security.7 - OpenGrok cross reference for /freebsd/share/man/man7/security.7

Lines Matching full:your
101 nearly impossible to stop short of cutting your system off from the Internet.
102 It may not be able to take your machine down, but it can fill up your Internet
115 one or more of your users logging into your system from a remote location
149 to your security because it will not close off the hole the attacker used to
186 For example, make sure that your PTYs are specified as being
248 intruder to break root if the intruder has gotten hold of your password
256 An indirect way to secure the root account is to secure your staff accounts
271 the machines which run the Kerberos servers and your desktop workstation.
275 (typically your workstation),
291 if your main box is running all sorts of servers, your workstation should not
293 In order for your workstation to be reasonably secure
300 a network, from people who do not have physical access to your workstation or
425 draconian access restrictions on your staff and *-out their passwords, you
430 If not, you simply have to be more vigilant in your
446 Your security scripts should always check for and report changes to
540 (if your platform has it) may not be opened at all;
585 When it comes right down to it, you can only protect your core system
599 last layer of your security onion is perhaps the most important \(em detection.
600 The rest of your security is pretty much useless (or, worse, presents you with
612 Writing your security scripts on the extra-secure limited-access system
622 If your
625 If your limited-access server
720 page verbatim, you give away your methodologies to the prospective
726 packet attacks that saturate your network, you can generally limit the damage
727 by ensuring that the attacks cannot take down your servers.
776 high enough to handle your expected load but not so high that the
815 by firewalling them off at your border routers.
817 saturation attacks from outside your LAN, not so much to protect internal
827 way you can firewall off all of your low ports except for certain specific
840 without compromising your low ports.
849 ease the complexity of your firewall's configuration.
862 packets sent to your LAN's broadcast address with the source IP address set
864 If your border routers are not
865 configured to stomp on ping's to broadcast addresses, your LAN winds up
894 are both on your LAN.
925 unsecure machine, your keys become exposed.
929 installs a forwarding port for the duration of your
931 that port to use your keys to gain access to any other machine that your
938 your reliance on potentially exposable SSH keys while at the same time