source: postlfs/security/security.xml@ bfb7882

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 6.1 6.2 6.2.0 6.2.0-rc1 6.2.0-rc2 6.3 6.3-rc1 6.3-rc2 6.3-rc3 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since bfb7882 was 2dbd7a5f, checked in by Manuel Canales Esparcia <manuel@…>, 19 years ago

Tagged security.xml

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@4207 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 2.5 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
3 "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6]>
7
8<chapter id="postlfs-security">
9 <?dbhtml filename="security.html"?>
10
11 <title>Security</title>
12
13 <para>Security takes many forms in a computing environment. This chapter
14 gives examples of three different types of security: access, prevention
15 and detection.</para>
16
17 <para>Access for users is usually handled by <command>login</command> or an
18 application designed to handle the login function. In this chapter, we show
19 how to enhance <command>login</command> by setting policies with
20 <application>PAM</application> modules. Access via networks
21 can also be secured by policies set by <application>iptables</application>,
22 commonly referred to as a firewall. For applications that don't offer the
23 best security, you can use the <application>Stunnel</application> package to
24 wrap an application daemon inside an SSL tunnel.</para>
25
26 <para>Prevention of breaches, like a trojan, are assisted by applications like
27 <application>GnuPG</application>, specifically the ability to confirm signed
28 packages, which recognizes modifications of the TAR ball
29 after the packager creates it.</para>
30
31 <para> Finally, we touch on detection with a package that stores "signatures"
32 of critical files (defined by the administrator) and then regenerates those
33 "signatures" and compares for files that have been changed.</para>
34
35 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="openssl.xml"/>
36 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="cracklib.xml"/>
37 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="linux_pam.xml"/>
38 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="shadow.xml"/>
39 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="iptables.xml"/>
40 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="firewalling.xml"/>
41 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="gnupg.xml"/>
42 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="tripwire.xml"/>
43 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="heimdal.xml"/>
44 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="mitkrb.xml"/>
45 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="cyrus-sasl.xml"/>
46 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="stunnel.xml"/>
47
48</chapter>
Note: See TracBrowser for help on using the repository browser.