<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>Linux Security HOWTO: $B%;%-%e%j%F%#$N=`Hw(B ($B%M%C%H%o!<%/$K@\B3$9$kA0$K(B)</TITLE>
<LINK HREF="Security-HOWTO-9.html" REL=next>
<LINK HREF="Security-HOWTO-7.html" REL=previous>
<LINK HREF="Security-HOWTO.html#toc8" REL=contents>
</HEAD>
<BODY>
<A HREF="Security-HOWTO-9.html">$B<!$N%Z!<%8(B</A>
<A HREF="Security-HOWTO-7.html">$BA0$N%Z!<%8(B</A>
<A HREF="Security-HOWTO.html#toc8">$BL\<!$X(B</A>
<HR>
<H2><A NAME="secure-prep"></A> <A NAME="s8">8. $B%;%-%e%j%F%#$N=`Hw(B ($B%M%C%H%o!<%/$K@\B3$9$kA0$K(B)</A></H2>
<P>$B$5$F(B, $B%7%9%F%`$N%A%'%C%/$,=*$o$j(B, $B0BA4$+$D;H$$$d$9$$$b$N$K$J$j(B, $B%M%C%H(B
$B%o!<%/$K@\B3$9$k=`Hw$,$G$-$^$7$?(B. $B$3$3$G$O(B, $B<B:]$K?/F~$5$l$?>l9g$KHw$((B
$B$F$N=`Hw$N$?$a$K$9$Y$-$3$H$r$$$/$D$+5s$2$^$9(B. $B$3$l$r9T$C$F$*$1$P(B, $B?/F~(B
$B<T$r$9$0$KDI$$J'$$(B, $B%7%9%F%`$rI|5l(B, $B2TF/$5$;$k$3$H$,$G$-$^$9(B.
<P>
<H2><A NAME="ss8.1">8.1 $B%^%7%sA4BN$N%P%C%/%"%C%W$N:n@.(B</A>
</H2>
<P>$B%P%C%/%"%C%W$NJ}K!$dJ]B8G^BN$K$D$$$F$N5DO@$OK\%I%-%e%a%s%H$NHO0O30$G$9(B
$B$,(B, $B%P%C%/%"%C%W$H%;%-%e%j%F%#$K$D$$$F4JC1$K?($l$F$*$-$^$9(B:
<P>1 $B$D$N%Q!<%F%#%7%g%s$KF~$C$F$$$k%G!<%?$,(B 650MB $B0J2<$G$"$l$P(B, CD-R $B$K%G!<(B
$B%?$r%3%T!<$9$k$HNI$$$G$7$g$&(B($B2~cb$,:$Fq$G$9$7(B, $B$-$A$s$HJ]4I$9$l$PD94|(B
$B4VJ]B8$G$-$^$9(B). $B%F!<%W$J$I$NFI$_=q$-2DG=$J%a%G%#%"$O(B, $B%P%C%/%"%C%W$,(B
$B=*$o$j<!Bh=q$-9~$_6X;_$K$7(B, $B2~cb$G$-$J$$$h$&$K$9$Y$-$G$9(B. $B%P%C%/%"%C%W(B
$B$O%*%s%i%$%s$G%"%/%;%9$G$-$J$$>l=j$KCV$-$^$7$g$&(B. $BNI$$%P%C%/%"%C%W$r:n$C(B
$B$F$*$1$P(B, $B2?$+$"$C$?;~$K%7%9%F%`$r$=$N;~E@$KI|5l$5$;$k$3$H$,$G$-$^$9(B.
<P>
<H2><A NAME="ss8.2">8.2 $BE,@Z$J%P%C%/%"%C%W7W2h$N7hDj(B</A>
</H2>
<P>6 $BK\$N%F!<%W$r;H$$2s$9$H4IM}$,3Z$G$9(B. 4 $BK\$N%F!<%W$rJ?F|$K;H$$(B, $B;D$j$N(B
2 $BK\$O(B 1 $BK\$:$D6bMKF|$K3V=5$G;H$$$^$9(B. $BKhF|%$%s%/%j%a%s%?%k%P%C%/%"%C%W(B
$B$r<B9T$7(B, $B6bMKF|$N%F!<%W(B($BE,@Z$JJ}(B)$B$K$O%U%k%P%C%/%"%C%W$r<h$j$^$9(B.
$BFC$K=EMW$JJQ99$,%7%9%F%`$K$"$C$?>l9g$d(B, $B=EMW$J%G!<%?$r2C$($?>l9g$K$O(B,
$B%P%C%/%"%C%W$r9T$&$N$,E,@Z$G$7$g$&(B.
<P>
<H2><A NAME="ss8.3">8.3 RPM $B%U%!%$%k%G!<%?%Y!<%9$d(B Debian $B$N%U%!%$%k%G!<%?%Y!<%9$N%P%C%/%"%C%W(B</A>
</H2>
<P>$B%7%9%F%`$K?/F~$5$l$?;~$K(B RPM $B%G!<%?%Y!<%9$r(B <CODE>tripwire</CODE> $BBe$o$j$K(B
$B;H$&$3$H$,$G$-$^$9$,(B, $B$3$l$O%G!<%?%Y!<%9$,2~cb$5$l$F$$$J$$$3$H$,3N<B$J(B
$B>l9g$@$1$G$9(B. $B$G$9$+$i(B, RPM $B%G!<%?%Y!<%9$r%U%m%C%T!<%G%#%9%/$K%3%T!<$7(B
$B$F$*$-(B, $B%3%s%T%e!<%?$+$i<h$j=P$7$FJ]4I$7$F$*$-$^$7$g$&(B. Debian $B%G%#%9(B
$B%H%j%S%e!<%7%g%s$K$D$$$F$bF1MM$G$9(B.
<P>$B%U%!%$%k(B <CODE>/var/lib/rpm/fileindex.rpm</CODE> $B$d(B
<CODE>/var/lib/rpm/packages.rpm</CODE>
$B$OBgDq%U%m%C%T!<%G%#%9%/(B 1 $BKg$K$O<}$^$i$J$$$G$7$g$&(B.
$B$G$9$,05=L$9$l$PJL!9$N%U%m%C%T!<%G%#%9%/$K<}$a$k$3$H$,$G$-$k$O$:$G$9(B.
<P>$B2>$K%7%9%F%`$K?/F~$5$l$F$7$^$C$?$H$-$K$O(B, $B<!$N%3%^%s%I$r<B9T$7$F%7%9%F(B
$B%`$N3F%U%!%$%k$r8!::$7$^$9(B:
<P>
<BLOCKQUOTE><CODE>
<PRE>
root# rpm -Va
</PRE>
</CODE></BLOCKQUOTE>
<CODE>rpm</CODE> $B$N%*%s%i%$%s%^%K%e%"%k$r;2>H$9$l$P(B, $B=PNO$r>/$J$/$9$k%*%W(B
$B%7%g%s$K4X$9$k@bL@$,$"$j$^$9(B. RPM $B$N%P%$%J%j<+BN$,2~cb$5$l$F$$$J$$$3$H(B
$B$b3NG'$9$Y$-$G$"$kE@$OK:$l$J$$$G$/$@$5$$(B.
<P>$B$3$NJ}K!$r;H$&>l9g$K$O(B, $B?7$7$$(B RPM $B%Q%C%1!<%8$rDI2C$9$k$4$H$K(B RPM $B%G!<(B
$B%?%Y!<%9$N%P%C%/%"%C%W$r<h$i$J$1$l$P$J$j$^$;$s(B. $B$3$NJ}K!$r;H$&$+$I$&$+(B
$B$OMxE@$H7gE@$r9M$(9g$o$;$F7h$a$F$/$@$5$$(B.
<P>
<H2><A NAME="logs"></A> <A NAME="ss8.4">8.4 $B%7%9%F%`%m%0$N4F;k(B</A>
</H2>
<P><CODE>syslog</CODE> $B$+$iF@$i$l$k>pJs$,2~cb$5$l$J$$$h$&$K$9$k$N$O$H$F$b=EMW$G$9(B.
$B$^$:(B, <CODE>/var/log</CODE> $B$r(B
$BFCDj$N%f!<%6$7$+FI$_=q$-$G$-$J$$$h$&$K$7$F$*$-$^$7$g$&(B.
<P>$B%m%0$K=PNO$5$l$F$$$k$3$H(B, $BFC$K(B <CODE>auth</CODE> $B$N9`L\$K$OL\$rDL$7$^$7$g(B
$B$&(B. $BNc$($P%m%0%$%s<:GT$,B3$$$F$$$k$H(B, $B$3$l$O?/F~$N;n$_$N:/@W$+$b$7$l$^(B
$B$;$s(B.
<P>$B%m%0$,$I$3$K$"$k$+$O(B $B%G%#%9%H%j%S%e!<%7%g%s$K$h$C$F0[$J$j$^$9(B. Red Hat
$B$N$h$&$K(B "Linux Filesystem Standard" $B$K=`5r$7$F$$$k%7%9%F%`$G$"$l$P(B,
<CODE>/var/log</CODE> $B$K(B <CODE>messages</CODE> $B%U%!%$%k$d(B <CODE>mail.log</CODE> $BEy(B
$B$,$"$k$O$:$G$9(B.
<P>$B<+J,$,;H$C$F$$$k%G%#%9%H%j%S%e!<%7%g%s$,$I$3$K%m%0$r=PNO$7$F$$$k$N$+$O(B,
<CODE>/etc/syslog.conf</CODE> $B%U%!%$%k$r8+$l$P$o$+$j$^$9(B. $B$3$l$O(B
<CODE>syslogd</CODE> ($B%7%9%F%`$N%m%0$r<h$k$?$a$N%G!<%b%s(B)$B$K(B, $B%a%C%;!<%8$N(B
$B=PNO$N;EJ}$r;X<($9$k%U%!%$%k$G$9(B.
<P>$B%m%0$,D9$/$J$j2a$.$J$$$h$&$K$7(B, $B8!::$b$7$d$9$/$9$k$?$a$K(B, $B%m%0$r%m!<%F!<(B
$B%H$5$;$k%9%/%j%W%H$d%G!<%b%s$r@_Dj$9$k$3$H$b$G$-$^$9(B. $B:G6a$N(B Red Hat $B%G%#(B
$B%9%H%j%S%e!<%7%g%s$G$O(B <CODE>logrotate</CODE> $B%Q%C%1!<%8$rD4$Y$F$_$^$7$g$&(B.
$BB>$N%G%#%9%H%j%S%e!<%7%g%s$K$bF1MM$N;EAH$_$,$"$k$O$:$G$9(B.
<P>$B%m%0%U%!%$%k$,2~cb$5$l$F$7$^$C$F$b(B, $B$$$D(B, $B$I$s$J<oN`$N2~cb$,9T$o$l$?$N(B
$B$+$rD4$Y$^$7$g$&(B. $BD94|4V5-O?$5$l$F$$$J$$9`L\$O$"$j$^$;$s$+(B? ($B$b$7$"$k(B
$B$J$i$P(B)$B%P%C%/%"%C%W$N%F!<%W$G(B, $B2~cb$5$l$F$$$J$$%m%0$r%A%'%C%/$9$k$3$H(B
$B$b$G$-$^$9(B.
<P>$B?/F~$N:/@W$r>C$9$?$a(B, $B?/F~<T$O0lHLE*$K%m%0%U%!%$%k$r2~cb$7$^$9$,(B,
$B$=$l$G$b;W$o$L$H$3$m$G%A%'%C%/$K0z$C$+$+$k$3$H$b$"$j$^$9(B.
$BF~8}$r8+$D$1$h$&$H$7$F$$$?$j(B,
root $B8"8B$rF@$k$?$a%W%m%0%i%`$rIT@5;HMQ$7$h$&$H$7$F$$$k(B
$B?/F~<T$K5$$E$/$+$b$7$l$^$;$s(B.
$B?/F~<T$,%m%0$r2~cb$9$k$h$jA0$K(B, $B%m%0$r8+$^$7$g$&(B.
<P><CODE>su</CODE> $B$K$h$k%f!<%6JQ99$d%m%0%$%s$N;n$_Ey$N%f!<%6%"%+%&%s%H>pJs$r(B
$B4^$`(B <CODE>auth</CODE> $B$N9`L\$O(B, $BB>$N%m%0$+$iJ,N%$9$Y$-$G$7$g$&(B.
<P>$B2DG=$J$i$P(B, $B=EMW$J%G!<%?$N%3%T!<$r0BA4$J%7%9%F%`$KAw$k$h$&$K(B
<CODE>syslog</CODE> $B$r@_Dj$7$^$7$g$&(B. $B$3$l$K$h$j(B, login/su/ftp $BEy$N5-O?$r(B
$B>C$7$F?/F~<T$,B-@W$r>C$7$F$7$^$&$3$H$rKI$2$^$9(B. <CODE>syslog.conf</CODE>
$B$N%*%s%i%$%s%^%K%e%"%k$N(B <CODE>@</CODE> $B%*%W%7%g%s$r;2>H$7$F$/$@$5$$(B.
<P>$B9b5!G=HG$N(B <CODE>syslogd</CODE> $B$,$$$/$D$+$"$j$^$9(B. $BNc$($P(B
<A HREF="http://www.core-sdi.com/ssyslog/">http://www.core-sdi.com/ssyslog/</A> $B$K$"$k(B Secure Syslog $B$r$4Mw$/(B
$B$@$5$$(B. Secure Syslog $B$r;H$&$H(B syslog $B$N%(%s%H%j$r0E9f2=$7$FC/$b2~cb$G(B
$B$-$J$$$h$&$K$7$^$9(B.
<P>$BJL$N9b5!G=(B <CODE>syslogd</CODE> $B$H$7$F$O(B
<A HREF="http://www.balabit.hu/products/syslog-ng.html">syslog-ng</A> $B$,$"$j$^$9(B.
$B$3$l$rMQ$$$k$H%m%0$N5-O?$r$h$j=@Fp$K9T$&$3$H$,$G$-(B,
$B$^$?%j%b!<%H$N(B syslog $B$N%9%H%j!<%`$r2~cb$G$-$J$$$h$&$K$7$^$9(B.
<P>$B:G8e$K$J$j$^$9$,(B, $BC/$bFI$s$G$$$J$$$h$&$J%m%0$OLr$KN)$A$^$;$s(B. $BE,Ev$K4V(B
$B3V$r<h$C$F%m%0$rFI$_(B, $B$$$D$b$O$I$s$J46$8$G$"$k$N$+$r463PE*$KCN$C$F$*$-(B
$B$^$7$g$&(B. $B$=$&$7$F$*$1$P(B, $B0[>o$,$"$C$?>l9g$K$9$0$K8+$D$1$k$3$H$,$G$-$^$9(B.
<P>
<H2><A NAME="ss8.5">8.5 $B%7%9%F%`99?7%Q%C%1!<%8$NE,MQ(B</A>
</H2>
<P>$B$[$H$s$I$N%f!<%6$O(B Linux $B$r(B CD-ROM $B$+$i%$%s%9%H!<%k$7$^$9(B. $B$7$+$7(B, $B%;(B
$B%-%e%j%F%#$N$?$a$N%7%9%F%`=$@5$OB.$$%Z!<%9$G9T$o$l$F$$$k$N$G(B, $B?7$7$$(B
($B=$@5:Q$_$N(B)$B%W%m%0%i%`$,>o$K%j%j!<%9$5$l$F$$$^$9(B. $B%^%7%s$r%M%C%H%o!<%/(B
$B$K@\B3$9$kA0$K$O(B, $B$*;H$$$N%G%#%9%H%j%S%e!<%7%g%s$N(B FTP $B%5%$%H$r%A%'%C(B
$B%/$7(B, $B%$%s%9%H!<%k$K;H$C$?(B CD-ROM $B$h$j?7$7$$%Q%C%1!<%8$rA4$F<j$KF~$l$^(B
$B$7$g$&(B. $B$3$l$i$N%Q%C%1!<%8$K$O%;%-%e%j%F%#4XO"$N=EMW$J=$@5$,F~$C$F$$$k(B
$B$3$H$,B?$$$N$G(B, $B$3$l$r%$%s%9%H!<%k$9$k$N$ONI$$9M$($G$9(B.
<P>
<HR>
<A HREF="Security-HOWTO-9.html">$B<!$N%Z!<%8(B</A>
<A HREF="Security-HOWTO-7.html">$BA0$N%Z!<%8(B</A>
<A HREF="Security-HOWTO.html#toc8">$BL\<!$X(B</A>
</BODY>
</HTML>
distrib
>
Mandriva
>
2008.1
>
x86_64
>
media
>
main-release
>
by-pkgid
>
17a4b2c1b6ee695e469f771cfdbee1d0
>
files
>
1312
