This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com [ Team LiB ] • • • • • Table of Contents Index Reviews Reader Reviews Errata Practical Unix & Internet Security, 3rd Edition By Simson Garfinkel, Alan Schwartz, Gene Spafford Publisher Pub Date ISBN Pages : O'Reilly : February 2003 : 0-596-00323-4 : 984 This new edition of Practical Unix & Internet Security provides detailed coverage of today's increasingly important security and networking issues Focusing on the four most popular Unix variants today Solaris, Mac OS X, Linux, and FreeBSD this book contains new information on PAM (Pluggable Authentication Modules), LDAP, SMB/Samba, anti-theft technologies, embedded systems, wireless and laptop issues, forensics, intrusion detection, chroot jails, telephone scanners and firewalls, virtual and cryptographic filesystems, WebNFS, kernel security levels, outsourcing, legal issues, new Internet protocols and cryptographic algorithms, and much more [ Team LiB ] This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com [ Team LiB ] • • • • • Table of Contents Index Reviews Reader Reviews Errata Practical Unix & Internet Security, 3rd Edition By Simson Garfinkel, Alan Schwartz, Gene Spafford Publisher Pub Date ISBN Pages : O'Reilly : February 2003 : 0-596-00323-4 : 984 Copyright Preface Unix "Security"? Scope of This Book Which Unix System? Conventions Used in This Book Comments and Questions Acknowledgments A Note to Would-Be Attackers Part I: Computer Security Basics Chapter Introduction: Some Fundamental Questions Section 1.1 What Is Computer Security? Section 1.2 What Is an Operating System? Section 1.3 What Is a Deployment Environment? Section 1.4 Summary Chapter Unix History and Lineage Section 2.1 History of Unix Section 2.2 Security and Unix Section 2.3 Role of This Book Section 2.4 Summary Chapter Policies and Guidelines Section 3.1 Planning Your Security Needs This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com Section 3.2 Section 3.3 Section 3.4 Section 3.5 Section 3.6 Section 3.7 Section 3.8 Risk Assessment Cost-Benefit Analysis and Best Practices Policy Compliance Audits Outsourcing Options The Problem with Security Through Obscurity Summary Part II: Security Building Blocks Chapter Users, Passwords, and Authentication Section 4.1 Logging in with Usernames and Passwords Section 4.2 The Care and Feeding of Passwords Section 4.3 How Unix Implements Passwords Section 4.4 Network Account and Authorization Systems Section 4.5 Pluggable Authentication Modules (PAM) Section 4.6 Summary Chapter Users, Groups, and the Superuser Section 5.1 Users and Groups Section 5.2 The Superuser (root) Section 5.3 The su Command: Changing Who You Claim to Be Section 5.4 Restrictions on the Superuser Section 5.5 Summary Chapter Filesystems and Security Section 6.1 Understanding Filesystems Section 6.2 File Attributes and Permissions Section 6.3 chmod: Changing a File's Permissions Section 6.4 The umask Section 6.5 SUID and SGID Section 6.6 Device Files Section 6.7 Changing a File's Owner or Group Section 6.8 Summary Chapter Cryptography Basics Section 7.1 Understanding Cryptography Section 7.2 Symmetric Key Algorithms Section 7.3 Public Key Algorithms Section 7.4 Message Digest Functions Section 7.5 Summary Chapter Physical Security for Servers Section 8.1 Planning for the Forgotten Threats Section 8.2 Protecting Computer Hardware Section 8.3 Preventing Theft Section 8.4 Protecting Your Data Section 8.5 Story: A Failed Site Inspection Section 8.6 Summary Chapter Personnel Security Section 9.1 Background Checks Section 9.2 On the Job Section 9.3 Departure This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com Section 9.4 Other People Section 9.5 Summary Part III: Network and Internet Security Chapter 10 Modems and Dialup Security Section 10.1 Modems: Theory of Operation Section 10.2 Modems and Security Section 10.3 Modems and Unix Section 10.4 Additional Security for Modems Section 10.5 Summary Chapter 11 TCP/IP Networks Section 11.1 Networking Section 11.2 IP: The Internet Protocol Section 11.3 IP Security Section 11.4 Summary Chapter 12 Securing TCP and UDP Services Section 12.1 Understanding Unix Internet Servers and Services Section 12.2 Controlling Access to Servers Section 12.3 Primary Unix Network Services Section 12.4 Managing Services Securely Section 12.5 Putting It All Together: An Example Section 12.6 Summary Chapter 13 Sun RPC Section 13.1 Remote Procedure Call (RPC) Section 13.2 Secure RPC (AUTH_DES) Section 13.3 Summary Chapter 14 Network-Based Authentication Systems Section 14.1 Sun's Network Information Service (NIS) Section 14.2 Sun's NIS+ Section 14.3 Kerberos Section 14.4 LDAP Section 14.5 Other Network Authentication Systems Section 14.6 Summary Chapter 15 Network Filesystems Section 15.1 Understanding NFS Section 15.2 Server-Side NFS Security Section 15.3 Client-Side NFS Security Section 15.4 Improving NFS Security Section 15.5 Some Last Comments on NFS Section 15.6 Understanding SMB Section 15.7 Summary Chapter 16 Secure Programming Techniques Section 16.1 One Bug Can Ruin Your Whole Day Section 16.2 Tips on Avoiding Security-Related Bugs Section 16.3 Tips on Writing Network Programs Section 16.4 Tips on Writing SUID/SGID Programs Section 16.5 Using chroot( ) This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com Section 16.6 Tips on Using Passwords Section 16.7 Tips on Generating Random Numbers Section 16.8 Summary Part IV: Secure Operations Chapter 17 Keeping Up to Date Section 17.1 Software Management Systems Section 17.2 Updating System Software Section 17.3 Summary Chapter 18 Backups Section 18.1 Why Make Backups? Section 18.2 Backing Up System Files Section 18.3 Software for Backups Section 18.4 Summary Chapter 19 Defending Accounts Section 19.1 Dangerous Accounts Section 19.2 Monitoring File Format Section 19.3 Restricting Logins Section 19.4 Managing Dormant Accounts Section 19.5 Protecting the root Account Section 19.6 One-Time Passwords Section 19.7 Administrative Techniques for Conventional Passwords Section 19.8 Intrusion Detection Systems Section 19.9 Summary Chapter 20 Integrity Management Section 20.1 The Need for Integrity Section 20.2 Protecting Integrity Section 20.3 Detecting Changes After the Fact Section 20.4 Integrity-Checking Tools Section 20.5 Summary Chapter 21 Auditing, Logging, and Forensics Section 21.1 Unix Log File Utilities Section 21.2 Process Accounting: The acct/pacct File Section 21.3 Program-Specific Log Files Section 21.4 Designing a Site-Wide Log Policy Section 21.5 Handwritten Logs Section 21.6 Managing Log Files Section 21.7 Unix Forensics Section 21.8 Summary Part V: Handling Security Incidents Chapter 22 Discovering a Break-in Section 22.1 Prelude Section 22.2 Discovering an Intruder Section 22.3 Cleaning Up After the Intruder Section 22.4 Case Studies Section 22.5 Summary Chapter 23 Protecting Against Programmed Threats This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com Chapter 23 Protecting Against Programmed Threats Section 23.1 Programmed Threats: Definitions Section 23.2 Damage Section 23.3 Authors Section 23.4 Entry Section 23.5 Protecting Yourself Section 23.6 Preventing Attacks Section 23.7 Summary Chapter 24 Denial of Service Attacks and Solutions Section 24.1 Types of Attacks Section 24.2 Destructive Attacks Section 24.3 Overload Attacks Section 24.4 Network Denial of Service Attacks Section 24.5 Summary Chapter 25 Computer Crime Section 25.1 Your Legal Options After a Break-in Section 25.2 Criminal Hazards Section 25.3 Criminal Subject Matter Section 25.4 Summary Chapter 26 Who Do You Trust? Section 26.1 Can You Trust Your Computer? Section 26.2 Can You Trust Your Suppliers? Section 26.3 Can You Trust People? Section 26.4 Summary Part VI: Appendixes Appendix A Unix Security Checklist Section A.1 Preface Section A.2 Chapter 1: Introduction: Some Fundamental Questions Section A.3 Chapter 2: Unix History and Lineage Section A.4 Chapter 3: Policies and Guidelines Section A.5 Chapter 4: Users, Passwords, and Authentication Section A.6 Chapter 5: Users, Groups, and the Superuser Section A.7 Chapter 6: Filesystems and Security Section A.8 Chapter 7: Cryptography Basics Section A.9 Chapter 8: Physical Security for Servers Section A.10 Chapter 9: Personnel Security Section A.11 Chapter 10: Modems and Dialup Security Section A.12 Chapter 11: TCP/IP Networks Section A.13 Chapter 12: Securing TCP and UDP Services Section A.14 Chapter 13: Sun RPC Section A.15 Chapter 14: Network-Based Authentication Systems Section A.16 Chapter 15: Network Filesystems Section A.17 Chapter 16: Secure Programming Techniques Section A.18 Chapter 17: Keeping Up to Date Section A.19 Chapter 18: Backups Section A.20 Chapter 19: Defending Accounts Section A.21 Chapter 20: Integrity Management Section A.22 Chapter 21: Auditing, Logging, and Forensics Section A.23 Chapter 22: Discovering a Break-In This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com Section A.24 Section A.25 Section A.26 Section A.27 Section A.28 Section A.29 Section A.30 Chapter 23: Protecting Against Programmed Threats Chapter 24: Denial of Service Attacks and Solutions Chapter 25: Computer Crime Chapter 26: Who Do You Trust? Appendix A: Unix Security Checklist Appendix B: Unix Processes Appendixes C, D, and E: Paper Sources, Electronic Sources, and Organizations Appendix B Unix Processes Section B.1 About Processes Section B.2 Signals Section B.3 Controlling and Examining Processes Section B.4 Starting Up Unix and Logging In Appendix C Paper Sources Section C.1 Unix Security References Section C.2 Other Computer References Appendix D Electronic Resources Section D.1 Mailing Lists Section D.2 Web Sites Section D.3 Usenet Groups Section D.4 Software Resources Appendix E Organizations Section E.1 Professional Organizations Section E.2 U.S Government Organizations Section E.3 Emergency Response Organizations Colophon Index [ Team LiB ] This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com [ Team LiB ] Copyright Copyright © 2003, 1996, 1991 O'Reilly & Associates, Inc Printed in the United States of America Published by O'Reilly & Associates, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472 O'Reilly & Associates books may be purchased for educational, business, or sales promotional use Online editions are also available for most titles (http://safari.oreilly.com) For more information, contact our corporate/institutional sales department: (800) 998-9938 or corporate@oreilly.com Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered trademarks of O'Reilly & Associates, Inc Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks Where those designations appear in this book, and O'Reilly & Associates, Inc was aware of a trademark claim, the designations have been printed in caps or initial caps The association between the image of a safe and the topic of Unix and Internet security is a trademark of O'Reilly & Associates, Inc While every precaution has been taken in the preparation of this book, the publisher and authors assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein [ Team LiB ] This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com [ Team LiB ] Preface It's been 11 years since the publication of Practical Unix Security—and years since Practical Unix and Internet Security was published—and oh, what a difference that time has made! In 1991, the only thing that most Americans knew about Unix and the Internet was that they were some sort of massive computer network that had been besieged by a "computer virus" in 1988 By 1996, when our second edition was published, the Internet revolution was just beginning to take hold, with more than 10 million Americans using the Internet on a regular basis to send electronic mail, cruise the World Wide Web, and sometimes even shop Today it is increasingly difficult for people in much of the world to remember the pre-Internet era Perhaps 500 million people around the world now use the Internet, with several billion more touched by it in some manner In the United States more than half the population uses the Internet on a daily basis We have watched an Internet revolution become a dot-com craze, which then became a bust And nobody remembers that 1988 Internet worm anymore—these days, most Internet users are bombarded by network worms on a daily basis Despite our greater reliance on network computing, the Internet isn't a safer place today than it was in 1991 or in 1996 If anything, the Internet is considerably less secure Security mishaps on the Internet continue to be front-page stories in newspapers throughout the world Sadly, these flaws continue to be accommodated rather than corrected.[1] The results are increasingly disastrous The second edition of this book, for example, noted a security incident in which 20,000 people had their credit card numbers stolen from an Internet service provider; a few months before this third edition went to print, attackers broke into a system operated for the State of California and downloaded personal information on 262,000 state employees Included in the haul were names, addresses, Social Security numbers—everything needed for identity theft.[2] [1] We note, however, that the vast majority of viruses, worms, security flaws, and incidents tend to occur in non-Unix systems [2] http://www.gocsi.com/press/20020407.html Computer crime and the threat of cyberterrorism continue to be growing problems Every year the Computer Security Institute (CSI) and the San Francisco Federal Bureau of Investigation (FBI) Computer Intrusion Squad survey organizations to find their current level of computer crime and intrusions The 2002 survey had 503 responses from security practitioners in U.S corporations, government agencies, financial institutions, medical institutions, and universities Some of the results of the survey include: Ninety percent of respondents (primarily large corporations and government agencies) detected computer security breaches within the last 12 months.[3] [3] This may mean the others had incidents too, but were unable to detect them or declined to report them Eighty percent acknowledged financial losses as a result of system security breaches The combined loss of the 223 respondents who gave dollar values for their annual loss was more than $456 million, of which $171 million was the theft of proprietary information, and $116 million was financial fraud Contrary to conventional wisdom that insiders are a bigger threat than outsiders, 74% of respondents cited their Internet connection as a frequent point of attack, versus 33% who cited their internal systems as a frequent point of attack (Of course, insiders could be attacking through the Internet to make themselves look like outsiders.) This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com Slightly more than one-third (34%) reported the intrusions to law enforcement—up from 16% reporting in 1996 Incidents reported included: Computer viruses (85%) Employees abusing their Internet connection, such as downloading pornography or pirated software, or sending inappropriate email (78%) Penetration from outside the organization (40%) Denial of service (DOS) attacks (40%) Unauthorized access or misuse of the company's web sites (38%) One quarter of the respondents who suffered attacks said that they had experienced between and incidents; 39% said that they had experienced 10 or more incidents The average reported financial loss per company per year was in excess of $2 million What all of these numbers mean for Unix? To be sure, most of the systems in use today are based on Microsoft's Windows operating system Unix and Unix variants are certainly more secure than Windows, for reasons that we'll discuss in this book Nevertheless, experience tells us that a poorlyadministered Unix computer can be just as vulnerable as a typical Windows system: if you have a vulnerability that is known, an attacker can find it, exploit it, and take over your computer It is our goal in this book to show you how to prevent yourself from ever experiencing this fate—and if you do, it is our goal to tell you what to about it [ Team LiB ] This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com [ Team LiB ] [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] tables (NIS+) 2nd TACACS and TACACS+ protocols tagging, hardware TAI (International Atomic Time) taint option, Perl tainting taintperl Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw By the talk program 2nd talk service tandem backup Tanenbaum, Andrew S Tangled Web (Power, Richard) tape drives cleaning problems with world-readable tapes [See also media] degradation of print through process upgrading tar program 2nd 3rd 4th 5th TCB (trusted computing base) /tcb directory TCFS (Transparent Cryptographic Filesystem) tcov tester TCP (Transmission Control Protocol) 2nd 3rd [See also network services]4th connections, clogging connections, controlling [See TCP Wrappers program] TCP Wrappers program 2nd 3rd 4th -DPARANOID option -DPROCESS_OPTION option -DPROCESS_OPTIONS option 2nd configuration language for finger daemons provided with inetd and 2nd IP spoofing and tcpdchk utility for tcpdmatch utility for UDP support TCP/IP [See also networks] authentication with ident security checklist for TCP/IP Network Administration (Hunt, Craig) TCP/IP networks SMB running on tcpd program 2nd [See also TCP Wrappers program; TCP/IP] tcpdchk utility tcpdmatch utility tcpdump command 2nd tcpserver program tcsh [See also shells] history file tcshrc file TD (Transmit Data) telephone firewalls telephone lines leasing one-way physical security of sweeping This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com unauthorized telephones [See also modems] cellular, computer malfunctions caused by recording call information scanners for security checklist for service, loss of tracing connections from telnet program 2nd 3rd 4th compared to rlogin verifying new password with Telnet utility telnetd program back doors in temperature, effects on hardware TEMPEST system terminal emulators terminal service, remote 2nd terminals [See hardware] terrorism testing employee modems software 2nd TeX files, Trojan horses in TFTP (Trivial File Transfer Protocol) 2nd tftpd daemon The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography (Singh, Simon) theft of backups theft of hardware 2nd encryption and locks preventing precautions for RAM theft recovery for 2nd tagging preventing thieves, planting programmed threats thin-client Unix systems third-party billing Thomas, Robert and Carleen Thompson, Ken "Reflections on Trusting Trust" 2nd crypt() designed by discussing password security Unix developed by threads threats estimating probability of identifying and quantifying 2nd mailing list for replay attacks three-way handshake, TCP tickets (Kerberos) 2nd Tiger system tilde (~) ~! in mail messages as home directory time [See also NTP; system clock] defining random seed by determining accurately file modification granularity of modification time service 2nd time-sharing 2nd timeouts 2nd This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com timestamp, Secure RPC window Timezone table (NIS+) tip command 2nd 3rd 4th 5th TLS protocol 2nd TMOUT variable tmp directory, overload attacks using tmpfile() system call token cards toll fraud tools [See software] top command 2nd Torvalds, Linus traceroute command tracing connections tracing programs traffic analysis training, employees transaction audits Transmission Control Protocol [See TCP] Transmit Data (TD) Transparent Cryptographic Filesystem (TCFS) transposition ciphers trap doors [See back doors]2nd [See back doors] trashing tree structure attacks trimlog system Triple-DES (3DES) algorithm Tripwire package 2nd Trivial File Transfer Protocol (TFTP) Trojan horses 2nd 3rd as common threat Kerberos and in mass-market software NFS and X clients Trojan processes truck bombs, as destructive attack True Names and Other Dangers (Vinge, Vernor) truncate() system call trust checklist for in computers 2nd 3rd in consultants in employees in log files in network providers in security response teams in software in system administrator in vendors 2nd trusted computing base (TCB) trusted hosts Trusted Linux trusted path trusted ports 2nd Trusted Solaris trusted Unix [See secure Unix systems] trusted users Tse Huong Choo ttymon program ttys file 2nd 3rd 4th ttytab file ttywatch program tunefs command tunneling 2nd two-key cryptography This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com twoftpd server TZ variable [ Team LiB ] This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com [ Team LiB ] [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] U.S Secret Service (USSS) UDP (User Datagram Protocol) 2nd 3rd [See also network services] DNS and NFS protocol built on TCP Wrappers support for UDP socket UFS (Unix File System) 2nd ufsdump [See dump program] UIDs (user identifiers) 2nd 3rd 4th 5th [See also SUID programs] for superuser real versus effective 2nd and RPC requests for server process stored in inodes su command and switching temporarily zero [See root account superuser] ulimit command Ultrix 2nd umask 2nd UMNT request UMNTALL request unattended terminals Underground (Dreyfus, Suelette) underscore (_), in hostnames Unicode unintended disclosure and uninterruptable power supply [See UPS] unison program United States federal computer crime laws federal jurisdiction Universal Coordinated Time (UTC) Unix [See also specific operating systems] add-on functionality of current trends deployment environments using free versions of history of 2nd 3rd 4th installing new system kernel [See kernel] mobile versions of open source parts of published resources for secure versions of security and 2nd security policy [See policy, security] servers starting up system database files system software, updating thin-client systems utilities 2nd versions covered in this book versions of Unix domain socket Unix File System [See UFS] The UNIX Programming Environment (Kernighan, Brian; Ritchie, Dennis; Pike, Rob) Unix Support Group (USG) UNIX System Administration Handbook (Nemeth, Evi; Snyder, Garth; Seebass, Scott; Hein, Trent R.) This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com UNIX System Security (Wood, Patrick H and Kochan, Stephen G.) Unix-to-Unix Copy System (UUCP) unowned files unsecure unshare command upgrades backing out of logging sensitive UPS (uninterruptable power supply) 2nd uptime account urandom device Usenet [See also NNTP] groups, security-related news user reporting security holes on USENIX/SAGE Association User Datagram Protocol [See UDP] user IDs [See UIDs] usermod command -e option -f option -s option usernames aliases for doubling as passwords (Joes) 2nd for superuser switching temporarily users [See also employees; groups; superuser]2nd accidentally deleting files assigning passwords to auditing equipment access of auditing system activity of authenticating backup errors of effects of obscurity on identifiers for [See UIDs] importing to NIS server 2nd as intruders logging monitoring NIS passwords for nobody 2nd participation in security policy power users security awareness of 2nd 3rd 4th security checklist for 2nd security regarding security threats caused by 2nd sending messages to summarizing filesystem usage by switching temporarily system trusted users command 2nd USG (Unix Support Group) /usr directory [See also /var directory] /usr/adm directory /usr/bin directory /usr/bin/uudecode [See uudecode program] /usr/etc/yp/makedbm program /usr/lib directory /usr/lib/preserve program /usr/lib/sendmail [See sendmail program] /usr/lib/uucp/Devices file /usr/lib/uucp/L-devices file This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com /usr/local/lib directory /usr/sbin/rexecd [See rexec service] /usr/ucb directory USSS (U.S Secret Service) UTC (Universal Coordinated Time) utilities, Unix security vulnerabilities with standard utimes() system call utmp file 2nd 3rd 4th utmpx file UUCP (Unix-to-Unix Copy System) uucp user uudecode program [ Team LiB ] This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com [ Team LiB ] [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] VA Linux vacation program vampire taps vandalism vandals, computer [See intruders] /var directory [See also /usr firectory]2nd /var/adm directory /var/adm/acct file /var/adm/lastlog file /var/adm/loginlog file /var/adm/messages file /var/adm/savacct file /var/adm/wtmp file /var/log directory variables, bounds checking Varley, John (Press Enter) VC-I video encryption algorithm vendors security access given to all-in-one contracts corporate stability of evaluating employees of experience of hackers as mailing lists for referrals and references for trusting software loss of trusting 2nd Venema, Wietse 2nd 3rd 4th 5th 6th 7th ventilation access through holes (in hardware) VERB command, SMTP vfork() system call vfstab file vi editor 2nd 3rd vibrations, effects on hardware Viega, John (Building Secure Software) Vinge, Vernor (True Names and Other Dangers) vipw command virtual filesystem interface Virtual Light (Gibson, William) virtual nodes Virtual Private Network (VPN) The Virus Bulletin viruses 2nd on distribution disk email published resources on visitors, security regarding vnode interface [See virtual filesystem interface] vold.log file voltage spikes [See power, surges] VonStorch, William (Computer Crime: A Crimefighter's Handbook) VPN (Virtual Private Network) VRFY command, SMTP 2nd 3rd vsnprintf() system call vsprintf() system call 2nd This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com vsyslog() system call [ Team LiB ] This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com [ Team LiB ] [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] w command 2nd 3rd Wall, Larry (Programming Perl) WANs (Wide Area Networks) war warez water damage humidity sprinkler systems Wayner, Peter (Disappearing Cryptography) web hosting, restricted filesystems and web pages, Trojan horses in web servers logging user account for web sites for this book logging dowloaded files from for RFCs security-related WebNFS well-known ports Welsh, Matt (Running Linux) wheel group 2nd members becoming superuser using su command who command 2nd 3rd 4th 5th who service whodo command 2nd whois command 2nd 3rd whois service wide area networks (WANs) window, time [See time] windows (glass), security aspects wireless networks eavesdropping on jamming one-time passwords for transmitter security wireless transmission [See radio transmissions] wiretapping [See eavesdropping] WIZ command, SMTP 2nd wizard's password (sendmail) Wood, Charles Cresson (Computer Security: A Comprehensive Controls Checklist) Wood, Patrick H (UNIX System Security) workstations [See hardware] World Wide Web (WWW) [See HTTP web sites] world-readable devices world-writable files/directories worm program [See Internet worm program] worms 2nd WRITE function (RPC) write permission directories files write program timeouts on Trojan horses and write() system call write-protection backups disk drive This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com wtmp file 2nd displayed by last program pruning su command and wtmpx file 2nd wuarchive FTP daemon wuftpd server www user [ Team LiB ] This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com [ Team LiB ] [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] X clients X service X Window System attacks on compared to LDAP security and terminals, protecting local storage in tunneling with X/Open Consortium X0hosts file xargs command 2nd Xauthority facility, magic cookies Xauthority file xclock xdm system XDR (external data representation) 2nd XENIX operating system Xerox Networks System (XNS) xferlog file xhost command xinetd Xinu operating system XNS (Xerox Networks System) xterm [ Team LiB ] This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com [ Team LiB ] [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] Yellow Pages (YP) NIS Ylonen, Tatu YP [See Yellow Pages] ypbind daemon 2nd ypcat publickey command yppasswd command 2nd 3rd ypserv daemon ypset command [ Team LiB ] This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com [ Team LiB ] [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] Zadok, Erez zebra daemon zombie processes 2nd zone transfers (DNS) 2nd 3rd Zwicky, Elizabeth D (Building Internet Firewalls) [ Team LiB ] This document is created with a trial version of CHM2PDF Pilot http://www.colorpilot.com Brought to You by: ... and Internet Security Chapter 10 Modems and Dialup Security Section 10.1 Modems: Theory of Operation Section 10.2 Modems and Security Section 10.3 Modems and Unix Section 10.4 Additional Security... Team LiB ] Preface It's been 11 years since the publication of Practical Unix Security—and years since Practical Unix and Internet Security was published—and oh, what a difference that time has... Networking Section 11.2 IP: The Internet Protocol Section 11.3 IP Security Section 11.4 Summary Chapter 12 Securing TCP and UDP Services Section 12.1 Understanding Unix Internet Servers and Services