start page | rating of books | rating of authors | reviews | copyrights
Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
Index: P
- pacct file : 10.2. The acct/pacct Process Accounting File
- pack program : 6.6.1.2. Ways of improving the security of crypt
- packet sniffing : 16.3.1. Link-level Security
- packet-switching networks : 16.2. IPv4: The Internet Protocol Version 4
- packets : (see IP packets)
- paper
- backups on : 24.5.1. Never Trust Anything Except Hardcopy
- copies : 7.3.2. Building an Automatic Backup System
- logging on : 10.7. Handwritten Logs
- shredders for : 12.3.3. Other Media
- throwing out : 12.3.3. Other Media
- parent processes : C.2. Creating Processes
- partitions : 25.2.2.4. Using partitions to protect your users
- backup by : 7.1.3. Types of Backups
- root : (see root directory)
- pass phrases : (see passwords)
- pass phrases for PGP
- 6.6.3.1. Encrypting files with IDEA
- (see also passwords)
- passive FTP
- 17.3.2.2. Passive vs. active FTP
- 17.3.2.3. FTP passive mode
- passwd command
- 3.4. Changing Your Password
- 8.6.2. What Is Salt?
- as SUID program : 5.5. SUID
- -l option
- 8.4.1. Changing an Account's Password
- 8.8.8. Disabling an Account by Changing Its Password
- -n option : 8.8.6. Password Aging and Expiration
- -x option : 8.8.6. Password Aging and Expiration
- -f nomemory option : 3.5. Verifying Your New Password
- using as superuser : 3.5. Verifying Your New Password
- passwd file
- 1.2. What Is an Operating System?
- 3.2.1. The /etc/passwd File
- 3.2.2. The /etc/passwd File and Network Databases
- 4.2.3. Impact of the /etc/passwd and /etc/group Files on Security
- 7.1.2. What Should You Back Up?
- 8.1.1. Accounts Without Passwords
- 8.6. The UNIX Encrypted Password System
- 15.1.4. How the UUCP Commands Work
- 24.4.1. New Accounts
- C.5.1. Process #1: /etc/init
- (see /etc/passwd file)
- Passwd table (NIS+) : 19.5.3. NIS+ Tables
- passwd+ package
- 8.8.2. Constraining Passwords
- 8.8.4. Password Generators
- password coach : 8.8.4. Password Generators
- password file : 19.4.4.6. NIS is confused about "+"
- password modems : 14.6. Additional Security for Modems
- password.adjunct file : 8.8.5. Shadow Password Files
- passwords
- 3.2. Passwords
- 3.6.1. Bad Passwords: Open Doors
- 3.8. Summary
- 23.5. Tips on Using Passwords
- accounts without : 8.1.1. Accounts Without Passwords
- assigning to users : 8.8.1. Assigning Passwords to Users
- avoiding conventional
- 8.8. Administrative Techniques for Conventional Passwords
- 8.8.9. Account Names Revisited: Using Aliases for Increased Security
- bad choices for
- 3.6.1. Bad Passwords: Open Doors
- 3.6.4. Passwords on Multiple Machines
- changing
- 3.4. Changing Your Password
- 3.5. Verifying Your New Password
- 8.4.1. Changing an Account's Password
- 8.8.8. Disabling an Account by Changing Its Password
- checklist for : A.1.1.2. Chapter 3: Users and Passwords
- constraining : 8.8.2. Constraining Passwords
- conventional : 3.2.6. Conventional UNIX Passwords
- cracking
- 8.6.1. The crypt() Algorithm
- 8.8.3. Cracking Your Own Passwords
- 8.8.3.2. The dilemma of password crackers
- 17.3.3. TELNET (TCP Port 23)
- encrypting
- 8.6. The UNIX Encrypted Password System
- 8.6.4. Crypt16() and Other Algorithms
- expiring : 8.8.6. Password Aging and Expiration
- federal jurisdiction over : 26.2.2. Federal Jurisdiction
- FTP and : 17.3.2. (FTP) File Transfer Protocol (TCP Ports 20 and 21)
- generators of : 8.8.4. Password Generators
- hit lists of : 3.6.1. Bad Passwords: Open Doors
- Kerberos : 19.6.5. Kerberos Limitations
- logging changes to : 10.7.2.1. Exception and activity reports
- logging failed attempts at : 10.5.3. syslog Messages
- for MUDs : 17.3.23. Other TCP Ports: MUDs and Internet Relay Chat (IRC)
- on multiple machines
- 3.6.4. Passwords on Multiple Machines
- 3.6.5. Writing Down Passwords
- over network connections : 23.3. Tips on Writing Network Programs
- with network services : 17.4. Security Implications of Network Services
- NIS, with Secure RPC : 19.3.2.1. Creating passwords for users
- NIS+, changing : 19.5.4.1. Changing your password
- one-time
- 3.7. One-Time Passwords
- 8.7. One-Time Passwords
- 8.7.3. Code Books
- 17.4. Security Implications of Network Services
- with POP : 17.3.10. Post Office Protocol (POP) (TCP Ports 109 and 110)
- required for Web use
- 18.3.2. Commands Within the <Directory> Block
- 18.3.3. Setting Up Web Users and Passwords
- shadow
- 8.4.1. Changing an Account's Password
- 8.8.5. Shadow Password Files
- sniffing
- 1.4.3. Add-On Functionality Breeds Problems
- 3. Users and Passwords
- 8.7. One-Time Passwords
- system clock and : 17.3.14. Network Time Protocol (NTP) (UDP Port 123)
- token cards with : 8.7.2. Token Cards
- unique, number of : 3.6.3. Good Passwords: Locked Doors
- usernames as : 8.8.3.1. Joetest: a simple password cracker
- UUCP accounts : 15.3.2. Establishing UUCP Passwords
- verifying new : 3.5. Verifying Your New Password
- wizard's (sendmail) : 17.3.4.1. sendmail and security
- writing down : 3.6.5. Writing Down Passwords
- patches, logging : 10.7.2.2. Informational material
- patents : 26.4.4. Patent Concerns
- and cryptography : 6.7.1. Cryptography and the U.S. Patent System
- PATH variable
- 8.1.4.1. Restricted shells under System V UNIX
- 8.1.4.6. Potential problems with rsh
- 23.4. Tips on Writing SUID/SGID Programs
- attacks via : 11.5.1.1. PATH attacks
- pathnames : 23.2. Tips on Avoiding Security-related Bugs
- paths : 5.1.3. Current Directory and Paths
- trusted : 8.5.3.1. Trusted path
- pax program : 7.4.2. Simple Archives
- PCERT (Purdue University) : F.3.4.30. Purdue University
- PCs
- viruses on : 11.1.5. Viruses
- web server on : 18.2. Running a Secure Server
- PDP-11 processors
- 1.3. History of UNIX
- 8.6.1. The crypt() Algorithm
- Penn State response team : F.3.4.29. Pennsylvania State University
- per-machine logs : 10.7.2. Per-Machine Logs
- per-site logs : 10.7.1. Per-Site Logs
- performance
- compromised
- 25.2.1. Process-Overload Problems
- 25.2.1.2. System overload attacks
- reviews : 13.2.3. Performance Reviews and Monitoring
- with Secure RPC : 19.3.4. Limitations of Secure RPC
- using FFS : 25.2.2.6. Reserved space
- perimeter, security : 12.1.1. The Physical Security Plan
- perl command
- -T option
- 18.2.3.4. Tainting with Perl
- 23.4. Tips on Writing SUID/SGID Programs
- Perl programming language
- 5.5.3. SUID Shell Scripts
- 11.1.4. Trojan Horses
- 11.5.1.2. IFS attacks
- random seed generator : 23.9. A Good Random Seed Generator
- script for reading lastlog file : 10.1.1. lastlog File
- Swatch program
- 10.6. Swatch: A Log File Tool
- 10.6.2. The Swatch Configuration File
- E.4.9. Swatch
- tainting facility : 18.2.3.4. Tainting with Perl
- permissions
- 1.1. What Is Computer Security?
- 5.1.6. Understanding File Permissions
- 5.2.4. Using Octal File Permissions
- 11.1.5. Viruses
- 11.6.1. File Protections
- 11.6.1.3. World-readable backup devices
- access control lists (ACLs)
- 5.2.5. Access Control Lists
- 5.2.5.2. HP-UX access control lists
- changing
- 5.2.1. chmod: Changing a File's Permissions
- 5.2.4. Using Octal File Permissions
- directory : 5.4. Using Directory Permissions
- /etc/utmp file : 10.1.2. utmp and wtmp Files
- intruder's modifications to : 24.4.1.2. Changes in file and directory protections
- modem devices : 14.5.2. Setting Up the UNIX Device
- modem files : 14.5.1. Hooking Up a Modem to Your Computer
- of NIS+ objects : 19.5.5. NIS+ Limitations
- octal
- 5.2.3. Calculating Octal File Permissions
- 5.2.4. Using Octal File Permissions
- of .rhosts file : 17.3.18.4. The ~/.rhosts file
- SUID programs
- 5.5. SUID
- 5.5.7. SGID Bit on Files (System V UNIX Only): Mandatory Record Locking
- symbolic links and : 5.1.7. File Permissions in Detail
- umasks
- 5.3. The umask
- 5.3.2. Common umask Values
- UUCP : 15.4.1.4. Special permissions
- Permissions file
- 15.5. Security in BNU UUCP
- 15.5.1. Permissions File
- 15.5.3. uucheck: Checking Your Permissions File
- checking with uucheck : 15.5.3. uucheck: Checking Your Permissions File
- personnel : (see employees)
- PGP (Pretty Good Privacy)
- 6.6.3. PGP: Pretty Good Privacy
- 6.6.3.6. PGP detached signatures
- -eat and -seat options : 6.6.3.3. Encrypting a message
- encrypting message with : 6.6.3.3. Encrypting a message
- encrypting Web documents : 18.4.1. Eavesdropping Over the Wire
- -ka option : 6.6.3.2. Creating your PGP public key
- -kg option : 6.6.3.2. Creating your PGP public key
- -kvc option : 6.6.3.6. PGP detached signatures
- -kxaf option : 6.6.3.2. Creating your PGP public key
- -o option : 6.6.3.6. PGP detached signatures
- -sat option : 6.6.3.4. Adding a digital signature to an announcement
- -sb option : 6.6.3.6. PGP detached signatures
- software signature : E.4. Software Resources
- ph (phonebook) server : 17.3.8.3. Replacing finger
- phantom mail : 17.3.4.2. Using sendmail to receive email
- physical security
- 12. Physical Security
- 12.4.2. "Nothing to Lose?"
- access control : 12.2.3. Physical Access
- of backups
- 7.1.6. Security for Backups
- 7.1.6.3. Data security for backups
- checklist for : A.1.1.11. Chapter 12: Physical Security
- modems
- 14.5.4. Physical Protection of Modems
- 14.6. Additional Security for Modems
- read-only filesystems : 9.1.2. Read-only Filesystems
- signal grounding : 25.3.3. Signal Grounding
- PIDs (process IDs)
- C.1.3.1. Process identification numbers (PID)
- C.1.3.4. Process groups and sessions
- Pieprzyk, Josef : 6.5.4.3. HAVAL
- PingWare program : 17.6.3. PingWare
- pipe (in Swatch program) : 10.6.2. The Swatch Configuration File
- pipes
- 18.2.3.2. Testing is not enough!
- 18.2.3.3. Sending mail
- pipes (for smoking) : 12.2.1.2. Smoke
- piracy of software
- 26.4.2.1. Software piracy and the SPA
- (see also software)
- pirated software : (see software)
- plaintext attacks : 6.2.3. Cryptographic Strength
- .plan file : 17.3.8.1. The .plan and .project files
- platforms : (see operating systems)
- play accounts : (see open accounts)
- playback attacks : 19.6.1.2. Using the ticket granting ticket
- plus sign (+)
- in hosts.equiv file : 17.3.18.5. Searching for .rhosts files
- in NIS
- 19.4. Sun's Network Information Service (NIS)
- 19.4.4.6. NIS is confused about "+"
- Point-to-Point Protocol (PPP) : 14.5. Modems and UNIX
- policy, security
- 1.2. What Is an Operating System?
- 2. Policies and Guidelines
- 2.5.3. Final Words: Risk Management Means Common Sense
- A.1.1.1. Chapter 2: Policies and Guidelines
- cost-benefit analysis
- 2.3. Cost-Benefit Analysis
- 2.3.4. Convincing Management
- risk assessment
- 2.2. Risk Assessment
- 2.2.2. Review Your Risks
- 2.5.3. Final Words: Risk Management Means Common Sense
- role of
- 2.4.1. The Role of Policy
- 2.4.4. Some Key Ideas in Developing a Workable Policy
- 2.4.4.7. Defend in depth
- politics : 11.3. Authors
- polyalphabetic ciphers : 6.3. The Enigma Encryption System
- polygraph tests : 13.1. Background Checks
- POP (Post Office Protocol) : 17.3.10. Post Office Protocol (POP) (TCP Ports 109 and 110)
- popen function
- 18.2.3.2. Testing is not enough!
- 23.2. Tips on Avoiding Security-related Bugs
- pornography : 26.4.5. Pornography and Indecent Material
- port numbers
- 23.3. Tips on Writing Network Programs
- G. Table of IP Services
- portable computers : 12.2.6.3. Portables
- portable I/O library : 1.3. History of UNIX
- portmap service
- 19.2.1. Sun's portmap/rpcbind
- 19.4.4.4. Spoofing RPC
- E.4.6. portmap
- portmapper program
- 17.3.11. Sun RPC's portmapper (UDP and TCP Ports 111)
- 19.2.1. Sun's portmap/rpcbind
- 19.4.5. Unintended Disclosure of Site Information with NIS
- ports
- 16.2.4.2. TCP
- 17.1.1. The /etc/services File
- G. Table of IP Services
- trusted : (see trusted, ports)
- positivity : 2.4.4.2. Be positive
- POSIX
- 1.3. History of UNIX
- 1.4.2. Software Quality
- C.1.3.4. Process groups and sessions
- chown command and : 5.7. chown: Changing a File's Owner
- Post Office Protocol : (see POP)
- postmaster, contacting : 24.2.4.2. How to contact the system administrator of a computer you don't know
- PostScript files : 11.1.5. Viruses
- power outages, logging : 10.7.1.1. Exception and activity reports
- power surges
- 12.2. Protecting Computer Hardware
- 12.2.1.8. Electrical noise
- (see also lightning)
- PPP (Point-to-Point Protocol)
- 14.5. Modems and UNIX
- 16.2. IPv4: The Internet Protocol Version 4
- preserve program : 5.5.3.2. Another SUID example: IFS and the /usr/lib/preserve hole
- Pretty Good Privacy : (see PGP)
- prevention, cost of
- 2.3. Cost-Benefit Analysis
- 2.3.4. Convincing Management
- primary group : 4.1.3. Groups and Group Identifiers (GIDs)
- principals, NIS+ : 19.5.1. What NIS+ Does
- print through process : 12.3.2.1. Verify your backups
- printers
- buffers : 12.3.4.1. Printer buffers
- /etc/hosts.lpd file : 17.3.18.6. /etc/hosts.lpd file
- logging to : 10.5.2.1. Logging to a printer
- output from : 12.3.4.2. Printer output
- ports for : 12.3.1.4. Auxiliary ports on terminals
- priority of processes : C.1.3.3. Process priority and niceness
- privacy
- 2.1. Planning Your Security Needs
- 2.5.2. Confidential Information
- 9. Integrity Management
- 12.3. Protecting Data
- 12.3.6. Key Switches
- (see also encryption; integrity)
- Electronic Communications Privacy Act (ECPA) : 26.2.3. Federal Computer Crime Laws
- Secure RPC : 19.3.4. Limitations of Secure RPC
- private-key cryptography
- 6.4. Common Cryptographic Algorithms
- 6.4.1. Summary of Private Key Systems
- privilege testing (modem) : 14.5.3.3. Privilege testing
- privileges, file : (see permissions)
- privileges, SUID : (see SUID/SGID programs)
- processes
- C.1. About Processes
- C.5.3. Running the User's Shell
- accounting
- 10.2. The acct/pacct Process Accounting File
- 10.2.3. messages Log File
- group IDs
- 4.3.3. Other IDs
- C.1.3.4. Process groups and sessions
- overload attacks
- 25.2.1. Process-Overload Problems
- 25.2.1.2. System overload attacks
- priority of : C.1.3.3. Process priority and niceness
- scheduler : C.1.3.3. Process priority and niceness
- procmail system : 11.5.2.5. .forward, .procmailrc
- .procmailrc file : 11.5.2.5. .forward, .procmailrc
- .profile file
- 8.1.4.1. Restricted shells under System V UNIX
- 8.1.4.6. Potential problems with rsh
- 11.5.2.1. .login, .profile, /etc/profile
- 24.4.1.6. Changes to startup files
- programmed threats
- 11. Protecting Against Programmed Threats
- 11.6.2. Shared Libraries
- authors of : 11.3. Authors
- checklist for : A.1.1.10. Chapter 11: Protecting Against Programmed Threats
- protection from : 11.5. Protecting Yourself
- references on : D.1.4. Computer Viruses and Programmed Threats
- programming : 23. Writing Secure SUID and Network Programs
- references for : D.1.11. UNIX Programming and System Administration
- programs
- CGI : (see CGI, scripts)
- integrity of : (see integrity, data)
- for network services : 23.3. Tips on Writing Network Programs
- rabbit
- 11.1. Programmed Threats: Definitions
- 11.1.7. Bacteria and Rabbits
- running simultaneously : 23.2. Tips on Avoiding Security-related Bugs
- secure : 23. Writing Secure SUID and Network Programs
- worms : 11.1.6. Worms
- Project Athena : (see Kerberos system)
- .project file : 17.3.8.1. The .plan and .project files
- proprietary ownership notices : 26.2.6. Other Tips
- prosecution, criminal
- 26.2. Criminal Prosecution
- 26.2.7. A Final Note on Criminal Actions
- protocols
- 16.2.4. Packets and Protocols
- (see also under specific protocol)
- IP : (see IP protocols)
- Protocols table (NIS+) : 19.5.3. NIS+ Tables
- proxies, checklist for : A.1.1.21. Chapter 22: Wrappers and Proxies
- pruning the wtmp file : 10.1.3.1. Pruning the wtmp file
- ps command
- 6.6.2. des: The Data Encryption Standard
- 10.1.2. utmp and wtmp Files
- 19.3.2.3. Making sure Secure RPC programs are running on every workstation
- 24.2.1. Catching One in the Act
- C.1.2. The ps Command
- C.1.2.2. Listing processes with Berkeley-derived versions of UNIX
- with kill command : 24.2.5. Getting Rid of the Intruder
- to stop process overload
- 25.2.1.1. Too many processes
- 25.2.1.2. System overload attacks
- pseudo-devices : 5.6. Device Files
- pseudorandom functions : 23.6. Tips on Generating Random Numbers
- PUBDIR= command : 15.5.2. Permissions Commands
- public-key cryptography
- 6.4. Common Cryptographic Algorithms
- 6.4.2. Summary of Public Key Systems
- 6.4.6. RSA and Public Key Cryptography
- 6.4.6.3. Strength of RSA
- 6.5.3. Digital Signatures
- 18.3. Controlling Access to Files on Your Server
- 18.6. Dependence on Third Parties
- breaking : 19.3.4. Limitations of Secure RPC
- PGP : 6.6.3.2. Creating your PGP public key
- proving identity with : 19.3.1.1. Proving your identity
- publicity hounds : 11.3. Authors
- publicizing security holes : 2.5.1. Going Public
- publickey file : 19.3.2.1. Creating passwords for users
- Purdue University (PCERT) : F.3.4.30. Purdue University
- Purify : 23.2. Tips on Avoiding Security-related Bugs
- pwck command : 8.2. Monitoring File Format
Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
Copyright © 1999 O'Reilly & Associates, Inc. All Rights Reserved.