Book Home

Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Index: A

absolute pathnames : 5.1.3. Current Directory and Paths
access
/etc/exports file : 20.2.1.1. /etc/exports
levels, NIS+ : 19.5.4. Using NIS+
by non-citizens : 26.4.1. Munitions Export
tradition of open : 1.4.1. Expectations
via Web : 18.2.2.2. Additional configuration issues
access control : 2.1. Planning Your Security Needs
ACLs
5.2.5. Access Control Lists
5.2.5.2. HP-UX access control lists
17.3.13. Network News Transport Protocol (NNTP) (TCP Port 119)
anonymous FTP : 17.3.2.1. Using anonymous FTP
Internet servers : 17.2. Controlling Access to Servers
monitoring employee access : 13.2.4. Auditing Access
physical : 12.2.3. Physical Access
restricted filesystems
8.1.5. Restricted Filesystem
8.1.5.2. Checking new software
restricting data availability : 2.1. Planning Your Security Needs
USERFILE (UUCP)
15.4.1. USERFILE: Providing Remote File Access
15.4.2.1. Some bad examples
Web server files
18.3. Controlling Access to Files on Your Server
18.3.3. Setting Up Web Users and Passwords
X Window System
17.3.21.2. X security
17.3.21.3. The xhost facility
access control lists : (see ACLs)
access.conf file : 18.3.1. The access.conf and .htaccess Files
access() : 23.2. Tips on Avoiding Security-related Bugs
access_log file
10.3.5. access_log Log File
18.4.2. Eavesdropping Through Log Files
with refer_log file : 18.4.2. Eavesdropping Through Log Files
accidents
12.2.2. Preventing Accidents
(see also natural disasters)
accounting process
10.2. The acct/pacct Process Accounting File
10.2.3. messages Log File
(see also auditing)
accounts : 3.1. Usernames
aliases for : 8.8.9. Account Names Revisited: Using Aliases for Increased Security
changing login shell
8.4.2. Changing the Account's Login Shell
8.7.1. Integrating One-time Passwords with UNIX
created by intruders : 24.4.1. New Accounts
default : 8.1.2. Default Accounts
defense checklist : A.1.1.7. Chapter 8: Defending Your Accounts
dormant
8.4. Managing Dormant Accounts
8.4.3. Finding Dormant Accounts
expiring old : 8.4.3. Finding Dormant Accounts
group : 8.1.6. Group Accounts
importing to NIS server
19.4.1. Including or excluding specific accounts:
19.4.4.2. Using netgroups to limit the importing of accounts
Joes
3.6.2. Smoking Joes
8.8.3.1. Joetest: a simple password cracker
locking automatically : 3.3. Entering Your Password
logging changes to : 10.7.2.1. Exception and activity reports
multiple, same UID : 4.1.2. Multiple Accounts with the Same UID
names for : (see usernames)
restricted, with rsh : 8.1.4.5. How to set up a restricted account with rsh
restricting FTP from : 17.3.2.5. Restricting FTP with the standard UNIX FTP server
running single command : 8.1.3. Accounts That Run a Single Command
without passwords : 8.1.1. Accounts Without Passwords
acct file : 10.2. The acct/pacct Process Accounting File
acctcom program
10.2. The acct/pacct Process Accounting File
10.2.2. Accounting with BSD
ACEs : (see ACLs)
ACK bit : 16.2.4.2. TCP
acledit command : 5.2.5.1. AIX Access Control Lists
aclget, aclput commands : 5.2.5.1. AIX Access Control Lists
ACLs (access control lists)
5.2.5. Access Control Lists
5.2.5.2. HP-UX access control lists
errors in : 5.2.5.1. AIX Access Control Lists
NNTP with : 17.3.13. Network News Transport Protocol (NNTP) (TCP Port 119)
ACM (Association for Computing Machinery) : F.1.1. Association for Computing Machinery (ACM)
active FTP : 17.3.2.2. Passive vs. active FTP
aculog file : 10.3.1. aculog File
adaptive modems : (see modems)
adb debugger
19.3.1.3. Setting the window
C.4. The kill Command
add-on functionality : 1.4.3. Add-On Functionality Breeds Problems
addresses
CIDR : 16.2.1.3. CIDR addresses
commands embedded in : 15.7. Early Security Problems with UUCP
Internet
16.2.1. Internet Addresses
16.2.1.3. CIDR addresses
IP : (see IP addresses)
Adleman, Leonard
6.4.2. Summary of Public Key Systems
6.4.6. RSA and Public Key Cryptography
.Admin directory : 10.3.4. uucp Log Files
administration : (see system administration)
adult material : 26.4.5. Pornography and Indecent Material
Advanced Network & Services (ANS) : F.3.4.2. ANS customers
AFCERT : F.3.4.41. U.S. Air Force
aftpd server : 17.3.2.4. Setting up an FTP server
agent (user) : 4.1. Users and Groups
agent_log file : 18.4.2. Eavesdropping Through Log Files
aging : (see expiring)
air ducts : 12.2.3.2. Entrance through air ducts
air filters : 12.2.1.3. Dust
Air Force Computer Emergency Response Team (AFCERT) : F.3.4.41. U.S. Air Force
AIX
3.3. Entering Your Password
8.7.1. Integrating One-time Passwords with UNIX
access control lists : 5.2.5.1. AIX Access Control Lists
tftp access : 17.3.7. Trivial File Transfer Protocol (TFTP) (UDP Port 69)
trusted path : 8.5.3.1. Trusted path
alarms : (see detectors)
aliases
8.8.9. Account Names Revisited: Using Aliases for Increased Security
11.1.2. Back Doors and Trap Doors
11.5.3.3. /usr/lib/aliases, /etc/aliases, /etc/sendmail/aliases, aliases.dir, or aliases.pag
decode : 17.3.4.2. Using sendmail to receive email
mail : 17.3.4. Simple Mail Transfer Protocol (SMTP) (TCP Port 25)
aliases file : 11.5.3.3. /usr/lib/aliases, /etc/aliases, /etc/sendmail/aliases, aliases.dir, or aliases.pag
AllowOverride option : 18.3.2. Commands Within the <Directory> Block
American Society for Industrial Security (ASIS) : F.1.2. American Society for Industrial Security (ASIS)
ancestor directories : 9.2.2.2. Ancestor directories
ANI schemes : 14.6. Additional Security for Modems
animals : 12.2.1.7. Bugs (biological)
anlpasswd package : 8.8.2. Constraining Passwords
anon option for /etc/exports : 20.2.1.1. /etc/exports
anonymous FTP
4.1. Users and Groups
17.3.2.1. Using anonymous FTP
17.3.2.6. Setting up anonymous FTP with the standard UNIX FTP server
and HTTP : 18.2.4.1. Beware mixing HTTP with anonymous FTP
ANS (Advanced Network & Services, Inc.) : F.3.4.2. ANS customers
ANSI C standards : 1.4.2. Software Quality
answer mode : 14.3.1. Originate and Answer
answer testing : 14.5.3.2. Answer testing
answerback terminal mode : 11.1.4. Trojan Horses
APOP option (POP) : 17.3.10. Post Office Protocol (POP) (TCP Ports 109 and 110)
Apple CORES (Computer Response Squad) : F.3.4.3. Apple Computer worldwide R&D community
Apple Macintosh, Web server on : 18.2. Running a Secure Server
applets : 11.1.5. Viruses
application-level encryption : 16.3.1. Link-level Security
applications, CGI : (see CGI, scripts)
ar program : 7.4.2. Simple Archives
architecture, room : 12.2.3. Physical Access
archiving information
7.1.1.1. A taxonomy of computer failures
(see also logging)
arguments, checking : 23.2. Tips on Avoiding Security-related Bugs
ARPA (Advanced Research Projects Agency)
1.3. History of UNIX
(see also UNIX, history of)
ARPANET network : 16.1.1. The Internet
ASIS (American Society for Industrial Security) : F.1.2. American Society for Industrial Security (ASIS)
assert macro : 23.2. Tips on Avoiding Security-related Bugs
assessing risks
2.2. Risk Assessment
2.2.2. Review Your Risks
2.5.3. Final Words: Risk Management Means Common Sense
assets, identifying : 2.2.1.1. Identifying assets
ASSIST : F.3.4.42. U.S. Department of Defense
Association for Computing Machinery (ACM) : F.1.1. Association for Computing Machinery (ACM)
asymmetric key cryptography : 6.4. Common Cryptographic Algorithms
asynchronous systems : 19.2. Sun's Remote Procedure Call (RPC)
Asynchronous Transfer Mode (ATM) : 16.2. IPv4: The Internet Protocol Version 4
at program
11.5.3.4. The at program
25.2.1.2. System overload attacks
AT&T System V : (see System V UNIX)
Athena : (see Kerberos system)
atime
5.1.2. Inodes
5.1.5. File Times
ATM (Asynchronous Transfer Mode) : 16.2. IPv4: The Internet Protocol Version 4
attacks : (see threats)
audio device : 23.8. Picking a Random Seed
audit IDs
4.3.3. Other IDs
10.1. The Basic Log Files
auditing
10. Auditing and Logging
(see also logging)
C2 audit : 10.1. The Basic Log Files
checklist for : A.1.1.9. Chapter 10: Auditing and Logging
employee access : 13.2.4. Auditing Access
login times : 10.1.1. lastlog File
system activity : 2.1. Planning Your Security Needs
user activity : 4.1.2. Multiple Accounts with the Same UID
who is logged in
10.1.2. utmp and wtmp Files
10.1.2.1. su command and /etc/utmp and /var/adm/wtmp files
AUTH_DES authentication : 19.2.2.3. AUTH_DES
AUTH_KERB authentication : 19.2.2.4. AUTH_KERB
AUTH_NONE authentication : 19.2.2.1. AUTH_NONE
AUTH_UNIX authentication : 19.2.2.2. AUTH_UNIX
authd service : 23.3. Tips on Writing Network Programs
authdes_win variable : 19.3.1.3. Setting the window
authentication : 3.2.3. Authentication
ID services : 16.3.3. Authentication
Kerberos
19.6.1. Kerberos Authentication
19.6.1.4. Kerberos 4 vs. Kerberos 5
of logins : 17.3.5. TACACS (UDP Port 49)
message digests
6.5.2. Using Message Digests
9.2.3. Checksums and Signatures
23.5.1. Use Message Digests for Storing Passwords
NIS+ : 19.5.4. Using NIS+
RPCs
19.2.2. RPC Authentication
19.2.2.4. AUTH_KERB
Secure RPC : 19.3.1. Secure RPC Authentication
security standard for : 2.4.2. Standards
for Web use : 18.3.3. Setting Up Web Users and Passwords
xhost facility : 17.3.21.3. The xhost facility
authenticators : 3.1. Usernames
AuthGroupFile option : 18.3.2. Commands Within the <Directory> Block
authors of programmed threats : 11.3. Authors
AuthRealm option : 18.3.2. Commands Within the <Directory> Block
AuthType option : 18.3.2. Commands Within the <Directory> Block
AuthUserFile option : 18.3.2. Commands Within the <Directory> Block
Auto_Mounter table (NIS+) : 19.5.3. NIS+ Tables
autologout shell variable : 12.3.5.1. Built-in shell autologout
Automated Systems Incident Response Capability (NASA) : F.3.4.24. NASA: NASA-wide
automatic
11.5.3. Abusing Automatic Mechanisms
(see also at program; cron file)
account lockout : 3.3. Entering Your Password
backups system : 7.3.2. Building an Automatic Backup System
cleanup scripts (UUCP) : 15.6.2. Automatic Execution of Cleanup Scripts
directory listings (Web) : 18.2.2.2. Additional configuration issues
disabling of dormant accounts : 8.4.3. Finding Dormant Accounts
logging out : 12.3.5.1. Built-in shell autologout
mechanisms, abusing
11.5.3. Abusing Automatic Mechanisms
11.5.3.6. Other files
password generation : 8.8.4. Password Generators
power cutoff : (see detectors)
sprinkler systems : 12.2.1.1. Fire
wtmp file pruning : 10.1.3.1. Pruning the wtmp file
auxiliary (printer) ports : 12.3.1.4. Auxiliary ports on terminals
awareness, security : (see security, user awareness of)
awk scripts
11.1.4. Trojan Horses
11.5.1.2. IFS attacks


Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Copyright © 1999 O'Reilly & Associates, Inc. All Rights Reserved.