Datasheet
“main” (Installation and Administration) — 2004/6/25 — 13:29 — page 619 — #645
i
i
i
i
i
i
i
i
26
Security in the Network
Security in the Network
The security of data, services, and transfers within networks is and always
will be an important issue. This chapter provides information about how to
prevent unauthorized access to the system and how guard against attacks
from the outside.
The establishment of a CA (certification authority) makes it possible to en-
crypt communications throughout the network, using techniques such as a
VPN (virtual private network). Other mechanisms, such as masquerading,
firewalls, and Kerberos, can be used to control the exchange of data and
the general data traffic. The Secure Shell (SSH) allows users to log in to re-
mote hosts by way of an encrypted connection. Apart from these purely
technical instructions, this chapter also includes information about the
more general security aspects of a Linux network.
26.1 X.509 Certification with YaST . . . . . . . . . . . . . 620
26.2 VPN with SUSE LINUX . . . . . . . . . . . . . . . . 633
26.3 Masquerading and Firewalls . . . . . . . . . . . . . 643
26.4 SSH — Secure Shell, the Safe Alternative . . . . . . 652
26.5 Network Authentication — Kerberos . . . . . . . . 657
26.6 Installing and Administering Kerberos . . . . . . . 664
26.7 Security and Confidentiality . . . . . . . . . . . . . 680