Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
Index: S
- S/Key codetutorial scheme : Code Books
- sa command : The acct/pacct Process Accounting File
- sabotage : (see terrorism; vandalism)
- salt
- sanitizing media : Sanitize your media before disposal
- SATAN package
- savacct file : The acct/pacct Process Accounting File
- saved UID : Saved IDs
- saving backup media
- sbrk command : Tips on Avoiding Security-related Bugs
- scanf function : Tips on Avoiding Security-related Bugs
- scanning networks : Network Scanning
- SCCS (Source Code Control System)
- Scherbius, Arthur : The Enigma Encryption System
- screen savers : screen savers
- screens, multiple : Multiple screens
- script command : Rule #2: DOCUMENT
- scripts, CGI : (see CGI, scripts)
- scytales : Brief History of Cryptography
- search warrants
- searching for .rhosts file : Searching for .rhosts files
- Seberry, Jennifer : HAVAL
- secrecy, Kerberos : Authentication, data integrity, and secrecy
- secret keys : RSA and Public Key Cryptography
- Secret Service, U.S.
- Secure Hash Algorithm (SHA)
- Secure HTTP : Eavesdropping Over the Wire
- Secure NFS : Using Secure NFS
- -secure option
- secure option for /etc/exports : /etc/exports
- Secure RPC
-
- Secure RPC (AUTH_DES)
- Limitations of Secure RPC
- with NIS/NIS+
- NTP and : Setting the window
- reauthentication : Setting the window
- versus Kerberos : Kerberos vs. Secure RPC
- Secure Socket Layer : (see SSL)
- secure terminals : Secure Terminals
- SecureID : Token Cards
- SecureNet key : Token Cards
- security
-
- Planning Your Security Needs
- Read-only Filesystems
- The Physical Security Plan
- (see also integrity; physical security; system administration; threats)
- of CGI scripts
- changed detection
- checking arguments : Tips on Avoiding Security-related Bugs
- critical messages to log
- cryptography
- definition of : What Is Computer Security?
- digital signatures : (see digital signatures)
- disabling finger : Disabling finger
- disk quotas : Using quotas
- dormant accounts, finding : Finding Dormant Accounts
- drills : Rule #3: PLAN AHEAD
- /etc/passwd : (see /etc/group file; /etc/passwd file)
- firewalls : (see firewalls)
- four steps toward : Defend in depth
- guessable passwords
- identification protocol : Identification Protocol (auth) (TCP Port 113)
- improving DES algorithm
- IP
- laws and : (see laws)
- legal liability
- levels of NIS+ servers : NIS+ Limitations
- link-level : Link-level Security
- message digests : (see message digests)
- modems and
- monitoring : (see logging)
- multilevel (defense in depth)
- name service and : Security and Nameservice
- national : Federal Jurisdiction
- network services
- passwords
- personnel
- policy of
- protecting backups
- published resources on
- responding to breakins
- restricting login : Restricting Logins
- .rhosts : (see rhosts file)
- sendmail problems : sendmail and security
- Skipjack algorithm : Summary of Private Key Systems
- SNMP and : Simple Network Management Protocol (SNMP) (UDP Ports 161 and 162)
- software piracy : Software piracy and the SPA
- standards of : Standards
- superuser problems : The problem with the superuser
- through obscurity
- tools for : Programmed Threats: Definitions
- Tripwire package
- UNIX and
- user awareness of
- UUCP : (see UUCP)
- weakness-finding tools : Security Tools
- World Wide Web
- X Window System
- Security Emergency Response Team (SERT) : Australia: Internet .au domain
- security file (UUCP) : uucp Log Files
- security holes
-
- The Problem with Security Through Obscurity
- (see also back doors; threats)
- ftpd program : Using Message Digests
- mailing list for : Bugtraq
- reporting : Going Public
- ruusend in L.cmds file : cmds: Providing Remote Command Execution
- SUID/SGID programs : write: Example of a possible SUID/SGID security hole
- /usr/lib/preserve : Another SUID example: IFS and the /usr/lib/preserve hole
- UUCP : Early Security Problems with UUCP
- sed scripts : Trojan Horses
- seeds, random number
- select system call : The /etc/inetd Program
- selection lists : Do not trust the user's browser!
- self-destruct sequences : Hardware Bugs
- SENDFILES= command
- sendmail
-
- Back Doors and Trap Doors
- forward, .procmailrc
- /usr/lib/aliases, /etc/aliases, /etc/sendmail/aliases, aliases.dir, or aliases.pag
- Simple Mail Transfer Protocol (SMTP) (TCP Port 25)
- Improving the security of Berkeley sendmail V8
- How to contact the system administrator of a computer you don't know
- (see also mail)
- aliases : /usr/lib/aliases, /etc/aliases, /etc/sendmail/aliases, aliases.dir, or aliases.pag
- determining version of : sendmail and security
- .forward file : Changes to startup files
- improving Version 8 : Improving the security of Berkeley sendmail V8
- logging to syslog : Improving the security of Berkeley sendmail V8
- same Internet/NIS domain : NIS Domains
- security problems with : sendmail and security
- sendmail.cf file : Simple Mail Transfer Protocol (SMTP) (TCP Port 25)
- sensors : (see detectors)
- separation of duties : Least Privilege and Separation of Duties
- sequence of commands : Tips on Avoiding Security-related Bugs
- serial interfaces : Serial Interfaces
- Serial Line Internet Protocol (SLIP) : Modems and UNIX
- serial numbers, logging : Informational material
- SERT (Security Emergency Response Team) : Australia: Internet .au domain
- server-side includes
- servers
-
- Clients and Servers
- Understanding UNIX Internet Servers
- The /etc/inetd Program
- backing up : Small Network of Workstations and a Server
- checklist for bringing up : Security Implications of Network Services
- controlling access to : Controlling Access to Servers
- ftp : (see FTP)
- http : (see http server)
- load shedding : Tips on Writing Network Programs
- master/slave : (see NIS)
- NIS+, security levels of : NIS+ Limitations
- overloading with requests : Service Overloading
- setting up for FTP
- web : (see web servers)
- WN : Controlling Access to Files on Your Server
- Xauthority : Using Xauthority magic cookies
- service overloading : Service Overloading
- services file : The /etc/services File
- Services table (NIS+) : NIS+ Tables
- SESAME (Secure European System for Applications in a Multivendor Environment) : SESAME
- session
- setgid function
- setpgrp function : Process groups and sessions
- setrlimit function : Tips on Avoiding Security-related Bugs
- setsid function : Process groups and sessions
- setuid file : Real and Effective UIDs
- setuid function : Tips on Writing SUID/SGID Programs
- setuid/setgid : (see SUID/SGID programs)
- SGID bit
-
- SUID, SGID, and Sticky Bits
- SGID Bit on Files (System V UNIX Only): Mandatory Record Locking
- (see also SUID/SGID programs)
- clearing with chown : chown: Changing a File's Owner
- on directories : SGID and Sticky Bits on Directories
- on files : SGID Bit on Files (System V UNIX Only): Mandatory Record Locking
- SGID files : SGID files
- sh (Bourne shell)
-
- Shell Features
- Running the User's Shell
- (see also shells)
- sh program : Another SUID example: IFS and the /usr/lib/preserve hole
-
- SUID and : Problems with SUID
- SHA (Secure Hash Algorithm)
- shadow file
- shadow passwords
- Shamir, Adi
- shar format file : Trojan Horses
- shareware : Viruses on the Distribution Disk
- shell escapes
- shell scripts, SUID
- shells
-
- What Is an Operating System?
- The /etc/passwd File
- Trojan Horses
- Shell Features
- Filename attacks
- Creating Processes
- Running the User's Shell
- changing
- history files : Shell History
- one-command accounts : Accounts That Run a Single Command
- restricted (rsh, ksh)
- UUCP : (see uucico program)
- shells file : Changing the Account's Login Shell
- Shimomura, Tsutomu : Tips on Writing Network Programs
- shoulder surfing
- shredders : Other Media
- SHTTP : (see Secure HTTP)
- shutdowns and wtmp file : last Program
- SIGHUP signal : The kill Command
- SIGKILL signal : The kill Command
- Signal Ground (SG) : The RS-232 Serial Protocol
- signal grounding : Signal Grounding
- signals : Signals
- signature : Detecting Change
- signatures : (see digital signatures)
- SIGSTOP signal : The kill Command
- SIGTERM signal : Too many processes
- Simple Mail Transfer Protocol (SMTP)
- Simple Network Management Protocol : (see SNMP)
- single-user mode : Process #1: /etc/init
- Skipjack algorithm : Summary of Private Key Systems
- slash (/)
-
- IFS separator : IFS attacks
- root directory
-
- Directories
- (see also root directory)
- Slave mode (uucico) : How the UUCP Commands Work
- slave server
-
- Sun's Network Information Service (NIS)
- (see also NIS)
- SLIP (Serial Line Internet Protocol)
- Small Business Community Nationwide (SBA CERT) : Small Business Association (SBA): small business community nationwide
- smap program : sendmail and security
- smart cards, firewalls : Special Considerations
- smit tool : Constraining Passwords
- smoke and smoking : Smoke
- SMTP (Simple Mail Transfer Protocol)
- SNA (System Network Architecture) : SNA
- SNEFRU algorithm : SNEFRU
- sniffers
-
- Add-On Functionality Breeds Problems
- Users and Passwords
- One-Time Passwords
- TELNET (TCP Port 23)
- (see also eavesdropping)
- network : IP Security
- packet : Link-level Security
- SNMP (Simple Network Management Protocol) : Simple Network Management Protocol (SNMP) (UDP Ports 161 and 162)
- snoop program : Monitoring the Intruder
- SOCKS : SOCKS
- soft disk quotas : Using quotas
- software
-
- for backups
- bugs in : (see bugs)
- for checking integrity : NIS+ Limitations
- checking new
- consistency of : Planning Your Security Needs
- distributing : (see FTP)
- exporting : Munitions Export
- failure of : taxonomy of computer failures
- hacker challenges : Hacker Challenges
- logic bombs : Logic Bombs
- operating system : (see operating systems)
- patches for, logging : Informational material
- quality of
- stolen (pirated)
- stored via FTP : Setting up anonymous FTP with the standard UNIX FTP server
- testing : Software Quality
- vendor license agreements : Trusting Your Software Vendor
- viruses : Viruses
- worms : Worms
- software patents : Cryptography and the U.S. Patent System
- Software Publishers Association (SPA) : Software piracy and the SPA
- Software Security Response Team (SSRT) : Digital Equipment Corporation and customers
- Solaris
-
- History of UNIX
- Integrating One-time Passwords with UNIX
- /etc/logindevperm : /etc/fbtab and /etc/logindevperm
- process limit : Too many processes
- Secure RPC time window : Setting the window
- /var/adm/loginlog file : loginlog File
- wtmpx file : utmp and wtmp Files
- Source Code Control System (SCCS) : Building an Automatic Backup System
- source code, keeping secret : The Problem with Security Through Obscurity
- SPA (Software Publishers Association) : Software piracy and the SPA
- Spaf's first principle : Have authority commensurate with responsibility
- spies
- spoofing : IP Security
-
- network connection : Trusted path
- network services : Monitoring Your Network with netstat
- NIS : Spoofing NIS
- RPCs : Spoofing RPC
- spool file : How the UUCP Commands Work
- spoolers, printer : Printer buffers
- sprinkler systems
- Sprint response team : Sprint
- sprintf function
- sscanf function : Tips on Avoiding Security-related Bugs
- SSL (Secure Socket Layer) : Eavesdropping Over the Wire
- SSRT (Software Security Response Team) : Digital Equipment Corporation and customers
- Stallman, Richard : Introduction
- start bit
- startup command : Accounting with System V
- startup files
-
- attacks via
- intruder's changes to : Changes to startup files
- stat function : Using Directory Permissions
- state law enforcement : The Local Option
- stateless : Connectionless and stateless
- static electricity : Electrical noise
- static links : Tips on Writing SUID/SGID Programs
- stdio : (see portable I/O library)
- Steele, Guy L. : Introduction
- sticky bits : SUID, SGID, and Sticky Bits
-
- on directories : SGID and Sticky Bits on Directories
- stolen property : (see theft)
- stop bit
- storage
- strcpy routine : The Lesson of the Internet Worm
- streadd function : Tips on Avoiding Security-related Bugs
- strecpy function : Tips on Avoiding Security-related Bugs
- strength, cryptographic : Cryptographic Strength
-
- of DES algorithm
- of RSA algorithm : Strength of RSA
- string command : screen savers
- strtrns function : Tips on Avoiding Security-related Bugs
- su command
-
- Superuser is not for casual use
- su: Changing Who You Claim to Be
- Other Uses of su
- becoming superuser : Becoming the Superuser
- log of failed attempts : The Bad su Log
- sulog file
- utmp and wtmp files and : su command and /etc/utmp and /var/adm/wtmp files
- subnetting : Classical network addresses
- substitution (in encryption) : Cryptography and Digital Computers
- SUID/SGID programs
-
- Real and Effective UIDs
- SUID
- SGID Bit on Files (System V UNIX Only): Mandatory Record Locking
- SUID and SGID Files
- back door via : Back Doors and Trap Doors
- chown command and : chown: Changing a File's Owner
- chroot call and : Checking new software
- created by intruders : New SUID and SGID files
- on directories : SGID and Sticky Bits on Directories
- disabling (turning off) : Turning Off SUID and SGID in Mounted Filesystems
- finding all files
- shell scripts
- uucp access : UUCP and Security
- writing : Tips on Writing SUID/SGID Programs
- SUID/SGID programs:writing:developing:writing:zzz] : Writing Secure SUID and Network Programs
- suing : (see civil actions)
- sulog file
- sum command
- Sun Microsystem's NIS : (see NIS)
- Oracle : Oracle customers
- SUN-DES-1 authentication : The xhost facility
- SunOS operating system : History of UNIX
-
- authdes_win variable : Setting the window
- /etc/fbtab file : /etc/fbtab and /etc/logindevperm
- TFTP sand : Trivial File Transfer Protocol (TFTP) (UDP Port 69)
- trusted hosts and : Searching for .rhosts files
- superencryption : Improving the Security of DES
- superuser
-
- Users, Groups, and the Superuser
- The Superuser
- The problem with the superuser
- (see also root account)
- abilities of : What the Superuser Can and Cannot Do
- becoming with su : Becoming the Superuser
- changing passwords
- encryption and : Why Use Encryption with UNIX?
- logging attempts to become : (see sulog file)
- problems with : The problem with the superuser
- restrictions on : What the superuser can't do
- TCB files : Trusted computing base
- using passwd command : Verifying Your New Password
- web server as : The Server's UID
- SURFnet : Netherlands: SURFnet-connected sites
- surges : (see power surges)
- SVR4 (System V Release 4) : History of UNIX
- swap partition : SUID, SGID, and Sticky Bits
- swap space : Swap Space Problems
- Swatch program
- SWITCH : SWITCH-connected sites
- symbolic links and permissions : File Permissions in Detail
- symbolic-link following
- SymLinksIfOwnerMatch option : Commands Within the <Directory> Block
- symmetric key : (see private-key cryptography)
- SYN bit : TCP
- sync system call
- sys (user) : Users and Groups
- syslog facility
- syslog file : Improving the security of Berkeley sendmail V8
- syslog.conf file : The syslog.conf Configuration File
- systat service : systat (TCP Port 11)
- system
-
- auditing activity on : Planning Your Security Needs
- backing up critical files
- control over : (see access control)
- database files : What Is an Operating System?
- overload attacks : System overload attacks
- performance : (see performance)
- remote, commands on : uux Command
- summarizing usage per user : quot command
- transfering files to other : uucp Command
- system (in swatch program) : The Swatch Configuration File
- system administration : Have authority commensurate with responsibility
-
- avoiding conventional passwords
- change monitoring : Final Note
- changing passwords
- cleaning up /tmp directory : /tmp Problems
- contacting administrator : How to contact the system administrator of a computer you don't know
- controlling UUCP security : UUCP and Security
- detached signatures (PGP) : PGP detached signatures
- disabling finger system : Disabling finger
- discovering intruders
- dual universes and : Dual Universes
- errors by : taxonomy of computer failures
- finding largest files : Disk-full attacks
- immutable files and : Immutable and Append-Only Files
- locked accounts : Entering Your Password
- message authentication : Using Message Digests
- monitoring phantom mail : Using sendmail to receive email
- new passwords : Changing Your Password
- read-only filesystems and : Read-only Filesystems
- references on : UNIX Developing and System Administration
- removing automatic backups : Beware stray CGI scripts
- sanitizing media : Sanitize your media before disposal
- trusting : Your System Administrator?
- weakness-finding tools : Security Tools
- system call : File Permissions in Detail
- system clock
-
- changing
- for random seeds : Picking a Random Seed
- Secure RPC timestamp : Setting the window
- system files : Writable system files and directories
-
- initialization files : System initialization files
- system function
- system functions, checking arguments to : Tips on Avoiding Security-related Bugs
- System Network Architecture (SNA) : SNA
- System V UNIX
-
- Which UNIX System?
- History of UNIX
- accounting with : Accounting with System V
- chroot in : Restricted Filesystem
- default umask value : The umask
- groups and : Groups and older AT&T UNIX
- inittab program : Process #1: /etc/init
- modems and : Hooking Up a Modem to Your Computer
- passwords : Accounts Without Passwords
- ps command with : Listing processes with systems derived from System V
- random number generators : drand48 ( ), lrand48 ( ), and mrand48 ( )
- recent login times : lastlog File
- Release 4 (SVR4) : History of UNIX
- restricted shells : Restricted shells under System V UNIX
- SGI bit on files : SGID Bit on Files (System V UNIX Only): Mandatory Record Locking
- su command and : Restricting su
- SUID files, list of : SUID and SGID Files
- utmp and wtmp files : utmp and wtmp Files
- UUCP : Format of USERFILE entry without system name
- /var/adm/loginlog file : loginlog File
- wtmpx file : utmp and wtmp Files
- Systems file : Security of L.sys and Systems Files
Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
copyleft 1999 Anonymous All Rights Reserved.
[ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ]