Search |
Symbols
| A
| B
| C
| D
| E
| F
| G
| H
| I
| J
| K
| L
| M
| N
| O
| P
| Q
| R
| S
| T
| U
| V
| W
| X
| Y
| Z
Index: P
- pacct file
: 10.2. The acct/pacct Process Accounting File
- pack program
: 6.6.1.2. Ways of improving the security of crypt
- packet sniffing
: 16.3.1. Link-level Security
- packet-switching networks
: 16.2. IPv4: The Internet Protocol Version 4
- packets
: (see IP packets)
- paper
- backups on
: 24.5.1. Never Trust Anything Except Hardcopy
- copies
: 7.3.2. Building an Automatic Backup System
- logging on
: 10.7. Handwritten Logs
- shredders for
: 12.3.3. Other Media
- throwing out
: 12.3.3. Other Media
- parent processes
: C.2. Creating Processes
- partitions
: 25.2.2.4. Using partitions to protect your users
- backup by
: 7.1.3. Types of Backups
- root
: (see root directory)
- pass phrases
: (see passwords)
- pass phrases for PGP
- 6.6.3.1. Encrypting files with IDEA
- (see also passwords)
- passive FTP
- 17.3.2.2. Passive vs. active FTP
- 17.3.2.3. FTP passive mode
- passwd command
- 3.4. Changing Your Password
- 8.6.2. What Is Salt?
- as SUID program
: 5.5. SUID
- -l option
- 8.4.1. Changing an Account's Password
- 8.8.8. Disabling an Account by Changing Its Password
- -n option
: 8.8.6. Password Aging and Expiration
- -x option
: 8.8.6. Password Aging and Expiration
- -f nomemory option
: 3.5. Verifying Your New Password
- using as superuser
: 3.5. Verifying Your New Password
- passwd file
- 1.2. What Is an Operating System?
- 3.2.1. The /etc/passwd File
- 3.2.2. The /etc/passwd File and Network Databases
- 4.2.3. Impact of the /etc/passwd and /etc/group Files on Security
- 7.1.2. What Should You Back Up?
- 8.1.1. Accounts Without Passwords
- 8.6. The UNIX Encrypted Password System
- 15.1.4. How the UUCP Commands Work
- 24.4.1. New Accounts
- C.5.1. Process #1: /etc/init
- (see /etc/passwd file)
- Passwd table (NIS+)
: 19.5.3. NIS+ Tables
- passwd+ package
- 8.8.2. Constraining Passwords
- 8.8.4. Password Generators
- password coach
: 8.8.4. Password Generators
- password file
: 19.4.4.6. NIS is confused about "+"
- password modems
: 14.6. Additional Security for Modems
- password.adjunct file
: 8.8.5. Shadow Password Files
- passwords
- 3.2. Passwords
- 3.6.1. Bad Passwords: Open Doors
- 3.8. Summary
- 23.5. Tips on Using Passwords
- accounts without
: 8.1.1. Accounts Without Passwords
- assigning to users
: 8.8.1. Assigning Passwords to Users
- avoiding conventional
- 8.8. Administrative Techniques for Conventional Passwords
- 8.8.9. Account Names Revisited: Using Aliases for Increased Security
- bad choices for
- 3.6.1. Bad Passwords: Open Doors
- 3.6.4. Passwords on Multiple Machines
- changing
- 3.4. Changing Your Password
- 3.5. Verifying Your New Password
- 8.4.1. Changing an Account's Password
- 8.8.8. Disabling an Account by Changing Its Password
- checklist for
: A.1.1.2. Chapter 3: Users and Passwords
- constraining
: 8.8.2. Constraining Passwords
- conventional
: 3.2.6. Conventional UNIX Passwords
- cracking
- 8.6.1. The crypt() Algorithm
- 8.8.3. Cracking Your Own Passwords
- 8.8.3.2. The dilemma of password crackers
- 17.3.3. TELNET (TCP Port 23)
- encrypting
- 8.6. The UNIX Encrypted Password System
- 8.6.4. Crypt16() and Other Algorithms
- expiring
: 8.8.6. Password Aging and Expiration
- federal jurisdiction over
: 26.2.2. Federal Jurisdiction
- FTP and
: 17.3.2. (FTP) File Transfer Protocol (TCP Ports 20 and 21)
- generators of
: 8.8.4. Password Generators
- hit lists of
: 3.6.1. Bad Passwords: Open Doors
- Kerberos
: 19.6.5. Kerberos Limitations
- logging changes to
: 10.7.2.1. Exception and activity reports
- logging failed attempts at
: 10.5.3. syslog Messages
- for MUDs
: 17.3.23. Other TCP Ports: MUDs and Internet Relay Chat (IRC)
- on multiple machines
- 3.6.4. Passwords on Multiple Machines
- 3.6.5. Writing Down Passwords
- over network connections
: 23.3. Tips on Writing Network Programs
- with network services
: 17.4. Security Implications of Network Services
- NIS, with Secure RPC
: 19.3.2.1. Creating passwords for users
- NIS+, changing
: 19.5.4.1. Changing your password
- one-time
- 3.7. One-Time Passwords
- 8.7. One-Time Passwords
- 8.7.3. Code Books
- 17.4. Security Implications of Network Services
- with POP
: 17.3.10. Post Office Protocol (POP) (TCP Ports 109 and 110)
- required for Web use
- 18.3.2. Commands Within the <Directory> Block
- 18.3.3. Setting Up Web Users and Passwords
- shadow
- 8.4.1. Changing an Account's Password
- 8.8.5. Shadow Password Files
- sniffing
- 1.4.3. Add-On Functionality Breeds Problems
- 3. Users and Passwords
- 8.7. One-Time Passwords
- system clock and
: 17.3.14. Network Time Protocol (NTP) (UDP Port 123)
- token cards with
: 8.7.2. Token Cards
- unique, number of
: 3.6.3. Good Passwords: Locked Doors
- usernames as
: 8.8.3.1. Joetest: a simple password cracker
- UUCP accounts
: 15.3.2. Establishing UUCP Passwords
- verifying new
: 3.5. Verifying Your New Password
- wizard's (sendmail)
: 17.3.4.1. sendmail and security
- writing down
: 3.6.5. Writing Down Passwords
- patches, logging
: 10.7.2.2. Informational material
- patents
: 26.4.4. Patent Concerns
- and cryptography
: 6.7.1. Cryptography and the U.S. Patent System
- PATH variable
- 8.1.4.1. Restricted shells under System V UNIX
- 8.1.4.6. Potential problems with rsh
- 23.4. Tips on Writing SUID/SGID Programs
- attacks via
: 11.5.1.1. PATH attacks
- pathnames
: 23.2. Tips on Avoiding Security-related Bugs
- paths
: 5.1.3. Current Directory and Paths
- trusted
: 8.5.3.1. Trusted path
- pax program
: 7.4.2. Simple Archives
- PCERT (Purdue University)
: F.3.4.30. Purdue University
- PCs
- viruses on
: 11.1.5. Viruses
- web server on
: 18.2. Running a Secure Server
- PDP-11 processors
- 1.3. History of UNIX
- 8.6.1. The crypt() Algorithm
- Penn State response team
: F.3.4.29. Pennsylvania State University
- per-machine logs
: 10.7.2. Per-Machine Logs
- per-site logs
: 10.7.1. Per-Site Logs
- performance
- compromised
- 25.2.1. Process-Overload Problems
- 25.2.1.2. System overload attacks
- reviews
: 13.2.3. Performance Reviews and Monitoring
- with Secure RPC
: 19.3.4. Limitations of Secure RPC
- using FFS
: 25.2.2.6. Reserved space
- perimeter, security
: 12.1.1. The Physical Security Plan
- perl command
- -T option
- 18.2.3.4. Tainting with Perl
- 23.4. Tips on Writing SUID/SGID Programs
- Perl programming language
- 5.5.3. SUID Shell Scripts
- 11.1.4. Trojan Horses
- 11.5.1.2. IFS attacks
- random seed generator
: 23.9. A Good Random Seed Generator
- script for reading lastlog file
: 10.1.1. lastlog File
- Swatch program
- 10.6. Swatch: A Log File Tool
- 10.6.2. The Swatch Configuration File
- E.4.9. Swatch
- tainting facility
: 18.2.3.4. Tainting with Perl
- permissions
- 1.1. What Is Computer Security?
- 5.1.6. Understanding File Permissions
- 5.2.4. Using Octal File Permissions
- 11.1.5. Viruses
- 11.6.1. File Protections
- 11.6.1.3. World-readable backup devices
- access control lists (ACLs)
- 5.2.5. Access Control Lists
- 5.2.5.2. HP-UX access control lists
- changing
- 5.2.1. chmod: Changing a File's Permissions
- 5.2.4. Using Octal File Permissions
- directory
: 5.4. Using Directory Permissions
- /etc/utmp file
: 10.1.2. utmp and wtmp Files
- intruder's modifications to
: 24.4.1.2. Changes in file and directory protections
- modem devices
: 14.5.2. Setting Up the UNIX Device
- modem files
: 14.5.1. Hooking Up a Modem to Your Computer
- of NIS+ objects
: 19.5.5. NIS+ Limitations
- octal
- 5.2.3. Calculating Octal File Permissions
- 5.2.4. Using Octal File Permissions
- of .rhosts file
: 17.3.18.4. The ~/.rhosts file
- SUID programs
- 5.5. SUID
- 5.5.7. SGID Bit on Files (System V UNIX Only): Mandatory Record Locking
- symbolic links and
: 5.1.7. File Permissions in Detail
- umasks
- 5.3. The umask
- 5.3.2. Common umask Values
- UUCP
: 15.4.1.4. Special permissions
- Permissions file
- 15.5. Security in BNU UUCP
- 15.5.1. Permissions File
- 15.5.3. uucheck: Checking Your Permissions File
- checking with uucheck
: 15.5.3. uucheck: Checking Your Permissions File
- personnel
: (see employees)
- PGP (Pretty Good Privacy)
- 6.6.3. PGP: Pretty Good Privacy
- 6.6.3.6. PGP detached signatures
- -eat and -seat options
: 6.6.3.3. Encrypting a message
- encrypting message with
: 6.6.3.3. Encrypting a message
- encrypting Web documents
: 18.4.1. Eavesdropping Over the Wire
- -ka option
: 6.6.3.2. Creating your PGP public key
- -kg option
: 6.6.3.2. Creating your PGP public key
- -kvc option
: 6.6.3.6. PGP detached signatures
- -kxaf option
: 6.6.3.2. Creating your PGP public key
- -o option
: 6.6.3.6. PGP detached signatures
- -sat option
: 6.6.3.4. Adding a digital signature to an announcement
- -sb option
: 6.6.3.6. PGP detached signatures
- software signature
: E.4. Software Resources
- ph (phonebook) server
: 17.3.8.3. Replacing finger
- phantom mail
: 17.3.4.2. Using sendmail to receive email
- physical security
- 12. Physical Security
- 12.4.2. "Nothing to Lose?"
- access control
: 12.2.3. Physical Access
- of backups
- 7.1.6. Security for Backups
- 7.1.6.3. Data security for backups
- checklist for
: A.1.1.11. Chapter 12: Physical Security
- modems
- 14.5.4. Physical Protection of Modems
- 14.6. Additional Security for Modems
- read-only filesystems
: 9.1.2. Read-only Filesystems
- signal grounding
: 25.3.3. Signal Grounding
- PIDs (process IDs)
- C.1.3.1. Process identification numbers (PID)
- C.1.3.4. Process groups and sessions
- Pieprzyk, Josef
: 6.5.4.3. HAVAL
- PingWare program
: 17.6.3. PingWare
- pipe (in Swatch program)
: 10.6.2. The Swatch Configuration File
- pipes
- 18.2.3.2. Testing is not enough!
- 18.2.3.3. Sending mail
- pipes (for smoking)
: 12.2.1.2. Smoke
- piracy of software
- 26.4.2.1. Software piracy and the SPA
- (see also software)
- pirated software
: (see software)
- plaintext attacks
: 6.2.3. Cryptographic Strength
- .plan file
: 17.3.8.1. The .plan and .project files
- platforms
: (see operating systems)
- play accounts
: (see open accounts)
- playback attacks
: 19.6.1.2. Using the ticket granting ticket
- plus sign (+)
- in hosts.equiv file
: 17.3.18.5. Searching for .rhosts files
- in NIS
- 19.4. Sun's Network Information Service (NIS)
- 19.4.4.6. NIS is confused about "+"
- Point-to-Point Protocol (PPP)
: 14.5. Modems and UNIX
- policy, security
- 1.2. What Is an Operating System?
- 2. Policies and Guidelines
- 2.5.3. Final Words: Risk Management Means Common Sense
- A.1.1.1. Chapter 2: Policies and Guidelines
- cost-benefit analysis
- 2.3. Cost-Benefit Analysis
- 2.3.4. Convincing Management
- risk assessment
- 2.2. Risk Assessment
- 2.2.2. Review Your Risks
- 2.5.3. Final Words: Risk Management Means Common Sense
- role of
- 2.4.1. The Role of Policy
- 2.4.4. Some Key Ideas in Developing a Workable Policy
- 2.4.4.7. Defend in depth
- politics
: 11.3. Authors
- polyalphabetic ciphers
: 6.3. The Enigma Encryption System
- polygraph tests
: 13.1. Background Checks
- POP (Post Office Protocol)
: 17.3.10. Post Office Protocol (POP) (TCP Ports 109 and 110)
- popen function
- 18.2.3.2. Testing is not enough!
- 23.2. Tips on Avoiding Security-related Bugs
- pornography
: 26.4.5. Pornography and Indecent Material
- port numbers
- 23.3. Tips on Writing Network Programs
- G. Table of IP Services
- portable computers
: 12.2.6.3. Portables
- portable I/O library
: 1.3. History of UNIX
- portmap service
- 19.2.1. Sun's portmap/rpcbind
- 19.4.4.4. Spoofing RPC
- E.4.6. portmap
- portmapper program
- 17.3.11. Sun RPC's portmapper (UDP and TCP Ports 111)
- 19.2.1. Sun's portmap/rpcbind
- 19.4.5. Unintended Disclosure of Site Information with NIS
- ports
- 16.2.4.2. TCP
- 17.1.1. The /etc/services File
- G. Table of IP Services
- trusted
: (see trusted, ports)
- positivity
: 2.4.4.2. Be positive
- POSIX
- 1.3. History of UNIX
- 1.4.2. Software Quality
- C.1.3.4. Process groups and sessions
- chown command and
: 5.7. chown: Changing a File's Owner
- Post Office Protocol
: (see POP)
- postmaster, contacting
: 24.2.4.2. How to contact the system administrator of a computer you don't know
- PostScript files
: 11.1.5. Viruses
- power outages, logging
: 10.7.1.1. Exception and activity reports
- power surges
- 12.2. Protecting Computer Hardware
- 12.2.1.8. Electrical noise
- (see also lightning)
- PPP (Point-to-Point Protocol)
- 14.5. Modems and UNIX
- 16.2. IPv4: The Internet Protocol Version 4
- preserve program
: 5.5.3.2. Another SUID example: IFS and the /usr/lib/preserve hole
- Pretty Good Privacy
: (see PGP)
- prevention, cost of
- 2.3. Cost-Benefit Analysis
- 2.3.4. Convincing Management
- primary group
: 4.1.3. Groups and Group Identifiers (GIDs)
- principals, NIS+
: 19.5.1. What NIS+ Does
- print through process
: 12.3.2.1. Verify your backups
- printers
- buffers
: 12.3.4.1. Printer buffers
- /etc/hosts.lpd file
: 17.3.18.6. /etc/hosts.lpd file
- logging to
: 10.5.2.1. Logging to a printer
- output from
: 12.3.4.2. Printer output
- ports for
: 12.3.1.4. Auxiliary ports on terminals
- priority of processes
: C.1.3.3. Process priority and niceness
- privacy
- 2.1. Planning Your Security Needs
- 2.5.2. Confidential Information
- 9. Integrity Management
- 12.3. Protecting Data
- 12.3.6. Key Switches
- (see also encryption; integrity)
- Electronic Communications Privacy Act (ECPA)
: 26.2.3. Federal Computer Crime Laws
- Secure RPC
: 19.3.4. Limitations of Secure RPC
- private-key cryptography
- 6.4. Common Cryptographic Algorithms
- 6.4.1. Summary of Private Key Systems
- privilege testing (modem)
: 14.5.3.3. Privilege testing
- privileges, file
: (see permissions)
- privileges, SUID
: (see SUID/SGID programs)
- processes
- C.1. About Processes
- C.5.3. Running the User's Shell
- accounting
- 10.2. The acct/pacct Process Accounting File
- 10.2.3. messages Log File
- group IDs
- 4.3.3. Other IDs
- C.1.3.4. Process groups and sessions
- overload attacks
- 25.2.1. Process-Overload Problems
- 25.2.1.2. System overload attacks
- priority of
: C.1.3.3. Process priority and niceness
- scheduler
: C.1.3.3. Process priority and niceness
- procmail system
: 11.5.2.5. .forward, .procmailrc
- .procmailrc file
: 11.5.2.5. .forward, .procmailrc
- .profile file
- 8.1.4.1. Restricted shells under System V UNIX
- 8.1.4.6. Potential problems with rsh
- 11.5.2.1. .login, .profile, /etc/profile
- 24.4.1.6. Changes to startup files
- programmed threats
- 11. Protecting Against Programmed Threats
- 11.6.2. Shared Libraries
- authors of
: 11.3. Authors
- checklist for
: A.1.1.10. Chapter 11: Protecting Against Programmed Threats
- protection from
: 11.5. Protecting Yourself
- references on
: D.1.4. Computer Viruses and Programmed Threats
- programming
: 23. Writing Secure SUID and Network Programs
- references for
: D.1.11. UNIX Programming and System Administration
- programs
- CGI
: (see CGI, scripts)
- integrity of
: (see integrity, data)
- for network services
: 23.3. Tips on Writing Network Programs
- rabbit
- 11.1. Programmed Threats: Definitions
- 11.1.7. Bacteria and Rabbits
- running simultaneously
: 23.2. Tips on Avoiding Security-related Bugs
- secure
: 23. Writing Secure SUID and Network Programs
- worms
: 11.1.6. Worms
- Project Athena
: (see Kerberos system)
- .project file
: 17.3.8.1. The .plan and .project files
- proprietary ownership notices
: 26.2.6. Other Tips
- prosecution, criminal
- 26.2. Criminal Prosecution
- 26.2.7. A Final Note on Criminal Actions
- protocols
- 16.2.4. Packets and Protocols
- (see also under specific protocol)
- IP
: (see IP protocols)
- Protocols table (NIS+)
: 19.5.3. NIS+ Tables
- proxies, checklist for
: A.1.1.21. Chapter 22: Wrappers and Proxies
- pruning the wtmp file
: 10.1.3.1. Pruning the wtmp file
- ps command
- 6.6.2. des: The Data Encryption Standard
- 10.1.2. utmp and wtmp Files
- 19.3.2.3. Making sure Secure RPC programs are running on every workstation
- 24.2.1. Catching One in the Act
- C.1.2. The ps Command
- C.1.2.2. Listing processes with Berkeley-derived versions of UNIX
- with kill command
: 24.2.5. Getting Rid of the Intruder
- to stop process overload
- 25.2.1.1. Too many processes
- 25.2.1.2. System overload attacks
- pseudo-devices
: 5.6. Device Files
- pseudorandom functions
: 23.6. Tips on Generating Random Numbers
- PUBDIR= command
: 15.5.2. Permissions Commands
- public-key cryptography
- 6.4. Common Cryptographic Algorithms
- 6.4.2. Summary of Public Key Systems
- 6.4.6. RSA and Public Key Cryptography
- 6.4.6.3. Strength of RSA
- 6.5.3. Digital Signatures
- 18.3. Controlling Access to Files on Your Server
- 18.6. Dependence on Third Parties
- breaking
: 19.3.4. Limitations of Secure RPC
- PGP
: 6.6.3.2. Creating your PGP public key
- proving identity with
: 19.3.1.1. Proving your identity
- publicity hounds
: 11.3. Authors
- publicizing security holes
: 2.5.1. Going Public
- publickey file
: 19.3.2.1. Creating passwords for users
- Purdue University (PCERT)
: F.3.4.30. Purdue University
- Purify
: 23.2. Tips on Avoiding Security-related Bugs
- pwck command
: 8.2. Monitoring File Format
Search |
Symbols
| A
| B
| C
| D
| E
| F
| G
| H
| I
| J
| K
| L
| M
| N
| O
| P
| Q
| R
| S
| T
| U
| V
| W
| X
| Y
| Z
Copyright © 1999
O'Reilly & Associates, Inc.
All Rights Reserved.