Show
3.12.2 Configuring and Using TCP Wrappers TCP wrappers provide basic filtering of incoming network traffic. You can allow or deny access from other systems to certain wrapped network services running on a Linux server. A wrapped network service is one that has been compiled against the # When a remote client attempts to connect to a network service on the system, the wrapper consults the rules in the configuration files The wrapper for a service first reads The wrapper first applies the rules specified in The rules take the following form:
where The following are some sample rules. Match all clients for scp, sftp, and ssh access ( sshd : ALL Match all clients on the 192.168.2 subnet for FTP access ( vsftpd : 192.168.2.* Match all
clients in the ALL : .mydomain.com Match all clients for FTP access, and displays the contents of the banner file vsftpd : ALL : banners /etc/banners/ Match all clients on the 200.182.68 subnet for all wrapped services, and logs all such events. The ALL : 200.182.68.* : spawn /bin/echo `date` “Attempt by %c to connect to %d" >> /var/log/tcpwr.log Match all clients for scp,
sftp, and ssh access, and logs the event as an sshd : ALL : severity emerg Match all clients in the sshd : .forbid.com : spawn /bin/echo `date` "sshd access denied for %c" >>/var/log/sshd.log : deny For more information, see the Tch 14Which of the following can you use to configure firewall rules for IPv6 on a Linux system?ip6tablesTch 14TCP WrapperPerfTch 14udevadm control --reloadPerfWhich of the following commands can be used to view the quota for a user?Tch 14visudoWhich of the following commands will change the SELinux security context of a file?chconPerfWhich of the following commands will generate a GPG public/private key pair?gpg --gen-keyTch 14dmidecodeWhich of the following does the -r option for the gpg command specify?Encrypt for the user id given.Which of the following files does a TCP wrapper check before starting a network daemon?/etc/hosts.allow and /etc/hosts.denyTch 14TACACS+Tch 14Which of the following is not a valid Apparmor command?Tch 14--use-agentTch 14Which of the following options for the gpg command will specify the key that should be retrieved?--recv-keysSecurity, Troubleshoot &PerfSecurity, Troubleshoot &PerfWhich of the following can you use to start network daemons in order to limit which computers areallowed to connect to the network service?Security, Troubleshoot &PerfWhich of the following commands allows a standard user to execute a single command as rootwithout actually switching to the root account?Which of the following commands can be used for the command line version of a popular GUI-basedprogram that is used to examine network traffic passing to and from a network interface?Which of the following commands can be used to determine the round trip time that a packet takesto traverse a network connection?Which of the following commands can be used to force udev to reload new rules from the/etc/udev/rules directory? (Choose all that apply.)Security, Troubleshoot &PerfWhich of the following commands can be used to force udev to reload new rules from the/etc/udev/rules directory? (Choose all that apply.)Which of the following commands can you use to list users who have been locked out bypam_faillock.so?Which of the following commands will allow an administrator to edit the list of permissions assignedto a user wanting to run the sudo command?Which of the following commands will allow the root user to switch to another user account withouthaving to enter that user account’s password?Security, Troubleshoot &PerfWhich of the following commands will list the BIOS information about a device when it cannototherwise be detected by a Linux system?Which of the following files contains the encrypted passwords for users on a modern Linux system bydefault? Which of the following files contains the encrypted passwords for users on a modern Linux?Each user's password is stored in an encrypted form within the /etc/passwd file. These credentials are hashed using a one-way hash function so they cannot be decrypted.
Which of the following files contains the encrypted password of the users?Traditionally, the /etc/passwd file is used to keep track of every registered user that has access to a system. The /etc/passwd file is a colon-separated file that contains the following information: User name. Encrypted password.
Where are the files stored that contain information for all of the time zones that could be recognized by a Linux operating system?Most Linux distributions keep their timezone information in the directory /usr/share/zoneinfo/. If you list the contents of this directory, you will see a bunch of region directories, such as "Americas" or "Africa".
Which of the following commands will display the exit status of the last command used in the bash shell?To display the exit code for the last command you ran on the command line, use the following command: $ echo $?
|