[SYMBOL]
[A]
[B]
[C]
[D]
[E]
[F]
[G]
[H]
[I]
[J]
[K]
[L]
[M]
[N]
[O]
[P]
[Q]
[R]
[S]
[T]
[U]
[V]
[W]
[X]
tar utility
bundling files into single file and encrypting the tarball
encrypted backups, creating with gpg
encrypting all files in directory
TCP
enabling/disabling service invocation by inetd
IPID Sequence tests and, measuring vulnerability to forged connections
pings for host discovery, use by nmap
preventing service invocation by xinetd
reassembling streams with libnids
redirection of connections with SSH tunneling
restricting access by remote hosts (inetd)
restricting access by remote hosts (xinetd)
restricting access by remote users
RST packets for blocked ports, returned by firewall
slowing or killing connections, simulation with dsniff
stream reassembly with libnids
testing for open port
testing port by trying to connect with Telnet
tunneling session through SSH
TCP-wrappers
controlling incoming access by particular hosts or domains
sshd, built-in support for
TCP/IP connections
DROP vs. REJECT
rejecting TCP packets that initiate connections
tcpd
restricting access by remote hosts
using with xinetd
using with inetd to restrict remote host access
tcpdump (packet sniffer)
-i any options, using ifconfig before
-i option (to listen on a specific interface)
-r option, reading/displaying network trace data
-w option (saving packets to file)
libcap (packet capture library)
payload display
printing information about nmap port scan
selecting specific packets with capture filter expression
snapshot length
verifying secure mail traffic
tcsh shell
terminating SSH agent on logout
TCT (The CoronerÕs Toolkit)
tee command
Telnet
access control
blocking all outgoing connections
restricting access by time of day
restricting for remote hosts (xinetd with libwrap)
disabling/enabling invocation by xinetd
Kerberos authentication with PAM
Kerberos authentication, using with
passwords captured from sessions with dsniff
security risks of
testing TCP port by trying to connect
telnetd, configuring to require strong authentication
terminals
Linux recording of for each user
preventing superuser (root) from logging in via
testing systems for security holes
[See monitoring systems for suspicious activity]
tethereal
text editors, using encryption features for email
text-based certificate format
[See PEM format]
Thawte (Certifying Authority)
threading, listing for new service in inetd.conf
tickets, Kerberos
for IMAP on the mail server
SSH client, obtaining for
ticks
time of day, restricting service access by
timestamps
recorded by system logger for each message
in Snort filenames
sorting log files by
verifying for RPM-installed files
TLS (Transport Layer Security)
[See SSL]
tracing network system calls
Transport Layer Security (TLS)
[See SSL]
Tripwire
checking Windows VFAT filesystems
configuration
database
adding files to
excluding files from
updating to ignore discrepancies
displaying policy and configuration
download site for latest version
download sites
highly secure integrity checks
integrity check
integrity checking, basic
manual integrity checks, using instead of
policy
policy and configuration, modifying
printing latest report
protecting files against attacks
read-only integrity checks
remote integrity checking
RPM-installed files, verifying
setting up
twinstall.sh script
using rsync instead of
weaknesses
Trojan horses
checking for with chkrootkit
planted in commonly-used software packages
trust, web of
trusted certificates
trusted public keys (GnuPG)
trusted-host authentication
canonical hostname, finding for client
implications of
strong trust of client host
weak authorization controls
tty item (PAM)
tunneling
TCP session through SSH
transferring your email from another ISP with SSH
twcfg.txt file
twinstall.sh script (Tripwire)
twpol.txt file
twprint program
|