website diff en/doc/handbook/security.html @ rev 124
en: Tidy up Tazwok Manual & typos
| author | Paul Issott <paul@slitaz.org> |
|---|---|
| date | Sat Jul 26 20:47:49 2008 +0000 (2008-07-26) |
| parents | f0c0c73578c0 |
| children | ff73e55e9dd5 |
line diff
1.1 --- a/en/doc/handbook/security.html Sat Jun 14 14:48:17 2008 +0000 1.2 +++ b/en/doc/handbook/security.html Sat Jul 26 20:47:49 2008 +0000 1.3 @@ -6,7 +6,7 @@ 1.4 <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" /> 1.5 <meta name="description" content="slitaz English handbook" /> 1.6 <meta name="expires" content="never" /> 1.7 - <meta name="modified" content="2008-02-26 18:30:00" /> 1.8 + <meta name="modified" content="2008-07-18 05:30:00" /> 1.9 <meta name="publisher" content="www.slitaz.org" /> 1.10 <meta name="author" content="Christophe Lincoln" /> 1.11 <link rel="shortcut icon" href="favicon.ico" /> 1.12 @@ -30,9 +30,9 @@ 1.13 <h2><font color="#df8f06">SliTaz and System Security</font></h2> 1.14 1.15 <ul> 1.16 - <li><a href="#policy">Security Policy</a></li> 1.17 + <li><a href="#policy">Security Policy.</a></li> 1.18 <li><a href="#root">Root</a> - The system administrator.</li> 1.19 - <li><a href="#passwords">Passwords</a></li> 1.20 + <li><a href="#passwords">Passwords.</a></li> 1.21 <li><a href="#busybox">Busybox</a> - Configuration file /etc/busybox.conf.</li> 1.22 <li><a href="#web-server">LightTPD web server</a> - Disable the LightTPD web server.</li> 1.23 <li><a href="#ssh">SSH server</a> - Default options.</li> 1.24 @@ -44,7 +44,7 @@ 1.25 <a name="policy"></a> 1.26 <h3>Security Policy</h3> 1.27 <p> 1.28 -SliTaz has given a lot of consideration to system security. Applications are tested for many months before being 1.29 +SliTaz has given a lot of consideration to system security. Applications are tested for many months before being 1.30 included in the distribution. At boot time, a minimum of services are launched by the rc scripts. For a complete 1.31 lists of daemons enabled, you can look in the <code>RUN_DAEMONS</code> variable in the <code>/etc/rcS.conf</code> configuration 1.32 file: 1.33 @@ -62,11 +62,11 @@ 1.34 <a name="root"></a> 1.35 <h3>Root - The system administrator</h3> 1.36 <p> 1.37 -In a GNU/Linux system, the <em>root</em> user is the system administrator, <em>root</em> has all the rights 1.38 +In a GNU/Linux system, the <em>root</em> user is the system administrator. <em>root</em> has all the rights 1.39 to the system files and that of the users. It is advisable never to log in as <em>root</em> by using the command 1.40 -<code>su</code> followed by the password to obtain absolute rights over the system. Never log in as <em>root</em> and surf the 1.41 -internet for example, this allows you to create a double barrier in the case of an attack or intrusion after a 1.42 -download. This makes it harder for a <em>cracker</em> to take control of your machine - first he must crack your 1.43 +<code>su</code> followed by the password to obtain absolute rights over the system. Never log in as <em>root</em> and surf the 1.44 +internet for example. This allows you to create a double barrier in the case of an attack or intrusion after a 1.45 +download and makes it harder for a <em>cracker</em> to take control of your machine - first he must crack your 1.46 password and then crack the <em>root</em> password of the system administrator. 1.47 </p> 1.48 <p> 1.49 @@ -102,7 +102,7 @@ 1.50 environment, you can safely disable it by removing it from the <code>RUN_DAEMONS</code> variable in the 1.51 <code>/etc/rcS.conf</code> configuration file or to stop it manually: 1.52 </p> 1.53 -<pre> # etc/init.d/lighttpd stop 1.54 +<pre> # /etc/init.d/lighttpd stop 1.55 </pre> 1.56 1.57 <a name="ssh"></a> 1.58 @@ -117,7 +117,7 @@ 1.59 <pre> # /etc/init.d/dropbear start 1.60 </pre> 1.61 <p> 1.62 -By default Dropbear is launched with the following options: 1.63 +By default, Dropbear is launched with the following options: 1.64 </p> 1.65 <pre class="script"> -w Disallow root logins. 1.66 -g Disallow logins for root password. 1.67 @@ -130,7 +130,7 @@ 1.68 <a name="pscan"></a> 1.69 <h3>Pscan - Ports scanner</h3> 1.70 <p> 1.71 -Pscan is a small utility of the Busybox project, it scans the ports of your machine. You can use 1.72 +Pscan is a small utility of the Busybox project that scans the ports of your machine. You can use 1.73 <code>pscan</code> to scan the localhost or a remote host using the name or IP address of the machine. 1.74 Pscan will test all the ports from 1 - 1024 by default and list those that are open, their protocol 1.75 and associated service (ssh, www, etc):