Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Index: S

with NIS/NIS+

19.3.2. Setting Up Secure RPC with NIS
19.3.4. Limitations of Secure RPC

NTP and : 19.3.1.3. Setting the window

reauthentication : 19.3.1.3. Setting the window

versus Kerberos : 19.6.2. Kerberos vs. Secure RPC

Secure Socket Layer : (see SSL)

secure terminals : 8.5.1. Secure Terminals

SecureID : 8.7.2. Token Cards

SecureNet key : 8.7.2. Token Cards

security

2.1. Planning Your Security Needs

9.1.2. Read-only Filesystems

12.1.1. The Physical Security Plan

of CGI scripts

18.2.3. Writing Secure CGI Scripts and Programs
18.2.4.1. Beware mixing HTTP with anonymous FTP

changed detection

9.2. Detecting Change
9.3. A Final Note

checking arguments : 23.2. Tips on Avoiding Security-related Bugs

critical messages to log

10.5.3. syslog Messages
10.5.3.1. Beware false log entries

cryptography

6. Cryptography
6.7.2. Cryptography and Export Controls

definition of : 1.1. What Is Computer Security?

digital signatures : (see digital signatures)

disabling finger : 17.3.8.2. Disabling finger

disk quotas : 25.2.2.5. Using quotas

dormant accounts, finding : 8.4.3. Finding Dormant Accounts

drills : 24.1.3. Rule #3: PLAN AHEAD

/etc/passwd : (see /etc/group file; /etc/passwd file)

firewalls : (see firewalls)

four steps toward : 2.4.4.7. Defend in depth

guessable passwords

3.6.1. Bad Passwords: Open Doors
3.6.4. Passwords on Multiple Machines

identification protocol : 17.3.12. Identification Protocol (auth) (TCP Port 113)

improving DES algorithm

6.4.5. Improving the Security of DES
6.4.5.2. Triple DES

IP

16.3. IP Security
16.3.3. Authentication

laws and : (see laws)

legal liability

26.4. Other Liability
26.4.7. Harassment, Threatening Communication, and Defamation

levels of NIS+ servers : 19.5.5. NIS+ Limitations

link-level : 16.3.1. Link-level Security

message digests : (see message digests)

modems and

14.4. Modems and Security
14.4.4.2. Protection against eavesdropping

monitoring : (see logging)

multilevel (defense in depth)

1.3. History of UNIX
2.4.4.7. Defend in depth
2.5.3. Final Words: Risk Management Means Common Sense
17.2. Controlling Access to Servers

name service and : 16.3.2. Security and Nameservice

national : 26.2.2. Federal Jurisdiction

network services

17.4. Security Implications of Network Services
19.1. Securing Network Services

passwords

3.2. Passwords
3.8. Summary

personnel

13. Personnel Security
13.3. Outsiders
A.1.1.12. Chapter 13: Personnel Security

policy of

1.2. What Is an Operating System?
2. Policies and Guidelines
2.5.3. Final Words: Risk Management Means Common Sense

protecting backups

7.1.6. Security for Backups
7.1.6.3. Data security for backups

published resources on

D. Paper Sources
D.2. Security Periodicals

responding to breakins

24. Discovering a Break-in
24.7. Damage Control

restricting login : 8.3. Restricting Logins

.rhosts : (see .rhosts file)

sendmail problems : 17.3.4.1. sendmail and security

Skipjack algorithm : 6.4.1. Summary of Private Key Systems

SNMP and : 17.3.15. Simple Network Management Protocol (SNMP) (UDP Ports 161 and 162)

software piracy : 26.4.2.1. Software piracy and the SPA

standards of : 2.4.2. Standards

superuser problems : 4.2.1.5. The problem with the superuser

through obscurity

2.5. The Problem with Security Through Obscurity
2.5.3. Final Words: Risk Management Means Common Sense
8.8.9. Account Names Revisited: Using Aliases for Increased Security
18.2.4. Keep Your Scripts Secret!

tools for : 11.1. Programmed Threats: Definitions

Tripwire package

9.2.4. Tripwire
9.2.4.2. Running Tripwire

UNIX and

1. Introduction
1.4. Security and UNIX
1.4.3. Add-On Functionality Breeds Problems

user awareness of

1.4.1. Expectations
2. Policies and Guidelines
2.4.4.4. Concentrate on education
13.2.2. Ongoing Training and Awareness

UUCP : (see UUCP)

weakness-finding tools : 11.1.1. Security Tools

World Wide Web

18. WWW Security
18.7. Summary

X Window System

17.3.21.2. X security
17.3.21.3. The xhost facility

Security Emergency Response Team (SERT) : F.3.4.4. Australia: Internet .au domain

security file (UUCP) : 10.3.4. uucp Log Files

security holes

2.5. The Problem with Security Through Obscurity
(see also back doors; threats)
ftpd program : 6.5.2. Using Message Digests
mailing list for : E.1.3.3. Bugtraq
reporting : 2.5.1. Going Public
ruusend in L.cmds file : 15.4.3. L.cmds: Providing Remote Command Execution
SUID/SGID programs : 5.5.3.1. write: Example of a possible SUID/SGID security hole
/usr/lib/preserve : 5.5.3.2. Another SUID example: IFS and the /usr/lib/preserve hole
UUCP : 15.7. Early Security Problems with UUCP

sed scripts : 11.1.4. Trojan Horses

seeds, random number

23.6. Tips on Generating Random Numbers
23.8. Picking a Random Seed

select system call : 17.1.3. The /etc/inetd Program

selection lists : 18.2.3.1. Do not trust the user's browser!

self-destruct sequences : 27.2.1. Hardware Bugs

SENDFILES= command

15.5.1.3. A Sample Permissions file
15.5.2. Permissions Commands

sendmail

11.1.2. Back Doors and Trap Doors
11.5.2.5. .forward, .procmailrc
11.5.3.3. /usr/lib/aliases, /etc/aliases, /etc/sendmail/aliases, aliases.dir, or aliases.pag
17.3.4. Simple Mail Transfer Protocol (SMTP) (TCP Port 25)
17.3.4.3. Improving the security of Berkeley sendmail V8
24.2.4.2. How to contact the system administrator of a computer you don't know
(see also mail)
aliases : 11.5.3.3. /usr/lib/aliases, /etc/aliases, /etc/sendmail/aliases, aliases.dir, or aliases.pag
determining version of : 17.3.4.1. sendmail and security
.forward file : 24.4.1.6. Changes to startup files
improving Version 8 : 17.3.4.3. Improving the security of Berkeley sendmail V8
logging to syslog : 17.3.4.3. Improving the security of Berkeley sendmail V8
same Internet/NIS domain : 19.4.3. NIS Domains
security problems with : 17.3.4.1. sendmail and security

sendmail.cf file : 17.3.4. Simple Mail Transfer Protocol (SMTP) (TCP Port 25)

sensors : (see detectors)

separation of duties : 13.2.5. Least Privilege and Separation of Duties

sequence of commands : 23.2. Tips on Avoiding Security-related Bugs

serial interfaces : 14.2. Serial Interfaces

Serial Line Internet Protocol (SLIP) : 14.5. Modems and UNIX

serial numbers, logging : 10.7.1.2. Informational material

SERT (Security Emergency Response Team) : F.3.4.4. Australia: Internet .au domain

server-side includes

18.2.2.2. Additional configuration issues
18.3.2. Commands Within the <Directory> Block

servers

16.2.5. Clients and Servers

17.1. Understanding UNIX Internet Servers

17.1.3. The /etc/inetd Program

backing up : 7.2.2. Small Network of Workstations and a Server

checklist for bringing up : 17.4. Security Implications of Network Services

controlling access to : 17.2. Controlling Access to Servers

ftp : (see FTP)

http : (see http server)

load shedding : 23.3. Tips on Writing Network Programs

master/slave : (see NIS)

NIS+, security levels of : 19.5.5. NIS+ Limitations

overloading with requests : 25.3.1. Service Overloading

setting up for FTP

17.3.2.4. Setting up an FTP server
17.3.2.6. Setting up anonymous FTP with the standard UNIX FTP server

web : (see web servers)

WN : 18.3. Controlling Access to Files on Your Server

Xauthority : 17.3.21.4. Using Xauthority magic cookies

service overloading : 25.3.1. Service Overloading

services file : 17.1.1. The /etc/services File

Services table (NIS+) : 19.5.3. NIS+ Tables

SESAME (Secure European System for Applications in a Multivendor Environment) : 19.7.2. SESAME

session

hijacking : 17.3.3. TELNET (TCP Port 23)

IDs

4.3.3. Other IDs
C.1.3.4. Process groups and sessions

keys

6.4. Common Cryptographic Algorithms
19.3.1.1. Proving your identity

setgid function

4.3.3. Other IDs
23.4. Tips on Writing SUID/SGID Programs

setpgrp function : C.1.3.4. Process groups and sessions

setrlimit function : 23.2. Tips on Avoiding Security-related Bugs

setsid function : C.1.3.4. Process groups and sessions

setuid file : 4.3.1. Real and Effective UIDs

setuid function : 23.4. Tips on Writing SUID/SGID Programs

setuid/setgid : (see SUID/SGID programs)

SGID bit

5.5.1. SUID, SGID, and Sticky Bits
5.5.7. SGID Bit on Files (System V UNIX Only): Mandatory Record Locking
(see also SUID/SGID programs)
clearing with chown : 5.7. chown: Changing a File's Owner
on directories : 5.5.6. SGID and Sticky Bits on Directories
on files : 5.5.7. SGID Bit on Files (System V UNIX Only): Mandatory Record Locking

SGID files : B.3.2.2. SGID files

sh (Bourne shell)

11.5.1. Shell Features
C.5.3. Running the User's Shell
(see also shells)

sh program : 5.5.3.2. Another SUID example: IFS and the /usr/lib/preserve hole

SUID and : 5.5.2. Problems with SUID

SHA (Secure Hash Algorithm)

6.5.3. Digital Signatures
6.5.4.2. SHA

shadow file

8.1.1. Accounts Without Passwords
8.8.5. Shadow Password Files

shadow passwords

3.2.1. The /etc/passwd File
8.4.1. Changing an Account's Password
8.8.5. Shadow Password Files

Shamir, Adi

6.4.2. Summary of Public Key Systems
6.4.6. RSA and Public Key Cryptography

shar format file : 11.1.4. Trojan Horses

shareware : 27.2.2. Viruses on the Distribution Disk

shell escapes

8.1.3. Accounts That Run a Single Command
8.1.4.6. Potential problems with rsh
in L.cmds list : 15.4.3. L.cmds: Providing Remote Command Execution

shell scripts, SUID

5.5.3. SUID Shell Scripts
5.5.3.2. Another SUID example: IFS and the /usr/lib/preserve hole

shells

1.2. What Is an Operating System?

3.2.1. The /etc/passwd File

11.1.4. Trojan Horses

11.5.1. Shell Features

11.5.1.4. Filename attacks

C.2. Creating Processes

C.5.3. Running the User's Shell

changing

8.4.2. Changing the Account's Login Shell
8.7.1. Integrating One-time Passwords with UNIX

history files : 10.4.1. Shell History

one-command accounts : 8.1.3. Accounts That Run a Single Command

restricted (rsh, ksh)

8.1.4.1. Restricted shells under System V UNIX
8.1.4.6. Potential problems with rsh

UUCP : (see uucico program)

shells file : 8.4.2. Changing the Account's Login Shell

Shimomura, Tsutomu : 23.3. Tips on Writing Network Programs

shoulder surfing

3.2.4. Passwords Are a Shared Secret
5.5.2. Problems with SUID

shredders : 12.3.3. Other Media

SHTTP : (see Secure HTTP)

shutdowns and wtmp file : 10.1.3. last Program

SIGHUP signal : C.4. The kill Command

SIGKILL signal : C.4. The kill Command

Signal Ground (SG) : 14.3. The RS-232 Serial Protocol

signal grounding : 25.3.3. Signal Grounding

signals : C.3. Signals

signature : 9.2. Detecting Change

signatures : (see digital signatures)

SIGSTOP signal : C.4. The kill Command

SIGTERM signal : 25.2.1.1. Too many processes

Simple Mail Transfer Protocol (SMTP)

17.3.4. Simple Mail Transfer Protocol (SMTP) (TCP Port 25)
17.3.4.3. Improving the security of Berkeley sendmail V8

Simple Network Management Protocol : (see SNMP)

single-user mode : C.5.1. Process #1: /etc/init

Skipjack algorithm : 6.4.1. Summary of Private Key Systems

slash (/)

IFS separator : 11.5.1.2. IFS attacks

root directory

5.1.1. Directories
(see also root directory)

Slave mode (uucico) : 15.1.4. How the UUCP Commands Work

slave server

19.4. Sun's Network Information Service (NIS)
(see also NIS)

SLIP (Serial Line Internet Protocol)

14.5. Modems and UNIX
16.2. IPv4: The Internet Protocol Version 4

Small Business Community Nationwide (SBA CERT) : F.3.4.31. Small Business Association (SBA): small business community nationwide

smap program : 17.3.4.1. sendmail and security

smart cards, firewalls : 21.5. Special Considerations

smit tool : 8.8.2. Constraining Passwords

smoke and smoking : 12.2.1.2. Smoke

SMTP (Simple Mail Transfer Protocol)

17.3.4. Simple Mail Transfer Protocol (SMTP) (TCP Port 25)
17.3.4.3. Improving the security of Berkeley sendmail V8

SNA (System Network Architecture) : 16.4.2. SNA

SNEFRU algorithm : 6.5.4.4. SNEFRU

sniffers

1.4.3. Add-On Functionality Breeds Problems
3. Users and Passwords
8.7. One-Time Passwords
17.3.3. TELNET (TCP Port 23)
(see also eavesdropping)
network : 16.3. IP Security
packet : 16.3.1. Link-level Security

SNMP (Simple Network Management Protocol) : 17.3.15. Simple Network Management Protocol (SNMP) (UDP Ports 161 and 162)

snoop program : 24.2.3. Monitoring the Intruder

SOCKS : E.4.8. SOCKS

soft disk quotas : 25.2.2.5. Using quotas

software

for backups

7.4. Software for Backups
7.4.7. inode Modification Times

bugs in : (see bugs)

for checking integrity : 19.5.5. NIS+ Limitations

checking new

8.1.5.2. Checking new software
11.1.2. Back Doors and Trap Doors

consistency of : 2.1. Planning Your Security Needs

distributing : (see FTP)

exporting : 26.4.1. Munitions Export

failure of : 7.1.1.1. A taxonomy of computer failures

hacker challenges : 27.2.4. Hacker Challenges

logic bombs : 11.1.3. Logic Bombs

operating system : (see operating systems)

patches for, logging : 10.7.2.2. Informational material

quality of

1.4.2. Software Quality
1.4.3. Add-On Functionality Breeds Problems

stolen (pirated)

17.3.2.6. Setting up anonymous FTP with the standard UNIX FTP server
26.4.2.1. Software piracy and the SPA

stored via FTP : 17.3.2.6. Setting up anonymous FTP with the standard UNIX FTP server

testing : 1.4.2. Software Quality

vendor license agreements : 18.5.2. Trusting Your Software Vendor

viruses : 11.1.5. Viruses

worms : 11.1.6. Worms

software patents : 6.7.1. Cryptography and the U.S. Patent System

Software Publishers Association (SPA) : 26.4.2.1. Software piracy and the SPA

Software Security Response Team (SSRT) : F.3.4.9. Digital Equipment Corporation and customers

Solaris

1.3. History of UNIX
8.7.1. Integrating One-time Passwords with UNIX
/etc/logindevperm : 17.3.21.1. /etc/fbtab and /etc/logindevperm
process limit : 25.2.1.1. Too many processes
Secure RPC time window : 19.3.1.3. Setting the window
/var/adm/loginlog file : 10.1.4. loginlog File
wtmpx file : 10.1.2. utmp and wtmp Files

Source Code Control System (SCCS) : 7.3.2. Building an Automatic Backup System

source code, keeping secret : 2.5. The Problem with Security Through Obscurity

SPA (Software Publishers Association) : 26.4.2.1. Software piracy and the SPA

Spaf's first principle : 2.4.4.5. Have authority commensurate with responsibility

spies

11.3. Authors
14.4.4.1. Kinds of eavesdropping

spoofing : 16.3. IP Security

network connection : 8.5.3.1. Trusted path
network services : 17.5. Monitoring Your Network with netstat
NIS : 19.4.4.5. Spoofing NIS
RPCs : 19.4.4.4. Spoofing RPC

spool file : 15.1.4. How the UUCP Commands Work

spoolers, printer : 12.3.4.1. Printer buffers

sprinkler systems

12.2.1.1. Fire
(see also water)

Sprint response team : F.3.4.32. Sprint

sprintf function

23.1.1. The Lesson of the Internet Worm
23.2. Tips on Avoiding Security-related Bugs

sscanf function : 23.2. Tips on Avoiding Security-related Bugs

SSL (Secure Socket Layer) : 18.4.1. Eavesdropping Over the Wire

SSRT (Software Security Response Team) : F.3.4.9. Digital Equipment Corporation and customers

Stallman, Richard : 1. Introduction

start bit

14.1. Modems: Theory of Operation
14.2. Serial Interfaces

startup command : 10.2.1. Accounting with System V

startup files

attacks via

11.5.2. Start-up File Attacks
11.5.2.7. Other initializations

intruder's changes to : 24.4.1.6. Changes to startup files

stat function : 5.4. Using Directory Permissions

state law enforcement : 26.2.1. The Local Option

stateless : 20.1.4.3. Connectionless and stateless

static electricity : 12.2.1.8. Electrical noise

static links : 23.4. Tips on Writing SUID/SGID Programs

stdio : (see portable I/O library)

Steele, Guy L. : 1. Introduction

sticky bits : 5.5.1. SUID, SGID, and Sticky Bits

on directories : 5.5.6. SGID and Sticky Bits on Directories

stolen property : (see theft)

stop bit

14.1. Modems: Theory of Operation
14.2. Serial Interfaces

storage

12.3.4. Protecting Local Storage
12.3.4.5. Function keys

strcpy routine : 23.1.1. The Lesson of the Internet Worm

streadd function : 23.2. Tips on Avoiding Security-related Bugs

strecpy function : 23.2. Tips on Avoiding Security-related Bugs

strength, cryptographic : 6.2.3. Cryptographic Strength

of DES algorithm

6.4.4.3. DES strength
6.4.5.2. Triple DES

of RSA algorithm : 6.4.6.3. Strength of RSA

string command : 12.3.5.2. X screen savers

strtrns function : 23.2. Tips on Avoiding Security-related Bugs

su command

4.2.1.2. Superuser is not for casual use

4.3. su: Changing Who You Claim to Be

4.3.8. Other Uses of su

becoming superuser : 4.3.4. Becoming the Superuser

log of failed attempts : 4.3.7. The Bad su Log

sulog file

10.1. The Basic Log Files
10.3.2. sulog Log File

utmp and wtmp files and : 10.1.2.1. su command and /etc/utmp and /var/adm/wtmp files

subnetting : 16.2.1.2. Classical network addresses

substitution (in encryption) : 6.1.2. Cryptography and Digital Computers

SUID/SGID programs

4.3.1. Real and Effective UIDs

5.5. SUID

5.5.7. SGID Bit on Files (System V UNIX Only): Mandatory Record Locking

B.3. SUID and SGID Files

back door via : 11.1.2. Back Doors and Trap Doors

chown command and : 5.7. chown: Changing a File's Owner

chroot call and : 8.1.5.2. Checking new software

created by intruders : 24.4.1.3. New SUID and SGID files

on directories : 5.5.6. SGID and Sticky Bits on Directories

disabling (turning off) : 5.5.5. Turning Off SUID and SGID in Mounted Filesystems

finding all files

5.5.4. Finding All of the SUID and SGID Files
5.5.4.1. The ncheck command

shell scripts

5.5.3. SUID Shell Scripts
5.5.3.2. Another SUID example: IFS and the /usr/lib/preserve hole

uucp access : 15.3. UUCP and Security

writing : 23.4. Tips on Writing SUID/SGID Programs

SUID/SGID programs:writing:programming:writing:zzz] : 23. Writing Secure SUID and Network Programs

suing : (see civil actions)

sulog file

4.3.7. The Bad su Log
10.3.2. sulog Log File

sum command

6.5.5.1. Checksums
9.2.3. Checksums and Signatures

Sun Microsystem's NIS : (see NIS)

Sun Microsystems : F.3.4.34. Sun Microsystems customers

SUN-DES-1 authentication : 17.3.21.3. The xhost facility

SunOS operating system : 1.3. History of UNIX

authdes_win variable : 19.3.1.3. Setting the window
/etc/fbtab file : 17.3.21.1. /etc/fbtab and /etc/logindevperm
TFTP sand : 17.3.7. Trivial File Transfer Protocol (TFTP) (UDP Port 69)
trusted hosts and : 17.3.18.5. Searching for .rhosts files

superencryption : 6.4.5. Improving the Security of DES

superuser

4. Users, Groups, and the Superuser

4.2.1. The Superuser

4.2.1.5. The problem with the superuser

(see also root account)

abilities of : 27.1.3. What the Superuser Can and Cannot Do

becoming with su : 4.3.4. Becoming the Superuser

changing passwords

8.4.1. Changing an Account's Password
8.8.8. Disabling an Account by Changing Its Password

encryption and : 6.2.4. Why Use Encryption with UNIX?

logging attempts to become : (see sulog file)

problems with : 4.2.1.5. The problem with the superuser

restrictions on : 4.2.1.4. What the superuser can't do

TCB files : 8.5.3.2. Trusted computing base

using passwd command : 3.5. Verifying Your New Password

web server as : 18.2.1. The Server's UID

SURFnet : F.3.4.25. Netherlands: SURFnet-connected sites

surges : (see power surges)

SVR4 (System V Release 4) : 1.3. History of UNIX

swap partition : 5.5.1. SUID, SGID, and Sticky Bits

swap space : 25.2.3. Swap Space Problems

Swatch program

10.6. Swatch: A Log File Tool
10.6.2. The Swatch Configuration File
E.4.9. Swatch

SWITCH : F.3.4.35. SWITCH-connected sites

symbolic links and permissions : 5.1.7. File Permissions in Detail

symbolic-link following

18.2.2.2. Additional configuration issues
18.3.2. Commands Within the <Directory> Block

SymLinksIfOwnerMatch option : 18.3.2. Commands Within the <Directory> Block

symmetric key : (see private-key cryptography)

SYN bit : 16.2.4.2. TCP

sync system call

5.6. Device Files
8.1.3. Accounts That Run a Single Command

sys (user) : 4.1. Users and Groups

syslog facility

4.3.7. The Bad su Log

10.5. The UNIX System Log (syslog) Facility

10.5.3.1. Beware false log entries

23.1.1. The Lesson of the Internet Worm

false log entries : 10.5.3.1. Beware false log entries

where to log

10.5.2. Where to Log
10.5.2.3. Logging everything everywhere

syslog file : 17.3.4.3. Improving the security of Berkeley sendmail V8

syslog.conf file : 10.5.1. The syslog.conf Configuration File

systat service : 17.3.1. systat (TCP Port 11)

system

auditing activity on : 2.1. Planning Your Security Needs

backing up critical files

7.3. Backing Up System Files
7.3.2. Building an Automatic Backup System

control over : (see access control)

database files : 1.2. What Is an Operating System?

overload attacks : 25.2.1.2. System overload attacks

performance : (see performance)

remote, commands on : 15.1.2. uux Command

summarizing usage per user : 25.2.2.2. quot command

transfering files to other : 15.1.1. uucp Command

system (in swatch program) : 10.6.2. The Swatch Configuration File

system administration : 2.4.4.5. Have authority commensurate with responsibility

avoiding conventional passwords

8.8. Administrative Techniques for Conventional Passwords
8.8.9. Account Names Revisited: Using Aliases for Increased Security

change monitoring : 9.3. A Final Note

changing passwords

8.4.1. Changing an Account's Password
8.8.8. Disabling an Account by Changing Its Password

cleaning up /tmp directory : 25.2.4. /tmp Problems

contacting administrator : 24.2.4.2. How to contact the system administrator of a computer you don't know

controlling UUCP security : 15.3. UUCP and Security

detached signatures (PGP) : 6.6.3.6. PGP detached signatures

disabling finger system : 17.3.8.2. Disabling finger

discovering intruders

24.2. Discovering an Intruder
24.2.6. Anatomy of a Break-in

dual universes and : 5.9.1. Dual Universes

errors by : 7.1.1.1. A taxonomy of computer failures

finding largest files : 25.2.2.1. Disk-full attacks

immutable files and : 9.1.1. Immutable and Append-Only Files

locked accounts : 3.3. Entering Your Password

message authentication : 6.5.2. Using Message Digests

monitoring phantom mail : 17.3.4.2. Using sendmail to receive email

new passwords : 3.4. Changing Your Password

read-only filesystems and : 9.1.2. Read-only Filesystems

references on : D.1.11. UNIX Programming and System Administration

removing automatic backups : 18.2.3.5. Beware stray CGI scripts

sanitizing media : 12.3.2.3. Sanitize your media before disposal

trusting : 27.3.2. Your System Administrator?

weakness-finding tools : 11.1.1. Security Tools

system call : 5.1.7. File Permissions in Detail

system clock

changing

5.1.5. File Times
9.2.3. Checksums and Signatures
17.3.14. Network Time Protocol (NTP) (UDP Port 123)

for random seeds : 23.8. Picking a Random Seed

Secure RPC timestamp : 19.3.1.3. Setting the window

system files : 11.6.1.2. Writable system files and directories

initialization files : 11.5.3.5. System initialization files

system function

5.5.3.2. Another SUID example: IFS and the /usr/lib/preserve hole
18.2.3.2. Testing is not enough!
18.2.3.3. Sending mail
23.2. Tips on Avoiding Security-related Bugs

system functions, checking arguments to : 23.2. Tips on Avoiding Security-related Bugs

System Network Architecture (SNA) : 16.4.2. SNA

System V UNIX

Which UNIX System?
1.3. History of UNIX
accounting with : 10.2.1. Accounting with System V
chroot in : 8.1.5. Restricted Filesystem
default umask value : 5.3. The umask
groups and : 4.1.3.2. Groups and older AT&T UNIX
inittab program : C.5.1. Process #1: /etc/init
modems and : 14.5.1. Hooking Up a Modem to Your Computer
passwords : 8.1.1. Accounts Without Passwords
ps command with : C.1.2.1. Listing processes with systems derived from System V
random number generators : 23.7.3. drand48 ( ), lrand48 ( ), and mrand48 ( )
recent login times : 10.1.1. lastlog File
Release 4 (SVR4) : 1.3. History of UNIX
restricted shells : 8.1.4.1. Restricted shells under System V UNIX
SGI bit on files : 5.5.7. SGID Bit on Files (System V UNIX Only): Mandatory Record Locking
su command and : 4.3.6. Restricting su
SUID files, list of : B.3. SUID and SGID Files
utmp and wtmp files : 10.1.2. utmp and wtmp Files
UUCP : 15.4.1.3. Format of USERFILE entry without system name
/var/adm/loginlog file : 10.1.4. loginlog File
wtmpx file : 10.1.2. utmp and wtmp Files

Systems file : 15.3.3. Security of L.sys and Systems Files

Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z