Search |
Symbols
| A
| B
| C
| D
| E
| F
| G
| H
| I
| J
| K
| L
| M
| N
| O
| P
| Q
| R
| S
| T
| U
| V
| W
| X
| Y
| Z
Index: A
- absolute pathnames
: 5.1.3. Current Directory and Paths
- access
- /etc/exports file
: 20.2.1.1. /etc/exports
- levels, NIS+
: 19.5.4. Using NIS+
- by non-citizens
: 26.4.1. Munitions Export
- tradition of open
: 1.4.1. Expectations
- via Web
: 18.2.2.2. Additional configuration issues
- access control
: 2.1. Planning Your Security Needs
- ACLs
- 5.2.5. Access Control Lists
- 5.2.5.2. HP-UX access control lists
- 17.3.13. Network News Transport Protocol (NNTP) (TCP Port 119)
- anonymous FTP
: 17.3.2.1. Using anonymous FTP
- Internet servers
: 17.2. Controlling Access to Servers
- monitoring employee access
: 13.2.4. Auditing Access
- physical
: 12.2.3. Physical Access
- restricted filesystems
- 8.1.5. Restricted Filesystem
- 8.1.5.2. Checking new software
- restricting data availability
: 2.1. Planning Your Security Needs
- USERFILE (UUCP)
- 15.4.1. USERFILE: Providing Remote File Access
- 15.4.2.1. Some bad examples
- Web server files
- 18.3. Controlling Access to Files on Your Server
- 18.3.3. Setting Up Web Users and Passwords
- X Window System
- 17.3.21.2. X security
- 17.3.21.3. The xhost facility
- access control lists
: (see ACLs)
- access.conf file
: 18.3.1. The access.conf and .htaccess Files
- access()
: 23.2. Tips on Avoiding Security-related Bugs
- access_log file
- 10.3.5. access_log Log File
- 18.4.2. Eavesdropping Through Log Files
- with refer_log file
: 18.4.2. Eavesdropping Through Log Files
- accidents
- 12.2.2. Preventing Accidents
- (see also natural disasters)
- accounting process
- 10.2. The acct/pacct Process Accounting File
- 10.2.3. messages Log File
- (see also auditing)
- accounts
: 3.1. Usernames
- aliases for
: 8.8.9. Account Names Revisited: Using Aliases for Increased Security
- changing login shell
- 8.4.2. Changing the Account's Login Shell
- 8.7.1. Integrating One-time Passwords with UNIX
- created by intruders
: 24.4.1. New Accounts
- default
: 8.1.2. Default Accounts
- defense checklist
: A.1.1.7. Chapter 8: Defending Your Accounts
- dormant
- 8.4. Managing Dormant Accounts
- 8.4.3. Finding Dormant Accounts
- expiring old
: 8.4.3. Finding Dormant Accounts
- group
: 8.1.6. Group Accounts
- importing to NIS server
- 19.4.1. Including or excluding specific accounts:
- 19.4.4.2. Using netgroups to limit the importing of accounts
- Joes
- 3.6.2. Smoking Joes
- 8.8.3.1. Joetest: a simple password cracker
- locking automatically
: 3.3. Entering Your Password
- logging changes to
: 10.7.2.1. Exception and activity reports
- multiple, same UID
: 4.1.2. Multiple Accounts with the Same UID
- names for
: (see usernames)
- restricted, with rsh
: 8.1.4.5. How to set up a restricted account with rsh
- restricting FTP from
: 17.3.2.5. Restricting FTP with the standard UNIX FTP server
- running single command
: 8.1.3. Accounts That Run a Single Command
- without passwords
: 8.1.1. Accounts Without Passwords
- acct file
: 10.2. The acct/pacct Process Accounting File
- acctcom program
- 10.2. The acct/pacct Process Accounting File
- 10.2.2. Accounting with BSD
- ACEs
: (see ACLs)
- ACK bit
: 16.2.4.2. TCP
- acledit command
: 5.2.5.1. AIX Access Control Lists
- aclget, aclput commands
: 5.2.5.1. AIX Access Control Lists
- ACLs (access control lists)
- 5.2.5. Access Control Lists
- 5.2.5.2. HP-UX access control lists
- errors in
: 5.2.5.1. AIX Access Control Lists
- NNTP with
: 17.3.13. Network News Transport Protocol (NNTP) (TCP Port 119)
- ACM (Association for Computing Machinery)
: F.1.1. Association for Computing Machinery (ACM)
- active FTP
: 17.3.2.2. Passive vs. active FTP
- aculog file
: 10.3.1. aculog File
- adaptive modems
: (see modems)
- adb debugger
- 19.3.1.3. Setting the window
- C.4. The kill Command
- add-on functionality
: 1.4.3. Add-On Functionality Breeds Problems
- addresses
- CIDR
: 16.2.1.3. CIDR addresses
- commands embedded in
: 15.7. Early Security Problems with UUCP
- Internet
- 16.2.1. Internet Addresses
- 16.2.1.3. CIDR addresses
- IP
: (see IP addresses)
- Adleman, Leonard
- 6.4.2. Summary of Public Key Systems
- 6.4.6. RSA and Public Key Cryptography
- .Admin directory
: 10.3.4. uucp Log Files
- administration
: (see system administration)
- adult material
: 26.4.5. Pornography and Indecent Material
- Advanced Network & Services (ANS)
: F.3.4.2. ANS customers
- AFCERT
: F.3.4.41. U.S. Air Force
- aftpd server
: 17.3.2.4. Setting up an FTP server
- agent (user)
: 4.1. Users and Groups
- agent_log file
: 18.4.2. Eavesdropping Through Log Files
- aging
: (see expiring)
- air ducts
: 12.2.3.2. Entrance through air ducts
- air filters
: 12.2.1.3. Dust
- Air Force Computer Emergency Response Team (AFCERT)
: F.3.4.41. U.S. Air Force
- AIX
- 3.3. Entering Your Password
- 8.7.1. Integrating One-time Passwords with UNIX
- access control lists
: 5.2.5.1. AIX Access Control Lists
- tftp access
: 17.3.7. Trivial File Transfer Protocol (TFTP) (UDP Port 69)
- trusted path
: 8.5.3.1. Trusted path
- alarms
: (see detectors)
- aliases
- 8.8.9. Account Names Revisited: Using Aliases for Increased Security
- 11.1.2. Back Doors and Trap Doors
- 11.5.3.3. /usr/lib/aliases, /etc/aliases, /etc/sendmail/aliases, aliases.dir, or aliases.pag
- decode
: 17.3.4.2. Using sendmail to receive email
- mail
: 17.3.4. Simple Mail Transfer Protocol (SMTP) (TCP Port 25)
- aliases file
: 11.5.3.3. /usr/lib/aliases, /etc/aliases, /etc/sendmail/aliases, aliases.dir, or aliases.pag
- AllowOverride option
: 18.3.2. Commands Within the <Directory> Block
- American Society for Industrial Security (ASIS)
: F.1.2. American Society for Industrial Security (ASIS)
- ancestor directories
: 9.2.2.2. Ancestor directories
- ANI schemes
: 14.6. Additional Security for Modems
- animals
: 12.2.1.7. Bugs (biological)
- anlpasswd package
: 8.8.2. Constraining Passwords
- anon option for /etc/exports
: 20.2.1.1. /etc/exports
- anonymous FTP
- 4.1. Users and Groups
- 17.3.2.1. Using anonymous FTP
- 17.3.2.6. Setting up anonymous FTP with the standard UNIX FTP server
- and HTTP
: 18.2.4.1. Beware mixing HTTP with anonymous FTP
- ANS (Advanced Network & Services, Inc.)
: F.3.4.2. ANS customers
- ANSI C standards
: 1.4.2. Software Quality
- answer mode
: 14.3.1. Originate and Answer
- answer testing
: 14.5.3.2. Answer testing
- answerback terminal mode
: 11.1.4. Trojan Horses
- APOP option (POP)
: 17.3.10. Post Office Protocol (POP) (TCP Ports 109 and 110)
- Apple CORES (Computer Response Squad)
: F.3.4.3. Apple Computer worldwide R&D community
- Apple Macintosh, Web server on
: 18.2. Running a Secure Server
- applets
: 11.1.5. Viruses
- application-level encryption
: 16.3.1. Link-level Security
- applications, CGI
: (see CGI, scripts)
- ar program
: 7.4.2. Simple Archives
- architecture, room
: 12.2.3. Physical Access
- archiving information
- 7.1.1.1. A taxonomy of computer failures
- (see also logging)
- arguments, checking
: 23.2. Tips on Avoiding Security-related Bugs
- ARPA (Advanced Research Projects Agency)
- 1.3. History of UNIX
- (see also UNIX, history of)
- ARPANET network
: 16.1.1. The Internet
- ASIS (American Society for Industrial Security)
: F.1.2. American Society for Industrial Security (ASIS)
- assert macro
: 23.2. Tips on Avoiding Security-related Bugs
- assessing risks
- 2.2. Risk Assessment
- 2.2.2. Review Your Risks
- 2.5.3. Final Words: Risk Management Means Common Sense
- assets, identifying
: 2.2.1.1. Identifying assets
- ASSIST
: F.3.4.42. U.S. Department of Defense
- Association for Computing Machinery (ACM)
: F.1.1. Association for Computing Machinery (ACM)
- asymmetric key cryptography
: 6.4. Common Cryptographic Algorithms
- asynchronous systems
: 19.2. Sun's Remote Procedure Call (RPC)
- Asynchronous Transfer Mode (ATM)
: 16.2. IPv4: The Internet Protocol Version 4
- at program
- 11.5.3.4. The at program
- 25.2.1.2. System overload attacks
- AT&T System V
: (see System V UNIX)
- Athena
: (see Kerberos system)
- atime
- 5.1.2. Inodes
- 5.1.5. File Times
- ATM (Asynchronous Transfer Mode)
: 16.2. IPv4: The Internet Protocol Version 4
- attacks
: (see threats)
- audio device
: 23.8. Picking a Random Seed
- audit IDs
- 4.3.3. Other IDs
- 10.1. The Basic Log Files
- auditing
- 10. Auditing and Logging
- (see also logging)
- C2 audit
: 10.1. The Basic Log Files
- checklist for
: A.1.1.9. Chapter 10: Auditing and Logging
- employee access
: 13.2.4. Auditing Access
- login times
: 10.1.1. lastlog File
- system activity
: 2.1. Planning Your Security Needs
- user activity
: 4.1.2. Multiple Accounts with the Same UID
- who is logged in
- 10.1.2. utmp and wtmp Files
- 10.1.2.1. su command and /etc/utmp and /var/adm/wtmp files
- AUTH_DES authentication
: 19.2.2.3. AUTH_DES
- AUTH_KERB authentication
: 19.2.2.4. AUTH_KERB
- AUTH_NONE authentication
: 19.2.2.1. AUTH_NONE
- AUTH_UNIX authentication
: 19.2.2.2. AUTH_UNIX
- authd service
: 23.3. Tips on Writing Network Programs
- authdes_win variable
: 19.3.1.3. Setting the window
- authentication
: 3.2.3. Authentication
- ID services
: 16.3.3. Authentication
- Kerberos
- 19.6.1. Kerberos Authentication
- 19.6.1.4. Kerberos 4 vs. Kerberos 5
- of logins
: 17.3.5. TACACS (UDP Port 49)
- message digests
- 6.5.2. Using Message Digests
- 9.2.3. Checksums and Signatures
- 23.5.1. Use Message Digests for Storing Passwords
- NIS+
: 19.5.4. Using NIS+
- RPCs
- 19.2.2. RPC Authentication
- 19.2.2.4. AUTH_KERB
- Secure RPC
: 19.3.1. Secure RPC Authentication
- security standard for
: 2.4.2. Standards
- for Web use
: 18.3.3. Setting Up Web Users and Passwords
- xhost facility
: 17.3.21.3. The xhost facility
- authenticators
: 3.1. Usernames
- AuthGroupFile option
: 18.3.2. Commands Within the <Directory> Block
- authors of programmed threats
: 11.3. Authors
- AuthRealm option
: 18.3.2. Commands Within the <Directory> Block
- AuthType option
: 18.3.2. Commands Within the <Directory> Block
- AuthUserFile option
: 18.3.2. Commands Within the <Directory> Block
- Auto_Mounter table (NIS+)
: 19.5.3. NIS+ Tables
- autologout shell variable
: 12.3.5.1. Built-in shell autologout
- Automated Systems Incident Response Capability (NASA)
: F.3.4.24. NASA: NASA-wide
- automatic
- 11.5.3. Abusing Automatic Mechanisms
- (see also at program; cron file)
- account lockout
: 3.3. Entering Your Password
- backups system
: 7.3.2. Building an Automatic Backup System
- cleanup scripts (UUCP)
: 15.6.2. Automatic Execution of Cleanup Scripts
- directory listings (Web)
: 18.2.2.2. Additional configuration issues
- disabling of dormant accounts
: 8.4.3. Finding Dormant Accounts
- logging out
: 12.3.5.1. Built-in shell autologout
- mechanisms, abusing
- 11.5.3. Abusing Automatic Mechanisms
- 11.5.3.6. Other files
- password generation
: 8.8.4. Password Generators
- power cutoff
: (see detectors)
- sprinkler systems
: 12.2.1.1. Fire
- wtmp file pruning
: 10.1.3.1. Pruning the wtmp file
- auxiliary (printer) ports
: 12.3.1.4. Auxiliary ports on terminals
- awareness, security
: (see security, user awareness of)
- awk scripts
- 11.1.4. Trojan Horses
- 11.5.1.2. IFS attacks
Search |
Symbols
| A
| B
| C
| D
| E
| F
| G
| H
| I
| J
| K
| L
| M
| N
| O
| P
| Q
| R
| S
| T
| U
| V
| W
| X
| Y
| Z
Copyright © 1999
O'Reilly & Associates, Inc.
All Rights Reserved.