[ Bottom of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]

Security Guide

Contents

About This Book

Who Should Use This Book

Case-Sensitivity in AIX

Related Publications

Standalone System Security

Installing and Configuring a Secure System

The Trusted Computing Base

Controlled Access Protection Profile and Evaluation Assurance Level 4+

Managing X11 and CDE Concerns

Users, Roles, and Passwords

The Root Account

Administrative Roles

Set Up Anonymous FTP with a Secure User Account

System Special User Accounts

Access Control Lists

User Authentication

Disk Quota System Overview

Auditing Subsystem

Event Selection

Auditing Subsystem Configuration

Audit Logger Configuration

Setting Up Auditing

LDAP Exploitation of the Security Subsystem

Setting Up an LDAP Security Information Server

Setting Up an LDAP Client

LDAP User Management

LDAP Host Access Control

LDAP Security Information Server Auditing

Related Information

IBM 4758 Model 2 Cryptographic Coprocessor

PKCS #11 Subsystem Configuration

X.509 Certificate Authentication Service and Public Key Infrastructure

Overview of Certificate Authentication Service

Implementation of Certificate Authentication Service

Planning for Certificate Authentication Service

Packaging of Certificate Authentication Service

Installing and Configuring Certificate Authentication Service

Pluggable Authentication Module

PAM Configuration File

Adding a PAM Module

Changing the /etc/pam.conf

Enabling PAM Debug

Integrating PAM in AIX

OpenSSH Software Tools

Using OpenSSH with PAM

Network and Internet Security

TCP/IP Security

Operating System-Specific Security

TCP/IP Command Security

Trusted Processes

Network Trusted Computing Base

Data Security and Information Protection

User Based TCP Port Access Control with Discretionary Access Control for Internet Ports

Network Services

Identifying Network Services with Open Communication Ports

Identifying TCP and UDP Sockets

Internet Protocol (IP) Security

IP Security Overview

Installing the IP Security Feature

Planning IP Security Configuration

Configuring Internet Key Exchange Tunnels

Working with Digital Certificates and the Key Manager

Configuring Manual Tunnels

Setting Up Filters

Logging Facilities

IP Security Problem Determination

IP Security Reference

Network Information Services (NIS) and NIS+ Security

Operating System Security Mechanisms

NIS+ Security Mechanisms

NIS+ Authentication and Credentials

NIS+ Authorization and Access

NIS+ Security and Administrative Rights

NIS+ Security Reference

Network File System (NFS) Security

NFS Authentication

Naming Network Entities for DES Authentication

The /etc/publickey File

Booting Considerations of Public Key Systems

Performance Considerations of Secure NFS

Checklist for Administering Secure NFS

Configuring Secure NFS

Exporting a File System Using Secure NFS

Mounting a File System Using Secure NFS

Enterprise Identity Mapping

Managing Multiple User Registries

Current Approaches

Using Enterprise Identity Mapping

Appendix A. Security Checklist

Appendix B. Security Resources

Security Web Sites

Security Mailing Lists

Security Online References

Appendix C. Summary of Common AIX System Services

Appendix D. Summary of Network Service Options

Appendix E. Notices

[ Top of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]