Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this
10Activity

Table Of Contents

Preface
Chapter 1. Introduction
1.1 Security framework - Overview
1.2 Security framework - Planning
1.5 Security framework - Monitoring
1.6 Security framework - Incident response
1.7 Next steps
Chapter 2. Firewalls
2.1 Misconceptions about firewalls
2.2 Types of firewalls
• Static packet filter firewalls
• Circuit level firewalls
2.2.1 Static packet filter firewalls
2.2.2 Circuit level firewalls
2.2.3 Application layer (proxy) firewalls
2.2.4 Dynamic packet filter firewalls
2.2.5 Comparison between the different types
2.3 Firewall designs
2.3.1 Basic firewall design
2.3.2 Firewalls with demilitarized zone (DMZ)
2.3.3 Compartmentalized firewall environment design
2.4 Securing firewalls
2.5 Firewalls on AIX
Chapter 3. Check Point FireWall-1
3.1 FireWall-1 features
3.2 Complementary software for FireWall-1
3.3 Securing FireWall-1
3.3.1 Closing vulnerabilities during system startup
3.3.2 Managing FireWall-1 logs
3.3.3 Securing FireWall-1 default configurations
3.3.4 Creating a useful rulebase
3.3.6 Enabling other defense mechanisms
3.4 List of ports that Check Point FireWall-1 uses
Chapter 4. IBM Secureway Firewall
4.1 IBM Secureway Firewall features
4.2 Complimentary software for IBM Secureway Firewall
4.3 Firewall hardening
4.4 Network Security Auditor (NSA)
4.4.1 Installing NSA
4.4.2 Using NSA
4.4.3 Interpreting NSA output
Chapter 5. Secure remote access
5.1 Secure Shell (ssh)
5.1.1 Obtaining SSH
5.1.2 Difference between SSH1 and SSH2
5.1.3 Key concepts of SSH
5.1.4 Installing OpenSSH on AIX
5.1.5 OpenSSH using SSH1
5.1.6 OpenSSH using SSH2
5.1.7 Other interesting SSH daemon configuration options
5.1.8 SSH2 interoperability between OpenSSH and SSH.Com
5.1.9 SSH clients for the PC
5.1.10 Implications of having SSH
5.1.11 Alternatives to SSH
5.2 TCP Wrapper
5.2.1 Obtaining and installing TCP Wrapper
5.2.2 Configuring TCP Wrapper
5.2.3 Additional TCP Wrapper security features
Chapter 6. Port and network scanning
6.1 fping
6.1.1 Obtaining and installing fping
6.1.2 Using fping
6.1.3 Protection against ping sweeps
6.2 Network Mapper (NMAP)
6.2.1 Obtaining and installing nmap
6.2.2 Nmap usage
6.2.3 Protection against port scanners
6.3 Security Administrator's Integrated Network Tool (SAINT)
6.3.1 Obtaining and installing SAINT
6.3.2 Using SAINT
6.4 PortSentry
6.4.1 Obtaining and installing PortSentry
6.4.2 Defense provided by PortSentry
6.5 List Open Files (lsof)
6.5.1 Installing lsof
6.5.2 Using lsof
6.6 Intrusion detection
Chapter 7. System and data integrity
7.1 Tripwire
7.1.1 Obtaining and installing Tripwire
7.1.2 Configuring and using Tripwire
7.1.3 Configuring Tripwire
7.1.4 Comments on configuration
7.1.5 When should Tripwire be run
7.1.6 Alternatives to Tripwire
7.2 John the Ripper
7.2.1 Obtaining and installing John the Ripper
7.2.2 Configuring John the Ripper
7.2.3 Using John the Ripper
7.3 Pretty Good Privacy (PGP)
7.3.1 PGP basics
7.3.2 Obtaining and installing PGP
7.3.3 Using PGP
7.3.4 Protecting your private key
7.4 MD5
7.4.1 Ensuring the integrity of downloads
8.2 Step 1: Remove unnecessary services
8.2.1 Removing entries from /etc/inittab
8.2.2 Removing entries from /etc/rc.tcpip
8.2.3 Removing entries from /etc/inetd.conf
8.3 Step 2: Tighten configurations of remaining services
8.3.1 Domain Name System (DNS)
8.3.2 Network File System and Network Information Service
8.3.3 Simple Mail Transfer Protocol (SMTP)
8.3.7 File Transfer Protocol (ftp)
8.3.8 Protecting TCP services using SOCKS
8.4 Step 3: Set proper network (no) options
8.4.1 SYN attack protection
8.4.2 Broadcast protection
8.4.3 IP routing options
8.5 Step 4: Tighten up user accounts
8.5.1 Removing unnecessary default accounts
8.5.2 Setting user attributes
8.5.3 Securing root
8.5.4 Other attributes
8.6 Step 5: Set up strong password policy
8.6.1 Modifying user password attributes
8.6.2 Password cracker utility
8.7 Step 6: Install additional security tools
8.8 Step 7: Monitor logs, audit trails, and system behavior
8.8.1 Monitor system logs
8.8.2 Enable auditing
8.8.3 Monitor files and directories
8.8.4 Monitor cron and at jobs
Appendix A. NSA Scan Options
Appendix B. Script used to scan a network with fping
Appendix C. Script to merge the AIX passwd files
Appendix D. Special notices
Appendix E. Related publications
E.1 IBM Redbooks
E.2 IBM Redbooks collections
E.3 Other resources
E.4 Referenced Web sites
How to get IBM Redbooks
IBM Redbooks fax order form
Index
IBM Redbooks review
0 of .
Results for:
No results containing your search query
P. 1
aix_security

aix_security

Ratings: (0)|Views: 2,475 |Likes:
Published by thomas926

More info:

Published by: thomas926 on Mar 16, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

05/28/2013

pdf

text

original

You're Reading a Free Preview
Pages 6 to 15 are not shown in this preview.
You're Reading a Free Preview
Pages 21 to 46 are not shown in this preview.
You're Reading a Free Preview
Pages 52 to 148 are not shown in this preview.
You're Reading a Free Preview
Pages 154 to 191 are not shown in this preview.
You're Reading a Free Preview
Pages 197 to 260 are not shown in this preview.

Activity (10)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
amendoados liked this
Moh Said liked this
Paul Njoroge liked this
Joaquin Labrador liked this
Semo Saleh liked this
Sree Sreedhar liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->