Book Home

Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Index: S

s class : sendmail, 32.5. Alphabetized Reference
=S command (rule-testing mode) : sendmail, 8.5. The Workspace
S configuration command
sendmail, 5.3.4. Rule Sets
sendmail, 8.3. Rule Sets
sendmail, 27.2. Comments
sendmail, 29.1. The S Configuration Command
-s database switch : sendmail, 33.3.4.10. -s space replacement character (V8.7 and above)
s flag : sendmail, 30.8. Alphabetized F= Flags
S flag : sendmail, 30.8. Alphabetized F= Flags
S line (host status file) : sendmail, B.1. Status file lines
S line (qf file)
sendmail, 23.4. Printing the Queue
sendmail, 23.9. The qf File Internals
$s macro
sendmail, 23.9. The qf File Internals
sendmail, 31.10. Alphabetized Reference
sendmail, 36.7. Alphabetized Reference
$S macro : sendmail, 31.10. Alphabetized Reference
s option : (see SuperSafe (s) option)
S option : (see StatusFile (S) option)
S rule-testing command : sendmail, 38.4.1. Show Rules in a Rule Set with =S
-s switch (sendmail) : sendmail, 36.7. Alphabetized Reference
S/Key codebook scheme
Building Internet Firewalls, 10.3.1. One-Time Passwords
Practical UNIX & Internet Security, 8.7.3. Code Books
S= equate
sendmail, 6.3. The local Delivery Agent
sendmail, 6.3.1. Skipping Rule Sets
sendmail, 11.2. Rule Set S=
sendmail, 29.6.2. Selecting S= and R=
sendmail, 30.4. The Equates
sa command : Practical UNIX & Internet Security, 10.2. The acct/pacct Process Accounting File
sabotage
(see denial of service)
(see terrorism; vandalism)
safe, storing security information in : TCP/IP Network Administration, 12.2.6. Secure Shell
SafeFileEnvironment option
sendmail, 22.8.3.6. The SafeFileEnvironment option
sendmail, 24.2.2. Delivery to Files
sendmail, 34.8. Alphabetized Reference
SAGE (System Administrators Guild) : Building Internet Firewalls, A.5.5. System Administrators Guild
salt
Practical UNIX & Internet Security, 8.6.2. What Is Salt?
Practical UNIX & Internet Security, 8.6.3. What the Salt Doesn't Do
sanitizing media : Practical UNIX & Internet Security, 12.3.2.3. Sanitize your media before disposal
SAns statistic
DNS & BIND, 7.6.2. Understanding the BIND Statistics
DNS & BIND, 8.1.2. Capacity Planning
SATAN package
Building Internet Firewalls, 12.2.4. Responding to Probes
Building Internet Firewalls, B.2.4. SATAN
Practical UNIX & Internet Security, 17.6.1. SATAN
Practical UNIX & Internet Security, E.4.7. SATAN
SATAN tool : TCP/IP Network Administration, 12.4.3.2. SATAN
saturated networks : (see networks and networking)
savacct file : Practical UNIX & Internet Security, 10.2. The acct/pacct Process Accounting File
saved UID : Practical UNIX & Internet Security, 4.3.2. Saved IDs
SaveFromLine (f) option
sendmail, 34.8. Alphabetized Reference
sendmail, 36.7. Alphabetized Reference
saving
aliases in symbol table
sendmail, 24.5.4. No DBM Aliasing
sendmail, 33.8. Alphabetized Reference
backup media : Practical UNIX & Internet Security, 7.1.5. How Long Should You Keep a Backup?
bounced messages in qf file
sendmail, 23.3.6. Savemail Panic
(see also archiving information; backups)
sbrk command : Practical UNIX & Internet Security, 23.2. Tips on Avoiding Security-related Bugs
scaling well
TCP/IP Network Administration, 2.4. Internet Routing Architecture
TCP/IP Network Administration, 3.3. Domain Name Service
TCP/IP Network Administration, 4.2.1. Obtaining an IP Address
TCP/IP Network Administration, 7.5.1. Exterior Gateway Protocol
scanf command
Practical UNIX & Internet Security, 23.2. Tips on Avoiding Security-related Bugs
sendmail, 32.1.2.1. scanf(3) variations
SCANF macro : sendmail, 18.8. Alphabetized Reference
scanning networks : Practical UNIX & Internet Security, 17.6. Network Scanning
SCCS (Source Code Control System)
Practical UNIX & Internet Security, 7.3.2. Building an Automatic Backup System
Practical UNIX & Internet Security, 17.3. Primary UNIX Network Services
Scherbius, Arthur : Practical UNIX & Internet Security, 6.3. The Enigma Encryption System
SCO's Open Server : DNS & BIND, 6.4.7. SCO's Open Server 5.0
score keepers : Building Internet Firewalls, 1.2.2.3. Score Keepers
scp (secure copy) : TCP/IP Network Administration, 12.2.6. Secure Shell
screen savers : Practical UNIX & Internet Security, 12.3.5.2. X screen savers
screend package
Building Internet Firewalls, 6.5. Conventions for Packet Filtering
Building Internet Firewalls, B.3.1. screend
screened host architecture
Building Internet Firewalls, 4.2.2. Screened Host Architecture
Building Internet Firewalls, 9.2. Screened Host Architecture
screened subnet architecture
Building Internet Firewalls, 4.2.3. Screened Subnet Architecture
Building Internet Firewalls, 9.1. Screened Subnet Architecture
with dual-homed host architecture : Building Internet Firewalls, 4.3.8. It's OK to Use
screening routers
Building Internet Firewalls, 4.1.1. Packet Filtering
Building Internet Firewalls, 6. Packet Filtering
(see also packet filtering)
acceptable addresses for : Building Internet Firewalls, 6.5. Conventions for Packet Filtering
choosing : Building Internet Firewalls, 6.8. Choosing a Packet Filtering
configuring : Building Internet Firewalls, 6.2. Configuring a Packet Filtering
proxy systems and : Building Internet Firewalls, 7. Proxy Systems
rules for : Building Internet Firewalls, 6.5. Conventions for Packet Filtering
where to use : Building Internet Firewalls, 6.8.8. It Should Have Good Testing and
screens, multiple : Practical UNIX & Internet Security, 12.3.4.3. Multiple screens
script command : Practical UNIX & Internet Security, 24.1.2. Rule #2: DOCUMENT
script files
TCP/IP Network Administration, 1.7. Application Layer
TCP/IP Network Administration, 6.1.5.1. Enabling and disabling the interface
(see also startup script)
(see also UNIX, systems)
debugging tips : TCP/IP Network Administration, 6.4.4. Troubleshooting Serial Connections
invoking dialup IP (dip) : TCP/IP Network Administration, A.1. Dial-Up IP
scriptfile : TCP/IP Network Administration, A.3. chat
scripting language : TCP/IP Network Administration, 6.3.2. Dial-Up PPP
scripts, CGI : (see CGI, scripts)
scytales : Practical UNIX & Internet Security, 6.1. A Brief History of Cryptography
SDupQ statistic : DNS & BIND, 7.6.2. Understanding the BIND Statistics
search algorithm, resolver : DNS & BIND, 12.4. The Resolver Search Algorithm and Negative Caching
search directive
DNS & BIND, 6.1.3. The search Directive
DNS & BIND, F.2.2. search (4.8.3 and later versions)
search entry, in resolv.conf : TCP/IP Network Administration, 8.2.1. The Resolver Configuration File
search list : DNS & BIND, 6.1.2. The Search List
avoiding with nslookup : DNS & BIND, 11.4. Avoiding the Search List
search option (nslookup) : DNS & BIND, 11.3. Option Settings
search programs : Building Internet Firewalls, 2.6. Other Information Services
search warrants
Practical UNIX & Internet Security, 26.2.4. Hazards of Criminal Prosecution
Practical UNIX & Internet Security, 26.2.5. If You or One of Your Employees Is a Target
searching
database exhaustively : DNS & BIND, 2.6.5. Inverse Queries
domain : DNS & BIND, 11.1.3. Domain Searches
for IP addresses : DNS & BIND, 3.1.2. Finding IP Addresses
for .rhosts file : Practical UNIX & Internet Security, 17.3.18.5. Searching for .rhosts files
Seberry, Jennifer : Practical UNIX & Internet Security, 6.5.4.3. HAVAL
second-level domains : (see domains; subdomains)
secondary directive : DNS & BIND, F.1.3. secondary
secondary nameservers : (see slave/secondary name servers)
secrecy
defined : TCP/IP Network Administration, 12.1.1. Assessing the Threat
Kerberos : Practical UNIX & Internet Security, 19.6.1.3. Authentication, data integrity, and secrecy
keys for : TCP/IP Network Administration, 6.3.4. PPP Daemon Security
secret keys : Practical UNIX & Internet Security, 6.4.6. RSA and Public Key Cryptography
Secret Service, U.S.
Practical UNIX & Internet Security, 26.2.2. Federal Jurisdiction
Practical UNIX & Internet Security, F.3.3. U.S. Secret Service
secure copy (scp) : TCP/IP Network Administration, 12.2.6. Secure Shell
Secure Hash Algorithm (SHA)
Practical UNIX & Internet Security, 6.5.3. Digital Signatures
Practical UNIX & Internet Security, 6.5.4.2. SHA
Secure HTTP
Building Internet Firewalls, 8.6.4. Secure HTTP
Practical UNIX & Internet Security, 18.4.1. Eavesdropping Over the Wire
Secure NFS : Practical UNIX & Internet Security, 19.3.2.4. Using Secure NFS
-secure option
Practical UNIX & Internet Security, 19.3.2.4. Using Secure NFS
Practical UNIX & Internet Security, 19.4.4.5. Spoofing NIS
secure option for /etc/exports : Practical UNIX & Internet Security, 20.2.1.1. /etc/exports
SECURE points : TCP/IP Network Administration, 12.4.3.1. COPS
Secure RPC
Practical UNIX & Internet Security, 19.3. Secure RPC (AUTH_DES)
Practical UNIX & Internet Security, 19.3.4. Limitations of Secure RPC
with NIS/NIS+
Practical UNIX & Internet Security, 19.3.2. Setting Up Secure RPC with NIS
Practical UNIX & Internet Security, 19.3.4. Limitations of Secure RPC
NTP and : Practical UNIX & Internet Security, 19.3.1.3. Setting the window
reauthentication : Practical UNIX & Internet Security, 19.3.1.3. Setting the window
versus Kerberos : Practical UNIX & Internet Security, 19.6.2. Kerberos vs. Secure RPC
secure shell (ssh) : TCP/IP Network Administration, 12.2.6. Secure Shell
Secure Socket Layer : Practical UNIX & Internet Security, 18.4.1. Eavesdropping Over the Wire
secure terminals : Practical UNIX & Internet Security, 8.5.1. Secure Terminals
SECURE_USERS variable : TCP/IP Network Administration, 12.4.3.1. COPS
secure_zone record : DNS & BIND, 15.4.6.2. Protecting zone data on the bastion host
SecureID : Practical UNIX & Internet Security, 8.7.2. Token Cards
SecureNet key : Practical UNIX & Internet Security, 8.7.2. Token Cards
security
DNS & BIND, 8.1.1. Where Do I Put My Name Servers?
DNS & BIND, 10.11. Securing Your Name Server
Building Internet Firewalls, 1.4. What Is an Internet Firewall?
Building Internet Firewalls, 8.1.1.1. SMTP for
Building Internet Firewalls, 8.10.4. DNS Security Problems
Practical UNIX & Internet Security, 2.1. Planning Your Security Needs
Practical UNIX & Internet Security, 9.1.2. Read-only Filesystems
Practical UNIX & Internet Security, 12.1.1. The Physical Security Plan
sendmail, 18.2. Vendor Versus Compiling
sendmail, 22. Security
TCP/IP Network Administration, 1.7. Application Layer
(see also firewalls)
(see also incidents, attacks, threats)
(see also integrity)
(see also intruders/attackers)
(see also physical security)
(see also printers and printing)
(see also system administration)
against system failure : Building Internet Firewalls, 3.5. Fail-Safe Stance
audit : (see auditing)
backing up zone data : DNS & BIND, 4.8.2. Backup Files
bastion host speed and : Building Internet Firewalls, 5.3.2. How Fast a Machine?
BIND features : DNS & BIND, 3.1. Getting BIND
bogus qf files
sendmail, 23.3. A Bogus qf File (V8 only): Qf
sendmail, 23.9. The qf File Internals
C line (qf file) : sendmail, 23.9. The qf File Internals
CGI scripts
Practical UNIX & Internet Security, 18.2.3. Writing Secure CGI Scripts and ProgramsThe
Practical UNIX & Internet Security, 18.2.4.1. Beware mixing HTTP with anonymous FTP
changed detection
Practical UNIX & Internet Security, 9.2. Detecting Change
Practical UNIX & Internet Security, 9.3. A Final Note
check_relay rule set : sendmail, 29.10.3. The check_relay Rule Set
checking arguments : Practical UNIX & Internet Security, 23.2. Tips on Avoiding Security-related Bugs
choke points
Building Internet Firewalls, 6.1. Why Packet Filtering?
Building Internet Firewalls, 9.1.4.3. Choke point
Building Internet Firewalls, 9.2.3.3. Choke point
commercial authentication systems : Building Internet Firewalls, 10.4.3. Commercial Solutions
critical messages to log
Practical UNIX & Internet Security, 10.5.3. syslog Messages
Practical UNIX & Internet Security, 10.5.3.1. Beware false log entries
cryptography
(see cryptography)
(see encryption)
default stances : Building Internet Firewalls, 6.2.3. Default Permit Versus Default Deny
default user identities : sendmail, 13.2.5. The Default User Identities
defense in depth
Building Internet Firewalls, 9.1.4.2. Defense in depth
Building Internet Firewalls, 9.2.3.2. Defense in depth
definition of : Practical UNIX & Internet Security, 1.1. What Is Computer Security?
designing for network : Building Internet Firewalls, 1.4.3. Buying Versus Building
digital signatures : (see digital signatures)
disabling finger : Practical UNIX & Internet Security, 17.3.8.2. Disabling finger
disk quotas : Practical UNIX & Internet Security, 25.2.2.5. Using quotas
diversity of defense
Building Internet Firewalls, 3.7. Diversity of Defense
Building Internet Firewalls, 9.1.4.7. Diversity of defense
Building Internet Firewalls, 9.2.3.7. Diversity of defense
dormant accounts, finding : Practical UNIX & Internet Security, 8.4.3. Finding Dormant Accounts
drills : Practical UNIX & Internet Security, 24.1.3. Rule #3: PLAN AHEAD
encryption, network-level : Building Internet Firewalls, 10.5. Network-Level Encryption
environment variables and
sendmail, 5.3.12. Environment variables
sendmail, 22.2. The Environment
/etc/group file
Practical UNIX & Internet Security, 1.2. What Is an Operating System?
Practical UNIX & Internet Security, 4.1.3.1. The /etc/group file
Practical UNIX & Internet Security, 4.2.3. Impact of the /etc/passwd and /etc/group
Practical UNIX & Internet Security, 8.1.6. Group Accounts
TCP/IP Network Administration, 9.3. Network Information Service
TCP/IP Network Administration, 13.2.1. Creating an FTP Server
/etc/passwd
Practical UNIX & Internet Security, 1.2. What Is an Operating System?
Practical UNIX & Internet Security, 3.2.1. The /etc/passwd File
Practical UNIX & Internet Security, 3.2.2. The /etc/passwd File
Practical UNIX & Internet Security, 4.2.3. Impact of the /etc/passwd and /etc/group
Practical UNIX & Internet Security, 7.1.2. What Should You Back Up?
Practical UNIX & Internet Security, 8.1.1. Accounts Without Passwords
Practical UNIX & Internet Security, 8.6. The UNIX Encrypted Password System
Practical UNIX & Internet Security, 15.1.4. How the UUCP Commands Work
Practical UNIX & Internet Security, 24.4.1. New Accounts
Practical UNIX & Internet Security, C.5.1. Process #1: /etc/init
sendmail, 30.8. Alphabetized F= Flags
TCP/IP Network Administration, 6.3.5. PPP Server Configuration
TCP/IP Network Administration, 6.4.3. SLIP Server Configuration
TCP/IP Network Administration, 9.1.5. NFS Authentication Server
TCP/IP Network Administration, 9.3. Network Information Service
TCP/IP Network Administration, 10.4.1.1. Building a sendmail.cf with m4 macros
TCP/IP Network Administration, 12.2.1. The Shadow Password File
TCP/IP Network Administration, 13.2.1. Creating an FTP Server
-f switch and
sendmail, 14.6. Trusted User
sendmail, 22.8.1. Trusted Users
fail-safe stance
Building Internet Firewalls, 9.1.4.5. Fail-safe stance
Building Internet Firewalls, 9.2.3.5. Fail-safe stance
file permissions : sendmail, 13.2.4. The Default File Permissions
files and : (see appending to files)
firewalls : (see firewalls)
for printers : TCP/IP Network Administration, 4.5.2. Print servers
forged mail
sendmail, 13.2.1. The Location of the Queue Directory
sendmail, 22.7. Forged Mail
four steps toward : Practical UNIX & Internet Security, 2.4.4.7. Defend in depth
host : Building Internet Firewalls, 1.3.3. Host Security
HTTP : Building Internet Firewalls, 8.6.3. HTTP Security
identification protocol : Practical UNIX & Internet Security, 17.3.12. Identification Protocol (auth) (TCP Port
important of simplicity of : Building Internet Firewalls, 3.8. Simplicity
improving DES algorithm
Practical UNIX & Internet Security, 6.4.5. Improving the Security of DES
Practical UNIX & Internet Security, 6.4.5.2. Triple DES
incident response teams : (see incident response teams)
incidents : (see incidents, attacks, threats)
:include: lists : sendmail, 25.2.2. Tradeoffs
insecure networks : Building Internet Firewalls, 4.4.2. Insecure Networks
internal network protection : Building Internet Firewalls, 4.4. Internal Firewalls
IP
Practical UNIX & Internet Security, 16.3. IP Security
Practical UNIX & Internet Security, 16.3.3. Authentication
IP_SRCROUTE macro : sendmail, 18.8. Alphabetized Reference
IRC and : Building Internet Firewalls, 8.9.2. Internet Relay Chat
keeping checksums secure : Building Internet Firewalls, 13.5.3. Keeping Secured Checksums
lack of : Building Internet Firewalls, 1.3. How Can You Protect Your Site?
laws and : (see laws)
least privilege
Building Internet Firewalls, 9.1.4.1. Least privilege
Building Internet Firewalls, 9.2.3.1. Least privilege
legal liability
Practical UNIX & Internet Security, 26.4. Other Liability
Practical UNIX & Internet Security, 26.4.7. Harassment, Threatening Communication, and Defamation
legal responsibilities : Building Internet Firewalls, 11.2.3. External Factors That Influence
levels of NIS+ servers : Practical UNIX & Internet Security, 19.5.5. NIS+ Limitations
link-level : Practical UNIX & Internet Security, 16.3.1. Link-level Security
of machine : Building Internet Firewalls, 5.8.1. Securing the Machine
mechanisms included within applications : TCP/IP Network Administration, 12.2.5. Secure the r Commands
message digests : (see message digests)
modem pools : Building Internet Firewalls, 10.6. Terminal Servers and Modem Pools
modems and
Practical UNIX & Internet Security, 14.4. Modems and Security
Practical UNIX & Internet Security, 14.4.4.2. Protection against eavesdropping
monitoring
TCP/IP Network Administration, 12.4. Security Monitoring
(see logs/logging)
multilevel (defense in depth)
Practical UNIX & Internet Security, 1.3. History of UNIX
Practical UNIX & Internet Security, 2.4.4.7. Defend in depth
Practical UNIX & Internet Security, 2.5.3. Final Words: Risk Management Means Common Sense
Practical UNIX & Internet Security, 17.2. Controlling Access to Servers
name service and : Practical UNIX & Internet Security, 16.3.2. Security and Nameservice
national : Practical UNIX & Internet Security, 26.2.2. Federal Jurisdiction
netacl : Building Internet Firewalls, 5.8.3.2. Using netacl to protect services
network
(see network services)
(see networks and networking)
operating system bugs : Building Internet Firewalls, 5.8.1.2. Fix all known system bugs
passwords
Practical UNIX & Internet Security, 3.2. Passwords
Practical UNIX & Internet Security, 3.6.1. Bad Passwords: Open Doors
Practical UNIX & Internet Security, 3.6.4. Passwords on Multiple Machines
Practical UNIX & Internet Security, 3.8. Summary
(see also passwords)
personnel
Practical UNIX & Internet Security, 13. Personnel Security
Practical UNIX & Internet Security, 13.3. Outsiders
Practical UNIX & Internet Security, A.1.1.12. Chapter 13: Personnel Security
planning : TCP/IP Network Administration, 12.1. Security Planning
policy
Building Internet Firewalls, 1.4.1.1. A firewall is a focus for security
Building Internet Firewalls, 11. Security Policies
Practical UNIX & Internet Security, 1.2. What Is an Operating System?
Practical UNIX & Internet Security, 2. Policies and Guidelines
Practical UNIX & Internet Security, 2.5.3. Final Words: Risk Management Means Common Sense
TCP/IP Network Administration, 12.1. Security Planning
reviewing : Building Internet Firewalls, 11.1.1.5. Provision for reviews
writing : TCP/IP Network Administration, 12.1.3. Writing a Security Policy
of POP : Building Internet Firewalls, 8.1.2. Post Office Protocol
practicing drills for : Building Internet Firewalls, 13.5.7. Doing Drills
preventing workstation as gateway : sendmail, 20.2.2. Workstation Refuses to Act as a Mail Gateway
protecting backups
Building Internet Firewalls, 5.10. Protecting the Machine and Backups
Practical UNIX & Internet Security, 7.1.6. Security for Backups
Practical UNIX & Internet Security, 7.1.6.3. Data security for backups
(see also backups)
protocol, and proxying : Building Internet Firewalls, 7.4.3. Protocol Security
publications, list of : TCP/IP Network Administration, 12.8. Words to the Wise
published resources on
Building Internet Firewalls, A. Resources
Practical UNIX & Internet Security, D. Paper Sources
Practical UNIX & Internet Security, D.2. Security Periodicals
queuing everything : sendmail, 34.8. Alphabetized Reference
refused queries : DNS & BIND, 11.7.4. Query Refused
rejecting mail from certain sites : sendmail, 20.2.6. Reject Mail from Spamming or Mail-bombing Sites
resolvers : DNS & BIND, 10.11.6. Resolving Name Server Configuration
responding to breakins
Practical UNIX & Internet Security, 24. Discovering a Break-in
Practical UNIX & Internet Security, 24.7. Damage Control
responding to incidents : Building Internet Firewalls, 13. Responding to Security Incidents
"Response from unexpected source" message : DNS & BIND, 7.6.1. Common Syslog Messages
restricting logins : Practical UNIX & Internet Security, 8.3. Restricting Logins
restricting queries : DNS & BIND, 10.11.2. Restricting Queries
reviewing response strategies : Building Internet Firewalls, 13.4.8. Periodic Review of Plans
.rhosts : (see .rhosts file)
risks
TCP/IP Network Administration, 4.1. Connected and Non-Connected Networks
TCP/IP Network Administration, 4.2.2. Defining the Subnet Mask
TCP/IP Network Administration, 5.3.1.1. Options
TCP/IP Network Administration, 5.3.1.2. Pseudo-device
TCP/IP Network Administration, 5.4. The Internet Daemon
TCP/IP Network Administration, 9.1.2.1. The share command
TCP/IP Network Administration, 13.2.1. Creating an FTP Server
RunAsUser option : sendmail, 34.8. Alphabetized Reference
safe sendmail options : sendmail, 34.1.4. Options that Are Safe
sendmail problems : Practical UNIX & Internet Security, 17.3.4.1. sendmail and security
sendmail restricted shell : sendmail, 19.6. Alphabetized m4 Macros
sendmail.cf and : sendmail, 22.4. The Configuration File
Skipjack algorithm : Practical UNIX & Internet Security, 6.4.1. Summary of Private Key Systems
SNMP
Building Internet Firewalls, 8.12.1. Simple Network Management
Practical UNIX & Internet Security, 17.3.15. Simple Network Management Protocol (SNMP) (UDP Ports
software piracy : Practical UNIX & Internet Security, 26.4.2.1. Software piracy and the SPA
sources of information : TCP/IP Network Administration, 12.1.2.2. Use mailing lists to distribute information
standards of : Practical UNIX & Internet Security, 2.4.2. Standards
strategies for : Building Internet Firewalls, 3. Security Strategies
SUID_ROOT_FILES_OK macro : sendmail, 18.8. Alphabetized Reference
superuser problems : Practical UNIX & Internet Security, 4.2.1.5. The problem with the superuser
system crashes
Building Internet Firewalls, 5.10.1. Watch Reboots Carefully
Practical UNIX & Internet Security, 10.7.2.1. Exception and activity reports
TCP/IP Network Administration, 9.1.1. NFS Daemons
TCP/IP Network Administration, 9.2.2. Solaris Line Printer Service
TCP Wrapper : Building Internet Firewalls, 5.8.3.1. Using the TCP Wrapper package to protect services
terminal servers : Building Internet Firewalls, 10.6. Terminal Servers and Modem Pools
through obscurity
Building Internet Firewalls, 1.3.2. Security Through Obscurity
Practical UNIX & Internet Security, 2.5. The Problem with Security Through Obscurity
Practical UNIX & Internet Security, 2.5.3. Final Words: Risk Management Means Common Sense
Practical UNIX & Internet Security, 8.8.9. Account Names Revisited: Using Aliases for Increased
Practical UNIX & Internet Security, 18.2.4. Keep Your Scripts Secret!
time information and : Building Internet Firewalls, 8.13. Network Time Protocol (NTP)
tools for : Practical UNIX & Internet Security, 11.1. Programmed Threats: Definitions
Tripwire package
Practical UNIX & Internet Security, 9.2.4. Tripwire
Practical UNIX & Internet Security, 9.2.4.2. Running Tripwire
trusted users : sendmail, 19.6. Alphabetized m4 Macros
unauthorized zone transfers : DNS & BIND, 10.11.3. Preventing Unauthorized Zone Transfers
universal participation : Building Internet Firewalls, 3.6. Universal Participation
UNIX and
Practical UNIX & Internet Security, 1. Introduction
Practical UNIX & Internet Security, 1.4. Security and UNIX
Practical UNIX & Internet Security, 1.4.3. Add-On Functionality Breeds Problems
user awareness of
Practical UNIX & Internet Security, 1.4.1. Expectations
Practical UNIX & Internet Security, 2. Policies and Guidelines
Practical UNIX & Internet Security, 2.4.4.4. Concentrate on education
Practical UNIX & Internet Security, 13.2.2. Ongoing Training and Awareness
UUCP : (see UUCP)
weakest link
Building Internet Firewalls, 3.4. Weakest Link
Building Internet Firewalls, 9.1.4.4. Weakest link
Building Internet Firewalls, 9.2.3.4. Weakest link
weakness-finding tools : Practical UNIX & Internet Security, 11.1.1. Security Tools
when proxying is ineffective : Building Internet Firewalls, 7.8.2. Proxying Won't Secure the Service
whois service : Building Internet Firewalls, 8.8.2. whois
World Wide Web
Practical UNIX & Internet Security, 18. WWW Security
Practical UNIX & Internet Security, 18.7. Summary
X Window System
Practical UNIX & Internet Security, 17.3.21.2. X security
Practical UNIX & Internet Security, 17.3.21.3. The xhost facility
X11 window system mechanisms : Building Internet Firewalls, 8.16. X11 Window System
security data category (logging) : DNS & BIND, 7.5.3. Category Details
Security Emergency Response Team (SERT) : Practical UNIX & Internet Security, F.3.4.4. Australia: Internet .au domain
security file (UUCP) : Practical UNIX & Internet Security, 10.3.4. uucp Log Files
security holes
Practical UNIX & Internet Security, 2.5. The Problem with Security Through Obscurity
(see also back doors; threats)
ftpd program : Practical UNIX & Internet Security, 6.5.2. Using Message Digests
mailing list for : Practical UNIX & Internet Security, E.1.3.3. Bugtraq
reporting : Practical UNIX & Internet Security, 2.5.1. Going Public
ruusend in L.cmds file : Practical UNIX & Internet Security, 15.4.3. L.cmds: Providing Remote Command Execution
SUID/SGID programs : Practical UNIX & Internet Security, 5.5.3.1. write: Example of a possible SUID/SGID security
/usr/lib/preserve : Practical UNIX & Internet Security, 5.5.3.2. Another SUID example: IFS and the /usr/lib/preserve
UUCP : Practical UNIX & Internet Security, 15.7. Early Security Problems with UUCP
sed scripts : Practical UNIX & Internet Security, 11.1.4. Trojan Horses
seeds, random number
Practical UNIX & Internet Security, 23.6. Tips on Generating Random Numbers
Practical UNIX & Internet Security, 23.8. Picking a Random Seed
segments
TCP/IP Network Administration, 1.3. TCP/IP Protocol Architecture
TCP/IP Network Administration, 1.6.2. Transmission Control Protocol
select system call : Practical UNIX & Internet Security, 17.1.3. The /etc/inetd Program
selecting delivery agents : (see rule set 0)
selection lists : Practical UNIX & Internet Security, 18.2.3.1. Do not trust the user's browser!
self-destruct sequences : Practical UNIX & Internet Security, 27.2.1. Hardware Bugs
semicolon (;)
comment character
DNS & BIND, 4.3. Setting Up a BIND Configuration File
DNS & BIND, 6.1.7. Comments
DNS & BIND, A.1. Master File Format
DNS & BIND, F.2.4. ; and # (4.9.3 and later versions)
TCP/IP Network Administration, C.3.1. Standard Resource Records
ending gated configuration statements
TCP/IP Network Administration, 7.7.1.1. A host configuration
TCP/IP Network Administration, B.2. The gated Configuration Language
for comments
semiprivileged users : sendmail, 22.5. Permissions
sender
sendmail, 29.6.2. Selecting S= and R=
(see also S= equate)
address of
sendmail, 6.3. The local Delivery Agent
sendmail, 11.1. Flow of the Sender's Address
sendmail, 23.4. Printing the Queue
sendmail, 23.9. The qf File Internals
sendmail, 31.10. Alphabetized Reference
sendmail, 36.7. Alphabetized Reference
TCP/IP Network Administration, 10.6.3. The Set Ruleset Command
TCP/IP Network Administration, 10.8.1. Testing Rewrite Rules
(see also $f macro; $g macro)
default format of : sendmail, 31.10. Alphabetized Reference
genericstable feature : sendmail, 19.6. Alphabetized m4 Macros
hostname part : (see $s macro)
rewriting : sendmail, 11.4.1. Rewrite the Lone Username
rule set 1
sendmail, 11.7. Rule Set 1
sendmail, 19.6. Alphabetized m4 Macros
sendmail, 29.9. Rule Set 1
testing with check_compat : sendmail, 29.10.4. The check_compat Rule Set
check_mail rule set : sendmail, 29.10.1. The check_mail Rule Set
of envelope, logging : sendmail, 26.1.3.3. from= show envelope sender
full name for
sendmail, 36.7. Alphabetized Reference
(see $x macro)
headers for : sendmail, 35.6.2. Sender Headers
running sendmail as : sendmail, 36.7. Alphabetized Reference
unknown : sendmail, 35.10. Alphabetized Reference
"Sender:" header line : sendmail, 35.10. Alphabetized Reference
SENDFILES= command
Practical UNIX & Internet Security, 15.5.1.3. A Sample Permissions file
Practical UNIX & Internet Security, 15.5.2. Permissions Commands
sending messages
sendmail, 13.4. Sending Mail
sendmail, 14.5. Sending Real Mail
sendmail
DNS & BIND, 4.2.5. Address and Alias Records
DNS & BIND, 5.1. MX Records
DNS & BIND, 7.6.2. Understanding the BIND Statistics
Building Internet Firewalls, 2.1. Electronic Mail
Building Internet Firewalls, 3.1. Least Privilege
Building Internet Firewalls, 8.1.1.1. SMTP for
Practical UNIX & Internet Security, 11.1.2. Back Doors and Trap Doors
Practical UNIX & Internet Security, 11.5.2.5. .forward, .procmailrc
Practical UNIX & Internet Security, 11.5.3.3. /usr/lib/aliases, /etc/aliases,
Practical UNIX & Internet Security, 17.3.4. Simple Mail Transfer Protocol (SMTP) (TCP Port 25)
Practical UNIX & Internet Security, 17.3.4.3. Improving the security of Berkeley sendmail V8
Practical UNIX & Internet Security, 24.2.4.2. How to contact the system administrator of a computer
TCP/IP Network Administration, UNIX Versions
TCP/IP Network Administration, 4.5.3. Planning Your Mail System
TCP/IP Network Administration, 10. sendmail
TCP/IP Network Administration, E.2. The sendmail Command
(see also mail)
(see also SMTP)
aliases
Practical UNIX & Internet Security, 11.5.3.3. /usr/lib/aliases, /etc/aliases,
TCP/IP Network Administration, 10.3. sendmail Aliases
classes, listed
TCP/IP Network Administration, E.2. The sendmail Command
TCP/IP Network Administration, E.4.1. sendmail Classes
compiling : TCP/IP Network Administration, E.1. Compiling sendmail
(dis)advantages to : sendmail, 18.1. To Use or Not to Use
DNS and : DNS & BIND, 6.3.2. Electronic Mail
exit values : sendmail, 36.5. sendmail's exit() Status
.forward file : Practical UNIX & Internet Security, 24.4.1.6. Changes to startup files
future of : sendmail, The Future
history of
sendmail, History
sendmail, 27.5. The V Configuration Command
installing and configuring
sendmail, 2.1. Get the Source
sendmail, 18.6. Install sendmail
sendmail, 18.8. Alphabetized Reference
TCP/IP Network Administration, 10.5. sendmail Configuration
internal macros, listed : TCP/IP Network Administration, 10.5.2. The Define Macro Command
location of : sendmail, 36.1. Alternative argv[0] Names
logging to syslog : Practical UNIX & Internet Security, 17.3.4.3. Improving the security of Berkeley sendmail V8
m4 diversions, reserved : sendmail, 19.1.4. m4 diversions
mailer flags, listed : TCP/IP Network Administration, E.4.3. sendmail Mailer Flags
Morris worm : Building Internet Firewalls, 8.1. Electronic Mail
obtaining source code
sendmail, 2.1. Get the Source
sendmail, 18.3. Obtain the Source
options
sendmail, 13.2. Required Options
TCP/IP Network Administration, E.4.2. sendmail Options
pid for : (see $p macro)
readying for DNS : sendmail, 21.1.2. Make sendmail DNS Aware
restricted shell : sendmail, 19.6. Alphabetized m4 Macros
running as a daemon : TCP/IP Network Administration, 10.2. Running sendmail as a Daemon
running manually : sendmail, 1.4. Run sendmail by Hand
same Internet/NIS domain : Practical UNIX & Internet Security, 19.4.3. NIS Domains
security problems with : Practical UNIX & Internet Security, 17.3.4.1. sendmail and security
starting operating mode : sendmail, 31.10. Alphabetized Reference
Sun Microsystem's enhancements to : sendmail, D. Sun Enhancements
testing and debugging arguments : TCP/IP Network Administration, 10.8. Testing sendmail.cf
tools reference : TCP/IP Network Administration, E. A sendmail Reference
using key files in : TCP/IP Network Administration, 10.8.2. Using Key Files in sendmail
using most recent release
TCP/IP Network Administration, 10.8.2. Using Key Files in sendmail
TCP/IP Network Administration, E.1. Compiling sendmail
version of
Practical UNIX & Internet Security, 17.3.4.1. sendmail and security
sendmail, UNIX and sendmail Versions
sendmail, 5.2.1. Version
sendmail, 18.2. Vendor Versus Compiling
sendmail, 27.5. The V Configuration Command
sendmail, 31.10. Alphabetized Reference
sendmail, D.2. Backward Compatibility
TCP/IP Network Administration, Preface
improving Version 8 : Practical UNIX & Internet Security, 17.3.4.3. Improving the security of Berkeley sendmail V8
"savemail panic" message : sendmail, 23.3.6. Savemail Panic
sendmail startup script : TCP/IP Network Administration, 10.2. Running sendmail as a Daemon
sendmail.cf configuration file
DNS & BIND, 6.3.2. Electronic Mail
DNS & BIND, 6.3.3. Updating .rhosts, hosts.equiv, etc.
Practical UNIX & Internet Security, 17.3.4. Simple Mail Transfer Protocol (SMTP) (TCP Port 25)
sendmail, 1.3.1. The Configuration File
sendmail, 3.1. Role in the Filesystem
sendmail, 5. The sendmail.cf File
sendmail, 22.4. The Configuration File
sendmail, 27. The Configuration File
sendmail, 36.4.4. Fourth: Read the Configuration File
TCP/IP Network Administration, 10.4. The sendmail.cf File
TCP/IP Network Administration, 10.4.2. General sendmail.cf Structure
commands
sendmail, 5.1. Overview
TCP/IP Network Administration, 10.5. sendmail Configuration
define class command (C and F) : TCP/IP Network Administration, 10.5.3. The Define Class Command
define macro command (D) : TCP/IP Network Administration, 10.5.2. The Define Macro Command
define mail headers command (H) : TCP/IP Network Administration, 10.5.7. Defining Mail Headers
define mail precedence command (P) : TCP/IP Network Administration, 10.5.6. Defining Mail Precedence
define mailers command (M) : TCP/IP Network Administration, 10.5.8. Defining Mailers
define trusted users command (T) : TCP/IP Network Administration, 10.5.5. Defining Trusted Users
defining macros in : sendmail, 31.3. Configuration File Definitions
freezing : sendmail, 36.7. Alphabetized Reference
installing : sendmail, 15.6. Install the client.cf File
location of : sendmail, 36.7. Alphabetized Reference
modifying
TCP/IP Network Administration, 10.7. Modifying a sendmail.cf File
TCP/IP Network Administration, 10.7.1. Modifying Local Information
TCP/IP Network Administration, 10.7.2. Modifying Options
options and flags
sendmail, 34.1.3. Appropriateness of Options
TCP/IP Network Administration, E.4. More sendmail.cf
pathname for : sendmail, 18.8. Alphabetized Reference
rewrite rules (R, S, and K commands)
TCP/IP Network Administration, 10.6. Rewriting the Mail Address
TCP/IP Network Administration, 10.6.1. Pattern Matching
TCP/IP Network Administration, 10.6.2. Transforming the Address
rule-testing mode and : sendmail, 38.2. Configuration Lines
sample of, locating : TCP/IP Network Administration, 10.4.1. Locating a Sample sendmail.cf File
set option command (O) : TCP/IP Network Administration, 10.5.4. The Set Option Command
structure of : TCP/IP Network Administration, 10.4.2. General sendmail.cf Structure
testing
sendmail, 15.1. Test the Configuration File
TCP/IP Network Administration, 10.8. Testing sendmail.cf
commands, listed : TCP/IP Network Administration, 10.8.1. Testing Rewrite Rules
rewrite rules : TCP/IP Network Administration, 10.8.1. Testing Rewrite Rules
troubleshooting : sendmail, 27.6. Pitfalls
version level command (V) : TCP/IP Network Administration, 10.5.1. The Version Level Command
sendmail.ct file : sendmail, 19.6. Alphabetized m4 Macros
sendmail.cw file : sendmail, 19.6. Alphabetized m4 Macros
sendmail.pid file, pathname for : sendmail, 18.8. Alphabetized Reference
sendmail.st file : sendmail, 26.2.1. The sendmail.st File
sendmail.tar file : TCP/IP Network Administration, 10.4.1. Locating a Sample sendmail.cf File
sendmailvars file : sendmail, D.4. L and G Configuration Commands
"sendmailvars:" header line : sendmail, D.4. L and G Configuration Commands
SendMimeErrors (j) option : sendmail, 34.8. Alphabetized Reference
sendto system calls : DNS & BIND, 7.6.2. Understanding the BIND Statistics
sensors : (see detectors)
separation of duties : Practical UNIX & Internet Security, 13.2.5. Least Privilege and Separation of Duties
sequence database class : sendmail, 33.8. Alphabetized Reference
Sequence Number field : TCP/IP Network Administration, 1.6.2. Transmission Control Protocol
sequence of commands : Practical UNIX & Internet Security, 23.2. Tips on Avoiding Security-related Bugs
sequence space arithmetic : DNS & BIND, 7.2.3. Starting Over with a New Serial Number
serial
communications packages : TCP/IP Network Administration, 6.4.4. Troubleshooting Serial Connections
devices, adding manually : TCP/IP Network Administration, 6.4.4. Troubleshooting Serial Connections
interfaces
Practical UNIX & Internet Security, 14.2. Serial Interfaces
TCP/IP Network Administration, 6.2. TCP/IP Over a Serial Line
lines
load balancing : TCP/IP Network Administration, 5.2. Linux Kernel Configuration
multiple, using simultaneously : TCP/IP Network Administration, 5.2. Linux Kernel Configuration
protocols
choosing
TCP/IP Network Administration, 6.2.2. Choosing a Serial Protocol
TCP/IP Network Administration, A.1.1. The dip Script File
debugging : TCP/IP Network Administration, 6.4.4. Troubleshooting Serial Connections
Serial Line Internet Protocol (SLIP)
Practical UNIX & Internet Security, 14.5. Modems and UNIX
Practical UNIX & Internet Security, 16.2. IPv4: The Internet Protocol Version 4
TCP/IP Network Administration, 1.7. Application Layer
TCP/IP Network Administration, 5.2. Linux Kernel Configuration
TCP/IP Network Administration, 5.3.1.2. Pseudo-device
TCP/IP Network Administration, 6.2.1. The Serial Protocols
(see also PLIP (Parallel Line IP))
END character : TCP/IP Network Administration, 6.2.1. The Serial Protocols
ESC character : TCP/IP Network Administration, 6.2.1. The Serial Protocols
installing : TCP/IP Network Administration, 6.4. Installing SLIP
server configuration : TCP/IP Network Administration, 6.4.3. SLIP Server Configuration
serial numbers : DNS & BIND, 7.2.2. SOA Serial Numbers
backups and : DNS & BIND, 7.6.1. Common Syslog Messages
logging : Practical UNIX & Internet Security, 10.7.1.2. Informational material
nslookup and : DNS & BIND, 11.1.4. Zone Transfers
unincremented : DNS & BIND, 13.3.1. 1. Forgot to Increment Serial Number
SErr statistic : DNS & BIND, 7.6.2. Understanding the BIND Statistics
SERT (Security Emergency Response Team) : Practical UNIX & Internet Security, F.3.4.4. Australia: Internet .au domain
server command (nslookup) : DNS & BIND, 11.5.3. Switching Servers
server bogus : DNS & BIND, 10.10. Avoiding a Bogus Name Server
server directive : DNS & BIND, F.1.20. server (8.X.X)
server-side includes
Practical UNIX & Internet Security, 18.2.2.2. Additional configuration issues
Practical UNIX & Internet Security, 18.3.2. Commands Within the <Directory>
servers
Practical UNIX & Internet Security, 16.2.5. Clients and Servers
Practical UNIX & Internet Security, 17.1. Understanding UNIX Internet Servers
Practical UNIX & Internet Security, 17.1.3. The /etc/inetd Program
TCP/IP Network Administration, 1.7. Application Layer
(see also remote, servers)
(see name servers)
Archie, running : Building Internet Firewalls, 8.7.3.4. Running an Archie server
backing up : Practical UNIX & Internet Security, 7.2.2. Small Network of Workstations and a Server
caching servers
sendmail, 21.1. Overview
TCP/IP Network Administration, 11.6.2. The data is here and the server can't find it!
checklist for bringing up : Practical UNIX & Internet Security, 17.4. Security Implications of Network Services
command : TCP/IP Network Administration, 8.4. Using nslookup
configuration statement : TCP/IP Network Administration, B.8.10. The routerdiscovery Statement
controlling access to : Practical UNIX & Internet Security, 17.2. Controlling Access to Servers
DNS
for internal hosts : Building Internet Firewalls, 8.10.5.2. Set up a real DNS
setting up fake : Building Internet Firewalls, 8.10.5.1. Set up a `fake'
ftp : (see FTP)
http : (see http server)
load shedding : Practical UNIX & Internet Security, 23.3. Tips on Writing Network Programs
local : sendmail, 19.6. Alphabetized m4 Macros
master/slave
TCP/IP Network Administration, 8.1.1. BIND Configurations
(see also NIS)
multiple : TCP/IP Network Administration, 9.1.4. NFS Automounter
name servers : sendmail, 21.1. Overview
NIS+, security levels of : Practical UNIX & Internet Security, 19.5.5. NIS+ Limitations
offsite : sendmail, 21.5.2. Offsite Servers
overloading with requests : Practical UNIX & Internet Security, 25.3.1. Service Overloading
program, pathname of : TCP/IP Network Administration, 5.4. The Internet Daemon
proxy : (see proxy servers/services)
routed : Building Internet Firewalls, 5.8.2.4. Which services should you disable?
setting up for FTP
Practical UNIX & Internet Security, 17.3.2.4. Setting up an FTP server
Practical UNIX & Internet Security, 17.3.2.6. Setting up anonymous FTP with the standard UNIX FTP
web : (see web servers)
WN : Practical UNIX & Internet Security, 18.3. Controlling Access to Files on Your Server
Xauthority : Practical UNIX & Internet Security, 17.3.21.4. Using Xauthority magic cookies
SERVFAIL errors
DNS & BIND, 7.6.2. Understanding the BIND Statistics
DNS & BIND, 13.3.3. 3. Slave Server Can't Load Zone Data
service-list : TCP/IP Network Administration, 12.5.1.1. tcpd access control files
services : (see network services)
services file
Practical UNIX & Internet Security, 17.1.1. The /etc/services File
TCP/IP Network Administration, 5.4. The Internet Daemon
TCP/IP Network Administration, 9.3. Network Information Service
TCP/IP Network Administration, 9.4. A BOOTP Server
TCP/IP Network Administration, 9.7.1. POP Server
TCP/IP Network Administration, 9.7.2. IMAP Server
services host : Building Internet Firewalls, 9.2. Screened Host Architecture
Services table (NIS+) : Practical UNIX & Internet Security, 19.5.3. NIS+ Tables
ServiceSwitchFile option
sendmail, 21.2.3. Look Up Addresses for Delivery
sendmail, 24.1.1. The aliases(5) file's location
sendmail, 34.8. Alphabetized Reference
SESAME (Secure European System for Applications in a Multivendor Environment) : Practical UNIX & Internet Security, 19.7.2. SESAME
session
hijacking : Practical UNIX & Internet Security, 17.3.3. TELNET (TCP Port 23)
IDs
Practical UNIX & Internet Security, 4.3.3. Other IDs
Practical UNIX & Internet Security, C.1.3.4. Process groups and sessions
keys
Practical UNIX & Internet Security, 6.4. Common Cryptographic Algorithms
Practical UNIX & Internet Security, 19.3.1.1. Proving your identity
Session Layer : TCP/IP Network Administration, 1.2. A Data Communications Model
set all command (nslookup)
DNS & BIND, 13.3.11. 11. Syntax Error in resolv.conf
DNS & BIND, 13.6.1. Local Name Can't Be Looked Up
set command (nslookup) : DNS & BIND, 11.3. Option Settings
set debug command : TCP/IP Network Administration, 8.4. Using nslookup
set domain command : TCP/IP Network Administration, 8.4. Using nslookup
set ruleset (S) command : TCP/IP Network Administration, 10.6.3. The Set Ruleset Command
set type command : TCP/IP Network Administration, 11.6.4. dig: An Alternative to nslookup
seteuid, setreuid routines : sendmail, 22.1.1. Test seteuid and setreuid
setgid capability
Building Internet Firewalls, 5.3.1. What Operating System?
Practical UNIX & Internet Security, 4.3.3. Other IDs
Practical UNIX & Internet Security, 23.4. Tips on Writing SUID/SGID Programs
TCP/IP Network Administration, 12.4.2.1. Checking files
(see also SUID/SGID programs)
setpgrp function : Practical UNIX & Internet Security, C.1.3.4. Process groups and sessions
setrlimit function : Practical UNIX & Internet Security, 23.2. Tips on Avoiding Security-related Bugs
setsid function : Practical UNIX & Internet Security, C.1.3.4. Process groups and sessions
setuid
Building Internet Firewalls, 5.3.1. What Operating System?
Practical UNIX & Internet Security, 23.4. Tips on Writing SUID/SGID Programs
TCP/IP Network Administration, 9.1.3.2. The vfstab and fstab files
(see also SUID/SGID programs)
setuid file : Practical UNIX & Internet Security, 4.3.1. Real and Effective UIDs
SevenBitInput (7) option : sendmail, 34.8. Alphabetized Reference
severity level, logging : DNS & BIND, 7.5. BIND 8 Logging
severity level, warning
sendmail, 26.1.1. syslog(3)
sendmail, 26.1.2. Tuning syslog.conf
SFail statistic : DNS & BIND, 7.6.2. Understanding the BIND Statistics
SFErr statistic : DNS & BIND, 7.6.2. Understanding the BIND Statistics
SFwdQ, SFwdR statistics : DNS & BIND, 7.6.2. Understanding the BIND Statistics
SGID bit
Practical UNIX & Internet Security, 5.5.1. SUID, SGID, and Sticky Bits
Practical UNIX & Internet Security, 5.5.7. SGID Bit on Files (System V UNIX Only): Mandatory
(see also SUID/SGID programs)
clearing with chown : Practical UNIX & Internet Security, 5.7. chown: Changing a File's Owner
on directories : Practical UNIX & Internet Security, 5.5.6. SGID and Sticky Bits on Directories
on files : Practical UNIX & Internet Security, 5.5.7. SGID Bit on Files (System V UNIX Only): Mandatory
SGID files : Practical UNIX & Internet Security, B.3.2.2. SGID files
sh (Bourne shell)
Practical UNIX & Internet Security, 5.5.3.2. Another SUID example: IFS and the /usr/lib/preserve
Practical UNIX & Internet Security, 11.5.1. Shell Features
Practical UNIX & Internet Security, C.5.3. Running the User's Shell
SUID and
Practical UNIX & Internet Security, 5.5.2. Problems with SUID
(see also shells)
SHA (Secure Hash Algorithm)
Practical UNIX & Internet Security, 6.5.3. Digital Signatures
Practical UNIX & Internet Security, 6.5.4.2. SHA
shadow file
Practical UNIX & Internet Security, 8.1.1. Accounts Without Passwords
Practical UNIX & Internet Security, 8.8.5. Shadow Password Files
TCP/IP Network Administration, 12.2.1. The Shadow Password File
shadow namespace : DNS & BIND, 15.4.6. A Shadow Namespace
shadow passwords
Practical UNIX & Internet Security, 3.2.1. The /etc/passwd File
Practical UNIX & Internet Security, 8.4.1. Changing an Account's Password
Practical UNIX & Internet Security, 8.8.5. Shadow Password Files
Shamir, Adi
Practical UNIX & Internet Security, 6.4.2. Summary of Public Key Systems
Practical UNIX & Internet Security, 6.4.6. RSA and Public Key Cryptography
shar format file : Practical UNIX & Internet Security, 11.1.4. Trojan Horses
share command
TCP/IP Network Administration, 9.1.2.1. The share command
TCP/IP Network Administration, 9.1.5. NFS Authentication Server
shareware : Practical UNIX & Internet Security, 27.2.2. Viruses on the Distribution Disk
sharing
directories : TCP/IP Network Administration, 9.1. The Network File System
filesystems : TCP/IP Network Administration, 9.1.2. Sharing Filesystems
sharp sign (#) : Practical UNIX & Internet Security, 6.5.1. Message Digests
disabling services with : Practical UNIX & Internet Security, 17.3. Primary UNIX Network Services
for comments
sendmail, 5.1. Overview
sendmail, 5.2.2. Comments
sendmail, 27.2. Comments
sendmail, 38.2. Configuration Lines
TCP/IP Network Administration, 3.2. The Host Table
TCP/IP Network Administration, 5.4. The Internet Daemon
TCP/IP Network Administration, 7.7.1.1. A host configuration
TCP/IP Network Administration, 9.1.4. NFS Automounter
TCP/IP Network Administration, 9.2.1. The printcap File
TCP/IP Network Administration, 9.4. A BOOTP Server
TCP/IP Network Administration, A.1.1. The dip Script File
TCP/IP Network Administration, D.3. The dhcpd.conf Configuration File
lines in sendmail.cf : sendmail, 3.1. Role in the Filesystem
in :include: lists : sendmail, 25.2.1. Comments in :include: Lists
in m4 files : sendmail, 19.5. Pitfalls
shell escapes
Practical UNIX & Internet Security, 8.1.3. Accounts That Run a Single Command
Practical UNIX & Internet Security, 8.1.4.6. Potential problems with rsh
in L.cmds list : Practical UNIX & Internet Security, 15.4.3. L.cmds: Providing Remote Command Execution
shell scripts
DNS & BIND, 14.1. Shell Script Programming with nslookup
Building Internet Firewalls, 5.8.2.1. How are services managed?
Practical UNIX & Internet Security, 5.5.3. SUID Shell Scripts
Practical UNIX & Internet Security, 5.5.3.2. Another SUID example: IFS and the /usr/lib/preserve
TCP/IP Network Administration, 12.4.2.1. Checking files
shells
Practical UNIX & Internet Security, 1.2. What Is an Operating System?
Practical UNIX & Internet Security, 3.2.1. The /etc/passwd File
Practical UNIX & Internet Security, 11.1.4. Trojan Horses
Practical UNIX & Internet Security, 11.5.1. Shell Features
Practical UNIX & Internet Security, 11.5.1.4. Filename attacks
Practical UNIX & Internet Security, C.2. Creating Processes
Practical UNIX & Internet Security, C.5.3. Running the User's Shell
changing
Practical UNIX & Internet Security, 8.4.2. Changing the Account's Login
Practical UNIX & Internet Security, 8.7.1. Integrating One-time Passwords with UNIX
history files : Practical UNIX & Internet Security, 10.4.1. Shell History
one-command accounts : Practical UNIX & Internet Security, 8.1.3. Accounts That Run a Single Command
restricted (rsh, ksh)
Practical UNIX & Internet Security, 8.1.4.1. Restricted shells under System V UNIX
Practical UNIX & Internet Security, 8.1.4.6. Potential problems with rsh
UUCP : (see uucico program)
shells file
Practical UNIX & Internet Security, 8.4.2. Changing the Account's Login
sendmail, 18.8. Alphabetized Reference
sendmail, 22.8.4. The /etc/shells file
sendmail, D.1. Sun Enhancements
Shimomura, Tsutomu : Practical UNIX & Internet Security, 23.3. Tips on Writing Network Programs
shortcuts for db files : DNS & BIND, 4.4. Abbreviations
shoulder surfing
Practical UNIX & Internet Security, 3.2.4. Passwords Are a Shared Secret
Practical UNIX & Internet Security, 5.5.2. Problems with SUID
show queue mode : sendmail, 4.1.2. Show Queue Mode (-bp)
showmount command
TCP/IP Network Administration, 4.5.1. File servers
TCP/IP Network Administration, 9.1.3. Mounting Remote Filesystems
showq command (SMTP) : sendmail, 22.3.1. SMTP debug
shredders : Practical UNIX & Internet Security, 12.3.3. Other Media
SHTTP : (see Secure HTTP)
shuffle address records : DNS & BIND, 10.12. Load Sharing Between Mirrored Servers
shutdowns and wtmp file : Practical UNIX & Internet Security, 10.1.3. last Program
shutting down
Building Internet Firewalls, 13.1.2. Disconnect or Shut Down, as
Building Internet Firewalls, 13.4.3. Planning for Disconnecting or
SIGHUP signal
Practical UNIX & Internet Security, C.4. The kill Command
TCP/IP Network Administration, 9.4. A BOOTP Server
TCP/IP Network Administration, 11.6.3. Cache corruption
TCP/IP Network Administration, A.2. The PPP Daemon
TCP/IP Network Administration, A.2.1. Signal processing
TCP/IP Network Administration, B.1.1. Signal Processing
TCP/IP Network Administration, C.1.1. Signal Processing
SIGINT signal
TCP/IP Network Administration, 11.6.3. Cache corruption
TCP/IP Network Administration, A.2.1. Signal processing
TCP/IP Network Administration, B.1.1. Signal Processing
TCP/IP Network Administration, C.1.1. Signal Processing
SIGKILL signal : Practical UNIX & Internet Security, C.4. The kill Command
Signal Ground (SG) : Practical UNIX & Internet Security, 14.3. The RS-232 Serial Protocol
signals
DNS & BIND, 7.1. BIND Name Server Signals
Practical UNIX & Internet Security, C.3. Signals
sendmail, 26.3. Signaling the Daemon
debugging level and : DNS & BIND, 12.2.2. Changing the Debugging Level with Signals
grounding : Practical UNIX & Internet Security, 25.3.3. Signal Grounding
to primary server, forgetting : DNS & BIND, 13.3.2. 2. Forgot to Signal Primary Master Server
processing
TCP/IP Network Administration, A.2.1. Signal processing
TCP/IP Network Administration, B.1.1. Signal Processing
TCP/IP Network Administration, C.1.1. Signal Processing
signatures, digital
Practical UNIX & Internet Security, 6.4. Common Cryptographic Algorithms
Practical UNIX & Internet Security, 6.5. Message Digests and Digital Signatures
Practical UNIX & Internet Security, 6.5.5.2. Message authentication codes
Practical UNIX & Internet Security, 9.2. Detecting Change
Practical UNIX & Internet Security, 9.2.3. Checksums and Signatures
TCP/IP Network Administration, 12.6. Encryption
checksums
Building Internet Firewalls, 5.8.5.3. About checksums for auditing
Practical UNIX & Internet Security, 6.5.5.1. Checksums
Practical UNIX & Internet Security, 9.2.3. Checksums and Signatures
TCP/IP Network Administration, 1.6.2. Transmission Control Protocol
TCP/IP Network Administration, 11.8. Protocol Case Study
keeping secure : Building Internet Firewalls, 13.5.3. Keeping Secured Checksums
recalculating
TCP/IP Network Administration, 4.2.1. Obtaining an IP Address
TCP/IP Network Administration, 5.3.1.1. Options
using Tripwire for : Building Internet Firewalls, 5.8.5.1. Auditing packages
detached signatures : Practical UNIX & Internet Security, 6.6.3.6. PGP detached signatures
with PGP : Practical UNIX & Internet Security, 6.6.3.4. Adding a digital signature to an announcement
SIGSTOP signal : Practical UNIX & Internet Security, C.4. The kill Command
SIGTERM signal
Practical UNIX & Internet Security, 25.2.1.1. Too many processes
TCP/IP Network Administration, B.1.1. Signal Processing
TCP/IP Network Administration, D.2. The dhcpd Command
silently discarding datagrams : (see datagrams)
Silicon Graphics' IRIX : DNS & BIND, 6.4.6. Silicon Graphics' IRIX
SILO overflows : TCP/IP Network Administration, 6.1.5.4. Maximum transmission unit
simple dialup connections : DNS & BIND, 15.5.1. Simple Dialup
Simple Gateway Management Protocol (SGMP) : TCP/IP Network Administration, 11.9. Simple Network Management Protocol
Simple Mail Transfer Protocol : (see SMTP)
Simple Network Management Protocol : (see SNMP)
single quotation marks (` and ') : sendmail, 19.1.1. m4 is greedy
single threaded mail deliver : TCP/IP Network Administration, E.3.1. define
single-character options : (see options, sendmail)
single-purpose routers : Building Internet Firewalls, 6.8.2. It Can Be a Single-Purpose Router or
single-user mode : Practical UNIX & Internet Security, C.5.1. Process #1: /etc/init
SingleLineFromHeader option
sendmail, 18.8. Alphabetized Reference
sendmail, 34.8. Alphabetized Reference
SingleThreadDelivery option
sendmail, 34.1.3. Appropriateness of Options
sendmail, 34.8. Alphabetized Reference
SITE macro (m4) : sendmail, 19.6. Alphabetized m4 Macros
SITECONFIG macro (m4) : sendmail, 19.4.6. UUCP
size
data segment : DNS & BIND, 10.4.2.1. Changing the data segment size limit
determining free disk space : sendmail, 18.8. Alphabetized Reference
df file : sendmail, 23.4. Printing the Queue
guest messages : sendmail, 20.2.3. Limit the Size of Guest Messages
messages
sendmail, 26.1.3.10. size= the size of the message
sendmail, 30.4. The Equates
sendmail, 34.8. Alphabetized Reference
prescan buffer : sendmail, 18.8. Alphabetized Reference
queue : sendmail, 18.8. Alphabetized Reference
setting maxima : sendmail, 18.8. Alphabetized Reference
subdomains : DNS & BIND, 9.2. How Many Children?
syslog buffers : sendmail, 18.8. Alphabetized Reference
SIZE keyword (ESMTP) : sendmail, 34.8. Alphabetized Reference
size= equate (syslog output) : sendmail, 26.1.3.10. size= the size of the message
Skipjack algorithm : Practical UNIX & Internet Security, 6.4.1. Summary of Private Key Systems
Slackware 96 : TCP/IP Network Administration, 4.7. netconfig
slash (/)
/ flag : sendmail, 30.8. Alphabetized F= Flags
character in alias
sendmail, 24.2.2. Delivery to Files
sendmail, 25.7.3. Appending to Files
IFS separator : Practical UNIX & Internet Security, 11.5.1.2. IFS attacks
root directory
Practical UNIX & Internet Security, 5.1.1. Directories
(see also root directory)
slattach command : TCP/IP Network Administration, 6.4.1. slattach
slave directive
DNS & BIND, F.1.7. slave
TCP/IP Network Administration, C.2. named.boot Configuration Commands
Slave mode (uucico) : Practical UNIX & Internet Security, 15.1.4. How the UUCP Commands Work
slave/secondary name servers
DNS & BIND, 2.4.2. Types of Name Servers
DNS & BIND, 4.8. Running a Slave Name Server
Practical UNIX & Internet Security, 19.4. Sun's Network Information Service (NIS)
TCP/IP Network Administration, 3.3.4. BIND, resolver, and named
TCP/IP Network Administration, 4.4.1. Obtaining a Domain Name
TCP/IP Network Administration, 8.1.1. BIND Configurations
TCP/IP Network Administration, C.2. named.boot Configuration Commands
(see also NIS)
adding
DNS & BIND, 8.2.1. Primary Master and Slave Servers
DNS & BIND, 9.4.6. Adding a movie.edu Slave
checking zone (debugging example) : DNS & BIND, 12.3.4. A Slave Name Server Checking Its Zone (Debug Level 1)
configuring : TCP/IP Network Administration, 8.3.1.2. Primary and secondary server configurations
forwarders and : DNS & BIND, 10.7. Building Up a Large Site-wide Cache with Forwarders
loading from other slaves : DNS & BIND, 8.2.1. Primary Master and Slave Servers
multiple : DNS & BIND, 4.8.3. Multiple Master Servers
mutual data infection : DNS & BIND, 13.6.8.3. Mutual infection
organizing db files of : DNS & BIND, 7.3.1. Using Several Directories
partial-slave servers : DNS & BIND, 8.2.3. Partial-Slave Servers
serial number : DNS & BIND, 7.2.2. SOA Serial Numbers
setting up : DNS & BIND, 9.4.3. An fx.movie.edu Slave
unable to load zone data : DNS & BIND, 13.3.3. 3. Slave Server Can't Load Zone Data
zone change notification
DNS & BIND, 3.1. Getting BIND
DNS & BIND, 10.2. DNS NOTIFY (Zone Change Notification)
zone transfers and : DNS & BIND, 7.1. BIND Name Server Signals
SLIP (Serial Line Internet Protocol)
Practical UNIX & Internet Security, 14.5. Modems and UNIX
Practical UNIX & Internet Security, 16.2. IPv4: The Internet Protocol Version 4
TCP/IP Network Administration, 1.7. Application Layer
TCP/IP Network Administration, 5.2. Linux Kernel Configuration
TCP/IP Network Administration, 5.3.1.2. Pseudo-device
TCP/IP Network Administration, 6.2.1. The Serial Protocols
END character : TCP/IP Network Administration, 6.2.1. The Serial Protocols
ESC character : TCP/IP Network Administration, 6.2.1. The Serial Protocols
installing : TCP/IP Network Administration, 6.4. Installing SLIP
server configuration : TCP/IP Network Administration, 6.4.3. SLIP Server Configuration
slocal program : sendmail, 25.7.5.3. The slocal program
slow convergence : TCP/IP Network Administration, 7.4.1.1. Running RIP with routed
Smail3.x : sendmail, 18.1. To Use or Not to Use
Small Business Community Nationwide (SBA CERT) : Practical UNIX & Internet Security, F.3.4.31. Small Business Association
smap package
Building Internet Firewalls, 8.1.1.3. Improving SMTP
Practical UNIX & Internet Security, 17.3.4.1. sendmail and security
smart cards, firewalls : Practical UNIX & Internet Security, 21.5. Special Considerations
smart hosts
sendmail, 19.6. Alphabetized m4 Macros
sendmail, 29.6.4. Forwarding to a Knowledgeable Host
sendmail, 31.10. Alphabetized Reference
SMART_HOST macro (m4)
sendmail, 19.6. Alphabetized m4 Macros
sendmail, 31.10. Alphabetized Reference
SMI (Structure of Management Information) : TCP/IP Network Administration, 11.9. Simple Network Management Protocol
smit tool : Practical UNIX & Internet Security, 8.8.2. Constraining Passwords
smoke and smoking : Practical UNIX & Internet Security, 12.2.1.2. Smoke
smrsh program
sendmail, 19.6. Alphabetized m4 Macros
sendmail, 22.8.2. The smrsh Program
SMTP (Simple Mail Transfer Protocol)
Building Internet Firewalls, 2.1. Electronic Mail
Building Internet Firewalls, 5.6. Selecting Services Provided by the
Building Internet Firewalls, 7.5. Proxying Without a Proxy Server
Building Internet Firewalls, 8.1.1. Simple Mail Transfer Protocol
Practical UNIX & Internet Security, 17.3.4. Simple Mail Transfer Protocol (SMTP) (TCP Port 25)
Practical UNIX & Internet Security, 17.3.4.3. Improving the security of Berkeley sendmail V8
sendmail, 4.2. Verbose (-v)
sendmail, 18.8. Alphabetized Reference
TCP/IP Network Administration, 1.7. Application Layer
TCP/IP Network Administration, 3.4.1. Simple Mail Transfer Protocol
commands, listed : TCP/IP Network Administration, 3.4.1. Simple Mail Transfer Protocol
configuring
firewalls and : Building Internet Firewalls, 8.1.1.6. Configuring SMTP to
in screened host architecture : Building Internet Firewalls, 9.2.1.3. SMTP
in screened subnet architecture : Building Internet Firewalls, 9.1.1.3. SMTP
EHLO command
sendmail, 4.2. Verbose (-v)
sendmail, 34.8. Alphabetized Reference
ESMTP (Extended SMTP)
TCP/IP Network Administration, 3.4.3. Multipurpose Internet Mail Extensions
TCP/IP Network Administration, 10.8. Testing sendmail.cf
private extensions to : TCP/IP Network Administration, 3.4.3. Multipurpose Internet Mail Extensions
ETRN command : sendmail, 23.6.2.4. Process the queue via ESMTP ETRN
EXPN command
sendmail, 22.3.2. SMTP vrfy and expn
sendmail, 22.8.3.5. The PrivacyOptions option
Extended : (see ESMTP)
forging mail with : sendmail, 22.7.2. Forging with SMTP
greeting message : sendmail, 31.10. Alphabetized Reference
HELO command
sendmail, 18.8. Alphabetized Reference
sendmail, 30.8. Alphabetized F= Flags
sendmail, 34.8. Alphabetized Reference
incoming connection rate : sendmail, 34.8. Alphabetized Reference
MAIL command
sendmail, 29.10.1. The check_mail Rule Set
sendmail, 34.8. Alphabetized Reference
multiple connections : sendmail, 34.8. Alphabetized Reference
multiple timeouts : sendmail, 34.8. Alphabetized Reference
RCPT command
sendmail, 23.9. The qf File Internals
sendmail, 29.10.2. The check_rcpt Rule Set
sendmail, 36.7. Alphabetized Reference
refusing on high load : sendmail, 34.8. Alphabetized Reference
running on stdin : sendmail, 36.7. Alphabetized Reference
sendmail and : TCP/IP Network Administration, 10.1. sendmail's Function
service extensions to : TCP/IP Network Administration, 3.4.3. Multipurpose Internet Mail Extensions
SMTP probes : sendmail, 22.3. SMTP Probes
standardizing on : TCP/IP Network Administration, 4.5.3. Planning Your Mail System
status codes : sendmail, B.1. Status file lines
for UNIX : (see Sendmail)
VRFY command
sendmail, 22.3.2. SMTP vrfy and expn
sendmail, 22.8.3.5. The PrivacyOptions option
sendmail, 30.8. Alphabetized F= Flags
smtpd daemon : sendmail, 36.1.5. smtpd
SMTPDEBUG macro
sendmail, 18.8. Alphabetized Reference
sendmail, 22.3.1. SMTP debug
SmtpGreetingMessage option
sendmail, 31.10. Alphabetized Reference
sendmail, 34.8. Alphabetized Reference
SMTPLINELIM macro : sendmail, 18.8. Alphabetized Reference
SNA (System Network Architecture) : Practical UNIX & Internet Security, 16.4.2. SNA
SNaAns statistic : DNS & BIND, 7.6.2. Understanding the BIND Statistics
snapshots, system
Building Internet Firewalls, 13.1.5. Snapshot the System
Building Internet Firewalls, 13.4.5. Planning for Snapshots
SNEFRU algorithm : Practical UNIX & Internet Security, 6.5.4.4. SNEFRU
sniffing
Building Internet Firewalls, 1.2.1.3. Information Theft
Building Internet Firewalls, 10.1.2. Packet Sniffing
Building Internet Firewalls, 10.3.1. One-Time Passwords
Practical UNIX & Internet Security, 1.4.3. Add-On Functionality Breeds Problems
Practical UNIX & Internet Security, 3. Users and Passwords
Practical UNIX & Internet Security, 8.7. One-Time Passwords
Practical UNIX & Internet Security, 17.3.3. TELNET (TCP Port 23)
(see also eavesdropping)
network : Practical UNIX & Internet Security, 16.3. IP Security
packet
Building Internet Firewalls, 10.1.2. Packet Sniffing
Practical UNIX & Internet Security, 16.3.1. Link-level Security
Practical UNIX & Internet Security, 17.3.3. TELNET (TCP Port 23)
SNK-004 card, TIS FWTK : Building Internet Firewalls, 10.3.3. Challenge-Response Schemes
SNMP (Simple Network Management Protocol)
Building Internet Firewalls, 2.10. Network Management Services
Practical UNIX & Internet Security, 17.3.15. Simple Network Management Protocol (SNMP) (UDP Ports
TCP/IP Network Administration, 11.9. Simple Network Management Protocol
configuring : Building Internet Firewalls, 8.12.1. Simple Network Management
statement (in gated) : TCP/IP Network Administration, B.8.7. The snmp Statement
snoop
Practical UNIX & Internet Security, 24.2.3. Monitoring the Intruder
TCP/IP Network Administration, 11.2. Diagnostic Tools
TCP/IP Network Administration, 11.7. Analyzing Protocol Problems
detailed analysis with : TCP/IP Network Administration, 11.3. Testing Basic Connectivity
snuffle program : Building Internet Firewalls, 5.8.2.2. How to disable services
SNXD statistic : DNS & BIND, 7.6.2. Understanding the BIND Statistics
SOA records
DNS & BIND, 3.2.1. Where in the World Do I Fit?
DNS & BIND, 3.2.2.1. The us domain
DNS & BIND, 4.2.1. The db Files
DNS & BIND, 4.2.3. SOA Records
DNS & BIND, 4.8.4. SOA Values
DNS & BIND, 7.2.2. SOA Serial Numbers
DNS & BIND, 14.1.1. A Typical Problem
DNS & BIND, A.1.2.14. SOA start of authority
sendmail, 15.3. MX Records
TCP/IP Network Administration, 8.3.2. Standard Resource Records
TCP/IP Network Administration, 8.3.4. The named.local File
TCP/IP Network Administration, 8.3.5. The Reverse Domain File
TCP/IP Network Administration, 8.3.6. The named.hosts File
TCP/IP Network Administration, 11.6.1. Some systems work, others don't
TCP/IP Network Administration, C.3.1.1. Start of Authority record
acceptable characters for : DNS & BIND, 4.5. Host Name Checking (BIND 4.9.4 and Later Versions)
changing values in : DNS & BIND, 8.4.1. Changing Other SOA Values
getting serial numbers for (example)
DNS & BIND, 14.2.8. A Sample Program: check_soa
DNS & BIND, 14.3.6. A Perl Version of check_soa
no NS records for : DNS & BIND, 13.5.2. Name Server Reports No NS Record for SOA MNAME
queries statistic : DNS & BIND, 7.6.2. Understanding the BIND Statistics
TTLs in : DNS & BIND, 8.4. Changing TTLs
sockets
Building Internet Firewalls, C.12.3. Sockets
TCP/IP Network Administration, 1.2. A Data Communications Model
TCP/IP Network Administration, 2.7.3. Sockets
descriptors : DNS & BIND, 12.3.1. Name Server Startup (Debug Level 1)
pairs : TCP/IP Network Administration, 2.7.3. Sockets
types of : TCP/IP Network Administration, 5.4. The Internet Daemon
Socket.pm (Perl debugging tool) : DNS & BIND, 12.5. Tools
SOCKS package
Building Internet Firewalls, 7.6. Using SOCKS for
Building Internet Firewalls, B.4.2. SOCKS
Practical UNIX & Internet Security, E.4.8. SOCKS
TCP/IP Network Administration, 12.7.1. Functions of the firewall
(see proxy servers/services)
functions : Building Internet Firewalls, 7.6. Using SOCKS for
HTTP proxying on
in screened subnet architecture : Building Internet Firewalls, 9.1.1.5. HTTP
modified finger service : Building Internet Firewalls, 8.8.1.2. Proxying characteristics of finger
soft disk quotas : Practical UNIX & Internet Security, 25.2.2.5. Using quotas
software
to automatically monitor the system : Building Internet Firewalls, 5.9.2. Consider Writing Software to Automate Monitoring
for backups
Practical UNIX & Internet Security, 7.4. Software for Backups
Practical UNIX & Internet Security, 7.4.7. inode Modification Times
for checking integrity : Practical UNIX & Internet Security, 19.5.5. NIS+ Limitations
checking new
Practical UNIX & Internet Security, 8.1.5.2. Checking new software
Practical UNIX & Internet Security, 11.1.2. Back Doors and Trap Doors
consistency of : Practical UNIX & Internet Security, 2.1. Planning Your Security Needs
distributing : (see FTP)
exporting : Practical UNIX & Internet Security, 26.4.1. Munitions Export
failure of : Practical UNIX & Internet Security, 7.1.1.1. A taxonomy of computer failures
firewall : DNS & BIND, 15.4.1. Types of Firewall Software
hacker challenges : Practical UNIX & Internet Security, 27.2.4. Hacker Challenges
installing on machine : Building Internet Firewalls, 5.8.4. Reconfiguring for Production
keeping updated : TCP/IP Network Administration, 12.3.2. Keep Software Updated
logic bombs : Practical UNIX & Internet Security, 11.1.3. Logic Bombs
name server : DNS & BIND, 8.1.1. Where Do I Put My Name Servers?
outdated, security problems with : TCP/IP Network Administration, 12.2. User Authentication
patches for, logging : Practical UNIX & Internet Security, 10.7.2.2. Informational material
patents : Practical UNIX & Internet Security, 6.7.1. Cryptography and the U.S. Patent System
proxying
Building Internet Firewalls, 4.1.2. Proxy Services
Building Internet Firewalls, 7.1.2.1. Proxy services lag behind nonproxied services
Building Internet Firewalls, 7.2. How Proxying Works
(see also proxy servers/services)
quality of
Practical UNIX & Internet Security, 1.4.2. Software Quality
Practical UNIX & Internet Security, 1.4.3. Add-On Functionality Breeds Problems
removing unnecessary : TCP/IP Network Administration, 12.3.1. Remove Unnecessary Software
router : (see routers and routing)
stolen (pirated)
Practical UNIX & Internet Security, 17.3.2.6. Setting up anonymous FTP with the standard UNIX FTP
Practical UNIX & Internet Security, 26.4.2.1. Software piracy and the SPA
stored via FTP : Practical UNIX & Internet Security, 17.3.2.6. Setting up anonymous FTP with the standard UNIX FTP
testing : Practical UNIX & Internet Security, 1.4.2. Software Quality
vendor license agreements : Practical UNIX & Internet Security, 18.5.2. Trusting Your Software Vendor
viruses
Building Internet Firewalls, 1.4.2.4. A firewall can't protect against
Practical UNIX & Internet Security, 11.1.5. Viruses
worms : Practical UNIX & Internet Security, 11.1.6. Worms
software error : sendmail, 36.5.7. EX_SOFTWARE An Internal Software Error
Software Publishers Association (SPA) : Practical UNIX & Internet Security, 26.4.2.1. Software piracy and the SPA
Software Security Response Team (SSRT) : Practical UNIX & Internet Security, F.3.4.9. DEC (Digital Equipment Corporation)
Solaris operating system
DNS & BIND, 6.4.2. Sun's Solaris 2.x
DNS & BIND, 6.4.2.1. nscd
Practical UNIX & Internet Security, 1.3. History of UNIX
Practical UNIX & Internet Security, 8.7.1. Integrating One-time Passwords with UNIX
sendmail, 18.8. Alphabetized Reference
sendmail, D. Sun Enhancements
TCP/IP Network Administration, UNIX Versions
TCP/IP Network Administration, 2.5. The Routing Table
TCP/IP Network Administration, 2.7.1. Protocol Numbers
TCP/IP Network Administration, 3.4.3. Multipurpose Internet Mail Extensions
TCP/IP Network Administration, 3.5.1. Reverse Address Resolution Protocol
TCP/IP Network Administration, 5.1. Kernel Configuration
TCP/IP Network Administration, 10.2. Running sendmail as a Daemon
/etc/logindevperm : Practical UNIX & Internet Security, 17.3.21.1. /etc/fbtab and /etc/logindevperm
ifconfig command on
TCP/IP Network Administration, 6.1.2. Checking the Interface with ifconfig
TCP/IP Network Administration, 6.1.5.3. Metric
Line Printer (LP) print service in : TCP/IP Network Administration, 9.2.2. Solaris Line Printer Service
process limit : Practical UNIX & Internet Security, 25.2.1.1. Too many processes
remounting filesystems on : TCP/IP Network Administration, 9.1.3.2. The vfstab and fstab files
Secure RPC time window : Practical UNIX & Internet Security, 19.3.1.3. Setting the window
sharing directories on : TCP/IP Network Administration, 9.1.2.1. The share command
obtaining information about : TCP/IP Network Administration, 9.1.3. Mounting Remote Filesystems
/var/adm/loginlog file : Practical UNIX & Internet Security, 10.1.4. loginlog File
wtmpx file : Practical UNIX & Internet Security, 10.1.2. utmp and wtmp Files
sorting addresses
DNS & BIND, 10.5. Name Server Address Sorting
DNS & BIND, 10.5.4. Multiple Sortlist Entries
sorting by priority : (see priority, message)
sorting queue
sendmail, 34.8. Alphabetized Reference
(see also queue)
sortlist directive
DNS & BIND, 6.1.5. The sortlist Directive
DNS & BIND, 6.3.1. Differences in Service Behavior
DNS & BIND, 10.5.2. Remote Multihomed Hosts
DNS & BIND, F.1.6. sortlist
DNS & BIND, F.2.5. sortlist (4.9.3 and later versions)
TCP/IP Network Administration, 8.2.1. The Resolver Configuration File
source address : Building Internet Firewalls, 6.6.1. Risks of Filtering by Source
source code
BIND
DNS & BIND, 3.1. Getting BIND
DNS & BIND, B.1. Get the Source Code
db library package : sendmail, C.2. Get the Source
keeping secret : Practical UNIX & Internet Security, 2.5. The Problem with Security Through Obscurity
obtaining (sendmail)
sendmail, 2.1. Get the Source
sendmail, 18.3. Obtain the Source
Source Code Control System (SCCS)
Practical UNIX & Internet Security, 7.3.2. Building an Automatic Backup System
TCP/IP Network Administration, 10.4.1.1. Building a sendmail.cf with m4 macros
source port
filtering by : Building Internet Firewalls, 6.7.4. Risks of Filtering by Source
number
TCP/IP Network Administration, 1.6.1. User Datagram Protocol
TCP/IP Network Administration, 1.6.2. Transmission Control Protocol
Source Quench Message : TCP/IP Network Administration, 1.5.2. Internet Control Message Protocol
source routing
Building Internet Firewalls, 5.8.2.5. Turning off routing
Building Internet Firewalls, 6.3.2.1. IP options
sendmail, 18.8. Alphabetized Reference
TCP/IP Network Administration, 5.2. Linux Kernel Configuration
sourcegateways : TCP/IP Network Administration, B.8.2. The rip Statement
SPA (Software Publishers Association) : Practical UNIX & Internet Security, 26.4.2.1. Software piracy and the SPA
space : (see whitespace)
space as RR names : DNS & BIND, 4.4.3. Repeat Last Name
Spaf's first principle : Practical UNIX & Internet Security, 2.4.4.5. Have authority commensurate with responsibility
spams : sendmail, 20.2.6. Reject Mail from Spamming or Mail-bombing Sites
spcl.DOMAIN file : DNS & BIND, 7.2.5. Generating the BIND Database from the Host Tables
special
aliases : sendmail, 24.4. Special Aliases
characters
sendmail, 31.3.2. Syntax of the Configuration File Macro's Text
sendmail, 35.3. Header Field Contents
sendmail, 35.3.4.1. Balancing special characters
delivery precedence : sendmail, 14.4. Precedence
operators : (see wildcard operators)
rule sets : (see rule sets)
special option : DNS & BIND, 8.2.1. Primary Master and Slave Servers
speed, processing : Building Internet Firewalls, 5.3.2. How Fast a Machine?
spell command, UNIX : Building Internet Firewalls, 5.8.5.3. About checksums for auditing
SPF protocol
TCP/IP Network Administration, 7.4. Interior Routing Protocols
TCP/IP Network Administration, 7.4.3. Open Shortest Path First
spies
Building Internet Firewalls, 1.2.2.4. Spies (Industrial and
Practical UNIX & Internet Security, 11.3. Authors
Practical UNIX & Internet Security, 14.4.4.1. Kinds of eavesdropping
split horizon rule : TCP/IP Network Administration, 7.4.1.1. Running RIP with routed
spoofing
Practical UNIX & Internet Security, 8.5.3.1. Trusted path
Practical UNIX & Internet Security, 16.3. IP Security
Practical UNIX & Internet Security, 17.5. Monitoring Your Network with netstat
Practical UNIX & Internet Security, 19.4.4.4. Spoofing RPC
Practical UNIX & Internet Security, 19.4.4.5. Spoofing NIS
addresses : (see addresses)
spool file : Practical UNIX & Internet Security, 15.1.4. How the UUCP Commands Work
spoolers, printer : Practical UNIX & Internet Security, 12.3.4.1. Printer buffers
sprinkler systems
Practical UNIX & Internet Security, 12.2.1.1. Fire
(see also water)
Sprint response team : Practical UNIX & Internet Security, F.3.4.32. Sprint Response Team
sprintf function
Practical UNIX & Internet Security, 23.1.1. The Lesson of the Internet Worm
Practical UNIX & Internet Security, 23.2. Tips on Avoiding Security-related Bugs
SPT_TYPE macro : sendmail, 18.8. Alphabetized Reference
src directory : sendmail, 2.3. What's What in src
srchlist option (nslookup) : DNS & BIND, 11.3. Option Settings
SRI-NIC host : DNS & BIND, 1.2.1. The History of the Domain Name System
SRV records : DNS & BIND, 15.7.6. SRV
sscanf function : Practical UNIX & Internet Security, 23.2. Tips on Avoiding Security-related Bugs
ssh (secure shell) : TCP/IP Network Administration, 12.2.6. Secure Shell
.ssh/identity.pub : TCP/IP Network Administration, 12.2.6. Secure Shell
.ssh_known_hosts file : TCP/IP Network Administration, 12.2.6. Secure Shell
ssh-keygen : TCP/IP Network Administration, 12.2.6. Secure Shell
SSL (Secure Socket Layer) : Practical UNIX & Internet Security, 18.4.1. Eavesdropping Over the Wire
SSRT (Software Security Response Team) : Practical UNIX & Internet Security, F.3.4.9. DEC (Digital Equipment Corporation)
SSysQ statistic : DNS & BIND, 7.6.2. Understanding the BIND Statistics
stab database class : sendmail, 33.8. Alphabetized Reference
stack size limit : DNS & BIND, 10.4.2.2. Changing the stack size limit
stacks : (see protocols, stack)
staff limitations : TCP/IP Network Administration, 4.2.2. Defining the Subnet Mask
Stallman, Richard : Practical UNIX & Internet Security, 1. Introduction
standard resource records (RRs)
TCP/IP Network Administration, 8.3.2. Standard Resource Records
TCP/IP Network Administration, C.3.1. Standard Resource Records
start bit
Practical UNIX & Internet Security, 14.1. Modems: Theory of Operation
Practical UNIX & Internet Security, 14.2. Serial Interfaces
Start of Authority : (see SOA records)
start of authority records : (see SOA records)
"starting" message
DNS & BIND, 4.7.2. Check for Syslog Errors
DNS & BIND, 7.6.1. Common Syslog Messages
startup command : Practical UNIX & Internet Security, 10.2.1. Accounting with System V UNIX
attacks via
Practical UNIX & Internet Security, 11.5.2. Start-up File Attacks
Practical UNIX & Internet Security, 11.5.2.7. Other initializations
intruder's changes to : Practical UNIX & Internet Security, 24.4.1.6. Changes to startup files
startup files : DNS & BIND, 4.7.4. Editing the Startup Files
startup operating mode : sendmail, 31.10. Alphabetized Reference
startup script
Building Internet Firewalls, 5.8.2.1. How are services managed?
TCP/IP Network Administration, 7.3.1.1. Installing static routes at startup
TCP/IP Network Administration, 8.3.6.1. Starting named
stat function : Practical UNIX & Internet Security, 5.4. Using Directory Permissions
stat= equate (syslog output) : sendmail, 26.1.3.11. stat= status of delivery
state law enforcement : Practical UNIX & Internet Security, 26.2.1. The Local Option
state-level domains : DNS & BIND, 2.2.2. Further Down
stateless : Practical UNIX & Internet Security, 20.1.4.3. Connectionless and stateless
static
assignment of addresses : TCP/IP Network Administration, 4.2.1.1. Assigning host addresses
circumstances favoring : TCP/IP Network Administration, 4.3. Planning Routing
electricity : Practical UNIX & Internet Security, 12.2.1.8. Electrical noise
links : Practical UNIX & Internet Security, 23.4. Tips on Writing SUID/SGID Programs
routing
TCP/IP Network Administration, 4.3. Planning Routing
TCP/IP Network Administration, 7.1. Common Routing Configurations
TCP/IP Network Administration, 12.7.2. Routing control
adding routes : TCP/IP Network Administration, 7.3.1. Adding Static Routes
building tale for : TCP/IP Network Administration, 7.3. Building a Static Routing Table
installing routes at startup : TCP/IP Network Administration, 7.3.1.1. Installing static routes at startup
statements (in gated) : TCP/IP Network Administration, B.9. static Statements
statistics
DNS & BIND, 7.6.1. Common Syslog Messages
DNS & BIND, 7.6.2. Understanding the BIND Statistics
sendmail, 26.2. Statistics
cron program and : sendmail, 26.2.3. Using cron for Daily and Weekly Statistics
frequency of statistics dumps : DNS & BIND, 10.4.3.3. Statistics interval
specifying file for : sendmail, 34.8. Alphabetized Reference
StatusFile option and : sendmail, 22.4.5. The S Option and the Statistics File
syslog utility and : sendmail, 26.1.4. Gathering Statistics from syslog
statistics data category (logging) : DNS & BIND, 7.5.3. Category Details
"Status:" header line : sendmail, B.1. Status file lines
status monitor daemon : TCP/IP Network Administration, 9.1.1. NFS Daemons
status, sendmail : sendmail, B.1. Status file lines
StatusFile (S) option
sendmail, 22.4.5. The S Option and the Statistics File
sendmail, 26.2.1. The sendmail.st File
sendmail, 34.8. Alphabetized Reference
stderr channel (logging) : DNS & BIND, 7.5.2.4. Stderr channel
stdin, running SMTP on : sendmail, 36.7. Alphabetized Reference
STDIR= directive : sendmail, 18.4.8. STDIR=
Steele, Guy L. : Practical UNIX & Internet Security, 1. Introduction
sticky bits
Practical UNIX & Internet Security, 5.5.1. SUID, SGID, and Sticky Bits
Practical UNIX & Internet Security, 5.5.6. SGID and Sticky Bits on Directories
stickyhost feature : sendmail, 19.6. Alphabetized m4 Macros
stolen property : (see theft)
stop bit
Practical UNIX & Internet Security, 14.1. Modems: Theory of Operation
Practical UNIX & Internet Security, 14.2. Serial Interfaces
storage
Practical UNIX & Internet Security, 12.3.4. Protecting Local Storage
Practical UNIX & Internet Security, 12.3.4.5. Function keys
store-and-forward protocols
Building Internet Firewalls, 7.5. Proxying Without a Proxy Server
TCP/IP Network Administration, 3.4.1. Simple Mail Transfer Protocol
strcpy routine : Practical UNIX & Internet Security, 23.1.1. The Lesson of the Internet Worm
streadd function : Practical UNIX & Internet Security, 23.2. Tips on Avoiding Security-related Bugs
stream
TCP/IP Network Administration, 1.3. TCP/IP Protocol Architecture
TCP/IP Network Administration, 5.4. The Internet Daemon
strecpy function : Practical UNIX & Internet Security, 23.2. Tips on Avoiding Security-related Bugs
strength, cryptographic : Practical UNIX & Internet Security, 6.2.3. Cryptographic Strength
of DES algorithm
Practical UNIX & Internet Security, 6.4.4.3. DES strength
Practical UNIX & Internet Security, 6.4.5.2. Triple DES
of RSA algorithm : Practical UNIX & Internet Security, 6.4.6.3. Strength of RSA
string command : Practical UNIX & Internet Security, 12.3.5.2. X screen savers
string values, in printcap parameters : TCP/IP Network Administration, 9.2.1. The printcap File
string-type arguments : sendmail, 34.5. Option Argument Types
strings command : sendmail, 33.1. Enable at Compile Time
stripping
character high bit : sendmail, 30.8. Alphabetized F= Flags
comments from headers : sendmail, 30.8. Alphabetized F= Flags
newlines from "From:" headers : sendmail, 34.8. Alphabetized Reference
quotation marks
sendmail, 30.8. Alphabetized F= Flags
sendmail, 33.3.4.9. -q don't strip quotes from key (V8.7 and above)
strtrns function : Practical UNIX & Internet Security, 23.2. Tips on Avoiding Security-related Bugs
Structure of Management Information (SMI) : TCP/IP Network Administration, 11.9. Simple Network Management Protocol
stub areas
TCP/IP Network Administration, 7.4.3. Open Shortest Path First
TCP/IP Network Administration, B.8.1. The ospf Statement
stub directive : DNS & BIND, F.1.9. stub (4.9.3)
stub resolvers : DNS & BIND, 2.5. Resolvers
managing delegation : DNS & BIND, 9.6.2.1. Another way to manage delegation: stubs
stuck locks : sendmail, 23.2.3.3. Locks can get stuck
su command
Practical UNIX & Internet Security, 4.2.1.2. Superuser is not for casual use
Practical UNIX & Internet Security, 4.3. su: Changing Who You Claim to Be
Practical UNIX & Internet Security, 4.3.8. Other Uses of su
becoming superuser : Practical UNIX & Internet Security, 4.3.4. Becoming the Superuser
log of failed attempts : Practical UNIX & Internet Security, 4.3.7. The Bad su Log
sulog file
Practical UNIX & Internet Security, 10.1. The Basic Log Files
Practical UNIX & Internet Security, 10.3.2. sulog Log File
utmp and wtmp files and : Practical UNIX & Internet Security, 10.1.2.1. su commandutmp and wtmp files andsu
subdomains
DNS & BIND, 2.1.2. Domains
TCP/IP Network Administration, 3.3.2. Creating Domains and Subdomains
TCP/IP Network Administration, 8.3.5. The Reverse Domain File
(see also domains; parenting)
choosing : DNS & BIND, 3.2.1. Where in the World Do I Fit?
delegating : DNS & BIND, 2.4. Name Servers and Zones
how to read : DNS & BIND, 2.2.3. Reading Domain Names
naming
DNS & BIND, 3.2.2.1. The us domain
sendmail, 7.3.1. The hostname
sendmail, 12.1.7. Adding the Domain
(see also $m macro)
non-U.S. : DNS & BIND, 2.2.2. Further Down
SOA records
DNS & BIND, 3.2.1. Where in the World Do I Fit?
DNS & BIND, 3.2.2.1. The us domain
DNS & BIND, 4.2.1. The db Files
DNS & BIND, 4.2.3. SOA Records
DNS & BIND, 4.8.4. SOA Values
acceptable characters for : DNS & BIND, 4.5. Host Name Checking (BIND 4.9.4 and Later Versions)
"Subject:" header line
sendmail, 1.6. The Body
sendmail, 35.10. Alphabetized Reference
subnets
DNS & BIND, 6.1.5. The sortlist Directive
DNS & BIND, 6.3.1. Differences in Service Behavior
DNS & BIND, 10.5.2. Remote Multihomed Hosts
DNS & BIND, 10.5.3. Address Sorting on Subnetted Networks
DNS & BIND, F.1.6. sortlist
DNS & BIND, F.2.5. sortlist (4.9.3 and later versions)
Building Internet Firewalls, C.9.2. Subnets
Practical UNIX & Internet Security, 16.2.1.2. Classical network addresses
TCP/IP Network Administration, 2.3. Subnets
TCP/IP Network Administration, 3.3.2. Creating Domains and Subdomains
administration of : TCP/IP Network Administration, 12.1.2.1. Use subnets to distribute control
architecture, screened
Building Internet Firewalls, 4.2.3. Screened Subnet Architecture
Building Internet Firewalls, 9.1. Screened Subnet Architecture
enterprise : (see enterprise)
for distributing control : TCP/IP Network Administration, 12.1.2.1. Use subnets to distribute control
mask (sm)
TCP/IP Network Administration, 2.3. Subnets
TCP/IP Network Administration, 4. Getting Started
TCP/IP Network Administration, 6.1. The ifconfig Command
assigning
TCP/IP Network Administration, 6.1.3. Assigning a Subnet Mask
TCP/IP Network Administration, A.1.1. The dip Script File
defining : TCP/IP Network Administration, 4.2.2. Defining the Subnet Mask
misconfigured : TCP/IP Network Administration, 11.4.1. Troubleshooting with the ifconfig Command
parameter : TCP/IP Network Administration, 9.4. A BOOTP Server
movement among : TCP/IP Network Administration, 3.6.1. Dynamic Host Configuration Protocol
on/off octet boundaries : DNS & BIND, 9.5.1. Subnetting on an Octet Boundary
reasons for : TCP/IP Network Administration, 4.2.2. Defining the Subnet Mask
statements, in dhcpd : TCP/IP Network Administration, 9.5.1. dhcpd.conf
subroutines, rules as : sendmail, 28.6.4. Rewrite Through Another Rule Set: $>set
subscribing : TCP/IP Network Administration, 13.5. Mailing Lists
substitution (in encryption) : Practical UNIX & Internet Security, 6.1.2. Cryptography and Digital Computers
subtypes : TCP/IP Network Administration, 3.4.3. Multipurpose Internet Mail Extensions
success data, DSN delivery : sendmail, 30.5.2.1. The $@ dsn part
successful lookups (debugging example) : DNS & BIND, 12.3.2. A Successful Lookup (Debug Level 1)
suid root : (see root account/user)
SUID/SGID programs
Practical UNIX & Internet Security, 4.3.1. Real and Effective UIDs
Practical UNIX & Internet Security, 5.5. SUID
Practical UNIX & Internet Security, 5.5.7. SGID Bit on Files (System V UNIX Only): Mandatory
Practical UNIX & Internet Security, 23. Writing Secure SUID and Network Programs
Practical UNIX & Internet Security, B.3. SUID and SGID Files
back door via : Practical UNIX & Internet Security, 11.1.2. Back Doors and Trap Doors
chown command and : Practical UNIX & Internet Security, 5.7. chown: Changing a File's Owner
chroot call and : Practical UNIX & Internet Security, 8.1.5.2. Checking new software
created by intruders : Practical UNIX & Internet Security, 24.4.1.3. New SUID and SGID files
on directories : Practical UNIX & Internet Security, 5.5.6. SGID and Sticky Bits on Directories
disabling (turning off) : Practical UNIX & Internet Security, 5.5.5. Turning Off SUID and SGID in Mounted Filesystems
finding all files
Practical UNIX & Internet Security, 5.5.4. Finding All of the SUID and SGID Files
Practical UNIX & Internet Security, 5.5.4.1. The ncheck command
shell scripts
Practical UNIX & Internet Security, 5.5.3. SUID Shell Scripts
Practical UNIX & Internet Security, 5.5.3.2. Another SUID example: IFS and the /usr/lib/preserve
uucp access : Practical UNIX & Internet Security, 15.3. UUCP and Security
writing : Practical UNIX & Internet Security, 23.4. Tips on Writing SUID/SGID Programs
SUID_ROOT_FILES_OK macro : sendmail, 18.8. Alphabetized Reference
suing : (see civil actions)
sulog file
Practical UNIX & Internet Security, 4.3.7. The Bad su Log
Practical UNIX & Internet Security, 10.3.2. sulog Log File
sum command
Practical UNIX & Internet Security, 6.5.5.1. Checksums
Practical UNIX & Internet Security, 9.2.3. Checksums and Signatures
Sun Microsystems
Practical UNIX & Internet Security, F.3.4.34. Sun Microsystems
TCP/IP Network Administration, UNIX Versions
TCP/IP Network Administration, 3.3.5. Network Information Service
TCP/IP Network Administration, 3.7.1. File Sharing
TCP/IP Network Administration, 9.3. Network Information Service
TCP/IP Network Administration, 10.6.1. Pattern Matching
enhancements to sendmail : sendmail, D. Sun Enhancements
NIS : (see NIS)
NIS+ on : (see NIS+)
RPC : (see RPCs)
vendor specification : sendmail, 27.5.1. The vendor
Sun's Solaris 2.x : DNS & BIND, 6.4.2. Sun's Solaris 2.x
SUN-DES-1 authentication : Practical UNIX & Internet Security, 17.3.21.3. The xhost facility
SunOS 4.x
DNS & BIND, 6.4.1. Sun's SunOS 4.x
DNS & BIND, 13.5.6. SunOS Resolver Is Configured, but Host Doesn't Use DNS
SunOS operating system : Practical UNIX & Internet Security, 1.3. History of UNIX
authdes_win variable : Practical UNIX & Internet Security, 19.3.1.3. Setting the window
/etc/fbtab file : Practical UNIX & Internet Security, 17.3.21.1. /etc/fbtab and /etc/logindevperm
TFTP sand : Practical UNIX & Internet Security, 17.3.7. Trivial File Transfer Protocol (TFTP) (UDP Port 69)
trusted hosts and : Practical UNIX & Internet Security, 17.3.18.5. Searching for .rhosts files
superencryption : Practical UNIX & Internet Security, 6.4.5. Improving the Security of DES
supernetting : TCP/IP Network Administration, 2.2.2. Classless IP Addresses
SuperSafe (s) option
sendmail, 23.6.1. Periodically with -q
sendmail, 34.8. Alphabetized Reference
superusers
Practical UNIX & Internet Security, 4. Users, Groups, and the Superuser
Practical UNIX & Internet Security, 4.2.1. The Superuser
Practical UNIX & Internet Security, 4.2.1.5. The problem with the superuser
(see also root account/user)
becoming with su : Practical UNIX & Internet Security, 4.3.4. Becoming the Superuser
changing passwords
Practical UNIX & Internet Security, 8.4.1. Changing an Account's Password
Practical UNIX & Internet Security, 8.8.8. Disabling an Account by Changing Its Password
encryption and : Practical UNIX & Internet Security, 6.2.4. Why Use Encryption with UNIX?
logging attempts to become : (see sulog file)
privileges
Practical UNIX & Internet Security, 27.1.3. What the Superuser Can and Cannot Do
TCP/IP Network Administration, 8.3.3. The Cache Initialization File
TCP/IP Network Administration, 9.3. Network Information Service
TCP/IP Network Administration, B.1. The gated Command
problems with : Practical UNIX & Internet Security, 4.2.1.5. The problem with the superuser
restrictions on : Practical UNIX & Internet Security, 4.2.1.4. What the superuser can't do
TCB files : Practical UNIX & Internet Security, 8.5.3.2. Trusted computing base
using passwd command : Practical UNIX & Internet Security, 3.5. Verifying Your New Password
web server as : Practical UNIX & Internet Security, 18.2.1. The Server's UID
supporting Internet services : (see network services)
suppressing header lines : sendmail, 20.3. Alphabetized V8.8 Subroutines
SURFnet : Practical UNIX & Internet Security, F.3.4.25. Netherlands: German government institutions
surges : (see power surges)
suspicious characters
sendmail, 22.8.2. The smrsh Program
sendmail, 23.3.4. Unknown Control Character in qf File
svc.conf file
DNS & BIND, 6.4.5. Digital's Digital UNIX
sendmail, 7.3.1. The hostname
svcsetup utility : DNS & BIND, 6.4.5. Digital's Digital UNIX
SVR4 (System V Release 4) : Practical UNIX & Internet Security, 1.3. History of UNIX
swap partition
Practical UNIX & Internet Security, 5.5.1. SUID, SGID, and Sticky Bits
Practical UNIX & Internet Security, 25.2.3. Swap Space Problems
SWATCH program
Building Internet Firewalls, 5.9.2. Consider Writing Software to Automate Monitoring
Building Internet Firewalls, B.6.4. SWATCH
Practical UNIX & Internet Security, 10.6. Swatch: A Log File Tool
Practical UNIX & Internet Security, 10.6.2. The Swatch Configuration File
Practical UNIX & Internet Security, E.4.9. Swatch
SWITCH : Practical UNIX & Internet Security, F.3.4.35. SWITCH-connected sites
switch database class : sendmail, 33.8. Alphabetized Reference
switched services : sendmail, 34.8. Alphabetized Reference
switches, command-line (sendmail)
sendmail, 18.2. Vendor Versus Compiling
sendmail, 36.2. Command-Line Switches
sendmail, 36.4.3. Third: Process Switches
ignoring illegal : sendmail, 36.7. Alphabetized Reference
for makemap program : sendmail, 33.2.1. makemap Command-Line Switches
switches, packet
Practical UNIX & Internet Security, 16.2. IPv4: The Internet Protocol Version 4
Practical UNIX & Internet Security, 16.3. IP Security
TCP/IP Network Administration, 1.5.1.1. The datagram
TCP/IP Network Administration, 1.7. Application Layer
(see also packets)
asymmetric : TCP/IP Network Administration, 11.4.4. Subdividing an Ethernet
switching name servers (nslookup) : DNS & BIND, 11.5.3. Switching Servers
symbol table : sendmail, 12.1.3. Class Macros in the LHS
symbolic links and permissions
Practical UNIX & Internet Security, 5.1.7. File Permissions in Detail
Practical UNIX & Internet Security, 18.2.2.2. Additional configuration issues
Practical UNIX & Internet Security, 18.3.2. Commands Within the <Directory>
symbolic name, delivery agent : sendmail, 30.2. The Symbolic Name
SymLinksIfOwnerMatch option : Practical UNIX & Internet Security, 18.3.2. Commands Within the <Directory>
symmetric encryption : (see private-key cryptography)
SYN (synchronize sequence numbers) bit
Building Internet Firewalls, C.6.2. Transmission Control Protocol
TCP/IP Network Administration, 1.6.2. Transmission Control Protocol
SYN bit : Practical UNIX & Internet Security, 16.2.4.2. TCP
sync system call
Practical UNIX & Internet Security, 5.6. Device Files
Practical UNIX & Internet Security, 8.1.3. Accounts That Run a Single Command
synchronization : TCP/IP Network Administration, 1.6.2. Transmission Control Protocol
synchronize sequence numbers (SYN) bit : TCP/IP Network Administration, 1.6.2. Transmission Control Protocol
synchronous modems : (see modems)
synchronous PPP, support for : TCP/IP Network Administration, 5.3.1.2. Pseudo-device
syntax errors
DNS & BIND, 4.7.2. Check for Syslog Errors
DNS & BIND, 13.3.5. 5. Syntax Error in the Conf File or DNS Database File
in resolv.conf file : DNS & BIND, 13.3.11. 11. Syntax Error in resolv.conf
sys (user) : Practical UNIX & Internet Security, 4.1. Users and Groups
sys_errlist : sendmail, 18.5.3. Badly defined sys_errlist
SYS_TYPE macro : sendmail, 18.8. Alphabetized Reference
sysexits.h file
sendmail, 36.5. sendmail's exit() Status
sendmail, B.1. Status file lines
syslog
Building Internet Firewalls, 5.8.1.4. Safeguard the system logs
Practical UNIX & Internet Security, 4.3.7. The Bad su Log
Practical UNIX & Internet Security, 10.5. The UNIX System Log (syslog) Facility
Practical UNIX & Internet Security, 10.5.3.1. Beware false log entries
Practical UNIX & Internet Security, 23.1.1. The Lesson of the Internet Worm
(see also logs/logging)
configuring : Building Internet Firewalls, 8.11. syslog
example output from : Building Internet Firewalls, 12.2.2. What Should You Watch For?
false log entries : Practical UNIX & Internet Security, 10.5.3.1. Beware false log entries
logging : DNS & BIND, 7.5.2.2. Syslog channels
SWATCH program with : Building Internet Firewalls, 5.9.2. Consider Writing Software to Automate Monitoring
where to log
Practical UNIX & Internet Security, 10.5.2. Where to Log
Practical UNIX & Internet Security, 10.5.2.3. Logging everything everywhere
syslog file
DNS & BIND, 4.7.2. Check for Syslog Errors
DNS & BIND, 8.1.2. Capacity Planning
Practical UNIX & Internet Security, 17.3.4.3. Improving the security of Berkeley sendmail V8
syslog messages : DNS & BIND, 7.6.1. Common Syslog Messages
syslog.conf file
Practical UNIX & Internet Security, 10.5.1. The syslog.conf Configuration File
sendmail, 26.1.2. Tuning syslog.conf
SYSLOG_BUFSIZE macro : sendmail, 18.8. Alphabetized Reference
syslogd
sendmail, 26.1.2. Tuning syslog.conf
TCP/IP Network Administration, 3.2. The Host Table
TCP/IP Network Administration, A.2. The PPP Daemon
TCP/IP Network Administration, A.3. chat
systat service : Practical UNIX & Internet Security, 17.3.1. systat (TCP Port 11)
system
(see also networks and networking)
(see also operating systems)
administration
(see administration)
(see system administration)
auditing activity on : Practical UNIX & Internet Security, 2.1. Planning Your Security Needs
autonomous : Building Internet Firewalls, C.10. Internet Routing Architecture
backing up critical files
Practical UNIX & Internet Security, 7.3. Backing Up System Files
Practical UNIX & Internet Security, 7.3.2. Building an Automatic Backup System
clock : (see system clock)
crashes, watching carefully : Building Internet Firewalls, 5.10.1. Watch Reboots Carefully
customized : Building Internet Firewalls, 13.1.6. Restore and Recover
database files : Practical UNIX & Internet Security, 1.2. What Is an Operating System?
defense, diversity of : Building Internet Firewalls, 3.7. Diversity of Defense
documenting after incident
Building Internet Firewalls, 13.1.5. Snapshot the System
Building Internet Firewalls, 13.4.5. Planning for Snapshots
failure of : Building Internet Firewalls, 3.5. Fail-Safe Stance
identity of : sendmail, 31.7.1. Macros and the System Identity
keeping up-to-date : Building Internet Firewalls, 12.3.2. Keeping Your Systems Up To Date
labeling and diagramming : Building Internet Firewalls, 13.5.2. Labeling and Diagraming Your System
logging activity : (see logs/logging)
monitoring
Building Internet Firewalls, 5.9.2. Consider Writing Software to Automate Monitoring
Building Internet Firewalls, 12.2. Monitoring Your System
operating, testing reload of : Building Internet Firewalls, 13.5.6. Testing the Reload of the Operating
OSTYPE declaration
sendmail, 16.2.2. OSTYPE
sendmail, 19.3.1. OSTYPE()
overload attacks : Practical UNIX & Internet Security, 25.2.1.2. System overload attacks
performance : (see performance)
queries : DNS & BIND, 7.6.2. Understanding the BIND Statistics
rebuilding : Building Internet Firewalls, 13.1.6. Restore and Recover
remote, commands on : Practical UNIX & Internet Security, 15.1.2. uux Command
restoring after incident : Building Internet Firewalls, 13.1.6. Restore and Recover
planning for : Building Internet Firewalls, 13.4.6. Planning for Restoration and Recovery
shutting down : Building Internet Firewalls, 13.1.2. Disconnect or Shut Down, as
startup files : DNS & BIND, 4.7.4. Editing the Startup Files
summarizing usage per user : Practical UNIX & Internet Security, 25.2.2.2. quot command
transfering files to other : Practical UNIX & Internet Security, 15.1.1. uucp Command
tuning : DNS & BIND, 10.4. System Tuning
system (in swatch program) : Practical UNIX & Internet Security, 10.6.2. The Swatch Configuration File
system administration
Practical UNIX & Internet Security, 2.4.4.5. Have authority commensurate with responsibility
TCP/IP Network Administration, 1.7. Application Layer
TCP/IP Network Administration, 3.1. Names and Addresses
avoiding conventional passwords
Practical UNIX & Internet Security, 8.8. Administrative Techniques for Conventional Passwords
Practical UNIX & Internet Security, 8.8.9. Account Names Revisited: Using Aliases for Increased
breaking forward loops : sendmail, 25.7.2. Forwarding Loops
change monitoring : Practical UNIX & Internet Security, 9.3. A Final Note
changing passwords
Practical UNIX & Internet Security, 8.4.1. Changing an Account's Password
Practical UNIX & Internet Security, 8.8.8. Disabling an Account by Changing Its Password
cleaning up /tmp directory : Practical UNIX & Internet Security, 25.2.4. /tmp Problems
contacting administrator : Practical UNIX & Internet Security, 24.2.4.2. How to contact the system administrator of a computer
controlling UUCP security : Practical UNIX & Internet Security, 15.3. UUCP and Security
detached signatures (PGP) : Practical UNIX & Internet Security, 6.6.3.6. PGP detached signatures
disabling finger system : Practical UNIX & Internet Security, 17.3.8.2. Disabling finger
discovering intruders
Practical UNIX & Internet Security, 24.2. Discovering an Intruder
Practical UNIX & Internet Security, 24.2.6. Anatomy of a Break-in
dual universes and : Practical UNIX & Internet Security, 5.9.1. Dual Universes
errors by : Practical UNIX & Internet Security, 7.1.1.1. A taxonomy of computer failures
finding largest files : Practical UNIX & Internet Security, 25.2.2.1. Disk-full attacks
immutable files and : Practical UNIX & Internet Security, 9.1.1. Immutable and Append-Only Files
locked accounts : Practical UNIX & Internet Security, 3.3. Entering Your Password
logging : (see logs/logging)
message authentication : Practical UNIX & Internet Security, 6.5.2. Using Message Digests
monitoring phantom mail : Practical UNIX & Internet Security, 17.3.4.2. Using sendmail to receive email
new passwords : Practical UNIX & Internet Security, 3.4. Changing Your Password
read-only filesystems and : Practical UNIX & Internet Security, 9.1.2. Read-only Filesystems
references on : Practical UNIX & Internet Security, D.1.11. UNIX Programming and System Administration
removing automatic backups : Practical UNIX & Internet Security, 18.2.3.5. Beware stray CGI scripts
responsibilities of administrators
TCP/IP Network Administration, 1.7. Application Layer
TCP/IP Network Administration, 4. Getting Started
TCP/IP Network Administration, 4.3. Planning Routing
TCP/IP Network Administration, 4.6. Informing the Users
TCP/IP Network Administration, 5.1. Kernel Configuration
sanitizing media : Practical UNIX & Internet Security, 12.3.2.3. Sanitize your media before disposal
statistics : sendmail, 26.1.4. Gathering Statistics from syslog
trusting : Practical UNIX & Internet Security, 27.3.2. Your System Administrator?
weakness-finding tools : Practical UNIX & Internet Security, 11.1.1. Security Tools
system call : Practical UNIX & Internet Security, 5.1.7. File Permissions in Detail
system clock
changing
Practical UNIX & Internet Security, 5.1.5. File Times
Practical UNIX & Internet Security, 9.2.3. Checksums and Signatures
Practical UNIX & Internet Security, 17.3.14. Network Time Protocol (NTP) (UDP Port 123)
for random seeds : Practical UNIX & Internet Security, 23.8. Picking a Random Seed
Secure RPC timestamp : Practical UNIX & Internet Security, 19.3.1.3. Setting the window
System Dynamics cards : Building Internet Firewalls, 10.3.2. Time-based Passwords
system files
Practical UNIX & Internet Security, 11.5.3.5. System initialization files
Practical UNIX & Internet Security, 11.6.1.2. Writable system files and directories
TCP/IP Network Administration, 5.1. Kernel Configuration
system functions
Practical UNIX & Internet Security, 5.5.3.2. Another SUID example: IFS and the /usr/lib/preserve
Practical UNIX & Internet Security, 18.2.3.2. Testing is not enough!
Practical UNIX & Internet Security, 18.2.3.3. Sending mail
Practical UNIX & Internet Security, 23.2. Tips on Avoiding Security-related Bugs
checking arguments to : Practical UNIX & Internet Security, 23.2. Tips on Avoiding Security-related Bugs
System Network Architecture (SNA) : Practical UNIX & Internet Security, 16.4.2. SNA
System V UNIX : Practical UNIX & Internet Security, 1.3. History of UNIX
accounting with : Practical UNIX & Internet Security, 10.2.1. Accounting with System V UNIX
chroot in : Practical UNIX & Internet Security, 8.1.5. Restricted Filesystem
default umask value : Practical UNIX & Internet Security, 5.3. The umask
groups and : Practical UNIX & Internet Security, 4.1.3.2. Groups and older AT&T UNIX
inittab program : Practical UNIX & Internet Security, C.5.1. Process #1: /etc/init
modems and : Practical UNIX & Internet Security, 14.5.1. Hooking Up a Modem to Your Computer
passwords : Practical UNIX & Internet Security, 8.1.1. Accounts Without Passwords
ps command with : Practical UNIX & Internet Security, C.1.2.1. Listing processes with systems derived from System
random number generators : Practical UNIX & Internet Security, 23.7.3. drand48 ( ), lrand48 ( ), and mrand48 ( )
recent login times : Practical UNIX & Internet Security, 10.1.1. lastlog File
Release 4 (SVR4) : Practical UNIX & Internet Security, 1.3. History of UNIX
restricted shells : Practical UNIX & Internet Security, 8.1.4.1. Restricted shells under System V UNIX
SGI bit on files : Practical UNIX & Internet Security, 5.5.7. SGID Bit on Files (System V UNIX Only): Mandatory
su command and : Practical UNIX & Internet Security, 4.3.6. Restricting su
SUID files, list of : Practical UNIX & Internet Security, B.3. SUID and SGID Files
utmp and wtmp files : Practical UNIX & Internet Security, 10.1.2. utmp and wtmp Files
UUCP : Practical UNIX & Internet Security, 15.4.1.3. Format of USERFILE entry without system name
/var/adm/loginlog file : Practical UNIX & Internet Security, 10.1.4. loginlog File
wtmpx file : Practical UNIX & Internet Security, 10.1.2. utmp and wtmp Files
SYSTEM5 macro : sendmail, 18.8. Alphabetized Reference
Systems file
Practical UNIX & Internet Security, 15.3.3. Security of L.sys and Systems Files
TCP/IP Network Administration, 9.2.2. Solaris Line Printer Service


Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Copyright © 1999 O'Reilly & Associates, Inc. All Rights Reserved.