Red Hat Enterprise Linux 6 Security Guide

Only available on StudyMode
  • Download(s) : 141
  • Published : January 3, 2013
Open Document
Text Preview
Red Hat Enterprise Linux 6 Security Guide

1

Red Hat Enterprise Linux 6
Security Guide
A Guide to Securing Red Hat Enterprise Linux

Edition 3

Red Hat Engineering Content Services

2

Legal Notice

Legal Notice
Copyright © 2011 Red Hat, Inc. Based on the Fedora Security Guide (current version at http://docs.fedoraproject.org/enUS/Fedora/16/html/Security_Guide/index.html), written by Johnray Fuller, Eric Christensen, Adam Ligas, and other Fedora Project contributors. T he text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux® is the registered trademark of Linus T orvalds in the United States and other countries. Java® is a registered trademark of Oracle and/or its affiliates. XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries. All other trademarks are the property of their respective owners. 1801 Varsity Drive Raleigh, NC 27606-2072 USA Phone: +1 919 754 3700 Phone: 888 733 4281 Fax: +1 919 754 3701

Red Hat Enterprise Linux 6 Security Guide

3

Abstract
T his book assists users and administrators in learning the processes and practices of securing workstations and servers against local and remote intrusion, exploitation and malicious activity. Focused on Red Hat Enterprise Linux but detailing concepts and techniques valid for all Linux systems, this guide details the planning and the tools involved in creating a secured computing environment for the data center, workplace, and home. With proper administrative knowledge, vigilance, and tools, systems running Linux can be both fully functional and secured from most common intrusion and exploit methods.

4

Table of Contents

Table of Contents
Preface 1. Document Conventions 1.1. T ypographic Conventions 1.2. Pull-quote Conventions 1.3. Notes and Warnings 2. We Need Feedback! 1. Security Overview 1.1. Introduction to Security 1.1.1. What is Computer Security? 1.1.2. SELinux 1.1.3. Security Controls 1.1.4. Conclusion 1.2. Vulnerability Assessment 1.2.1. T hinking Like the Enemy 1.2.2. Defining Assessment and T esting 1.2.3. Evaluating the T ools 1.3. Attackers and Vulnerabilities 1.3.1. A Quick History of Hackers 1.3.2. T hreats to Network Security 1.3.3. T hreats to Server Security 1.3.4. T hreats to Workstation and Home PC Security 1.4. Common Exploits and Attacks 1.5. Security Updates 1.5.1. Updating Packages 1.5.2. Verifying Signed Packages 1.5.3. Installing Signed Packages 1.5.4. Applying the Changes 2. Securing Your Network 2.1. Workstation Security 2.1.1. Evaluating Workstation Security 2.1.2. BIOS and Boot Loader Security 2.1.3. Password Security 2.1.4. Administrative Controls 2.1.5. Available Network Services 2.1.6. Personal Firewalls 2.1.7. Security Enhanced Communication T ools 2.2. Server Security 2.2.1. Securing Services With T CP Wrappers and xinetd 2.2.2. Securing Portmap 2.2.3. Securing NIS 2.2.4. Securing NFS 2.2.5. Securing the Apache HT T P Server 2.2.6. Securing FT P 2.2.7. Securing Sendmail 2.2.8. Verifying Which Ports Are Listening 2.3. Single Sign-on (SSO) 2.4. Pluggable Authentication Modules (PAM)

Red Hat Enterprise Linux 6 Security Guide

5

2.5....
tracking img