Objective 1: Perform Security Administration Tasks
A good security policy includes such things as securing inbound network requests, verifying the authenticity of software packages to assure they are not hostile, and managing local security resources. This Objective details some of the most common of these activities that a system administrator performs.
As a Linux system operates in a networked environment, it is constantly "listening" for inbound requests from the network. Many requests come into Linux on the same network interface, but they are differentiated from one another by their port address, a unique numeric designator used by network protocols. Each type of service listens on a different port. Established port numbers and their corresponding services are listed in /etc/services. Here are some lines from that file:
ftp 21/tcp ssh 22/tcp telnet 23/tcp smtp 25/tcp mail domain 53/tcp domain 53/udp http 80/tcp www www-http
The first column lists the names of various services. The second column lists the port numbers assigned to the services and the protocol (TCP or UDP) used by the service. The optional third column and any other columns list alternative names for this service. For example, http might be referred to as www. Both refer to port 80.
On the attack
As the Internet has grown, the frequency of computer break-in attempts has kept pace. To gain entry to an unsuspecting host system, some intruders configure their systems to appear to target servers (that is, ...