Chapter 4. Security

Table of Contents
Linux-PAM-0.77
Shadow-4.0.3
iptables-1.2.8
Setting up a network firewall
GnuPG-1.2.3
Tripwire-2.3.1-2

Security takes many forms in a computing environment. This chapter gives examples of three different types of security: access, prevention and detection.

Access for users is usually handled by login or an application designed to handle the login function. In this chapter, we show how to enhance login by setting policies with PAM modules. Access via networks can also be secured by policies set by iptables, commonly referred to as a firewall.

Prevention of breaches, like a trojan, are assisted by applications like GnuPG, specifically the ability to confirm signed packages, which prevents modification of the TAR ball after the packager creates it.

Finally, we touch on detection with a package that stores "signatures" of critical files (defined by the administrator) and then regenerates those "signatures" and compares for files that have been changed.