Lesson 14

Crackers are constantly running port scans looking for vulnerable systems. This module discussed the tools required to tighten your system against hacker attacks.
By securing your system you have reduced, but not eliminated, the risk of a break-in, so by knowing the typical things crackers do and the ways to detect attacks, you will be able to minimize the damage to your system in the event of an attack.

Having completed this module, you should be able to:

1. Explain why it is important to protect your console
2. Describe security concerns related to network access
3. Explain how crackers get into a system
4. Describe what crackers do
5. List ways to detect attacks
6. Describe insecure remote login services
7. Describe secure remote login services
8. Controlling the root login process
9. Explain the use of the sudo command
10. Find modified and sticky files
11. Describe the cron facility
12. Describe RPM verification

1. Backdoor: A hole placed in you r security by a cracker. It allows the intruder to gain easy access to your system by bypassing normal security.
2. Cracker: An individual who breaks into systems or breaks copy protection of software products.
3. Daemon: A daemon is a program that waits for a request from another program. The daemon then performs the desired action, such as creating an http session, or opening and maintaining a communications socket. Some common daemons include httpd, telnetd, and ftpd.
4. MD5 check: Uses a message digest algorithm to determine file integrity.
5. Sniffer: A program that looks at all traffic on the network, trying to gain access to other systems.
6. Social engineering: The use of social techniques, such as masquerading as a system's administrator, in order to gain access to confidential user information like a password.

In the next module, you will learn about process and user accounting.

Before moving on to the next module, click the Quiz link below to test your understanding of host security.
Security Holes - Quiz