Part III. Security Reference

Part III. Security Reference

Using secure protocols is a critical part of maintaining system integrity. This part describes critical tools used for the purpose of user authentication, network access control, and secure network communication. For more information about securing a Red Hat Enterprise Linux system, refer to the Security Guide.

Table of Contents

16. Pluggable Authentication Modules (PAM)

16.1. Advantages of PAM

16.2. PAM Configuration Files

16.2.1. PAM Service Files

16.3. PAM Configuration File Format

16.3.1. Module Interface
16.3.2. Control Flag
16.3.3. Module Name
16.3.4. Module Arguments

16.4. Sample PAM Configuration Files

16.5. Creating PAM Modules

16.6. PAM and Administrative Credential Caching

16.6.1. Removing the Timestamp File
16.6.2. Common pam_timestamp Directives

16.7. PAM and Device Ownership

16.7.1. Device Ownership
16.7.2. Application Access

16.8. Additional Resources

16.8.1. Installed Documentation
16.8.2. Useful Websites

17. TCP Wrappers and xinetd

17.1. TCP Wrappers

17.1.1. Advantages of TCP Wrappers

17.2. TCP Wrappers Configuration Files

17.2.1. Formatting Access Rules
17.2.2. Option Fields

17.3. xinetd

17.4. xinetd Configuration Files

17.4.1. The /etc/xinetd.conf File
17.4.2. The /etc/xinetd.d/ Directory
17.4.3. Altering xinetd Configuration Files

17.5. Additional Resources

17.5.1. Installed Documentation
17.5.2. Useful Websites
17.5.3. Related Books

18. iptables

18.1. Packet Filtering

18.2. Differences between iptables and ipchains

18.3. Options Used within iptables Commands

18.3.1. Structure of iptables Options
18.3.2. Command Options
18.3.3. iptables Parameter Options
18.3.4. iptables Match Options
18.3.5. Target Options
18.3.6. Listing Options

18.4. Saving iptables Rules

18.5. iptables Control Scripts

18.5.1. iptables Control Scripts Configuration File

18.6. ip6tables and IPv6

18.7. Additional Resources

18.7.1. Installed Documentation
18.7.2. Useful Websites

19. Kerberos

19.1. What is Kerberos?

19.1.1. Advantages of Kerberos
19.1.2. Disadvantages of Kerberos

19.2. Kerberos Terminology

19.3. How Kerberos Works

19.4. Kerberos and PAM

19.5. Configuring a Kerberos 5 Server

19.6. Configuring a Kerberos 5 Client

19.7. Additional Resources

19.7.1. Installed Documentation
19.7.2. Useful Websites

20. SSH Protocol

20.1. Features of SSH

20.1.1. Why Use SSH?

20.2. SSH Protocol Versions

20.3. Event Sequence of an SSH Connection

20.3.1. Transport Layer
20.3.2. Authentication
20.3.3. Channels

20.4. OpenSSH Configuration Files

20.5. More Than a Secure Shell

20.5.1. X11 Forwarding
20.5.2. Port Forwarding

20.6. Requiring SSH for Remote Connections

20.7. Additional Resources

20.7.1. Installed Documentation
20.7.2. Useful Websites
20.7.3. Related Books

21. SELinux

21.1. Introduction to SELinux

21.2. Files Related to SELinux

21.2.1. The /selinux/ Pseudo-File System
21.2.2. SELinux Configuration Files
21.2.3. SELinux Utilities

21.3. Additional Resources

21.3.1. Installed Documentation
21.3.2. Red Hat Documentation
21.3.3. Useful Websites