Chapter 10 - Securing Your System Flashcards
what is a super server / super daemon?
10-525
this is a program that listens for network connections on behalf of another program
linux has two primary super daemons. what are their names?
10-525
inetd
xinetd
the socket type entry tells the system what kind of connection to expect. tell me three of them and contrast them.
10-526
stream - reliable two way connection
dgram - less reliable connection with less overhead
raw - low-level connection to the network
how is xinetd an extended super daemon?
10-528
provides the functionality of the legacy inetd, but it also has security options that are similar to those of TCP wrappers
there is a configuration tool you can use to bind a server only to the loopback interface. what is that tool?
10-529
Samba Web Administration Tool
SWAT
in linux, how do you program the packet filter firewall capabilities of the kernel?
10-530
set up the firewall rules by using the iptables program followed by various options
tell me 2 ways you can disable your unused servers for the sake of security
10-531
uninstall the package
reconfigure the server
tell me 3 audit tools available to use for security reasons
10-531
netstat
lsof
remote network scanners
when you want to quickly spot servers listening for connections, what command do you type?
10-533
netstat -lp
tell me 2 things that lsof is used for
10-534
identify what files are open
find who’s accessing those files
the network scanner Nmap is used in security audits by scanning for what?
10-535
open ports
what’s a scanning tool that is more user friendly than Nmap? (hint: built on top of Nmap and has a GUI)
10-537
Nessus
what would you use the fuser command for?
10-537
to determine the processes currently using a particular network port
you need to move all password information from the /etc/password file to the locked-down /etc/shadow file. what command do you run to accomplish this?
10-541
pwconv
when mitigating password risks, you should use secure remote login protocols. tell me 2 protocols to disable and 2 to use instead and why
10-541
disable Telnet and FTP
use SSH and SFTP
because Telnet and FTP use cleartext passwords