Linux Chapter 14 - Terms
proactive maintenance
The measures taken to reduce future system problems.
reactive maintenance
The measures taken when system problems arise.
jabbering
The process by which failing hardware components send large amounts of information to the CPU.
bus mastering
The process by which peripheral components perform tasks normally executed by the CPU.
monitoring
The process by which system areas are observed for problems or irregularities.
tunneling
The process of embedding network packets within other network packets.
documentation
The system information that is stored in a log book for future reference.
troubleshooting procedures
The tasks performed when solving system problems.
chains
The components of a firewall that specify the general type of network traffic to which rules apply.
file handles
The connections that a program makes to files on a filesystem.
Universal Access utility
A graphical utility within Fedora 20 used to configure assistive technologies.
AppArmor
A Linux kernel module and related software packages that prevent malicious software from executing on a Linux system. (Ubuntu)
nmap (network mapper) command
A command that can be used to scan ports on network computers. TCP connect scan (default) - -sT ip or host name
logger command
A command that can be used to write system log events.
mpstat (multiple processor statistics) command
A command that displays CPU statistics. common switches include: -P (number) multiple Processors 1 5 (seconds & number of measurements)
iostat (input/output statistics) command
A command that displays Input/Output statistics for block devices.
sudo command
A command that is used to perform commands as another user via entries in the /etc/sudoers file.
lscpu command
A command that lists hardware details for CPUs on the system.
nohup command
A command that prevents other commands from exiting when the parent process is killed.
gpg command
A command used to create and manage GPG keys.
free command
A command used to display memory and swap statistics.
xwininfo command
A command used to display status information about X Windows.
aa-complain command
A command used to set an AppArmor profile to complain mode.
aa-enforce command
A command used to set an AppArmor profile to enforce mode.
firewall-cmd command
A command used to view and configure firewalld zones, services, and rules. example is to use: firewall-cmd --add-service=telnet or to make permanent: firewall-cmd --permanent --add-service=telnet
apparmor_status command
A command used to view the status of AppArmor and AppArmor profiles.
tripwire
A common IDS for Linux that monitors files and directories.
Digital Signature Algorithm (DSA)
A common asymmetric encryption algorithm that is primarily used for creating digital signatures.
Rivest Shamir Adleman (RSA)
A common asymmetric encryption algorithm.
snort / airsnort
A complex IDS that can be used to capture and monitor network packets. It can be used to detect a wide range of network attack or port probing
network zone
A component of firewalld that defines the level of trust for network connections.
firewall daemon (firewalld)
A daemon used on some Linux systems to provide for easier configuration of netfilter via the ipchains command.
Firewall Configuration utility
A graphical firewall configuration utility within Fedora 20.
baseline
A measure of normal system activity.
stateful packet filter
A packet filter that applies rules to related packets within the same network session.
Intrusion Detection System (IDS)
A program that can be used to detect unauthorized access to a Linux system.
TCP wrapper
A program that can be used to run a network daemon with additional security via the /etc/hosts.allow and /etc/hosts.deny files.
server closet
A secured room that stores servers within an organization.
Security Enhanced Linux (SELinux)
A set of Linux kernel components and related software packages that prevent malicious software from executing on a Linux system. sestatus -v to view current status
Knoppix Linux
A small Linux distribution often installed on removable media.
System Statistics (sysstat) package
A software package that contains common performance monitoring utilities, such as mpstat, iostat, and sar.
SSH agent
A software program that can be used to automatically authenticate users using their private key.
AppArmor profile
A text file within the /etc/apparmor.d directory that lists application-specific restrictions.
asymmetric encryption
A type of encryption that uses a key pair to encrypt and decrypt data.
SSH identity
A unique configuration for a user account that is associated with user-specific SSH keys.
key
A unique piece of information that is used within an encryption algorithm.
private key
An asymmetric encryption key that is used to decrypt data and create digital signatures.
public key
An asymmetric encryption key that is used to encrypt data and decrypt digital signatures.
buffer overrun
An attack in which a network service is altered in memory.
GNU Privacy Guard (GPG)
An open source asymmetric encryption technology that is primarily used by e-mail programs.
digital signature
Information that has been encrypted using a private key.
assistive technologies
Software programs that cater to specific user needs.
netfilter
The Linux kernel component that provides firewall and NAT capability on modern Linux systems.
ssh-add command
The command that can be used to add an SSH identity to a user account.
sestatus command
The command that displays the current status and functionality of the SELinux subsystem.
sar (system activity reporter) command
The command that displays various system statistics. common switches -f view log files -b or -d to display info similar to iostat -u display CPU statistics -q processor queue statistics
lsusb command
The command that lists the USB devices that are currently plugged into the system.
lsof (list open files) command
The command that lists the files that are currently being viewed or modified by software programs and users.
lspci command
The command that lists the hardware devices that are currently attached to the PCI bus on the system.
ldconfig command
The command that updates the /etc/ld..so.conf and /etc/ld.so.cache files.
iptables command
The command used to configure IPv4 rules for a netfilter firewall.
ip6tables command
The command used to configure IPv6 rules for a netfilter firewall.
vmstat command
The command used to display memory, CPU, and swap statistics.
ldd command
The command used to display the shared libraries used by a certain program.
ulimit command
The command used to modify process limit parameters in the current shell.
Pluggable Authentication Modules (PAM)
The component that handles authentication requests by daemons on a Linux system.
rules
The components of a firewall that match specific network traffic that is to be allowed or dropped.
/etc/shadow
make sure read only access except to root to keep hacker from accessing encrypted passwords
ssh-keygen -t dsa
used to create both the DSA private key & Public Keys in the ~/.ssh folder
ssh-keygen -t rsa
used to create both the RSA private key & Public Keys in the ~/.ssh folder
ssh-keygen
used to generate or regenerate SSH keys
who /var/log/wtmp
users who login and received a bash shell
set the /etc/passwd shell to an invalid shell such as /sbin/noaccess
what steps do you take to protect the Apache from accessing a Bash shell