Chapter 43. Securing Your Network

Chapter 43. Securing Your Network

43.1. Workstation Security
43.1.1. Evaluating Workstation Security
43.1.2. BIOS and Boot Loader Security
43.1.3. Password Security
43.1.4. Administrative Controls
43.1.5. Available Network Services
43.1.6. Personal Firewalls
43.1.7. Security Enhanced Communication Tools
43.2. Server Security
43.2.1. Securing Services With TCP Wrappers and xinetd
43.2.2. Securing Portmap
43.2.3. Securing NIS
43.2.4. Securing NFS
43.2.5. Securing the Apache HTTP Server
43.2.6. Securing FTP
43.2.7. Securing Sendmail
43.2.8. Verifying Which Ports Are Listening
43.3. Single Sign-on (SSO)
43.3.1. Introduction
43.3.2. Getting Started with your new Smart Card
43.3.3. How Smart Card Enrollment Works
43.3.4. How Smart Card Login Works
43.3.5. Configuring Firefox to use Kerberos for SSO
43.4. Pluggable Authentication Modules (PAM)
43.4.1. Advantages of PAM
43.4.2. PAM Configuration Files
43.4.3. PAM Configuration File Format
43.4.4. Sample PAM Configuration Files
43.4.5. Creating PAM Modules
43.4.6. PAM and Administrative Credential Caching
43.4.7. PAM and Device Ownership
43.4.8. Additional Resources
43.5. TCP Wrappers and xinetd
43.5.1. TCP Wrappers
43.5.2. TCP Wrappers Configuration Files
43.5.3. xinetd
43.5.4. xinetd Configuration Files
43.5.5. Additional Resources
43.6. Kerberos
43.6.1. What is Kerberos?
43.6.2. Kerberos Terminology
43.6.3. How Kerberos Works
43.6.4. Kerberos and PAM
43.6.5. Configuring a Kerberos 5 Server
43.6.6. Configuring a Kerberos 5 Client
43.6.7. Domain-to-Realm Mapping
43.6.8. Setting Up Secondary KDCs
43.6.9. Setting Up Cross Realm Authentication
43.6.10. Additional Resources
43.7. Virtual Private Networks (VPNs)
43.7.1. How Does a VPN Work?
43.7.2. VPNs and Red Hat Enterprise Linux
43.7.3. IPsec
43.7.4. Creating an IPsec Connection
43.7.5. IPsec Installation
43.7.6. IPsec Host-to-Host Configuration
43.7.7. IPsec Network-to-Network Configuration
43.7.8. Starting and Stopping an IPsec Connection
43.8. Firewalls
43.8.1. Netfilter and IPTables
43.8.2. Basic Firewall Configuration
43.8.3. Using IPTables
43.8.4. Common IPTables Filtering
43.8.5. FORWARD and NAT Rules
43.8.6. Malicious Software and Spoofed IP Addresses
43.8.7. IPTables and Connection Tracking
43.8.8. IPv6
43.8.9. Additional Resources
43.9. IPTables
43.9.1. Packet Filtering
43.9.2. Differences Between IPTables and IPChains
43.9.3. Command Options for IPTables
43.9.4. Saving IPTables Rules
43.9.5. IPTables Control Scripts
43.9.6. IPTables and IPv6
43.9.7. Additional Resources

Note: This documentation is provided {and copyrighted} by Red Hat®, Inc. and is released via the Open Publication License. The copyright holder has added the further requirement that Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. The CentOS project redistributes these original works (in their unmodified form) as a reference for CentOS-5 because CentOS-5 is built from publicly available, open source SRPMS. The documentation is unmodified to be compliant with upstream distribution policy. Neither CentOS-5 nor the CentOS Project are in any way affiliated with or sponsored by Red Hat®, Inc.