glfs/postlfs/security/security.xml

<chapter id="postlfs-security">
<?dbhtml filename="security.html" dir="postlfs"?>
<title>Security</title>

<para>Security takes many forms in a computing environment. This chapter
gives examples of three different types of security: access, prevention
and detection.</para>

<para>Access for users is usually handled by <command>login</command> or an 
application designed to handle the login function.  In this chapter, we show 
how to enhance <command>login</command> by setting policies with
<application><acronym>PAM</acronym></application> modules.  Access via networks
can also be secured by policies set by <application>iptables</application>, 
commonly referred to as a firewall.</para>

<para>Prevention of breaches, like a trojan, are assisted by applications like 
<application>GnuPG</application>, specifically the ability to confirm signed 
packages, which prevents modification of the <acronym>TAR</acronym> ball after 
the packager creates it.</para>

<para> Finally, we touch on detection with a package that stores "signatures" 
of critical files (defined by the administrator) and then regenerates those 
"signatures" and compares for files that have been changed.</para>

&cracklib;
&Linux_PAM;
&shadow;
&iptables;
&postlfs-security-fw;
&gnupg;
&tripwire;
&heimdal;
&mitkrb;
<!--&postlfs-security-syslog;-->

</chapter>
Initial revision git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@3 af4574ff-66df-0310-9fd7-8a98e5e911e0 2002-07-08 04:28:42 +08:00			`<chapter id="postlfs-security">`
			`<?dbhtml filename="security.html" dir="postlfs"?>`
			`<title>Security</title>`

update libungif intro git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1073 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-09-15 04:28:20 +08:00			`<para>Security takes many forms in a computing environment. This chapter`
shadow/pam patches git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1217 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-09-27 10:37:14 +08:00			`gives examples of three different types of security: access, prevention`
update to lcms-1.11 git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1150 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-09-22 03:11:48 +08:00			`and detection.</para>`

			`<para>Access for users is usually handled by <command>login</command> or an`
			`application designed to handle the login function. In this chapter, we show`
			`how to enhance <command>login</command> by setting policies with`
update libungif intro git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1073 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-09-15 04:28:20 +08:00			`<application><acronym>PAM</acronym></application> modules. Access via networks`
update to lcms-1.11 git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1150 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-09-22 03:11:48 +08:00			`can also be secured by policies set by <application>iptables</application>,`
			`commonly referred to as a firewall.</para>`

			`<para>Prevention of breaches, like a trojan, are assisted by applications like`
shadow/pam patches git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1217 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-09-27 10:37:14 +08:00			`<application>GnuPG</application>, specifically the ability to confirm signed`
compound word edits, a2ps expanded intro git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1303 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-10-04 22:23:39 +08:00			`packages, which prevents modification of the <acronym>TAR</acronym> ball after`
			`the packager creates it.</para>`
update to lcms-1.11 git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1150 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-09-22 03:11:48 +08:00
			`<para> Finally, we touch on detection with a package that stores "signatures"`
			`of critical files (defined by the administrator) and then regenerates those`
update libungif intro git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1073 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-09-15 04:28:20 +08:00			`"signatures" and compares for files that have been changed.</para>`

added cracklib-2.7 git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@2045 af4574ff-66df-0310-9fd7-8a98e5e911e0 2004-04-22 22:04:15 +08:00			`&cracklib;`
update libungif intro git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1073 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-09-15 04:28:20 +08:00			`&Linux_PAM;`
redo shadow intro and fix some error from today git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1234 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-09-29 11:05:16 +08:00			`&shadow;`
Initial revision git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@3 af4574ff-66df-0310-9fd7-8a98e5e911e0 2002-07-08 04:28:42 +08:00			`&iptables;`
			`&postlfs-security-fw;`
update libungif intro git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1073 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-09-15 04:28:20 +08:00			`&gnupg;`
add tripwire git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@802 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-04-04 09:32:17 +08:00			`&tripwire;`
added heimdal git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@2068 af4574ff-66df-0310-9fd7-8a98e5e911e0 2004-04-28 04:24:55 +08:00			`&heimdal;`
added MIT Kerberos 5 git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@2092 af4574ff-66df-0310-9fd7-8a98e5e911e0 2004-05-06 11:01:04 +08:00			`&mitkrb;`
update to lcms-1.11 git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1150 af4574ff-66df-0310-9fd7-8a98e5e911e0 2003-09-22 03:11:48 +08:00			`<!--&postlfs-security-syslog;-->`
Initial revision git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@3 af4574ff-66df-0310-9fd7-8a98e5e911e0 2002-07-08 04:28:42 +08:00
			`</chapter>`