Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE Guide de l'utilisateur Page 120
- Page / 128
- Table des matières
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Chapter 7. Federal Standards and Regulations
110
7.3. National Industrial Security Program Operating Manual
(NISPOM)
The NISPOM (also called DoD 5220.22-M), as a component of the National Industrial Security
Program (NISP), establishes a series of procedures and requirements for all government contractors
with regard to classified information. The current NISPOM is dated February 28, 2006. The NISPOM
document can be downloaded from the following URL: https://www.dss.mil/GW/ShowBinary/DSS/isp/
fac_clear/download_nispom.html.
7.4. Payment Card Industry Data Security Standard (PCI
DSS)
From https://www.pcisecuritystandards.org/about/index.shtml: The PCI Security Standards Council
is an open global forum, launched in 2006, that is responsible for the development, management,
education, and awareness of the PCI Security Standards, including the Data Security Standard (DSS).
You can download the PCI DSS standard from https://www.pcisecuritystandards.org/
security_standards/pci_dss.shtml.
7.5. Security Technical Implementation Guide
A Security Technical Implementation Guide or STIG is a methodology for standardized secure
installation and maintenance of computer software and hardware.
Refer to the following URL for a list of available guides: http://iase.disa.mil/stigs/stig/index.html.
- Red Hat Enterprise Linux 6 1
- Security Guide 1
- Edition 1.5 2
- 1. Document Conventions 7
- 1.2. Pull-quote Conventions 8
- 2. We Need Feedback! 9
- Security Overview 11
- 1.1.1.2. Security Today 12
- 1.1.2. SELinux 13
- 1.1.3. Security Controls 13
- 1.1.4. Conclusion 14
- 1.2. Vulnerability Assessment 15
- 1.2.3. Evaluating the Tools 17
- 1.2.3.2. Nessus 18
- 1.2.3.3. Nikto 18
- 1.3.1.1. Shades of Gray 19
- 1.3.2.1.1. Broadcast Networks 20
- 1.3.3.2. Unpatched Services 21
- 1.3.4.1. Bad Passwords 22
- 1.5. Security Updates 25
- 1.5.4. Applying the Changes 27
- Applying the Changes 29
- Securing Your Network 31
- /sbin/grub-md5-crypt 32
- 2.1.3. Password Security 33
- 2.1.3.2.2. Passphrases 37
- 2.1.3.2.3. Password Aging 37
- 2.1.4.1. Allowing Root Access 39
- 2.1.4.3. Limiting Root Access 42
- 2.1.4.3.2. The sudo Command 43
- 2.1.5.1. Risks To Services 44
- 2.1.5.3. Insecure Services 46
- 2.1.6. Personal Firewalls 47
- 2.2. Server Security 48
- 220-Hello, %c 49
- 2.2.1.2.1. Setting a Trap 50
- 2.2.2. Securing Portmap 52
- 2.2.3. Securing NIS 52
- 255.255.255.0 192.168.0.0 54
- 2.2.4. Securing NFS 55
- UserDir enabled 56
- UserDir disabled root 56
- 2.2.6. Securing FTP 57
- 2.2.6.2. Anonymous Access 58
- 2.2.6.3. User Accounts 58
- 2.2.7. Securing Sendmail 59
- 2.2.7.3. Mail-only Users 60
- 2.3. TCP Wrappers and xinetd 61
- 2.3.1. TCP Wrappers 62
- [root@myServer ~]# 63
- 2.3.2.1.1. Wildcards 65
- 2.3.2.1.4. Operators 67
- 2.3.2.2. Option Fields 68
- 2.3.2.2.4. Expansions 69
- 2.3.3. xinetd 70
- 2.3.4.3.1. Logging Options 72
- 2.3.5. Additional Resources 75
- 2.3.5.3. Related Books 76
- 2.4.1. How Does a VPN Work? 77
- 2.4.2. Openswan 77
- 2.4.2.3. Commands 78
- 2.5. Firewalls 79
- 2.5.1. Netfilter and IPTables 81
- 2.5.2.3. Trusted Services 83
- 2.5.2.4. Other Ports 83
- 2.5.3. Using IPTables 84
- 2.5.5. FORWARD and NAT Rules 86
- 2.5.5.2. Prerouting 88
- 2.5.5.3. DMZs and IPTables 88
- 2.5.8. IPv6 90
- 2.5.9. Additional Resources 90
- 2.6. IPTables 91
- 2.6.2.2. Command Options 94
- 2.6.2.4.1. TCP Protocol 97
- 2.6.2.4.2. UDP Protocol 98
- 2.6.2.4.3. ICMP Protocol 98
- 2.6.2.5. Target Options 99
- 2.6.3. Saving IPTables Rules 101
- 2.6.5. IPTables and IPv6 104
- 2.6.6. Additional Resources 104
- Encryption 105
- 3.5. Virtual Private Networks 106
- 3.6. Secure Shell 106
- 3.7. OpenSSL PadLock Engine 106
- 3.8. LUKS Disk Encryption 107
- Important 108
- 3.8.5. Links of Interest 109
- Security 113
- Secure Installation 115
- Software Maintenance 117
- 7.1. Introduction 119
- (NISPOM) 120
- References 121
- A.1. Synchronous Encryption 123
- A.2. Public-key Encryption 124
- A.2.2. RSA 125
- A.2.3. DSA 125
- A.2.4. SSL/TLS 125
- A.2.6. ElGamal Encryption 126
- Appendix B. Revision History 127
Produits connexes et manuels pour Logiciel Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE
(268 pages)© 2020, manymanuals.fr. Tous droits réservés | 0.028 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels