ورود به حساب

نام کاربری گذرواژه

گذرواژه را فراموش کردید؟ کلیک کنید

حساب کاربری ندارید؟ ساخت حساب

ساخت حساب کاربری

نام نام کاربری ایمیل شماره موبایل گذرواژه

برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید


09117307688
09117179751

در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید

دسترسی نامحدود

برای کاربرانی که ثبت نام کرده اند

ضمانت بازگشت وجه

درصورت عدم همخوانی توضیحات با کتاب

پشتیبانی

از ساعت 7 صبح تا 10 شب

دانلود کتاب Solaris 9 Security (Networking)

دانلود کتاب سولاریس 9 امنیت (شبکه)

Solaris 9 Security (Networking)

مشخصات کتاب

Solaris 9 Security (Networking)

ویرایش: 1 
نویسندگان:   
سری:  
ISBN (شابک) : 1592000053, 9780585456034 
ناشر: Muska & Lipman/Premier-Trade 
سال نشر: 2002 
تعداد صفحات: 0 
زبان: English  
فرمت فایل : EPUB (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) 
حجم فایل: 2 مگابایت 

قیمت کتاب (تومان) : 47,000



ثبت امتیاز به این کتاب

میانگین امتیاز به این کتاب :
       تعداد امتیاز دهندگان : 15


در صورت تبدیل فایل کتاب Solaris 9 Security (Networking) به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.

توجه داشته باشید کتاب سولاریس 9 امنیت (شبکه) نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.


توضیحاتی در مورد کتاب سولاریس 9 امنیت (شبکه)

اکنون می توانید سیستم امنیتی سرور خود را با Solaris 9 سفارشی بسازید. این سیستم عامل محبوب به شما امکان می دهد ویژگی هایی را انتخاب کنید که متناسب با نیازهای منحصر به فرد کسب و کار شما باشد. برنامه های اضافی مستقیماً در سیستم عامل گنجانده شده اند تا آسیب پذیری سرور شما به حداقل برسد. Solaris 9 Security به شما این دانش را می دهد که مزایای محصولات سولاریس را به حداکثر برسانید تا شبکه خود را ایمن نگه دارید و مزیت رقابتی کسب کنید.


توضیحاتی درمورد کتاب به خارجی

Now you can custom-build your own server security system with Solaris 9. This popular operating system allows you to choose the features that fit the unique needs of your business. Additional programs have been incorporated directly into the operating system to minimize the vulnerability of your server. Solaris 9 Security gives you the knowledge to maximize the benefits of Solaris products to keep your network safe and gain the competitive edge.



فهرست مطالب

System Administration Guide: Security Services......Page 1
Who Should Use This Book......Page 23
How the System Administration Volumes Are Organized......Page 24
Typographic Conventions......Page 25
Shell Prompts in Command Examples......Page 26
Security Overview......Page 27
System Security......Page 29
Solaris Cryptographic Services......Page 30
Authentication Services......Page 31
Solaris Auditing......Page 32
Security Policy......Page 33
System, File, and Device Security......Page 35
Enhancements to Machine Security in the Solaris 10 Release......Page 37
Maintaining Physical Security......Page 38
Managing Password Information......Page 39
LDAP Passwords......Page 40
Algorithms Configuration in the policy.conf File......Page 41
Special System Logins......Page 42
Dial-Up Logins......Page 43
Controlling Access to Devices......Page 44
Device Policy (Overview)......Page 45
Limiting and Monitoring Superuser......Page 46
Setting the PATH Variable......Page 47
Restricting Access to Data in Files......Page 48
Using the Solaris Security Toolkit......Page 49
Monitoring File Integrity......Page 50
Using Access Control Lists......Page 51
Controlling Network Access......Page 52
Network Security Mechanisms......Page 53
Authentication and Authorization for Remote Access......Page 54
Firewall Systems......Page 55
Encryption and Firewall Systems......Page 56
Reporting Security Problems......Page 57
Controlling System Access (Task Map)......Page 59
Securing Logins and Passwords......Page 60
How to Display a User\'s Login Status......Page 61
How to Temporarily Disable User Logins......Page 62
How to Monitor Failed Login Attempts......Page 63
How to Monitor All Failed Login Attempts......Page 64
How to Create a Dial-Up Password......Page 65
Changing the Password Algorithm (Task Map)......Page 67
How to Specify an Algorithm for Password Encryption......Page 68
How to Specify a New Password Algorithm for an NIS Domain......Page 69
How to Specify a New Password Algorithm for an LDAP Domain......Page 70
How to Install a Password Encryption Module From a Third Party......Page 71
How to Monitor Who Is Using the su Command......Page 72
How to Restrict and Monitor Superuser Logins......Page 73
SPARC: Controlling Access to System Hardware (Task Map)......Page 74
How to Require a Password for Hardware Access......Page 75
How to Disable a System\'s Abort Sequence......Page 76
Configuring Devices (Task Map)......Page 77
How to View Device Policy......Page 78
How to Change the Device Policy on an Existing Device......Page 79
How to Audit Changes in Device Policy......Page 80
Managing Device Allocation (Task Map)......Page 81
How to Make a Device Allocatable......Page 82
How to Authorize Users to Allocate a Device......Page 83
Forcibly Allocating a Device......Page 84
How to Change Which Devices Can Be Allocated......Page 85
How to Audit Device Allocation......Page 86
How to Allocate a Device......Page 87
How to Mount an Allocated Device......Page 88
How to Deallocate a Device......Page 90
Device Policy Commands......Page 91
Components of Device Allocation......Page 92
Device Allocation Commands......Page 93
device_maps File......Page 94
device_allocate File......Page 95
Device-Clean Script for Audio......Page 97
Writing New Device-Clean Scripts......Page 98
Basic Audit Reporting Tool (Overview)......Page 99
BART Manifest......Page 100
BART Rules File......Page 101
Using BART (Task Map)......Page 102
BART Security Considerations......Page 103
How to Create a Manifest......Page 104
How to Customize a Manifest......Page 106
How to Compare Manifests for the Same System Over Time......Page 109
How to Compare Manifests From a Different System With the Manifest of a Control System......Page 112
How to Customize a BART Report by Specifying File Attributes......Page 114
How to Customize a BART Report by Using a Rules File......Page 115
BART Manifest, Rules File, and Reporting (Reference)......Page 116
BART Manifest File Format......Page 117
Rules File Attributes......Page 118
BART Output......Page 119
Commands for Viewing and Securing Files......Page 121
File and Directory Ownership......Page 122
Special File Permissions (setuid, setgid and Sticky Bit)......Page 123
setgid Permission......Page 124
Default umask Value......Page 125
File Permission Modes......Page 126
Using Access Control Lists to Protect Files......Page 128
ACL Entries for Directories......Page 129
Preventing Executable Files From Compromising Security......Page 130
Protecting Files (Task Map)......Page 131
How to Display File Information......Page 132
How to Change the Owner of a File......Page 133
How to Change Group Ownership of a File......Page 134
How to Change File Permissions in Absolute Mode......Page 135
How to Change Special File Permissions in Absolute Mode......Page 137
How to Check if a File Has an ACL......Page 138
How to Add ACL Entries to a File......Page 139
How to Copy an ACL......Page 140
How to Delete ACL Entries From a File......Page 141
How to Display ACL Entries for a File......Page 142
Protecting Against Programs With Security Risk (Task Map)......Page 143
How to Find Files With Special File Permissions......Page 144
How to Disable Programs From Using Executable Stacks......Page 145
Automated Security Enhancement Tool (ASET)......Page 147
ASET Security Levels......Page 148
System Files Permissions Tuning......Page 149
System Configuration Files Check......Page 150
Firewall Setup......Page 151
ASET Reports......Page 152
Format of ASET Report Files......Page 154
The uid_aliases File......Page 155
Modifying the Environment File (asetenv)......Page 156
Specifying Directories for System Files Checks Task: CKLISTPATH......Page 157
Modifying the Tune Files......Page 158
Network Operation With the NFS System......Page 159
ASET Environment Variables......Page 160
PERIODIC_SCHEDULE Environment Variable......Page 161
UID_ALIASES Environment Variable......Page 162
Tune File Examples......Page 163
Aliases File Examples......Page 164
How to Run ASET Interactively......Page 165
How to Run ASET Periodically......Page 166
How to Stop Running ASET Periodically......Page 167
How to Collect ASET Reports on a Server......Page 168
ASET Error Messages......Page 169
Roles, Rights Profiles, and Privileges......Page 173
RBAC: An Alternative to the Superuser Model......Page 175
Solaris RBAC Elements and Basic Concepts......Page 177
Applications That Check UIDs and GIDs......Page 180
Applications That Check Authorizations......Page 181
RBAC Roles......Page 182
Security Considerations When Directly Assigning Security Attributes......Page 183
Privileges Protect Kernel Processes......Page 184
Privilege Descriptions......Page 185
Administrative Differences on a System With Privileges......Page 186
How Privileges Are Implemented......Page 187
Assigning Privileges......Page 189
Assigning Privileges to a Script......Page 190
Privileges and Debugging......Page 191
Using RBAC (Task Map)......Page 193
Configuring RBAC (Task Map)......Page 194
How to Plan Your RBAC Implementation......Page 195
How to Create and Assign a Role By Using the GUI......Page 197
How to Create a Role From the Command Line......Page 200
How to Assign a Role to a Local User......Page 202
How to Make root User Into a Role......Page 204
Using Roles (Task Map)......Page 206
How to Assume a Role in a Terminal Window......Page 207
How to Assume a Role in the Solaris Management Console......Page 209
Managing RBAC (Task Map)......Page 210
How to Change the Properties of a Role......Page 211
How to Create or Change a Rights Profile......Page 213
How to Change the RBAC Properties of a User......Page 216
How to Add RBAC Properties to Legacy Applications......Page 218
Contents of Rights Profiles......Page 221
System Administrator Rights Profile......Page 222
Printer Management Rights Profile......Page 223
Basic Solaris User Rights Profile......Page 224
Viewing the Contents of Rights Profiles......Page 225
Delegation Authority in Authorizations......Page 226
RBAC Database Relationships......Page 227
RBAC Databases and the Name Service......Page 228
auth_attr Database......Page 229
prof_attr Database......Page 231
exec_attr Database......Page 232
policy.conf File......Page 233
Commands That Manage RBAC......Page 234
Commands That Require Authorizations......Page 235
Managing and Using Privileges (Task Map)......Page 237
Managing Privileges......Page 238
How to Determine the Privileges on a Process......Page 239
How to Determine Which Privileges a Program Requires......Page 240
How to Assign Privileges to a User or Role......Page 242
How to Limit a User\'s or Role\'s Privileges......Page 243
How to Run a Shell Script With Privileged Commands......Page 245
How to Determine the Privileges That You Have Been Directly Assigned......Page 246
How to Determine the Privileged Commands That You Can Run......Page 248
How to Determine the Privileged Commands That a Role Can Run......Page 249
Administrative Commands for Handling Privileges......Page 253
Files With Privilege Information......Page 254
Privileges and Auditing......Page 255
Prevention of Privilege Escalation......Page 256
Legacy Applications and the Privilege Model......Page 257
Solaris Cryptographic Services......Page 259
What\'s New in the Solaris Cryptographic Framework?......Page 261
Solaris Cryptographic Framework......Page 262
Terminology in the Solaris Cryptographic Framework......Page 263
Scope of the Solaris Cryptographic Framework......Page 264
User-Level Commands in the Solaris Cryptographic Framework......Page 265
Plugins to the Solaris Cryptographic Framework......Page 266
Cryptographic Services and Zones......Page 267
Using the Cryptographic Framework (Task Map)......Page 269
How to Generate a Symmetric Key......Page 270
How to Compute a Digest of a File......Page 272
How to Compute a MAC of a File......Page 273
How to Encrypt and Decrypt a File......Page 275
Administering the Cryptographic Framework (Task Map)......Page 277
How to List Available Providers......Page 278
How to Add a Software Provider......Page 280
How to Prevent the Use of a User-Level Mechanism......Page 282
How to Prevent the Use of a Kernel Software Provider......Page 283
How to Disable Hardware Provider Mechanisms and Features......Page 286
How to Refresh or Restart All Cryptographic Services......Page 288
Authentication Services and Secure Communication......Page 289
NFS Services and Secure RPC......Page 291
Diffie-Hellman Authentication......Page 292
Running the keylogin Command......Page 293
Decrypting the Conversation Key......Page 294
Authenticating the Server......Page 295
Administering Authentication With Secure RPC......Page 296
How to Set Up a Diffie-Hellman Key for an NIS+ Host......Page 297
How to Set Up a Diffie-Hellman Key for an NIS+ User......Page 298
How to Set Up a Diffie-Hellman Key for an NIS Host......Page 299
How to Set Up a Diffie-Hellman Key for an NIS User......Page 300
How to Share NFS Files With Diffie-Hellman Authentication......Page 301
Benefits of Using PAM......Page 303
PAM Components......Page 304
Changes to PAM for the Solaris 10 Release......Page 305
PAM (Task Map)......Page 306
Planning for Your PAM Implementation......Page 307
How to Prevent Rhost-Style Access From Remote Systems With PAM......Page 308
PAM Configuration File Syntax......Page 309
PAM Control Flags......Page 310
Examples From the Generic pam.conf File......Page 312
SASL (Overview)......Page 315
SASL Plug-ins......Page 316
SASL Options......Page 317
Solaris Secure Shell (Overview)......Page 319
Solaris Secure Shell Authentication......Page 320
Solaris Secure Shell Enhancements in the Solaris 10 Release......Page 322
Solaris Secure Shell (Task Map)......Page 323
How to Set Up Host-Based Authentication for Solaris Secure Shell......Page 324
How to Enable Solaris Secure Shell v1......Page 326
How to Configure Port Forwarding in Solaris Secure Shell......Page 327
Using Solaris Secure Shell (Task Map)......Page 328
How to Generate a Public/Private Key Pair for Use With Solaris Secure Shell......Page 329
How to Change the Passphrase for a Solaris Secure Shell Private Key......Page 331
How to Log In to a Remote Host With Solaris Secure Shell......Page 332
How to Reduce Password Prompts in Solaris Secure Shell......Page 333
How to Set Up the ssh-agent Command to Run Automatically......Page 334
How to Use Port Forwarding in Solaris Secure Shell......Page 335
How to Copy Files With Solaris Secure Shell......Page 336
How to Set Up Default Connections to Hosts Outside a Firewall......Page 337
A Typical Solaris Secure Shell Session......Page 341
Acquiring GSS Credentials in Solaris Secure Shell......Page 342
Command Execution and Data Forwarding in Solaris Secure Shell......Page 343
Server Configuration in Solaris Secure Shell......Page 344
Keywords in Solaris Secure Shell......Page 345
Host-Specific Parameters in Solaris Secure Shell......Page 348
Solaris Secure Shell and Login Environment Variables......Page 349
Solaris Secure Shell Packages and Initialization......Page 350
Solaris Secure Shell Files......Page 351
Solaris Secure Shell Commands......Page 353
Kerberos Service......Page 357
What Is the Kerberos Service?......Page 359
How the Kerberos Service Works......Page 360
Initial Authentication: the Ticket-Granting Ticket......Page 361
Subsequent Kerberos Authentications......Page 363
Kerberos Principals......Page 364
Kerberos Realms......Page 365
Kerberos Realms and Servers......Page 366
Kerberos Security Services......Page 367
Kerberos Components......Page 368
Kerberos Enhancements in the Solaris 10 Release......Page 369
SEAM 1.0.1 Components......Page 372
SEAM 1.0 Components......Page 373
Why Plan for Kerberos Deployments?......Page 375
Number of Realms......Page 376
Client and Service Principal Names......Page 377
The Number of Slave KDCs......Page 378
Mapping GSS Credentials to UNIX Credentials......Page 379
Which Database Propagation System to Use......Page 380
Kerberos Encryption Types......Page 381
Online Help URL in the SEAM Administration Tool......Page 382
Configuring the Kerberos Service (Task Map)......Page 383
Configuring Additional Kerberos Services (Task Map)......Page 384
How to Configure a Master KDC......Page 385
How to Configure a Slave KDC......Page 390
How to Establish Hierarchical Cross-Realm Authentication......Page 394
How to Establish Direct Cross-Realm Authentication......Page 395
How to Configure a Kerberos Network Application Server......Page 397
Configuring Kerberos NFS Servers......Page 398
How to Configure Kerberos NFS Servers......Page 399
How to Add a Single Entry to the Credential Table......Page 401
How to Set Up a Secure NFS Environment With Multiple Kerberos Security Modes......Page 402
Configuring Kerberos Clients......Page 404
How to Create a Kerberos Client Installation Profile......Page 405
How to Automatically Configure a Kerberos Client......Page 406
How to Interactively Configure a Kerberos Client......Page 407
How to Manually Configure a Kerberos Client......Page 408
How to Access a Kerberos Protected NFS File System as the root User......Page 412
Configuring Automatic Migration of Users in a Kerberos Realm......Page 414
Synchronizing Clocks Between KDCs and Kerberos Clients......Page 416
Swapping a Master KDC and a Slave KDC......Page 417
How to Swap a Master KDC and a Slave KDC......Page 418
Backing Up and Propagating the Kerberos Database......Page 422
The kpropd.acl File......Page 423
How to Back Up the Kerberos Database......Page 424
How to Restore the Kerberos Database......Page 425
How to Reconfigure a Master KDC to Use Incremental Propagation......Page 426
How to Reconfigure a Slave KDC to Use Incremental Propagation......Page 428
How to Configure a Slave KDC to Use Full Propagation......Page 429
How to Verify That the KDC Servers Are Synchronized......Page 433
Setting Up Parallel Propagation......Page 434
Configuration Steps for Setting Up Parallel Propagation......Page 435
Administering the Stash File......Page 436
How to Enable Only Kerberized Applications......Page 437
How to Restrict Access to KDC Servers......Page 438
SEAM Administration Tool Error Messages......Page 439
Common Kerberos Error Messages (A-M)......Page 440
Common Kerberos Error Messages (N-Z)......Page 447
Problems Propagating the Kerberos Database......Page 451
Problems Authenticating as root......Page 452
Observing Mapping from GSS Credentials to UNIX Credentials......Page 453
Ways to Administer Kerberos Principals and Policies......Page 455
SEAM Administration Tool......Page 456
Print and Online Help Features of the SEAM Tool......Page 457
Working With Large Lists in the SEAM Tool......Page 458
How to Start the SEAM Tool......Page 459
Administering Kerberos Principals......Page 460
Automating the Creation of New Kerberos Principals......Page 461
How to View the List of Kerberos Principals......Page 462
How to View a Kerberos Principal\'s Attributes......Page 464
How to Create a New Kerberos Principal......Page 466
How to Modify a Kerberos Principal......Page 468
How to Set Up Defaults for Creating New Kerberos Principals......Page 470
How to Modify the Kerberos Administration Privileges......Page 471
How to View the List of Kerberos Policies......Page 473
How to View a Kerberos Policy\'s Attributes......Page 475
How to Create a New Kerberos Policy......Page 477
How to Modify a Kerberos Policy......Page 479
How to Delete a Kerberos Policy......Page 480
SEAM Tool Panel Descriptions......Page 481
Using the SEAM Tool With Limited Kerberos Administration Privileges......Page 484
Administering Keytab Files......Page 485
Administering Keytab Files (Task Map)......Page 486
How to Add a Kerberos Service Principal to a Keytab File......Page 487
How to Remove a Service Principal From a Keytab File......Page 489
How to Display the Keylist (Principals) in a Keytab File......Page 490
How to Temporarily Disable Authentication for a Service on a Host......Page 491
Do You Need to Worry About Tickets?......Page 493
Examples—Creating a Kerberos Ticket......Page 494
Example—Viewing Kerberos Tickets......Page 495
Destroying Kerberos Tickets......Page 496
Changing Your Password......Page 497
Examples—Changing Your Password......Page 499
Granting Access to Your Account......Page 500
Kerberos User Commands......Page 501
Overview of Kerberized Commands......Page 502
Forwarding Kerberos Tickets......Page 504
Example — Using the -a, -f, and -x Options With telnet......Page 506
Example — Setting the Protection Level in ftp......Page 507
Kerberos Files......Page 509
Kerberos Daemons......Page 511
Kerberos-Specific Terminology......Page 512
Authentication-Specific Terminology......Page 513
Types of Tickets......Page 514
Ticket Lifetimes......Page 515
Kerberos Principal Names......Page 516
Obtaining a Credential for the Ticket-Granting Service......Page 518
Obtaining a Credential for a Server......Page 519
Obtaining Access to a Specific Service......Page 520
Using Kerberos Encryption Types......Page 521
Using the gsscred Table......Page 523
Notable Differences Between Solaris Kerberos and MIT Kerberos......Page 524
Solaris Auditing......Page 525
What Is Auditing?......Page 527
How Does Auditing Work?......Page 528
How Is Auditing Related to Security?......Page 529
Audit Terminology and Concepts......Page 530
Audit Events......Page 531
Audit Classes and Preselection......Page 532
Audit Files......Page 533
Solaris Auditing Enhancements in the Solaris 10 Release......Page 535
Planning Solaris Auditing (Task Map)......Page 537
How to Plan Auditing in Zones......Page 538
How to Plan Storage for Audit Records......Page 539
How to Plan Who and What to Audit......Page 540
Determining Audit Policy......Page 541
Cost of Analysis of Audit Data......Page 544
Auditing Efficiently......Page 545
Solaris Auditing (Task Map)......Page 547
Configuring Audit Files......Page 548
How to Modify the audit_control File......Page 549
How to Configure syslog Audit Logs......Page 551
How to Change a User\'s Audit Characteristics......Page 553
How to Add an Audit Class......Page 554
How to Change an Audit Event\'s Class Membership......Page 555
Configuring and Enabling the Auditing Service (Task Map)......Page 557
How to Create Partitions for Audit Files......Page 558
How to Configure the audit_warn Email Alias......Page 560
How to Configure Audit Policy......Page 561
How to Enable Auditing......Page 564
How to Disable Auditing......Page 565
How to Update the Auditing Service......Page 566
How to Display Audit Record Formats......Page 568
How to Merge Audit Files From the Audit Trail......Page 570
How to Select Audit Events From the Audit Trail......Page 572
How to View the Contents of Binary Audit Files......Page 574
How to Clean Up a not_terminated Audit File......Page 575
How to Prevent Audit Trail Overflow......Page 576
Audit Commands......Page 579
audit Command......Page 580
auditreduce Command......Page 581
praudit Command......Page 583
Files Used in the Auditing Service......Page 584
audit_control File......Page 585
audit_user Database......Page 587
audit_warn Script......Page 588
bsmconv Script......Page 589
Auditing and Solaris Zones......Page 590
Definitions of Audit Classes......Page 591
Audit Class Syntax......Page 593
Process Audit Characteristics......Page 594
Binary Audit File Names......Page 595
Audit Record Structure......Page 596
Audit Record Analysis......Page 597
Audit Token Formats......Page 598
arbitrary Token (Obsolete)......Page 599
arg Token......Page 600
cmd Token......Page 601
exit Token (Obsolete)......Page 602
groups Token......Page 603
in_addr Token......Page 604
ipc Token......Page 605
opaque Token (Obsolete)......Page 606
path_attr Token......Page 607
process Token......Page 608
return Token......Page 609
socket Token......Page 610
subject Token......Page 611
uauth Token......Page 613
zonename Token......Page 614
Glossary......Page 615
Index......Page 629




نظرات کاربران