4690| 46
|
[Linux电子书] 《Linux网络与安全管理》 423页Linux中文电子版书籍 |
《Linux网络与安全管理》 423页Linux中文电子版书籍
资源介绍/目录/截图 Linux网络与安全管理 游客,如果您要查看本帖隐藏内容请回复 文档节选:第 􀀒 章􀀁 􀀁 概述················································································································ 1 1.1 开机引导和关机过程··························································································· 2 1.1.1 配置init ················································································································· 3 1.1.2 引导系统·············································································································· 11 1.1.3 关闭系统·············································································································· 12 1.1.4 管理init 文件······································································································· 13 1.2 UNIX 相关常识·································································································· 16 1.2.1 理解文件/目录许可····························································································· 16 1.2.2 链接的许可管理·································································································· 20 1.2.3 创建多用户服务器的许可对策··········································································· 22 1.2.4 使用文件和目录·································································································· 24 1.2.5 使用ext2 文件系统····························································································· 26 1.3 小结与练习········································································································· 27 1.3.1 小结······················································································································ 27 1.3.2 习题与思考·········································································································· 27 第􀀓 章􀀁 􀀁 用户的管理·································································································· 29􀀁 2.1 如何使用Linuxconf···························································································· 30 2.1.1 Linuxconf 简介···································································································· 30 2.1.2 如何安装Linuxconf····························································································· 32 2.1.3 如何配置Linuxconf····························································································· 33 2.1.4 如何使用Linuxconf····························································································· 34 2.2 超级用户的权力································································································· 34 2.3 使用命令行工具管理用户·················································································· 40 2.3.1 创建新的用户账号······························································································ 40 2.3.2 创建一个新组······································································································ 42 2.3.3 修改已经存在的用户账号··················································································· 42 2.3.4 修改已经存在的组······························································································ 46 2.3.5 删除用户账号······································································································ 46 2.3.6 创建默认的用户设置·························································································· 47 2.4 使用Linuxconf 工具管理用户··········································································· 50 2.4.1 创建一个新的用户账号······················································································ 50 2.4.2 修改已经存在的用户账号··················································································· 51 2.4.3 删除或禁止存在的用户账号··············································································· 51 2.4.4 添加、修改及删除组·························································································· 52 2.5 使用用户磁盘配额····························································································· 54 2.5.1 安装磁盘配额软件······························································································ 54 2.5.2 配置可以支持磁盘配额的系统··········································································· 54 2.5.3 为用户分配磁盘配额·························································································· 55 2.5.4 磁盘使用的监视·································································································· 57 2.6 小结与练习········································································································· 57 2.6.1 小结······················································································································ 57 2.6.2 习题与思考·········································································································· 57 第􀀔 章􀀁 􀀁 进程的管理·································································································· 59􀀁 3.1 进程的开始········································································································· 60 3.2 控制和监视进程································································································· 61 3.2.1 用ps 获得进程状态····························································································· 61 3.2.2 给运行的进程传送信号······················································································ 64 3.2.3 控制进程的优先级······························································································ 68 3.3 监视系统加载的进程························································································· 69 3.3.1 使用top 工具······································································································· 69 3.3.2 使用vmstat 工具·································································································· 70 3.3.3 使用uptime 工具································································································· 70 3.4 进程日志············································································································· 71 3.4.1 配置syslog··········································································································· 71 3.4.2 使用tail 监视log································································································· 72 3.5 规划进程············································································································· 73 3.5.1 使用at 工具········································································································· 73 3.5.2 使用cron 工具····································································································· 74 3.6 小结与练习·········································································································75 3.6.1 小结······················································································································ 75 3.6.2 习题与思考·········································································································· 75 第􀀕 章􀀁 􀀁 网络的管理·································································································· 77􀀁 4.1 TCP/IP 网络地址································································································ 78 4.2 IP 网络分类········································································································ 78 4.2.1 A 类网络·············································································································· 79 4.2.2 B 类网络·············································································································· 79 4.2.3 C 类网络·············································································································· 79 4.3 建立Internet 服务······························································································· 80 4.3.1 DNS 服务的建立································································································· 80 4.3.2 E-mail 服务的建立···························································································· 102 4.3.3 Web 服务的建立································································································ 119 4.3.4 FTP 服务的建立································································································ 129 4.3.5 建立在线聊天系统服务···················································································· 136 4.3.6 其他服务的建立································································································ 137 4.4 配置网络接口··································································································· 140 4.4.1 使用传统的方法配置网络接口········································································· 140 4.4.2 使用netcfg 配置网络接口················································································· 142 4.5 使用默认网关··································································································· 145 4.6 网络的分割······································································································· 146 4.6.1 网关计算机的配置···························································································· 146 4.6.2 主机的配置········································································································ 146 4.7 小结与练习······································································································· 147 4.7.1 小结···················································································································· 147 4.7.2 习题与思考········································································································ 147 第􀀖 章􀀁 􀀁 网络安全的基本概念················································································· 149􀀁 5.1 TCP/IP 网络参考模型······················································································ 150 5.1.1 TCP/IP 协议的发展··························································································· 151 5.1.2 OSI 参考模型····································································································· 152 5.1.3 TCP/IP 参考模型······························································································· 154 5.2 服务端口··········································································································· 156 5.3 数据包··············································································································· 158 5.3.1 IP 消息类型ICMP····························································································· 158 5.3.2 IP 消息类型UDP······························································································· 159 5.3.3 IP 消息类型TCP ······························································································· 159 5.4 小结与练习······································································································· 161 5.4.1 小结···················································································································· 161 5.4.2 习题与思考········································································································ 161 第􀀗 章􀀁 􀀁 包过滤的概念···························································································· 163􀀁 6.1 包过滤型防火墙······························································································· 165 6.1.1 包过滤型防火墙结构························································································ 165 6.1.2 包过滤防火墙的优点························································································ 166 6.1.3 包过滤路由器的局限性···················································································· 166 6.2 选择一个默认的包过滤策略············································································ 166 6.3 拒绝和禁止一个包··························································································· 167 6.4 输入包的过滤··································································································· 167 6.4.1 利用远程源地址过滤························································································ 167 6.4.2 利用本地目的地址过滤···················································································· 169 6.4.3 利用远程源端口过滤························································································ 169 6.4.4 利用本地目的端口过滤···················································································· 170 6.4.5 利用输入包的TCP 连接状态过滤···································································· 170 6.4.6 对刺探和扫描的过滤························································································ 170 6.4.7 针对拒绝服务攻击的过滤················································································· 172 6.4.8 过滤输入数据包的多种考虑············································································· 174 6.5 输出包的过滤··································································································· 175 6.5.1 利用本地源地址过滤························································································ 175 6.5.2 利用远程目的地址过滤···················································································· 176 6.5.3 利用本地源端口过滤························································································ 176 6.5.4 利用远程目的端口过滤···················································································· 176 6.5.5 利用TCP 连接状态过滤··················································································· 177 6.6 内部专用服务的过滤······················································································· 177 6.6.1 保护不安全的本地服务···················································································· 178 6.6.2 选择要运行的服务···························································································· 178 6.7 小结与练习······································································································· 183 6.7.1 小结···················································································································· 183 6.7.2 习题与思考········································································································ 183 第􀀘 章􀀁 􀀁 构建和安装防火墙···················································································· 185􀀁 7.1 Linux 防火墙管理程序····················································································· 186 7.1.1 防火墙脚本中所使用的ipchains 选项······························································ 187 7.1.2 源和目的地址选项···························································································· 189 7.2 初始化防火墙··································································································· 190 7.2.1 防火墙例子中的符号常量················································································· 190 7.2.2 删除任何已存在的规则···················································································· 191 7.2.3 定义默认策略···································································································· 191 7.2.4 启用回环接口···································································································· 192 7.2.5 源地址欺骗和其他的不合法地址····································································· 192 7.3 ICMP 状态消息过滤························································································· 200 7.3.1 错误状态控制消息···························································································· 200 7.3.2 Ping Echo Request 和Echo Reply 控制消息····················································· 202 7.4 保护分配在非特权端口上的服务···································································· 204 7.4.1 分配给非特权端口的常用本地TCP 服务························································ 205 7.4.2 分配给非特权端口的常用本地UDP 服务······················································· 207 7.5 激活基本的Internet 服务················································································· 208 7.5.1 激活DNS 服务·································································································· 208 7.5.2 激活AUTH 服务······························································································· 212 7.6 激活公用TCP 服务·························································································· 213 7.6.1 激活Usenet 新闻服务······················································································· 214 7.6.2 激活telnet 服务································································································· 215 7.6.3 激活SSH 服务··································································································· 216 7.6.4 激活whois 服务································································································· 218 7.6.5 激活ftp 服务······································································································ 219 7.6.6 激活Web 服务··································································································· 221 7.6.7 激活E-mail 服务······························································································· 224 7.6.8 激活finger 服务································································································· 231 7.6.9 激活gopher 服务······························································································· 232 7.6.10 激活WAIS 服务······························································································ 232 7.7 激活公用UDP 服务························································································· 233 7.7.1 激活traceroute 服务·························································································· 233 7.7.2 访问ISP 的DHCP 服务器················································································ 234 7.7.3 访问远程网络时间服务器················································································· 237 7.8 记录被禁止的输入数据包················································································ 238 7.9 禁止访问有问题的站点···················································································· 241 7.10 激活LAN 访问································································································· 241 7.10.1 激活LAN 对防火墙内部网络接口的访问····················································· 242 7.10.2 激活LAN 访问Internet··················································································· 242 7.11 安装防火墙····································································································· 243 7.11.1 安装带有静态IP 地址的防火墙······································································ 243 7.11.2 安装带有动态IP 地址的防火墙······································································ 244 7.12 小结与练习····································································································· 244 7.12.1 小结·················································································································· 244 7.12.2 习题与思考······································································································ 245 第􀀙 章􀀁 􀀁 多重网络防火墙························································································ 247􀀁 8.1 LAN 安全相关问题·························································································· 248 8.2 小型网络的安全配置······················································································· 249 8.2.1 LAN 访问堡垒防火墙······················································································· 249 8.2.2 在多个LAN 之间转发本地网络流··································································· 250 8.2.3 LAN 通过地址隐藏访问Internet ······································································ 251 8.3 大型内部网络的安全配置················································································ 252 8.3.1 利用子网创建多个网络···················································································· 253 8.3.2 利用主机地址或端口范围限制内部访问························································· 254 8.3.3 LAN 到Internet 的地址隐藏············································································· 261 8.3.4 端口重定向········································································································ 263 8.3.5 转发从Internet 到LAN 内部服务器的连接请求············································· 265 8.4 隐藏子网防火墙······························································································· 266 8.4.1 防火墙规则中的符号常量················································································· 266 8.4.2 清空隔断防火墙原有安全规则········································································· 268 8.4.3 定义隔断防火墙默认策略················································································· 268 8.4.4 激活隔断防火墙计算机的回环接口································································· 269 8.4.5 源地址欺骗过滤································································································ 269 8.4.6 过滤ICMP 控制状态信息················································································· 272 8.4.7 激活DNS··········································································································· 276 8.4.8 过滤用户认证服务···························································································· 281 8.4.9 E-mail 服务的过滤···························································································· 283 8.4.10 访问Usenet 新闻组服务················································································· 293 8.4.11 Telnet 服务······································································································· 296 8.4.12 SSH 服务·········································································································· 299 8.4.13 FTP 服务·········································································································· 302 8.4.14 Web 服务·········································································································· 312 8.4.15 finger 服务······································································································· 322 8.4.16 Whois 服务······································································································· 325 8.4.17 gopher 服务······································································································ 326 8.4.18 WAIS 服务······································································································· 327 8.4.19 RealAudio 和QuickTime 服务········································································ 328 8.4.20 IRC 服务·········································································································· 332 8.4.21 CU-SeeMe 服务······························································································· 336 8.4.22 网络时间服务·································································································· 340 8.4.23 远程系统日志·································································································· 343 8.4.24 Choke 主机作为本地DHCP 服务器······························································· 344 8.4.25 使局域网中主机访问Choke 防火墙主机······················································· 345 8.4.26 激活IP 地址隐藏功能····················································································· 345 8.4.27 日志记录·········································································································· 346 8.5 小结与练习······································································································· 346 8.5.1 小结···················································································································· 346 8.5.2 习题与思考········································································································ 346
购买主题
已有 3 人购买
本主题需向作者支付 2 金币 才能浏览
| |
发表于 2014-3-19 14:07:11
|
显示全部楼层
| ||
发表于 2014-3-28 10:46:00
|
显示全部楼层
| ||
发表于 2014-4-24 11:54:51
|
显示全部楼层
| ||
发表于 2014-4-26 15:26:38
|
显示全部楼层
| ||
发表于 2015-5-6 22:15:34
|
显示全部楼层
| ||
发表于 2015-5-27 13:44:44
|
显示全部楼层
| ||
发表于 2016-9-28 09:45:12
|
显示全部楼层
| ||
匿名
发表于 1970-1-1 08:00:00
| ||
发表于 2017-3-27 13:57:40
|
显示全部楼层
| ||