pam_apparmor
As mentioned at the beginning, network transparency is one of the central characteristics of a Unix system. X, the windowing system of Unix operating systems, can use this feature in an impressive way. With X, it is no problem to log in to a remote host and start a graphical program that is then sen…
In networked environments, it is often necessary to access hosts from a
remote location. If a user sends login and password strings for
authentication purposes as plain text, they could be intercepted and
misused to gain access to that user account. This would open all the user's files to an attacker
and the illegal account could be used to obtain administrator or
root
access, or to penetrate
other systems. In the past, remote connections were established with
telnet
, rsh
or
rlogin
, which offered no guards against eavesdropping
in the form of encryption or other security mechanisms. There are other
unprotected communication channels, like the traditional FTP protocol
and some remote copying programs like rcp
.
Whenever Linux is used in a network environment, you can use the kernel functions that allow the manipulation of network packets to maintain a separation between internal and external network areas. The Linux netfilter framework provides the means to establish an effective firewall that keeps differ…
Today, Internet connections are cheap and available almost everywhere. However, not all connections are secure. Using a Virtual Private Network (VPN), you can create a secure network within an insecure network such as the Internet or Wi-Fi. It can be implemented in different ways and serves several purposes. In this chapter, we focus on the OpenVPN implementation to link branch offices via secure wide area networks (WANs).