This entry addrresses security on Unix-like operating systems it is mainly focused on the open source operating systems should be reasonably applicable to propriety unixes like solaris MacOSX[?] AIX HPUX[?] etc.
This entry is currently in a scratch pad form - has lots of bones but no meat - im working on it - feel free to join in.
Passowrds
1. Patching
2. Users and accounts
3. Services
4. File system security
crack, john the ripper, dict attacks, nemonic techniques shadow/master.passwd DES and MD5
delete old accounts
su, sudo, wheel on bsd, /etc/securetty, ssh only, no root logins
source
rpm based
deb based
freebsd ports and packages
meta - apt, rhn, red carpet
add gentoo, slack, net + openbsd
solaris + propriety (sco? who cares)
only run what is needed remove the rest (even better do this at install - only choose necessary packages)
Identify what services are running
netstat -na
lsof
nmap
on *bsd sockstat -4
inetd xinetd
turning off unnecessary services
using chkconfig on rh
using /etc/rc.conf and /usr/local/etc/rc.d on freebsd (mention /etc/rc.local)
rwe set-uid set-gid sticky
crypto
layer 7 gpg/pgp
layer 4 ssl/tsl/ssh/stunnel/smime
layer 3 ipsec (pptp?)
sniffers + plaintext
tcpdump, ethereal
attacks
monkey in the middle
land ping of death xmas DoS et al.
rootkits, kernel modules, chkrootkit
exploit details, buffer overflows, local vs remote
banners
smtp - spam
sendmail - banners help header version etc.
dns - reverse mapping dnssec
Table of contents
1 The Basics
2 Passwords
3 users
4 Patching
5 Services
6 File system
7 General
8 Advanced
9 Service details
The Basics
Passwords
users
Patching
Services
File system
General
Advanced
Service details