Safari | Linux Socket Programming by Example -> 16. Network Security Programming

Linux Socket Programming by Example - Warren Gay

Linux Socket Programming by Example
	Table of Contents
	Preface>
	I: Basic Socket Concepts
	1. Introducing Sockets
	2. Domains and Address Families
	3. Address Conversion Functions
	4. Socket Types and Protocols
	5. Binding Addresses to a Socket
	6. Connectionless-Oriented Protocols
	7. Connection-Oriented Protocols for Clients
	8. Connection-Oriented Protocols for Servers
	9. Hostname and Network Name Lookups
	II: Advanced Socket Programming
	10. Using Standard I/O on Sockets
	11. Concurrent Client Servers
	12. Socket Options
	13. Broadcasting with UDP
	14. Out-of-Band Data
	15. Using the inetd Daemon
	16. Network Security Programming
		Defining Security
		The Challenges of Security
		Identifying Friend or Foe
		Securing inetd Servers
		Installing Wrapper and Server Programs
		Introducing the Client Program
		Installing and Testing the Wrapper
		What's Next
	17. Passing Credentials and File Descriptors
	18. A Practical Network Project
	Appendixes
	A. Socket Function Quick Reference
	B. Socket-Related Structures Reference
	C. Useful Network Tables
	glossary
	Index

< BACK

CONTINUE >

159231153036212041242100244042145096184017042031058173141099048169011021062221137049126149

Chapter 16. Network Security Programming

Up to this point in the book, you have focused on learning how to write socket-enabled programs, whether they be client or server programs. No consideration has been given to securing your programs against external threats, which can come from the Internet or from hostile users within your own local area network (at a university, for example). This chapter will introduce you to

How the inetd daemon can be used with the TCP wrapper concept to provide screening of clients
How the TCP wrapper concept works
How the TCP wrapper concept falls short in some areas

When you complete this chapter, you will fully understand how the TCP wrapper concept works and know how to apply it to servers that you might administer or write yourself.

< BACK

CONTINUE >