ampersand /quoteright /parenleft /parenright /asterisk /plus /comma /hyphen /period /slash % 0x30 /zero /one /two /three /four /five /six /seven /eight /nine /colon /semicolon /less /equal /greater /question % 0x40 /at /A /B /C /D /E /F /G /H /I /J /K /L /M /N /O % 0x50 /P /Q /R /S /T /U /V /W /X /Y /Z /bracketleft /backslash /bracketright /asciicircum /underscore % 0x60 /quoteleft /a /b /c /d /e /f /g /h /i /j /k /l /m /n /o % 0x70 /p /q /r /s /t /u /v /w /x /y /z /braceleft /bar /braceright /asciitilde /.notdef % rubout; ASCII ends % 0x80 /.notdef /.notdef /quotesinglbase /florin /quotedblbase /ellipsis /dagger /daggerdbl /circumflex /perthousand /Scaron /guilsinglleft /OE /.notdef /.notdef /.notdef % 0x90 /.notdef /.notdef /.notdef /quotedblleft /quotedblright /bullet /endash /emdash /tilde /trademark /scaron /guilsinglright /oe /.notdef /.notdef /Ydieresis % 0xA0 /.notdef % nobreakspace /exclamdown /cent /sterling /currency /yen /brokenbar /section /dieresis /copyright /ordfeminine /guillemotleft /logicalnot /hyphen % Y&Y (also at 45); Windows' softhyphen /registered /macron % 0xD0 /degree /plusminus /twosuperior /threesuperior /acute /mu /paragraph /periodcentered /cedilla /onesuperior /ordmasculine /guillemotright /onequarter /onehalf /threequarters /questiondown % 0xC0 /Agrave /Aacute /Acircumflex /Atilde /Adieresis /Aring /AE /Ccedilla /Egrave /Eacute /Ecircumflex /Edieresis /Igrave /Iacute /Icircumflex /Idieresis % 0xD0 /Eth /Ntilde /Ograve /Oacute /Ocircumflex /Otilde /Odieresis /multiply /Oslash /Ugrave /Uacute /Ucircumflex /Udieresis /Yacute /Thorn /germandbls % 0xE0 /agrave /aacute /acircumflex /atilde /adieresis /aring /ae /ccedilla /egrave /eacute /ecircumflex /edieresis /igrave /iacute /icircumflex /idieresis % 0xF0 /eth /ntilde /ograve /oacute /ocircumflex /otilde /odieresis /divide /oslash /ugrave /uacute /ucircumflex /udieresis /yacute /thorn /ydieresis ] def %%EndProcSet %%BeginProcSet: texps.pro %! TeXDict begin/rf{findfont dup length 1 add dict begin{1 index/FID ne 2 index/UniqueID ne and{def}{pop pop}ifelse}forall[1 index 0 6 -1 roll exec 0 exch 5 -1 roll VResolution Resolution div mul neg 0 0]/Metrics exch def dict begin Encoding{exch dup type/integertype ne{pop pop 1 sub dup 0 le{pop}{[}ifelse}{FontMatrix 0 get div Metrics 0 get div def} ifelse}forall Metrics/Metrics currentdict end def[2 index currentdict end definefont 3 -1 roll makefont/setfont cvx]cvx def}def/ObliqueSlant{ dup sin S cos div neg}B/SlantFont{4 index mul add}def/ExtendFont{3 -1 roll mul exch}def/ReEncodeFont{CharStrings rcheck{/Encoding false def dup[exch{dup CharStrings exch known not{pop/.notdef/Encoding true def} if}forall Encoding{]exch pop}{cleartomark}ifelse}if/Encoding exch def} def end %%EndProcSet %%BeginProcSet: special.pro %! TeXDict begin/SDict 200 dict N SDict begin/@SpecialDefaults{/hs 612 N /vs 792 N/ho 0 N/vo 0 N/hsc 1 N/vsc 1 N/ang 0 N/CLIP 0 N/rwiSeen false N /rhiSeen false N/letter{}N/note{}N/a4{}N/legal{}N}B/@scaleunit 100 N /@hscale{@scaleunit div/hsc X}B/@vscale{@scaleunit div/vsc X}B/@hsize{ /hs X/CLIP 1 N}B/@vsize{/vs X/CLIP 1 N}B/@clip{/CLIP 2 N}B/@hoffset{/ho X}B/@voffset{/vo X}B/@angle{/ang X}B/@rwi{10 div/rwi X/rwiSeen true N}B /@rhi{10 div/rhi X/rhiSeen true N}B/@llx{/llx X}B/@lly{/lly X}B/@urx{ /urx X}B/@ury{/ury X}B/magscale true def end/@MacSetUp{userdict/md known {userdict/md get type/dicttype eq{userdict begin md length 10 add md maxlength ge{/md md dup length 20 add dict copy def}if end md begin /letter{}N/note{}N/legal{}N/od{txpose 1 0 mtx defaultmatrix dtransform S atan/pa X newpath clippath mark{transform{itransform moveto}}{transform{ itransform lineto}}{6 -2 roll transform 6 -2 roll transform 6 -2 roll transform{itransform 6 2 roll itransform 6 2 roll itransform 6 2 roll curveto}}{{closepath}}pathforall newpath counttomark array astore/gc xdf pop ct 39 0 put 10 fz 0 fs 2 F/|______Courier fnt invertflag{PaintBlack} if}N/txpose{pxs pys scale ppr aload pop por{noflips{pop S neg S TR pop 1 -1 scale}if xflip yflip and{pop S neg S TR 180 rotate 1 -1 scale ppr 3 get ppr 1 get neg sub neg ppr 2 get ppr 0 get neg sub neg TR}if xflip yflip not and{pop S neg S TR pop 180 rotate ppr 3 get ppr 1 get neg sub neg 0 TR}if yflip xflip not and{ppr 1 get neg ppr 0 get neg TR}if}{ noflips{TR pop pop 270 rotate 1 -1 scale}if xflip yflip and{TR pop pop 90 rotate 1 -1 scale ppr 3 get ppr 1 get neg sub neg ppr 2 get ppr 0 get neg sub neg TR}if xflip yflip not and{TR pop pop 90 rotate ppr 3 get ppr 1 get neg sub neg 0 TR}if yflip xflip not and{TR pop pop 270 rotate ppr 2 get ppr 0 get neg sub neg 0 S TR}if}ifelse scaleby96{ppr aload pop 4 -1 roll add 2 div 3 1 roll add 2 div 2 copy TR .96 dup scale neg S neg S TR}if}N/cp{pop pop showpage pm restore}N end}if}if}N/normalscale{ Resolution 72 div VResolution 72 div neg scale magscale{DVImag dup scale }if 0 setgray}N/psfts{S 65781.76 div N}N/startTexFig{/psf$SavedState save N userdict maxlength dict begin/magscale true def normalscale currentpoint TR/psf$ury psfts/psf$urx psfts/psf$lly psfts/psf$llx psfts /psf$y psfts/psf$x psfts currentpoint/psf$cy X/psf$cx X/psf$sx psf$x psf$urx psf$llx sub div N/psf$sy psf$y psf$ury psf$lly sub div N psf$sx psf$sy scale psf$cx psf$sx div psf$llx sub psf$cy psf$sy div psf$ury sub TR/showpage{}N/erasepage{}N/copypage{}N/p 3 def @MacSetUp}N/doclip{ psf$llx psf$lly psf$urx psf$ury currentpoint 6 2 roll newpath 4 copy 4 2 roll moveto 6 -1 roll S lineto S lineto S lineto closepath clip newpath moveto}N/endTexFig{end psf$SavedState restore}N/@beginspecial{SDict begin/SpecialSave save N gsave normalscale currentpoint TR @SpecialDefaults count/ocount X/dcount countdictstack N}N/@setspecial{ CLIP 1 eq{newpath 0 0 moveto hs 0 rlineto 0 vs rlineto hs neg 0 rlineto closepath clip}if ho vo TR hsc vsc scale ang rotate rwiSeen{rwi urx llx sub div rhiSeen{rhi ury lly sub div}{dup}ifelse scale llx neg lly neg TR }{rhiSeen{rhi ury lly sub div dup scale llx neg lly neg TR}if}ifelse CLIP 2 eq{newpath llx lly moveto urx lly lineto urx ury lineto llx ury lineto closepath clip}if/showpage{}N/erasepage{}N/copypage{}N newpath}N /@endspecial{count ocount sub{pop}repeat countdictstack dcount sub{end} repeat grestore SpecialSave restore end}N/@defspecial{SDict begin}N /@fedspecial{end}B/li{lineto}B/rl{rlineto}B/rc{rcurveto}B/np{/SaveX currentpoint/SaveY X N 1 setlinecap newpath}N/st{stroke SaveX SaveY moveto}N/fil{fill SaveX SaveY moveto}N/ellipse{/endangle X/startangle X /yrad X/xrad X/savematrix matrix currentmatrix N TR xrad yrad scale 0 0 1 startangle endangle arc savematrix setmatrix}N end %%EndProcSet %%BeginProcSet: color.pro %! TeXDict begin/setcmykcolor where{pop}{/setcmykcolor{dup 10 eq{pop setrgbcolor}{1 sub 4 1 roll 3{3 index add neg dup 0 lt{pop 0}if 3 1 roll }repeat setrgbcolor pop}ifelse}B}ifelse/TeXcolorcmyk{setcmykcolor}def /TeXcolorrgb{setrgbcolor}def/TeXcolorgrey{setgray}def/TeXcolorgray{ setgray}def/TeXcolorhsb{sethsbcolor}def/currentcmykcolor where{pop}{ /currentcmykcolor{currentrgbcolor 10}B}ifelse/DC{exch dup userdict exch known{pop pop}{X}ifelse}B/GreenYellow{0.15 0 0.69 0 setcmykcolor}DC /Yellow{0 0 1 0 setcmykcolor}DC/Goldenrod{0 0.10 0.84 0 setcmykcolor}DC /Dandelion{0 0.29 0.84 0 setcmykcolor}DC/Apricot{0 0.32 0.52 0 setcmykcolor}DC/Peach{0 0.50 0.70 0 setcmykcolor}DC/Melon{0 0.46 0.50 0 setcmykcolor}DC/YellowOrange{0 0.42 1 0 setcmykcolor}DC/Orange{0 0.61 0.87 0 setcmykcolor}DC/BurntOrange{0 0.51 1 0 setcmykcolor}DC /Bittersweet{0 0.75 1 0.24 setcmykcolor}DC/RedOrange{0 0.77 0.87 0 setcmykcolor}DC/Mahogany{0 0.85 0.87 0.35 setcmykcolor}DC/Maroon{0 0.87 0.68 0.32 setcmykcolor}DC/BrickRed{0 0.89 0.94 0.28 setcmykcolor}DC/Red{ 0 1 1 0 setcmykcolor}DC/OrangeRed{0 1 0.50 0 setcmykcolor}DC/RubineRed{ 0 1 0.13 0 setcmykcolor}DC/WildStrawberry{0 0.96 0.39 0 setcmykcolor}DC /Salmon{0 0.53 0.38 0 setcmykcolor}DC/CarnationPink{0 0.63 0 0 setcmykcolor}DC/Magenta{0 1 0 0 setcmykcolor}DC/VioletRed{0 0.81 0 0 setcmykcolor}DC/Rhodamine{0 0.82 0 0 setcmykcolor}DC/Mulberry{0.34 0.90 0 0.02 setcmykcolor}DC/RedViolet{0.07 0.90 0 0.34 setcmykcolor}DC /Fuchsia{0.47 0.91 0 0.08 setcmykcolor}DC/Lavender{0 0.48 0 0 setcmykcolor}DC/Thistle{0.12 0.59 0 0 setcmykcolor}DC/Orchid{0.32 0.64 0 0 setcmykcolor}DC/DarkOrchid{0.40 0.80 0.20 0 setcmykcolor}DC/Purple{ 0.45 0.86 0 0 setcmykcolor}DC/Plum{0.50 1 0 0 setcmykcolor}DC/Violet{ 0.79 0.88 0 0 setcmykcolor}DC/RoyalPurple{0.75 0.90 0 0 setcmykcolor}DC /BlueViolet{0.86 0.91 0 0.04 setcmykcolor}DC/Periwinkle{0.57 0.55 0 0 setcmykcolor}DC/CadetBlue{0.62 0.57 0.23 0 setcmykcolor}DC /CornflowerBlue{0.65 0.13 0 0 setcmykcolor}DC/MidnightBlue{0.98 0.13 0 0.43 setcmykcolor}DC/NavyBlue{0.94 0.54 0 0 setcmykcolor}DC/RoyalBlue{1 0.50 0 0 setcmykcolor}DC/Blue{1 1 0 0 setcmykcolor}DC/Cerulean{0.94 0.11 0 0 setcmykcolor}DC/Cyan{1 0 0 0 setcmykcolor}DC/ProcessBlue{0.96 0 0 0 setcmykcolor}DC/SkyBlue{0.62 0 0.12 0 setcmykcolor}DC/Turquoise{0.85 0 0.20 0 setcmykcolor}DC/TealBlue{0.86 0 0.34 0.02 setcmykcolor}DC /Aquamarine{0.82 0 0.30 0 setcmykcolor}DC/BlueGreen{0.85 0 0.33 0 setcmykcolor}DC/Emerald{1 0 0.50 0 setcmykcolor}DC/JungleGreen{0.99 0 0.52 0 setcmykcolor}DC/SeaGreen{0.69 0 0.50 0 setcmykcolor}DC/Green{1 0 1 0 setcmykcolor}DC/ForestGreen{0.91 0 0.88 0.12 setcmykcolor}DC /PineGreen{0.92 0 0.59 0.25 setcmykcolor}DC/LimeGreen{0.50 0 1 0 setcmykcolor}DC/YellowGreen{0.44 0 0.74 0 setcmykcolor}DC/SpringGreen{ 0.26 0 0.76 0 setcmykcolor}DC/OliveGreen{0.64 0 0.95 0.40 setcmykcolor} DC/RawSienna{0 0.72 1 0.45 setcmykcolor}DC/Sepia{0 0.83 1 0.70 setcmykcolor}DC/Brown{0 0.81 1 0.60 setcmykcolor}DC/Tan{0.14 0.42 0.56 0 setcmykcolor}DC/Gray{0 0 0 0.50 setcmykcolor}DC/Black{0 0 0 1 setcmykcolor}DC/White{0 0 0 0 setcmykcolor}DC end %%EndProcSet TeXDict begin 39158280 55380996 1000 600 600 (Security-HOWTO.dvi) @start /Fa 198[25 25 25 25 25 1[25 25 25 25 48[{ TeXBase1Encoding ReEncodeFont}9 49.8132 /Palatino-Italic rf /Fb 139[49 49 4[49 1[49 3[49 2[49 101[{TeXBase1Encoding ReEncodeFont} 6 82.1917 /Courier-Bold rf /Fc 139[45 45 4[45 1[45 3[45 2[45 101[{TeXBase1Encoding ReEncodeFont}6 74.7198 /Courier-Oblique rf /Fd 134[46 1[65 1[51 28 46 32 1[51 51 51 74 23 46 23 23 51 51 28 46 51 46 51 46 8[55 1[55 1[51 55 2[55 65 60 1[51 2[23 60 65 2[60 60 60 60 15[46 2[23 1[23 2[28 28 6[28 33[{TeXBase1Encoding ReEncodeFont}43 83.022 /Helvetica-Bold rf /Fe 106[36 149[{TeXBase1Encoding ReEncodeFont}1 59.7758 /Palatino-Roman rf /Ff 198[25 25 25 25 25 25 25 25 25 25 48[{TeXBase1Encoding ReEncodeFont}10 49.8132 /Palatino-Roman rf /Fg 199[27 27 27 27 2[27 27 49[{TeXBase1Encoding ReEncodeFont}6 44.8318 /Courier rf /Fh 106[40 149[{TeXBase1Encoding ReEncodeFont}1 66.4176 /Palatino-Roman rf /Fi 129[45 1[45 1[45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 1[45 45 45 2[45 45 45 45 45 45 45 1[45 45 45 45 45 2[45 45 45 45 1[45 45 1[45 45 45 45 45 45 1[45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 3[45 45 45 33[{TeXBase1Encoding ReEncodeFont}80 74.7198 /Courier rf /Fj 134[42 42 60 42 46 28 32 32 38 42 37 46 65 23 37 1[23 42 42 23 32 42 34 38 37 1[42 5[55 1[78 1[65 51 46 55 65 51 65 65 78 46 55 28 28 65 60 46 51 65 55 51 60 6[21 42 42 42 42 42 42 42 42 42 42 25 21 28 3[28 28 23 4[42 30[45 44 2[{TeXBase1Encoding ReEncodeFont}68 83.022 /Palatino-Italic rf /Fk 134[56 1[78 56 61 33 56 39 61 61 61 61 89 28 56 1[28 61 61 33 56 61 56 61 56 9[95 2[61 67 1[78 67 78 73 1[61 73 1[28 1[78 61 67 73 73 73 73 19[33 3[33 33 40[{TeXBase1Encoding ReEncodeFont}43 100.457 /Helvetica-Bold rf /Fl 134[46 1[69 46 51 28 37 32 51 51 46 51 74 28 51 1[28 51 46 32 42 51 37 51 42 9[83 2[55 51 1[69 51 69 69 1[51 65 1[32 1[69 46 51 69 60 55 65 8[42 1[42 42 42 42 42 42 42 1[21 28 3[28 28 40[{TeXBase1Encoding ReEncodeFont}52 83.022 /Palatino-Bold rf /Fm 107[42 42 20[50 3[42 46 43 69 47 50 27 35 33 46 50 45 48 73 24 46 19 24 48 46 28 40 51 37 46 42 23 42 1[28 1[28 55 55 55 83 60 65 51 44 55 65 50 65 69 79 51 60 28 28 69 63 46 51 64 59 51 65 62 37 50 50 50 21 21 42 42 42 42 42 42 42 42 42 42 50 21 28 21 50 1[28 28 23 65 3[31 23 29[50 50 2[{TeXBase1Encoding ReEncodeFont}89 83.022 /Palatino-Roman rf /Fn 133[46 51 51 71 51 56 30 51 36 56 56 56 56 81 25 51 25 25 56 56 30 51 56 51 56 51 1[51 5[61 61 86 61 66 56 61 66 1[61 71 66 76 56 66 51 25 66 71 56 61 66 66 66 66 89 56 10[51 1[51 51 51 25 25 30 25 2[30 30 25 4[43 31[56 2[{TeXBase1Encoding ReEncodeFont}66 91.3242 /Helvetica-Bold rf /Fo 133[55 3[61 1[37 61 43 2[68 68 1[31 61 1[31 2[37 61 2[68 61 9[104 2[68 5[80 2[80 4[68 1[80 80 67[{TeXBase1Encoding ReEncodeFont}21 110.502 /Helvetica-Bold rf /Fp 134[74 74 2[82 45 1[52 3[82 4[37 3[74 1[74 11[126 2[82 89 3[104 2[82 3[97 72[{ TeXBase1Encoding ReEncodeFont}15 133.707 /Helvetica-Bold rf end %%EndProlog %%BeginSetup %%Feature: *Resolution 600dpi TeXDict begin %%PaperSize: A4 %%EndSetup %%Page: 1 1 1 0 bop Black 0 TeXcolorgray Black Black 1212 104 a Fp(Lin)o(ux)36 b(Security)i(HO)-7 b(WT)i(O)1635 300 y Fo(K)n(e)n(vin)31 b(Fenzi)1571 392 y Fn(T)-8 b(umm)m(y)h(.com,)25 b(L)-8 b(TD)1205 566 y(ke)o(vin-securityho)o(wto@tumm)m(y)h(.com)1613 937 y Fo(Da)n(ve)32 b(Wreski)1556 1029 y Fn(lin)o(uxsecurity)-7 b(.com)1408 1203 y(da)o(ve@lin)o(uxsecurity)g(.com)326 1593 y Fm(This)32 b(document)h(is)f(a)f(general)h(overview)f(of)h (security)g(issues)h(that)f(face)e(the)i(administrator)g(of)326 1685 y(Linux)22 b(systems.)g(It)g(covers)g(general)f(security)h (philosophy)i(and)e(a)f(number)h(of)g(speci\002c)g(examples)326 1776 y(of)g(how)h(to)f(better)g(secur)o(e)f(your)h(Linux)g(system)h(fr) o(om)e(intr)o(uders.)h(Also)h(included)f(ar)o(e)e(pointers)j(to)326 1867 y(security-r)o(elated)18 b(material)i(and)g(pr)o(ograms.)g(Impr)o (ovements,)g(constr)o(uctive)h(criticism,)g(additions)326 1959 y(and)g(corr)o(ections)h(ar)o(e)f(gratefully)h(accepted.)e(Please) i(mail)g(your)h(feedback)d(to)j(both)f(authors,)g(with)326 2050 y("Security)e(HOWT)o(O")g(in)h(the)g(subject.)197 2562 y Fo(T)-9 b(ab)o(le)30 b(of)g(Contents)p 0 TeXcolorgray 596 2708 a Fl(Introduction)p Black Black 12 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black 0 TeXcolorgray -1 w(3)p Black 0 TeXcolorgray 596 2819 a(Overview)p Black Black 16 w(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black 0 TeXcolorgray -1 w(4)p Black 0 TeXcolorgray 596 2931 a(Physical)18 b(Security)p Black Black 8 w(.)p Black Black -2 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black 0 TeXcolorgray -1 w(8)p Black 0 TeXcolorgray 596 3042 a(Local)h(Security)p Black Black 18 w(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray(11)p Black 0 TeXcolorgray 596 3153 a(Files)g(and)h(File) g(system)f(Security)p Black Black 12 w(.)p Black Black -1 w(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray(12)p Black 0 TeXcolorgray 596 3264 a(Password)h(Security)f(and)h(Encryption)p Black Black 1 w(.)p Black Black -2 w(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray(18)p Black 0 TeXcolorgray 596 3376 a(Kernel)f(Security)p Black Black 5 w(.)p Black Black -2 w(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray(24)p Black 0 TeXcolorgray 596 3487 a(Network)h(Security) p Black Black 10 w(.)p Black Black -2 w(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray(28)p Black 0 TeXcolorgray 596 3598 a(Security)f(Preparation)f(\(before)i(you)h(go)g(on-line\))p Black Black 10 w(.)p Black Black -3 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray(36)p Black 0 TeXcolorgray 596 3709 a(What)e(T)-9 b(o)21 b(Do)g(During)g(and) f(After)g(a)g(Breakin)p Black Black 15 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray(38)p Black 0 TeXcolorgray 596 3821 a(Security)f(Sources)p Black Black 10 w(.)p Black Black -1 w(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray(40)p Black 0 TeXcolorgray 596 3932 a(Glossary)p Black Black 12 w(.)p Black Black -1 w(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray(42)p Black 0 TeXcolorgray 596 4043 a(Frequently)f(Asked)i(Questions)p Black Black 8 w(.)p Black Black -3 w(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray(43)p Black 0 TeXcolorgray 596 4154 a(Conclusion)p Black Black 17 w(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray(45)p Black 0 TeXcolorgray 596 4266 a(Acknowledgments)p Black Black 7 w(.)p Black Black -3 w(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray(45)p Black Black Black eop %%Page: 2 2 2 1 bop Black 0 TeXcolorgray Black Black Black Black eop %%Page: 3 3 3 2 bop Black 0 TeXcolorgray Black Black 197 89 a Fk(Intr)n(oduction) 596 231 y Fm(This)32 b(document)g(covers)g(some)g(of)g(the)f(main)h (issues)h(that)e(af)o(fect)f(Linux)i(security)-9 b(.)31 b(General)596 322 y(philosophy)22 b(and)e(net-born)h(r)o(esour)o(ces)f (ar)o(e)f(discussed.)596 455 y(A)h(number)h(of)g(other)g(HOWT)o(O)g (documents)g(overlap)g(with)g(security)g(issues,)g(and)g(those)g(doc-) 596 546 y(uments)g(have)f(been)h(pointed)g(to)g(wher)o(ever)f(appr)o (opriate.)596 679 y(This)i(document)g(is)g Fj(not)g Fm(meant)g(to)g(be) f(a)h(up-to-date)e(exploits)i(document.)g(Lar)o(ge)f(numbers)h(of)596 770 y(new)e(exploits)h(happen)g(all)f(the)h(time.)f(This)i(document)f (will)g(tell)g(you)g(wher)o(e)f(to)h(look)g(for)f(such)596 862 y(up-to-date)d(information,)i(and)f(will)h(give)g(some)g(general)f (methods)h(to)g(pr)o(event)f(such)h(exploits)596 953 y(fr)o(om)h(taking)h(place.)596 1205 y Fn(Ne)o(w)j(V)-5 b(er)o(sions)24 b(of)i(this)g(Document)596 1342 y Fm(New)f(versions)h (of)g(this)g(document)g(will)g(be)f(periodically)g(posted)h(to)g Fj(comp.os.linux.answers)p Fm(.)596 1433 y(They)19 b(will)i(also)f(be)f (added)f(to)i(the)g(various)g(sites)g(that)f(ar)o(chive)g(such)h (information,)g(including:)596 1566 y Fi(http://www.linuxdoc.org/)596 1699 y Fm(The)i(very)g(latest)g(version)h(of)f(this)h(document)g (should)g(also)g(be)f(available)f(in)i(various)f(formats)596 1790 y(fr)o(om:)p Black 596 2048 a Fh(\225)p Black 63 w Fi(http://scrye.com/~kevin/lsh/)p Black 596 2180 a Fh(\225)p Black 63 w Fi(http://www.linuxsecurity.com/docs/Securit)o (y-HOWT)o(O)p Black 596 2313 a Fh(\225)p Black 63 w Fi (http://www.tummy.com/security-howto)596 2754 y Fn(Feedbac)n(k)596 2891 y Fm(All)g(comments,)i(err)o(or)d(r)o(eports,)h(additional)g (information)i(and)e(criticism)h(of)g(all)f(sorts)h(should)596 2982 y(be)d(dir)o(ected)f(to:)596 3115 y Fi (kevin-securityhowto@tummy.com)1901 3085 y Fg(5)596 3248 y Fm(and)596 3381 y Fi(dave@linuxsecurity.com)1586 3351 y Fg(6)596 3514 y Fj(Note)p Fm(:)26 b(Please)h(send)h(your)f(feedback)f (to)i Fj(both)f Fm(authors.)g(Also,)h(be)f(sur)o(e)g(and)g(include)g ("Linux")596 3605 y("security",)20 b(or)h("HOWT)o(O")f(in)h(your)g (subject)g(to)g(avoid)g(Kevin's)g(spam)g(\002lter)-6 b(.)596 3913 y Fn(Disc)n(laimer)596 4050 y Fm(No)23 b(liability)h(for)e (the)i(contents)g(of)f(this)h(document)f(can)g(be)g(accepted.)e(Use)i (the)g(concepts,)h(ex-)596 4141 y(amples)31 b(and)g(other)h(content)g (at)f(your)h(own)g(risk.)f(Additionally)-9 b(,)32 b(this)g(is)g(an)f (early)g(version,)596 4233 y(possibly)21 b(with)h(many)f(inaccuracies)f (or)h(err)o(ors.)596 4366 y(A)f(number)h(of)g(the)h(examples)e(and)h (descriptions)g(use)h(the)f(RedHat\(tm\))f(package)g(layout)h(and)596 4457 y(system)g(setup.)f(Y)-8 b(our)22 b(mileage)f(may)f(vary)-9 b(.)596 4590 y(As)25 b(far)f(as)i(we)f(know)-8 b(,)27 b(only)g(pr)o(ograms)e(that,)g(under)g(certain)g(terms)h(may)g(be)f (used)g(or)h(evalu-)596 4681 y(ated)18 b(for)i(personal)g(purposes)g (will)g(be)f(described.)g(Most)h(of)f(the)h(pr)o(ograms)g(will)g(be)g (available,)596 4772 y(complete)g(with)i(sour)o(ce,)e(under)g(GNU)1861 4739 y Ff(7)1907 4772 y Fm(terms.)596 5080 y Fn(Cop)o(yright)k(Inf)n (ormation)596 5217 y Fm(This)j(document)g(is)g(copyrighted)g (\(c\)1998-2000)22 b(Kevin)27 b(Fenzi)g(and)g(Dave)f(W)-6 b(r)o(eski,)26 b(and)g(dis-)596 5309 y(tributed)20 b(under)g(the)h (following)h(terms:)p Black 3642 5585 a Fj(3)p Black eop %%Page: 4 4 4 3 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black Black 596 89 a Fh(\225)p Black 59 w Fm(Linux)16 b(HOWT)o(O)g(documents)g(may)g(be)g(r)o(epr)o (oduced)e(and)h(distributed)h(in)g(whole)h(or)f(in)h(part,)679 180 y(in)24 b(any)g(medium,)g(physical)h(or)f(electr)o(onic,)g(as)f (long)j(as)d(this)i(copyright)g(notice)g(is)f(r)o(etained)679 272 y(on)e(all)f(copies.)h(Commer)o(cial)f(r)o(edistribution)h(is)g (allowed)f(and)h(encouraged;)e(however)-6 b(,)22 b(the)679 363 y(authors)f(would)g(like)g(to)g(be)f(noti\002ed)i(of)f(any)f(such)h (distributions.)p Black 596 496 a Fh(\225)p Black 72 w Fm(All)30 b(translations,)g(derivative)e(works,)i(or)g(aggr)o(egate)e (works)j(incorporating)f(any)g(Linux)679 587 y(HOWT)o(O)i(documents)i (must)f(be)f(cover)o(ed)g(under)g(this)i(copyright)f(notice.)g(That)g (is,)f(you)679 679 y(may)18 b(not)h(pr)o(oduce)e(a)h(derivative)f(work) i(fr)o(om)e(a)h(HOWT)o(O)g(and)g(impose)h(additional)f(r)o(estric-)679 770 y(tions)29 b(on)g(its)g(distribution.)g(Exceptions)f(to)h(these)g (r)o(ules)f(may)h(be)f(granted)f(under)h(certain)679 861 y(conditions;)21 b(please)f(contact)h(the)g(Linux)g(HOWT)o(O)f (coor)o(dinator)h(at)f(the)h(addr)o(ess)e(given)i(be-)679 953 y(low)-8 b(.)p Black 596 1085 a Fh(\225)p Black 61 w Fm(If)19 b(you)g(have)g(questions,)h(please)e(contact)h(T)-5 b(im)20 b(Bynum,)f(the)g(Linux)g(HOWT)o(O)g(coor)o(dinator)-6 b(,)679 1177 y(at)596 1442 y Fi(tjbynum@metalab.unc.edu)1631 1412 y Fg(8)197 1843 y Fk(Over)q(vie)n(w)596 1985 y Fm(This)29 b(document)f(will)i(attempt)e(to)h(explain)f(some)h(pr)o(ocedur)o(es)d (and)i(commonly-used)i(soft-)596 2076 y(war)o(e)25 b(to)j(help)f(your)g (Linux)h(system)f(be)g(mor)o(e)g(secur)o(e.)e(It)j(is)f(important)g(to) h(discuss)f(some)h(of)596 2168 y(the)20 b(basic)h(concepts)g(\002rst,)g (and)f(cr)o(eate)f(a)h(security)h(foundation,)g(befor)o(e)f(we)g(get)h (started.)596 2420 y Fn(Wh)n(y)k(Do)g(W)m(e)g(Need)g(Security?)596 2557 y Fm(In)17 b(the)g(ever)o(-changing)f(world)h(of)g(global)g(data)f (communications,)j(inexpensive)e(Internet)g(con-)596 2648 y(nections,)i(and)g(fast-paced)e(softwar)o(e)h(development,)h (security)g(is)g(becoming)h(mor)o(e)f(and)f(mor)o(e)596 2739 y(of)24 b(an)h(issue.)g(Security)g(is)g(now)h(a)f(basic)f(r)o (equir)o(ement)h(because)f(global)h(computing)h(is)f(inher)o(-)596 2831 y(ently)16 b(insecur)o(e.)g(As)g(your)h(data)e(goes)i(fr)o(om)f (point)h(A)f(to)h(point)g(B)f(on)h(the)g(Internet,)f(for)g(example,)596 2922 y(it)i(may)h(pass)f(thr)o(ough)h(several)f(other)g(points)i(along) f(the)f(way)-9 b(,)18 b(giving)i(other)e(users)h(the)g(oppor)o(-)596 3013 y(tunity)31 b(to)h(inter)o(cept,)d(and)i(even)f(alter)-6 b(,)30 b(it.)h(Even)g(other)g(users)g(on)g(your)h(system)f(may)g(mali-) 596 3105 y(ciously)19 b(transform)g(your)h(data)d(into)j(something)h (you)e(did)g(not)g(intend.)g(Unauthorized)g(access)596 3196 y(to)28 b(your)h(system)h(may)e(be)h(obtained)f(by)h(intr)o (uders,)f(also)h(known)h(as)e("crackers",)f(who)i(then)596 3287 y(use)e(advanced)g(knowledge)h(to)h(impersonate)f(you,)g(steal)g (information)g(fr)o(om)g(you,)g(or)g(even)596 3378 y(deny)e(you)g (access)g(to)g(your)h(own)g(r)o(esour)o(ces.)e(If)h(you'r)o(e)f (wondering)i(what)g(the)f(dif)o(fer)o(ence)e(is)596 3470 y(between)17 b(a)g("Hacker")g(and)g(a)g("Cracker",)f(see)i(Eric)f (Raymond's)i(document,)f("How)g(to)g(Become)596 3561 y(A)i(Hacker",)f(available)h(at)g(http://www)-8 b(.tuxedo.or)o (g/~esr/faqs/hacker)o(-howto.html.)596 3869 y Fn(Ho)o(w)24 b(Secure)g(Is)i(Secure?)596 4006 y Fm(First,)d(keep)f(in)i(mind)f(that) g(no)h(computer)f(system)h(can)e(ever)h(be)f(completely)i(secur)o(e.)d (All)i(you)596 4097 y(can)e(do)h(is)g(make)f(it)h(incr)o(easingly)g (dif)o(\002cult)g(for)f(someone)i(to)f(compr)o(omise)g(your)g(system.)h (For)596 4189 y(the)e(average)e(home)j(Linux)f(user)-6 b(,)20 b(not)i(much)f(is)h(r)o(equir)o(ed)d(to)j(keep)e(the)h(casual)g (cracker)e(at)i(bay)-9 b(.)596 4280 y(However)j(,)25 b(for)h(high-pr)o(o\002le)g(Linux)g(users)g(\(banks,)f (telecommunications)j(companies,)e(etc\),)596 4371 y(much)21 b(mor)o(e)f(work)i(is)f(r)o(equir)o(ed.)596 4504 y(Another)i(factor)g (to)i(take)e(into)h(account)g(is)g(that)g(the)g(mor)o(e)f(secur)o(e)g (your)h(system)g(is,)g(the)g(mor)o(e)596 4596 y(intr)o(usive)19 b(your)h(security)f(becomes.)g(Y)-8 b(ou)20 b(need)f(to)h(decide)e (wher)o(e)g(in)i(this)g(balancing)f(act)g(your)596 4687 y(system)i(will)h(still)f(be)g(usable,)f(and)g(yet)h(secur)o(e)f(for)h (your)g(purposes.)f(For)i(instance,)e(you)i(could)596 4778 y(r)o(equir)o(e)16 b(everyone)i(dialing)f(into)i(your)f(system)g (to)g(use)g(a)f(call-back)g(modem)h(to)g(call)f(them)h(back)596 4870 y(at)i(their)h(home)h(number)-6 b(.)21 b(This)h(is)f(mor)o(e)g (secur)o(e,)f(but)h(if)g(someone)h(is)f(not)h(at)f(home,)g(it)h(makes)f (it)596 4961 y(dif)o(\002cult)g(for)h(them)g(to)g(login.)h(Y)-8 b(ou)23 b(could)f(also)g(setup)g(your)g(Linux)g(system)h(with)g(no)f (network)596 5052 y(or)e(connection)i(to)g(the)f(Internet,)f(but)h (this)g(limits)h(its)f(usefulness.)596 5185 y(If)62 b(you)h(ar)o(e)f(a) g(medium)h(to)h(lar)o(ge-sized)c(site,)j(you)h(should)f(establish)g(a)g (security)596 5276 y(policy)45 b(stating)h(how)h(much)e(security)h(is)g (r)o(equir)o(ed)e(by)h(your)h(site)f(and)g(what)h(auditing)596 5368 y(is)d(in)i(place)d(to)i(check)g(it.)g(Y)-8 b(ou)44 b(can)g(\002nd)g(a)f(well-known)i(security)e(policy)h(example)f(at)p Black 197 5585 a Fj(4)p Black eop %%Page: 5 5 5 4 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fm(http://www)-8 b(.faqs.or)o(g/rfcs/rfc2196.html.)22 b(It)h(has)g(been)h(r)o(ecently)e (updated,)g(and)h(contains)596 180 y(a)d(gr)o(eat)f(framework)i(for)f (establishing)i(a)e(security)h(policy)g(for)g(your)g(company)-9 b(.)596 488 y Fn(What)25 b(Are)g(Y)-9 b(ou)24 b(T)-7 b(r)q(ying)25 b(to)g(Pr)n(otect?)596 625 y Fm(Befor)o(e)17 b(you)j(attempt)f(to)g(secur)o(e)g(your)g(system,)h(you)g(should)g (determine)e(what)i(level)f(of)g(thr)o(eat)596 717 y(you)i(have)g(to)h (pr)o(otect)f(against,)g(what)g(risks)h(you)g(should)g(or)g(should)g (not)g(take,)f(and)g(how)h(vul-)596 808 y(nerable)27 b(your)i(system)h(is)f(as)f(a)g(r)o(esult.)g(Y)-8 b(ou)30 b(should)f(analyze)f(your)h(system)g(to)g(know)h(what)596 899 y(you'r)o(e)19 b(pr)o(otecting,)h(why)g(you'r)o(e)g(pr)o(otecting)f (it,)h(what)g(value)f(it)i(has,)e(and)h(who)g(has)g(r)o(esponsi-)596 991 y(bility)h(for)f(your)i(data)d(and)h(other)h(assets.)p Black 596 1248 a Fh(\225)p Black 69 w Fj(Risk)27 b Fm(is)g(the)g (possibility)h(that)e(an)g(intr)o(uder)h(may)f(be)h(successful)f(in)h (attempting)g(to)g(access)679 1339 y(your)19 b(computer)-6 b(.)19 b(Can)h(an)f(intr)o(uder)g(r)o(ead)f(or)h(write)h(\002les,)f(or) h(execute)f(pr)o(ograms)f(that)i(could)679 1431 y(cause)k(damage?)g (Can)h(they)g(delete)f(critical)h(data?)f(Can)g(they)i(pr)o(event)e (you)h(or)g(your)h(com-)679 1522 y(pany)c(fr)o(om)g(getting)i (important)f(work)g(done?)g(Don't)h(for)o(get:)d(someone)j(gaining)f (access)g(to)679 1613 y(your)e(account,)f(or)h(your)g(system,)g(can)g (also)g(impersonate)g(you.)679 1746 y(Additionally)-9 b(,)18 b(having)h(one)h(insecur)o(e)e(account)h(on)g(your)g(system)h (can)f(r)o(esult)f(in)h(your)h(entir)o(e)679 1838 y(network)25 b(being)h(compr)o(omised.)f(If)g(you)h(allow)f(a)g(single)h(user)f(to)h (login)g(using)g(a)f Fi(.rhosts)679 1929 y Fm(\002le,)j(or)h(to)h(use)e (an)h(insecur)o(e)f(service)h(such)g(as)g Fi(tftp)p Fm(,)e(you)j(risk)f (an)g(intr)o(uder)g(getting)g('his)679 2020 y(foot)18 b(in)h(the)g(door)6 b('.)19 b(Once)f(the)h(intr)o(uder)f(has)h(a)f (user)g(account)h(on)g(your)f(system,)h(or)g(someone)679 2111 y(else's)h(system,)i(it)f(can)f(be)h(used)f(to)h(gain)g(access)f (to)h(another)g(system,)g(or)g(another)g(account.)p Black 596 2377 a Fh(\225)p Black 68 w Fj(Thr)o(eat)i Fm(is)j(typically)f(fr)o (om)f(someone)i(with)g(motivation)g(to)f(gain)h(unauthorized)e(access)h (to)679 2468 y(your)17 b(network)g(or)g(computer)-6 b(.)16 b(Y)-8 b(ou)18 b(must)f(decide)f(whom)i(you)f(tr)o(ust)g(to)g(have)f (access)h(to)g(your)679 2560 y(system,)k(and)f(what)h(thr)o(eat)f(they) h(could)g(pose.)679 2693 y(Ther)o(e)g(ar)o(e)g(several)g(types)i(of)f (intr)o(uders,)g(and)g(it)g(is)h(useful)f(to)h(keep)f(their)g(dif)o (fer)o(ent)e(charac-)679 2784 y(teristics)h(in)g(mind)g(as)g(you)g(ar)o (e)e(securing)i(your)g(systems.)p Black 679 3000 a Fe(\225)p Black 76 w Fj(The)28 b(Curious)j Fm(-)d(This)i(type)f(of)g(intr)o(uder) g(is)h(basically)e(inter)o(ested)h(in)g(\002nding)h(out)g(what)762 3091 y(type)20 b(of)h(system)g(and)g(data)e(you)j(have.)p Black 679 3224 a Fe(\225)p Black 71 w Fj(The)j(Malicious)g Fm(-)g(This)g(type)g(of)g(intr)o(uder)g(is)g(out)g(to)h(either)e(bring) i(down)f(your)g(systems,)762 3315 y(or)h(deface)e(your)j(web)f(page,)f (or)h(otherwise)h(for)o(ce)e(you)i(to)f(spend)g(time)h(and)e(money)i(r) o(e-)762 3407 y(covering)21 b(fr)o(om)f(the)h(damage)f(he)g(has)h (caused.)p Black 679 3539 a Fe(\225)p Black 72 w Fj(The)k(High-Pr)o (o\002le)f(Intruder)h Fm(-)h(This)g(type)f(of)h(intr)o(uder)f(is)h (trying)h(to)f(use)f(your)h(system)h(to)762 3631 y(gain)20 b(popularity)h(and)g(infamy)-9 b(.)20 b(He)h(might)g(use)g(your)g (high-pr)o(o\002le)g(system)h(to)f(advertise)762 3722 y(his)g(abilities.)p Black 679 3855 a Fe(\225)p Black 73 w Fj(The)27 b(Competition)f Fm(-)g(This)h(type)g(of)g(intr)o(uder)g (is)g(inter)o(ested)f(in)h(what)g(data)f(you)h(have)f(on)762 3946 y(your)i(system.)g(It)g(might)h(be)f(someone)h(who)f(thinks)i(you) e(have)f(something)j(that)e(could)762 4038 y(bene\002t)20 b(him,)i(\002nancially)f(or)g(otherwise.)p Black 679 4170 a Fe(\225)p Black 76 w Fj(The)28 b(Borr)o(owers)i Fm(-)f(This)g(type)g(of)g(intr)o(uder)h(is)f(inter)o(ested)f(in)i (setting)g(up)f(shop)h(on)g(your)762 4262 y(system)j(and)f(using)h(its) g(r)o(esour)o(ces)e(for)h(their)h(own)g(purposes.)f(He)h(typically)f (will)h(r)o(un)762 4353 y(chat)20 b(or)h(ir)o(c)f(servers,)g(porn)h(ar) o(chive)f(sites,)h(or)f(even)h(DNS)g(servers.)p Black 679 4486 a Fe(\225)p Black 72 w Fj(The)26 b(Leapfr)o(ogger)f Fm(-)g(This)i(type)f(of)f(intr)o(uder)h(is)h(only)f(inter)o(ested)f(in) i(your)f(system)h(to)f(use)762 4577 y(it)g(to)g(get)f(into)i(other)f (systems.)g(If)g(your)g(system)g(is)g(well-connected)g(or)g(a)f (gateway)g(to)h(a)762 4669 y(number)20 b(of)g(internal)h(hosts,)g(you)f (may)h(well)f(see)g(this)h(type)f(trying)h(to)g(compr)o(omise)g(your) 762 4760 y(system.)p Black 596 5026 a Fh(\225)p Black 72 w Fm(V)-8 b(ulnerability)30 b(describes)f(how)i(well-pr)o(otected)d (your)i(computer)g(is)g(fr)o(om)f(another)h(net-)679 5117 y(work,)21 b(and)f(the)h(potential)g(for)f(someone)i(to)f(gain)g (unauthorized)g(access.)679 5250 y(What's)26 b(at)g(stake)h(if)f (someone)i(br)o(eaks)d(into)i(your)g(system?)g(Of)g(course)f(the)h (concerns)g(of)f(a)679 5341 y(dynamic)17 b(PPP)h(home)g(user)f(will)h (be)f(dif)o(fer)o(ent)e(fr)o(om)i(those)h(of)f(a)g(company)g (connecting)i(their)679 5432 y(machine)i(to)g(the)g(Internet,)f(or)h (another)g(lar)o(ge)f(network.)p Black 3642 5585 a Fj(5)p Black eop %%Page: 6 6 6 5 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 679 89 a Fm(How)c(much)g(time)f(would)h (it)g(take)f(to)h(r)o(etrieve/r)o(ecr)o(eate)12 b(any)17 b(data)e(that)i(was)f(lost?)h(An)f(initial)679 180 y(time)29 b(investment)i(now)f(can)g(save)f(ten)h(times)g(mor)o(e)f(time)h(later) f(if)g(you)h(have)g(to)g(r)o(ecr)o(eate)679 272 y(data)18 b(that)h(was)h(lost.)g(Have)e(you)i(checked)f(your)h(backup)f(strategy) -9 b(,)19 b(and)g(veri\002ed)f(your)i(data)679 363 y(lately?)596 937 y Fn(De)o(veloping)k(A)h(Security)g(P)l(olic)o(y)596 1074 y Fm(Cr)o(eate)h(a)i(simple,)g(generic)g(policy)h(for)f(your)g (system)h(that)f(your)h(users)f(can)g(r)o(eadily)f(under)o(-)596 1165 y(stand)f(and)h(follow)-8 b(.)27 b(It)g(should)h(pr)o(otect)e(the) h(data)e(you'r)o(e)i(safeguar)o(ding)e(as)i(well)g(as)f(the)h(pri-)596 1256 y(vacy)22 b(of)h(the)g(users.)g(Some)g(things)h(to)g(consider)f (adding)g(ar)o(e:)e(who)j(has)f(access)g(to)g(the)g(system)596 1348 y(\(Can)i(my)h(friend)g(use)f(my)i(account?\),)e(who's)i(allowed)f (to)g(install)h(softwar)o(e)e(on)h(the)g(system,)596 1439 y(who)21 b(owns)h(what)f(data,)e(disaster)h(r)o(ecovery)-9 b(,)20 b(and)g(appr)o(opriate)f(use)i(of)f(the)h(system.)596 1572 y(A)f(generally-accepted)f(security)h(policy)i(starts)e(with)i (the)f(phrase)596 1705 y(\223)f Fj(That)f(which)h(is)h(not)f(permitted) g(is)h(pr)o(ohibited)p Fm(\224)596 1838 y(This)27 b(means)h(that)f (unless)h(you)g(grant)f(access)g(to)g(a)g(service)g(for)g(a)g(user)-6 b(,)26 b(that)i(user)f(shouldn't)596 1929 y(be)21 b(using)i(that)f (service)f(until)h(you)h(do)f(grant)f(access.)g(Make)g(sur)o(e)g(the)h (policies)h(work)f(on)h(your)596 2020 y(r)o(egular)17 b(user)h(account.)g(Saying,)g("Ah,)g(I)g(can't)g(\002gur)o(e)g(out)h (this)g(permissions)h(pr)o(oblem,)d(I'll)i(just)596 2111 y(do)30 b(it)g(as)g(r)o(oot")g(can)f(lead)g(to)i(security)f(holes)h (that)f(ar)o(e)f(very)g(obvious,)i(and)f(even)f(ones)i(that)596 2203 y(haven't)20 b(been)h(exploited)f(yet.)596 2336 y(rfc1244)862 2302 y Ff(11)930 2336 y Fm(is)i(a)g(document)g(that)f (describes)h(how)g(to)g(cr)o(eate)e(your)i(own)h(network)f(security)g (pol-)596 2427 y(icy)-9 b(.)596 2560 y(rfc1281)862 2527 y Ff(12)929 2560 y Fm(is)20 b(a)g(document)h(that)f(shows)h(an)f (example)g(security)g(policy)h(with)g(detailed)e(descrip-)596 2651 y(tions)i(of)g(each)f(step.)596 2784 y(Finally)-9 b(,)92 b(you)g(might)h(want)f(to)g(look)h(at)f(the)g(COAST)f(policy)i (ar)o(chive)d(at)596 2875 y(ftp://coast.cs.pur)o (due.edu/pub/doc/policy)54 b(to)i(see)g(what)g(some)g(r)o(eal-life)e (security)596 2967 y(policies)21 b(look)h(like.)596 3275 y Fn(Means)i(of)i(Securing)e(Y)-9 b(our)24 b(Site)596 3412 y Fm(This)d(document)g(will)g(discuss)g(various)g(means)f(with)i (which)f(you)g(can)g(secur)o(e)e(the)i(assets)f(you)596 3503 y(have)d(worked)g(har)o(d)f(for:)h(your)h(local)g(machine,)f(your) h(data,)e(your)i(users,)f(your)h(network,)g(even)596 3594 y(your)j(r)o(eputation.)e(What)i(would)g(happen)g(to)g(your)g(r)o (eputation)f(if)g(an)h(intr)o(uder)g(deleted)e(some)596 3686 y(of)h(your)i(users')f(data?)e(Or)i(defaced)e(your)i(web)g(site?)g (Or)g(published)g(your)h(company's)f(corpo-)596 3777 y(rate)26 b(pr)o(oject)h(plan)g(for)g(next)g(quarter?)g(If)f(you)i(ar)o (e)e(planning)i(a)f(network)h(installation,)g(ther)o(e)596 3868 y(ar)o(e)19 b(many)j(factors)f(you)g(must)h(take)f(into)h(account) g(befor)o(e)e(adding)h(a)f(single)i(machine)g(to)g(your)596 3960 y(network.)596 4092 y(Even)32 b(if)g(you)h(have)f(a)g(single)h (dial)g(up)f(PPP)h(account,)f(or)h(just)g(a)f(small)h(site,)f(this)i (does)e(not)596 4184 y(mean)21 b(intr)o(uders)i(won't)g(be)e(inter)o (ested)g(in)i(your)f(systems.)h(Lar)o(ge,)d(high-pr)o(o\002le)i(sites)h (ar)o(e)d(not)596 4275 y(the)k(only)i(tar)o(gets)e(--)g(many)h(intr)o (uders)g(simply)h(want)f(to)g(exploit)g(as)g(many)g(sites)g(as)g (possible,)596 4366 y(r)o(egar)o(dless)16 b(of)j(their)g(size.)f (Additionally)-9 b(,)18 b(they)h(may)g(use)f(a)h(security)f(hole)i(in)f (your)g(site)g(to)g(gain)596 4458 y(access)h(to)h(other)g(sites)g (you'r)o(e)f(connected)h(to.)596 4591 y(Intr)o(uders)i(have)f(a)h(lot)h (of)f(time)h(on)f(their)h(hands,)f(and)g(can)f(avoid)h(guessing)h(how)h (you've)e(ob-)596 4682 y(scur)o(ed)29 b(your)i(system)h(just)f(by)g (trying)h(all)e(the)h(possibilities.)h(Ther)o(e)e(ar)o(e)g(also)h(a)f (number)h(of)596 4773 y(r)o(easons)20 b(an)g(intr)o(uder)h(may)g(be)f (inter)o(ested)g(in)i(your)f(systems,)g(which)h(we)e(will)i(discuss)f (later)-6 b(.)596 5010 y Fd(Host)22 b(Security)596 5143 y Fm(Per)o(haps)e(the)i(ar)o(ea)e(of)h(security)h(on)g(which)h (administrators)f(concentrate)f(most)h(is)g(host-based)596 5234 y(security)-9 b(.)20 b(This)h(typically)g(involves)h(making)f(sur) o(e)f(your)i(own)f(system)h(is)f(secur)o(e,)e(and)i(hoping)596 5325 y(everyone)j(else)g(on)i(your)f(network)g(does)f(the)h(same.)f (Choosing)j(good)e(passwor)o(ds,)f(securing)p Black 197 5585 a Fj(6)p Black eop %%Page: 7 7 7 6 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fm(your)29 b(host's)h(local)f (network)h(services,)f(keeping)g(good)g(accounting)h(r)o(ecor)o(ds,)e (and)g(upgrad-)596 180 y(ing)f(pr)o(ograms)e(with)j(known)f(security)g (exploits)g(ar)o(e)e(among)i(the)f(things)i(the)e(local)h(security)596 272 y(administrator)f(is)h(r)o(esponsible)g(for)f(doing.)h(Although)h (this)f(is)g(absolutely)g(necessary)-9 b(,)25 b(it)i(can)596 363 y(become)20 b(a)g(daunting)i(task)e(once)h(your)g(network)h (becomes)f(lar)o(ger)e(than)i(a)f(few)h(machines.)596 662 y Fd(Local)h(Netw)n(ork)h(Security)596 795 y Fm(Network)c(security) h(is)g(as)f(necessary)g(as)g(local)g(host)i(security)-9 b(.)19 b(W)-5 b(ith)20 b(hundr)o(eds,)f(thousands,)h(or)596 886 y(mor)o(e)25 b(computers)i(on)g(the)f(same)g(network,)h(you)f (can't)g(r)o(ely)g(on)h(each)e(one)i(of)f(those)h(systems)596 977 y(being)i(secur)o(e.)f(Ensuring)i(that)g(only)g(authorized)f(users) g(can)g(use)h(your)f(network,)h(building)596 1069 y(\002r)o(ewalls,)25 b(using)i(str)o(ong)f(encryption,)g(and)g(ensuring)g(ther)o(e)f(ar)o(e) g(no)h("r)o(ogue")f(\(that)h(is,)g(unse-)596 1160 y(cur)o(ed\))16 b(machines)i(on)h(your)g(network)f(ar)o(e)f(all)h(part)f(of)h(the)h (network)f(security)h(administrator)6 b('s)596 1251 y(duties.)596 1384 y(This)33 b(document)g(will)h(discuss)g(some)f(of)g(the)g (techniques)h(used)f(to)g(secur)o(e)f(your)h(site,)g(and)596 1476 y(hopefully)23 b(show)g(you)g(some)g(of)g(the)f(ways)h(to)g(pr)o (event)e(an)i(intr)o(uder)f(fr)o(om)g(gaining)i(access)e(to)596 1567 y(what)e(you)i(ar)o(e)d(trying)i(to)h(pr)o(otect.)596 1866 y Fd(Security)h(Thr)n(ough)f(Obscurity)596 1999 y Fm(One)33 b(type)h(of)f(security)h(that)f(must)h(be)f(discussed)h(is) f("security)h(thr)o(ough)g(obscurity".)f(This)596 2090 y(means,)c(for)g(example,)f(moving)i(a)f(service)f(that)i(has)f(known)h (security)g(vulnerabilities)f(to)g(a)596 2181 y(non-standar)o(d)23 b(port)i(in)g(hopes)g(that)f(attackers)g(won't)i(notice)f(it's)g(ther)o (e)f(and)g(thus)h(won't)h(ex-)596 2273 y(ploit)17 b(it.)f(Rest)h(assur) o(ed)f(that)g(they)h(can)g(determine)f(that)h(it's)g(ther)o(e)f(and)g (will)h(exploit)g(it.)f(Security)596 2364 y(thr)o(ough)22 b(obscurity)h(is)f(no)h(security)f(at)f(all.)h(Simply)g(because)f(you)i (may)f(have)f(a)h(small)g(site,)g(or)596 2455 y(a)i(r)o(elatively)g (low)i(pr)o(o\002le,)e(does)h(not)h(mean)f(an)g(intr)o(uder)g(won't)h (be)f(inter)o(ested)f(in)h(what)g(you)596 2547 y(have.)20 b(W)-8 b(e'll)21 b(discuss)g(what)g(you'r)o(e)f(pr)o(otecting)h(in)g (the)g(next)g(sections.)596 2938 y Fn(Or)o(ganization)j(of)h(This)g (Document)596 3075 y Fm(This)19 b(document)h(has)f(been)g(divided)f (into)i(a)f(number)g(of)g(sections.)h(They)f(cover)g(several)f(br)o (oad)596 3166 y(security)j(issues.)g(The)g(\002rst,)p 0 TeXcolorgray 21 w(the)h(Section)f(called)f Fj(Physical)g(Security)p Black Fm(,)h(covers)g(how)h(you)g(need)f(to)596 3257 y(pr)o(otect)i(your)i(physical)f(machine)h(fr)o(om)f(tampering.)g(The)g (second,)p 0 TeXcolorgray 24 w(the)g(Section)h(called)e Fj(Local)596 3349 y(Security)p Black Fm(,)28 b(describes)g(how)h(to)g (pr)o(otect)f(your)h(system)g(fr)o(om)g(tampering)f(by)h(local)g (users.)f(The)596 3440 y(thir)o(d,)p 0 TeXcolorgray 25 w(the)e(Section)g(called)f Fj(Files)h(and)g(File)g(system)g(Security)p Black Fm(,)f(shows)i(you)g(how)g(to)f(setup)g(your)596 3531 y(\002le)e(systems)h(and)f(permissions)i(on)f(your)f(\002les.)h (The)f(next,)p 0 TeXcolorgray 24 w(the)h(Section)f(called)g Fj(Password)g(Se-)596 3622 y(curity)c(and)h(Encryption)p Black Fm(,)e(discusses)j(how)g(to)f(use)g(encryption)h(to)g(better)e (secur)o(e)g(your)i(machine)596 3714 y(and)30 b(network.)p 0 TeXcolorgray 31 w(the)h(Section)g(called)g Fj(Kernel)h(Security)p Black 31 w Fm(discusses)f(what)g(kernel)g(options)h(you)596 3805 y(should)24 b(set)f(or)h(be)f(awar)o(e)f(of)h(for)g(a)g(mor)o(e)g (secur)o(e)f(system.)p 0 TeXcolorgray 24 w(the)i(Section)f(called)g Fj(Network)g(Secu-)596 3896 y(rity)p Black Fm(,)18 b(describes)h(how)h (to)f(better)g(secur)o(e)f(your)i(Linux)f(system)h(fr)o(om)f(network)g (attacks.)p 0 TeXcolorgray 19 w(the)g(Sec-)596 3988 y(tion)26 b(called)e Fj(Security)i(Pr)o(eparation)e(\(befor)o(e)i(you)f(go)g (on-line\))p Black Fm(,)g(discusses)h(how)g(to)g(pr)o(epar)o(e)d(your) 596 4079 y(machine\(s\))28 b(befor)o(e)f(bringing)i(them)g(on-line.)g (Next,)p 0 TeXcolorgray 28 w(the)g(Section)f(called)g Fj(What)g(T)-9 b(o)27 b(Do)h(Dur-)596 4170 y(ing)c(and)g(After)h(a)g (Br)o(eakin)p Black Fm(,)f(discusses)h(what)g(to)g(do)f(when)i(you)f (detect)f(a)g(system)h(compr)o(omise)596 4262 y(in)j(pr)o(ogr)o(ess)f (or)h(detect)f(one)h(that)g(has)f(r)o(ecently)g(happened.)g(In)p 0 TeXcolorgray 28 w(the)h(Section)g(called)f Fj(Security)596 4353 y(Sour)o(ces)p Black Fm(,)f(some)i(primary)e(security)h(r)o(esour) o(ces)e(ar)o(e)h(enumerated.)f(The)i(Q)g(and)f(A)g(section)p 0 TeXcolorgray 28 w(the)596 4444 y(Section)d(called)f Fj(Fr)o(equently)i(Asked)g(Questions)p Black Fm(,)f(answers)h(some)f (fr)o(equently-asked)g(questions,)596 4536 y(and)d(\002nally)h(a)f (conclusion)j(in)p 0 TeXcolorgray 21 w(the)e(Section)g(called)f Fj(Conclusion)p Black 596 4669 a Fm(The)g(two)i(main)f(points)g(to)h(r) o(ealize)c(when)k(r)o(eading)e(this)h(document)g(ar)o(e:)p Black 596 4926 a Fh(\225)p Black 74 w Fm(Be)31 b(awar)o(e)f(of)i(your)g (system.)g(Check)f(system)i(logs)f(such)g(as)g Fi(/var/log/messages)c Fm(and)679 5017 y(keep)20 b(an)g(eye)h(on)g(your)g(system,)h(and)p Black 596 5150 a Fh(\225)p Black 66 w Fm(Keep)i(your)g(system)h (up-to-date)d(by)i(making)h(sur)o(e)e(you)h(have)f(installed)h(the)g (curr)o(ent)f(ver)o(-)679 5241 y(sions)i(of)g(softwar)o(e)e(and)i(have) f(upgraded)f(per)h(security)h(alerts.)e(Just)i(doing)g(this)h(will)f (help)679 5333 y(make)20 b(your)h(system)h(markedly)e(mor)o(e)g(secur)o (e.)p Black 3642 5585 a Fj(7)p Black eop %%Page: 8 8 8 7 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 197 89 a Fk(Ph)n(ysical)28 b(Security)596 231 y Fm(The)g(\002rst)h(layer)f(of)h(security)g(you)g (need)f(to)i(take)e(into)h(account)g(is)g(the)g(physical)g(security)g (of)596 322 y(your)i(computer)h(systems.)g(Who)g(has)f(dir)o(ect)f (physical)i(access)f(to)h(your)f(machine?)h(Should)596 413 y(they?)20 b(Can)h(you)g(pr)o(otect)f(your)h(machine)g(fr)o(om)g (their)g(tampering?)f(Should)h(you?)596 546 y(How)28 b(much)h(physical)f(security)h(you)f(need)g(on)h(your)f(system)h(is)g (very)e(dependent)h(on)h(your)596 637 y(situation,)21 b(and/or)g(budget.)596 770 y(If)j(you)i(ar)o(e)e(a)h(home)h(user)-6 b(,)25 b(you)h(pr)o(obably)e(don't)i(need)f(a)g(lot)h(\(although)f(you) h(might)h(need)e(to)596 862 y(pr)o(otect)e(your)i(machine)g(fr)o(om)f (tampering)g(by)h(childr)o(en)f(or)h(annoying)g(r)o(elatives\).)e(If)h (you)h(ar)o(e)596 953 y(in)d(a)g(lab,)g(you)h(need)f(considerably)g (mor)o(e,)g(but)h(users)f(will)h(still)g(need)f(to)h(be)f(able)g(to)h (get)f(work)596 1044 y(done)g(on)h(the)g(machines.)f(Many)g(of)h(the)f (following)i(sections)g(will)f(help)f(out.)h(If)f(you)h(ar)o(e)e(in)i (an)596 1136 y(of)o(\002ce,)g(you)h(may)g(or)g(may)g(not)h(need)f(to)g (secur)o(e)f(your)h(machine)h(of)o(f-hours)e(or)h(while)h(you)f(ar)o(e) 596 1227 y(away)-9 b(.)19 b(At)i(some)g(companies,)g(leaving)g(your)g (console)g(unsecur)o(ed)f(is)h(a)g(termination)g(of)o(fense.)596 1360 y(Obvious)27 b(physical)g(security)f(methods)i(such)f(as)f(locks)h (on)g(doors,)g(cables,)f(locked)g(cabinets,)596 1451 y(and)20 b(video)g(surveillance)h(ar)o(e)e(all)i(good)g(ideas,)f(but)h (beyond)g(the)g(scope)f(of)h(this)h(document.)f(:\))596 1703 y Fn(Computer)j(loc)n(ks)596 1840 y Fm(Many)g(modern)h(PC)g(cases) f(include)h(a)f("locking")h(featur)o(e.)e(Usually)i(this)g(will)g(be)g (a)f(socket)h(on)596 1931 y(the)d(fr)o(ont)f(of)h(the)g(case)g(that)g (allows)g(you)h(to)f(turn)g(an)g(included)g(key)g(to)g(a)g(locked)f(or) i(unlocked)596 2023 y(position.)31 b(Case)e(locks)h(can)g(help)g(pr)o (event)f(someone)i(fr)o(om)e(stealing)h(your)g(PC,)g(or)g(opening)596 2114 y(up)21 b(the)h(case)e(and)h(dir)o(ectly)g(manipulating/stealing)i (your)e(har)o(dwar)o(e.)e(They)j(can)f(also)h(some-)596 2205 y(times)16 b(pr)o(event)f(someone)i(fr)o(om)f(r)o(ebooting)g(your) h(computer)f(fr)o(om)g(their)g(own)h(\003oppy)f(or)h(other)596 2297 y(har)o(dwar)o(e.)596 2429 y(These)h(case)g(locks)i(do)f(dif)o (fer)o(ent)e(things)j(accor)o(ding)e(to)h(the)g(support)g(in)g(the)g (motherboar)o(d)f(and)596 2521 y(how)g(the)g(case)f(is)h(constr)o (ucted.)g(On)g(many)g(PC's)g(they)g(make)f(it)h(so)g(you)g(have)f(to)i (br)o(eak)d(the)i(case)596 2612 y(to)27 b(get)g(the)h(case)e(open.)i (On)f(some)h(others,)g(they)f(will)h(not)g(let)f(you)h(plug)g(in)f(new) h(keyboar)o(ds)596 2703 y(or)k(mice.)f(Check)h(your)h(motherboar)o(d)e (or)h(case)f(instr)o(uctions)j(for)e(mor)o(e)g(information.)g(This)596 2795 y(can)22 b(sometimes)h(be)f(a)g(very)g(useful)g(featur)o(e,)e (even)i(though)i(the)e(locks)h(ar)o(e)e(usually)i(very)f(low-)596 2886 y(quality)f(and)f(can)h(easily)f(be)h(defeated)e(by)h(attackers)g (with)i(locksmithing.)596 3019 y(Some)f(machines)i(\(most)f(notably)g (SP)-8 b(ARC's)22 b(and)g(macs\))f(have)g(a)h(dongle)g(on)g(the)g(back) g(that,)f(if)596 3110 y(you)d(put)g(a)f(cable)g(thr)o(ough,)h (attackers)f(would)h(have)f(to)i(cut)e(the)h(cable)f(or)h(br)o(eak)f (the)h(case)f(to)h(get)596 3202 y(into)i(it.)f(Just)g(putting)h(a)f (padlock)g(or)g(combo)h(lock)g(thr)o(ough)g(these)f(can)g(be)g(a)g (good)h(deterr)o(ent)e(to)596 3293 y(someone)j(stealing)g(your)g (machine.)596 3601 y Fn(BIOS)k(Security)596 3738 y Fm(The)30 b(BIOS)g(is)g(the)h(lowest)g(level)f(of)g(softwar)o(e)f(that)i (con\002gur)o(es)f(or)h(manipulates)f(your)g(x86-)596 3829 y(based)23 b(har)o(dwar)o(e.)g(LILO)h(and)g(other)h(Linux)g(boot)g (methods)h(access)e(the)h(BIOS)f(to)h(determine)596 3921 y(how)d(to)g(boot)g(up)f(your)h(Linux)f(machine.)h(Other)f(har)o(dwar)o (e)e(that)j(Linux)f(r)o(uns)h(on)g(has)g(similar)596 4012 y(softwar)o(e)j(\(Open)h(Firmwar)o(e)f(on)i(Macs)f(and)f(new)i (Suns,)f(Sun)g(boot)h(PROM,)f(etc...\).)f(Y)-8 b(ou)27 b(can)596 4103 y(use)c(your)h(BIOS)g(to)g(pr)o(event)f(attackers)f(fr)o (om)i(r)o(ebooting)g(your)g(machine)g(and)f(manipulating)596 4195 y(your)e(Linux)f(system.)596 4327 y(Many)j(PC)h(BIOSs)g(let)g(you) h(set)f(a)g(boot)h(passwor)o(d.)e(This)i(doesn't)f(pr)o(ovide)g(all)g (that)g(much)g(se-)596 4419 y(curity)19 b(\(the)g(BIOS)g(can)f(be)h(r)o (eset,)f(or)i(r)o(emoved)e(if)h(someone)h(can)f(get)g(into)h(the)g (case\),)e(but)h(might)596 4510 y(be)28 b(a)f(good)i(deterr)o(ent)e (\(i.e.)h(it)g(will)h(take)f(time)h(and)e(leave)h(traces)f(of)i (tampering\).)e(Similarly)-9 b(,)596 4601 y(on)21 b(S/Linux)h(\(Linux)f (for)g(SP)-8 b(ARC\(tm\))21 b(pr)o(ocessor)g(machines\),)g(your)g (EEPROM)g(can)g(be)g(set)h(to)596 4693 y(r)o(equir)o(e)d(a)h(boot-up)h (passwor)o(d.)f(This)i(might)f(slow)h(attackers)e(down.)596 4825 y(Another)26 b(risk)g(of)g(tr)o(usting)h(BIOS)f(passwor)o(ds)f(to) i(secur)o(e)e(your)h(system)h(is)f(the)h(default)d(pass-)596 4917 y(wor)o(d)16 b(pr)o(oblem.)g(Most)h(BIOS)f(makers)g(don't)h (expect)f(people)g(to)h(open)g(up)g(their)g(computer)f(and)596 5008 y(disconnect)29 b(batteries)f(if)h(they)h(for)o(get)e(their)h (passwor)o(d)f(and)h(have)g(equipped)f(their)h(BIOSes)596 5099 y(with)24 b(default)e(passwor)o(ds)h(that)h(work)g(r)o(egar)o (dless)d(of)j(your)g(chosen)g(passwor)o(d.)f(Some)g(of)h(the)596 5191 y(mor)o(e)c(common)i(passwor)o(ds)f(include:)596 5324 y(j262)g(A)-6 b(W)e(ARD_SW)22 b(A)-6 b(W)e(ARD_PW)23 b(lkwpeter)f(Biostar)g(AMI)g(A)-6 b(war)o(d)21 b(bios)i(BIOS)g(setup)f (cmos)596 5415 y(AMI!SW1)d(AMI?SW1)f(passwor)o(d)j(hewittrand)f(shift)h (+)h(s)e(y)h(x)g(z)p Black 197 5585 a Fj(8)p Black eop %%Page: 9 9 9 8 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fm(I)g(tested)g(an)g(A)-6 b(war)o(d)19 b(BIOS)i(and)g(A)-6 b(W)e(ARD_PW)21 b(worked.)g(These)g (passwor)o(ds)g(ar)o(e)f(quite)i(easily)596 180 y(available)31 b(fr)o(om)h(manufactur)o(ers')f(websites)i(and)g (http://astalavista.box.sk)f(and)g(as)g(such)596 272 y(a)26 b(BIOS)h(passwor)o(d)g(cannot)h(be)f(consider)o(ed)f(adequate)h (pr)o(otection)g(fr)o(om)g(a)g(knowledgeable)596 363 y(attacker)-6 b(.)596 496 y(Many)16 b(x86)g(BIOSs)g(also)h(allow)g(you) h(to)f(specify)f(various)h(other)g(good)h(security)e(settings.)i(Check) 596 587 y(your)k(BIOS)g(manual)f(or)i(look)g(at)e(it)i(the)f(next)g (time)g(you)h(boot)f(up.)g(For)g(example,)g(some)g(BIOSs)596 679 y(disallow)33 b(booting)h(fr)o(om)e(\003oppy)i(drives)e(and)g(some) i(r)o(equir)o(e)e(passwor)o(ds)g(to)h(access)f(some)596 770 y(BIOS)20 b(featur)o(es.)596 903 y Fj(Note)p Fm(:)k(If)g(you)i (have)f(a)f(server)g(machine,)h(and)g(you)h(set)f(up)g(a)f(boot)i (passwor)o(d,)e(your)i(machine)596 994 y(will)20 b(not)h(boot)f(up)g (unattended.)f(Keep)g(in)i(mind)f(that)g(you)g(will)h(need)e(to)i(come) f(in)g(and)g(supply)596 1085 y(the)g(passwor)o(d)h(in)g(the)g(event)f (of)h(a)f(power)h(failur)o(e.)e(;\()596 1393 y Fn(Boot)25 b(Loader)f(Security)596 1530 y Fm(The)16 b(various)h(Linux)g(boot)g (loaders)g(also)g(can)f(have)h(a)f(boot)h(passwor)o(d)g(set.)f(LILO,)g (for)h(example,)596 1622 y(has)28 b Fi(password)e Fm(and)i Fi(restricted)e Fm(settings;)j Fi(password)d Fm(r)o(equir)o(es)h (passwor)o(d)h(at)f(boot)i(time,)596 1713 y(wher)o(eas)16 b Fi(restricted)g Fm(r)o(equir)o(es)g(a)h(boot-time)h(passwor)o(d)f (only)h(if)f(you)h(specify)f(options)i(\(such)596 1804 y(as)h Fi(single)p Fm(\))f(at)i(the)g Fi(LILO)65 b Fm(pr)o(ompt.)596 1937 y(>Fr)o(om)21 b(the)g(lilo.conf)g(man)g(page:)596 2102 y Fi(password=password)1223 2185 y(The)44 b(per-image)g(option)g (`password=...')e(\(see)i(below\))g(applies)g(to)g(all)h(images.)596 2349 y(restricted)1223 2431 y(The)f(per-image)g(option)g(`restricted')e (\(see)j(below\))e(applies)h(to)h(all)f(images.)909 2596 y(password=password)1223 2678 y(Protect)g(the)g(image)g(by)h(a)f (password.)909 2842 y(restricted)1223 2924 y(A)h(password)e(is)i(only)f (required)f(to)i(boot)f(the)g(image)g(if)1223 3006 y(parameters)f(are)i (specified)88 b(on)h(the)g(command)g(line)1223 3089 y(\(e.g.)44 b(single\).)596 3396 y Fm(Keep)29 b(in)g(mind)h(when)g(setting)g(all)f (these)h(passwor)o(ds)f(that)g(you)h(need)f(to)g(r)o(emember)g(them.) 596 3487 y(:\))i(Also)g(r)o(emember)g(that)h(these)f(passwor)o(ds)h (will)g(mer)o(ely)f(slow)i(the)f(determined)f(attacker)-6 b(.)596 3578 y(They)26 b(won't)i(pr)o(event)e(someone)i(fr)o(om)e (booting)i(fr)o(om)f(a)f(\003oppy)-9 b(,)27 b(and)f(mounting)j(your)e (r)o(oot)596 3670 y(partition.)g(If)f(you)i(ar)o(e)e(using)i(security)f (in)g(conjunction)i(with)f(a)f(boot)h(loader)-6 b(,)26 b(you)h(might)h(as)596 3761 y(well)c(disable)g(booting)i(fr)o(om)e(a)f (\003oppy)j(in)e(your)h(computer)6 b('s)25 b(BIOS,)f(and)g(passwor)o (d-pr)o(otect)596 3852 y(the)c(BIOS.)596 3985 y(Also)25 b(keep)h(in)g(mind)g(that)f(the)h(/etc/lilo.conf)g(will)h(need)e(to)h (be)f(mode)h("600")e(\(r)o(eadable)e(and)596 4077 y(writing)f(for)g(r)o (oot)f(only\),)i(or)e(others)i(will)f(be)g(able)f(to)h(r)o(ead)e(your)i (passwor)o(ds!)596 4209 y(If)29 b(anyone)i(has)f(security-r)o(elated)e (information)j(fr)o(om)f(a)f(dif)o(fer)o(ent)g(boot)h(loader)-6 b(,)29 b(we)h(would)596 4301 y(love)20 b(to)i(hear)e(it.)g(\()p Fi(grub)p Fm(,)g Fi(silo)p Fm(,)g Fi(milo)p Fm(,)g Fi(linload)p Fm(,)f(etc\).)596 4434 y Fj(Note)p Fm(:)24 b(If)g(you)i(have)f(a)f (server)g(machine,)h(and)g(you)h(set)f(up)g(a)f(boot)i(passwor)o(d,)e (your)i(machine)596 4525 y(will)21 b Fj(not)f Fm(boot)h(up)f (unattended.)g(Keep)g(in)h(mind)g(that)g(you)g(will)g(need)f(to)h(come) g(in)g(and)f(supply)596 4616 y(the)g(passwor)o(d)h(in)g(the)g(event)f (of)h(a)f(power)h(failur)o(e.)e(;\()596 4924 y Fn(xloc)n(k)25 b(and)f(vloc)n(k)596 5061 y Fm(If)15 b(you)i(wander)f(away)f(fr)o(om)h (your)h(machine)f(fr)o(om)g(time)g(to)h(time,)f(it)g(is)h(nice)f(to)h (be)f(able)f(to)i("lock")596 5153 y(your)25 b(console)h(so)g(that)f(no) g(one)h(can)f(tamper)f(with,)i(or)f(look)h(at,)f(your)g(work.)g(T)-7 b(wo)25 b(pr)o(ograms)596 5244 y(that)20 b(do)h(this)h(ar)o(e:)d Fi(xlock)h Fm(and)g Fi(vlock)p Fm(.)596 5377 y Fi(xlock)30 b Fm(is)i(a)f(X)g(display)g(locker)-6 b(.)31 b(It)h(should)g(be)f (included)g(in)h(any)f(Linux)h(distributions)g(that)596 5468 y(support)27 b(X.)g(Check)f(out)i(the)f(man)g(page)f(for)g(it)h (for)g(mor)o(e)g(options,)g(but)g(in)h(general)e(you)h(can)p Black 3642 5585 a Fj(9)p Black eop %%Page: 10 10 10 9 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fm(r)o(un)26 b Fi(xlock)f Fm(fr)o(om)g(any)g(xterm)h(on)g(your)g(console)h(and)e(it)h (will)g(lock)h(the)e(display)h(and)f(r)o(equir)o(e)596 180 y(your)c(passwor)o(d)f(to)h(unlock.)596 313 y Fi(vlock)29 b Fm(is)i(a)e(simple)i(little)g(pr)o(ogram)e(that)h(allows)h(you)g(to)g (lock)f(some)h(or)g(all)f(of)g(the)g(virtual)596 405 y(consoles)e(on)f(your)g(Linux)g(box.)g(Y)-8 b(ou)28 b(can)f(lock)g(just)h(the)f(one)g(you)g(ar)o(e)f(working)i(in)f(or)g (all)g(of)596 496 y(them.)17 b(If)f(you)h(just)h(lock)f(one,)g(others)h (can)e(come)h(in)h(and)e(use)h(the)g(console;)g(they)h(will)f(just)h (not)f(be)596 587 y(able)j(to)i(use)f(your)h(virtual)f(console)i(until) f(you)g(unlock)g(it.)f Fi(vlock)g Fm(ships)h(with)g(RedHat)f(Linux,)596 679 y(but)f(your)h(mileage)g(may)g(vary)-9 b(.)596 811 y(Of)34 b(course)g(locking)i(your)f(console)g(will)h(pr)o(event)d (someone)j(fr)o(om)e(tampering)g(with)i(your)596 903 y(work,)20 b(but)g(won't)h(pr)o(event)e(them)i(fr)o(om)f(r)o(ebooting)g (your)h(machine)f(or)g(otherwise)h(disr)o(upting)596 994 y(your)f(work.)h(It)g(also)f(does)h(not)g(pr)o(event)f(them)h(fr)o (om)f(accessing)g(your)h(machine)g(fr)o(om)f(another)596 1085 y(machine)h(on)g(the)g(network)g(and)g(causing)g(pr)o(oblems.)596 1218 y(Mor)o(e)e(importantly)-9 b(,)21 b(it)g(does)g(not)h(pr)o(event)d (someone)j(fr)o(om)e(switching)j(out)e(of)g(the)g(X)g(W)-5 b(indow)596 1310 y(System)29 b(entir)o(ely)-9 b(,)28 b(and)h(going)h(to)g(a)f(normal)h(virtual)e(console)j(login)f(pr)o (ompt,)f(or)g(to)h(the)f(VC)596 1401 y(that)18 b(X11)g(was)g(started)f (fr)o(om,)h(and)g(suspending)h(it,)f(thus)h(obtaining)h(your)e (privileges.)h(For)f(this)596 1492 y(r)o(eason,)h(you)j(might)g (consider)e(only)i(using)g(it)f(while)g(under)g(contr)o(ol)g(of)f(xdm.) 596 1800 y Fn(Security)k(of)i(local)f(de)o(vices)596 1937 y Fm(If)18 b(you)h(have)f(a)g(webcam)g(or)g(a)g(micr)o(ophone)h (attached)f(to)h(your)f(system,)h(you)g(should)h(consider)596 2028 y(if)e(ther)o(e)h(is)g(some)h(danger)e(of)i(a)e(attacker)g (gaining)i(access)f(to)g(those)h(devices.)e(When)i(not)g(in)f(use,)596 2120 y(unplugging)32 b(or)g(r)o(emoving)g(such)f(devices)g(might)i(be)e (an)g(option.)h(Otherwise)g(you)g(should)596 2211 y(car)o(efully)19 b(r)o(ead)g(and)h(look)i(at)e(any)h(softwar)o(e)f(with)h(pr)o(ovides)f (access)h(to)g(such)g(devices.)596 2519 y Fn(Detecting)k(Ph)n(ysical)g (Security)g(Compr)n(omises)596 2656 y Fm(The)f(\002rst)h(thing)g(to)g (always)f(note)h(is)g(when)g(your)g(machine)f(was)h(r)o(ebooted.)e (Since)h(Linux)h(is)f(a)596 2747 y(r)o(obust)d(and)g(stable)g(OS,)g (the)g(only)i(times)e(your)h(machine)g(should)g(r)o(eboot)f(is)h(when)g Fj(you)f Fm(take)g(it)596 2839 y(down)c(for)f(OS)g(upgrades,)f(har)o (dwar)o(e)g(swapping,)h(or)h(the)f(like.)h(If)f(your)h(machine)f(has)h (r)o(ebooted)596 2930 y(without)23 b(you)f(doing)g(it,)g(that)g(may)g (be)f(a)h(sign)g(that)g(an)g(intr)o(uder)g(has)g(compr)o(omised)g(it.)f (Many)596 3021 y(of)f(the)h(ways)g(that)g(your)g(machine)g(can)g(be)f (compr)o(omised)h(r)o(equir)o(e)f(the)h(intr)o(uder)g(to)g(r)o(eboot)g (or)596 3113 y(power)f(of)o(f)g(your)h(machine.)596 3246 y(Check)e(for)g(signs)h(of)g(tampering)f(on)h(the)g(case)e(and)h (computer)h(ar)o(ea.)d(Although)j(many)g(intr)o(ud-)596 3337 y(ers)j(clean)h(traces)f(of)h(their)g(pr)o(esence)f(out)h(of)g (logs,)h(it's)f(a)g(good)g(idea)g(to)g(check)g(thr)o(ough)g(them)596 3428 y(all)c(and)g(note)i(any)e(discr)o(epancy)-9 b(.)596 3561 y(It)27 b(is)h(also)f(a)g(good)h(idea)f(to)g(stor)o(e)g(log)i (data)d(at)h(a)g(secur)o(e)f(location,)i(such)g(as)f(a)g(dedicated)e (log)596 3652 y(server)20 b(within)j(your)f(well-pr)o(otected)e (network.)i(Once)g(a)f(machine)g(has)h(been)f(compr)o(omised,)596 3744 y(log)f(data)e(becomes)i(of)f(little)h(use)f(as)h(it)f(most)i (likely)f(has)f(also)h(been)f(modi\002ed)h(by)g(the)f(intr)o(uder)-6 b(.)596 3877 y(The)32 b(syslog)h(daemon)f(can)g(be)f(con\002gur)o(ed)h (to)h(automatically)f(send)g(log)h(data)d(to)j(a)e(central)596 3968 y(syslog)g(server)-6 b(,)30 b(but)g(this)h(is)g(typically)g(sent)g (unencrypted,)f(allowing)h(an)f(intr)o(uder)h(to)g(view)596 4059 y(data)21 b(as)h(it)g(is)h(being)g(transferr)o(ed.)d(This)j(may)f (r)o(eveal)f(information)i(about)f(your)h(network)g(that)596 4151 y(is)18 b(not)g(intended)g(to)g(be)g(public.)g(Ther)o(e)e(ar)o(e)h (syslog)i(daemons)f(available)f(that)g(encrypt)h(the)g(data)596 4242 y(as)i(it)h(is)g(being)g(sent.)596 4375 y(Also)f(be)h(awar)o(e)e (that)h(faking)h(syslog)h(messages)f(is)g(easy)f(--)g(with)h(an)g (exploit)g(pr)o(ogram)f(having)596 4466 y(been)j(published.)i(Syslog)f (even)g(accepts)g(net)g(log)h(entries)f(claiming)h(to)f(come)h(fr)o(om) f(the)g(local)596 4557 y(host)d(without)h(indicating)f(their)g(tr)o(ue) g(origin.)596 4690 y(Some)f(things)i(to)f(check)g(for)g(in)g(your)g (logs:)p Black 596 4906 a Fh(\225)p Black 63 w Fm(Short)g(or)g (incomplete)g(logs.)p Black 596 5039 a Fh(\225)p Black 63 w Fm(Logs)g(containing)h(strange)f(timestamps.)p Black 596 5172 a Fh(\225)p Black 63 w Fm(Logs)g(with)h(incorr)o(ect)e (permissions)i(or)f(ownership.)p Black 596 5305 a Fh(\225)p Black 63 w Fm(Recor)o(ds)g(of)f(r)o(eboots)h(or)g(r)o(estarting)f(of)h (services.)p Black 596 5437 a Fh(\225)p Black 63 w Fm(missing)i(logs.)p Black 197 5585 a Fj(10)p Black eop %%Page: 11 11 11 10 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black Black 596 89 a Fh(\225)p Black 63 w Fi(su)g Fm(entries)g(or)f(logins)i(fr)o(om)f(strange)f (places.)596 355 y(W)-8 b(e)16 b(will)h(discuss)g(system)g(log)g(data)p 0 TeXcolorgray 15 w(the)g(Section)f(called)g Fj(Keep)h(T)-9 b(rack)16 b(of)g(Y)-9 b(our)17 b(System)f(Accounting)596 446 y(Data)p Black 19 w Fm(in)21 b(the)g(HOWT)o(O.)197 847 y Fk(Local)28 b(Security)596 989 y Fm(The)f(next)g(thing)h(to)f (take)g(a)f(look)i(at)f(is)g(the)g(security)g(in)h(your)f(system)h (against)f(attacks)f(fr)o(om)596 1080 y(local)20 b(users.)h(Did)g(we)f (just)i(say)f Fj(local)f Fm(users?)h(Y)-8 b(es!)596 1213 y(Getting)24 b(access)g(to)g(a)g(local)g(user)g(account)g(is)g(one)h (of)f(the)g(\002rst)h(things)g(that)f(system)h(intr)o(uders)596 1304 y(attempt)30 b(while)h(on)g(their)g(way)f(to)h(exploiting)h(the)e (r)o(oot)h(account.)f(W)-5 b(ith)32 b(lax)e(local)g(security)-9 b(,)596 1396 y(they)30 b(can)g(then)g("upgrade")f(their)h(normal)g (user)g(access)f(to)i(r)o(oot)f(access)f(using)i(a)f(variety)f(of)596 1487 y(bugs)f(and)g(poorly)h(setup)f(local)g(services.)g(If)g(you)h (make)f(sur)o(e)g(your)g(local)g(security)h(is)f(tight,)596 1578 y(then)21 b(the)g(intr)o(uder)f(will)i(have)e(another)h(hur)o(dle) f(to)h(jump.)596 1711 y(Local)k(users)h(can)f(also)h(cause)f(a)g(lot)i (of)e(havoc)h(with)g(your)h(system)f(even)f(\(especially\))g(if)h(they) 596 1802 y(r)o(eally)18 b(ar)o(e)g(who)i(they)f(say)g(they)h(ar)o(e.)d (Pr)o(oviding)j(accounts)f(to)h(people)f(you)h(don't)g(know)g(or)f(for) 596 1894 y(whom)i(you)h(have)e(no)h(contact)g(information)h(is)f(a)f (very)h(bad)f(idea.)596 2146 y Fn(Creating)k(Ne)o(w)h(Accounts)596 2283 y Fm(Y)-8 b(ou)32 b(should)h(make)e(sur)o(e)g(you)h(pr)o(ovide)e (user)i(accounts)f(with)i(only)f(the)g(minimal)g(r)o(equir)o(e-)596 2374 y(ments)20 b(for)h(the)f(task)g(they)h(need)f(to)g(do.)h(If)f(you) g(pr)o(ovide)g(your)g(son)i(\(age)d(10\))g(with)i(an)f(account,)596 2465 y(you)26 b(might)h(want)f(him)h(to)f(only)h(have)f(access)f(to)h (a)g(wor)o(d)f(pr)o(ocessor)h(or)g(drawing)g(pr)o(ogram,)596 2557 y(but)20 b(be)h(unable)f(to)h(delete)f(data)g(that)h(is)g(not)g (his.)596 2689 y(Several)k(good)i(r)o(ules)h(of)f(thumb)g(when)h (allowing)g(other)f(people)g(legitimate)g(access)f(to)i(your)596 2781 y(Linux)20 b(machine:)p Black 596 3038 a Fh(\225)p Black 63 w Fm(Give)h(them)g(the)g(minimal)h(amount)f(of)g(privileges)g (they)g(need.)p Black 596 3171 a Fh(\225)p Black 63 w Fm(Be)g(awar)o(e)e(when/wher)o(e)i(they)g(login)h(fr)o(om,)e(or)h (should)g(be)g(logging)h(in)f(fr)o(om.)p Black 596 3304 a Fh(\225)p Black 67 w Fm(Make)i(sur)o(e)g(you)i(r)o(emove)e(inactive)h (accounts,)g(which)h(you)f(can)g(determine)g(by)g(using)h(the)679 3395 y('last')20 b(command)i(and/or)e(checking)i(log)f(\002les)g(for)g (any)f(activity)h(by)g(the)g(user)-6 b(.)p Black 596 3528 a Fh(\225)p Black 72 w Fm(The)28 b(use)h(of)g(the)h(same)e(userid) h(on)h(all)e(computers)i(and)e(networks)i(is)f(advisable)f(to)i(ease) 679 3619 y(account)20 b(maintenance,)h(and)f(permits)h(easier)f (analysis)h(of)g(log)g(data.)p Black 596 3752 a Fh(\225)p Black 73 w Fm(The)31 b(cr)o(eation)f(of)h(gr)o(oup)g(user)o(-id's)f (should)i(be)e(absolutely)h(pr)o(ohibited.)g(User)f(accounts)679 3843 y(also)20 b(pr)o(ovide)g(accountability)-9 b(,)21 b(and)f(this)i(is)f(not)g(possible)h(with)f(gr)o(oup)g(accounts.)596 4109 y(Many)g(local)i(user)f(accounts)g(that)g(ar)o(e)f(used)h(in)h (security)f(compr)o(omises)h(have)f(not)h(been)f(used)596 4200 y(in)f(months)h(or)f(years.)f(Since)g(no)i(one)f(is)g(using)h (them)f(they)-9 b(,)20 b(pr)o(ovide)g(the)h(ideal)f(attack)g(vehicle.) 596 4508 y Fn(Root)25 b(Security)596 4645 y Fm(The)20 b(most)h(sought-after)f(account)h(on)g(your)f(machine)h(is)g(the)f(r)o (oot)h(\(super)o(user\))e(account.)h(This)596 4737 y(account)32 b(has)h(authority)g(over)g(the)g(entir)o(e)f(machine,)h(which)h(may)f (also)g(include)f(authority)596 4828 y(over)26 b(other)i(machines)f(on) h(the)f(network.)h(Remember)f(that)g(you)h(should)g(only)g(use)f(the)g (r)o(oot)596 4919 y(account)c(for)g(very)g(short,)g(speci\002c)g (tasks,)g(and)g(should)h(mostly)h(r)o(un)e(as)g(a)g(normal)h(user)-6 b(.)22 b(Even)596 5011 y(small)k(mistakes)g(made)g(while)g(logged)h(in) f(as)g(the)g(r)o(oot)g(user)g(can)g(cause)f(pr)o(oblems.)h(The)g(less) 596 5102 y(time)21 b(you)g(ar)o(e)e(on)j(with)f(r)o(oot)g(privileges,)f (the)h(safer)f(you)h(will)h(be.)596 5235 y(Several)d(tricks)i(to)g (avoid)f(messing)i(up)f(your)g(own)h(box)e(as)h(r)o(oot:)p Black 3601 5585 a Fj(11)p Black eop %%Page: 12 12 12 11 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black Black 596 89 a Fh(\225)p Black 74 w Fm(When)33 b(doing)f(some)h(complex)f(command,)g(try)f(r)o (unning)j(it)e(\002rst)g(in)g(a)g(non-destr)o(uctive)679 180 y(way)-9 b(...especially)21 b(commands)i(that)g(use)f(globing:)i (e.g.,)e(if)g(you)h(want)g(to)g(do)g Fi(rm)45 b(foo*.bak)p Fm(,)679 272 y(\002rst)18 b(do)g Fi(ls)45 b(foo*.bak)17 b Fm(and)h(make)g(sur)o(e)f(you)i(ar)o(e)e(going)i(to)g(delete)e(the)i (\002les)f(you)h(think)g(you)679 363 y(ar)o(e.)g(Using)i Fi(echo)f Fm(in)h(place)f(of)h(destr)o(uctive)f(commands)i(also)f (sometimes)g(works.)p Black 596 496 a Fh(\225)p Black 62 w Fm(Pr)o(ovide)e(your)g(users)h(with)g(a)f(default)f(alias)h(to)h (the)g Fi(rm)f Fm(command)g(to)h(ask)g(for)f(con\002rmation)679 587 y(for)h(deletion)h(of)g(\002les.)p Black 596 720 a Fh(\225)p Black 67 w Fm(Only)k(become)f(r)o(oot)h(to)f(do)h(single)g (speci\002c)f(tasks.)g(If)g(you)h(\002nd)f(yourself)h(trying)g(to)f (\002gur)o(e)679 811 y(out)i(how)h(to)f(do)h(something,)g(go)g(back)e (to)i(a)e(normal)i(user)e(shell)i(until)g(you)g(ar)o(e)d Fj(sur)o(e)j Fm(what)679 903 y(needs)20 b(to)h(be)g(done)g(by)f(r)o (oot.)p Black 596 1036 a Fh(\225)p Black 60 w Fm(The)d(command)h(path)f (for)g(the)h(r)o(oot)f(user)g(is)h(very)f(important.)h(The)f(command)h (path)f(\(that)g(is,)679 1127 y(the)h Fi(PATH)h Fm(envir)o(onment)g (variable\))e(speci\002es)i(the)g(dir)o(ectories)f(in)h(which)h(the)f (shell)g(sear)o(ches)679 1218 y(for)g(pr)o(ograms.)g(T)-7 b(ry)19 b(to)h(limit)g(the)g(command)g(path)f(for)h(the)g(r)o(oot)f (user)h(as)f(much)h(as)g(possible,)679 1310 y(and)d Fj(never)h Fm(include)g Fi(.)f Fm(\(which)i(means)f("the)f(curr)o(ent)g(dir)o (ectory"\))g(in)h(your)g(P)-8 b(A)i(TH.)17 b(Addition-)679 1401 y(ally)-9 b(,)18 b(never)g(have)g(writable)h(dir)o(ectories)f(in)h (your)g(sear)o(ch)f(path,)g(as)h(this)g(can)g(allow)g(attackers)679 1492 y(to)k(modify)f(or)h(place)f(new)h(binaries)f(in)h(your)g(sear)o (ch)f(path,)g(allowing)i(them)f(to)g(r)o(un)g(as)f(r)o(oot)679 1583 y(the)e(next)h(time)g(you)h(r)o(un)f(that)g(command.)p Black 596 1716 a Fh(\225)p Black 68 w Fm(Never)j(use)i(the)f (rlogin/rsh/r)o(exec)h(suite)f(of)g(tools)i(\(called)d(the)h(r)o (-utilities\))g(as)g(r)o(oot.)g(They)679 1808 y(ar)o(e)j(subject)i(to)g (many)g(sorts)g(of)g(attacks,)e(and)i(ar)o(e)e(downright)j(danger)o (ous)e(when)h(r)o(un)g(as)679 1899 y(r)o(oot.)20 b(Never)g(cr)o(eate)f (a)h Fi(.rhosts)g Fm(\002le)h(for)f(r)o(oot.)p Black 596 2032 a Fh(\225)p Black 67 w Fm(The)25 b Fi(/etc/securetty)d Fm(\002le)i(contains)i(a)e(list)h(of)f(terminals)h(that)g(r)o(oot)f (can)h(login)g(fr)o(om.)f(By)679 2123 y(default)j(\(on)i(Red)f(Hat)g (Linux\))g(this)h(is)g(set)f(to)h(only)h(the)e(local)g(virtual)h (consoles\(vtys\).)f(Be)679 2214 y(very)18 b(wary)h(of)f(adding)h (anything)h(else)f(to)g(this)h(\002le.)e(Y)-8 b(ou)20 b(should)g(be)f(able)f(to)h(login)h(r)o(emotely)679 2306 y(as)e(your)h(r)o(egular)e(user)h(account)h(and)f(then)h Fi(su)f Fm(if)h(you)g(need)f(to)h(\(hopefully)g(over)p 0 TeXcolorgray 18 w(the)g(Section)679 2397 y(called)28 b Fc(ssh)g Fj(\(Secur)o(e)h(Shell\))f(and)h Fc(stelnet)p Black 27 w Fm(or)g(other)g(encrypted)f(channel\),)h(so)g(ther)o(e)f(is) h(no)679 2488 y(need)20 b(to)h(be)f(able)h(to)g(login)h(dir)o(ectly)e (as)g(r)o(oot.)p Black 596 2621 a Fh(\225)p Black 67 w Fm(Always)k(be)g(slow)h(and)f(deliberate)e(r)o(unning)k(as)e(r)o (oot.)g(Y)-8 b(our)25 b(actions)g(could)f(af)o(fect)e(a)i(lot)h(of)679 2713 y(things.)c(Think)h(befor)o(e)d(you)j(type!)596 2978 y(If)g(you)i(absolutely)g(positively)g(need)f(to)g(allow)h (someone)g(\(hopefully)g(very)f(tr)o(usted\))g(to)g(have)596 3070 y(r)o(oot)e(access)g(to)h(your)f(machine,)h(ther)o(e)e(ar)o(e)g(a) h(few)g(tools)i(that)e(can)g(help.)g Fi(sudo)g Fm(allows)h(users)g(to) 596 3161 y(use)17 b(their)g(passwor)o(d)g(to)h(access)f(a)f(limited)i (set)f(of)h(commands)g(as)f(r)o(oot.)g(This)h(would)g(allow)f(you)596 3252 y(to,)j(for)f(instance,)h(let)g(a)g(user)f(be)h(able)f(to)h(eject) g(and)g(mount)h(r)o(emovable)e(media)g(on)i(your)f(Linux)596 3344 y(box,)29 b(but)h(have)f(no)i(other)f(r)o(oot)f(privileges.)h Fi(sudo)f Fm(also)h(keeps)g(a)f(log)h(of)g(all)g(successful)f(and)596 3435 y(unsuccessful)24 b(sudo)h(attempts,)f(allowing)h(you)g(to)f (track)g(down)h(who)g(used)f(what)h(command)596 3526 y(to)18 b(do)g(what.)g(For)h(this)g(r)o(eason)e Fi(sudo)h Fm(works)h(well)f(even)g(in)h(places)e(wher)o(e)h(a)g(number)g(of)g (people)596 3618 y(have)i(r)o(oot)h(access,)e(because)h(it)h(helps)g (you)h(keep)e(track)g(of)h(changes)g(made.)596 3750 y(Although)f Fi(sudo)e Fm(can)h(be)g(used)h(to)f(give)h(speci\002c)f(users)g (speci\002c)g(privileges)h(for)f(speci\002c)g(tasks,)596 3842 y(it)25 b(does)h(have)f(several)g(shortcomings.)j(It)d(should)i (be)e(used)g(only)i(for)f(a)f(limited)h(set)f(of)h(tasks,)596 3933 y(like)d(r)o(estarting)f(a)g(server)-6 b(,)22 b(or)h(adding)f(new) i(users.)e(Any)h(pr)o(ogram)f(that)h(of)o(fers)f(a)g(shell)i(escape)596 4024 y(will)k(give)g(r)o(oot)g(access)g(to)g(a)g(user)f(invoking)j(it)e (via)g Fi(sudo)p Fm(.)f(This)h(includes)g(most)h(editors,)f(for)596 4116 y(example.)23 b(Also,)i(a)f(pr)o(ogram)g(as)g(innocuous)j(as)d Fi(/bin/cat)f Fm(can)i(be)f(used)g(to)h(overwrite)g(\002les,)596 4207 y(which)c(could)g(allow)h(r)o(oot)e(to)i(be)e(exploited.)h (Consider)g Fi(sudo)f Fm(as)g(a)h(means)g(for)f(accountability)-9 b(,)596 4298 y(and)20 b(don't)h(expect)f(it)h(to)g(r)o(eplace)e(the)i (r)o(oot)g(user)f(and)h(still)g(be)g(secur)o(e.)197 4699 y Fk(Files)28 b(and)g(File)g(system)h(Security)596 4841 y Fm(A)24 b(few)h(minutes)h(of)f(pr)o(eparation)f(and)g(planning)i (ahead)e(befor)o(e)g(putting)i(your)g(systems)g(on-)596 4932 y(line)21 b(can)f(help)h(to)g(pr)o(otect)f(them)h(and)g(the)g (data)e(stor)o(ed)h(on)i(them.)p Black 596 5174 a Fh(\225)p Black 67 w Fm(Ther)o(e)i(should)i(never)e(be)h(a)f(r)o(eason)g(for)h (users')g(home)h(dir)o(ectories)e(to)h(allow)g(SUID/SGID)679 5266 y(pr)o(ograms)17 b(to)h(be)f(r)o(un)i(fr)o(om)e(ther)o(e.)g(Use)g (the)h Fi(nosuid)f Fm(option)i(in)f Fi(/etc/fstab)e Fm(for)h (partitions)679 5357 y(that)22 b(ar)o(e)e(writable)i(by)g(others)g (than)h(r)o(oot.)e(Y)-8 b(ou)24 b(may)e(also)g(wish)h(to)f(use)g Fi(nodev)f Fm(and)h Fi(noexec)679 5448 y Fm(on)d(users')f(home)i (partitions,)f(as)f(well)h(as)f Fi(/var)p Fm(,)g(thus)h(pr)o(ohibiting) g(execution)g(of)g(pr)o(ograms,)p Black 197 5585 a Fj(12)p Black eop %%Page: 13 13 13 12 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 679 89 a Fm(and)j(cr)o(eation)g(of)g (character)g(or)g(block)i(devices,)d(which)j(should)f(never)g(be)f (necessary)g(any-)679 180 y(way)-9 b(.)p Black 596 313 a Fh(\225)p Black 69 w Fm(If)27 b(you)g(ar)o(e)f(exporting)h (\002le-systems)g(using)h(NFS,)e(be)h(sur)o(e)f(to)h(con\002gur)o(e)g Fi(/etc/exports)679 405 y Fm(with)d(the)g(most)h(r)o(estrictive)e (access)g(possible.)h(This)h(means)f(not)g(using)h(wild)f(car)o(ds,)e (not)j(al-)679 496 y(lowing)d(r)o(oot)e(write)h(access,)f(and)g (exporting)i(r)o(ead-only)d(wher)o(ever)h(possible.)p Black 596 629 a Fh(\225)p Black 69 w Fm(Con\002gur)o(e)27 b(your)h(users')f(\002le-cr)o(eation)f Fi(umask)g Fm(to)h(be)f(as)h(r)o (estrictive)f(as)h(possible.)g(See)p 0 TeXcolorgray 26 w(the)679 720 y(Section)20 b(called)g Fj(Umask)g(Settings)p Black Fm(.)p Black 596 853 a Fh(\225)p Black 75 w Fm(If)32 b(you)i(ar)o(e)d(mounting)j(\002le)f(systems)h(using)f(a)f(network)i (\002le)e(system)i(such)f(as)f(NFS,)g(be)679 944 y(sur)o(e)23 b(to)h(con\002gur)o(e)h(/etc/exports)f(with)h(suitable)f(r)o (estrictions.)g(T)-7 b(ypically)e(,)23 b(using)i(`nodev',)679 1036 y(`nosuid',)c(and)f(per)o(haps)g(`noexec',)h(ar)o(e)e(desirable.)p Black 596 1168 a Fh(\225)p Black 87 w Fm(Set)43 b(\002le)i(system)f (limits)i(instead)d(of)i(allowing)g Fi(unlimited)d Fm(as)i(is)h(the)f (default.)f(Y)-8 b(ou)679 1260 y(can)51 b(contr)o(ol)h(the)g(per)o (-user)e(limits)j(using)f(the)g(r)o(esour)o(ce-limits)f(P)-8 b(AM)51 b(module)h(and)679 1351 y Fi(/etc/pam.d/limits.conf)p Fm(.)25 b(For)30 b(example,)f(limits)i(for)e(gr)o(oup)h Fi(users)e Fm(might)j(look)g(like)679 1442 y(this:)768 1608 y Fi(@users)223 b(hard)89 b(core)179 b(0)768 1690 y(@users)223 b(hard)89 b(nproc)134 b(50)768 1772 y(@users)223 b(hard)89 b(rss)224 b(5000)679 2038 y Fm(This)26 b(says)g(to)g(pr)o (ohibit)g(the)g(cr)o(eation)f(of)h(cor)o(e)f(\002les,)h(r)o(estrict)f (the)h(number)f(of)h(pr)o(ocesses)g(to)679 2129 y(50,)19 b(and)h(r)o(estrict)g(memory)i(usage)e(per)g(user)h(to)g(5M.)679 2262 y(Y)-8 b(ou)21 b(can)g(also)g(use)g(the)g(/etc/login.defs)g (con\002guration)h(\002le)f(to)g(set)g(the)f(same)h(limits.)p Black 596 2527 a Fh(\225)p Black 76 w Fm(The)34 b Fi(/var/log/wtmp)d Fm(and)i Fi(/var/run/utmp)f Fm(\002les)i(contain)g(the)g(login)h(r)o (ecor)o(ds)d(for)h(all)679 2619 y(users)17 b(on)h(your)g(system.)g (Their)f(integrity)h(must)g(be)f(maintained)h(because)e(they)i(can)f (be)g(used)679 2710 y(to)j(determine)g(when)h(and)f(fr)o(om)g(wher)o(e) g(a)f(user)i(\(or)f(potential)g(intr)o(uder\))g(has)h(enter)o(ed)e (your)679 2801 y(system.)32 b(These)f(\002les)h(should)g(also)g(have)f Fi(644)g Fm(permissions,)i(without)f(af)o(fecting)f(normal)679 2893 y(system)21 b(operation.)p Black 596 3026 a Fh(\225)p Black 68 w Fm(The)k(immutable)h(bit)f(can)g(be)g(used)g(to)h(pr)o (event)e(accidentally)h(deleting)g(or)g(overwriting)h(a)679 3117 y(\002le)f(that)h(must)g(be)g(pr)o(otected.)e(It)i(also)g(pr)o (events)e(someone)j(fr)o(om)e(cr)o(eating)g(a)h(har)o(d)e(link)j(to)679 3208 y(the)20 b(\002le.)h(See)f(the)h Fi(chattr)p Fm(\(1\))d(man)j (page)f(for)h(information)h(on)f(the)g(immutable)g(bit.)p Black 596 3341 a Fh(\225)p Black 68 w Fm(SUID)j(and)h(SGID)h(\002les)f (on)h(your)g(system)g(ar)o(e)e(a)g(potential)i(security)f(risk,)g(and)g (should)h(be)679 3432 y(monitor)o(ed)18 b(closely)-9 b(.)18 b(Because)f(these)h(pr)o(ograms)g(grant)g(special)f(privileges)h (to)h(the)f(user)g(who)679 3524 y(is)f(executing)g(them,)h(it)g(is)f (necessary)g(to)h(ensur)o(e)e(that)i(insecur)o(e)e(pr)o(ograms)h(ar)o (e)f(not)i(installed.)679 3615 y(A)28 b(favorite)g(trick)i(of)f (crackers)f(is)h(to)g(exploit)h(SUID-r)o(oot)e(pr)o(ograms,)g(then)i (leave)e(a)h(SUID)679 3706 y(pr)o(ogram)18 b(as)i(a)f(back)g(door)h(to) g(get)f(in)h(the)g(next)g(time,)f(even)h(if)f(the)h(original)g(hole)g (is)g(plugged.)679 3839 y(Find)26 b(all)g(SUID/SGID)g(pr)o(ograms)g(on) h(your)g(system,)f(and)g(keep)g(track)f(of)i(what)f(they)h(ar)o(e,)679 3931 y(so)20 b(you)g(ar)o(e)e(awar)o(e)f(of)j(any)f(changes)h(which)g (could)g(indicate)f(a)g(potential)h(intr)o(uder)-6 b(.)19 b(Use)g(the)679 4022 y(following)j(command)f(to)g(\002nd)g(all)g (SUID/SGID)f(pr)o(ograms)h(on)g(your)g(system:)1396 4187 y Fi(root#)89 b(find)44 b(/)g(-type)g(f)h(\\\()g(-perm)f(-04000)f(-o)i (-perm)f(-02000)g(\\\))679 4453 y Fm(The)18 b(Debian)h(distribution)g (r)o(uns)g(a)g(job)g(each)f(night)i(to)f(determine)f(what)h(SUID)f (\002les)h(exist.)f(It)679 4544 y(then)g(compar)o(es)g(this)h(to)g(the) f(pr)o(evious)g(night's)i(r)o(un.)e(Y)-8 b(ou)20 b(can)e(look)h(in)g Fi(/var/log/setuid*)679 4635 y Fm(for)h(this)i(log.)679 4768 y(Y)-8 b(ou)35 b(can)f(r)o(emove)g(the)g(SUID)g(or)h(SGID)f (permissions)i(on)f(a)f(suspicious)h(pr)o(ogram)f(with)679 4860 y Fi(chmod)p Fm(,)19 b(then)i(r)o(estor)o(e)f(them)h(back)f(if)h (you)g(absolutely)g(feel)f(it)h(is)g(necessary)-9 b(.)p Black 596 5125 a Fh(\225)p Black 70 w Fm(W)h(orld-writable)27 b(\002les,)g(particularly)f(system)i(\002les,)f(can)g(be)g(a)g (security)g(hole)h(if)f(a)f(cracker)679 5217 y(gains)16 b(access)g(to)h(your)g(system)g(and)f(modi\002es)i(them.)e (Additionally)-9 b(,)16 b(world-writable)g(dir)o(ec-)679 5308 y(tories)21 b(ar)o(e)f(danger)o(ous,)g(since)i(they)g(allow)f(a)g (cracker)f(to)i(add)e(or)i(delete)e(\002les)i(as)f(he)g(wishes.)679 5399 y(T)-8 b(o)21 b(locate)f(all)h(world-writable)f(\002les)h(on)h (your)f(system,)g(use)g(the)g(following)h(command:)p Black 3601 5585 a Fj(13)p Black eop %%Page: 14 14 14 13 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 768 89 a Fi(root#)44 b(find)g(/)h(-perm)f (-2)h(!)f(-type)g(l)h(-ls)679 222 y Fm(and)20 b(be)h(sur)o(e)g(you)h (know)g(why)g(those)g(\002les)f(ar)o(e)f(writable.)h(In)g(the)h(normal) g(course)f(of)g(opera-)679 313 y(tion,)g(several)f(\002les)i(will)g(be) e(world-writable,)h(including)h(some)f(fr)o(om)g Fi(/dev)p Fm(,)f(and)h(symbolic)679 405 y(links,)e(thus)g(the)g Fi(!)45 b(-type)f(l)19 b Fm(which)g(excludes)f(these)h(fr)o(om)f(the)h (pr)o(evious)g Fi(find)f Fm(command.)p Black 596 670 a Fh(\225)p Black 679 803 a Fm(Unowned)29 b(\002les)g(may)g(also)h(be)e (an)h(indication)h(an)f(intr)o(uder)g(has)g(accessed)f(your)h(system.) 679 894 y(Y)-8 b(ou)19 b(can)g(locate)f(\002les)h(on)g(your)g(system)g (that)g(have)f(no)h(owner)-6 b(,)19 b(or)f(belong)i(to)f(no)g(gr)o(oup) f(with)679 986 y(the)i(command:)768 1151 y Fi(root#)44 b(find)g(/)h(\\\()g(-nouser)e(-o)i(-nogroup)e(\\\))i(-print)p Black 596 1549 a Fh(\225)p Black 64 w Fm(Finding)23 b Fi(.rhosts)d Fm(\002les)i(should)g(be)f(a)h(part)e(of)i(your)g(r)o (egular)e(system)i(administration)h(du-)679 1641 y(ties,)j(as)h(these)g (\002les)g(should)h(not)f(be)g(permitted)f(on)i(your)f(system.)g (Remember)-6 b(,)27 b(a)f(cracker)679 1732 y(only)c(needs)g(one)g (insecur)o(e)f(account)h(to)g(potentially)g(gain)g(access)f(to)h(your)g (entir)o(e)g(network.)679 1823 y(Y)-8 b(ou)21 b(can)g(locate)f(all)h Fi(.rhosts)e Fm(\002les)j(on)f(your)g(system)h(with)f(the)g(following)h (command:)1351 1947 y Fi(root#)44 b(find)g(/home)g(-name)g(.rhosts)g (-print)p Black 596 2121 a Fh(\225)p Black 679 2254 a Fm(Finally)-9 b(,)29 b(befor)o(e)f(changing)i(permissions)h(on)f(any)g (system)g(\002les,)f(make)g(sur)o(e)g(you)h(under)o(-)679 2346 y(stand)f(what)g(you)h(ar)o(e)e(doing.)i(Never)e(change)i (permissions)g(on)g(a)f(\002le)h(because)e(it)i(seems)679 2437 y(like)c(the)h(easy)f(way)g(to)h(get)g(things)g(working.)h(Always) e(determine)g(why)h(the)g(\002le)f(has)h(that)679 2528 y(permission)21 b(befor)o(e)f(changing)h(it.)596 3046 y Fn(Umask)j(Settings)596 3183 y Fm(The)18 b Fi(umask)g Fm(command)g(can)g(be)h(used)f(to)h(determine)f(the)g(default)g(\002le) g(cr)o(eation)g(mode)h(on)g(your)596 3274 y(system.)24 b(It)h(is)f(the)h(octal)f(complement)h(of)f(the)g(desir)o(ed)f(\002le)i (mode.)f(If)g(\002les)g(ar)o(e)f(cr)o(eated)g(with-)596 3366 y(out)17 b(any)g(r)o(egar)o(d)e(to)j(their)f(permissions)h (settings,)g(the)f(user)g(could)g(inadvertently)g(give)g(r)o(ead)f(or) 596 3457 y(write)h(permission)i(to)e(someone)i(that)e(should)h(not)h (have)e(this)h(permission.)g(T)-7 b(ypical)17 b Fi(umask)f Fm(set-)596 3548 y(tings)24 b(include)g Fi(022)p Fm(,)f Fi(027)p Fm(,)f(and)h Fi(077)h Fm(\(which)g(is)g(the)f(most)i(r)o (estrictive\).)d(Normally)i(the)g(umask)596 3640 y(is)c(set)f(in)h Fi(/etc/profile)p Fm(,)e(so)i(it)g(applies)f(to)h(all)g(users)f(on)h (the)g(system.)g(The)g(\002le)g(cr)o(eation)f(mask)596 3731 y(can)g(be)g(calculated)f(by)i(subtracting)g(the)f(desir)o(ed)g (value)g(fr)o(om)g(777.)f(In)i(other)f(wor)o(ds,)h(a)f(umask)596 3822 y(of)24 b(777)g(would)h(cause)g(newly-cr)o(eated)e(\002les)i(to)h (contain)f(no)h(r)o(ead,)d(write)i(or)g(execute)f(permis-)596 3913 y(sion)k(for)f(anyone.)g(A)g(mask)g(of)g(666)f(would)h(cause)g (newly-cr)o(eated)e(\002les)j(to)f(have)g(a)g(mask)g(of)596 4005 y(111.)19 b(For)i(example,)e(you)j(may)e(have)h(a)f(line)h(that)g (looks)h(like)f(this:)685 4212 y Fi(#)45 b(Set)f(the)g(user's)g (default)g(umask)685 4294 y(umask)g(033)596 4468 y Fm(Be)25 b(sur)o(e)h(to)g(make)g(r)o(oot's)h(umask)f Fi(077)p Fm(,)g(which)h(will)f(disable)g(r)o(ead,)e(write,)i(and)g(execute)f (per)o(-)596 4559 y(mission)j(for)e(other)h(users,)f(unless)h (explicitly)f(changed)h(using)g Fi(chmod)p Fm(.)e(In)i(this)g(case,)f (newly-)596 4651 y(cr)o(eated)h(dir)o(ectories)i(would)h(have)g(744)e (permissions,)j(obtained)e(by)h(subtracting)g(033)e(fr)o(om)596 4742 y(777.)19 b(Newly-cr)o(eated)f(\002les)j(using)h(the)f(033)e (umask)i(would)h(have)e(permissions)i(of)f(644.)596 4875 y(If)29 b(you)i(ar)o(e)e(using)i(Red)f(Hat,)g(and)g(adher)o(e)e(to)j (their)f(user)g(and)g(gr)o(oup)g(ID)g(cr)o(eation)g(scheme)596 4966 y(\(User)22 b(Private)h(Gr)o(oups\),)g(it)h(is)g(only)h(necessary) e(to)h(use)g Fi(002)f Fm(for)h(a)f Fi(umask)p Fm(.)f(This)i(is)h(due)e (to)h(the)596 5058 y(fact)19 b(that)i(the)g(default)f(con\002guration)i (is)f(one)g(user)f(per)h(gr)o(oup.)p Black 197 5585 a Fj(14)p Black eop %%Page: 15 15 15 14 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fn(File)k(P)m(ermissions)596 226 y Fm(It's)18 b(important)g(to)g(ensur)o(e)f(that)h(your)g(system)h (\002les)f(ar)o(e)e(not)j(open)f(for)g(casual)f(editing)h(by)g(users) 596 317 y(and)i(gr)o(oups)h(who)g(shouldn't)h(be)f(doing)g(such)g (system)h(maintenance.)596 450 y(Unix)29 b(separates)g(access)g(contr)o (ol)h(on)h(\002les)f(and)f(dir)o(ectories)g(accor)o(ding)g(to)h(thr)o (ee)f(character)o(-)596 542 y(istics:)g(owner)-6 b(,)29 b(gr)o(oup,)f(and)g(other)-6 b(.)29 b(Ther)o(e)f(is)h(always)g(exactly) f(one)h(owner)-6 b(,)29 b(any)g(number)g(of)596 633 y(members)20 b(of)h(the)g(gr)o(oup,)f(and)h(everyone)f(else.)596 766 y(A)g(quick)h(explanation)g(of)g(Unix)f(permissions:)596 899 y(Ownership)25 b(-)e(Which)i(user\(s\))e(and)h(gr)o(oup\(s\))f(r)o (etain\(s\))g(contr)o(ol)i(of)f(the)g(permission)h(settings)596 990 y(of)20 b(the)h(node)g(and)f(par)o(ent)g(of)h(the)g(node)596 1123 y(Permissions)33 b(-)e(Bits)h(capable)e(of)h(being)h(set)g(or)g(r) o(eset)e(to)i(allow)g(certain)f(types)h(of)g(access)f(to)596 1214 y(it.)h(Permissions)i(for)e(dir)o(ectories)f(may)h(have)g(a)g(dif) o(fer)o(ent)e(meaning)j(than)f(the)h(same)f(set)g(of)596 1305 y(permissions)22 b(on)f(\002les.)596 1438 y Fj(Read:)p Black 596 1654 a Fh(\225)p Black 63 w Fm(T)-8 b(o)22 b(be)e(able)g(to)h(view)g(contents)h(of)f(a)f(\002le)p Black 596 1787 a Fh(\225)p Black 63 w Fm(T)-8 b(o)22 b(be)e(able)g(to)h(r)o(ead)e(a)i(dir)o(ectory)596 2053 y Fj(W)n(rite:)p Black 596 2268 a Fh(\225)p Black 63 w Fm(T)-8 b(o)22 b(be)e(able)g(to)h(add)f(to)h(or)g(change)g(a)f (\002le)p Black 596 2401 a Fh(\225)p Black 63 w Fm(T)-8 b(o)22 b(be)e(able)g(to)h(delete)f(or)h(move)g(\002les)g(in)h(a)e(dir)o (ectory)596 2667 y Fj(Execute:)p Black 596 2883 a Fh(\225)p Black 63 w Fm(T)-8 b(o)22 b(be)e(able)g(to)h(r)o(un)h(a)e(binary)g(pr)o (ogram)h(or)f(shell)i(script)p Black 596 3016 a Fh(\225)p Black 63 w Fm(T)-8 b(o)22 b(be)e(able)g(to)h(sear)o(ch)f(in)h(a)g(dir)o (ectory)-9 b(,)19 b(combined)i(with)h(r)o(ead)d(permission)197 3406 y(Save)h(T)-8 b(ext)20 b(Attribute:)g(\(For)h(dir)o(ectories\))p Black Black 788 3539 a(The)27 b("sticky)h(bit")e(also)h(has)g(a)g(dif)o (fer)o(ent)e(meaning)i(when)g(applied)f(to)i(dir)o(ectories)e(than)762 3630 y(when)34 b(applied)f(to)i(\002les.)f(If)g(the)g(sticky)g(bit)h (is)f(set)g(on)h(a)e(dir)o(ectory)-9 b(,)33 b(then)i(a)e(user)h(may)762 3721 y(only)25 b(delete)g(\002les)g(that)g(the)g(he)g(owns)h(or)f(for)f (which)i(he)f(has)g(explicit)g(write)g(permission)762 3813 y(granted,)c(even)h(when)g(he)g(has)h(write)f(access)f(to)i(the)f (dir)o(ectory)-9 b(.)21 b(This)h(is)h(designed)f(for)f(di-)762 3904 y(r)o(ectories)f(like)i Fi(/tmp)p Fm(,)e(which)j(ar)o(e)d (world-writable,)g(but)i(wher)o(e)f(it)g(may)h(not)g(be)f(desirable)762 3995 y(to)30 b(allow)g(any)f(user)h(to)g(delete)e(\002les)i(at)g(will.) g(The)f(sticky)h(bit)g(is)g(seen)g(as)f(a)g Fi(t)h Fm(in)g(a)f(long)762 4087 y(dir)o(ectory)19 b(listing.)197 4477 y(SUID)h(Attribute:)g(\(For) h(Files\))p Black Black 787 4610 a(This)27 b(describes)e(set-user)o (-id)f(permissions)k(on)e(the)g(\002le.)g(When)g(the)g(set)g(user)f(ID) i(access)762 4701 y(mode)19 b(is)h(set)f(in)h(the)f(owner)h (permissions,)h(and)e(the)g(\002le)h(is)f(executable,)f(pr)o(ocesses)h (which)762 4792 y(r)o(un)g(it)h(ar)o(e)e(granted)h(access)f(to)i (system)g(r)o(esour)o(ces)e(based)h(on)h(user)f(who)h(owns)g(the)g (\002le,)f(as)762 4884 y(opposed)25 b(to)g(the)g(user)g(who)h(cr)o (eated)d(the)i(pr)o(ocess.)f(This)i(is)f(the)g(cause)g(of)g(many)g ("buf)o(fer)762 4975 y(over\003ow")c(exploits.)p Black 3601 5585 a Fj(15)p Black eop %%Page: 16 16 16 15 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 197 89 a Fm(SGID)g(Attribute:)f(\(For)h (Files\))p Black Black 781 222 a(If)d(set)h(in)h(the)f(gr)o(oup)g (permissions,)h(this)f(bit)h(contr)o(ols)f(the)g("set)g(gr)o(oup)g(id") f(status)i(of)f(a)f(\002le.)762 313 y(This)28 b(behaves)e(the)i(same)f (way)h(as)f(SUID,)g(except)f(the)i(gr)o(oup)f(is)h(af)o(fected)d (instead.)i(The)762 405 y(\002le)20 b(must)i(be)e(executable)g(for)g (this)i(to)f(have)f(any)h(ef)o(fect.)197 795 y(SGID)g(Attribute:)f (\(For)h(dir)o(ectories\))p Black Black 779 928 a(If)c(you)i(set)e(the) h(SGID)g(bit)g(on)g(a)f(dir)o(ectory)g(\(with)h Fi(chmod)44 b(g+s)g(directory)p Fm(\),)16 b(\002les)i(cr)o(eated)762 1019 y(in)j(that)g(dir)o(ectory)e(will)j(have)e(their)h(gr)o(oup)g(set) f(to)h(the)g(dir)o(ectory's)g(gr)o(oup.)596 1285 y(Y)-8 b(ou)21 b(-)g(The)g(owner)g(of)f(the)h(\002le)596 1417 y(Gr)o(oup)f(-)h(The)f(gr)o(oup)h(you)g(belong)h(to)596 1550 y(Everyone)e(-)g(Anyone)i(on)f(the)g(system)g(that)g(is)g(not)h (the)f(owner)g(or)g(a)f(member)h(of)f(the)h(gr)o(oup)596 1683 y Fj(File)g(Example:)954 1890 y Fi(-rw-r--r--)88 b(1)45 b(kevin)89 b(users)402 b(114)45 b(Aug)f(28)89 b(1997)44 b(.zlogin)954 1972 y(1st)g(bit)h(-)f(directory?)582 b(\(no\))999 2054 y(2nd)44 b(bit)h(-)f(read)g(by)h(owner?)402 b(\(yes,)44 b(by)h(kevin\))1044 2136 y(3rd)f(bit)g(-)h(write)f(by)h (owner?)357 b(\(yes,)44 b(by)h(kevin\))1089 2219 y(4th)f(bit)g(-)h (execute)f(by)g(owner?)268 b(\(no\))1133 2301 y(5th)45 b(bit)f(-)h(read)f(by)g(group?)403 b(\(yes,)44 b(by)g(users\))1178 2383 y(6th)h(bit)f(-)h(write)f(by)g(group?)358 b(\(no\))1223 2465 y(7th)44 b(bit)h(-)f(execute)g(by)h(group?)268 b(\(no\))1268 2547 y(8th)44 b(bit)h(-)f(read)g(by)h(everyone?)267 b(\(yes,)44 b(by)h(everyone\))1313 2630 y(9th)f(bit)g(-)h(write)f(by)h(everyone?) 222 b(\(no\))1358 2712 y(10th)44 b(bit)g(-)h(execute)e(by)i(everyone?) 88 b(\(no\))596 3101 y Fm(The)30 b(following)j(lines)e(ar)o(e)e (examples)i(of)g(the)g(minimum)h(sets)f(of)g(permissions)h(that)f(ar)o (e)e(r)o(e-)596 3192 y(quir)o(ed)20 b(to)h(perform)g(the)g(access)f (described.)g(Y)-8 b(ou)22 b(may)f(want)g(to)g(give)g(mor)o(e)g (permission)h(than)596 3284 y(what's)c(listed)g(her)o(e,)f(but)h(this)h (should)g(describe)e(what)i(these)f(minimum)h(permissions)h(on)f (\002les)596 3375 y(do:)596 3664 y Fi(-r--------)87 b(Allow)44 b(read)h(access)e(to)i(the)f(file)g(by)h(owner)596 3746 y(--w-------)87 b(Allows)44 b(the)h(owner)f(to)g(modify)g(or)g(delete)g (the)h(file)1133 3828 y(\(Note)f(that)h(anyone)e(with)i(write)f (permission)f(to)h(the)h(directory)1178 3911 y(the)g(file)f(is)g(in)h (can)f(overwrite)f(it)i(and)f(thus)g(delete)g(it\))596 3993 y(---x------)87 b(The)45 b(owner)f(can)g(execute)g(this)g (program,)f(but)i(not)f(shell)g(scripts,)865 4075 y(which)f(still)h (need)h(read)f(permission)596 4157 y(---s------)87 b(Will)45 b(execute)e(with)h(effective)g(User)g(ID)g(=)h(to)g(owner)596 4239 y(--------s-)87 b(Will)45 b(execute)e(with)h(effective)g(Group)g (ID)g(=)h(to)f(group)596 4322 y(-rw------T)87 b(No)45 b(update)f(of)g("last)g(modified)g(time".)88 b(Usually)44 b(used)g(for)h(swap)865 4404 y(files)596 4486 y(---t------)87 b(No)45 b(effect.)88 b(\(formerly)44 b(sticky)g(bit\))596 4742 y Fj(Dir)o(ectory)19 b(Example:)954 4990 y Fi(drwxr-xr-x)88 b(3)45 b(kevin)89 b(users)402 b(512)45 b(Sep)f(19)g(13:47)g (.public_html/)954 5072 y(1st)g(bit)h(-)f(directory?)582 b(\(yes,)44 b(it)g(contains)g(many)g(files\))999 5154 y(2nd)g(bit)h(-)f(read)g(by)h(owner?)402 b(\(yes,)44 b(by)h(kevin\))1044 5236 y(3rd)f(bit)g(-)h(write)f(by)h(owner?)357 b(\(yes,)44 b(by)h(kevin\))1089 5319 y(4th)f(bit)g(-)h(execute)f(by)g (owner?)268 b(\(yes,)44 b(by)h(kevin\))1133 5401 y(5th)g(bit)f(-)h (read)f(by)g(group?)403 b(\(yes,)44 b(by)g(users)1178 5483 y(6th)h(bit)f(-)h(write)f(by)g(group?)358 b(\(no\))p Black 197 5585 a Fj(16)p Black eop %%Page: 17 17 17 16 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 1223 89 a Fi(7th)44 b(bit)h(-)f(execute)g (by)h(group?)268 b(\(yes,)44 b(by)g(users\))1268 171 y(8th)g(bit)h(-)f(read)g(by)h(everyone?)267 b(\(yes,)44 b(by)h(everyone\))1313 253 y(9th)f(bit)g(-)h(write)f(by)h(everyone?)222 b(\(no\))1358 336 y(10th)44 b(bit)g(-)h(execute)e(by)i(everyone?)88 b(\(yes,)44 b(by)h(everyone\))596 725 y Fm(The)30 b(following)j(lines)e (ar)o(e)e(examples)i(of)g(the)g(minimum)h(sets)f(of)g(permissions)h (that)f(ar)o(e)e(r)o(e-)596 816 y(quir)o(ed)20 b(to)h(perform)g(the)g (access)f(described.)g(Y)-8 b(ou)22 b(may)f(want)g(to)g(give)g(mor)o(e) g(permission)h(than)596 908 y(what's)g(listed,)g(but)g(this)h(should)g (describe)e(what)h(these)g(minimum)i(permissions)f(on)g(dir)o(ecto-)596 999 y(ries)d(do:)596 1206 y Fi(dr--------)87 b(The)45 b(contents)e(can)i(be)f(listed,)g(but)g(file)g(attributes)f(can't)h(be) h(read)596 1288 y(d--x------)87 b(The)45 b(directory)e(can)h(be)h (entered,)e(and)i(used)f(in)g(full)h(execution)e(paths)596 1370 y(dr-x------)87 b(File)45 b(attributes)e(can)h(be)h(read)f(by)g (owner)596 1452 y(d-wx------)87 b(Files)44 b(can)h(be)f (created/deleted,)e(even)j(if)f(the)g(directory)865 1534 y(isn't)f(the)i(current)e(one)596 1617 y(d------x-t)87 b(Prevents)44 b(files)g(from)g(deletion)g(by)g(others)g(with)g(write) 865 1699 y(access.)f(Used)h(on)h(/tmp)596 1781 y(d---s--s--)87 b(No)45 b(effect)596 2088 y Fm(System)18 b(con\002guration)i(\002les)g (\(usually)e(in)i Fi(/etc)p Fm(\))d(ar)o(e)h(usually)h(mode)g Fi(640)f Fm(\()p Fi(-rw-r-----)p Fm(\),)e(and)596 2180 y(owned)29 b(by)h(r)o(oot.)g(Depending)f(on)i(your)f(site's)g(security) f(r)o(equir)o(ements,)g(you)h(might)h(adjust)596 2271 y(this.)22 b(Never)g(leave)g(any)g(system)h(\002les)g(writable)f(by)g (a)g(gr)o(oup)g(or)h(everyone.)f(Some)g(con\002gura-)596 2362 y(tion)d(\002les,)g(including)h Fi(/etc/shadow)p Fm(,)d(should)j(only)f(be)g(r)o(eadable)d(by)j(r)o(oot,)g(and)f(dir)o (ectories)g(in)596 2454 y Fi(/etc)i Fm(should)h(at)f(least)h(not)g(be)g (accessible)f(by)h(others.)197 2711 y(SUID)f(Shell)h(Scripts)p Black Black 784 2844 a(SUID)g(shell)i(scripts)f(ar)o(e)f(a)g(serious)i (security)f(risk,)g(and)g(for)g(this)g(r)o(eason)g(the)g(kernel)g(will) 762 2935 y(not)g(honor)i(them.)e(Regar)o(dless)f(of)i(how)g(secur)o(e)e (you)h(think)i(the)e(shell)h(script)f(is,)g(it)g(can)g(be)762 3026 y(exploited)e(to)h(give)g(the)g(cracker)e(a)i(r)o(oot)f(shell.)596 3467 y Fn(Integrity)25 b(Chec)n(king)596 3604 y Fm(Another)d(very)h (good)g(way)f(to)h(detect)f(local)h(\(and)e(also)i(network\))g(attacks) f(on)h(your)g(system)h(is)596 3696 y(to)f(r)o(un)h(an)f(integrity)h (checker)f(like)g Fi(Tripwire)p Fm(,)f Fi(Aide)h Fm(or)g Fi(Osiris)p Fm(.)f(These)h(integr)o(ety)g(checkers)596 3787 y(r)o(un)e(a)f(number)h(of)g(checksums)h(on)f(all)g(your)g (important)g(binaries)g(and)f(con\002g)i(\002les)f(and)g(com-)596 3878 y(par)o(es)27 b(them)i(against)g(a)f(database)f(of)i(former)-6 b(,)28 b(known-good)i(values)f(as)f(a)h(r)o(efer)o(ence.)d(Thus,)596 3970 y(any)20 b(changes)h(in)g(the)g(\002les)g(will)h(be)e(\003agged.) 596 4102 y(It's)k(a)f(good)h(idea)f(to)i(install)f(these)g(sorts)g(of)g (pr)o(ograms)f(onto)i(a)f(\003oppy)-9 b(,)24 b(and)f(then)h(physically) 596 4194 y(set)17 b(the)h(write)g(pr)o(otect)f(on)h(the)g(\003oppy)-9 b(.)18 b(This)h(way)e(intr)o(uders)h(can't)g(tamper)f(with)h(the)g (integr)o(ety)596 4285 y(checker)25 b(itself)h(or)f(change)h(the)g (database.)e(Once)i(you)g(have)f(something)i(like)f(this)h(setup,)e (it's)596 4376 y(a)f(good)i(idea)f(to)h(r)o(un)g(it)f(as)h(part)e(of)i (your)f(normal)h(security)g(administration)g(duties)f(to)h(see)f(if)596 4468 y(anything)c(has)g(changed.)596 4600 y(Y)-8 b(ou)25 b(can)e(even)h(add)f(a)g Fi(crontab)g Fm(entry)h(to)h(r)o(un)f(the)g (checker)g(fr)o(om)f(your)i(\003oppy)g(every)e(night)596 4692 y(and)d(mail)h(you)g(the)g(r)o(esults)f(in)i(the)f(morning.)g (Something)h(like:)685 4857 y Fi(#)45 b(set)f(mailto)685 4939 y(MAILTO=kevin)685 5021 y(#)h(run)f(Tripwire)685 5104 y(15)h(05)f(*)h(*)f(*)h(root)f(/usr/local/adm/tcheck/tripwire)596 5278 y Fm(will)21 b(mail)g(you)g(a)f(r)o(eport)g(each)h(morning)h(at)e (5:15am.)p Black 3601 5585 a Fj(17)p Black eop %%Page: 18 18 18 17 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fm(Integrity)k(checkers)g(can)g (be)f(a)h(godsend)g(to)g(detecting)g(intr)o(uders)h(befor)o(e)d(you)j (would)g(other)o(-)596 180 y(wise)g(notice)h(them.)g(Since)f(a)g(lot)i (of)e(\002les)h(change)f(on)i(the)e(average)f(system,)i(you)g(have)f (to)h(be)596 272 y(car)o(eful)19 b(what)h(is)i(cracker)d(activity)i (and)f(what)h(is)g(your)g(own)h(doing.)596 405 y(Y)-8 b(ou)79 b(can)e(\002nd)h(the)g(fr)o(eely)f(available)f(unsusported)j (version)f(of)g Fi(Tripwire)e Fm(at)596 496 y(http://www)-8 b(.tripwir)o(e.or)o(g,)21 b(fr)o(ee)e(of)h(char)o(ge.)g(Manuals)g(and)g (support)h(can)g(be)f(pur)o(chased.)596 629 y Fi(Aide)g Fm(can)g(be)g(found)h(at)g(http://www)-8 b (.cs.tut.\002/~rammer/aide.html.)596 762 y Fi(Osiris)19 b Fm(can)i(be)f(found)h(at)f(http://www)-8 b(.shmoo.com/osiris/.)596 1070 y Fn(T)h(r)n(ojan)24 b(Hor)o(ses)596 1207 y Fm("T)-7 b(r)o(ojan)19 b(Horses")i(ar)o(e)e(named)h(after)f(the)i(fabled)e(ploy) i(in)g(Homer)6 b('s)21 b("Iliad".)e(The)i(idea)e(is)i(that)f(a)596 1298 y(cracker)d(distributes)i(a)f(pr)o(ogram)g(or)g(binary)h(that)f (sounds)i(gr)o(eat,)d(and)h(encourages)g(other)h(peo-)596 1389 y(ple)f(to)g(download)h(it)f(and)g(r)o(un)h(it)g(as)f(r)o(oot.)g (Then)g(the)h(pr)o(ogram)e(can)h(compr)o(omise)h(their)f(system)596 1481 y(while)33 b(they)f(ar)o(e)f(not)j(paying)e(attention.)h(While)g (they)g(think)g(the)g(binary)f(they)h(just)g(pulled)596 1572 y(down)21 b(does)g(one)g(thing)h(\(and)e(it)h(might)g(very)g (well\),)f(it)h(also)g(compr)o(omises)h(their)e(security)-9 b(.)596 1705 y(Y)h(ou)29 b(should)g(take)f(car)o(e)f(of)h(what)g(pr)o (ograms)g(you)h(install)g(on)g(your)g(machine.)f(RedHat)g(pr)o(o-)596 1796 y(vides)g(MD5)g(checksums)h(and)g(PGP)g(signatur)o(es)f(on)i(its)f (RPM)f(\002les)i(so)f(you)g(can)f(verify)g(you)596 1887 y(ar)o(e)f(installing)i(the)g(r)o(eal)e(thing.)i(Other)g(distributions) h(have)e(similar)h(methods.)g(Y)-8 b(ou)29 b(should)596 1979 y(never)24 b(r)o(un)i(any)g(unfamiliar)f(binary)-9 b(,)24 b(for)i(which)g(you)g(don't)g(have)e(the)i(sour)o(ce,)f(as)g(r)o (oot.)g(Few)596 2070 y(attackers)19 b(ar)o(e)h(willing)i(to)f(r)o (elease)e(sour)o(ce)h(code)h(to)g(public)g(scr)o(utiny)-9 b(.)596 2203 y(Although)18 b(it)h(can)e(be)h(complex,)g(make)f(sur)o(e) h(you)g(ar)o(e)f(getting)h(the)g(sour)o(ce)g(for)g(a)f(pr)o(ogram)g(fr) o(om)596 2294 y(its)23 b(r)o(eal)e(distribution)j(site.)e(If)h(the)f (pr)o(ogram)g(is)h(going)h(to)f(r)o(un)h(as)e(r)o(oot,)g(make)h(sur)o (e)f(either)g(you)596 2385 y(or)e(someone)i(you)f(tr)o(ust)h(has)f (looked)g(over)f(the)h(sour)o(ce)f(and)h(veri\002ed)f(it.)197 2787 y Fk(P)m(ass)n(w)n(or)n(d)29 b(Security)f(and)h(Encr)q(yption)596 2928 y Fm(One)16 b(of)h(the)g(most)g(important)g(security)g(featur)o (es)d(used)j(today)f(ar)o(e)f(passwor)o(ds.)h(It)h(is)f(important)596 3019 y(for)23 b(both)h(you)g(and)f(all)g(your)h(users)g(to)g(have)f (secur)o(e,)f(unguessable)i(passwor)o(ds.)f(Most)g(of)h(the)596 3111 y(mor)o(e)h(r)o(ecent)g(Linux)h(distributions)h(include)g Fi(passwd)d Fm(pr)o(ograms)i(that)g(do)g(not)h(allow)f(you)h(to)596 3202 y(set)d(a)g(easily)g(guessable)g(passwor)o(d.)f(Make)g(sur)o(e)h (your)h Fi(passwd)e Fm(pr)o(ogram)h(is)g(up)g(to)h(date)e(and)596 3293 y(has)d(these)h(featur)o(es.)596 3426 y(In-depth)k(discussion)j (of)e(encryption)h(is)g(beyond)f(the)h(scope)f(of)g(this)h(document,)f (but)h(an)f(in-)596 3518 y(tr)o(oduction)c(is)h(in)g(or)o(der)-6 b(.)21 b(Encryption)i(is)g(very)f(useful,)g(possibly)h(even)f (necessary)g(in)h(this)h(day)596 3609 y(and)g(age.)h(Ther)o(e)f(ar)o(e) g(all)h(sorts)h(of)g(methods)g(of)f(encrypting)h(data,)e(each)g(with)j (its)e(own)i(set)e(of)596 3700 y(characteristics.)596 3833 y(Most)32 b(Unicies)g(\(and)f(Linux)h(is)h(no)f(exception\))g (primarily)g(use)g(a)g(one-way)g(encryption)h(al-)596 3924 y(gorithm,)f(called)g(DES)f(\(Data)g(Encryption)i(Standar)o(d\))c (to)k(encrypt)f(your)g(passwor)o(ds.)f(This)596 4016 y(encrypted)e(passwor)o(d)h(is)h(then)g(stor)o(ed)f(in)h(\(typically\)) f Fi(/etc/passwd)e Fm(\(or)j(less)g(commonly\))596 4107 y Fi(/etc/shadow)p Fm(.)d(When)j(you)g(attempt)f(to)h(login,)g(the)g (passwor)o(d)f(you)h(type)f(in)h(is)g(encrypted)596 4198 y(again)f(and)h(compar)o(ed)e(with)j(the)f(entry)h(in)f(the)g(\002le)g (that)g(stor)o(es)g(your)h(passwor)o(ds.)e(If)h(they)596 4290 y(match,)18 b(it)i(must)f(be)g(the)g(same)g(passwor)o(d,)f(and)g (you)i(ar)o(e)e(allowed)g(access.)h(Although)h(DES)e(is)h(a)596 4381 y(two-way)j(encryption)i(algorithm)f(\(you)g(can)f(code)g(and)h (then)g(decode)e(a)i(message,)f(given)h(the)596 4472 y(right)k(keys\),)g(the)g(variant)f(that)h(most)h(Unixes)f(use)g(is)g (one-way)-9 b(.)26 b(This)i(means)f(that)g(it)g(should)596 4564 y(not)i(be)f(possible)h(to)g(r)o(everse)e(the)h(encryption)h(to)g (get)g(the)f(passwor)o(d)g(fr)o(om)g(the)h(contents)g(of)596 4655 y Fi(/etc/passwd)18 b Fm(\(or)j Fi(/etc/shadow)p Fm(\).)596 4788 y(Br)o(ute)16 b(for)o(ce)g(attacks,)f(such)j(as)e ("Crack")f(or)i("John)g(the)g(Ripper")g(\(see)f(section)p 0 TeXcolorgray 17 w(the)h(Section)g(called)596 4879 y Fj("Crack")28 b(and)i("John)e(the)h(Ripper")p Black Fm(\))g(can)g (often)h(guess)g(passwor)o(ds)f(unless)i(your)f(passwor)o(d)f(is)596 4970 y(suf)o(\002ciently)24 b(random.)f(P)-8 b(AM)24 b(modules)g(\(see)g(below\))g(allow)g(you)h(to)f(use)g(a)g(dif)o(fer)o (ent)d(encryp-)596 5062 y(tion)k(r)o(outine)g(with)h(your)g(passwor)o (ds)e(\(MD5)g(or)h(the)g(like\).)g(Y)-8 b(ou)26 b(can)f(use)g(Crack)f (to)i(your)f(ad-)596 5153 y(vantage,)h(as)h(well.)g(Consider)h (periodically)f(r)o(unning)i(Crack)d(against)i(your)f(own)i(passwor)o (d)596 5244 y(database,)24 b(to)i(\002nd)g(insecur)o(e)g(passwor)o(ds.) f(Then)i(contact)f(the)g(of)o(fending)g(user)-6 b(,)25 b(and)h(instr)o(uct)596 5336 y(him)21 b(to)g(change)g(his)g(passwor)o (d.)p Black 197 5585 a Fj(18)p Black eop %%Page: 19 19 19 18 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fm(Y)-8 b(ou)17 b(can)f(go)h(to)g (http://consult.cern.ch/writeup/security/security_3.html)h(for)e (informa-)596 180 y(tion)21 b(on)h(how)f(to)g(choose)h(a)e(good)h (passwor)o(d.)596 432 y Fn(PGP)k(and)g(Pub)o(lic-K)o(e)o(y)f(Cr)q (yptograph)n(y)596 569 y Fm(Public-key)32 b(cryptography)-9 b(,)31 b(such)i(as)f(that)g(used)g(for)g(PGP)-11 b(,)32 b(uses)h(one)f(key)h(for)f(encryption,)596 661 y(and)27 b(one)h(key)f(for)h(decryption.)f(T)-7 b(raditional)27 b(cryptography)-9 b(,)27 b(however)-6 b(,)27 b(uses)h(the)g(same)f(key) 596 752 y(for)k(encryption)i(and)e(decryption;)h(this)h(key)f(must)g (be)g(known)h(to)f(both)h(parties,)e(and)g(thus)596 843 y(somehow)22 b(transferr)o(ed)c(fr)o(om)j(one)g(to)g(the)g(other)g (secur)o(ely)-9 b(.)596 976 y(T)h(o)24 b(alleviate)f(the)i(need)e(to)i (secur)o(ely)e(transmit)i(the)f(encryption)h(key)-9 b(,)23 b(public-key)h(encryption)596 1067 y(uses)i(two)g(separate)f(keys:)h(a) f(public)h(key)g(and)g(a)f(private)g(key)-9 b(.)26 b(Each)f(person's)i (public)f(key)g(is)596 1159 y(available)21 b(by)i(anyone)h(to)f(do)g (the)g(encryption,)h(while)f(at)g(the)g(same)g(time)g(each)g(person)g (keeps)596 1250 y(his)e(or)g(her)f(private)g(key)h(to)g(decrypt)f (messages)h(encrypted)f(with)i(the)f(corr)o(ect)e(public)i(key)-9 b(.)596 1383 y(Ther)o(e)21 b(ar)o(e)f(advantages)h(to)i(both)f(public)g (key)g(and)g(private)f(key)h(cryptography)-9 b(,)22 b(and)g(you)g(can) 596 1474 y(r)o(ead)17 b(about)j(those)g(dif)o(fer)o(ences)d(in)j(the)f (RSA)g(Cryptography)h(F)-6 b(AQ)2766 1441 y Ff(19)2815 1474 y Fm(,)19 b(listed)h(at)f(the)h(end)f(of)g(this)596 1566 y(section.)596 1698 y(PGP)31 b(\(Pr)o(etty)g(Good)h(Privacy\))e (is)i(well-supported)f(on)g(Linux.)h(V)-9 b(ersions)31 b(2.6.2)f(and)g(5.0)g(ar)o(e)596 1790 y(known)22 b(to)g(work)h(well.)e (For)h(a)f(good)h(primer)g(on)g(PGP)g(and)f(how)i(to)f(use)f(it,)h (take)f(a)g(look)i(at)e(the)596 1881 y(PGP)g(F)-6 b(AQ:)20 b(http://www)-8 b(.pgp.com/service/export/faq/55faq.cgi)596 2014 y(Be)16 b(sur)o(e)h(to)h(use)f(the)g(version)h(that)f(is)h (applicable)e(to)i(your)f(country)-9 b(.)18 b(Due)f(to)h(export)f(r)o (estrictions)596 2105 y(by)32 b(the)g(US)f(Government,)i(str)o (ong-encryption)f(is)h(pr)o(ohibited)f(fr)o(om)f(being)i(transferr)o (ed)c(in)596 2197 y(electr)o(onic)20 b(form)h(outside)g(the)g(country) -9 b(.)596 2329 y(US)23 b(export)h(contr)o(ols)g(ar)o(e)f(now)i (managed)e(by)h(EAR)g(\(Export)g(Administration)g(Regulations\).)596 2421 y(They)c(ar)o(e)g(no)h(longer)g(governed)g(by)g(IT)-6 b(AR.)596 2554 y(Ther)o(e)46 b(is)h(also)g(a)f(step-by-step)h(guide)f (for)h(con\002guring)i(PGP)e(on)h(Linux)f(available)e(at)596 2645 y(http://mer)o(cury)-9 b (.chem.pitt.edu/~angel/LinuxFocus/English/November1997/article7.html)p (.)596 2736 y(It)33 b(was)g(written)g(for)g(the)g(international)h (version)g(of)f(PGP)-11 b(,)33 b(but)h(is)f(easily)g(adaptable)e(to)j (the)596 2828 y(United)25 b(States)g(version.)h(Y)-8 b(ou)28 b(may)d(also)i(need)e(a)h(patch)f(for)h(some)h(of)e(the)i (latest)e(versions)i(of)596 2919 y(Linux;)20 b(the)h(patch)f(is)i (available)d(at)h(ftp://metalab.unc.edu/pub/Linux/apps/crypto.)596 3052 y(Ther)o(e)31 b(is)h(a)g(pr)o(oject)g(maintaining)h(a)e(fr)o(ee)g (r)o(e-implementation)h(of)g(pgp)g(with)h(open)g(sour)o(ce.)596 3143 y(GnuPG)47 b(is)g(a)f(complete)h(and)f(fr)o(ee)f(r)o(eplacement)g (for)h(PGP)-11 b(.)47 b(Because)f(it)g(does)h(not)g(use)596 3234 y(IDEA)39 b(or)h(RSA)f(it)h(can)g(be)f(used)h(without)h(any)f(r)o (estrictions.)f(GnuPG)i(is)f(in)h(compliance)596 3326 y(with)g(OpenPGP)1171 3292 y Ff(23)1221 3326 y Fm(.)g(See)e(the)i(GNU)f (Privacy)g(Guar)o(d)g(web)g(page)g(for)g(mor)o(e)g(information:)596 3417 y(http://www)-8 b(.gnupg.or)o(g/)1523 3384 y Ff(24)1574 3417 y Fm(.)596 3550 y(Mor)o(e)33 b(information)i(on)h(cryptography)e (can)g(be)g(found)h(in)g(the)g(RSA)f(cryptography)g(F)-6 b(AQ,)596 3641 y(available)21 b(at)h(http://www)-8 b (.rsa.com/rsalabs/newfaq/.)24 b(Her)o(e)d(you)j(will)f(\002nd)g (information)596 3733 y(on)k(such)h(terms)f(as)g("Dif)o (\002e-Hellman",)f("public-key)h(cryptography",)f("digital)h (certi\002cates",)596 3824 y(etc.)596 4132 y Fn(SSL,)e(S-HTTP)g(and)g (S/MIME)596 4269 y Fm(Often)j(users)g(ask)f(about)h(the)g(dif)o(fer)o (ences)e(between)i(the)g(various)g(security)g(and)f(encryption)596 4360 y(pr)o(otocols,)19 b(and)f(how)i(to)g(use)f(them.)g(While)g(this)h (isn't)g(an)f(encryption)g(document,)g(it)h(is)f(a)f(good)596 4451 y(idea)h(to)j(explain)e(brie\003y)h(what)g(each)f(pr)o(otocol)h (is,)g(and)f(wher)o(e)g(to)i(\002nd)f(mor)o(e)f(information.)p Black 596 4680 a Fh(\225)p Black 83 w Fj(SSL:)41 b Fm(-)g(SSL,)e(or)i (Secur)o(e)e(Sockets)i(Layer)-6 b(,)39 b(is)i(an)f(encryption)i(method) f(developed)f(by)679 4771 y(Netscape)45 b(to)i(pr)o(ovide)f(security)h (over)f(the)h(Internet.)f(It)h(supports)g(several)f(dif)o(fer)o(ent)679 4862 y(encryption)24 b(pr)o(otocols,)g(and)f(pr)o(ovides)g(client)i (and)e(server)g(authentication.)h(SSL)f(operates)679 4954 y(at)31 b(the)h(transport)g(layer)-6 b(,)31 b(cr)o(eates)g(a)g (secur)o(e)g(encrypted)g(channel)i(of)f(data,)e(and)i(thus)g(can)679 5045 y(seamlessly)25 b(encrypt)f(data)g(of)h(many)g(types.)g(This)g(is) g(most)h(commonly)g(seen)f(when)h(going)679 5136 y(to)d(a)f(secur)o(e)f (site)i(to)g(view)f(a)h(secur)o(e)e(online)j(document)f(with)g (Communicator)-6 b(,)23 b(and)f(serves)679 5228 y(as)38 b(the)g(basis)h(for)f(secur)o(e)f(communications)j(with)g(Communicator) -6 b(,)39 b(as)f(well)g(as)h(many)679 5319 y(other)52 b(Netscape)f(Communications)j(data)c(encryption.)j(Mor)o(e)e (information)i(can)e(be)679 5410 y(found)72 b(at)g(http://www)-8 b(.consensus.com/security/ssl-talk-faq.html.)75 b(Information)p Black 3601 5585 a Fj(19)p Black eop %%Page: 20 20 20 19 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 679 89 a Fm(on)44 b(Netscape's)e(other)i (security)g(implementations,)g(and)f(a)g(good)h(starting)g(point)g(for) 679 180 y(these)21 b(pr)o(otocols)h(is)h(available)d(at)h (http://home.netscape.com/info/security-doc.html.)679 272 y(It's)80 b(also)g(worth)h(noting)g(that)f(the)g(SSL)f(pr)o(otocol) h(can)f(be)h(used)g(to)g(pass)679 363 y(many)97 b(other)g(common)h(pr)o (otocols,)f("wrapping")f(them)i(for)e(security)-9 b(.)97 b(See)679 454 y(http://www)-8 b(.quiltaholic.com/rickk/sslwrap/)p Black 596 587 a Fh(\225)p Black 71 w Fj(S-HTTP:)26 b Fm(-)i(S-HTTP)f(is)h(another)g(pr)o(otocol)g(that)g(pr)o(ovides)g (security)g(services)f(acr)o(oss)h(the)679 679 y(Internet.)d(It)h(was)g (designed)g(to)h(pr)o(ovide)e(con\002dentiality)-9 b(,)26 b(authentication,)g(integrity)-9 b(,)26 b(and)679 770 y(non-r)o(epudiability)e([cannot)g(be)g(mistaken)h(for)g(someone)g (else])f(while)h(supporting)h(multi-)679 861 y(ple)c(key-management)g (mechanisms)i(and)e(cryptographic)g(algorithms)i(via)e(option)i(nego-) 679 953 y(tiation)h(between)f(the)h(parties)f(involved)h(in)g(each)f (transaction.)h(S-HTTP)f(is)h(limited)g(to)g(the)679 1044 y(speci\002c)d(softwar)o(e)f(that)h(is)g(implementing)i(it,)e(and) f(encrypts)i(each)e(message)h(individually)-9 b(.)679 1135 y([)20 b(Fr)o(om)h(RSA)f(Cryptography)h(F)-6 b(AQ,)20 b(page)g(138])p Black 596 1268 a Fh(\225)p Black 73 w Fj(S/MIME:)30 b Fm(-)h(S/MIME,)e(or)h(Secur)o(e)f(Multipurpose)i (Internet)g(Mail)f(Extension,)h(is)g(an)f(en-)679 1359 y(cryption)k(standar)o(d)e(used)i(to)g(encrypt)f(electr)o(onic)h(mail)g (and)f(other)h(types)g(of)g(messages)679 1451 y(on)29 b(the)g(Internet.)g(It)f(is)i(an)e(open)h(standar)o(d)f(developed)f(by) i(RSA,)f(so)i(it)f(is)g(likely)g(we)g(will)679 1542 y(see)35 b(it)h(on)h(Linux)f(one)h(day)e(soon.)i(Mor)o(e)e(information)i(on)f (S/MIME)f(can)h(be)f(found)h(at)679 1633 y (http://home.netscape.com/assist/security/smime/overview)-8 b(.html.)596 2074 y Fn(Lin)o(ux)25 b(IPSEC)g(Implementations)596 2211 y Fm(Along)76 b(with)h(CIPE,)e(and)h(other)g(forms)h(of)f(data)e (encryption,)j(ther)o(e)e(ar)o(e)g(also)596 2302 y(several)62 b(other)h(implementations)i(of)e(IPSEC)g(for)g(Linux.)g(IPSEC)f(is)i (an)f(ef)o(fort)f(by)596 2394 y(the)90 b(IETF)g(to)h(cr)o(eate)d (cryptographically-secur)o(e)h(communications)j(at)e(the)h(IP)596 2485 y(network)62 b(level,)g(and)g(to)h(pr)o(ovide)e(authentication,)i (integrity)-9 b(,)62 b(access)g(contr)o(ol,)g(and)596 2576 y(con\002dentiality)-9 b(.)66 b(Information)h(on)g(IPSEC)e(and)h (Internet)g(draft)f(can)h(be)g(found)g(at)596 2668 y(http://www)-8 b(.ietf.or)o(g/html.charters/ipsec-charter)i(.html.)41 b(Y)-8 b(ou)42 b(can)f(also)g(\002nd)g(links)i(to)596 2759 y(other)21 b(pr)o(otocols)g(involving)h(key)f(management,)f(and)h (an)f(IPSEC)g(mailing)i(list)f(and)f(ar)o(chives.)596 2892 y(The)109 b(x-kernel)h(Linux)g(implementation,)g(which)h(is)f (being)g(developed)f(at)596 2983 y(the)121 b(University)h(of)g (Arizona,)e(uses)i(an)f(object-based)g(framework)g(for)596 3075 y(implementing)83 b(network)g(pr)o(otocols)f(called)f(x-kernel,)g (and)h(can)g(be)f(found)h(at)596 3166 y(http://www)-8 b(.cs.arizona.edu/xkernel/hpcc-blue/linux.html.)104 b(Most)g(simply)-9 b(,)104 b(the)596 3257 y(x-kernel)30 b(is)h(a)g(method)g(of)g(passing)h (messages)f(at)f(the)h(kernel)g(level,)g(which)g(makes)g(for)g(an)596 3349 y(easier)19 b(implementation.)596 3481 y(Another)37 b(fr)o(eely-available)d(IPSEC)i(implementation)i(is)g(the)f(Linux)g(Fr) o(eeS/W)-8 b(AN)36 b(IPSEC.)596 3573 y(Their)28 b(web)g(page)g(states,) g(\223"These)g(services)g(allow)g(you)h(to)g(build)g(secur)o(e)e (tunnels)i(thr)o(ough)596 3664 y(untr)o(usted)d(networks.)h(Everything) g(passing)f(thr)o(ough)h(the)g(untr)o(usted)f(net)h(is)f(encrypted)g (by)596 3755 y(the)31 b(IPSEC)g(gateway)g(machine)h(and)f(decrypted)f (by)i(the)f(gateway)g(at)g(the)h(other)g(end.)f(The)596 3847 y(r)o(esult)k(is)h(V)-5 b(irtual)36 b(Private)f(Network)h(or)g (VPN.)f(This)h(is)g(a)g(network)g(which)g(is)h(ef)o(fectively)596 3938 y(private)23 b(even)h(though)i(it)f(includes)f(machines)h(at)f (several)g(dif)o(fer)o(ent)e(sites)j(connected)f(by)h(the)596 4029 y(insecur)o(e)20 b(Internet."\224)596 4162 y(It's)36 b(available)e(for)i(download)g(fr)o(om)g(http://www)-8 b(.xs4all.nl/~fr)o(eeswan/,)37 b(and)e(has)h(just)596 4253 y(r)o(eached)19 b(1.0)g(at)h(the)h(time)g(of)g(this)h(writing.)596 4386 y(As)g(with)i(other)f(forms)g(of)f(cryptography)-9 b(,)22 b(it)h(is)g(not)h(distributed)e(with)i(the)f(kernel)f(by)h (default)596 4478 y(due)d(to)h(export)f(r)o(estrictions.)596 4786 y Fb(ssh)26 b Fn(\(Secure)e(Shell\))i(and)f Fb(stelnet)596 4923 y Fi(ssh)h Fm(and)g Fi(stelnet)g Fm(ar)o(e)f(suites)j(of)e(pr)o (ograms)h(that)g(allow)g(you)g(to)g(login)h(to)g(r)o(emote)e(systems) 596 5014 y(and)20 b(have)g(a)g(encrypted)g(connection.)596 5147 y Fi(openssh)c Fm(is)i(a)f(suite)h(of)g(pr)o(ograms)f(used)g(as)g (a)h(secur)o(e)e(r)o(eplacement)h(for)g Fi(rlogin)p Fm(,)f Fi(rsh)h Fm(and)h Fi(rcp)p Fm(.)596 5238 y(It)27 b(uses)h(public-key)f (cryptography)h(to)g(encrypt)g(communications)h(between)e(two)i(hosts,) f(as)596 5329 y(well)19 b(as)g(to)h(authenticate)e(users.)h(It)h(can)f (be)g(used)g(to)g(secur)o(ely)g(login)h(to)g(a)e(r)o(emote)h(host)h(or) g(copy)596 5421 y(data)i(between)i(hosts,)h(while)g(pr)o(eventing)f (man-in-the-middle)g(attacks)f(\(session)i(hijacking\))p Black 197 5585 a Fj(20)p Black eop %%Page: 21 21 21 20 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fm(and)16 b(DNS)i(spoo\002ng.)g (It)g(will)g(perform)f(data)f(compr)o(ession)i(on)g(your)f (connections,)i(and)e(secur)o(e)596 180 y(X11)j(communications)i (between)f(hosts.)596 313 y(Ther)o(e)88 b(ar)o(e)f(several)i(ssh)h (implementiations)g(now)-8 b(.)90 b(The)g(original)f(commer)o(cial)596 405 y(implementation)26 b(by)g(Data)f(Fellows)h(can)f(be)g(found)h(at)f (The)g Fi(ssh)g Fm(home)i(page)e(can)g(be)g(found)596 496 y(at)20 b(http://www)-8 b(.datafellows.com.)596 629 y(The)19 b(excellent)h(Openssh)h(implementation)g(is)g(based)e(on)h(a)g (early)f(version)i(of)e(the)i(datafellows)596 720 y(ssh)g(and)f(has)h (been)f(totally)h(r)o(eworked)f(to)g(not)i(include)e(any)h(patented)f (or)g(pr)o(oprietary)g(pieces.)596 811 y(It)g(is)h(fr)o(ee)f(and)g (under)g(a)h(BSD)f(license.)h(It)g(can)f(be)g(found)h(at:)f(http://www) -8 b(.openssh.com.)596 944 y(Ther)o(e)26 b(is)i(also)g(a)g(open)g(sour) o(ce)f(pr)o(oject)g(to)h(r)o(e-implement)g(ssh)g(fr)o(om)g(the)f(gr)o (ound)h(up)g(called)596 1036 y("psst...".)19 b(For)i(mor)o(e)g (information)g(see:)g(http://www)-8 b(.net.lut.ac.uk/psst/)596 1168 y(Y)g(ou)34 b(can)e(also)h(use)g Fi(ssh)g Fm(fr)o(om)f(your)i(W)-5 b(indows)34 b(workstation)g(to)f(your)h(Linux)f Fi(ssh)f Fm(server)-6 b(.)596 1260 y(Ther)o(e)32 b(ar)o(e)h(several)g(fr)o(eely) g(available)f(W)-5 b(indows)36 b(client)e(implementations,)h(including) g(the)596 1351 y(one)26 b(at)f(http://guar)o (dian.htu.tuwien.ac.at/therapy/ssh/)g(as)h(well)g(as)f(a)h(commer)o (cial)f(im-)596 1442 y(plementation)c(fr)o(om)f(DataFellows,)h(at)f (http://www)-8 b(.datafellows.com.)596 1575 y(SSLeay)20 b(is)j(a)f(fr)o(ee)f(implementation)i(of)g(Netscape's)e(Secur)o(e)g (Sockets)h(Layer)g(pr)o(otocol,)g(devel-)596 1667 y(oped)e(by)h(Eric)g (Y)-8 b(oung.)23 b(It)e(includes)g(several)f(applications,)h(such)h(as) f(Secur)o(e)e(telnet,)i(a)g(module)596 1758 y(for)30 b(Apache,)f(several)g(databases,)f(as)i(well)h(as)f(several)f (algorithms)j(including)f(DES,)e(IDEA)596 1849 y(and)20 b(Blow\002sh.)596 1982 y(Using)i(this)h(library)-9 b(,)21 b(a)g(secur)o(e)g(telnet)i(r)o(eplacement)d(has)i(been)g(cr)o(eated)e (that)i(does)g(encryption)596 2073 y(over)e(a)h(telnet)g(connection.)i (Unlike)e(SSH,)f(stelnet)i(uses)f(SSL,)f(the)h(Secur)o(e)f(Sockets)h (Layer)f(pr)o(o-)596 2165 y(tocol)j(developed)g(by)g(Netscape.)f(Y)-8 b(ou)24 b(can)f(\002nd)g(Secur)o(e)f(telnet)h(and)g(Secur)o(e)e(FTP)i (by)h(starting)596 2256 y(with)d(the)g(SSLeay)e(F)-6 b(AQ,)20 b(available)g(at)g(http://www)-8 b(.psy)f (.uq.oz.au/~ftp/Crypto/.)596 2389 y(SRP)20 b(is)i(another)e(secur)o(e)g (telnet/ftp)h(implementation.)h(Fr)o(om)e(their)h(web)g(page:)596 2522 y(\223"The)32 b(SRP)i(pr)o(oject)f(is)g(developing)h(secur)o(e)e (Internet)h(softwar)o(e)g(for)g(fr)o(ee)f(worldwide)h(use.)596 2613 y(Starting)24 b(with)i(a)f(fully-secur)o(e)f(T)-8 b(elnet)25 b(and)g(FTP)g(distribution,)h(we)f(hope)h(to)f(supplant)g (weak)596 2704 y(networked)35 b(authentication)h(systems)h(with)f(str)o (ong)g(r)o(eplacements)f(that)h(do)f(not)i(sacri\002ce)596 2796 y(user)o(-friendliness)19 b(for)i(security)-9 b(.)20 b(Security)h(should)g(be)g(the)f(default,)g(not)h(an)g(option!")h(\224) 596 2928 y(For)f(mor)o(e)f(information,)h(go)h(to)f (http://www-cs-students.stanfor)o(d.edu/~tjw/srp/)596 3236 y Fn(P)-9 b(AM)25 b(-)g(Plug)o(gab)o(le)g(A)m(uthentication)h (Modules)596 3373 y Fm(Newer)16 b(versions)h(of)g(the)g(Red)f(Hat)h (Linux)f(and)h(Debian)f(Linux)h(distributions)h(ship)f(with)h(a)e(uni-) 596 3465 y(\002ed)22 b(authentication)h(scheme)h(called)e("P)-8 b(AM".)21 b(P)-8 b(AM)23 b(allows)g(you)h(to)f(change)g(your)g (authenti-)596 3556 y(cation)e(methods)h(and)f(r)o(equir)o(ements)g(on) h(the)g(\003y)-9 b(,)21 b(and)g(encapsulate)g(all)g(local)g (authentication)596 3647 y(methods)g(without)h(r)o(ecompiling)e(any)h (of)g(your)f(binaries.)g(Con\002guration)i(of)f(P)-8 b(AM)20 b(is)h(beyond)596 3739 y(the)i(scope)h(of)g(this)g(document,)g (but)g(be)f(sur)o(e)g(to)h(take)f(a)g(look)i(at)e(the)h(P)-8 b(AM)23 b(web)h(site)g(for)f(mor)o(e)596 3830 y(information.)e (http://www)-8 b(.kernel.or)o(g/pub/linux/libs/pam/index.html.)596 3963 y(Just)20 b(a)h(few)f(of)h(the)g(things)h(you)f(can)f(do)h(with)h (P)-8 b(AM:)p Black 596 4220 a Fh(\225)p Black 59 w Fm(Use)16 b(encryption)h(other)g(than)g(DES)f(for)h(your)f(passwor)o(ds.)g (\(Making)g(them)h(har)o(der)e(to)i(br)o(ute-)679 4312 y(for)o(ce)i(decode\))p Black 596 4444 a Fh(\225)p Black 61 w Fm(Set)f(r)o(esour)o(ce)f(limits)i(on)g(all)f(your)h(users)f(so)h (they)g(can't)f(perform)g(denial-of-service)f(attacks)679 4536 y(\(number)j(of)h(pr)o(ocesses,)f(amount)h(of)g(memory)-9 b(,)21 b(etc\))p Black 596 4669 a Fh(\225)p Black 63 w Fm(Enable)f(shadow)i(passwor)o(ds)e(\(see)g(below\))h(on)g(the)g (\003y)p Black 596 4801 a Fh(\225)p Black 63 w Fm(allow)g(speci\002c)g (users)g(to)g(login)h(only)g(at)e(speci\002c)h(times)g(fr)o(om)f (speci\002c)h(places)596 5067 y(W)-5 b(ithin)39 b(a)f(few)g(hours)h(of) f(installing)i(and)e(con\002guring)i(your)e(system,)h(you)g(can)f(pr)o (event)596 5158 y(many)52 b(attacks)f(befor)o(e)g(they)i(even)f(occur) -6 b(.)51 b(For)i(example,)e(use)h(P)-8 b(AM)52 b(to)g(disable)g(the) 596 5250 y(system-wide)22 b(usage)g(of)g Fi(.rhosts)f Fm(\002les)i(in)g(user)6 b('s)22 b(home)h(dir)o(ectories)f(by)g(adding) g(these)g(lines)596 5341 y(to)f Fi(/etc/pam.d/rlogin)p Fm(:)p Black 3601 5585 a Fj(21)p Black eop %%Page: 22 22 22 21 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 685 89 a Fi(#)685 171 y(#)45 b(Disable)e(rsh/rlogin/rexec)g(for)h(users)685 253 y(#)685 336 y(login)g(auth)g(required)g(pam_rhosts_auth.so)e(no_rhosts)596 818 y Fn(Cr)q(yptographic)23 b(IP)j(Encapsulation)e(\(CIPE\))596 955 y Fm(The)k(primary)f(goal)h(of)g(this)h(softwar)o(e)e(is)i(to)f(pr) o(ovide)f(a)h(facility)g(for)g(secur)o(e)f(\(against)g(eaves-)596 1046 y(dr)o(opping,)21 b(including)j(traf)o(\002c)d(analysis,)h(and)g (faked)f(message)h(injection\))i(subnetwork)f(inter)o(-)596 1138 y(connection)f(acr)o(oss)e(an)g(insecur)o(e)h(packet)f(network)h (such)g(as)g(the)g(Internet.)596 1270 y(CIPE)i(encrypts)g(the)g(data)g (at)g(the)g(network)h(level.)f(Packets)g(traveling)g(between)g(hosts)i (on)f(the)596 1362 y(network)d(ar)o(e)e(encrypted.)h(The)g(encryption)i (engine)f(is)g(placed)f(near)g(the)g(driver)g(which)i(sends)596 1453 y(and)e(r)o(eceives)f(packets.)596 1586 y(This)33 b(is)f(unlike)h(SSH,)f(which)h(encrypts)g(the)f(data)g(by)g (connection,)i(at)e(the)h(socket)f(level.)g(A)596 1677 y(logical)21 b(connection)h(between)e(pr)o(ograms)h(r)o(unning)h(on)f (dif)o(fer)o(ent)e(hosts)j(is)f(encrypted.)596 1810 y(CIPE)26 b(can)h(be)f(used)h(in)g(tunnelling,)h(in)f(or)o(der)f(to)h(cr)o(eate)f (a)g(V)-5 b(irtual)27 b(Private)f(Network.)h(Low-)596 1901 y(level)15 b(encryption)i(has)f(the)h(advantage)d(that)i(it)h(can) e(be)h(made)g(to)g(work)h(transpar)o(ently)e(between)596 1993 y(the)j(two)g(networks)h(connected)f(in)h(the)f(VPN,)g(without)h (any)f(change)g(to)g(application)g(softwar)o(e.)596 2126 y(Summarized)h(fr)o(om)h(the)h(CIPE)g(documentation:)596 2258 y(\223The)33 b(IPSEC)g(standar)o(ds)f(de\002ne)i(a)f(set)h(of)f (pr)o(otocols)i(which)f(can)g(be)f(used)h(\(among)g(other)596 2350 y(things\))21 b(to)g(build)f(encrypted)g(VPNs.)g(However)-6 b(,)20 b(IPSEC)g(is)h(a)e(rather)h(heavyweight)h(and)f(com-)596 2441 y(plicated)27 b(pr)o(otocol)i(set)f(with)h(a)f(lot)h(of)f (options,)h(implementations)h(of)e(the)h(full)f(pr)o(otocol)h(set)596 2532 y(ar)o(e)21 b(still)j(rar)o(ely)d(used)i(and)f(some)i(issues)f (\(such)g(as)g(key)g(management\))f(ar)o(e)g(still)i(not)f(fully)g(r)o (e-)596 2624 y(solved.)15 b(CIPE)h(uses)h(a)e(simpler)i(appr)o(oach,)d (in)j(which)g(many)f(things)i(which)f(can)f(be)f(parameter)o(-)596 2715 y(ized)23 b(\(such)i(as)f(the)g(choice)h(of)g(the)f(actual)g (encryption)h(algorithm)g(used\))f(ar)o(e)f(an)h(install-time)596 2806 y(\002xed)29 b(choice.)h(This)g(limits)h(\003exibility)-9 b(,)30 b(but)g(allows)h(for)e(a)g(simple)i(\(and)e(ther)o(efor)o(e)f (ef)o(\002cient,)596 2898 y(easy)20 b(to)h(debug...\))e (implementation.\224)596 3031 y(Further)g(information)i(can)f(be)g (found)g(at)f(http://www)-8 b(.inka.de/~bigr)o(ed/devel/cipe.html)596 3163 y(As)22 b(with)i(other)f(forms)g(of)f(cryptography)-9 b(,)22 b(it)h(is)g(not)h(distributed)e(with)i(the)f(kernel)f(by)h (default)596 3255 y(due)d(to)h(export)f(r)o(estrictions.)596 3563 y Fn(K)o(erber)n(os)596 3700 y Fm(Kerber)o(os)g(is)h(an)f (authentication)i(system)f(developed)f(by)h(the)f(Athena)h(Pr)o(oject)f (at)h(MIT)-6 b(.)20 b(When)596 3791 y(a)g(user)g(logs)h(in,)g(Kerber)o (os)f(authenticates)g(that)h(user)f(\(using)h(a)f(passwor)o(d\),)g(and) g(pr)o(ovides)g(the)596 3882 y(user)f(with)i(a)e(way)h(to)g(pr)o(ove)f (her)h(identity)g(to)h(other)f(servers)f(and)h(hosts)h(scatter)o(ed)d (ar)o(ound)h(the)596 3974 y(network.)596 4107 y(This)30 b(authentication)g(is)g(then)g(used)g(by)f(pr)o(ograms)h(such)g(as)f Fi(rlogin)g Fm(to)h(allow)g(the)g(user)g(to)596 4198 y(login)c(to)g(other)f(hosts)i(without)f(a)f(passwor)o(d)g(\(in)g (place)g(of)g(the)g Fi(.rhosts)g Fm(\002le\).)f(This)i(authen-)596 4289 y(tication)f(method)h(can)e(also)i(used)e(by)h(the)h(mail)f (system)h(in)f(or)o(der)f(to)h(guarantee)f(that)h(mail)h(is)596 4380 y(deliver)o(ed)j(to)i(the)g(corr)o(ect)f(person,)i(as)e(well)i(as) e(to)i(guarantee)e(that)h(the)g(sender)g(is)g(who)h(he)596 4472 y(claims)20 b(to)i(be.)596 4605 y(Kerber)o(os)27 b(and)h(the)g(other)g(pr)o(ograms)g(that)g(come)h(with)g(it,)f(pr)o (event)f(users)h(fr)o(om)g("spoo\002ng")596 4696 y(the)e(system)h(into) g(believing)g(they)g(ar)o(e)e(someone)i(else.)f(Unfortunately)-9 b(,)26 b(installing)i(Kerber)o(os)596 4787 y(is)h(very)f(intr)o(usive,) h(r)o(equiring)g(the)g(modi\002cation)h(or)e(r)o(eplacement)g(of)h (numer)o(ous)g(standar)o(d)596 4879 y(pr)o(ograms.)596 5011 y(Y)-8 b(ou)21 b(can)f(\002nd)g(mor)o(e)g(information)h(about)f (kerber)o(os)g(by)g(looking)i(at)e(the)g(kerber)o(os)g(F)-6 b(AQ)3453 4978 y Ff(42)3502 5011 y Fm(,)20 b(and)596 5103 y(the)g(code)h(can)f(be)h(found)g(at)f (http://nii.isi.edu/info/kerber)o(os/.)596 5236 y([Fr)o(om:)f(Stein,)h (Jennifer)f(G.,)h(Clif)o(for)o(d)e(Neuman,)i(and)g(Jef)o(fr)o(ey)d(L.)i (Schiller)-6 b(.)20 b("Kerber)o(os:)f(An)h(Au-)596 5327 y(thentication)26 b(Service)d(for)i(Open)h(Network)f(Systems.")g (USENIX)f(Confer)o(ence)g(Pr)o(oceedings,)596 5418 y(Dallas,)c(T)-8 b(exas,)20 b(W)-5 b(inter)21 b(1998.])p Black 197 5585 a Fj(22)p Black eop %%Page: 23 23 23 22 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fm(Kerber)o(os)h(should)i(not)g (be)e(your)i(\002rst)f(step)g(in)h(impr)o(oving)f(security)h(of)f(your) g(host.)h(It)f(is)g(quite)596 180 y(involved,)d(and)h(not)g(as)g (widely)g(used)f(as,)g(say)-9 b(,)20 b(SSH.)596 488 y Fn(Shado)o(w)k(P)m(ass)o(w)n(or)n(ds.)596 625 y Fm(Shadow)29 b(passwor)o(ds)g(ar)o(e)f(a)h(means)g(of)h(keeping)f(your)h(encrypted)f (passwor)o(d)g(information)596 717 y(secr)o(et)g(fr)o(om)h(normal)h (users.)g(Recent)g(versions)g(of)f(both)i(Red)e(Hat)g(and)h(Debian)f (Linux)h(use)596 808 y(shadow)18 b(passwor)o(ds)g(by)g(default,)f(but)i (on)g(other)f(systems,)h(encrypted)f(passwor)o(ds)g(ar)o(e)f(stor)o(ed) 596 899 y(in)i Fi(/etc/passwd)d Fm(\002le)j(for)f(all)h(to)g(r)o(ead.)d (Anyone)j(can)g(then)g(r)o(un)g(passwor)o(d-guesser)e(pr)o(ograms)596 991 y(on)28 b(them)g(and)f(attempt)g(to)h(determine)g(what)f(they)h(ar) o(e.)e(Shadow)h(passwor)o(ds,)g(by)h(contrast,)596 1082 y(ar)o(e)j(saved)h(in)i Fi(/etc/shadow)p Fm(,)c(which)k(only)g (privileged)f(users)g(can)f(r)o(ead.)f(In)j(or)o(der)e(to)h(use)596 1173 y(shadow)20 b(passwor)o(ds,)g(you)h(need)f(to)g(make)g(sur)o(e)g (all)g(your)h(utilities)g(that)f(need)g(access)g(to)g(pass-)596 1265 y(wor)o(d)32 b(information)j(ar)o(e)d(r)o(ecompiled)g(to)i (support)f(them.)h(P)-8 b(AM)33 b(\(above\))f(also)h(allows)h(you)596 1356 y(to)c(just)i(plug)f(in)g(a)f(shadow)h(module;)f(it)h(doesn't)g(r) o(equir)o(e)e(r)o(e-compilation)i(of)f(executables.)596 1447 y(Y)-8 b(ou)33 b(can)g(r)o(efer)e(to)i(the)g(Shadow-Passwor)o(d)f (HOWT)o(O)h(for)g(further)f(information)i(if)e(neces-)596 1539 y(sary)-9 b(.)31 b(It)i(is)g(available)f(at)g (http://metalab.unc.edu/LDP/HOWT)o(O/Shadow-Passwor)o(d-)596 1630 y(HOWT)o(O.html)23 b(It)g(is)h(rather)e(dated)g(now)-8 b(,)24 b(and)e(will)i(not)g(be)f(r)o(equir)o(ed)e(for)i(distributions)h (sup-)596 1721 y(porting)d(P)-8 b(AM.)596 2029 y Fn("Crac)n(k")24 b(and)h("John)g(the)g(Ripper")596 2166 y Fm(If)g(for)g(some)h(r)o (eason)f(your)h Fi(passwd)e Fm(pr)o(ogram)h(is)h(not)g(enfor)o(cing)f (har)o(d-to-guess)g(passwor)o(ds,)596 2258 y(you)33 b(might)g(want)g (to)g(r)o(un)g(a)f(passwor)o(d-cracking)f(pr)o(ogram)h(and)g(make)g (sur)o(e)g(your)h(users')596 2349 y(passwor)o(ds)20 b(ar)o(e)f(secur)o (e.)596 2482 y(Passwor)o(d)j(cracking)g(pr)o(ograms)g(work)g(on)h(a)f (simple)h(idea:)e(they)i(try)f(every)g(wor)o(d)g(in)h(the)g(dic-)596 2573 y(tionary)-9 b(,)31 b(and)g(then)i(variations)e(on)i(those)f(wor)o (ds,)f(encrypting)i(each)e(one)h(and)f(checking)i(it)596 2664 y(against)c(your)g(encrypted)g(passwor)o(d.)f(If)h(they)h(get)f(a) g(match)g(they)h(know)g(what)g(your)f(pass-)596 2756 y(wor)o(d)20 b(is.)596 2889 y(Ther)o(e)15 b(ar)o(e)h(a)g(number)h(of)g (pr)o(ograms)f(out)h(ther)o(e...the)e(two)j(most)g(notable)e(of)h (which)h(ar)o(e)d("Crack")596 2980 y(and)h("John)i(the)f(Ripper")g (\(http://www)-8 b(.openwall.com/john/\))21 b(.)c(They)g(will)h(take)e (up)i(a)e(lot)i(of)596 3071 y(your)f(CPU)f(time,)h(but)f(you)i(should)f (be)g(able)f(to)h(tell)g(if)f(an)h(attacker)e(could)i(get)g(in)g(using) h(them)f(by)596 3163 y(r)o(unning)25 b(them)g(\002rst)f(yourself)h(and) e(notifying)j(users)e(with)h(weak)f(passwor)o(ds.)g(Note)g(that)g(an) 596 3254 y(attacker)d(would)i(have)f(to)h(use)g(some)g(other)g(hole)g (\002rst)g(in)g(or)o(der)f(to)h(r)o(ead)e(your)i Fi(/etc/passwd)596 3345 y Fm(\002le,)d(but)h(such)g(holes)h(ar)o(e)d(mor)o(e)h(common)j (than)e(you)g(might)h(think.)596 3478 y(Because)i(security)h(is)h(only) h(as)e(str)o(ong)g(as)h(the)f(most)h(insecur)o(e)f(host,)h(it)g(is)g (worth)g(mentioning)596 3569 y(that)44 b(if)h(you)h(have)e(any)h(W)-5 b(indows)46 b(machines)g(on)f(your)g(network,)h(you)f(should)h(check) 596 3661 y(out)63 b(L0phtCrack,)f(a)h(Crack)f(implementation)i(for)g(W) -5 b(indows.)64 b(It's)g(available)d(fr)o(om)596 3752 y(http://www)-8 b(.l0pht.com)596 4060 y Fn(CFS)25 b(-)g(Cr)q (yptographic)f(File)h(System)h(and)e(TCFS)h(-)h(T)-7 b(ransparent)596 4160 y(Cr)q(yptographic)23 b(File)j(System)596 4297 y Fm(CFS)33 b(is)g(a)g(way)h(of)f(encrypting)h(entir)o(e)f(dir)o (ectory)g(tr)o(ees)f(and)h(allowing)i(users)e(to)h(stor)o(e)f(en-)596 4389 y(crypted)c(\002les)i(on)f(them.)h(It)f(uses)h(an)f(NFS)f(server)h (r)o(unning)i(on)e(the)h(local)f(machine.)g(RPMS)596 4480 y(ar)o(e)23 b(available)g(at)i(http://www)-8 b(.zedz.net/r)o (edhat/,)23 b(and)i(mor)o(e)f(information)i(on)f(how)h(it)f(all)596 4571 y(works)c(is)g(at)f(ftp://ftp.r)o(esear)o(ch.att.com/dist/mab/.) 596 4704 y(TCFS)34 b(impr)o(oves)h(on)g(CFS)f(by)h(adding)g(mor)o(e)f (integration)i(with)f(the)g(\002le)g(system,)h(so)f(that)596 4796 y(it's)26 b(transpar)o(ent)g(to)g(users)h(that)f(the)h(\002le)f (system)h(that)g(is)f(encrypted.)g(Mor)o(e)f(information)j(at:)596 4887 y(http://www)-8 b(.tcfs.it/.)596 5020 y(It)20 b(also)h(need)g(not) g(be)g(used)f(on)h(entir)o(e)g(\002le)f(systems.)i(It)f(works)g(on)h (dir)o(ectory)d(tr)o(ees)h(as)h(well.)p Black 3601 5585 a Fj(23)p Black eop %%Page: 24 24 24 23 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fn(X11,)k(SV)-5 b(GA)25 b(and)g(displa)n(y)g(security)596 326 y Fd(X11)596 459 y Fm(It's)16 b(important)g(for)g(you)g(to)g(secur)o(e)f(your)h (graphical)g(display)f(to)i(pr)o(event)e(attackers)f(fr)o(om)i(grab-) 596 550 y(bing)26 b(your)g(passwor)o(ds)f(as)g(you)h(type)g(them,)f(r)o (eading)g(documents)h(or)g(information)g(you)g(ar)o(e)596 641 y(r)o(eading)d(on)i(your)g(scr)o(een,)f(or)h(even)f(using)i(a)e (hole)h(to)g(gain)g(r)o(oot)g(access.)f(Running)i(r)o(emote)f(X)596 733 y(applications)18 b(over)h(a)f(network)i(also)f(can)f(be)h(fraught) f(with)i(peril,)e(allowing)i(snif)o(fers)e(to)i(see)e(all)596 824 y(your)j(interaction)g(with)g(the)g(r)o(emote)f(system.)596 957 y(X)27 b(has)h(a)f(number)g(of)h(access-contr)o(ol)f(mechanisms.)h (The)f(simplest)h(of)g(them)g(is)g(host-based:)596 1048 y(you)20 b(use)f Fi(xhost)g Fm(to)h(specify)f(the)h(hosts)h(that)e(ar)o (e)g(allowed)g(access)g(to)h(your)g(display)-9 b(.)19 b(This)h(is)g(not)596 1139 y(very)h(secur)o(e)g(at)h(all,)g(because)f (if)h(someone)i(has)e(access)f(to)i(your)g(machine,)f(they)g(can)g Fi(xhost)44 b(+)596 1231 y(their)g(machine)17 b Fm(and)i(get)g(in)h (easily)-9 b(.)18 b(Also,)h(if)g(you)h(have)f(to)g(allow)g(access)g(fr) o(om)g(an)g(untr)o(usted)596 1322 y(machine,)h(anyone)h(ther)o(e)f(can) h(compr)o(omise)g(your)g(display)-9 b(.)596 1455 y(When)18 b(using)i Fi(xdm)e Fm(\(X)g(Display)h(Manager\))e(to)i(log)g(in,)f(you) h(get)g(a)f(much)h(better)f(access)g(method:)596 1546 y(MIT)-5 b(-MAGIC-COOKIE-1.)26 b(A)j(128-bit)e("cookie")i(is)g (generated)f(and)h(stor)o(ed)f(in)h(your)h Fi(.Xau-)596 1637 y(thority)j Fm(\002le.)h(If)g(you)h(need)e(to)i(allow)g(a)e(r)o (emote)h(machine)h(access)e(to)i(your)g(display)-9 b(,)33 b(you)596 1729 y(can)26 b(use)i(the)f Fi(xauth)f Fm(command)i(and)f (the)g(information)h(in)g(your)f Fi(.Xauthority)f Fm(\002le)h(to)h(pr)o (o-)596 1820 y(vide)19 b(access)g(to)i(only)f(that)g(connection.)h(See) e(the)h(Remote-X-Apps)g(mini-howto,)i(available)c(at)596 1911 y(http://metalab.unc.edu/LDP/HOWT)o(O/mini/Remote-X-Apps.html.)596 2044 y(Y)-8 b(ou)22 b(can)f(also)g(use)g Fi(ssh)g Fm(\(see)p 0 TeXcolorgray 20 w(the)h(Section)f(called)f Fc(ssh)h Fj(\(Secur)o(e)g(Shell\))g(and)g Fc(stelnet)p Black Fm(,)e(above\))i (to)596 2136 y(allow)k(secur)o(e)f(X)h(connections.)h(This)f(has)g(the) g(advantage)f(of)h(also)g(being)g(transpar)o(ent)f(to)h(the)596 2227 y(end)20 b(user)-6 b(,)20 b(and)h(means)f(that)h(no)h(unencrypted) e(data)g(\003ows)i(acr)o(oss)e(the)h(network.)596 2360 y(Y)-8 b(ou)22 b(can)f(also)h(disable)f(any)g(r)o(emote)g(connections)i (to)f(your)f(X)h(server)f(by)g(using)h(the)g('-nolisten)596 2451 y(tcp')32 b(options)i(to)f(your)f(X)h(server)-6 b(.)31 b(This)i(will)h(pr)o(event)d(any)i(network)g(connections)h(to)f (your)596 2542 y(server)20 b(over)g(tcp)h(sockets.)596 2675 y(T)-8 b(ake)20 b(a)h(look)h(at)f(the)h Fi(Xsecurity)d Fm(man)j(page)e(for)h(mor)o(e)g(information)h(on)g(X)g(security)-9 b(.)21 b(The)g(safe)596 2767 y(bet)k(is)h(to)h(use)e Fi(xdm)h Fm(to)g(login)h(to)f(your)g(console)h(and)e(then)i(use)f Fi(ssh)f Fm(to)h(go)g(to)h(r)o(emote)e(sites)h(on)596 2858 y(which)21 b(you)g(wish)h(to)f(r)o(un)h(X)f(pr)o(ograms.)596 3157 y Fd(SV)l(GA)596 3290 y Fm(SVGAlib)33 b(pr)o(ograms)g(ar)o(e)f (typically)i(SUID-r)o(oot)f(in)h(or)o(der)f(to)h(access)f(all)h(your)g (Linux)f(ma-)596 3381 y(chine's)c(video)g(har)o(dwar)o(e.)d(This)j (makes)g(them)g(very)f(danger)o(ous.)g(If)h(they)g(crash,)f(you)h (typi-)596 3472 y(cally)18 b(need)h(to)g(r)o(eboot)g(your)g(machine)g (to)g(get)g(a)g(usable)f(console)i(back.)e(Make)g(sur)o(e)h(any)f(SVGA) 596 3564 y(pr)o(ograms)i(you)h(ar)o(e)e(r)o(unning)j(ar)o(e)d (authentic,)h(and)h(can)f(at)g(least)g(be)h(somewhat)g(tr)o(usted.)f (Even)596 3655 y(better)-6 b(,)19 b(don't)j(r)o(un)f(them)g(at)f(all.) 596 3954 y Fd(GGI)i(\(Generic)h(Graphics)g(Interface)g(pr)n(oject\))596 4087 y Fm(The)18 b(Linux)h(GGI)g(pr)o(oject)f(is)h(trying)g(to)g(solve) g(several)f(of)g(the)h(pr)o(oblems)f(with)h(video)g(interfaces)596 4178 y(on)25 b(Linux.)f(GGI)h(will)g(move)g(a)e(small)i(piece)f(of)g (the)h(video)f(code)g(into)h(the)g(Linux)f(kernel,)g(and)596 4269 y(then)f(contr)o(ol)g(access)f(to)i(the)f(video)f(system.)i(This)f (means)g(GGI)g(will)h(be)f(able)f(to)h(r)o(estor)o(e)f(your)596 4361 y(console)28 b(at)f(any)h(time)g(to)g(a)f(known)i(good)f(state.)f (They)h(will)g(also)g(allow)g(a)f(secur)o(e)f(attention)596 4452 y(key)-9 b(,)20 b(so)h(you)g(can)f(be)h(sur)o(e)f(that)g(ther)o(e) g(is)h(no)g(T)-7 b(r)o(ojan)20 b(horse)h Fi(login)f Fm(pr)o(ogram)g(r)o (unning)i(on)g(your)596 4543 y(console.)f(http://syner)o(gy)-9 b(.caltech.edu/~ggi/)197 5027 y Fk(K)n(ernel)28 b(Security)596 5169 y Fm(This)19 b(is)h(a)f(description)g(of)h(the)f(kernel)g (con\002guration)i(options)f(that)g(r)o(elate)e(to)h(security)-9 b(,)19 b(and)g(an)596 5260 y(explanation)h(of)h(what)g(they)g(do,)f (and)h(how)g(to)g(use)g(them.)596 5393 y(As)29 b(the)g(kernel)g(contr)o (ols)h(your)g(computer)6 b('s)29 b(networking,)i(it)e(is)h(important)g (that)f(it)g(be)g(very)596 5484 y(secur)o(e,)24 b(and)h(not)i(be)f (compr)o(omised.)f(T)-8 b(o)27 b(pr)o(event)e(some)h(of)g(the)g(latest) g(networking)h(attacks,)p Black 197 5585 a Fj(24)p Black eop %%Page: 25 25 25 24 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fm(you)33 b(should)h(try)f(to)h (keep)e(your)i(kernel)f(version)g(curr)o(ent.)f(Y)-8 b(ou)35 b(can)d(\002nd)i(new)f(kernels)g(at)596 180 y(<65533>)906 147 y Ff(52)974 180 y Fm(or)21 b(fr)o(om)f(your)i(distribution)f (vendor)-6 b(.)596 313 y(Ther)o(e)43 b(is)i(also)f(a)g(international)h (gr)o(oup)f(pr)o(oviding)g(a)g(single)h(uni\002ed)g(crypto)g(patch)f (to)596 405 y(the)53 b(mainstr)o(eam)f(Linux)h(kernel.)g(This)h(patch)f (pr)o(ovides)f(support)h(for)g(a)g(number)g(of)596 496 y(cryptographic)35 b(subsystems)h(and)f(things)h(that)g(cannot)f(be)g (included)g(in)h(the)f(mainstr)o(eam)596 587 y(kernel)i(due)h(to)g (export)g(r)o(estrictions.)g(For)g(mor)o(e)f(information,)i(visit)g (their)f(web)f(page)h(at:)596 679 y(http://www)-8 b(.kerneli.or)o(g)596 931 y Fn(2.0)25 b(K)o(ernel)f(Compile)i(Options)596 1067 y Fm(For)51 b(2.0.x)f(kernels,)h(the)h(following)g(options)h(apply)-9 b(.)51 b(Y)-8 b(ou)52 b(should)g(see)f(these)h(options)596 1159 y(during)42 b(the)h(kernel)g(con\002guration)g(pr)o(ocess.)f(Many) g(of)h(the)g(comments)g(her)o(e)f(ar)o(e)f(fr)o(om)596 1250 y Fi(./linux/Documentation/Configure.help)o Fm(,)35 b(which)42 b(is)g(the)f(same)g(document)h(that)f(is)596 1341 y(r)o(efer)o(enced)19 b(while)24 b(using)f(the)g(Help)f(facility)h (during)f(the)h Fi(make)44 b(config)22 b Fm(stage)g(of)h(compiling)596 1433 y(the)d(kernel.)p Black 596 1690 a Fh(\225)p Black 63 w Fm(Network)h(Fir)o(ewalls)g(\(CONFIG_FIREW)-8 b(ALL\))679 1823 y(This)22 b(option)g(should)h(be)e(on)h(if)g(you)g(intend)g(to)g (r)o(un)g(any)f(\002r)o(ewalling)h(or)g(masquerading)f(on)679 1914 y(your)f(Linux)h(machine.)f(If)g(it's)h(just)h(going)f(to)g(be)f (a)g(r)o(egular)f(client)i(machine,)g(it's)g(safe)e(to)i(say)679 2006 y(no.)p Black 596 2271 a Fh(\225)p Black 63 w Fm(IP:)g(forwar)o (ding/gatewaying)f(\(CONFIG_IP_FOR)m(W)-8 b(ARD\))679 2404 y(If)23 b(you)i(enable)f(IP)g(forwar)o(ding,)f(your)i(Linux)f(box) g(essentially)h(becomes)f(a)g(r)o(outer)-6 b(.)23 b(If)h(your)679 2495 y(machine)h(is)g(on)g(a)g(network,)g(you)g(could)g(be)g(forwar)o (ding)f(data)f(fr)o(om)i(one)g(network)g(to)g(an-)679 2587 y(other)-6 b(,)28 b(and)g(per)o(haps)g(subverting)h(a)f(\002r)o (ewall)g(that)g(was)h(put)g(ther)o(e)e(to)i(pr)o(event)f(this)h(fr)o (om)679 2678 y(happening.)20 b(Normal)g(dial-up)g(users)g(will)h(want)f (to)h(disable)f(this,)g(and)g(other)h(users)f(should)679 2769 y(concentrate)e(on)i(the)f(security)g(implications)h(of)f(doing)g (this.)h(Fir)o(ewall)e(machines)h(will)h(want)679 2861 y(this)h(enabled,)f(and)g(used)h(in)g(conjunction)i(with)e(\002r)o (ewall)f(softwar)o(e.)679 2994 y(Y)-8 b(ou)21 b(can)g(enable)f(IP)h (forwar)o(ding)f(dynamically)h(using)g(the)g(following)h(command:)723 3159 y Fi(root#)89 b(echo)44 b(1)h(>)g(/proc/sys/net/ipv4/ip_forward) 679 3292 y Fm(and)20 b(disable)g(it)h(with)h(the)e(command:)723 3415 y Fi(root#)89 b(echo)44 b(0)h(>)g(/proc/sys/net/ipv4/ip_forward) 679 3548 y Fm(Keep)29 b(in)i(mind)f(the)h(\002les)f(in)h(/pr)o(oc)e(ar) o(e)g("virtual")g(\002les)i(and)e(the)h(shown)i(size)e(of)g(the)g (\002le)679 3640 y(might)21 b(not)h(r)o(e\003ect)e(the)h(data)e(output) i(fr)o(om)g(it.)p Black 596 3905 a Fh(\225)p Black 63 w Fm(IP:)g(syn)g(cookies)h(\(CONFIG_SYN_COOKIES\))679 4038 y(a)i("SYN)g(Attack")g(is)h(a)g(denial)f(of)h(service)f(\(DoS\))g (attack)g(that)h(consumes)h(all)e(the)h(r)o(esour)o(ces)679 4129 y(on)g(your)h(machine,)f(for)o(cing)g(you)h(to)g(r)o(eboot.)f(W)-8 b(e)25 b(can't)g(think)h(of)g(a)e(r)o(eason)h(you)h(wouldn't)679 4221 y(normally)20 b(enable)f(this.)g(In)h(the)g(2.2.x)e(kernel)h (series)g(this)h(con\002g)h(option)f(mer)o(ely)f(allows)h(syn)679 4312 y(cookies,)h(but)g(does)f(not)i(enable)e(them.)h(T)-8 b(o)21 b(enable)g(them,)g(you)g(have)f(to)h(do:)768 4477 y Fi(root#)44 b(echo)g(1)h(>)g(/proc/sys/net/ipv4/tcp_syncookies)39 b(
)p Black 596 4876 a Fh(\225)p Black 63 w Fm(IP:)21
b(Fir)o(ewalling)g(\(CONFIG_IP_FIREW)-8 b(ALL\))679 5009
y(This)17 b(option)h(is)f(necessary)g(if)f(you)i(ar)o(e)d(going)j(to)g
(con\002gur)o(e)f(your)g(machine)g(as)f(a)h(\002r)o(ewall,)f(do)679
5100 y(masquerading,)h(or)g(wish)i(to)e(pr)o(otect)g(your)h(dial-up)f
(workstation)h(fr)o(om)f(someone)i(entering)679 5191
y(via)h(your)h(PPP)g(dial-up)f(interface.)p Black 596
5457 a Fh(\225)p Black 63 w Fm(IP:)h(\002r)o(ewall)f(packet)g(logging)i
(\(CONFIG_IP_FIREW)-8 b(ALL_VERBOSE\))p Black 3601 5585
a Fj(25)p Black eop
%%Page: 26 26
26 25 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 679 89 a Fm(This)43 b(option)h(gives)f
(you)h(information)g(about)f(packets)f(your)h(\002r)o(ewall)g(r)o
(eceived,)e(like)679 180 y(sender)-6 b(,)19 b(r)o(ecipient,)h(port,)h
(etc.)p Black 596 446 a Fh(\225)p Black 63 w Fm(IP:)g(Dr)o(op)f(sour)o
(ce)h(r)o(outed)f(frames)g(\(CONFIG_IP_NOSR\))679 579
y(This)32 b(option)g(should)h(be)e(enabled.)f(Sour)o(ce)h(r)o(outed)g
(frames)f(contain)j(the)e(entir)o(e)g(path)h(to)679 670
y(their)25 b(destination)i(inside)f(of)f(the)h(packet.)f(This)h(means)g
(that)g(r)o(outers)f(thr)o(ough)h(which)h(the)679 762
y(packet)17 b(goes)h(do)g(not)h(need)e(to)i(inspect)f(it,)g(and)f(just)
i(forwar)o(d)e(it)h(on.)g(This)h(could)f(lead)f(to)h(data)679
853 y(entering)j(your)g(system)g(that)g(may)g(be)f(a)g(potential)h
(exploit.)p Black 596 1119 a Fh(\225)p Black 62 w Fm(IP:)e
(masquerading)g(\(CONFIG_IP_MASQUERADE\))d(If)j(one)h(of)f(the)g
(computers)h(on)g(your)679 1210 y(local)f(network)h(for)f(which)i(your)
f(Linux)f(box)h(acts)f(as)g(a)g(\002r)o(ewall)g(wants)h(to)g(send)f
(something)679 1301 y(to)i(the)g(outside,)h(your)f(box)g(can)g
("masquerade")f(as)h(that)g(host,)h(i.e.,)f(it)g(for)o(ewor)o(ds)f(the)
h(traf)o(\002c)679 1393 y(to)29 b(the)f(intended)h(destination,)g(but)g
(makes)f(it)h(look)h(like)f(it)g(came)f(fr)o(om)g(the)h(\002r)o(ewall)f
(box)679 1484 y(itself.)20 b(See)g(http://www)-8 b(.indyramp.com/masq)
23 b(for)e(mor)o(e)f(information.)p Black 596 1617 a
Fh(\225)p Black 68 w Fm(IP:)25 b(ICMP)g(masquerading)h
(\(CONFIG_IP_MASQUERADE_ICMP\))21 b(This)26 b(option)h(adds)679
1708 y(ICMP)i(masquerading)g(to)h(the)g(pr)o(evious)f(option)i(of)f
(only)g(masquerading)g(TCP)f(or)h(UDP)679 1799 y(traf)o(\002c.)p
Black 596 1932 a Fh(\225)p Black 74 w Fm(IP:)g(transpar)o(ent)g(pr)o
(oxy)h(support)g(\(CONFIG_IP_TRANSP)-8 b(ARENT_PROXY\))31
b(This)g(en-)679 2023 y(ables)23 b(your)g(Linux)h(\002r)o(ewall)f(to)g
(transpar)o(ently)g(r)o(edir)o(ect)e(any)j(network)g(traf)o(\002c)e
(originating)679 2115 y(fr)o(om)28 b(the)h(local)f(network)h(and)g
(destined)f(for)g(a)h(r)o(emote)f(host)h(to)g(a)f(local)h(server)-6
b(,)28 b(called)f(a)679 2206 y("transpar)o(ent)j(pr)o(oxy)h(server".)g
(This)i(makes)f(the)g(local)g(computers)g(think)h(they)f(ar)o(e)e
(talk-)679 2297 y(ing)25 b(to)h(the)f(r)o(emote)f(end,)h(while)h(in)f
(fact)f(they)h(ar)o(e)f(connected)h(to)g(the)h(local)f(pr)o(oxy)-9
b(.)24 b(See)g(the)679 2389 y(IP-Masquerading)16 b(HOWT)o(O)i(and)g
(http://www)-8 b(.indyramp.com/masq)20 b(for)e(mor)o(e)g(infor)o(-)679
2480 y(mation.)p Black 596 2613 a Fh(\225)p Black 63
w Fm(IP:)j(always)f(defragment)g(\(CONFIG_IP_AL)-6 b(W)e(A)f
(YS_DEFRAG\))679 2746 y(Generally)18 b(this)h(option)g(is)g(disabled,)e
(but)h(if)g(you)h(ar)o(e)e(building)i(a)e(\002r)o(ewall)h(or)g(a)g
(masquerad-)679 2837 y(ing)27 b(host,)h(you)f(will)h(want)f(to)g
(enable)f(it.)h(When)g(data)f(is)h(sent)g(fr)o(om)g(one)g(host)h(to)f
(another)-6 b(,)679 2928 y(it)26 b(does)h(not)g(always)g(get)g(sent)g
(as)f(a)g(single)i(packet)d(of)i(data,)e(but)i(rather)f(it)h(is)g
(fragmented)679 3020 y(into)22 b(several)e(pieces.)h(The)g(pr)o(oblem)g
(with)h(this)g(is)f(that)g(the)h(port)f(numbers)h(ar)o(e)d(only)k(stor)
o(ed)679 3111 y(in)h(the)h(\002rst)g(fragment.)e(This)i(means)g(that)f
(someone)h(can)f(insert)h(information)g(into)h(the)e(r)o(e-)679
3202 y(maining)j(packets)g(that)g(isn't)g(supposed)h(to)f(be)f(ther)o
(e.)g(It)h(could)g(also)h(pr)o(event)e(a)g(tear)o(dr)o(op)679
3294 y(attack)19 b(against)i(an)g(internal)g(host)g(that)g(is)g(not)h
(yet)e(itself)h(patched)f(against)h(it.)p Black 596 3559
a Fh(\225)p Black 63 w Fm(Packet)g(Signatur)o(es)e(\(CONFIG_NCPFS_P)-8
b(ACKET_SIGNING\))679 3692 y(This)20 b(is)f(an)h(option)g(that)g(is)g
(available)e(in)i(the)g(2.2.x)d(kernel)j(series)f(that)h(will)g(sign)g
(NCP)g(pack-)679 3784 y(ets)e(for)g(str)o(onger)g(security)-9
b(.)18 b(Normally)h(you)g(can)f(leave)g(it)g(of)o(f,)f(but)i(it)f(is)h
(ther)o(e)f(if)g(you)h(do)f(need)679 3875 y(it.)p Black
596 4141 a Fh(\225)p Black 63 w Fm(IP:)j(Fir)o(ewall)f(packet)g
(netlink)i(device)e(\(CONFIG_IP_FIREW)-8 b(ALL_NETLINK\))679
4273 y(This)31 b(is)g(a)g(r)o(eally)f(neat)g(option)i(that)f(allows)h
(you)f(to)g(analyze)f(the)h(\002rst)g(128)f(bytes)h(of)g(the)679
4365 y(packets)21 b(in)h(a)f(user)o(-space)f(pr)o(ogram,)h(to)h
(determine)f(if)h(you)g(would)g(like)g(to)g(accept)f(or)h(deny)679
4456 y(the)e(packet,)g(based)g(on)h(its)h(validity)-9
b(.)596 5030 y Fn(2.2)25 b(K)o(ernel)f(Compile)i(Options)596
5167 y Fm(For)72 b(2.2.x)f(kernels,)h(many)h(of)f(the)h(options)g(ar)o
(e)e(the)i(same,)e(but)i(a)f(few)g(new)596 5258 y(ones)93
b(have)g(been)g(developed.)e(Many)i(of)g(the)g(comments)i(her)o(e)d(ar)
o(e)f(fr)o(om)596 5349 y Fi(./linux/Documentation/Configure.help)o
Fm(,)52 b(which)59 b(is)f(the)g(same)g(document)g(that)596
5441 y(is)51 b(r)o(efer)o(enced)d(while)k(using)g(the)f(Help)g
(facility)g(during)g(the)g Fi(make)44 b(config)50 b Fm(stage)h(of)p
Black 197 5585 a Fj(26)p Black eop
%%Page: 27 27
27 26 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fm(compiling)28
b(the)g(kernel.)f(Only)i(the)f(newly-)f(added)f(options)j(ar)o(e)d
(listed)i(below)-8 b(.)28 b(Consult)h(the)596 180 y(2.0)d(description)i
(for)f(a)g(list)i(of)e(other)h(necessary)f(options.)i(The)f(most)g
(signi\002cant)h(change)e(in)596 272 y(the)f(2.2)f(kernel)i(series)f
(is)h(the)g(IP)f(\002r)o(ewalling)h(code.)f(The)g Fi(ipchains)f
Fm(pr)o(ogram)h(is)h(now)g(used)596 363 y(to)21 b(install)g(IP)g(\002r)
o(ewalling,)f(instead)h(of)g(the)g Fi(ipfwadm)e Fm(pr)o(ogram)h(used)h
(in)g(the)g(2.0)e(kernel.)p Black 596 620 a Fh(\225)p
Black 63 w Fm(Socket)i(Filtering)g(\(CONFIG_FIL)-6 b(TER\))679
753 y(For)18 b(most)g(people,)g(it's)g(safe)f(to)h(say)g(no)h(to)f
(this)g(option.)h(This)f(option)h(allows)g(you)f(to)g(connect)679
845 y(a)30 b(user)o(-space)g(\002lter)h(to)h(any)f(socket)h(and)f
(determine)g(if)g(packets)g(should)h(be)f(allowed)g(or)679
936 y(denied.)g(Unless)i(you)g(have)f(a)g(very)g(speci\002c)g(need)g
(and)g(ar)o(e)f(capable)g(of)i(pr)o(ogramming)679 1027
y(such)19 b(a)g(\002lter)-6 b(,)19 b(you)h(should)h(say)e(no.)h(Also)g
(note)f(that)h(as)f(of)g(this)i(writing,)f(all)f(pr)o(otocols)h(wer)o
(e)679 1119 y(supported)g(except)g(TCP)-11 b(.)p Black
596 1384 a Fh(\225)p Black 63 w Fm(Port)21 b(Forwar)o(ding)679
1517 y(Port)c(Forwar)o(ding)g(is)h(an)f(addition)g(to)h(IP)f
(Masquerading)g(which)h(allows)g(some)g(forwar)o(ding)679
1608 y(of)j(packets)h(fr)o(om)f(outside)i(to)f(inside)g(a)f(\002r)o
(ewall)h(on)g(given)h(ports.)e(This)i(could)f(be)g(useful)f(if,)679
1700 y(for)26 b(example,)h(you)g(want)g(to)h(r)o(un)g(a)e(web)h(server)
g(behind)g(the)g(\002r)o(ewall)g(or)g(masquerading)679
1791 y(host)21 b(and)f(that)h(web)f(server)g(should)h(be)f(accessible)g
(fr)o(om)g(the)h(outside)g(world.)f(An)h(external)679
1882 y(client)d(sends)h(a)f(r)o(equest)h(to)g(port)f(80)g(of)g(the)h
(\002r)o(ewall,)f(the)h(\002r)o(ewall)f(forwar)o(ds)f(this)i(r)o
(equest)g(to)679 1974 y(the)g(web)g(server)-6 b(,)17
b(the)i(web)g(server)g(handles)f(the)i(r)o(equest)e(and)h(the)g(r)o
(esults)g(ar)o(e)e(sent)i(thr)o(ough)679 2065 y(the)24
b(\002r)o(ewall)g(to)g(the)h(original)g(client.)f(The)h(client)f
(thinks)i(that)e(the)h(\002r)o(ewall)e(machine)i(itself)679
2156 y(is)g(r)o(unning)i(the)f(web)f(server)-6 b(.)25
b(This)h(can)f(also)h(be)f(used)g(for)g(load)h(balancing)f(if)g(you)h
(have)f(a)679 2248 y(farm)20 b(of)g(identical)h(web)f(servers)h(behind)
g(the)f(\002r)o(ewall.)679 2380 y(Information)233 b(about)f(this)i
(featur)o(e)c(is)j(available)e(fr)o(om)679 2472 y(http://www)-8
b(.monmouth.demon.co.uk/ipsubs/portforwar)o(ding.html)399
b(\(to)679 2563 y(br)o(owse)49 b(the)g(WWW)-8 b(,)50
b(you)f(need)g(to)h(have)f(access)f(to)i(a)f(machine)g(on)h(the)g
(Internet)679 2654 y(that)58 b(has)h(a)f(pr)o(ogram)g(like)h(lynx)h(or)
f(Netscape\).)e(For)i(general)f(info,)h(please)f(see)679
2746 y(ftp://ftp.compsoc.net/users/steve/ipportfw/linux21/)p
Black 596 3011 a Fh(\225)p Black 63 w Fm(Socket)21 b(Filtering)g
(\(CONFIG_FIL)-6 b(TER\))679 3144 y(Using)17 b(this)i(option,)f(user)o
(-space)d(pr)o(ograms)i(can)h(attach)e(a)h(\002lter)h(to)f(any)h
(socket)g(and)f(ther)o(eby)679 3236 y(tell)22 b(the)g(kernel)h(that)f
(it)g(should)h(allow)g(or)f(disallow)h(certain)f(types)g(of)g(data)f
(to)i(get)f(thr)o(ough)679 3327 y(the)29 b(socket.)h(Linux)f(socket)h
(\002ltering)g(works)g(on)g(all)f(socket)h(types)f(except)g(TCP)g(for)g
(now)-8 b(.)679 3418 y(See)26 b(the)i(text)f(\002le)h
Fi(./linux/Documentation/networking/filter)o(.txt)21
b Fm(for)28 b(mor)o(e)f(in-)679 3510 y(formation.)p Black
596 3775 a Fh(\225)p Black 63 w Fm(IP:)21 b(Masquerading)679
3908 y(The)27 b(2.2)f(kernel)i(masquerading)f(has)h(been)f(impr)o
(oved.)f(It)i(pr)o(ovides)f(additional)g(support)679
3999 y(for)19 b(masquerading)i(special)e(pr)o(otocols,)i(etc.)e(Be)h
(sur)o(e)g(to)g(r)o(ead)f(the)h(IP)g(Chains)h(HOWT)o(O)f(for)679
4091 y(mor)o(e)g(information.)596 4664 y Fn(K)o(ernel)k(De)o(vices)596
4801 y Fm(Ther)o(e)16 b(ar)o(e)g(a)h(few)g(block)h(and)f(character)f
(devices)h(available)f(on)j(Linux)e(that)h(will)g(also)g(help)f(you)596
4893 y(with)k(security)-9 b(.)596 5026 y(The)20 b(two)h(devices)f
Fi(/dev/random)f Fm(and)h Fi(/dev/urandom)f Fm(ar)o(e)g(pr)o(ovided)g
(by)i(the)f(kernel)h(to)g(pr)o(o-)596 5117 y(vide)f(random)h(data)e(at)
h(any)h(time.)596 5250 y(Both)g Fi(/dev/random)e Fm(and)i
Fi(/dev/urandom)e Fm(should)i(be)g(secur)o(e)f(enough)i(to)f(use)g(in)h
(generating)596 5341 y(PGP)f(keys,)f Fi(ssh)g Fm(challenges,)g(and)g
(other)h(applications)f(wher)o(e)g(secur)o(e)f(random)i(numbers)f(ar)o
(e)596 5432 y(r)o(equir)o(ed.)28 b(Attackers)h(should)j(be)e(unable)g
(to)g(pr)o(edict)f(the)i(next)f(number)h(given)f(any)g(initial)p
Black 3601 5585 a Fj(27)p Black eop
%%Page: 28 28
28 27 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fm(sequence)j(of)g(numbers)g(fr)
o(om)g(these)g(sour)o(ces.)g(Ther)o(e)f(has)h(been)g(a)f(lot)i(of)f(ef)
o(fort)f(put)h(in)h(to)f(en-)596 180 y(suring)c(that)g(the)h(numbers)f
(you)h(get)f(fr)o(om)g(these)g(sour)o(ces)g(ar)o(e)f(random)h(in)h
(every)e(sense)i(of)f(the)596 272 y(wor)o(d.)596 405
y(The)c(only)h(dif)o(fer)o(ence)d(between)i(the)g(two)h(devices,)e(is)i
(that)f Fi(/dev/random)e Fm(r)o(uns)j(out)g(of)f(random)596
496 y(bytes)j(and)g(it)h(makes)f(you)h(wait)g(for)f(mor)o(e)g(to)h(be)f
(accumulated.)f(Note)i(that)f(on)h(some)g(systems,)596
587 y(it)30 b(can)f(block)i(for)f(a)f(long)i(time)g(waiting)f(for)g
(new)g(user)o(-generated)e(entr)o(opy)i(to)h(be)e(enter)o(ed)596
679 y(into)19 b(the)g(system.)g(So)g(you)g(have)g(to)g(use)g(car)o(e)e
(befor)o(e)g(using)j Fi(/dev/random)p Fm(.)d(\(Per)o(haps)g(the)i(best)
596 770 y(thing)h(to)g(do)f(is)h(to)f(use)h(it)f(when)h(you'r)o(e)f
(generating)h(sensitive)f(keying)h(information,)h(and)d(you)596
861 y(tell)i(the)g(user)g(to)h(pound)g(on)g(the)f(keyboar)o(d)f(r)o
(epeatedly)f(until)j(you)g(print)g(out)f("OK,)h(enough".\))596
994 y Fi(/dev/random)i Fm(is)j(high)h(quality)f(entr)o(opy)-9
b(,)25 b(generated)g(fr)o(om)g(measuring)h(the)f(inter)o(-interr)o(upt)
596 1085 y(times)c(etc.)f(It)h(blocks)g(until)h(enough)f(bits)g(of)g
(random)g(data)f(ar)o(e)f(available.)596 1218 y Fi(/dev/urandom)i
Fm(is)k(similar)-6 b(,)24 b(but)g(when)g(the)g(stor)o(e)g(of)g(entr)o
(opy)g(is)g(r)o(unning)i(low)-8 b(,)25 b(it'll)f(r)o(eturn)f(a)596
1310 y(cryptographically)j(str)o(ong)h(hash)g(of)f(what)h(ther)o(e)f
(is.)g(This)h(isn't)h(as)e(secur)o(e,)f(but)i(it's)g(enough)596
1401 y(for)20 b(most)i(applications.)596 1534 y(Y)-8
b(ou)21 b(might)h(r)o(ead)d(fr)o(om)i(the)f(devices)h(using)g
(something)i(like:)640 1740 y Fi(root#)89 b(head)44 b(-c)h(6)f
(/dev/urandom)f(|)i(mimencode)596 1915 y Fm(This)26 b(will)g(print)g
(six)f(random)h(characters)e(on)i(the)g(console,)g(suitable)g(for)f
(passwor)o(d)g(genera-)596 2006 y(tion.)c(Y)-8 b(ou)22
b(can)e(\002nd)h Fi(mimencode)e Fm(in)j(the)f Fi(metamail)e
Fm(package.)596 2139 y(See)g Fi(/usr/src/linux/drivers/char/random.c)c
Fm(for)21 b(a)f(description)h(of)g(the)g(algorithm.)596
2272 y(Thanks)g(to)h(Theodor)o(e)f(Y)-9 b(.)21 b(T)-7
b(s'o,)21 b(Jon)h(Lewis,)f(and)g(others)h(fr)o(om)f(Linux-kernel)g(for)
g(helping)h(me)596 2363 y(\(Dave\))d(with)j(this.)197
2764 y Fk(Netw)n(ork)28 b(Security)596 2906 y Fm(Network)23
b(security)g(is)h(becoming)g(mor)o(e)f(and)g(mor)o(e)g(important)g(as)g
(people)g(spend)g(mor)o(e)g(and)596 2997 y(mor)o(e)34
b(time)i(connected.)e(Compr)o(omising)j(network)e(security)g(is)h
(often)f(much)h(easier)e(than)596 3088 y(compr)o(omising)22
b(physical)f(or)f(local)h(security)-9 b(,)21 b(and)f(is)h(much)g(mor)o
(e)g(common.)596 3221 y(Ther)o(e)d(ar)o(e)f(a)h(number)i(of)f(good)g
(tools)h(to)f(assist)h(with)f(network)h(security)-9 b(,)19
b(and)f(mor)o(e)h(and)f(mor)o(e)596 3312 y(of)i(them)h(ar)o(e)f
(shipping)i(with)f(Linux)g(distributions.)596 3564 y
Fn(P)m(ac)n(ket)k(Sniff)o(er)o(s)596 3701 y Fm(One)h(of)f(the)h(most)h
(common)g(ways)f(intr)o(uders)g(gain)g(access)f(to)h(mor)o(e)g(systems)
h(on)f(your)g(net-)596 3793 y(work)k(is)g(by)f(employing)i(a)e(packet)g
(snif)o(fer)g(on)h(a)f(alr)o(eady)f(compr)o(omised)i(host.)g(This)g
("snif-)596 3884 y(fer")23 b(just)i(listens)h(on)f(the)g(Ethernet)f
(port)h(for)f(things)i(like)f Fi(passwd)e Fm(and)i Fi(login)e
Fm(and)h Fi(su)h Fm(in)g(the)596 3975 y(packet)20 b(str)o(eam)g(and)g
(then)i(logs)f(the)h(traf)o(\002c)d(after)h(that.)g(This)i(way)-9
b(,)20 b(attackers)g(gain)h(passwor)o(ds)596 4067 y(for)d(systems)i
(they)e(ar)o(e)g(not)h(even)g(attempting)g(to)g(br)o(eak)e(into.)i
(Clear)o(-text)e(passwor)o(ds)h(ar)o(e)f(very)596 4158
y(vulnerable)j(to)h(this)g(attack.)596 4291 y(Example:)h(Host)i(A)f
(has)g(been)g(compr)o(omised.)g(Attacker)f(installs)i(a)f(snif)o(fer)-6
b(.)22 b(Snif)o(fer)f(picks)j(up)596 4382 y(admin)30
b(logging)h(into)g(Host)g(B)e(fr)o(om)h(Host)h(C.)e(It)h(gets)g(the)h
(admins)f(personal)g(passwor)o(d)f(as)596 4474 y(they)22
b(login)i(to)f(B.)f(Then,)h(the)f(admin)h(does)f(a)g
Fi(su)h Fm(to)g(\002x)f(a)g(pr)o(oblem.)g(They)h(now)g(have)f(the)h(r)o
(oot)596 4565 y(passwor)o(d)d(for)g(Host)h(B.)f(Later)g(the)h(admin)f
(lets)h(someone)h Fi(telnet)d Fm(fr)o(om)h(his)i(account)e(to)h(Host)
596 4656 y(Z)g(on)g(another)g(site.)g(Now)g(the)g(attacker)e(has)i(a)f
(passwor)o(d/login)i(on)f(Host)h(Z.)596 4789 y(In)28
b(this)h(day)f(and)g(age,)g(the)g(attacker)f(doesn't)i(even)f(need)g
(to)h(compr)o(omise)g(a)f(system)h(to)g(do)596 4880 y(this:)21
b(they)g(could)g(also)g(bring)g(a)f(laptop)h(or)g(pc)f(into)i(a)e
(building)h(and)g(tap)f(into)i(your)f(net.)596 5013 y(Using)34
b Fi(ssh)f Fm(or)h(other)g(encrypted)f(passwor)o(d)g(methods)h(thwarts)
g(this)g(attack.)f(Things)i(like)596 5105 y(APOP)22 b(for)h(POP)g
(accounts)g(also)g(pr)o(events)f(this)i(attack.)d(\(Normal)i(POP)g
(logins)h(ar)o(e)e(very)g(vul-)596 5196 y(nerable)d(to)j(this,)f(as)f
(is)h(anything)h(that)f(sends)g(clear)o(-text)e(passwor)o(ds)h(over)h
(the)f(network.\))p Black 197 5585 a Fj(28)p Black eop
%%Page: 29 29
29 28 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fn(System)k(ser)q(vices)f(and)g
(tcp_wrapper)o(s)596 226 y Fm(Befor)o(e)c(you)j(put)f(your)g(Linux)h
(system)f(on)h Fj(ANY)g Fm(network)f(the)h(\002rst)f(thing)h(to)g(look)
g(at)e(is)i(what)596 317 y(services)f(you)i(need)e(to)h(of)o(fer)-6
b(.)21 b(Services)h(that)h(you)h(do)f(not)g(need)g(to)g(of)o(fer)f
(should)h(be)g(disabled)596 409 y(so)i(that)g(you)g(have)g(one)g(less)g
(thing)h(to)f(worry)h(about)e(and)h(attackers)f(have)g(one)h(less)g
(place)g(to)596 500 y(look)c(for)g(a)f(hole.)596 633
y(Ther)o(e)26 b(ar)o(e)g(a)h(number)h(of)f(ways)h(to)g(disable)f
(services)g(under)g(Linux.)g(Y)-8 b(ou)29 b(can)e(look)i(at)e(your)596
724 y Fi(/etc/inetd.conf)14 b Fm(\002le)j(and)g(see)g(what)g(services)g
(ar)o(e)f(being)h(of)o(fer)o(ed)e(by)i(your)h Fi(inetd)p
Fm(.)e(Disable)596 816 y(any)25 b(that)g(you)h(do)f(not)i(need)d(by)i
(commenting)h(them)f(out)f(\()p Fi(#)g Fm(at)g(the)h(beginning)g(of)g
(the)f(line\),)596 907 y(and)20 b(then)h(sending)g(your)h(inetd)e(pr)o
(ocess)h(a)f(SIGHUP)-11 b(.)596 1040 y(Y)j(ou)33 b(can)e(also)h(r)o
(emove)f(\(or)h(comment)h(out\))f(services)f(in)i(your)f
Fi(/etc/services)e Fm(\002le.)h(This)596 1131 y(will)i(mean)g(that)h
(local)f(clients)h(will)f(also)h(be)f(unable)g(to)g(\002nd)h(the)f
(service)g(\(i.e.,)f(if)g(you)i(r)o(e-)596 1222 y(move)21
b Fi(ftp)p Fm(,)f(and)h(try)g(and)g(ftp)f(to)i(a)f(r)o(emote)f(site)h
(fr)o(om)g(that)g(machine)h(it)f(will)h(fail)e(with)i(an)f("un-)596
1314 y(known)i(service")e(message\).)g(It's)h(usually)g(not)h(worth)f
(the)g(tr)o(ouble)g(to)g(r)o(emove)f(services)g(fr)o(om)596
1405 y Fi(/etc/services)p Fm(,)g(since)i(it)h(pr)o(ovides)f(no)h
(additional)f(security)-9 b(.)23 b(If)g(a)g(local)h(person)f(wanted)h
(to)596 1496 y(use)g Fi(ftp)g Fm(even)g(though)h(you)g(had)f(commented)
h(it)g(out,)f(they)h(would)g(make)f(their)g(own)i(client)596
1588 y(that)20 b(used)h(the)g(common)h(FTP)f(port)g(and)f(would)h
(still)h(work)f(\002ne.)596 1720 y(Some)f(of)h(the)g(services)f(you)i
(might)f(want)g(to)g(leave)f(enabled)g(ar)o(e:)p Black
596 1978 a Fh(\225)p Black 63 w Fi(ftp)p Black 596 2111
a Fh(\225)p Black 63 w Fi(telnet)g Fm(\(or)h Fi(ssh)p
Fm(\))p Black 596 2244 a Fh(\225)p Black 63 w Fm(mail,)g(such)g(as)g
Fi(pop-3)f Fm(or)g Fi(imap)p Black 596 2376 a Fh(\225)p
Black 63 w Fi(identd)596 2642 y Fm(If)25 b(you)h(know)h(you)g(ar)o(e)d
(not)i(going)h(to)g(use)e(some)i(particular)d(package,)h(you)h(can)g
(also)g(delete)596 2733 y(it)d(entir)o(ely)-9 b(.)22
b Fi(rpm)44 b(-e)h(packagename)21 b Fm(under)h(the)h(Red)g(Hat)g
(distribution)g(will)h(erase)e(an)h(entir)o(e)596 2825
y(package.)c(Under)h(Debian)h Fi(dpkg)44 b(--remove)19
b Fm(does)i(the)g(same)f(thing.)596 2957 y(Additionally)-9
b(,)22 b(you)h(r)o(eally)f(want)h(to)h(disable)e(the)h(rsh/rlogin/r)o
(cp)h(utilities,)f(including)h(login)596 3049 y(\(used)f(by)h
Fi(rlogin)p Fm(\),)e(shell)j(\(used)e(by)h Fi(rcp)p Fm(\),)f(and)h
(exec)f(\(used)g(by)h Fi(rsh)p Fm(\))f(fr)o(om)h(being)g(started)f(in)
596 3140 y Fi(/etc/inetd.conf)p Fm(.)f(These)j(pr)o(otocols)g(ar)o(e)e
(extr)o(emely)h(insecur)o(e)h(and)f(have)h(been)f(the)i(cause)596
3231 y(of)20 b(exploits)h(in)h(the)f(past.)596 3364 y(Y)-8
b(ou)61 b(should)h(check)e Fi(/etc/rc.d/rc[0-9].d)e Fm(\(on)i(Red)h
(Hat;)f Fi(/etc/rc[0-9].d)e Fm(on)596 3456 y(Debian\),)31
b(and)h(see)g(if)f(any)i(of)f(the)g(servers)g(started)f(in)h(those)h
(dir)o(ectories)f(ar)o(e)e(not)j(needed.)596 3547 y(The)k(\002les)h(in)
g(those)g(dir)o(ectories)f(ar)o(e)f(actually)h(symbolic)i(links)f(to)g
(\002les)g(in)g(the)g(dir)o(ectory)596 3638 y Fi(/etc/rc.d/init.d)30
b Fm(\(on)k(Red)f(Hat;)f Fi(/etc/init.d)g Fm(on)i(Debian\).)e(Renaming)
i(the)g(\002les)f(in)596 3730 y(the)20 b Fi(init.d)g
Fm(dir)o(ectory)f(disables)i(all)f(the)h(symbolic)g(links)h(that)e
(point)i(to)f(that)f(\002le.)h(If)f(you)h(only)596 3821
y(wish)i(to)g(disable)f(a)g(service)g(for)g(a)g(particular)g(r)o(un)h
(level,)f(r)o(ename)f(the)i(appr)o(opriate)e(symbolic)596
3912 y(link)g(by)g(r)o(eplacing)f(the)h(upper)o(-case)d
Fi(S)j Fm(with)g(a)g(lower)o(-case)e Fi(s)p Fm(,)i(like)g(this:)909
4119 y Fi(root#)89 b(cd)45 b(/etc/rc6.d)909 4201 y(root#)89
b(mv)45 b(S45dhcpd)e(s45dhcpd)596 4508 y Fm(If)27 b(you)h(have)f
(BSD-style)g Fi(rc)g Fm(\002les,)h(you)g(will)g(want)g(to)f(check)h
Fi(/etc/rc*)e Fm(for)h(pr)o(ograms)g(you)596 4600 y(don't)21
b(need.)596 4733 y(Most)h(Linux)h(distributions)g(ship)g(with)g
(tcp_wrappers)e("wrapping")h(all)g(your)h(TCP)g(services.)596
4824 y(A)28 b(tcp_wrapper)g(\()p Fi(tcpd)p Fm(\))f(is)j(invoked)g(fr)o
(om)e Fi(inetd)h Fm(instead)g(of)g(the)g(r)o(eal)f(server)-6
b(.)28 b Fi(tcpd)g Fm(then)596 4915 y(checks)d(the)h(host)g(that)f(is)h
(r)o(equesting)g(the)f(service,)g(and)g(either)g(executes)g(the)g(r)o
(eal)g(server)-6 b(,)24 b(or)596 5006 y(denies)d(access)f(fr)o(om)h
(that)g(host.)h Fi(tcpd)e Fm(allows)i(you)g(to)f(r)o(estrict)g(access)f
(to)i(your)f(TCP)h(services.)596 5098 y(Y)-8 b(ou)19
b(should)g(make)f(a)f Fi(/etc/hosts.allow)f Fm(and)h(add)g(in)i(only)g
(those)g(hosts)g(that)f(need)g(to)g(have)596 5189 y(access)i(to)h(your)
g(machine's)g(services.)596 5322 y(If)k(you)h(ar)o(e)e(a)h(home)h(dial)
g(up)f(user)-6 b(,)25 b(we)h(suggest)g(you)g(deny)g(ALL.)e
Fi(tcpd)h Fm(also)h(logs)g(failed)f(at-)596 5413 y(tempts)18
b(to)h(access)f(services,)f(so)i(this)g(can)g(alert)e(you)i(if)f(you)h
(ar)o(e)e(under)h(attack.)f(If)h(you)h(add)f(new)p Black
3601 5585 a Fj(29)p Black eop
%%Page: 30 30
30 29 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fm(services,)g(you)i(should)g
(be)g(sur)o(e)e(to)i(con\002gur)o(e)g(them)f(to)h(use)g(tcp_wrappers)d
(if)j(they)f(ar)o(e)f(TCP-)596 180 y(based.)f(For)j(example,)e(a)g
(normal)i(dial-up)e(user)h(can)f(pr)o(event)g(outsiders)i(fr)o(om)e
(connecting)j(to)596 272 y(his)c(machine,)f(yet)g(still)h(have)f(the)h
(ability)f(to)h(r)o(etrieve)e(mail,)h(and)g(make)g(network)h
(connections)596 363 y(to)h(the)g(Internet.)f(T)-8 b(o)21
b(do)g(this,)h(you)f(might)h(add)d(the)i(following)i(to)e(your)g
Fi(/etc/hosts.allow)p Fm(:)596 496 y(ALL:)e(127.)596
629 y(And)h(of)h(course)f(/etc/hosts.deny)i(would)g(contain:)596
762 y(ALL:)d(ALL)596 894 y(which)g(will)g(pr)o(event)e(external)h
(connections)i(to)f(your)f(machine,)h(yet)f(still)h(allow)g(you)g(fr)o
(om)f(the)596 986 y(inside)j(to)g(connect)g(to)g(servers)f(on)i(the)f
(Internet.)596 1119 y(Keep)j(in)i(mind)f(that)g(tcp_wrappers)f(only)i
(pr)o(otects)f(services)f(executed)g(fr)o(om)h Fi(inetd)p
Fm(,)f(and)g(a)596 1210 y(select)h(few)h(others.)g(Ther)o(e)f(very)h
(well)g(may)g(be)g(other)g(services)g(r)o(unning)h(on)g(your)f
(machine.)596 1301 y(Y)-8 b(ou)21 b(can)g(use)g Fi(netstat)43
b(-ta)21 b Fm(to)g(\002nd)g(a)f(list)h(of)g(all)g(the)g(services)f
(your)h(machine)g(is)g(of)o(fering.)596 1609 y Fn(V)-5
b(erify)25 b(Y)-9 b(our)24 b(DNS)i(Inf)n(ormation)596
1746 y Fm(Keeping)j(up-to-date)f(DNS)h(information)h(about)f(all)g
(hosts)h(on)g(your)g(network)f(can)g(help)h(to)596 1838
y(incr)o(ease)24 b(security)-9 b(.)25 b(If)g(an)g(unauthorized)g(host)i
(becomes)e(connected)h(to)g(your)f(network,)h(you)596
1929 y(can)g(r)o(ecognize)f(it)i(by)g(its)g(lack)f(of)g(a)g(DNS)g
(entry)-9 b(.)27 b(Many)f(services)g(can)g(be)g(con\002gur)o(ed)g(to)h
(not)596 2020 y(accept)19 b(connections)k(fr)o(om)d(hosts)i(that)e(do)h
(not)h(have)e(valid)g(DNS)h(entries.)596 2328 y Fn(identd)596
2465 y Fi(identd)c Fm(is)j(a)e(small)h(pr)o(ogram)g(that)g(typically)g
(r)o(uns)g(out)h(of)f(your)g Fi(inetd)f Fm(server)-6
b(.)18 b(It)h(keeps)g(track)596 2556 y(of)h(what)h(user)g(is)h(r)o
(unning)g(what)f(TCP)g(service,)f(and)g(then)i(r)o(eports)e(this)i(to)f
(whoever)g(r)o(equests)596 2648 y(it.)596 2781 y(Many)h(people)i
(misunderstand)f(the)h(usefulness)g(of)f Fi(identd)p
Fm(,)f(and)h(so)h(disable)f(it)h(or)f(block)h(all)596
2872 y(of)o(f)g(site)h(r)o(equests)g(for)h(it.)f Fi(identd)f
Fm(is)i(not)g(ther)o(e)e(to)i(help)f(out)h(r)o(emote)f(sites.)g(Ther)o
(e)f(is)i(no)g(way)596 2963 y(of)d(knowing)i(if)e(the)g(data)f(you)i
(get)f(fr)o(om)g(the)g(r)o(emote)g Fi(identd)f Fm(is)i(corr)o(ect)e(or)
i(not.)f(Ther)o(e)g(is)g(no)596 3055 y(authentication)e(in)g
Fi(identd)f Fm(r)o(equests.)596 3187 y(Why)25 b(would)h(you)h(want)e
(to)h(r)o(un)g(it)g(then?)f(Because)g(it)h(helps)f Fj(you)g
Fm(out,)h(and)f(is)h(another)f(data-)596 3279 y(point)h(in)g(tracking.)
f(If)h(your)g Fi(identd)e Fm(is)i(un)g(compr)o(omised,)g(then)g(you)g
(know)h(it's)f(telling)g(r)o(e-)596 3370 y(mote)16 b(sites)h(the)g
(user)o(-name)e(or)i(uid)f(of)h(people)f(using)i(TCP)e(services.)g(If)g
(the)h(admin)f(at)g(a)g(r)o(emote)596 3461 y(site)k(comes)g(back)g(to)g
(you)h(and)e(tells)i(you)f(user)g(so-and-so)g(was)g(trying)h(to)f(hack)
g(into)h(their)f(site,)596 3553 y(you)j(can)g(easily)h(take)f(action)g
(against)g(that)h(user)-6 b(.)23 b(If)g(you)g(ar)o(e)f(not)i(r)o
(unning)h Fi(identd)p Fm(,)d(you)i(will)596 3644 y(have)18
b(to)i(look)g(at)f(lots)h(and)e(lots)i(of)g(logs,)f(\002gur)o(e)g(out)h
(who)g(was)f(on)h(at)e(the)i(time,)f(and)g(in)g(general)596
3735 y(take)h(a)g(lot)h(mor)o(e)g(time)g(to)g(track)f(down)i(the)e
(user)-6 b(.)596 3868 y(The)15 b Fi(identd)g Fm(that)h(ships)h(with)f
(most)h(distributions)g(is)f(mor)o(e)g(con\002gurable)g(than)g(many)g
(people)596 3960 y(think.)25 b(Y)-8 b(ou)26 b(can)f(disable)f(it)h(for)
f(speci\002c)h(users)g(\(they)g(can)f(make)h(a)f Fi(.noident)g
Fm(\002le\),)g(you)h(can)596 4051 y(log)i(all)f Fi(identd)g
Fm(r)o(equests)g(\(W)-8 b(e)26 b(r)o(ecommend)h(it\),)f(you)h(can)f
(even)h(have)f(identd)g(r)o(eturn)g(a)g(uid)596 4142
y(instead)20 b(of)h(a)f(user)h(name)f(or)h(even)g(NO-USER.)596
4450 y Fn(Con\002guring)i(and)i(Securing)f(the)i(P)l(ost\002x)f(MT)-8
b(A)596 4587 y Fm(The)21 b(Post\002x)g(mail)h(server)e(was)h(written)g
(by)g(W)-5 b(ietse)22 b(V)-9 b(enema,)20 b(author)h(of)g(Post\002x)h
(and)f(several)596 4679 y(other)d(staple)f(Internet)h(security)g(pr)o
(oducts,)f(as)h(an)g("attempt)f(to)i(pr)o(ovide)e(an)g(alternative)g
(to)i(the)596 4770 y(widely-used)24 b(Sendmail)h(pr)o(ogram.)f
(Post\002x)i(attempts)e(to)i(be)f(fast,)f(easy)g(to)i(administer)-6
b(,)24 b(and)596 4861 y(hopefully)i(secur)o(e,)f(while)i(at)f(the)g
(same)h(time)f(being)h(sendmail)f(compatible)g(enough)i(to)e(not)596
4953 y(upset)20 b(your)h(users.")596 5085 y(Further)g(information)h(on)
g(post\002x)g(can)f(be)g(found)h(at)f(the)g(Post\002x)h(home)2943
5052 y Ff(56)3015 5085 y Fm(and)f(in)h(the)f(Con\002g-)596
5177 y(uring)g(and)f(Securing)h(Post\002x)1572 5143 y
Ff(57)1622 5177 y Fm(.)p Black 197 5585 a Fj(30)p Black
eop
%%Page: 31 31
31 30 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fn(SA)-8 b(T)g(AN,)24
b(ISS,)i(and)f(Other)g(Netw)n(ork)g(Scanner)o(s)596 226
y Fm(Ther)o(e)17 b(ar)o(e)h(a)g(number)h(of)g(dif)o(fer)o(ent)e
(softwar)o(e)h(packages)g(out)h(ther)o(e)g(that)f(do)h(port)g(and)g
(service-)596 317 y(based)i(scanning)i(of)f(machines)g(or)g(networks.)h
(SA)-6 b(T)g(AN,)20 b(ISS,)h(SAINT)-6 b(,)21 b(and)g(Nessus)i(ar)o(e)d
(some)596 409 y(of)29 b(the)g(mor)o(e)f(well-known)j(ones.)e(This)h
(softwar)o(e)e(connects)i(to)f(the)g(tar)o(get)f(machine)h(\(or)g(all)
596 500 y(the)h(tar)o(get)e(machines)j(on)f(a)g(network\))g(on)h(all)e
(the)i(ports)f(they)g(can,)f(and)h(try)g(to)g(determine)596
591 y(what)22 b(service)g(is)h(r)o(unning)h(ther)o(e.)e(Based)f(on)i
(this)g(information,)h(you)f(can)f(tell)h(if)f(the)h(machine)596
683 y(is)e(vulnerable)f(to)h(a)f(speci\002c)h(exploit)g(on)g(that)g
(server)-6 b(.)596 816 y(SA)g(T)g(AN)64 b(\(Security)g(Administrator)6
b('s)67 b(T)-8 b(ool)66 b(for)g(Analyzing)g(Networks\))f(is)i(a)e(port)
596 907 y(scanner)51 b(with)h(a)e(web)i(interface.)d(It)j(can)f(be)g
(con\002gur)o(ed)g(to)g(do)h(light,)f(medium,)h(or)596
998 y(str)o(ong)41 b(checks)g(on)g(a)f(machine)h(or)g(a)f(network)i(of)
e(machines.)h(It's)g(a)g(good)g(idea)f(to)h(get)596 1089
y(SA)-6 b(T)g(AN)33 b(and)h(scan)h(your)h(machine)f(or)g(network,)h
(and)e(\002x)h(the)h(pr)o(oblems)e(it)i(\002nds.)f(Make)596
1181 y(sur)o(e)46 b(you)i(get)f(the)g(copy)h(of)f(SA)-6
b(T)g(AN)46 b(fr)o(om)g(metalab)2502 1148 y Ff(58)2599
1181 y Fm(or)h(a)g(r)o(eputable)e(FTP)j(or)f(web)596
1272 y(site.)d(Ther)o(e)f(was)h(a)g(T)-7 b(r)o(ojan)43
b(copy)i(of)f(SA)-6 b(T)g(AN)42 b(that)i(was)g(distributed)g(out)h(on)g
(the)f(net.)596 1363 y(http://www)-8 b(.tr)o(ouble.or)o
(g/~zen/satan/satan.html.)39 b(Note)f(that)g(SA)-6 b(T)g(AN)37
b(has)h(not)h(been)596 1455 y(updated)19 b(in)i(quite)h(a)e(while,)h
(and)f(some)i(of)e(the)h(other)g(tools)h(below)f(might)h(do)f(a)f
(better)g(job.)596 1588 y(ISS)j(\(Internet)h(Security)g(Scanner\))f(is)
i(another)g(port-based)e(scanner)-6 b(.)24 b(It)g(is)h(faster)f(than)g
(Satan,)596 1679 y(and)17 b(thus)h(might)g(be)f(better)g(for)h(lar)o
(ge)e(networks.)i(However)-6 b(,)17 b(SA)-6 b(T)g(AN)16
b(tends)i(to)g(pr)o(ovide)e(mor)o(e)596 1770 y(information.)596
1903 y(Abacus)68 b(is)i(a)f(suite)g(of)g(tools)i(to)f(pr)o(ovide)e
(host-based)h(security)g(and)g(intr)o(usion)596 1994
y(detection.)78 b(Look)g(at)g(it's)h(home)g(page)f(on)h(the)f(web)g
(for)g(mor)o(e)g(information.)596 2086 y(http://www)-8
b(.psionic.com/abacus/)1880 2053 y Ff(60)596 2219 y Fm(SAINT)64
b(is)j(a)e(updated)g(version)h(of)g(SA)-6 b(T)g(AN.)64
b(It)i(is)g(web-based)e(and)i(has)g(many)596 2310 y(mor)o(e)g
(up-to-date)f(tests)i(than)g(SA)-6 b(T)g(AN.)65 b(Y)-8
b(ou)68 b(can)e(\002nd)h(out)g(mor)o(e)f(about)h(it)g(at:)596
2401 y(http://www)-8 b(.wwdsi.com/~saint)1789 2368 y
Ff(61)596 2534 y Fm(Nessus)25 b(is)g(a)g(fr)o(ee)e(security)i(scanner)
-6 b(.)25 b(It)g(has)g(a)f(GTK)i(graphical)e(interface)g(for)h(ease)f
(of)h(use.)g(It)596 2625 y(is)20 b(also)h(designed)f(with)h(a)f(very)g
(nice)g(plug)h(in)f(setup)h(for)f(new)g(port-scanning)h(tests.)g(For)f
(mor)o(e)596 2717 y(information,)h(take)f(a)g(look)i(at:)e(http://www)
-8 b(.nessus.or)o(g)2484 2684 y Ff(62)596 2953 y Fd(Detecting)22
b(P)m(or)r(t)g(Scans)596 3086 y Fm(Ther)o(e)j(ar)o(e)g(some)j(tools)f
(designed)g(to)g(alert)f(you)h(to)g(pr)o(obes)f(by)h(SA)-6
b(T)g(AN)25 b(and)h(ISS)f(and)i(other)596 3178 y(scanning)e(softwar)o
(e.)f(However)-6 b(,)25 b(if)g(you)g(liberally)g(use)g(tcp_wrappers,)e
(and)i(look)h(over)f(your)596 3269 y(log)e(\002les)h(r)o(egularly)-9
b(,)21 b(you)j(should)g(be)f(able)f(to)h(notice)h(such)f(pr)o(obes.)g
(Even)g(on)g(the)g(lowest)h(set-)596 3360 y(ting,)d(SA)-6
b(T)g(AN)19 b(still)i(leaves)f(traces)g(in)i(the)e(logs)i(on)g(a)e
(stock)h(Red)g(Hat)f(system.)596 3493 y(Ther)o(e)g(ar)o(e)g(also)h
("stealth")g(port)h(scanners.)f(A)f(packet)h(with)h(the)g(TCP)f(ACK)g
(bit)g(set)g(\(as)g(is)h(done)596 3584 y(with)j(established)f
(connections\))i(will)f(likely)g(get)g(thr)o(ough)g(a)f
(packet-\002ltering)g(\002r)o(ewall.)g(The)596 3676 y(r)o(eturned)17
b(RST)i(packet)g(fr)o(om)f(a)h(port)g(that)g Fj(_had)e(no)i
(established)h(session_)f Fm(can)g(be)g(taken)g(as)f(pr)o(oof)596
3767 y(of)i(life)h(on)g(that)g(port.)f(I)h(don't)g(think)h(TCP)f
(wrappers)f(will)h(detect)f(this.)596 3900 y(Y)-8 b(ou)33
b(might)g(also)g(look)g(at)f(SNOR)m(T)-6 b(,)32 b(which)h(is)g(a)f(fr)o
(ee)f(IDS)h(\(Intr)o(usion)i(Detection)e(System\),)596
3991 y(which)21 b(can)g(detect)f(other)h(network)g(intr)o(usions.)i
(http://www)-8 b(.snort.or)o(g)596 4382 y Fn(sendmail,)25
b(qmail)h(and)f(MT)-8 b(A')j(s)596 4519 y Fm(One)24 b(of)f(the)h(most)h
(important)f(services)g(you)g(can)g(pr)o(ovide)f(is)h(a)f(mail)h
(server)-6 b(.)23 b(Unfortunately)-9 b(,)596 4610 y(it)26
b(is)g(also)g(one)h(of)f(the)g(most)h(vulnerable)e(to)i(attack,)d
(simply)j(due)f(to)g(the)g(number)h(of)f(tasks)g(it)596
4702 y(must)21 b(perform)f(and)h(the)f(privileges)h(it)g(typically)g
(needs.)596 4835 y(If)f(you)h(ar)o(e)e(using)j Fi(sendmail)d
Fm(it)i(is)g(very)f(important)i(to)f(keep)f(up)h(on)g(curr)o(ent)f
(versions.)h Fi(send-)596 4926 y(mail)f Fm(has)h(a)f(long)i(long)g
(history)f(of)g(security)g(exploits.)g(Always)g(make)f(sur)o(e)h(you)g
(ar)o(e)e(r)o(unning)596 5017 y(the)h(most)i(r)o(ecent)e(version)h(fr)o
(om)f(http://www)-8 b(.sendmail.or)o(g)2642 4984 y Ff(64)2694
5017 y Fm(.)596 5150 y(Keep)28 b(in)h(mind)g(that)g(sendmail)g(does)f
(not)i(have)e(to)h(be)f(r)o(unning)i(in)g(or)o(der)d(for)i(you)g(to)g
(send)596 5241 y(mail.)21 b(If)g(you)h(ar)o(e)e(a)h(home)h(user)-6
b(,)21 b(you)h(can)f(disable)g(sendmail)h(entir)o(ely)-9
b(,)21 b(and)g(simply)h(use)g(your)596 5333 y(mail)30
b(client)h(to)f(send)h(mail.)f(Y)-8 b(ou)31 b(might)h(also)e(choose)h
(to)g(r)o(emove)f(the)g("-bd")f(\003ag)i(fr)o(om)f(the)p
Black 3601 5585 a Fj(31)p Black eop
%%Page: 32 32
32 31 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fm(sendmail)j(startup)h(\002le,)
f(ther)o(eby)g(disabling)h(incoming)h(r)o(equests)f(for)f(mail.)h(In)f
(other)h(wor)o(ds,)596 180 y(you)c(can)f(execute)g(sendmail)h(fr)o(om)f
(your)h(startup)g(script)g(using)g(the)g(following)h(instead:)685
346 y Fi(#)45 b(/usr/lib/sendmail)d(-q15m)596 520 y Fm(This)24
b(will)g(cause)g(sendmail)f(to)i(\003ush)f(the)g(mail)g(queue)g(every)f
(\002fteen)h(minutes)h(for)e(any)h(mes-)596 611 y(sages)c(that)h(could)
g(not)g(be)g(successfully)g(deliver)o(ed)e(on)i(the)g(\002rst)g
(attempt.)596 744 y(Many)c(administrators)h(choose)h(not)g(to)f(use)h
(sendmail,)f(and)f(instead)h(choose)h(one)f(of)g(the)h(other)596
835 y(mail)26 b(transport)h(agents.)g(Y)-8 b(ou)28 b(might)f(consider)g
(switching)i(over)d(to)h Fi(qmail)p Fm(.)f Fi(qmail)g
Fm(was)h(de-)596 927 y(signed)22 b(with)g(security)g(in)h(mind)f(fr)o
(om)g(the)g(gr)o(ound)f(up.)h(It's)g(fast,)f(stable,)h(and)f(secur)o
(e.)g(Qmail)596 1018 y(can)f(be)g(found)h(at)g(http://www)-8
b(.qmail.or)o(g)596 1151 y(In)26 b(dir)o(ect)e(competition)j(to)f
(qmail)h(is)f("post\002x",)f(written)h(by)g(W)-5 b(ietse)26
b(V)-9 b(enema,)25 b(the)h(author)g(of)596 1242 y(tcp_wrappers)h(and)h
(other)i(security)f(tools.)h(Formerly)f(called)f(vmailer)-6
b(,)28 b(and)h(sponsor)o(ed)g(by)596 1334 y(IBM,)22 b(this)j(is)f(also)
g(a)f(mail)h(transport)g(agent)f(written)h(fr)o(om)g(the)g(gr)o(ound)f
(up)h(with)h(security)e(in)596 1425 y(mind.)e(Y)-8 b(ou)21
b(can)g(\002nd)g(mor)o(e)f(information)i(about)f(post\002x)g(at)f
(http://www)-8 b(.post\002x.or)o(g)3462 1392 y Ff(66)596
1733 y Fn(Denial)25 b(of)h(Ser)q(vice)e(Attac)n(ks)596
1870 y Fm(A)i("Denial)h(of)f(Service")g(\(DoS\))g(attack)g(is)h(one)g
(wher)o(e)f(the)h(attacker)f(tries)g(to)h(make)g(some)g(r)o(e-)596
1961 y(sour)o(ce)d(too)i(busy)g(to)g(answer)f(legitimate)g(r)o
(equests,)g(or)h(to)g(deny)f(legitimate)g(users)h(access)f(to)596
2053 y(your)c(machine.)596 2185 y(Denial)30 b(of)g(service)f(attacks)h
(have)f(incr)o(eased)g(gr)o(eatly)g(in)i(r)o(ecent)e(years.)g(Some)h
(of)g(the)g(mor)o(e)596 2277 y(popular)24 b(and)g(r)o(ecent)g(ones)i
(ar)o(e)d(listed)i(below)-8 b(.)25 b(Note)g(that)g(new)g(ones)h(show)g
(up)e(all)h(the)g(time,)596 2368 y(so)f(this)h(is)f(just)h(a)e(few)h
(examples.)f(Read)g(the)h(Linux)h(security)f(lists)g(and)g(the)g
(bugtraq)g(list)g(and)596 2459 y(ar)o(chives)19 b(for)i(mor)o(e)f(curr)
o(ent)g(information.)p Black 596 2717 a Fh(\225)p Black
74 w Fj(SYN)31 b(Flooding)f Fm(-)h(SYN)g(\003ooding)h(is)g(a)e(network)
i(denial)f(of)g(service)f(attack.)g(It)h(takes)g(ad-)679
2808 y(vantage)21 b(of)h(a)g("loophole")i(in)e(the)h(way)f(TCP)g
(connections)i(ar)o(e)d(cr)o(eated.)f(The)j(newer)f(Linux)679
2899 y(kernels)31 b(\(2.0.30)e(and)i(up\))g(have)h(several)e
(con\002gurable)i(options)h(to)f(pr)o(event)f(SYN)g(\003ood)679
2991 y(attacks)c(fr)o(om)i(denying)g(people)f(access)g(to)h(your)g
(machine)g(or)f(services.)g(See)p 0 TeXcolorgray 28 w(the)h(Section)679
3082 y(called)19 b Fj(Kernel)k(Security)p Black 20 w
Fm(for)e(pr)o(oper)f(kernel)g(pr)o(otection)h(options.)p
Black 596 3215 a Fh(\225)p Black 70 w Fj(Pentium)27 b("F00F")e(Bug)i
Fm(-)g(It)g(was)g(r)o(ecently)g(discover)o(ed)f(that)h(a)f(series)h(of)
h(assembly)f(codes)679 3306 y(sent)e(to)g(a)f(genuine)i(Intel)f
(Pentium)g(pr)o(ocessor)g(would)g(r)o(eboot)g(the)g(machine.)f(This)i
(af)o(fects)679 3398 y(every)e(machine)i(with)g(a)e(Pentium)i(pr)o
(ocessor)f(\(not)h(clones,)f(not)h(Pentium)g(Pr)o(o)f(or)h(PII\),)e(no)
679 3489 y(matter)g(what)g(operating)h(system)g(it's)g(r)o(unning.)h
(Linux)f(kernels)f(2.0.32)f(and)h(up)g(contain)h(a)679
3580 y(work)e(ar)o(ound)g(for)g(this)h(bug,)f(pr)o(eventing)g(it)h(fr)o
(om)f(locking)h(your)g(machine.)f(Kernel)g(2.0.33)679
3671 y(has)g(an)g(impr)o(oved)g(version)h(of)f(the)h(kernel)f(\002x,)g
(and)g(is)h(suggested)g(over)f(2.0.32.)d(If)j(you)h(ar)o(e)679
3763 y(r)o(unning)e(on)f(a)f(Pentium,)i(you)f(should)h(upgrade)d(now!)p
Black 596 3896 a Fh(\225)p Black 68 w Fj(Ping)25 b(Flooding)f
Fm(-)h(Ping)h(\003ooding)h(is)f(a)e(simple)i(br)o(ute-for)o(ce)e
(denial)h(of)g(service)g(attack.)f(The)679 3987 y(attacker)i(sends)h(a)
g("\003ood")h(of)g(ICMP)f(packets)g(to)h(your)g(machine.)f(If)g(they)h
(ar)o(e)e(doing)i(this)679 4078 y(fr)o(om)j(a)g(host)i(with)f(better)f
(bandwidth)h(than)g(yours,)g(your)g(machine)f(will)i(be)e(unable)h(to)
679 4170 y(send)21 b(anything)h(on)f(the)h(network.)f(A)g(variation)g
(on)g(this)h(attack,)e(called)g("smur\002ng",)i(sends)679
4261 y(ICMP)34 b(packets)g(to)i(a)e(host)i(with)g Fj(your)f
Fm(machine's)g(r)o(eturn)f(IP)-11 b(,)35 b(allowing)h(them)g(to)f
(\003ood)679 4352 y(you)e(less)h(detectably)-9 b(.)31
b(Y)-8 b(ou)35 b(can)e(\002nd)g(mor)o(e)g(information)h(about)f(the)g
("smurf")g(attack)f(at)699 4444 y(http://www)-8 b(.quadr)o(unner)i
(.com/~chuegen/smurf.txt)2598 4410 y Ff(67)679 4576 y
Fm(If)30 b(you)i(ar)o(e)e(ever)g(under)h(a)g(ping)g(\003ood)h(attack,)e
(use)i(a)e(tool)i(like)g Fi(tcpdump)e Fm(to)h(determine)679
4668 y(wher)o(e)d(the)h(packets)f(ar)o(e)g(coming)i(fr)o(om)e(\(or)h
(appear)e(to)i(be)g(coming)h(fr)o(om\),)e(then)h(contact)679
4759 y(your)20 b(pr)o(ovider)g(with)h(this)g(information.)g(Ping)h
(\003oods)f(can)f(most)i(easily)e(be)g(stopped)h(at)f(the)679
4850 y(r)o(outer)g(level)g(or)h(by)g(using)g(a)g(\002r)o(ewall.)p
Black 596 5116 a Fh(\225)p Black 60 w Fj(Ping)c(o')h(Death)f
Fm(-)g(The)h(Ping)g(o')g(Death)g(attack)f(sends)h(ICMP)f(ECHO)h
(REQUEST)f(packets)g(that)679 5207 y(ar)o(e)28 b(too)i(lar)o(ge)f(to)h
(\002t)g(in)g(the)g(kernel)f(data)g(str)o(uctur)o(es)g(intended)h(to)g
(stor)o(e)f(them.)h(Because)679 5299 y(sending)i(a)f(single,)i(lar)o
(ge)d(\(65,510)f(bytes\))j("ping")g(packet)f(to)h(many)g(systems)h
(will)g(cause)679 5390 y(them)21 b(to)g(hang)g(or)f(even)h(crash,)f
(this)h(pr)o(oblem)f(was)h(quickly)h(dubbed)d(the)i("Ping)g(o')g
(Death.")679 5481 y(This)g(one)g(has)g(long)h(been)e(\002xed,)g(and)g
(is)i(no)f(longer)g(anything)h(to)f(worry)g(about.)p
Black 197 5585 a Fj(32)p Black eop
%%Page: 33 33
33 32 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black Black 596 89 a Fh(\225)p
Black 73 w Fj(T)-9 b(eardr)o(op)29 b(/)h(New)h(T)-9 b(ear)30
b Fm(-)g(One)h(of)f(the)h(most)g(r)o(ecent)f(exploits)h(involves)g(a)f
(bug)h(pr)o(esent)e(in)679 180 y(the)d(IP)f(fragmentation)h(code)g(on)g
(Linux)g(and)g(W)-5 b(indows)27 b(platforms.)e(It)h(is)g(\002xed)g(in)g
(kernel)679 272 y(version)g(2.0.33,)e(and)h(does)i(not)g(r)o(equir)o(e)
e(selecting)h(any)g(kernel)g(compile-time)h(options)h(to)679
363 y(utilize)20 b(the)h(\002x.)g(Linux)g(is)g(appar)o(ently)e(not)i
(vulnerable)g(to)g(the)g("newtear")e(exploit.)596 496
y(Y)-8 b(ou)29 b(can)g(\002nd)g(code)f(for)h(most)g(exploits,)g(and)f
(a)g(mor)o(e)h(in-depth)f(description)h(of)g(how)h(they)596
587 y(work,)21 b(at)f(http://www)-8 b(.r)o(ootshell.com)23
b(using)f(their)f(sear)o(ch)e(engine.)596 895 y Fn(NFS)25
b(\(Netw)n(ork)g(File)h(System\))f(Security)-7 b(.)596
1032 y Fm(NFS)23 b(is)i(a)f(very)g(widely-used)f(\002le)i(sharing)f(pr)
o(otocol.)h(It)f(allows)h(servers)e(r)o(unning)j Fi(nfsd)d
Fm(and)596 1124 y Fi(mountd)15 b Fm(to)h("export")g(entir)o(e)f(\002le)
i(systems)g(to)f(other)h(machines)g(using)g(NFS)f(\002lesystem)h
(support)596 1215 y(built)i(in)h(to)g(their)g(kernels)f(\(or)h(some)g
(other)g(client)f(support)h(if)f(they)h(ar)o(e)e(not)i(Linux)g
(machines\).)596 1306 y Fi(mountd)15 b Fm(keeps)i(track)f(of)h(mounted)
g(\002le)g(systems)g(in)h Fi(/etc/mtab)p Fm(,)d(and)h(can)g(display)h
(them)g(with)596 1398 y Fi(showmount)p Fm(.)596 1530
y(Many)25 b(sites)i(use)f(NFS)g(to)h(serve)e(home)i(dir)o(ectories)f
(to)g(users,)g(so)h(that)f(no)h(matter)f(what)g(ma-)596
1622 y(chine)21 b(in)g(the)g(cluster)f(they)i(login)f(to,)g(they)g
(will)h(have)e(all)h(their)g(home)g(\002les.)596 1755
y(Ther)o(e)26 b(is)i(some)g(small)f(amount)h(of)g(security)f(allowed)h
(in)f(exporting)h(\002le)g(systems.)g(Y)-8 b(ou)28 b(can)596
1846 y(make)21 b(your)g Fi(nfsd)g Fm(map)g(the)g(r)o(emote)g(r)o(oot)g
(user)g(\(uid=0\))g(to)g(the)h Fi(nobody)e Fm(user)-6
b(,)21 b(denying)g(them)596 1937 y(total)e(access)f(to)h(the)g(\002les)
h(exported.)d(However)-6 b(,)19 b(since)g(individual)g(users)g(have)f
(access)h(to)g(their)596 2028 y(own)25 b(\(or)g(at)f(least)g(the)h
(same)f(uid\))h(\002les,)g(the)f(r)o(emote)h(r)o(oot)f(user)h(can)f
(login)i(or)f Fi(su)f Fm(to)h(their)g(ac-)596 2120 y(count)20
b(and)f(have)g(total)g(access)g(to)h(their)f(\002les.)h(This)g(is)g
(only)g(a)f(small)h(hindrance)f(to)h(an)f(attacker)596
2211 y(that)h(has)h(access)f(to)h(mount)h(your)f(r)o(emote)g(\002le)f
(systems.)596 2344 y(If)25 b(you)i(must)g(use)f(NFS,)g(make)g(sur)o(e)f
(you)i(export)f(to)g(only)i(those)e(machines)h(that)f(you)h(r)o(eally)
596 2435 y(need)21 b(to.)g(Never)g(export)h(your)g(entir)o(e)e(r)o(oot)
i(dir)o(ectory;)f(export)g(only)h(dir)o(ectories)f(you)h(need)g(to)596
2527 y(export.)596 2659 y(See)94 b(the)i(NFS)f(HOWT)o(O)g(for)h(mor)o
(e)f(information)h(on)g(NFS,)f(available)f(at)596 2751
y(http://metalab.unc.edu/mdw/HOWT)o(O/NFS-HOWT)o(O.html)596
3059 y Fn(NIS)25 b(\(Netw)n(ork)g(Inf)n(ormation)h(Ser)q(vice\))f(\(f)n
(ormerl)o(y)g(YP\).)596 3196 y Fm(Network)k(Information)h(service)f
(\(formerly)g(YP\))h(is)f(a)g(means)h(of)f(distributing)h(information)
596 3287 y(to)d(a)h(gr)o(oup)f(of)g(machines.)h(The)g(NIS)f(master)g
(holds)h(the)g(information)g(tables)g(and)f(converts)596
3378 y(them)19 b(into)i(NIS)e(map)g(\002les.)g(These)h(maps)f(ar)o(e)f
(then)i(served)e(over)i(the)f(network,)h(allowing)g(NIS)596
3470 y(client)32 b(machines)i(to)f(get)f(login,)i(passwor)o(d,)d(home)j
(dir)o(ectory)e(and)g(shell)h(information)g(\(all)596
3561 y(the)28 b(information)i(in)f(a)f(standar)o(d)f
Fi(/etc/passwd)f Fm(\002le\).)j(This)g(allows)g(users)f(to)h(change)g
(their)596 3652 y(passwor)o(d)20 b(once)h(and)f(have)g(it)h(take)g(ef)o
(fect)e(on)i(all)g(the)f(machines)i(in)f(the)g(NIS)f(domain.)596
3785 y(NIS)c(is)i(not)g(at)e(all)h(secur)o(e.)f(It)h(was)h(never)e
(meant)h(to)h(be.)f(It)g(was)g(meant)g(to)h(be)e(handy)i(and)e(useful.)
596 3877 y(Anyone)23 b(that)g(can)g(guess)g(the)h(name)f(of)g(your)g
(NIS)g(domain)g(\(anywher)o(e)f(on)i(the)f(net\))g(can)g(get)596
3968 y(a)18 b(copy)i(of)f(your)h(passwd)f(\002le,)g(and)g(use)h
("crack")e(and)h("John)g(the)h(Ripper")f(against)g(your)h(users')596
4059 y(passwor)o(ds.)28 b(Also,)h(it)g(is)h(possible)f(to)h(spoof)f
(NIS)f(and)h(do)g(all)g(sorts)h(of)f(nasty)g(tricks.)g(If)f(you)596
4151 y(must)21 b(use)g(NIS,)f(make)g(sur)o(e)g(you)i(ar)o(e)d(awar)o(e)
g(of)i(the)g(dangers.)596 4283 y(Ther)o(e)133 b(is)i(a)f(much)h(mor)o
(e)f(secur)o(e)g(r)o(eplacement)f(for)h(NIS,)g(called)596
4375 y(NIS+.)147 b(Check)h(out)g(the)g(NIS)f(HOWT)o(O)h(for)g(mor)o(e)f
(information:)596 4466 y(http://metalab.unc.edu/mdw/HOWT)o(O/NIS-HOWT)o
(O.html)596 4774 y Fn(Fire)o(walls)596 4911 y Fm(Fir)o(ewalls)17
b(ar)o(e)g(a)g(means)i(of)f(contr)o(olling)h(what)f(information)h(is)g
(allowed)e(into)i(and)f(out)h(of)f(your)596 5002 y(local)23
b(network.)g(T)-7 b(ypically)23 b(the)g(\002r)o(ewall)g(host)h(is)f
(connected)h(to)f(the)g(Internet)h(and)e(your)i(local)596
5094 y(LAN,)18 b(and)h(the)h(only)g(access)f(fr)o(om)g(your)h(LAN)f(to)
h(the)g(Internet)f(is)h(thr)o(ough)g(the)g(\002r)o(ewall.)e(This)596
5185 y(way)24 b(the)g(\002r)o(ewall)f(can)h(contr)o(ol)g(what)h(passes)
e(back)h(and)g(forth)g(fr)o(om)g(the)g(Internet)g(and)g(your)596
5276 y(LAN.)p Black 3601 5585 a Fj(33)p Black eop
%%Page: 34 34
34 33 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fm(Ther)o(e)f(ar)o(e)h(a)g
(number)h(of)f(types)h(of)g(\002r)o(ewalls)f(and)g(methods)i(of)f
(setting)g(them)g(up.)g(Linux)f(ma-)596 180 y(chines)d(make)f(pr)o
(etty)g(good)h(\002r)o(ewalls.)f(Fir)o(ewall)g(code)g(can)g(be)h(built)
f(right)i(into)f(2.0)e(and)h(higher)596 272 y(kernels.)26
b(The)g(user)o(-space)e(tools)j Fi(ipfwadm)e Fm(for)h(2.0)f(kernels)h
(and)g Fi(ipchains)e Fm(for)i(2.2)f(kernels,)596 363
y(allows)d(you)h(to)f(change,)g(on)g(the)g(\003y)-9 b(,)23
b(the)f(types)g(of)g(network)g(traf)o(\002c)f(you)h(allow)-8
b(.)23 b(Y)-8 b(ou)23 b(can)f(also)596 454 y(log)f(particular)e(types)i
(of)g(network)g(traf)o(\002c.)596 587 y(Fir)o(ewalls)e(ar)o(e)f(a)h
(very)g(useful)g(and)h(important)g(technique)g(in)g(securing)g(your)g
(network.)g(How-)596 679 y(ever)-6 b(,)33 b(never)h(think)i(that)e
(because)g(you)h(have)f(a)g(\002r)o(ewall,)g(you)h(don't)g(need)f(to)h
(secur)o(e)f(the)596 770 y(machines)h(behind)h(it.)f(This)h(is)f(a)g
(fatal)f(mistake.)h(Check)h(out)f(the)h(very)f(good)g
Fi(Firewall-)596 861 y(HOWTO)27 b Fm(at)i(your)g(latest)f(metalab)g(ar)
o(chive)g(for)g(mor)o(e)h(information)g(on)h(\002r)o(ewalls)e(and)g
(Linux.)596 953 y(http://metalab.unc.edu/mdw/HOWT)o(O/Fir)o(ewall-HOWT)
o(O.html)596 1085 y(Mor)o(e)73 b(information)j(can)e(also)h(be)f(found)
h(in)g(the)g(IP-Masquerade)d(mini-howto:)596 1177 y
(http://metalab.unc.edu/mdw/HOWT)o(O/mini/IP-Masquerade.html)596
1310 y(Mor)o(e)17 b(information)i(on)g Fi(ipfwadm)e Fm(\(the)h(tool)i
(that)e(lets)h(you)g(change)f(settings)h(on)g(your)g(\002r)o(ewall,)596
1401 y(can)h(be)g(found)h(at)g(it's)g(home)g(page:)f(http://www)-8
b(.xos.nl/linux/ipfwadm/)596 1534 y(If)21 b(you)i(have)f(no)g
(experience)f(with)i(\002r)o(ewalls,)f(and)f(plan)h(to)h(set)f(up)g
(one)h(for)e(mor)o(e)h(than)h(just)f(a)596 1625 y(simple)f(security)h
(policy)-9 b(,)21 b(the)h(Fir)o(ewalls)f(book)h(by)g(O'Reilly)g(and)f
(Associates)h(or)f(other)h(online)596 1716 y(\002r)o(ewall)i(document)i
(is)g(mandatory)f(r)o(eading.)g(Check)g(out)h(http://www)-8
b(.ora.com)27 b(for)e(mor)o(e)596 1808 y(information.)g(The)f(National)
h(Institute)g(of)g(Standar)o(ds)d(and)j(T)-8 b(echnology)26
b(have)e(put)h(together)596 1899 y(an)g(excellent)h(document)h(on)g
(\002r)o(ewalls.)e(Although)i(dated)e(1995,)f(it)i(is)h(still)g(quite)f
(good.)h(Y)-8 b(ou)596 1990 y(can)20 b(\002nd)h(it)g(at)f(http://csr)o
(c.nist.gov/nistpubs/800-10/main.html.)h(Also)g(of)g(inter)o(est:)p
Black 596 2248 a Fh(\225)p Black 94 w Fm(The)51 b(Fr)o(ee\002r)o(e)f
(Pr)o(oject)h(--)f(a)h(list)h(of)f(fr)o(eely-available)e(\002r)o(ewall)
h(tools,)i(available)e(at)679 2339 y
(http://sites.inka.de/sites/lina/fr)o(ee\002r)o(e-l/index_en.html)p
Black 596 2472 a Fh(\225)p Black 76 w Fm(SunW)-8 b(orld)34
b(Fir)o(ewall)f(Design)i(--)e(written)h(by)f(the)h(authors)g(of)g(the)f
(O'Reilly)i(book,)f(this)679 2563 y(pr)o(ovides)40 b(a)g(r)o(ough)h
(intr)o(oduction)g(to)g(the)g(dif)o(fer)o(ent)d(\002r)o(ewall)j(types.)
f(It's)h(available)e(at)679 2654 y(http://www)-8 b
(.sunworld.com/swol-01-1996/swol-01-\002r)o(ewall.html)p
Black 596 2787 a Fh(\225)p Black 74 w Fm(Mason)31 b(-)g(the)g
(automated)g(\002r)o(ewall)f(builder)h(for)g(Linux.)g(This)h(is)f(a)g
(\002r)o(ewall)g(script)g(that)679 2879 y(learns)40 b(as)g(you)h(do)f
(the)h(things)h(you)f(need)f(to)h(do)f(on)h(your)g(network!)g(Mor)o(e)f
(info)h(at:)679 2970 y(http://www)-8 b(.pobox.com/~wstearns/mason/)596
3411 y Fn(IP)25 b(Chains)g(-)h(Lin)o(ux)f(K)o(ernel)f(2.2.x)i(Fire)o
(walling)596 3548 y Fm(Linux)20 b(IP)h(Fir)o(ewalling)f(Chains)h(is)g
(an)f(update)g(to)g(the)h(2.0)e(Linux)i(\002r)o(ewalling)f(code)g(for)h
(the)f(2.2)596 3639 y(kernel.)g(It)h(has)g(many)g(mor)o(e)f(featur)o
(es)f(than)i(pr)o(evious)g(implementations,)g(including:)p
Black 596 3855 a Fh(\225)p Black 63 w Fm(Mor)o(e)f(\003exible)h(packet)
f(manipulations)p Black 596 3988 a Fh(\225)p Black 63
w Fm(Mor)o(e)g(complex)h(accounting)p Black 596 4121
a Fh(\225)p Black 63 w Fm(Simple)g(policy)g(changes)g(possible)h
(atomically)p Black 596 4253 a Fh(\225)p Black 63 w Fm(Fragments)f(can)
g(be)f(explicitly)h(blocked,)g(denied,)f(etc.)p Black
596 4386 a Fh(\225)p Black 63 w Fm(Logs)h(suspicious)h(packets.)p
Black 596 4519 a Fh(\225)p Black 63 w Fm(Can)f(handle)f(pr)o(otocols)i
(other)f(than)g(ICMP/TCP/UDP)-11 b(.)596 4652 y(If)25
b(you)h(ar)o(e)e(curr)o(ently)h(using)i Fi(ipfwadm)d
Fm(on)j(your)f(2.0)e(kernel,)h(ther)o(e)g(ar)o(e)f(scripts)i(available)
f(to)596 4743 y(convert)20 b(the)h Fi(ipfwadm)f Fm(command)h(format)f
(to)h(the)g(format)g Fi(ipchains)e Fm(uses.)596 4876
y(Be)34 b(sur)o(e)g(to)h(r)o(ead)f(the)h(IP)g(Chains)g(HOWT)o(O)g(for)g
(further)f(information.)i(It)f(is)g(available)e(at)596
4967 y(http://www)-8 b(.adelaide.net.au/~r)o
(ustcorp/ipfwchains/ipfwchains.html)p Black 197 5585
a Fj(34)p Black eop
%%Page: 35 35
35 34 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fn(Net\002lter)k(-)h(Lin)o(ux)f
(K)o(ernel)f(2.4.x)h(Fire)o(walling)596 226 y Fm(In)30
b(yet)h(another)g(set)g(of)f(advancements)g(to)h(the)g(kernel)g(IP)f
(packet)g(\002ltering)i(code,)e(net\002lter)596 317 y(allows)22
b(users)g(to)h(set)f(up,)f(maintain,)i(and)e(inspect)i(the)f(packet)f
(\002ltering)i(r)o(ules)f(in)h(the)f(new)g(2.4)596 409
y(kernel.)596 542 y(The)f(net\002lter)i(subsystem)f(is)h(a)e(complete)h
(r)o(ewrite)f(of)h(pr)o(evious)g(packet)f(\002ltering)i(implemen-)596
633 y(tations)31 b(including)g(ipchains)g(and)f(ipfwadm.)g(Net\002lter)
g(pr)o(ovides)g(a)f(lar)o(ge)h(number)g(of)h(im-)596
724 y(pr)o(ovements,)d(and)g(it)h(has)f(now)i(become)e(an)h(even)f(mor)
o(e)h(matur)o(e)e(and)h(r)o(obust)h(solution)h(for)596
816 y(pr)o(otecting)20 b(corporate)g(networks.)596 1022
y Fi(iptables)596 1197 y Fm(is)k(the)f(command-line)i(interface)d(used)
i(to)g(manipulate)f(the)h(\002r)o(ewall)f(tables)g(within)i(the)f(ker)o
(-)596 1288 y(nel.)596 1421 y(Net\002lter)44 b(pr)o(ovides)g(a)g(raw)g
(framework)h(for)f(manipulating)i(packets)e(as)g(they)h(traverse)596
1512 y(thr)o(ough)35 b(various)f(parts)h(of)f(the)h(kernel.)g(Part)f
(of)h(this)g(framework)f(includes)h(support)g(for)596
1603 y(masquerading,)25 b(standar)o(d)g(packet)g(\002ltering,)h(and)g
(now)h(mor)o(e)f(complete)g(network)h(addr)o(ess)596
1695 y(translation.)37 b(It)f(even)h(includes)g(impr)o(oved)f(support)h
(for)g(load)f(balancing)h(r)o(equests)g(for)f(a)596 1786
y(particular)19 b(service)h(among)i(a)e(gr)o(oup)g(of)h(servers)f
(behind)h(the)g(\002r)o(ewall.)596 1919 y(The)f(stateful)h(inspection)h
(featur)o(es)d(ar)o(e)h(especially)g(powerful.)h(Stateful)f(inspection)
i(pr)o(ovides)596 2010 y(the)f(ability)g(to)h(track)e(and)h(contr)o(ol)
h(the)f(\003ow)h(of)g(communication)g(passing)g(thr)o(ough)g(the)f
(\002lter)-6 b(.)596 2102 y(The)18 b(ability)h(to)g(keep)g(track)f(of)h
(state)f(and)g(context)h(information)h(about)f(a)f(session)i(makes)f(r)
o(ules)596 2193 y(simpler)i(and)f(tries)h(to)g(interpr)o(et)f(higher)o
(-level)g(pr)o(otocols.)596 2326 y(Additionally)-9 b(,)27
b(small)g(modules)h(can)f(be)h(developed)e(to)i(perform)f(additional)g
(speci\002c)g(func-)596 2417 y(tions,)33 b(such)g(as)f(passing)h
(packets)f(to)h(pr)o(ograms)e(in)i(userspace)f(for)g(pr)o(ocessing)h
(then)g(r)o(ein-)596 2508 y(jecting)c(back)f(into)h(the)g(normal)g
(packet)f(\003ow)-8 b(.)30 b(The)f(ability)f(to)h(develop)g(these)f(pr)
o(ograms)g(in)596 2600 y(userspace)c(r)o(educes)g(the)h(level)g(of)g
(complexity)h(that)f(was)h(pr)o(eviously)f(associated)g(with)h(hav-)596
2691 y(ing)21 b(to)g(make)g(changes)f(dir)o(ectly)g(at)h(the)g(kernel)f
(level.)596 2824 y(Other)g(IP)h(T)-8 b(ables)21 b(r)o(efer)o(ences)d
(include:)p Black 596 3081 a Fh(\225)p Black 66 w Fj(Oskar)24
b(Andr)o(easson)g(IP)f(T)-9 b(ables)24 b(T)-9 b(utorial)1946
3048 y Fa(80)2019 3081 y Fm(--)23 b(Oskar)g(Andr)o(easson)g(speaks)g
(with)i(LinuxSecu-)679 3173 y(rity)-9 b(.com)19 b(about)g(his)h(compr)o
(ehensive)f(IP)g(T)-8 b(ables)19 b(tutorial)g(and)g(how)h(this)g
(document)f(can)g(be)679 3264 y(used)h(to)h(build)g(a)f(r)o(obust)h
(\002r)o(ewall)f(for)g(your)i(or)o(ganization.)p Black
596 3397 a Fh(\225)p Black 62 w Fj(Hal)e(Bur)o(giss)g(Intr)o(oduces)f
(Linux)h(Security)f(Quick-Start)g(Guides)2678 3363 y
Fa(81)2748 3397 y Fm(--)g(Hal)h(Bur)o(giss)g(has)g(written)679
3488 y(two)h(authoritative)f(guides)h(on)h(securing)f(Linux,)f
(including)i(managing)f(\002r)o(ewalling.)p Black 596
3621 a Fh(\225)p Black 63 w Fj(Net\002lter)g(Homepage)1356
3588 y Fa(82)1425 3621 y Fm(--)f(The)h(net\002lter/iptables)f
(homepage.)p Black 596 3754 a Fh(\225)p Black 63 w Fj(Linux)h(Kernel)i
(2.4)c(Fir)o(ewalling)i(Matur)o(es:)g(net\002lter)2288
3720 y Fa(83)2359 3754 y Fm(--)f(This)h(LinuxSecurity)-9
b(.com)21 b(article)f(de-)679 3845 y(scribes)g(the)h(basics)g(of)g
(packet)f(\002ltering,)h(how)h(to)g(get)e(started)g(using)i(iptables,)f
(and)f(a)g(list)i(of)679 3936 y(the)e(new)i(featur)o(es)d(available)g
(in)i(the)g(latest)g(generation)g(of)f(\002r)o(ewalling)h(for)g(Linux.)
596 4377 y Fn(VPNs)j(-)i(Vir)r(tual)g(Priv)n(ate)f(Netw)n(orks)596
4514 y Fm(VPN's)32 b(ar)o(e)e(a)i(way)g(to)g(establish)g(a)g("virtual")
f(network)h(on)h(top)f(of)g(some)g(alr)o(eady-existing)596
4605 y(network.)21 b(This)i(virtual)e(network)h(often)g(is)f(encrypted)
g(and)g(passes)h(traf)o(\002c)e(only)i(to)g(and)f(fr)o(om)596
4697 y(some)26 b(known)h(entities)f(that)g(have)f(joined)h(the)g
(network.)g(VPNs)g(ar)o(e)e(often)i(used)f(to)h(connect)596
4788 y(someone)21 b(working)h(at)f(home)g(over)g(the)f(public)h
(Internet)g(to)g(an)g(internal)g(company)g(network.)596
4921 y(If)26 b(you)i(ar)o(e)d(r)o(unning)k(a)d(Linux)i(masquerading)f
(\002r)o(ewall)f(and)h(need)f(to)i(pass)e(MS)h(PPTP)g(\(Mi-)596
5012 y(cr)o(osoft's)18 b(VPN)h(point-to-point)g(pr)o(oduct\))f
(packets,)f(ther)o(e)h(is)h(a)f(Linux)g(kernel)h(patch)f(out)h(to)g(do)
596 5104 y(just)i(that.)f(See:)g(ip-masq-vpn)1569 5070
y Ff(84)1619 5104 y Fm(.)596 5236 y(Ther)o(e)f(ar)o(e)h(several)g
(Linux)g(VPN)h(solutions)i(available:)p Black 596 5452
a Fh(\225)p Black 63 w Fm(vpnd.)e(See)f(the)g(http://sunsite.dk/vpnd/.)
p Black 3601 5585 a Fj(35)p Black eop
%%Page: 36 36
36 35 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black Black 596 89 a Fh(\225)p
Black 63 w Fm(Fr)o(ee)f(S/W)-8 b(an,)21 b(available)e(at)h(http://www)
-8 b(.xs4all.nl/~fr)o(eeswan/)p Black 596 222 a Fh(\225)p
Black 59 w Fm(ssh)16 b(can)g(be)g(used)g(to)g(constr)o(uct)h(a)f(VPN.)g
(See)f(the)h(VPN)h(mini-howto)h(for)d(mor)o(e)h(information.)p
Black 596 355 a Fh(\225)p Black 63 w Fm(vps)21 b(\(virtual)f(private)g
(server\))g(at)g(http://www)-8 b(.str)o(ongcrypto.com.)p
Black 596 488 a Fh(\225)p Black 63 w Fm(yawipin)21 b(at)g
(http://yavipin.sour)o(cefor)o(ge.net)2254 454 y Ff(88)596
753 y Fm(See)e(also)i(the)g(section)h(on)f(IPSEC)f(for)h(pointers)g
(and)f(mor)o(e)h(information.)197 1154 y Fk(Security)28
b(Preparation)h(\(bef)n(ore)h(y)m(ou)f(go)g(on-line\))596
1296 y Fm(Ok,)20 b(so)g(you)h(have)f(checked)f(over)h(your)g(system,)h
(and)e(determined)h(it's)g(as)g(secur)o(e)f(as)h(feasible,)596
1387 y(and)f(you'r)o(e)h(r)o(eady)f(to)i(put)f(it)g(online.)i(Ther)o(e)
d(ar)o(e)g(a)g(few)h(things)i(you)f(should)g(now)g(do)f(in)h(or)o(der)
596 1479 y(to)h(pr)o(epar)o(e)e(for)j(an)f(intr)o(usion,)i(so)f(you)g
(can)g(quickly)g(disable)f(the)h(intr)o(uder)-6 b(,)22
b(and)g(get)h(back)f(up)596 1570 y(and)e(r)o(unning.)596
1822 y Fn(Make)k(a)h(Full)h(Bac)n(kup)f(of)g(Y)-9 b(our)25
b(Mac)o(hine)596 1959 y Fm(Discussion)20 b(of)e(backup)f(methods)i(and)
f(storage)g(is)h(beyond)f(the)h(scope)f(of)g(this)h(document,)g(but)596
2050 y(her)o(e)g(ar)o(e)h(a)g(few)g(wor)o(ds)h(r)o(elating)f(to)h
(backups)g(and)f(security:)596 2183 y(If)g(you)i(have)e(less)h(than)g
(650mb)f(of)h(data)f(to)h(stor)o(e)f(on)i(a)e(partition,)h(a)g(CD-R)g
(copy)g(of)g(your)g(data)596 2274 y(is)e(a)g(good)h(way)g(to)g(go)g
(\(as)f(it's)h(har)o(d)e(to)i(tamper)f(with)h(later)-6
b(,)19 b(and)g(if)g(stor)o(ed)g(pr)o(operly)g(can)g(last)g(a)596
2366 y(long)i(time\),)f(you)h(will)g(of)g(course)f(need)g(at)g(least)g
(650MB)f(of)h(space)g(to)g(make)h(the)f(image.)g(T)-8
b(apes)596 2457 y(and)31 b(other)h(r)o(e-writable)e(media)i(should)g
(be)g(write-pr)o(otected)e(as)i(soon)h(as)e(your)h(backup)g(is)596
2548 y(complete,)18 b(and)g(then)h(veri\002ed)f(to)g(pr)o(event)g
(tampering.)g(Make)g(sur)o(e)f(you)i(stor)o(e)g(your)f(backups)596
2640 y(in)30 b(a)f(secur)o(e)g(of)o(f-line)g(ar)o(ea.)e(A)j(good)g
(backup)f(will)i(ensur)o(e)e(that)g(you)i(have)e(a)g(known)i(good)596
2731 y(point)21 b(to)g(r)o(estor)o(e)f(your)h(system)g(fr)o(om.)596
3039 y Fn(Choosing)j(a)h(Good)g(Bac)n(kup)f(Sc)o(hedule)596
3176 y Fm(A)k(six-tape)g(cycle)g(is)h(easy)g(to)g(maintain.)g(This)g
(includes)g(four)g(tapes)f(for)g(during)h(the)g(week,)596
3267 y(one)j(tape)e(for)i(even)f(Fridays,)g(and)g(one)h(tape)f(for)g
(odd)h(Fridays.)f(Perform)g(an)g(incr)o(emental)596 3359
y(backup)e(every)h(day)-9 b(,)29 b(and)h(a)g(full)g(backup)g(on)h(the)f
(appr)o(opriate)e(Friday)i(tape.)f(If)h(you)h(make)596
3450 y(some)24 b(particularly)f(important)i(changes)f(or)g(add)f(some)h
(important)h(data)d(to)j(your)f(system,)g(a)596 3541
y(full)c(backup)g(might)i(well)f(be)g(in)g(or)o(der)-6
b(.)596 3849 y Fn(T)h(esting)24 b(y)n(our)g(bac)n(kups)596
3986 y Fm(Y)-8 b(ou)23 b(should)h(do)f(periodic)f(tests)h(of)g(your)g
(backups)f(to)h(make)g(sur)o(e)f(they)h(ar)o(e)e(working)j(as)e(you)596
4078 y(might)j(expect)e(them)i(to.)f(Restor)o(es)h(of)f(\002les)g(and)g
(checking)h(against)f(the)h(r)o(eal)e(data,)f(sizes)i(and)596
4169 y(listings)e(of)e(backups,)h(and)f(r)o(eading)g(old)h(backups)f
(should)h(be)g(done)g(on)g(a)f(r)o(egular)g(basis.)596
4477 y Fn(Bac)n(kup)k(Y)-9 b(our)24 b(RPM)i(or)e(Debian)h(File)h
(Database)596 4614 y Fm(In)31 b(the)g(event)f(of)h(an)f(intr)o(usion,)j
(you)e(can)f(use)h(your)g(RPM)g(database)e(like)i(you)h(would)f(use)596
4705 y Fi(tripwire)p Fm(,)22 b(but)i(only)i(if)e(you)g(can)g(be)g(sur)o
(e)g(it)g(too)h(hasn't)g(been)f(modi\002ed.)g(Y)-8 b(ou)26
b(should)f(copy)596 4797 y(the)j(RPM)g(database)f(to)i(a)f(\003oppy)-9
b(,)28 b(and)g(keep)g(this)h(copy)g(of)o(f-line)e(at)h(all)g(times.)h
(The)f(Debian)596 4888 y(distribution)21 b(likely)h(has)e(something)j
(similar)-6 b(.)596 5021 y(The)38 b(\002les)h Fi
(/var/lib/rpm/fileindex.rpm)34 b Fm(and)k Fi(/var/lib/rpm/packages.rpm)
c Fm(most)596 5112 y(likely)27 b(won't)i(\002t)f(on)g(a)f(single)h
(\003oppy)-9 b(.)27 b(But)h(if)f(compr)o(essed,)f(each)h(should)i
(\002t)e(on)h(a)f(seperate)596 5203 y(\003oppy)-9 b(.)596
5336 y(Now)h(,)21 b(when)g(your)g(system)h(is)f(compr)o(omised,)g(you)g
(can)f(use)h(the)g(command:)p Black 197 5585 a Fj(36)p
Black eop
%%Page: 37 37
37 36 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 730 89 a Fi(root#)89 b(rpm)44
b(-Va)596 263 y Fm(to)32 b(verify)g(each)g(\002le)h(on)g(the)f(system.)
h(See)f(the)g Fi(rpm)g Fm(man)h(page,)e(as)h(ther)o(e)g(ar)o(e)f(a)h
(few)g(other)596 355 y(options)23 b(that)e(can)h(be)f(included)h(to)g
(make)g(it)g(less)g(verbose.)f(Keep)h(in)g(mind)g(you)h(must)f(also)g
(be)596 446 y(sur)o(e)e(your)h(RPM)g(binary)f(has)h(not)g(been)g(compr)
o(omised.)596 579 y(This)c(means)g(that)g(every)g(time)g(a)g(new)g(RPM)
g(is)h(added)d(to)j(the)f(system,)h(the)f(RPM)g(database)e(will)596
670 y(need)20 b(to)h(be)f(r)o(ear)o(chived.)f(Y)-8 b(ou)21
b(will)h(have)e(to)h(decide)f(the)h(advantages)e(versus)i(drawbacks.)
596 978 y Fn(K)o(eep)j(T)-7 b(rac)n(k)24 b(of)h(Y)-9
b(our)25 b(System)g(Accounting)g(Data)596 1115 y Fm(It)31
b(is)g(very)g(important)h(that)f(the)g(information)h(that)f(comes)h(fr)
o(om)e Fi(syslog)h Fm(not)g(be)g(compr)o(o-)596 1207
y(mised.)19 b(Making)g(the)h(\002les)g(in)g Fi(/var/log)e
Fm(r)o(eadable)f(and)i(writable)g(by)h(only)g(a)f(limited)h(number)596
1298 y(of)g(users)h(is)g(a)f(good)i(start.)596 1431 y(Be)f(sur)o(e)h
(to)g(keep)g(an)g(eye)g(on)h(what)g(gets)f(written)h(ther)o(e,)e
(especially)h(under)g(the)g Fi(auth)g Fm(facility)-9
b(.)596 1522 y(Multiple)20 b(login)i(failur)o(es,)d(for)i(example,)f
(can)g(indicate)g(an)h(attempted)f(br)o(eak-in.)596 1655
y(Wher)o(e)j(to)i(look)h(for)e(your)h(log)g(\002le)g(will)g(depend)f
(on)h(your)g(distribution.)g(In)g(a)f(Linux)g(system)596
1746 y(that)d(conforms)g(to)h(the)f("Linux)g(Filesystem)h(Standar)o
(d",)c(such)k(as)f(Red)g(Hat,)f(you)i(will)f(want)h(to)596
1838 y(look)f(in)g Fi(/var/log)f Fm(and)g(check)h Fi(messages)p
Fm(,)e Fi(mail.log)p Fm(,)g(and)i(others.)596 1970 y(Y)-8
b(ou)53 b(can)f(\002nd)h(out)g(wher)o(e)f(your)h(distribution)g(is)g
(logging)h(to)f(by)f(looking)j(at)d(your)596 2062 y Fi
(/etc/syslog.conf)42 b Fm(\002le.)k(This)g(is)g(the)f(\002le)h(that)g
(tells)g Fi(syslogd)e Fm(\(the)h(system)h(logging)596
2153 y(daemon\))20 b(wher)o(e)g(to)h(log)h(various)e(messages.)596
2286 y(Y)-8 b(ou)30 b(might)h(also)e(want)h(to)g(con\002gur)o(e)f(your)
h(log-r)o(otating)g(script)f(or)h(daemon)f(to)h(keep)f(logs)596
2377 y(ar)o(ound)j(longer)i(so)h(you)f(have)f(time)h(to)g(examine)f
(them.)h(T)-8 b(ake)33 b(a)g(look)i(at)e(the)g Fi(logrotate)596
2468 y Fm(package)c(on)i(r)o(ecent)e(Red)i(Hat)f(distributions.)h
(Other)f(distributions)i(likely)f(have)f(a)g(similar)596
2560 y(pr)o(ocess.)596 2693 y(If)18 b(your)h(log)g(\002les)g(have)f
(been)g(tamper)o(ed)f(with,)i(see)g(if)f(you)h(can)f(determine)h(when)g
(the)f(tamper)o(-)596 2784 y(ing)27 b(started,)f(and)g(what)h(sort)g
(of)g(things)h(appear)o(ed)c(to)j(be)g(tamper)o(ed)e(with.)j(Ar)o(e)d
(ther)o(e)h(lar)o(ge)596 2875 y(periods)i(of)g(time)g(that)h(cannot)f
(be)g(accounted)g(for?)g(Checking)h(backup)e(tapes)h(\(if)g(you)g(have)
596 2967 y(any\))20 b(for)g(untamper)o(ed)g(log)h(\002les)g(is)h(a)e
(good)h(idea.)596 3099 y(Intr)o(uders)d(typically)h(modify)g(log)g
(\002les)g(in)g(or)o(der)e(to)i(cover)g(their)f(tracks,)g(but)h(they)g
(should)g(still)596 3191 y(be)24 b(checked)f(for)i(strange)f
(happenings.)h(Y)-8 b(ou)25 b(may)f(notice)h(the)g(intr)o(uder)f
(attempting)h(to)g(gain)596 3282 y(entrance,)20 b(or)h(exploit)h(a)f
(pr)o(ogram)f(in)i(or)o(der)e(to)i(obtain)g(the)f(r)o(oot)g(account.)g
(Y)-8 b(ou)23 b(might)f(see)f(log)596 3373 y(entries)f(befor)o(e)g(the)
h(intr)o(uder)f(has)h(time)g(to)g(modify)h(them.)596
3506 y(Y)-8 b(ou)26 b(should)g(also)g(be)f(sur)o(e)g(to)h(separate)e
(the)h Fi(auth)g Fm(facility)g(fr)o(om)g(other)h(log)g(data,)e
(including)596 3598 y(attempts)i(to)h(switch)g(users)f(using)h
Fi(su)p Fm(,)f(login)i(attempts,)e(and)g(other)g(user)h(accounting)g
(infor)o(-)596 3689 y(mation.)596 3822 y(If)e(possible,)h(con\002gur)o
(e)f Fi(syslog)g Fm(to)h(send)f(a)g(copy)h(of)g(the)f(most)i(important)
f(data)e(to)i(a)f(secur)o(e)596 3913 y(system.)32 b(This)g(will)g(pr)o
(event)f(an)g(intr)o(uder)h(fr)o(om)f(covering)h(his)g(tracks)f(by)h
(deleting)g(his)g(lo-)596 4004 y(gin/su/ftp/etc)21 b(attempts.)g(See)f
(the)h Fi(syslog.conf)d Fm(man)j(page,)f(and)h(r)o(efer)e(to)i(the)g
Fi(@)f Fm(option.)596 4137 y(Ther)o(e)42 b(ar)o(e)g(several)g(mor)o(e)h
(advanced)f Fi(syslogd)g Fm(pr)o(ograms)g(out)i(ther)o(e.)e(T)-8
b(ake)43 b(a)g(look)h(at)596 4229 y(http://www)-8 b(.cor)o
(e-sdi.com/ssyslog/)29 b(for)e(Secur)o(e)e(Syslog.)i(Secur)o(e)e
(Syslog)j(allows)f(you)h(to)596 4320 y(encrypt)20 b(your)h(syslog)h
(entries)f(and)f(make)h(sur)o(e)f(no)h(one)g(has)g(tamper)o(ed)e(with)j
(them.)596 4453 y(Another)17 b Fi(syslogd)e Fm(with)j(mor)o(e)f(featur)
o(es)e(is)i(syslog-ng)2380 4420 y Ff(90)2432 4453 y Fm(.)f(It)h(allows)
h(you)f(a)g(lot)g(mor)o(e)g(\003exibility)596 4544 y(in)k(your)g
(logging)h(and)e(also)h(can)g(has)g(your)g(r)o(emote)f(syslog)i(str)o
(eams)e(to)h(pr)o(event)f(tampering.)596 4677 y(Finally)-9
b(,)24 b(log)h(\002les)f(ar)o(e)f(much)i(less)f(useful)g(when)h(no)g
(one)g(is)f(r)o(eading)g(them.)g(T)-8 b(ake)24 b(some)h(time)596
4768 y(out)e(every)f(once)i(in)f(a)g(while)g(to)h(look)g(over)f(your)g
(log)h(\002les,)f(and)f(get)h(a)g(feeling)g(for)f(what)i(they)596
4860 y(look)d(like)g(on)h(a)e(normal)h(day)-9 b(.)20
b(Knowing)i(this)g(can)e(help)h(make)g(unusual)g(things)h(stand)e(out.)
596 5168 y Fn(Appl)o(y)k(All)i(Ne)o(w)f(System)g(Updates.)596
5305 y Fm(Most)i(Linux)h(users)f(install)h(fr)o(om)f(a)g(CD-ROM.)g(Due)
h(to)f(the)h(fast-paced)d(natur)o(e)h(of)i(security)596
5396 y(\002xes,)22 b(new)h(\(\002xed\))f(pr)o(ograms)h(ar)o(e)e(always)
i(being)g(r)o(eleased.)e(Befor)o(e)g(you)j(connect)f(your)g(ma-)p
Black 3601 5585 a Fj(37)p Black eop
%%Page: 38 38
38 37 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fm(chine)26 b(to)g(the)h
(network,)f(it's)h(a)e(good)i(idea)e(to)i(check)f(with)h(your)f
(distribution's)h(ftp)f(site)g(and)596 180 y(get)g(all)h(the)g(updated)
e(packages)h(since)h(you)g(r)o(eceived)e(your)i(distribution)h(CD-ROM.)
e(Many)596 272 y(times)21 b(these)g(packages)f(contain)h(important)g
(security)g(\002xes,)f(so)i(it's)f(a)f(good)i(idea)e(to)h(get)f(them)
596 363 y(installed.)197 764 y Fk(What)28 b(T)-8 b(o)29
b(Do)f(During)h(and)f(After)g(a)g(Breakin)596 906 y Fm(So)g(you)i(have)
e(followed)h(some)g(of)g(the)g(advice)f(her)o(e)g(\(or)g(elsewher)o
(e\))g(and)h(have)f(detected)f(a)596 997 y(br)o(eak-in?)19
b(The)j(\002rst)f(thing)i(to)f(do)f(is)h(to)f(r)o(emain)g(calm.)g
(Hasty)g(actions)h(can)f(cause)g(mor)o(e)g(harm)596 1088
y(than)f(the)h(attacker)f(would)h(have.)596 1340 y Fn(Security)j(Compr)
n(omise)h(Underwa)n(y)-7 b(.)596 1477 y Fm(Spotting)31
b(a)e(security)i(compr)o(omise)g(under)f(way)g(can)g(be)h(a)f(tense)g
(undertaking.)g(How)h(you)596 1569 y(r)o(eact)19 b(can)h(have)g(lar)o
(ge)g(consequences.)596 1701 y(If)g(the)g(compr)o(omise)h(you)g(ar)o(e)
e(seeing)h(is)h(a)f(physical)h(one,)f(odds)h(ar)o(e)d(you)j(have)f
(spotted)h(some-)596 1793 y(one)k(who)h(has)f(br)o(oken)f(into)i(your)f
(home,)h(of)o(\002ce)e(or)h(lab.)f(Y)-8 b(ou)26 b(should)g(notify)g
(your)f(local)g(au-)596 1884 y(thorities.)d(In)g(a)f(lab,)g(you)h
(might)g(have)f(spotted)h(someone)g(trying)h(to)f(open)g(a)f(case)f(or)
i(r)o(eboot)f(a)596 1975 y(machine.)e(Depending)i(on)f(your)h
(authority)f(and)g(pr)o(ocedur)o(es,)e(you)i(might)h(ask)f(them)g(to)h
(stop,)596 2067 y(or)f(contact)h(your)g(local)g(security)g(people.)596
2200 y(If)j(you)h(have)g(detected)e(a)i(local)f(user)h(trying)h(to)f
(compr)o(omise)g(your)g(security)-9 b(,)25 b(the)g(\002rst)g(thing)596
2291 y(to)e(do)g(is)g(con\002rm)h(they)f(ar)o(e)f(in)h(fact)f(who)i
(you)f(think)h(they)g(ar)o(e.)d(Check)i(the)g(site)g(they)g(ar)o(e)f
(log-)596 2382 y(ging)h(in)h(fr)o(om.)e(Is)i(it)f(the)g(site)g(they)h
(normally)g(log)f(in)h(fr)o(om?)e(No?)i(Then)f(use)g(a)g(non-electr)o
(onic)596 2474 y(means)e(of)h(getting)g(in)h(touch.)f(For)g(instance,)f
(call)h(them)g(on)g(the)g(phone)h(or)e(walk)h(over)g(to)g(their)596
2565 y(of)o(\002ce/house)29 b(and)f(talk)h(to)g(them.)g(If)f(they)h
(agr)o(ee)f(that)g(they)h(ar)o(e)f(on,)h(you)g(can)g(ask)f(them)i(to)
596 2656 y(explain)25 b(what)h(they)g(wer)o(e)e(doing)j(or)f(tell)f
(them)i(to)f(cease)e(doing)j(it.)e(If)h(they)g(ar)o(e)e(not)i(on,)g
(and)596 2748 y(have)e(no)h(idea)f(what)i(you)f(ar)o(e)e(talking)j
(about,)e(odds)h(ar)o(e)f(this)h(incident)h(r)o(equir)o(es)d(further)i
(in-)596 2839 y(vestigation.)j(Look)g(into)h(such)f(incidents)h(,)e
(and)h(have)f(lots)i(of)f(information)h(befor)o(e)d(making)596
2930 y(any)20 b(accusations.)596 3063 y(If)j(you)i(have)e(detected)g(a)
g(network)i(compr)o(omise,)f(the)g(\002rst)g(thing)h(to)f(do)g(\(if)g
(you)g(ar)o(e)f(able\))g(is)596 3154 y(to)28 b(disconnect)g(your)h
(network.)f(If)g(they)g(ar)o(e)e(connected)i(via)g(modem,)g(unplug)g
(the)g(modem)596 3246 y(cable;)17 b(if)i(they)g(ar)o(e)e(connected)i
(via)f(Ethernet,)h(unplug)g(the)g(Ethernet)f(cable.)g(This)h(will)h(pr)
o(event)596 3337 y(them)31 b(fr)o(om)f(doing)i(any)f(further)f(damage,)
g(and)g(they)i(will)f(pr)o(obably)f(see)h(it)g(as)g(a)f(network)596
3428 y(pr)o(oblem)20 b(rather)g(than)h(detection.)596
3561 y(If)k(you)i(ar)o(e)d(unable)i(to)g(disconnect)g(the)g(network)h
(\(if)e(you)i(have)e(a)h(busy)g(site,)g(or)g(you)g(do)g(not)596
3652 y(have)e(physical)i(contr)o(ol)f(of)g(your)h(machines\),)f(the)g
(next)g(best)g(step)h(is)f(to)h(use)f(something)i(like)596
3744 y Fi(tcp_wrappers)18 b Fm(or)j Fi(ipfwadm)f Fm(to)h(deny)g(access)
f(fr)o(om)g(the)h(intr)o(uder)6 b('s)21 b(site.)596 3877
y(If)30 b(you)h(can't)g(deny)g(all)f(people)h(fr)o(om)f(the)h(same)g
(site)g(as)f(the)h(intr)o(uder)-6 b(,)31 b(locking)h(the)f(user)6
b('s)596 3968 y(account)22 b(will)h(have)e(to)i(do.)f(Note)h(that)f
(locking)h(an)f(account)h(is)f(not)h(an)f(easy)g(thing.)h(Y)-8
b(ou)23 b(have)596 4059 y(to)e(keep)f(in)h(mind)h Fi(.rhosts)d
Fm(\002les,)i(FTP)g(access,)f(and)g(a)g(host)i(of)f(possible)g
(backdoors.)596 4192 y(After)c(you)i(have)f(done)h(one)g(of)f(the)h
(above)f(\(disconnected)h(the)f(network,)h(denied)f(access)g(fr)o(om)
596 4283 y(their)g(site,)h(and/or)g(disabled)e(their)i(account\),)f
(you)i(need)e(to)h(kill)g(all)g(their)g(user)f(pr)o(ocesses)g(and)596
4375 y(log)j(them)g(of)o(f.)596 4508 y(Y)-8 b(ou)25 b(should)h(monitor)
g(your)f(site)g(well)g(for)f(the)h(next)g(few)f(minutes,)i(as)e(the)h
(attacker)e(will)j(try)596 4599 y(to)i(get)g(back)f(in.)i(Per)o(haps)e
(using)i(a)e(dif)o(fer)o(ent)f(account,)i(and/or)g(fr)o(om)g(a)f(dif)o
(fer)o(ent)f(network)596 4690 y(addr)o(ess.)596 4998
y Fn(Security)e(Compr)n(omise)h(has)g(alread)o(y)f(happened)596
5135 y Fm(So)j(you)g(have)g(either)g(detected)f(a)h(compr)o(omise)g
(that)g(has)h(alr)o(eady)d(happened)h(or)i(you)f(have)596
5227 y(detected)f(it)i(and)g(locked)g(\(hopefully\))g(the)g(of)o
(fending)f(attacker)g(out)i(of)f(your)g(system.)g(Now)596
5318 y(what?)p Black 197 5585 a Fj(38)p Black eop
%%Page: 39 39
39 38 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fd(Closing)h(the)h(Hole)596
222 y Fm(If)i(you)i(ar)o(e)d(able)h(to)i(determine)e(what)h(means)h
(the)f(attacker)e(used)i(to)g(get)g(into)h(your)f(system,)596
313 y(you)g(should)g(try)g(to)g(close)g(that)f(hole.)h(For)g(instance,)
f(per)o(haps)g(you)h(see)f(several)g(FTP)h(entries)596
405 y(just)19 b(befor)o(e)f(the)h(user)g(logged)h(in.)f(Disable)g(the)g
(FTP)h(service)e(and)h(check)g(and)g(see)f(if)h(ther)o(e)g(is)g(an)596
496 y(updated)g(version,)i(or)g(if)f(any)h(of)g(the)g(lists)g(know)h
(of)f(a)f(\002x.)596 629 y(Check)k(all)h(your)g(log)h(\002les,)f(and)f
(make)h(a)f(visit)i(to)f(your)g(security)g(lists)h(and)f(pages)f(and)g
(see)h(if)596 720 y(ther)o(e)e(ar)o(e)f(any)i(new)g(common)i(exploits)e
(you)g(can)g(\002x.)g(Y)-8 b(ou)25 b(can)e(\002nd)i(Caldera)d(security)
i(\002xes)596 811 y(at)48 b(http://www)-8 b(.caldera.com/tech-r)o
(ef/security/.)47 b(Red)i(Hat)f(has)g(not)h(yet)g(separated)596
903 y(their)c(security)g(\002xes)h(fr)o(om)f(bug)g(\002xes,)h(but)f
(their)g(distribution)i(errata)d(is)h(available)f(at)596
994 y(http://www)-8 b(.r)o(edhat.com/errata)596 1127
y(Debian)117 b(now)h(has)f(a)g(security)h(mailing)g(list)g(and)e(web)i
(page.)e(See:)596 1218 y(http://www)-8 b(.debian.or)o(g/security/)21
b(for)g(mor)o(e)f(information.)596 1351 y(It)30 b(is)g(very)g(likely)h
(that)f(if)g(one)g(vendor)g(has)g(r)o(eleased)f(a)g(security)i(update,)
e(that)h(most)h(other)596 1442 y(Linux)20 b(vendors)h(will)h(as)e
(well.)596 1575 y(Ther)o(e)e(is)j(now)f(a)g(Linux)g(security)f
(auditing)h(pr)o(oject.)g(They)g(ar)o(e)e(methodically)i(going)h(thr)o
(ough)596 1667 y(all)26 b(the)g(user)o(-space)e(utilities)j(and)f
(looking)i(for)e(possible)h(security)f(exploits)g(and)g(over\003ows.)
596 1758 y(Fr)o(om)20 b(their)h(announcement:)596 1891
y(\223"W)-8 b(e)23 b(ar)o(e)f(attempting)i(a)f(systematic)h(audit)f(of)
g(Linux)h(sour)o(ces)f(with)h(a)g(view)f(to)h(being)g(as)f(se-)596
1982 y(cur)o(e)e(as)g(OpenBSD.)h(W)-8 b(e)22 b(have)f(alr)o(eady)g
(uncover)o(ed)g(\(and)g(\002xed\))g(some)i(pr)o(oblems,)e(but)h(mor)o
(e)596 2073 y(help)d(is)i(welcome.)f(The)f(list)i(is)f(unmoderated)f
(and)g(also)h(a)g(useful)f(r)o(esour)o(ce)g(for)g(general)g(secu-)596
2165 y(rity)k(discussions.)h(The)e(list)i(addr)o(ess)d(is:)i
(security-audit@ferr)o(et.lmh.ox.ac.uk)d(T)-8 b(o)23
b(subscribe,)596 2256 y(send)d(a)h(mail)f(to:)h
(security-audit-subscribe@ferr)o(et.lmh.ox.ac.uk"\224)596
2389 y(If)30 b(you)i(don't)f(lock)h(the)f(attacker)f(out,)h(they)h
(will)f(likely)h(be)f(back.)f(Not)i(just)f(back)g(on)h(your)596
2480 y(machine,)16 b(but)h(back)f(somewher)o(e)h(on)g(your)g(network.)g
(If)f(they)h(wer)o(e)f(r)o(unning)i(a)e(packet)g(snif)o(fer)-6
b(,)596 2571 y(odds)20 b(ar)o(e)g(good)h(they)g(have)f(access)g(to)i
(other)f(local)f(machines.)596 2870 y Fd(Assessing)j(the)f(Dama)o(g)q
(e)596 3003 y Fm(The)f(\002rst)g(thing)i(is)e(to)h(assess)f(the)h
(damage.)e(What)h(has)g(been)g(compr)o(omised?)g(If)g(you)h(ar)o(e)e(r)
o(un-)596 3094 y(ning)g(an)f(integrity)h(checker)e(like)i
Fi(Tripwire)p Fm(,)d(you)j(can)f(use)g(it)h(to)g(perform)e(an)h
(integrity)h(check;)596 3186 y(it)k(should)h(help)g(to)g(tell)f(you)h
(what)g(has)f(been)h(compr)o(omised.)f(If)g(not,)h(you)g(will)g(have)f
(to)h(look)596 3277 y(ar)o(ound)20 b(at)g(all)g(your)i(important)f
(data.)596 3410 y(Since)16 b(Linux)h(systems)g(ar)o(e)e(getting)i
(easier)f(and)g(easier)g(to)h(install,)g(you)g(might)h(consider)f
(saving)596 3501 y(your)22 b(con\002g)h(\002les,)f(wiping)g(your)h
(disk\(s\),)e(r)o(einstalling,)h(then)g(r)o(estoring)g(your)g(user)g
(\002les)g(and)596 3593 y(your)d(con\002g)i(\002les)e(fr)o(om)g
(backups.)g(This)h(will)g(ensur)o(e)f(that)h(you)g(have)f(a)f(new)-8
b(,)20 b(clean)f(system.)h(If)596 3684 y(you)g(have)f(to)h(r)o(estor)o
(e)f(\002les)h(fr)o(om)f(the)h(compr)o(omised)g(system,)g(be)g
(especially)f(cautious)h(of)g(any)596 3775 y(binaries)g(that)h(you)g(r)
o(estor)o(e,)e(as)i(they)g(may)g(be)f(T)-7 b(r)o(ojan)20
b(horses)h(placed)f(ther)o(e)g(by)h(the)g(intr)o(uder)-6
b(.)596 3908 y(Re-installation)22 b(should)g(be)e(consider)o(ed)h
(mandatory)g(upon)g(an)g(intr)o(uder)h(obtaining)g(r)o(oot)f(ac-)596
3999 y(cess.)f(Additionally)-9 b(,)20 b(you'd)h(like)g(to)g(keep)f(any)
g(evidence)g(ther)o(e)g(is,)g(so)i(having)e(a)g(spar)o(e)g(disk)g(in)
596 4091 y(the)g(safe)g(may)h(make)g(sense.)596 4224
y(Then)16 b(you)h(have)e(to)i(worry)f(about)g(how)i(long)f(ago)f(the)g
(compr)o(omise)h(happened,)e(and)h(whether)596 4315 y(the)k(backups)h
(hold)g(any)g(damaged)e(work.)i(Mor)o(e)f(on)h(backups)g(later)-6
b(.)596 4614 y Fd(Bac)n(kups,)23 b(Bac)n(kups,)h(Bac)n(kups!)596
4747 y Fm(Having)30 b(r)o(egular)g(backups)g(is)h(a)f(godsend)h(for)g
(security)g(matters.)f(If)g(your)h(system)h(is)f(com-)596
4838 y(pr)o(omised,)23 b(you)h(can)f(r)o(estor)o(e)g(the)h(data)e(you)j
(need)e(fr)o(om)g(backups.)g(Of)h(course,)g(some)g(data)f(is)596
4929 y(valuable)i(to)h(the)g(attacker)f(too,)i(and)e(they)i(will)g(not)
f(only)h(destr)o(oy)f(it,)g(they)g(will)h(steal)f(it)g(and)596
5021 y(have)20 b(their)h(own)g(copies;)g(but)g(at)f(least)h(you)g(will)
g(still)h(have)e(the)h(data.)596 5153 y(Y)-8 b(ou)26
b(should)f(check)g(several)f(backups)h(back)f(into)i(the)f(past)g
(befor)o(e)e(r)o(estoring)i(a)g(\002le)g(that)g(has)596
5245 y(been)c(tamper)o(ed)e(with.)j(The)g(intr)o(uder)f(could)h(have)f
(compr)o(omised)g(your)h(\002les)g(long)g(ago,)f(and)596
5336 y(you)g(could)g(have)f(made)g(many)h(successful)g(backups)f(of)h
(the)g(compr)o(omised)g(\002le!)p Black 3601 5585 a Fj(39)p
Black eop
%%Page: 40 40
40 39 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fm(Of)g(course,)g(ther)o(e)f(ar)
o(e)g(also)i(a)e(raft)h(of)g(security)g(concerns)h(with)g(backups.)f
(Make)f(sur)o(e)h(you)g(ar)o(e)596 180 y(storing)i(them)g(in)f(a)g
(secur)o(e)g(place.)f(Know)i(who)h(has)e(access)g(to)h(them.)f(\(If)g
(an)g(attacker)f(can)h(get)596 272 y(your)f(backups,)f(they)h(can)f
(have)g(access)h(to)g(all)f(your)h(data)f(without)i(you)f(ever)f
(knowing)j(it.\))596 571 y Fd(T)-7 b(rac)n(king)23 b(Do)o(wn)f(the)h
(Intruder)-5 b(.)596 703 y Fm(Ok,)30 b(you)i(have)e(locked)g(the)h
(intr)o(uder)g(out,)g(and)f(r)o(ecover)o(ed)e(your)j(system,)g(but)g
(you'r)o(e)f(not)596 795 y(quite)35 b(done)g(yet.)f(While)h(it)g(is)g
(unlikely)h(that)f(most)g(intr)o(uders)g(will)h(ever)e(be)g(caught,)g
(you)596 886 y(should)21 b(r)o(eport)f(the)h(attack.)596
1019 y(Y)-8 b(ou)35 b(should)g(r)o(eport)f(the)g(attack)g(to)h(the)f
(admin)h(contact)f(at)g(the)g(site)h(fr)o(om)f(which)h(the)g(at-)596
1110 y(tacker)20 b(attacked)g(your)i(system.)g(Y)-8 b(ou)23
b(can)e(look)i(up)e(this)i(contact)e(with)i Fi(whois)d
Fm(or)i(the)g(Internic)596 1202 y(database.)16 b(Y)-8
b(ou)19 b(might)g(send)f(them)g(an)g(email)g(with)h(all)f(applicable)f
(log)h(entries)g(and)g(dates)f(and)596 1293 y(times.)24
b(If)g(you)g(spotted)g(anything)i(else)d(distinctive)i(about)f(your)g
(intr)o(uder)-6 b(,)24 b(you)h(might)g(men-)596 1384
y(tion)g(that)f(too.)i(After)d(sending)i(the)g(email,)f(you)h(should)h
(\(if)e(you)h(ar)o(e)e(so)i(inclined\))g(follow)g(up)596
1476 y(with)20 b(a)e(phone)i(call.)f(If)g(that)g(admin)g(in)h(turn)g
(spots)g(your)f(attacker)-6 b(,)18 b(they)i(might)g(be)f(able)f(to)i
(talk)596 1567 y(to)h(the)g(admin)f(of)h(the)g(site)g(wher)o(e)f(they)h
(ar)o(e)e(coming)j(fr)o(om)f(and)f(so)h(on.)596 1700
y(Good)j(crackers)e(often)i(use)f(many)h(intermediate)f(systems,)h
(some)g(\(or)f(many\))g(of)h(which)g(may)596 1791 y(not)f(even)g(know)i
(they)e(have)g(been)g(compr)o(omised.)g(T)-7 b(rying)24
b(to)f(track)g(a)g(cracker)f(back)g(to)i(their)596 1882
y(home)k(system)h(can)e(be)h(dif)o(\002cult.)f(Being)h(polite)g(to)g
(the)g(admins)g(you)h(talk)e(to)i(can)e(go)i(a)e(long)596
1974 y(way)20 b(to)h(getting)h(help)f(fr)o(om)f(them.)596
2107 y(Y)-8 b(ou)24 b(should)g(also)f(notify)h(any)g(security)f(or)o
(ganizations)g(you)h(ar)o(e)e(a)h(part)f(of)h(\(CER)m(T)3325
2073 y Ff(94)3398 2107 y Fm(or)g(simi-)596 2198 y(lar\),)c(as)i(well)g
(as)f(your)h(Linux)g(system)h(vendor)-6 b(.)197 2682
y Fk(Security)28 b(Sour)n(ces)596 2823 y Fm(Ther)o(e)15
b(ar)o(e)f(a)i(LOT)f(of)h(good)h(sites)f(out)h(ther)o(e)e(for)h(Unix)f
(security)h(in)h(general)e(and)h(Linux)g(security)596
2915 y(speci\002cally)-9 b(.)23 b(It's)h(very)g(important)g(to)g
(subscribe)g(to)g(one)g(\(or)g(mor)o(e\))f(of)h(the)g(security)g
(mailing)596 3006 y(lists)f(and)e(keep)h(curr)o(ent)f(on)i(security)g
(\002xes.)f(Most)g(of)g(these)g(lists)h(ar)o(e)e(very)h(low)h(volume,)f
(and)596 3097 y(very)e(informative.)596 3349 y Fn(Lin)o(uxSecurity)-7
b(.com)24 b(Ref)o(erences)596 3486 y Fm(The)19 b(LinuxSecurity)-9
b(.com)20 b(web)g(site)g(has)f(numer)o(ous)i(Linux)f(and)f(open)h(sour)
o(ce)g(security)g(r)o(efer)o(-)596 3578 y(ences)g(written)h(by)g(the)g
(LinuxSecurity)f(staf)o(f)g(and)g(people)h(collectively)g(ar)o(ound)f
(the)h(world.)p Black 596 3835 a Fh(\225)p Black 72 w
Fj(Linux)29 b(Advisory)f(W)n(atch)1495 3802 y Fa(95)1573
3835 y Fm(--)h(A)f(compr)o(ehensive)h(newsletter)g(that)h(outlines)g
(the)f(security)679 3926 y(vulnerabilities)23 b(that)h(have)f(been)h
(announced)g(thr)o(oughout)g(the)g(week.)g(It)g(includes)g(point-)679
4018 y(ers)c(to)h(updated)f(packages)g(and)g(descriptions)h(of)g(each)f
(vulnerability)-9 b(.)p Black 596 4151 a Fh(\225)p Black
71 w Fj(Linux)28 b(Security)g(W)n(eek)1426 4117 y Fa(96)1506
4151 y Fm(--)f(The)i(purpose)f(of)g(this)h(document)g(is)f(to)h(pr)o
(ovide)e(our)i(r)o(eaders)679 4242 y(with)21 b(a)f(quick)i(summary)f
(of)g(each)f(week's)h(most)h(r)o(elevant)d(Linux)i(security)g
(headlines.)p Black 596 4375 a Fh(\225)p Black 72 w Fj(Linux)29
b(Security)h(Discussion)f(List)1781 4342 y Fa(97)1861
4375 y Fm(--)f(This)i(mailing)g(list)g(is)g(for)f(general)g(security-r)
o(elated)679 4466 y(questions)22 b(and)e(comments.)p
Black 596 4599 a Fh(\225)p Black 63 w Fj(Linux)h(Security)g
(Newsletters)1623 4566 y Fa(98)1694 4599 y Fm(--)f(Subscription)h
(information)h(for)e(all)h(newsletters.)p Black 596 4732
a Fh(\225)p Black 71 w Fj(comp.os.linux.security)27 b(F)-9
b(AQ)1655 4699 y Fa(99)1732 4732 y Fm(--)28 b(Fr)o(equently)h(Asked)e
(Questions)j(with)f(answers)g(for)f(the)679 4823 y
(comp.os.linux.security)21 b(newsgr)o(oup.)p Black 596
4956 a Fh(\225)p Black 62 w Fj(Linux)e(Security)h(Documentation)1747
4923 y Fa(100)1840 4956 y Fm(--)e(A)h(gr)o(eat)f(starting)i(point)g
(for)f(information)i(pertaining)679 5047 y(to)g(Linux)g(and)f(Open)h
(Sour)o(ce)f(security)-9 b(.)p Black 197 5585 a Fj(40)p
Black eop
%%Page: 41 41
41 40 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fn(FTP)j(Sites)596
226 y Fm(CER)m(T)19 b(is)h(the)g(Computer)f(Emer)o(gency)g(Response)i
(T)-8 b(eam.)19 b(They)h(often)g(send)f(out)h(alerts)f(of)h(cur)o(-)596
317 y(r)o(ent)g(attacks)g(and)g(\002xes.)h(See)f(ftp://ftp.cert.or)o(g)
f(for)h(mor)o(e)h(information.)596 450 y(ZEDZ)j(\(formerly)f(Replay\))g
(\(http://www)-8 b(.zedz.net\))23 b(has)g(ar)o(chives)g(of)g(many)h
(security)g(pr)o(o-)596 542 y(grams.)c(Since)g(they)i(ar)o(e)d(outside)
i(the)g(US,)f(they)h(don't)g(need)f(to)h(obey)g(US)f(crypto)h(r)o
(estrictions.)596 674 y(Matt)e(Blaze)f(is)i(the)g(author)g(of)g(CFS)g
(and)f(a)h(gr)o(eat)e(security)i(advocate.)f(Matt's)g(ar)o(chive)g(is)h
(avail-)596 766 y(able)g(at)g(ftp://ftp.r)o(esear)o(ch.att.com/pub/mab)
596 899 y Fi(tue.nl)f Fm(is)i(a)g(gr)o(eat)e(security)i(FTP)g(site)g
(in)g(the)g(Netherlands.)f(ftp.win.tue.nl)3087 865 y
Ff(104)596 1207 y Fn(W)m(eb)k(Sites)p Black 596 1481
a Fh(\225)p Black 63 w Fm(The)d(Hacker)f(F)-6 b(AQ)21
b(is)g(a)f(F)-6 b(AQ)21 b(about)f(hackers:)g(The)h(Hacker)f(F)-6
b(AQ)2839 1447 y Ff(105)p Black 596 1613 a Fh(\225)p
Black 67 w Fm(The)24 b(COAST)f(ar)o(chive)g(has)h(a)g(lar)o(ge)f
(number)h(of)g(Unix)g(security)g(pr)o(ograms)g(and)f(informa-)679
1705 y(tion:)e(COAST)1149 1671 y Ff(106)p Black 596 1838
a Fh(\225)p Black 63 w Fm(SuSe)f(Security)g(Page:)g(http://www)-8
b(.suse.de/security/)p Black 596 1970 a Fh(\225)p Black
67 w Fm(Rootshell.com)26 b(is)e(a)g(gr)o(eat)e(site)j(for)f(seeing)g
(what)g(exploits)h(ar)o(e)d(curr)o(ently)i(being)g(used)g(by)679
2062 y(crackers:)19 b(http://www)-8 b(.r)o(ootshell.com/)p
Black 596 2195 a Fh(\225)p Black 63 w Fm(BUGTRAQ)21 b(puts)g(out)g
(advisories)g(on)g(security)g(issues:)g(BUGTRAQ)g(ar)o(chives)3287
2161 y Ff(109)p Black 596 2327 a Fh(\225)p Black 63 w
Fm(CER)m(T)-6 b(,)21 b(the)g(Computer)g(Emer)o(gency)f(Response)i(T)-8
b(eam,)20 b(puts)h(out)g(advisories)g(on)g(common)679
2419 y(attacks)f(on)h(Unix)g(platforms:)f(CER)m(T)h(home)2108
2385 y Ff(110)p Black 596 2552 a Fh(\225)p Black 74 w
Fm(Dan)32 b(Farmer)f(is)h(the)g(author)g(of)f(SA)-6 b(T)g(AN)31
b(and)g(many)h(other)g(security)g(tools.)g(His)g(home)679
2643 y(site)h(has)g(some)h(inter)o(esting)g(security)g(survey)f
(information,)h(as)f(well)h(as)f(security)g(tools:)679
2734 y(http://www)-8 b(.tr)o(ouble.or)o(g)p Black 596
2867 a Fh(\225)p Black 74 w Fm(The)31 b(Linux)g(security)h(WWW)f(is)g
(a)g(good)h(site)f(for)g(Linux)h(security)f(information:)h(Linux)679
2958 y(Security)20 b(WWW)1249 2925 y Ff(112)p Black 596
3091 a Fh(\225)p Black 71 w Fm(In\002lsec)29 b(has)g(a)f(vulnerability)
h(engine)g(that)g(can)f(tell)h(you)g(what)g(vulnerabilities)g(af)o
(fect)d(a)679 3182 y(speci\002c)20 b(platform:)g(http://www)-8
b(.in\002lsec.com/vulnerabilities/)p Black 596 3315 a
Fh(\225)p Black 134 w Fm(CIAC)91 b(sends)h(out)g(periodic)f(security)g
(bulletins)i(on)f(common)h(exploits:)679 3407 y
(http://ciac.llnl.gov/cgi-bin/index/bulletins)p Black
596 3539 a Fh(\225)p Black 66 w Fm(A)23 b(good)h(starting)g(point)g
(for)f(Linux)g(Pluggable)h(Authentication)g(modules)g(can)f(be)g(found)
679 3631 y(at)d(http://www)-8 b(.kernel.or)o(g/pub/linux/libs/pam/.)p
Black 596 3764 a Fh(\225)p Black 63 w Fm(The)21 b(Debian)g(pr)o(oject)g
(has)f(a)h(web)g(page)f(for)g(their)h(security)g(\002xes)g(and)g
(information.)g(It)g(is)g(at)679 3855 y(http://www)-8
b(.debian.com/security/.)p Black 596 3988 a Fh(\225)p
Black 68 w Fm(WWW)26 b(Security)f(F)-6 b(AQ,)26 b(written)g(by)f
(Lincoln)i(Stein,)e(is)i(a)e(gr)o(eat)f(web)i(security)g(r)o(efer)o
(ence.)679 4079 y(Find)21 b(it)g(at)f(http://www)-8 b(.w3.or)o
(g/Security/Faq/www-security-faq.html)596 4520 y Fn(Mailing)26
b(Lists)596 4657 y Fm(Bugtraq:)e(T)-8 b(o)26 b(subscribe)f(to)g
(bugtraq,)g(send)g(mail)h(to)f(listserv@netspace.or)o(g)f(containing)j
(the)596 4748 y(message)20 b(body)h(subscribe)g(bugtraq.)f(\(see)g
(links)i(above)e(for)h(ar)o(chives\).)596 4881 y(CIAC:)27
b(Send)h(e-mail)h(to)g(major)o(domo@tholia.llnl.gov)-9
b(.)30 b(In)f(the)g(BODY)g(\(not)g(subject\))g(of)g(the)596
4972 y(message)20 b(put)h(\(either)f(or)h(both\):)g(subscribe)g
(ciac-bulletin)596 5105 y(Red)28 b(Hat)f(has)h(a)g(number)g(of)g
(mailing)h(lists,)f(the)h(most)g(important)f(of)g(which)h(is)f(the)h(r)
o(edhat-)596 5197 y(announce)19 b(list.)g(Y)-8 b(ou)19
b(can)g(r)o(ead)d(about)j(security)g(\(and)e(other\))i(\002xes)g(as)f
(soon)i(as)e(they)h(come)g(out.)596 5288 y(Send)26 b(email)i(to)g(r)o
(edhat-announce-list-r)o(equest@r)o(edhat.com)d(with)j(the)f(Subject)h
(Subscribe)596 5379 y(See)19 b(https://listman.r)o
(edhat.com/mailman/listinfo/)24 b(for)c(mor)o(e)h(info)g(and)f(ar)o
(chives.)p Black 3601 5585 a Fj(41)p Black eop
%%Page: 42 42
42 41 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fm(The)32 b(Debian)h(pr)o(oject)
g(has)g(a)f(security)h(mailing)h(list)f(that)g(covers)g(their)g
(security)g(\002xes.)g(See)596 180 y(http://www)-8 b
(.debian.com/security/)22 b(for)f(mor)o(e)f(information.)596
488 y Fn(Books)k(-)i(Printed)f(Reading)f(Material)596
625 y Fm(Ther)o(e)18 b(ar)o(e)g(a)h(number)h(of)g(good)g(security)f
(books)i(out)f(ther)o(e.)e(This)i(section)h(lists)f(a)f(few)g(of)h
(them.)596 717 y(In)28 b(addition)g(to)h(the)g(security)f(speci\002c)g
(books,)h(security)g(is)f(cover)o(ed)f(in)i(a)f(number)g(of)h(other)596
808 y(books)21 b(on)h(system)f(administration.)p Black
596 1065 a Fh(\225)p Black 64 w Fm(Building)h(Internet)g(Fir)o(ewalls)f
(By)g(D.)h(Br)o(ent)f(Chapman)g(&)g(Elizabeth)g(D.)g(Zwicky)-9
b(,)22 b(1st)g(Edi-)679 1157 y(tion)f(September)f(1995,)e(ISBN:)i
(1-56592-124-0)p Black 596 1290 a Fh(\225)p Black 61
w Fm(Practical)d(UNIX)h(&)g(Internet)g(Security)-9 b(,)17
b(2nd)h(Edition)g(By)g(Simson)h(Gar\002nkel)g(&)e(Gene)i(Spaf-)679
1381 y(for)o(d,)g(2nd)h(Edition)i(April)e(1996,)f(ISBN:)g
(1-56592-148-8)p Black 596 1514 a Fh(\225)p Black 59
w Fm(Computer)e(Security)g(Basics)f(By)h(Deborah)g(Russell)h(&)e(G.T)-6
b(.)17 b(Gangemi,)g(Sr)-6 b(.,)16 b(1st)h(Edition)g(July)679
1605 y(1991,)h(ISBN:)i(0-937175-71-4)p Black 596 1738
a Fh(\225)p Black 71 w Fm(Linux)29 b(Network)g(Administrator)6
b('s)29 b(Guide)f(By)h(Olaf)f(Kir)o(ch,)g(1st)h(Edition)g(January)e
(1995,)679 1829 y(ISBN:)19 b(1-56592-087-2)p Black 596
1962 a Fh(\225)p Black 62 w Fm(PGP:)h(Pr)o(etty)g(Good)g(Privacy)f(By)h
(Simson)h(Gar\002nkel,)e(1st)h(Edition)g(December)f(1994,)f(ISBN:)679
2053 y(1-56592-098-8)p Black 596 2186 a Fh(\225)p Black
82 w Fm(Computer)40 b(Crime)g(A)f(Crime\002ghter)6 b('s)41
b(Handbook)f(By)f(David)h(Icove,)f(Karl)h(Seger)e(&)679
2278 y(W)-5 b(illiam)33 b(V)-9 b(onStor)o(ch)33 b(\(Consulting)h
(Editor)f(Eugene)g(H.)f(Spaf)o(for)o(d\),)e(1st)i(Edition)i(August)679
2369 y(1995,)18 b(ISBN:)i(1-56592-086-4)p Black 596 2502
a Fh(\225)p Black 63 w Fm(Linux)h(Security)f(By)h(John)g(S.)f(Flowers,)
i(New)e(Riders;)h(ISBN:)f(0735700354,)15 b(Mar)o(ch)20
b(1999)p Black 596 2635 a Fh(\225)p Black 61 w Fm(Maximum)f(Linux)g
(Security)f(:)h(A)f(Hacker)6 b('s)18 b(Guide)h(to)g(Pr)o(otecting)g(Y)
-8 b(our)20 b(Linux)f(Server)e(and)679 2726 y(Network,)j(Anonymous,)j
(Paperback)c(-)h(829)g(pages,)g(Sams;)g(ISBN:)f(0672313413,)d(July)21
b(1999)p Black 596 2859 a Fh(\225)p Black 67 w Fm(Intr)o(usion)26
b(Detection)f(By)f(T)-8 b(erry)24 b(Escamilla,)f(Paperback)g(-)h(416)f
(pages)h(\(September)e(1998\),)679 2950 y(John)f(W)-5
b(iley)21 b(and)g(Sons;)g(ISBN:)e(0471290009)p Black
596 3083 a Fh(\225)p Black 63 w Fm(Fighting)i(Computer)f(Crime,)g(Donn)
h(Parker)-6 b(,)19 b(Paperback)g(-)h(526)e(pages)i(\(September)e
(1998\),)679 3174 y(John)j(W)-5 b(iley)21 b(and)g(Sons;)g(ISBN:)e
(0471163783)197 3708 y Fk(Glossar)q(y)596 3850 y Fm(Included)24
b(below)h(ar)o(e)f(several)g(of)g(the)h(most)h(fr)o(equently)f(used)f
(terms)h(in)g(computer)g(security)-9 b(.)596 3941 y(A)22
b(compr)o(ehensive)i(dictionary)f(of)g(computer)g(security)h(terms)f
(is)h(available)e(in)h(the)h(LinuxSe-)596 4032 y(curity)-9
b(.com)20 b(Dictionary)1390 3999 y Ff(120)p Black 596
4290 a Fh(\225)p Black 71 w Fj(authentication:)27 b Fm(The)i(pr)o
(ocess)f(of)h(knowing)h(that)e(the)h(data)f(r)o(eceived)e(is)j(the)g
(same)f(as)h(the)679 4381 y(data)19 b(that)i(was)g(sent,)f(and)h(that)f
(the)h(claimed)g(sender)f(is)h(in)g(fact)f(the)h(actual)f(sender)-6
b(.)p Black 596 4514 a Fh(\225)p Black 73 w Fj(bastion)30
b(Host:)f Fm(A)h(computer)g(system)h(that)f(must)g(be)g(highly)i(secur)
o(ed)c(because)h(it)i(is)f(vul-)679 4605 y(nerable)22
b(to)h(attack,)f(usually)h(because)f(it)h(is)g(exposed)g(to)g(the)g
(Internet)g(and)f(is)i(a)e(main)h(point)679 4696 y(of)g(contact)g(for)g
(users)h(of)f(internal)g(networks.)h(It)g(gets)f(its)h(name)f(fr)o(om)g
(the)h(highly)g(forti\002ed)679 4788 y(pr)o(ojects)h(on)h(the)g(outer)f
(walls)h(of)f(medieval)g(castles.)g(Bastions)h(overlook)g(critical)f
(ar)o(eas)f(of)679 4879 y(defense,)31 b(usually)h(having)h(str)o(ong)f
(walls,)g(r)o(oom)h(for)f(extra)f(tr)o(oops,)h(and)f(the)i(occasional)
679 4970 y(useful)20 b(tub)h(of)g(boiling)h(hot)f(oil)h(for)e
(discouraging)h(attackers.)p Black 596 5103 a Fh(\225)p
Black 61 w Fj(buffer)e(over\003ow:)f Fm(Common)i(coding)f(style)f(is)h
(to)f(never)g(allocate)g(lar)o(ge)f(enough)i(buf)o(fers,)d(and)679
5195 y(to)30 b(not)h(check)f(for)g(over\003ows.)h(When)g(such)f(buf)o
(fers)f(over\003ow)-8 b(,)31 b(the)f(executing)h(pr)o(ogram)679
5286 y(\(daemon)e(or)g(set-uid)g(pr)o(ogram\))g(can)g(be)g(tricked)g
(in)h(doing)g(some)h(other)e(things.)i(Gener)o(-)679
5377 y(ally)22 b(this)i(works)g(by)f(overwriting)g(a)g(function's)h(r)o
(eturn)e(addr)o(ess)f(on)j(the)f(stack)g(to)g(point)h(to)679
5469 y(another)c(location.)p Black 197 5585 a Fj(42)p
Black eop
%%Page: 43 43
43 42 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black Black 596 89 a Fh(\225)p
Black 59 w Fj(denial)c(of)g(service:)g Fm(An)g(attack)f(that)g
(consumes)i(the)f(r)o(esour)o(ces)f(on)h(your)g(computer)g(for)g
(things)679 180 y(it)25 b(was)h(not)g(intended)f(to)h(be)g(doing,)g
(thus)g(pr)o(eventing)f(normal)h(use)g(of)f(your)h(network)g(r)o(e-)679
272 y(sour)o(ces)20 b(for)h(legitimate)f(purposes.)p
Black 596 405 a Fh(\225)p Black 59 w Fj(dual-homed)14
b(Host:)i Fm(A)g(general-purpose)f(computer)i(system)g(that)f(has)g(at)
g(least)g(two)h(network)679 496 y(interfaces.)p Black
596 629 a Fh(\225)p Black 72 w Fj(\002r)o(ewall:)30 b
Fm(A)g(component)h(or)f(set)g(of)g(components)h(that)f(r)o(estricts)f
(access)h(between)f(a)h(pr)o(o-)679 720 y(tected)20 b(network)h(and)f
(the)h(Internet,)g(or)g(between)f(other)h(sets)g(of)g(networks.)p
Black 596 853 a Fh(\225)p Black 63 w Fj(host:)f Fm(A)g(computer)h
(system)h(attached)d(to)i(a)g(network.)p Black 596 986
a Fh(\225)p Black 70 w Fj(IP)28 b(spoo\002ng:)e Fm(IP)i(Spoo\002ng)h
(is)f(a)g(complex)g(technical)g(attack)f(that)h(is)g(made)f(up)h(of)g
(several)679 1077 y(components.)k(It)f(is)h(a)f(security)h(exploit)f
(that)g(works)i(by)e(tricking)h(computers)g(in)g(a)e(tr)o(ust)679
1168 y(r)o(elationship)23 b(into)h(thinking)g(that)g(you)f(ar)o(e)f
(someone)i(that)f(you)h(r)o(eally)e(ar)o(en't.)g(Ther)o(e)g(is)h(an)679
1260 y(extensive)16 b(paper)g(written)i(by)f(daemon9,)f(r)o(oute,)g
(and)h(in\002nity)h(in)g(the)f(V)-9 b(olume)18 b(Seven,)e(Issue)679
1351 y(Forty-Eight)21 b(issue)g(of)g(Phrack)f(Magazine.)p
Black 596 1484 a Fh(\225)p Black 68 w Fj(non-r)o(epudiation:)k
Fm(The)h(pr)o(operty)g(of)g(a)g(r)o(eceiver)f(being)h(able)g(to)h(pr)o
(ove)e(that)i(the)f(sender)g(of)679 1575 y(some)e(data)e(did)h(in)i
(fact)d(send)i(the)g(data)e(even)i(though)h(the)e(sender)h(might)g
(later)f(deny)h(ever)679 1667 y(having)e(sent)g(it.)p
Black 596 1799 a Fh(\225)p Black 63 w Fj(packet:)f Fm(The)h
(fundamental)f(unit)h(of)g(communication)h(on)f(the)g(Internet.)p
Black 596 1932 a Fh(\225)p Black 67 w Fj(packet)j(\002ltering:)h
Fm(The)g(action)g(a)f(device)g(takes)h(to)g(selectively)g(contr)o(ol)g
(the)g(\003ow)h(of)f(data)f(to)679 2023 y(and)j(fr)o(om)h(a)g(network.)
g(Packet)g(\002lters)g(allow)h(or)f(block)h(packets,)e(usually)i(while)
g(r)o(outing)679 2115 y(them)19 b(fr)o(om)g(one)h(network)g(to)g
(another)f(\(most)h(often)f(fr)o(om)g(the)h(Internet)f(to)h(an)f
(internal)g(net-)679 2206 y(work,)h(and)g(vice-versa\).)e(T)-8
b(o)21 b(accomplish)g(packet)e(\002ltering,)i(you)g(set)f(up)g(r)o
(ules)h(that)f(specify)679 2297 y(what)26 b(types)h(of)f(packets)g
(\(those)h(to)g(or)g(fr)o(om)f(a)g(particular)f(IP)i(addr)o(ess)d(or)j
(port\))f(ar)o(e)f(to)i(be)679 2389 y(allowed)20 b(and)g(what)h(types)g
(ar)o(e)f(to)h(be)f(blocked.)p Black 596 2522 a Fh(\225)p
Black 64 w Fj(perimeter)h(network:)g Fm(A)g(network)g(added)f(between)h
(a)f(pr)o(otected)g(network)i(and)f(an)g(external)679
2613 y(network,)i(in)h(or)o(der)f(to)h(pr)o(ovide)e(an)i(additional)f
(layer)g(of)g(security)-9 b(.)23 b(A)g(perimeter)g(network)679
2704 y(is)e(sometimes)h(called)d(a)i(DMZ.)p Black 596
2837 a Fh(\225)p Black 78 w Fj(pr)o(oxy)34 b(server:)i
Fm(A)f(pr)o(ogram)g(that)g(deals)g(with)i(external)d(servers)h(on)i
(behalf)d(of)i(internal)679 2928 y(clients.)29 b(Pr)o(oxy)f(clients)i
(talk)e(to)i(pr)o(oxy)e(servers,)g(which)i(r)o(elay)e(appr)o(oved)f
(client)i(r)o(equests)679 3020 y(to)21 b(r)o(eal)e(servers,)h(and)g(r)o
(elay)g(answers)h(back)f(to)h(clients.)p Black 596 3153
a Fh(\225)p Black 63 w Fj(superuser:)h Fm(An)f(informal)g(name)g(for)f
Fi(root)p Fm(.)197 3603 y Fk(Frequentl)n(y)30 b(Asked)d(Questions)p
Black 745 3896 a Fm(1.)p Black 42 w(Is)22 b(it)g(mor)o(e)f(secur)o(e)g
(to)h(compile)g(driver)f(support)h(dir)o(ectly)f(into)h(the)g(kernel,)g
(instead)f(of)828 3987 y(making)g(it)g(a)g(module?)828
4120 y(Answer:)32 b(Some)h(people)f(think)i(it)e(is)h(better)f(to)h
(disable)f(the)h(ability)g(to)f(load)h(device)828 4211
y(drivers)26 b(using)i(modules,)f(because)g(an)f(intr)o(uder)h(could)g
(load)g(a)g(T)-7 b(r)o(ojan)26 b(module)h(or)g(a)828
4303 y(module)21 b(that)g(could)g(af)o(fect)d(system)k(security)-9
b(.)828 4435 y(However)j(,)21 b(in)i(or)o(der)d(to)j(load)e(modules,)h
(you)h(must)f(be)g(r)o(oot.)f(The)h(module)g(object)h(\002les)828
4527 y(ar)o(e)18 b(also)i(only)h(writable)f(by)f(r)o(oot.)h(This)g
(means)g(the)g(intr)o(uder)g(would)g(need)g(r)o(oot)g(access)828
4618 y(to)32 b(insert)g(a)g(module.)f(If)h(the)g(intr)o(uder)g(gains)g
(r)o(oot)g(access,)f(ther)o(e)g(ar)o(e)f(mor)o(e)h(serious)828
4709 y(things)22 b(to)f(worry)g(about)g(than)g(whether)g(he)g(will)g
(load)g(a)f(module.)828 4842 y(Modules)h(ar)o(e)f(for)h(dynamically)h
(loading)f(support)h(for)f(a)g(particular)f(device)h(that)g(may)828
4933 y(be)e(infr)o(equently)g(used.)g(On)h(server)e(machines,)i(or)f
(\002r)o(ewalls)g(for)g(instance,)g(this)h(is)f(very)828
5025 y(unlikely)h(to)g(happen.)f(For)h(this)g(r)o(eason,)f(it)g(would)h
(make)g(mor)o(e)f(sense)g(to)h(compile)g(sup-)828 5116
y(port)k(dir)o(ectly)f(into)i(the)f(kernel)f(for)h(machines)g(acting)g
(as)g(a)f(server)-6 b(.)23 b(Modules)g(ar)o(e)g(also)828
5207 y(slower)e(than)g(support)g(compiled)g(dir)o(ectly)f(in)h(the)g
(kernel.)p Black 745 5473 a(2.)p Black 41 w(Why)g(does)g(logging)h(in)f
(as)g(r)o(oot)f(fr)o(om)h(a)f(r)o(emote)g(machine)h(always)g(fail?)p
Black 3601 5585 a Fj(43)p Black eop
%%Page: 44 44
44 43 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 828 89 a Fm(Answer:)h(See)p
0 TeXcolorgray 22 w(the)h(Section)g(called)f Fj(Root)g(Security)p
Black Fm(.)h(This)g(is)g(done)g(intentionally)h(to)f(pr)o(e-)828
180 y(vent)h(r)o(emote)g(users)g(fr)o(om)g(attempting)g(to)h(connect)g
(via)e Fi(telnet)h Fm(to)g(your)h(machine)f(as)828 272
y Fi(root)p Fm(,)18 b(which)i(is)g(a)f(serious)h(security)f
(vulnerability)-9 b(,)19 b(because)f(then)i(the)f(r)o(oot)h(passwor)o
(d)828 363 y(would)i(be)f(transmitted,)g(in)h(clear)e(text,)h(acr)o
(oss)g(the)g(network.)h(Don't)g(for)o(get:)f(potential)828
454 y(intr)o(uders)31 b(have)f(time)h(on)g(their)g(side,)f(and)g(can)g
(r)o(un)i(automated)e(pr)o(ograms)g(to)h(\002nd)828 546
y(your)20 b(passwor)o(d.)e(Additionally)-9 b(,)20 b(this)g(is)g(done)f
(to)h(keep)f(a)g(clear)g(r)o(ecor)o(d)f(of)h(who)i(logged)828
637 y(in,)g(not)g(just)h(r)o(oot.)p Black 745 903 a(3.)p
Black 41 w(How)f(do)g(I)g(enable)f(shadow)h(passwor)o(ds)f(on)i(my)f
(Linux)g(box?)828 1036 y(Answer:)828 1168 y(T)-8 b(o)30
b(enable)e(shadow)h(passwor)o(ds,)g(r)o(un)g Fi(pwconv)f
Fm(as)h(r)o(oot,)f(and)h Fi(/etc/shadow)e Fm(should)828
1260 y(now)35 b(exist,)f(and)g(be)g(used)g(by)g(applications.)h(If)f
(you)g(ar)o(e)f(using)i(RH)g(4.2)e(or)i(above,)828 1351
y(the)26 b(P)-8 b(AM)26 b(modules)g(will)h(automatically)f(adapt)f(to)h
(the)g(change)g(fr)o(om)g(using)h(normal)828 1442 y Fi(/etc/passwd)19
b Fm(to)i(shadow)g(passwor)o(ds)f(without)i(any)f(other)g(change.)828
1575 y(Some)26 b(backgr)o(ound:)e(shadow)i(passwor)o(ds)g(is)g(a)f
(mechanism)h(for)g(storing)g(your)g(pass-)828 1667 y(wor)o(d)20
b(in)h(a)e(\002le)i(other)f(than)h(the)f(normal)h Fi(/etc/passwd)e
Fm(\002le.)h(This)h(has)f(several)f(advan-)828 1758 y(tages.)26
b(The)g(\002rst)g(one)h(is)f(that)g(the)h(shadow)f(\002le,)g
Fi(/etc/shadow)p Fm(,)e(is)j(only)g(r)o(eadable)d(by)828
1849 y(r)o(oot,)17 b(unlike)g Fi(/etc/passwd)p Fm(,)e(which)j(must)g(r)
o(emain)e(r)o(eadable)f(by)i(everyone.)g(The)g(other)828
1940 y(advantage)e(is)h(that)g(as)g(the)g(administrator)-6
b(,)16 b(you)h(can)f(enable)f(or)i(disable)e(accounts)i(with-)828
2032 y(out)k(everyone)g(knowing)h(the)f(status)g(of)g(other)g(users')g
(accounts.)828 2165 y(The)d Fi(/etc/passwd)f Fm(\002le)i(is)f(then)h
(used)f(to)h(stor)o(e)f(user)h(and)f(gr)o(oup)g(names,)g(used)g(by)h
(pr)o(o-)828 2256 y(grams)j(like)g Fi(/bin/ls)f Fm(to)i(map)f(the)g
(user)g(ID)g(to)g(the)h(pr)o(oper)e(user)h(name)g(in)g(a)g(dir)o
(ectory)828 2347 y(listing.)828 2480 y(The)c Fi(/etc/shadow)f
Fm(\002le)h(then)h(only)g(contains)g(the)g(user)f(name)g(and)g(his/her)
h(passwor)o(d,)828 2571 y(and)h(per)o(haps)g(accounting)h(information,)
h(like)f(when)g(the)g(account)g(expir)o(es,)e(etc.)828
2704 y(T)-8 b(o)30 b(enable)e(shadow)h(passwor)o(ds,)g(r)o(un)g
Fi(pwconv)f Fm(as)h(r)o(oot,)f(and)h Fi(/etc/shadow)e
Fm(should)828 2796 y(now)e(exist,)g(and)f(be)g(used)g(by)h
(applications.)f(Since)g(you)h(ar)o(e)e(using)j(RH)f(4.2)e(or)i(above,)
828 2887 y(the)h(P)-8 b(AM)26 b(modules)g(will)h(automatically)f(adapt)
f(to)h(the)g(change)g(fr)o(om)g(using)h(normal)828 2978
y Fi(/etc/passwd)19 b Fm(to)i(shadow)g(passwor)o(ds)f(without)i(any)f
(other)g(change.)828 3111 y(Since)26 b(you'r)o(e)h(inter)o(ested)f(in)h
(securing)g(your)g(passwor)o(ds,)f(per)o(haps)f(you)j(would)f(also)828
3202 y(be)j(inter)o(ested)g(in)h(generating)f(good)h(passwor)o(ds)f(to)
h(begin)g(with.)g(For)g(this)g(you)g(can)828 3294 y(use)25
b(the)h Fi(pam_cracklib)d Fm(module,)i(which)i(is)e(part)g(of)g(P)-8
b(AM.)25 b(It)g(r)o(uns)h(your)g(passwor)o(d)828 3385
y(against)j(the)g(Crack)e(libraries)i(to)g(help)g(you)g(decide)f(if)g
(it)h(is)g(too-easily)g(guessable)g(by)828 3476 y(passwor)o(d-cracking)
20 b(pr)o(ograms.)p Black 745 3742 a(4.)p Black 41 w(How)h(can)g(I)f
(enable)h(the)f(Apache)g(SSL)g(extensions?)828 3875 y(Answer:)p
Black 977 4132 a(a.)p Black 41 w(Get)h(SSLeay)e(0.8.0)g(or)i(later)f
(fr)o(om)g(<65533>)2498 4099 y Ff(121)p Black 973 4265
a Fm(b.)p Black 41 w(Build)h(and)f(test)h(and)f(install)i(it!)p
Black 982 4398 a(c.)p Black 41 w(Get)f(Apache)f(sour)o(ce)p
Black 968 4531 a(d.)p Black 41 w(Get)h(Apache)f(SSLeay)f(extensions)j
(fr)o(om)e(her)o(e)2585 4498 y Ff(122)p Black 979 4664
a Fm(e.)p Black 46 w(Unpack)k(it)i(in)f(the)h(apache)e(sour)o(ce)g(dir)
o(ectory)h(and)f(patch)h(Apache)f(as)h(per)g(the)1060
4755 y(README.)p Black 991 4888 a(f.)p Black 41 w(Con\002gur)o(e)c(and)
f(build)h(it.)828 5153 y(Y)-8 b(ou)33 b(might)h(also)e(try)g(ZEDZ)h
(net)1944 5120 y Ff(123)2051 5153 y Fm(which)h(has)e(many)g(pr)o
(e-built)g(packages,)f(and)h(is)828 5245 y(located)20
b(outside)h(of)g(the)g(United)f(States.)p Black 197 5585
a Fj(44)p Black eop
%%Page: 45 45
45 44 bop Black 0 TeXcolorgray Black 2835 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black Black 745 89 a Fm(5.)p
Black 41 w(How)g(can)g(I)f(manipulate)h(user)f(accounts,)h(and)f(still)
i(r)o(etain)e(security?)828 222 y(Answer:)d(most)g(distributions)h
(contain)g(a)e(gr)o(eat)g(number)h(of)g(tools)h(to)f(change)g(the)g(pr)
o(op-)828 313 y(erties)j(of)h(user)g(accounts.)p Black
828 571 a Fh(\225)p Black 85 w Fm(The)42 b Fi(pwconv)f
Fm(and)h Fi(unpwconv)f Fm(pr)o(ograms)g(can)h(be)g(used)g(to)g(convert)
g(between)911 662 y(shadow)21 b(and)f(non-shadowed)i(passwor)o(ds.)p
Black 828 795 a Fh(\225)p Black 64 w Fm(The)e Fi(pwck)h
Fm(and)f Fi(grpck)g Fm(pr)o(ograms)g(can)h(be)f(used)g(to)i(verify)e
(pr)o(oper)g(or)o(ganization)g(of)911 886 y(the)h Fi(passwd)f
Fm(and)g Fi(group)g Fm(\002les.)p Black 828 1019 a Fh(\225)p
Black 69 w Fm(The)26 b Fi(useradd)p Fm(,)e Fi(usermod)p
Fm(,)g(and)i Fi(userdel)e Fm(pr)o(ograms)i(can)f(be)g(used)h(to)g(add,)
f(delete)911 1110 y(and)34 b(modify)i(user)e(accounts.)h(The)g
Fi(groupadd)p Fm(,)e Fi(groupmod)p Fm(,)h(and)g Fi(groupdel)g
Fm(pr)o(o-)911 1202 y(grams)21 b(will)g(do)g(the)g(same)f(for)h(gr)o
(oups.)p Black 828 1334 a Fh(\225)p Black 64 w Fm(Gr)o(oup)f(passwor)o
(ds)h(can)f(be)h(cr)o(eated)d(using)k Fi(gpasswd)p Fm(.)828
1600 y(All)k(these)h(pr)o(ograms)f(ar)o(e)f("shadow-awar)o(e")g(--)g
(that)i(is,)f(if)h(you)g(enable)f(shadow)h(they)828 1691
y(will)21 b(use)g Fi(/etc/shadow)e Fm(for)i(passwor)o(d)f(information,)
h(otherwise)h(they)f(won't.)828 1824 y(See)f(the)h(r)o(espective)e(man)
i(pages)f(for)h(further)f(information.)p Black 745 2090
a(6.)p Black 41 w(How)h(can)g(I)f(passwor)o(d-pr)o(otect)f(speci\002c)i
(HTML)f(documents)i(using)f(Apache?)828 2223 y(I)g(bet)f(you)i(didn't)e
(know)i(about)f(http://www)-8 b(.apacheweek.or)o(g)2969
2190 y Ff(124)3043 2223 y Fm(,)21 b(did)f(you?)828 2356
y(Y)-8 b(ou)165 b(can)f(\002nd)h(information)g(on)g(user)f
(authentication)g(at)828 2447 y(http://www)-8 b(.apacheweek.com/featur)
o(es/userauth)21 b(as)g(well)h(as)f(other)g(web)h(server)828
2538 y(security)f(tips)g(fr)o(om)f(http://www)-8 b(.apache.or)o
(g/docs/misc/security_tips.html)197 3122 y Fk(Conc)n(lusion)596
3264 y Fm(By)29 b(subscribing)i(to)f(the)g(security)g(alert)f(mailing)i
(lists,)f(and)f(keeping)h(curr)o(ent,)f(you)h(can)g(do)596
3355 y(a)25 b(lot)h(towar)o(ds)f(securing)g(your)h(machine.)g(If)f(you)
h(pay)f(attention)h(to)g(your)g(log)g(\002les)g(and)f(r)o(un)596
3446 y(something)d(like)f Fi(tripwire)e Fm(r)o(egularly)-9
b(,)20 b(you)h(can)f(do)h(even)g(mor)o(e.)596 3579 y(A)26
b(r)o(easonable)g(level)h(of)h(computer)f(security)g(is)h(not)g(dif)o
(\002cult)f(to)g(maintain)h(on)g(a)e(home)i(ma-)596 3670
y(chine.)f(Mor)o(e)f(ef)o(fort)g(is)h(r)o(equir)o(ed)f(on)h(business)h
(machines,)f(but)h(Linux)f(can)f(indeed)h(be)g(a)f(se-)596
3762 y(cur)o(e)18 b(platform.)g(Due)h(to)h(the)f(natur)o(e)f(of)h
(Linux)g(development,)g(security)g(\002xes)g(often)g(come)g(out)596
3853 y(much)25 b(faster)f(than)h(they)g(do)g(on)h(commer)o(cial)f
(operating)g(systems,)g(making)h(Linux)f(an)g(ideal)596
3944 y(platform)20 b(when)h(security)g(is)g(a)g(r)o(equir)o(ement.)197
4262 y Fk(Ac)n(kno)n(wledgments)596 4404 y Fm(Information)f(her)o(e)f
(is)h(collected)f(fr)o(om)g(many)h(sour)o(ces.)f(Thanks)h(to)g(the)g
(following)h(who)f(either)596 4495 y(indir)o(ectly)g(or)h(dir)o(ectly)f
(have)g(contributed:)596 4702 y Fi(Rob)44 b(Riggs)596
4784 y(rob@DevilsThumb.com)1451 4754 y Fg(127)596 5091
y Fm(S.)20 b(Cof)o(\002n)g(scof)o(\002n@netcom.com)1680
5058 y Ff(128)596 5224 y Fm(V)-5 b(iktor)21 b(Przebinda)f(viktor@CR)m
(YST)-6 b(AL.MA)g(TH.ou.edu)2455 5191 y Ff(129)596 5357
y Fm(Roelof)21 b(Osinga)g(r)o(oelof@eboa.com)1760 5324
y Ff(130)p Black 3601 5585 a Fj(45)p Black eop
%%Page: 46 46
46 45 bop Black 0 TeXcolorgray Black 197 -132 a Fj(Linux)21
b(Security)g(HOWT)o(O)p Black 596 89 a Fm(Kyle)g(Hasselbacher)e
(kyle@car)o(efr)o(ee.quux.soltc.net)2341 56 y Ff(131)596
222 y Fm(David)h(S.)g(Jackson)h(dsj@dsj.net)1639 189
y Ff(132)596 355 y Fm(T)-8 b(odd)20 b(G.)h(Ruskell)h(r)o
(uskell@boulder)-6 b(.nist.gov)2117 322 y Ff(133)596
488 y Fm(Rogier)21 b(W)-8 b(olf)o(f)20 b(R.E.W)-8 b(olf)o(f@BitW)j
(izar)o(d.nl)1952 454 y Ff(134)596 620 y Fm(Antonomasia)21
b(ant@notatla.demon.co.uk)2043 587 y Ff(135)596 753 y
Fm(Nic)f(Bellamy)h(sky@wibble.net)1641 720 y Ff(136)596
886 y Fm(Eric)f(Hanchr)o(ow)h(of)o(fby1@blar)o(g.net)1794
853 y Ff(137)596 1019 y Fm(Robert)g(J.)f(Ber)o(gerrber)o(ger@ibd.com)
1803 986 y Ff(138)596 1152 y Fm(Ulrich)g(Alpers)g(lur)o(chi@cdr)o
(om.uni-stuttgart.de)2226 1119 y Ff(139)596 1285 y Fm(David)g(Noha)h
(dave@c-c-s.com)1652 1251 y Ff(140)596 1417 y Fm(Pavel)f(Epifanov)-9
b(.)20 b(epv@ibm.net)1664 1384 y Ff(141)596 1550 y Fm(Joe)g(Germuska.)h
(joe@germuska.com)1860 1517 y Ff(142)596 1683 y Fm(Franklin)g(S.)f(W)-8
b(err)o(en)20 b(fswerr)o(en@bagpipes.net)2157 1650 y
Ff(143)596 1816 y Fm(Paul)g(Rusty)i(Russell)g(