Professional Documents
Culture Documents
ACL management
facility specifies the channel and level specifies the amount of detail
netstat
/var/log/
-The (security) policy defines what info is to be protected and from whom
-The (acceptable use policy) applies to people and interfaces
-The (service-level agreement) applies primarily to availability
-Implementing the (acceptable use policy) is essentially a management issue
-Implementing the (security policy) is essentially a technical issue
-Implementing the (service-level agreement ) is equally a management and technical issue
brute-force is a method for guessing passwords. Strong passwords are hard to guess, and changing
passwords locks out someone who guessed, increasing security.
social engineering attacks involve getting information from people. [1] strong passwords are hard to
remember so users tend to write them down or change in a predictable pattern.
iptables
TCPwrap and Xinetd
TCPwrap & xinetd
Xinetd
NONE
TCPwrap only
Encapsulates data packets : BOTH
Encrypts packet: BOTH
extra layer of authentication : NEITHER
pre-service for port forward : Stunnel
Secure l2 or l3 : OPENVPN
Ethernet : Layer 2
UDP : layer 4
TCP : layer 4
DHCP : no
SNMP : yes
LDAP : yes
ARP : no
ICMP : no
HTTP : yes
Essentially, encapsulation means a packet in a given layer adds its own (header ) and carries the
complete peckets from the layer( above ) as the ( header )
sends an alert :IDS
pre-packet network and transport layer header ingo :Packet filter
Intercepts traffic bt source and destination : Packet Sniffer
/etc/passwd
read by anyone (644)
user's GID, shell
/etc/shadow
only by privileged users (600)
the encrypted password for the account and password expiration date
True