mirror of
https://github.com/Zeckmathederg/glfs.git
synced 2025-02-01 13:02:35 +08:00
e1d7deca3a
git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1073 af4574ff-66df-0310-9fd7-8a98e5e911e0
29 lines
1.1 KiB
XML
29 lines
1.1 KiB
XML
<chapter id="postlfs-security">
|
|
<?dbhtml filename="security.html" dir="postlfs"?>
|
|
<title>Security</title>
|
|
|
|
<para>Security takes many forms in a computing environment. This chapter
|
|
gives examples of three different types of security; access, prevention
|
|
and detection. Access for users is usually handled by
|
|
<command>login</command> or an application designed to handle the login
|
|
function. In this chapter, we show how to enhance
|
|
<command>login</command> by setting policies with
|
|
<application><acronym>PAM</acronym></application> modules. Access via networks
|
|
can also be secured by policies set by
|
|
<application>iptables</application>. Prevention of breaches, like
|
|
trojans, are assisted by applications like <application>gnupg</application>,
|
|
specifically the ability to confirm signed packages, which prevents
|
|
modification of the tarball after the packager creates it. Finally, we touch on
|
|
detection with a package that stores "signatures" and then regenerates those
|
|
"signatures" and compares for files that have been changed.</para>
|
|
|
|
&shadow;
|
|
&Linux_PAM;
|
|
&iptables;
|
|
&postlfs-security-fw;
|
|
&gnupg;
|
|
&tripwire;
|
|
&postlfs-security-syslog;
|
|
|
|
</chapter>
|