Changeset 64d97b7c for postlfs/security


Ignore:
Timestamp:
04/01/2003 07:52:38 PM (19 years ago)
Author:
Larry Lawrence <larry@…>
Branches:
10.0, 10.1, 11.0, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, ken/refactor-virt, krejzi/svn, lazarus, nosym, perl-modules, qt5new, systemd-11177, systemd-13485, trunk, upgradedb, v1_0, v5_0, v5_0-pre1, v5_1, v5_1-pre1, xry111/git-date, xry111/git-date-for-trunk, xry111/git-date-test
Children:
d67b774
Parents:
0a9287a
Message:

update to sawfish-1.3, librep-0.16.2 and first round spell check

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@792 af4574ff-66df-0310-9fd7-8a98e5e911e0

Location:
postlfs/security
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • postlfs/security/firewalling/busybox.xml

    r0a9287a r64d97b7c  
    1313setup more complex and your box less secure: You induce the risks of
    1414misconfigured services or running a service with an exploitable bug, both risks
    15 that a firewall principially should be immune of. See the introduction to
     15that a firewall principally should be immune of. See the introduction to
    1616<xref linkend="postlfs-security-fw-masqRouter"/> for some more details.</para>
    1717
  • postlfs/security/firewalling/intro.xml

    r0a9287a r64d97b7c  
    1313to aim no harm, you wouldn't need to do firewalling! 
    1414In the real world however, daemons may be misconfigured,
    15 exploits against essential services are freely availiable, you
     15exploits against essential services are freely available, you
    1616may wish to choose which services are accessible by certain machines,
    1717you may wish to limit which machines or applications are allowed
     
    4747<sect3><title><xref linkend="postlfs-security-fw-masqRouter"/></title>
    4848<para>This is a box placed between the internet and an intranet.
    49 To minimize the risk of compromizing the firewall itself it
     49To minimize the risk of compromising the firewall itself it
    5050should generally have only one role, that of protecting the intranet.
    5151Although not completely riskless, the tasks of doing the routing
     
    5353of the packets it routes from clients with private IP-addresses onto
    5454the internet so that they seem to come from the firewall
    55 itself</para></footnote> are commonly considerd harmless.</para></sect3>
     55itself</para></footnote> are commonly considered harmless.</para></sect3>
    5656
    5757<sect3><title><xref linkend="postlfs-security-fw-busybox"/></title>
  • postlfs/security/iptables/iptables-desc.xml

    r0a9287a r64d97b7c  
    1515
    1616<sect3><title>iptables-save, ~-restore</title>
    17 <para>to save and to restore your elabourated set of chains and rules.
     17<para>to save and to restore your elaborated set of chains and rules.
    1818Until iptables-1.2.5 they were declared experimental.</para>
    1919</sect3>
  • postlfs/security/iptables/iptables-intro.xml

    r0a9287a r64d97b7c  
    2424is checked (if it is available at <filename>/usr/src/linux</filename> to
    2525see which features are available.  Support will only be compiled into
    26 iptables for the features recognised at compile-time.  Applying a kernel
     26iptables for the features recognized at compile-time.  Applying a kernel
    2727patch may result in errors, often because the hooks for the patches
    2828have changed or because the runme script doesn't recognize that a patch
  • postlfs/security/shadow/shadow-inst.xml

    r0a9287a r64d97b7c  
    11<sect2>
    2 <title>Reinstallation of shadow to utilize PAM</title>
     2<title>Re-installation of shadow to utilize PAM</title>
    33
    44<para>Download the patch for shadow from <ulink url="&hfile-root;"/></para>
Note: See TracChangeset for help on using the changeset viewer.