search

Red Hat NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE Guida di Installazione Pagina 73

  • Scaricare
  • Aggiungi ai miei manuali
  • Stampa
  • Pagina
    / 82
  • Indice
  • SEGNALIBRI
    • Valutato. / 5. Basato su recensioni clienti
Vedere la pagina 72
net.ipv4.ip_dynaddr = 1
# end of example
8.9. Secure Alternatives
This section will give a brief run down on secure alternatives to potentially insecure methods. This will be a
hodge podge of clients and servers.
telnet, rsh − ssh
ftp, rcp − scp or sftp. Both are part of ssh packages. Also, files can easily be transfered via HTTP if
Apache is already running anyway. Apache can be buttoned down even more by using SSL
(HTTPS).
sendmail − postfix, qmail. Not to imply that current versions of sendmail are insecure. Just that there
is some bad history there, and just because it is so widely used that it makes an inviting crack target.
As noted above, Linux installations often include a fully functional mail server. While this may have
some advantages, it is not necessary in many cases for simply sending mail, or retrieving mail. This
can all be done without a "mail server daemon" running locally.
POP3 − SPOP3, POP3 over SSL. If you really need to run your own POP server, this is the way to do
it. If retrieving your mail from your ISP's server, then you are at their mercy as to what they provide.
IMAP − IMAPS, same as above.
If you find you need a particular service, and it is for just you or a few friends, consider running it on
a non−standard port. Most server daemons support this, and is not a problem as long as those who
will be connecting, know about it. For instance, the standard port for sshd is 22. Any worm or scan
will probe for this port number. So run it on a randomly chosen port. See the sshd man page.
8.10. Ipchains and Iptables Redux
This section offers a little more advanced look at some of things that ipchains and iptables can do. These are
basically the same scripts as in Step 3 above, just with some more advanced configuration options added.
These will provide "masquerading", "port forwarding", allow access to some user definable services, and a
few other things. Read the comments for explanations.
8.10.1. ipchains II
#!/bin/sh
#
# ipchains.sh
#
# An example of a simple ipchains configuration. This script
# can enable 'masquerading' and will open user definable ports.
#
###################################################################
# Begin variable declarations and user configuration options ######
Security Quick−Start HOWTO for Red Hat Linux
8.9. Secure Alternatives 70
Vedere la pagina 72
1 2 ... 68 69 70 71 72 73 74 75 76 77 78 ... 81 82

Commenti su questo manuale

Nessun commento
  • Azden Porta-Nails Efkon Nimar DAT
  • Leica Pompe d’acqua NEC Array per dischi Eton Lettori CD Bauer no Brenthaven Custodie per notebook
  • Acer B273HL Roland SRX-12 Uniden UST-9000 Samsung GT-E1080W CyberData 011214
  • Sony CPF-IX001 Manuale Utente Panasonic SCAK520 Manuale Utente BenQ GW2450 Manuale Utente Makita JR3060T Scheda Tecnica Grundig BL 5040 Manuale Utente