diff options
Diffstat (limited to 'en_US.ISO8859-1/books/handbook/security/chapter.xml')
-rw-r--r-- | en_US.ISO8859-1/books/handbook/security/chapter.xml | 35 |
1 files changed, 18 insertions, 17 deletions
diff --git a/en_US.ISO8859-1/books/handbook/security/chapter.xml b/en_US.ISO8859-1/books/handbook/security/chapter.xml index bea005d836..b10a4ab2db 100644 --- a/en_US.ISO8859-1/books/handbook/security/chapter.xml +++ b/en_US.ISO8859-1/books/handbook/security/chapter.xml @@ -12,7 +12,7 @@ <firstname>Matthew</firstname> <surname>Dillon</surname> <contrib>Much of this chapter has been taken from the - security(7) manual page by </contrib> + security(7) manual page by </contrib> </author> </authorgroup> </chapterinfo> @@ -1277,7 +1277,7 @@ GAME GAG WELT OUT DOWN CHAT</screen> <para>Once you have initialized OPIE and login, you will be presented with a prompt like this:</para> -<screen>&prompt.user; <userinput>telnet example.com</userinput> + <screen>&prompt.user; <userinput>telnet example.com</userinput> Trying 10.0.0.1... Connected to example.com Escape character is '^]'. @@ -1483,10 +1483,9 @@ Enter secret pass phrase: <userinput><secret password></userinput> qpopper : ALL : allow</programlisting> <para>After adding this line, <application>inetd</application> - will need to be restarted. This can be accomplished by use of - the &man.kill.1; command, or with the - <parameter>restart</parameter> parameter with - <filename>/etc/rc.d/inetd</filename>.</para> + will need to be restarted by using &man.service.8;:</para> + + <screen>&prompt.root; <userinput>service inetd restart</userinput></screen> </sect2> <sect2> @@ -1534,8 +1533,9 @@ ALL : ALL \ <warning> <para>It may be possible to launch a denial of service - attack on the server if an attacker, or group of attackers, - could flood these daemons with connection requests.</para> + attack on the server if an attacker, or group of + attackers, could flood these daemons with connection + requests.</para> </warning> <para>Another possibility is to use the <option>spawn</option> @@ -1859,8 +1859,8 @@ Password: <userinput>xxxxxxxx</userinput> Verifying password - Password: <userinput>xxxxxxxx</userinput></screen> <para>Now it is time to start up the <acronym>KDC</acronym> - services. Run <command>/etc/rc.d/kerberos start</command> and - <command>/etc/rc.d/kadmind start</command> to bring up the + services. Run <command>service kerberos start</command> and + <command>service kadmind start</command> to bring up the services. Note that you will not have any kerberized daemons running at this point but you should be able to confirm that the <acronym>KDC</acronym> is functioning by obtaining and @@ -1984,7 +1984,7 @@ kadmin><userinput> exit</userinput></screen> example we will enable the <command>telnet</command> service by putting a line like this into your <filename>/etc/inetd.conf</filename> and then restarting the - &man.inetd.8; service with <command>/etc/rc.d/inetd + &man.inetd.8; service with <command>service inetd restart</command>:</para> <programlisting>telnet stream tcp nowait root /usr/libexec/telnetd telnetd -a user</programlisting> @@ -3208,10 +3208,10 @@ racoon_enable="yes"</programlisting> <para>This will load &man.sshd.8;, the daemon program for <application>OpenSSH</application>, the next time your system initializes. Alternatively, it is possible to use - <filename>/etc/rc.d/sshd</filename> &man.rc.8; script to + &man.service.8; to start <application>OpenSSH</application>:</para> - <screen>&prompt.root; <userinput>/etc/rc.d/sshd start</userinput></screen> + <screen>&prompt.root; <userinput>service sshd start</userinput></screen> </sect2> <sect2> @@ -3568,7 +3568,7 @@ user@unfirewalled-system.example.org's password: <userinput>*******</userinput>< </sect2> <sect2> - <title>The <varname>AllowUsers</varname> Users Option</title> + <title>The <varname>AllowUsers</varname> Option</title> <para>It is often a good idea to limit which users can log in and from where. The <literal>AllowUsers</literal> option is @@ -3600,7 +3600,7 @@ user@unfirewalled-system.example.org's password: <userinput>*******</userinput>< <filename>/etc/ssh/sshd_config</filename> you must tell &man.sshd.8; to reload its config files, by running:</para> - <screen>&prompt.root; <userinput>/etc/rc.d/sshd reload</userinput></screen> + <screen>&prompt.root; <userinput>service sshd reload</userinput></screen> </sect2> <sect2> @@ -3628,7 +3628,8 @@ user@unfirewalled-system.example.org's password: <userinput>*******</userinput>< </authorgroup> </sect1info> - <title>File System Access Control Lists</title> + <title>File System Access Control Lists + (<acronym>ACL</acronym>s)</title> <indexterm> <primary>ACL</primary> @@ -4110,7 +4111,7 @@ VII. References <co id="co-ref"/></programlisting> basics of process accounting.</para> <sect2> - <title>Enable and Utilizing Process Accounting</title> + <title>Enabling and Utilizing Process Accounting</title> <para>Before making use of process accounting, it must be enabled. To do this, execute the following commands:</para> |