Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Index: P

backup by : 7.1.3. Types of Backups
root : (see root directory)

pass phrases : (see passwords)

pass phrases for PGP

6.6.3.1. Encrypting files with IDEA
(see also passwords)

passive FTP

17.3.2.2. Passive vs. active FTP
17.3.2.3. FTP passive mode

passwd command

3.4. Changing Your Password

8.6.2. What Is Salt?

as SUID program : 5.5. SUID

-l option

8.4.1. Changing an Account's Password
8.8.8. Disabling an Account by Changing Its Password

-n option : 8.8.6. Password Aging and Expiration

-x option : 8.8.6. Password Aging and Expiration

-f nomemory option : 3.5. Verifying Your New Password

using as superuser : 3.5. Verifying Your New Password

passwd file

1.2. What Is an Operating System?
3.2.1. The /etc/passwd File
3.2.2. The /etc/passwd File and Network Databases
4.2.3. Impact of the /etc/passwd and /etc/group Files on Security
7.1.2. What Should You Back Up?
8.1.1. Accounts Without Passwords
8.6. The UNIX Encrypted Password System
15.1.4. How the UUCP Commands Work
24.4.1. New Accounts
C.5.1. Process #1: /etc/init
(see /etc/passwd file)

Passwd table (NIS+) : 19.5.3. NIS+ Tables

passwd+ package

8.8.2. Constraining Passwords
8.8.4. Password Generators

password coach : 8.8.4. Password Generators

password file : 19.4.4.6. NIS is confused about "+"

password modems : 14.6. Additional Security for Modems

password.adjunct file : 8.8.5. Shadow Password Files

passwords

3.2. Passwords

3.6.1. Bad Passwords: Open Doors

3.8. Summary

23.5. Tips on Using Passwords

accounts without : 8.1.1. Accounts Without Passwords

assigning to users : 8.8.1. Assigning Passwords to Users

avoiding conventional

8.8. Administrative Techniques for Conventional Passwords
8.8.9. Account Names Revisited: Using Aliases for Increased Security

bad choices for

3.6.1. Bad Passwords: Open Doors
3.6.4. Passwords on Multiple Machines

changing

3.4. Changing Your Password
3.5. Verifying Your New Password
8.4.1. Changing an Account's Password
8.8.8. Disabling an Account by Changing Its Password

checklist for : A.1.1.2. Chapter 3: Users and Passwords

constraining : 8.8.2. Constraining Passwords

conventional : 3.2.6. Conventional UNIX Passwords

cracking

8.6.1. The crypt() Algorithm
8.8.3. Cracking Your Own Passwords
8.8.3.2. The dilemma of password crackers
17.3.3. TELNET (TCP Port 23)

encrypting

8.6. The UNIX Encrypted Password System
8.6.4. Crypt16() and Other Algorithms

expiring : 8.8.6. Password Aging and Expiration

federal jurisdiction over : 26.2.2. Federal Jurisdiction

FTP and : 17.3.2. (FTP) File Transfer Protocol (TCP Ports 20 and 21)

generators of : 8.8.4. Password Generators

hit lists of : 3.6.1. Bad Passwords: Open Doors

Kerberos : 19.6.5. Kerberos Limitations

logging changes to : 10.7.2.1. Exception and activity reports

logging failed attempts at : 10.5.3. syslog Messages

for MUDs : 17.3.23. Other TCP Ports: MUDs and Internet Relay Chat (IRC)

on multiple machines

3.6.4. Passwords on Multiple Machines
3.6.5. Writing Down Passwords

over network connections : 23.3. Tips on Writing Network Programs

with network services : 17.4. Security Implications of Network Services

NIS, with Secure RPC : 19.3.2.1. Creating passwords for users

NIS+, changing : 19.5.4.1. Changing your password

one-time

3.7. One-Time Passwords
8.7. One-Time Passwords
8.7.3. Code Books
17.4. Security Implications of Network Services

with POP : 17.3.10. Post Office Protocol (POP) (TCP Ports 109 and 110)

required for Web use

18.3.2. Commands Within the <Directory> Block
18.3.3. Setting Up Web Users and Passwords

shadow

8.4.1. Changing an Account's Password
8.8.5. Shadow Password Files

sniffing

1.4.3. Add-On Functionality Breeds Problems
3. Users and Passwords
8.7. One-Time Passwords

system clock and : 17.3.14. Network Time Protocol (NTP) (UDP Port 123)

token cards with : 8.7.2. Token Cards

unique, number of : 3.6.3. Good Passwords: Locked Doors

usernames as : 8.8.3.1. Joetest: a simple password cracker

UUCP accounts : 15.3.2. Establishing UUCP Passwords

verifying new : 3.5. Verifying Your New Password

wizard's (sendmail) : 17.3.4.1. sendmail and security

writing down : 3.6.5. Writing Down Passwords

patches, logging : 10.7.2.2. Informational material

patents : 26.4.4. Patent Concerns

and cryptography : 6.7.1. Cryptography and the U.S. Patent System

PATH variable

8.1.4.1. Restricted shells under System V UNIX
8.1.4.6. Potential problems with rsh
23.4. Tips on Writing SUID/SGID Programs
attacks via : 11.5.1.1. PATH attacks

pathnames : 23.2. Tips on Avoiding Security-related Bugs

paths : 5.1.3. Current Directory and Paths

trusted : 8.5.3.1. Trusted path

pax program : 7.4.2. Simple Archives

PCERT (Purdue University) : F.3.4.30. Purdue University

PCs

viruses on : 11.1.5. Viruses
web server on : 18.2. Running a Secure Server

PDP-11 processors

1.3. History of UNIX
8.6.1. The crypt() Algorithm

Penn State response team : F.3.4.29. Pennsylvania State University

per-machine logs : 10.7.2. Per-Machine Logs

per-site logs : 10.7.1. Per-Site Logs

performance

compromised

25.2.1. Process-Overload Problems
25.2.1.2. System overload attacks

reviews : 13.2.3. Performance Reviews and Monitoring

with Secure RPC : 19.3.4. Limitations of Secure RPC

using FFS : 25.2.2.6. Reserved space

perimeter, security : 12.1.1. The Physical Security Plan

perl command

-T option

18.2.3.4. Tainting with Perl
23.4. Tips on Writing SUID/SGID Programs

Perl programming language

5.5.3. SUID Shell Scripts

11.1.4. Trojan Horses

11.5.1.2. IFS attacks

random seed generator : 23.9. A Good Random Seed Generator

script for reading lastlog file : 10.1.1. lastlog File

Swatch program

10.6. Swatch: A Log File Tool
10.6.2. The Swatch Configuration File
E.4.9. Swatch

tainting facility : 18.2.3.4. Tainting with Perl

permissions

1.1. What Is Computer Security?

5.1.6. Understanding File Permissions

5.2.4. Using Octal File Permissions

11.1.5. Viruses

11.6.1. File Protections

11.6.1.3. World-readable backup devices

access control lists (ACLs)

5.2.5. Access Control Lists
5.2.5.2. HP-UX access control lists

changing

5.2.1. chmod: Changing a File's Permissions
5.2.4. Using Octal File Permissions

directory : 5.4. Using Directory Permissions

/etc/utmp file : 10.1.2. utmp and wtmp Files

intruder's modifications to : 24.4.1.2. Changes in file and directory protections

modem devices : 14.5.2. Setting Up the UNIX Device

modem files : 14.5.1. Hooking Up a Modem to Your Computer

of NIS+ objects : 19.5.5. NIS+ Limitations

octal

5.2.3. Calculating Octal File Permissions
5.2.4. Using Octal File Permissions

of .rhosts file : 17.3.18.4. The ~/.rhosts file

SUID programs

5.5. SUID
5.5.7. SGID Bit on Files (System V UNIX Only): Mandatory Record Locking

symbolic links and : 5.1.7. File Permissions in Detail

umasks

5.3. The umask
5.3.2. Common umask Values

UUCP : 15.4.1.4. Special permissions

Permissions file

15.5. Security in BNU UUCP
15.5.1. Permissions File
15.5.3. uucheck: Checking Your Permissions File
checking with uucheck : 15.5.3. uucheck: Checking Your Permissions File

personnel : (see employees)

PGP (Pretty Good Privacy)

6.6.3. PGP: Pretty Good Privacy
6.6.3.6. PGP detached signatures
-eat and -seat options : 6.6.3.3. Encrypting a message
encrypting message with : 6.6.3.3. Encrypting a message
encrypting Web documents : 18.4.1. Eavesdropping Over the Wire
-ka option : 6.6.3.2. Creating your PGP public key
-kg option : 6.6.3.2. Creating your PGP public key
-kvc option : 6.6.3.6. PGP detached signatures
-kxaf option : 6.6.3.2. Creating your PGP public key
-o option : 6.6.3.6. PGP detached signatures
-sat option : 6.6.3.4. Adding a digital signature to an announcement
-sb option : 6.6.3.6. PGP detached signatures
software signature : E.4. Software Resources

ph (phonebook) server : 17.3.8.3. Replacing finger

phantom mail : 17.3.4.2. Using sendmail to receive email

physical security

12. Physical Security

12.4.2. "Nothing to Lose?"

access control : 12.2.3. Physical Access

of backups

7.1.6. Security for Backups
7.1.6.3. Data security for backups

checklist for : A.1.1.11. Chapter 12: Physical Security

modems

14.5.4. Physical Protection of Modems
14.6. Additional Security for Modems

read-only filesystems : 9.1.2. Read-only Filesystems

signal grounding : 25.3.3. Signal Grounding

PIDs (process IDs)

C.1.3.1. Process identification numbers (PID)
C.1.3.4. Process groups and sessions

Pieprzyk, Josef : 6.5.4.3. HAVAL

PingWare program : 17.6.3. PingWare

pipe (in Swatch program) : 10.6.2. The Swatch Configuration File

pipes

18.2.3.2. Testing is not enough!
18.2.3.3. Sending mail

pipes (for smoking) : 12.2.1.2. Smoke

piracy of software

26.4.2.1. Software piracy and the SPA
(see also software)

pirated software : (see software)

plaintext attacks : 6.2.3. Cryptographic Strength

.plan file : 17.3.8.1. The .plan and .project files

platforms : (see operating systems)

play accounts : (see open accounts)

playback attacks : 19.6.1.2. Using the ticket granting ticket

plus sign (+)

in hosts.equiv file : 17.3.18.5. Searching for .rhosts files

in NIS

19.4. Sun's Network Information Service (NIS)
19.4.4.6. NIS is confused about "+"

Point-to-Point Protocol (PPP) : 14.5. Modems and UNIX

policy, security

1.2. What Is an Operating System?

2. Policies and Guidelines

2.5.3. Final Words: Risk Management Means Common Sense

A.1.1.1. Chapter 2: Policies and Guidelines

cost-benefit analysis

2.3. Cost-Benefit Analysis
2.3.4. Convincing Management

risk assessment

2.2. Risk Assessment
2.2.2. Review Your Risks
2.5.3. Final Words: Risk Management Means Common Sense

role of

2.4.1. The Role of Policy
2.4.4. Some Key Ideas in Developing a Workable Policy
2.4.4.7. Defend in depth

politics : 11.3. Authors

polyalphabetic ciphers : 6.3. The Enigma Encryption System

polygraph tests : 13.1. Background Checks

POP (Post Office Protocol) : 17.3.10. Post Office Protocol (POP) (TCP Ports 109 and 110)

popen function

18.2.3.2. Testing is not enough!
23.2. Tips on Avoiding Security-related Bugs

pornography : 26.4.5. Pornography and Indecent Material

port numbers

23.3. Tips on Writing Network Programs
G. Table of IP Services

portable computers : 12.2.6.3. Portables

portable I/O library : 1.3. History of UNIX

portmap service

19.2.1. Sun's portmap/rpcbind
19.4.4.4. Spoofing RPC
E.4.6. portmap

portmapper program

17.3.11. Sun RPC's portmapper (UDP and TCP Ports 111)
19.2.1. Sun's portmap/rpcbind
19.4.5. Unintended Disclosure of Site Information with NIS

ports

16.2.4.2. TCP
17.1.1. The /etc/services File
G. Table of IP Services
trusted : (see trusted, ports)

positivity : 2.4.4.2. Be positive

POSIX

1.3. History of UNIX
1.4.2. Software Quality
C.1.3.4. Process groups and sessions
chown command and : 5.7. chown: Changing a File's Owner

Post Office Protocol : (see POP)

postmaster, contacting : 24.2.4.2. How to contact the system administrator of a computer you don't know

PostScript files : 11.1.5. Viruses

power outages, logging : 10.7.1.1. Exception and activity reports

power surges

12.2. Protecting Computer Hardware
12.2.1.8. Electrical noise
(see also lightning)

PPP (Point-to-Point Protocol)

14.5. Modems and UNIX
16.2. IPv4: The Internet Protocol Version 4

preserve program : 5.5.3.2. Another SUID example: IFS and the /usr/lib/preserve hole

Pretty Good Privacy : (see PGP)

prevention, cost of

2.3. Cost-Benefit Analysis
2.3.4. Convincing Management

primary group : 4.1.3. Groups and Group Identifiers (GIDs)

principals, NIS+ : 19.5.1. What NIS+ Does

print through process : 12.3.2.1. Verify your backups

printers

buffers : 12.3.4.1. Printer buffers
/etc/hosts.lpd file : 17.3.18.6. /etc/hosts.lpd file
logging to : 10.5.2.1. Logging to a printer
output from : 12.3.4.2. Printer output
ports for : 12.3.1.4. Auxiliary ports on terminals

priority of processes : C.1.3.3. Process priority and niceness

privacy

2.1. Planning Your Security Needs
2.5.2. Confidential Information
9. Integrity Management
12.3. Protecting Data
12.3.6. Key Switches
(see also encryption; integrity)
Electronic Communications Privacy Act (ECPA) : 26.2.3. Federal Computer Crime Laws
Secure RPC : 19.3.4. Limitations of Secure RPC

private-key cryptography

6.4. Common Cryptographic Algorithms
6.4.1. Summary of Private Key Systems

privilege testing (modem) : 14.5.3.3. Privilege testing

privileges, file : (see permissions)

privileges, SUID : (see SUID/SGID programs)

processes

C.1. About Processes

C.5.3. Running the User's Shell

accounting

10.2. The acct/pacct Process Accounting File
10.2.3. messages Log File

group IDs

4.3.3. Other IDs
C.1.3.4. Process groups and sessions

overload attacks

25.2.1. Process-Overload Problems
25.2.1.2. System overload attacks

priority of : C.1.3.3. Process priority and niceness

scheduler : C.1.3.3. Process priority and niceness

procmail system : 11.5.2.5. .forward, .procmailrc

.procmailrc file : 11.5.2.5. .forward, .procmailrc

.profile file

8.1.4.1. Restricted shells under System V UNIX
8.1.4.6. Potential problems with rsh
11.5.2.1. .login, .profile, /etc/profile
24.4.1.6. Changes to startup files

programmed threats

11. Protecting Against Programmed Threats
11.6.2. Shared Libraries
authors of : 11.3. Authors
checklist for : A.1.1.10. Chapter 11: Protecting Against Programmed Threats
protection from : 11.5. Protecting Yourself
references on : D.1.4. Computer Viruses and Programmed Threats

programming : 23. Writing Secure SUID and Network Programs

references for : D.1.11. UNIX Programming and System Administration

programs

CGI : (see CGI, scripts)

integrity of : (see integrity, data)

for network services : 23.3. Tips on Writing Network Programs

rabbit

11.1. Programmed Threats: Definitions
11.1.7. Bacteria and Rabbits

running simultaneously : 23.2. Tips on Avoiding Security-related Bugs

secure : 23. Writing Secure SUID and Network Programs

worms : 11.1.6. Worms

Project Athena : (see Kerberos system)

.project file : 17.3.8.1. The .plan and .project files

proprietary ownership notices : 26.2.6. Other Tips

prosecution, criminal

26.2. Criminal Prosecution
26.2.7. A Final Note on Criminal Actions

protocols

16.2.4. Packets and Protocols
(see also under specific protocol)
IP : (see IP protocols)

Protocols table (NIS+) : 19.5.3. NIS+ Tables

proxies, checklist for : A.1.1.21. Chapter 22: Wrappers and Proxies

pruning the wtmp file : 10.1.3.1. Pruning the wtmp file

ps command

6.6.2. des: The Data Encryption Standard

10.1.2. utmp and wtmp Files

19.3.2.3. Making sure Secure RPC programs are running on every workstation

24.2.1. Catching One in the Act

C.1.2. The ps Command

C.1.2.2. Listing processes with Berkeley-derived versions of UNIX

with kill command : 24.2.5. Getting Rid of the Intruder

to stop process overload

25.2.1.1. Too many processes
25.2.1.2. System overload attacks

pseudo-devices : 5.6. Device Files

pseudorandom functions : 23.6. Tips on Generating Random Numbers

PUBDIR= command : 15.5.2. Permissions Commands

public-key cryptography

6.4. Common Cryptographic Algorithms
6.4.2. Summary of Public Key Systems
6.4.6. RSA and Public Key Cryptography
6.4.6.3. Strength of RSA
6.5.3. Digital Signatures
18.3. Controlling Access to Files on Your Server
18.6. Dependence on Third Parties
breaking : 19.3.4. Limitations of Secure RPC
PGP : 6.6.3.2. Creating your PGP public key
proving identity with : 19.3.1.1. Proving your identity

publicity hounds : 11.3. Authors

publicizing security holes : 2.5.1. Going Public

publickey file : 19.3.2.1. Creating passwords for users

Purdue University (PCERT) : F.3.4.30. Purdue University

Purify : 23.2. Tips on Avoiding Security-related Bugs

pwck command : 8.2. Monitoring File Format

Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z