Table of Contents for
Practical UNIX and Internet Security, 3rd Edition

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Practical UNIX and Internet Security, 3rd Edition by Alan Schwartz Published by O'Reilly Media, Inc., 2003
  1. Cover
  2. Practical Unix & Internet Security, 3rd Edition
  3. A Note Regarding Supplemental Files
  4. Preface
  5. Unix “Security”?
  6. Scope of This Book
  7. Which Unix System?
  8. Conventions Used in This Book
  9. Comments and Questions
  10. Acknowledgments
  11. A Note to Would-Be Attackers
  12. I. Computer Security Basics
  13. 1. Introduction: Some Fundamental Questions
  14. What Is Computer Security?
  15. What Is an Operating System?
  16. What Is a Deployment Environment?
  17. Summary
  18. 2. Unix History and Lineage
  19. History of Unix
  20. Security and Unix
  21. Role of This Book
  22. Summary
  23. 3. Policies and Guidelines
  24. Planning Your Security Needs
  25. Risk Assessment
  26. Cost-Benefit Analysis and Best Practices
  27. Policy
  28. Compliance Audits
  29. Outsourcing Options
  30. The Problem with Security Through Obscurity
  31. Summary
  32. II. Security Building Blocks
  33. 4. Users, Passwords, and Authentication
  34. Logging in with Usernames and Passwords
  35. The Care and Feeding of Passwords
  36. How Unix Implements Passwords
  37. Network Account and Authorization Systems
  38. Pluggable Authentication Modules (PAM)
  39. Summary
  40. 5. Users, Groups, and the Superuser
  41. Users and Groups
  42. The Superuser (root)
  43. The su Command: Changing Who You Claim to Be
  44. Restrictions on the Superuser
  45. Summary
  46. 6. Filesystems and Security
  47. Understanding Filesystems
  48. File Attributes and Permissions
  49. chmod: Changing a File’s Permissions
  50. The umask
  51. SUID and SGID
  52. Device Files
  53. Changing a File’s Owner or Group
  54. Summary
  55. 7. Cryptography Basics
  56. Understanding Cryptography
  57. Symmetric Key Algorithms
  58. Public Key Algorithms
  59. Message Digest Functions
  60. Summary
  61. 8. Physical Security for Servers
  62. Planning for the Forgotten Threats
  63. Protecting Computer Hardware
  64. Preventing Theft
  65. Protecting Your Data
  66. Story: A Failed Site Inspection
  67. Summary
  68. 9. Personnel Security
  69. Background Checks
  70. On the Job
  71. Departure
  72. Other People
  73. Summary
  74. III. Network and Internet Security
  75. 10. Modems and Dialup Security
  76. Modems: Theory of Operation
  77. Modems and Security
  78. Modems and Unix
  79. Additional Security for Modems
  80. Summary
  81. 11. TCP/IP Networks
  82. Networking
  83. IP: The Internet Protocol
  84. IP Security
  85. Summary
  86. 12. Securing TCP and UDP Services
  87. Understanding Unix Internet Servers and Services
  88. Controlling Access to Servers
  89. Primary Unix Network Services
  90. Managing Services Securely
  91. Putting It All Together: An Example
  92. Summary
  93. 13. Sun RPC
  94. Remote Procedure Call (RPC)
  95. Secure RPC (AUTH_DES)
  96. Summary
  97. 14. Network-Based Authentication Systems
  98. Sun’s Network Information Service (NIS)
  99. Sun’s NIS+
  100. Kerberos
  101. LDAP
  102. Other Network Authentication Systems
  103. Summary
  104. 15. Network Filesystems
  105. Understanding NFS
  106. Server-Side NFS Security
  107. Client-Side NFS Security
  108. Improving NFS Security
  109. Some Last Comments on NFS
  110. Understanding SMB
  111. Summary
  112. 16. Secure Programming Techniques
  113. One Bug Can Ruin Your Whole Day . . .
  114. Tips on Avoiding Security-Related Bugs
  115. Tips on Writing Network Programs
  116. Tips on Writing SUID/SGID Programs
  117. Using chroot( )
  118. Tips on Using Passwords
  119. Tips on Generating Random Numbers
  120. Summary
  121. IV. Secure Operations
  122. 17. Keeping Up to Date
  123. Software Management Systems
  124. Updating System Software
  125. Summary
  126. 18. Backups
  127. Why Make Backups?
  128. Backing Up System Files
  129. Software for Backups
  130. Summary
  131. 19. Defending Accounts
  132. Dangerous Accounts
  133. Monitoring File Format
  134. Restricting Logins
  135. Managing Dormant Accounts
  136. Protecting the root Account
  137. One-Time Passwords
  138. Administrative Techniques for Conventional Passwords
  139. Intrusion Detection Systems
  140. Summary
  141. 20. Integrity Management
  142. The Need for Integrity
  143. Protecting Integrity
  144. Detecting Changes After the Fact
  145. Integrity-Checking Tools
  146. Summary
  147. 21. Auditing, Logging, and Forensics
  148. Unix Log File Utilities
  149. Process Accounting: The acct/pacct File
  150. Program-Specific Log Files
  151. Designing a Site-Wide Log Policy
  152. Handwritten Logs
  153. Managing Log Files
  154. Unix Forensics
  155. Summary
  156. V. Handling Security Incidents
  157. 22. Discovering a Break-in
  158. Prelude
  159. Discovering an Intruder
  160. Cleaning Up After the Intruder
  161. Case Studies
  162. Summary
  163. 23. Protecting Against Programmed Threats
  164. Programmed Threats: Definitions
  165. Damage
  166. Authors
  167. Entry
  168. Protecting Yourself
  169. Preventing Attacks
  170. Summary
  171. 24. Denial of Service Attacks and Solutions
  172. Types of Attacks
  173. Destructive Attacks
  174. Overload Attacks
  175. Network Denial of Service Attacks
  176. Summary
  177. 25. Computer Crime
  178. Your Legal Options After a Break-in
  179. Criminal Hazards
  180. Criminal Subject Matter
  181. Summary
  182. 26. Who Do You Trust?
  183. Can You Trust Your Computer?
  184. Can You Trust Your Suppliers?
  185. Can You Trust People?
  186. Summary
  187. VI. Appendixes
  188. A. Unix Security Checklist
  189. Preface
  190. Chapter 1: Introduction: Some Fundamental Questions
  191. Chapter 2: Unix History and Lineage
  192. Chapter 3: Policies and Guidelines
  193. Chapter 4: Users, Passwords, and Authentication
  194. Chapter 5: Users, Groups, and the Superuser
  195. Chapter 6: Filesystems and Security
  196. Chapter 7: Cryptography Basics
  197. Chapter 8: Physical Security for Servers
  198. Chapter 9: Personnel Security
  199. Chapter 10: Modems and Dialup Security
  200. Chapter 11: TCP/IP Networks
  201. Chapter 12: Securing TCP and UDP Services
  202. Chapter 13: Sun RPC
  203. Chapter 14: Network-Based Authentication Systems
  204. Chapter 15: Network Filesystems
  205. Chapter 16: Secure Programming Techniques
  206. Chapter 17: Keeping Up to Date
  207. Chapter 18: Backups
  208. Chapter 19: Defending Accounts
  209. Chapter 20: Integrity Management
  210. Chapter 21: Auditing, Logging, and Forensics
  211. Chapter 22: Discovering a Break-In
  212. Chapter 23: Protecting Against Programmed Threats
  213. Chapter 24: Denial of Service Attacks and Solutions
  214. Chapter 25: Computer Crime
  215. Chapter 26: Who Do You Trust?
  216. Appendix A: Unix Security Checklist
  217. Appendix B: Unix Processes
  218. Appendixes C, D, and E: Paper Sources, Electronic Sources, and Organizations
  219. B. Unix Processes
  220. About Processes
  221. Signals
  222. Controlling and Examining Processes
  223. Starting Up Unix and Logging In
  224. C. Paper Sources
  225. Unix Security References
  226. Other Computer References
  227. D. Electronic Resources
  228. Mailing Lists
  229. Web Sites
  230. Usenet Groups
  231. Software Resources
  232. E. Organizations
  233. Professional Organizations
  234. U.S. Government Organizations
  235. Emergency Response Organizations
  236. Index
  237. Index
  238. Index
  239. Index
  240. Index
  241. Index
  242. Index
  243. Index
  244. Index
  245. Index
  246. Index
  247. Index
  248. Index
  249. Index
  250. Index
  251. Index
  252. Index
  253. Index
  254. Index
  255. Index
  256. Index
  257. Index
  258. Index
  259. Index
  260. Index
  261. Index
  262. Index
  263. About the Authors
  264. Colophon
  265. Copyright

P

P1003.1e/2c security standards, The Failed P1003.1e/2c Unix Security Standard
pacct file, Process Accounting: The acct/pacct File
package-based software management systems, Package-Based Systems, Upgrading Distributed Applications, Upgrading Distributed Applications, Packaging Tools
backing out of upgrades, Upgrading Distributed Applications
upgrading with, Upgrading Distributed Applications
packet monitors, Monitoring the Intruder
packet sniffing, Using Encryption to Protect IP Networks from Eavesdropping, Telnet (TCP Port 23)
packet-filtering firewalls, FTP: File Transfer Protocol (TCP Ports 20 and 21)
packet-level firewalls, Using a Host-Based Packet Firewall
packet-switching networks, IP: The Internet Protocol
paging, Swap Space Problems
PAM (Pluggable Authentication Modules), Pluggable Authentication Modules (PAM)Pluggable Authentication Modules (PAM), Kerberos Limitations, pam_ldap, Authorization, Restricting Logins, Integrating One-Time Passwords with Unix, Codebooks, Constraining Passwords, Recovering from too many processes
npasswd module, Constraining Passwords
one-time password module, Integrating One-Time Passwords with Unix
resource limits, Recovering from too many processes
restricting logins with, Restricting Logins
restrictions used with Samba, Authorization
S/Key module, Codebooks
using LDAP with, pam_ldap
using with Kerberos, Kerberos Limitations
pam.conf file, Pluggable Authentication Modules (PAM), Which Files to Back Up?
pam_ldap, pam_ldap
pam_time module, Restricting Logins
paper, Sanitizing Printed Media (see media, printed)
parent processes, Creating Processes
parentheses (()), indicating system call, Conventions Used in This Book
parity bit, Baud and bps
passive FTP, FTP active modeFTP passive mode
passwd command, Changing your password, Verifying your new password, Changing another user’s password, Bad Passwords: Open Doors, Unix salt, SUID and SGID, Disabling an Account by Changing the Account’s Password, Assigning Passwords to Users, Password Aging and Expiration, Password Aging and Expiration
-l option, Disabling an Account by Changing the Account’s Password
-n option, Password Aging and Expiration
-x option, Password Aging and Expiration
changing permissions for, Assigning Passwords to Users
-f flag, Verifying your new password
preventing bad password choices, Bad Passwords: Open Doors
as SUID program, SUID and SGID
using as superuser, Changing another user’s password
passwd file, What Is an Operating System?, The /etc/passwd File, The Unix Encrypted Password System, Network Account and Authorization Systems, The /etc/passwd File, finger (TCP Port 79), NIS is confused about “+”, /etc/exports, Which Files to Back Up?, Accounts Without Passwords, Accounts Without Passwords, Monitoring File Format, Monitoring File Format, New accounts, Process #1: /etc/init
Passwd table (NIS+), NIS+ Tables and Other Objects
passwd+ package, Constraining Passwords, Password Generators
passwd.adjunct file, Shadow Password Files
password modems, Additional Security for Modems
passwords, Add-on Functionality Breeds Problems, Responsible Disclosure, Users, Passwords, and Authentication, Authenticating with Passwords, Authenticating with Passwords, Authenticating with Passwords, Authenticating with Passwords, Entering your password, Entering your password, Changing your passwordChanging another user’s password, Verifying your new password, Verifying your new password, Verifying your new password, Changing another user’s password, The Care and Feeding of PasswordsWriting Down Passwords, Bad Passwords: Open Doors, Bad Passwords: Open Doors, Bad Passwords: Open DoorsSmoking Joes, Bad Passwords: Open Doors, Bad Passwords: Open Doors, Bad Passwords: Open Doors, Bad Passwords: Open Doors, Bad Passwords: Open Doors, Smoking Joes, Good Passwords: Locked Doors, Good Passwords: Locked Doors, Good Passwords: Locked Doors, Good Passwords: Locked Doors, Good Passwords: Locked Doors, Password Synchronization: Using the Same Password on Many Machines, Password Synchronization: Using the Same Password on Many Machines, Password Synchronization: Using the Same Password on Many Machines, Writing Down Passwords, Writing Down Passwords, The /etc/passwd File, The Unix Encrypted Password SystemThe shadow password and master password files, The traditional crypt ( ) algorithm, The traditional crypt ( ) algorithm, Unix salt, The shadow password and master password files, The shadow password and master password files, One-Time Passwords, Public Key Authentication, Summary, The /etc/group file, Function keys, IP Security, FTP: File Transfer Protocol (TCP Ports 20 and 21), Telnet (TCP Port 23), Overall security of Berkeley sendmail versus other MTAs, POP, POPS: Post Office Protocol, and IMAP, IMAPS: Internet Message Access Protocol (TCP Ports 109, 110, 143, 993, 995), Sudden changes in time, Communicating with MUDs, Internet Relay Chat (IRC), and Instant Messaging, Communicating with MUDs, Internet Relay Chat (IRC), and Instant Messaging, Creating passwords for users, Changing your password, Kerberos Limitations, User authentication, Things to Avoid, Tips on Using Passwords, Accounts Without Passwords, Accounts Without Passwords, Disabling an Account by Changing the Account’s Password, Disabling an Account by Changing the Account’s Password, One-Time PasswordsCodebooks, One-Time Passwords, Token CardsToken Cards, Codebooks, Codebooks, Assigning Passwords to UsersAssigning Passwords to Users, Assigning Passwords to Users, Constraining Passwords, Password Generators, Password Generators, Shadow Password Files, Password Aging and Expiration, Password Aging and Expiration, Cracking Your Own PasswordsThe dilemma of password crackers, Cracking Your Own PasswordsThe dilemma of password crackers, Joetest: a simple password cracker, Algorithm and Library ChangesAlgorithm and Library Changes, Logging everything everywhere, Exception and activity reports, Chapter 4: Users, Passwords, and Authentication
accounts without, Accounts Without Passwords
advisors for, Password Generators
aging, Password Aging and Expiration
assigning to users, Assigning Passwords to UsersAssigning Passwords to Users
authentication with, Authenticating with Passwords
bad choices for, Bad Passwords: Open Doors, Bad Passwords: Open DoorsSmoking Joes
changing, Changing your passwordChanging another user’s password, Changing another user’s password, Disabling an Account by Changing the Account’s Password
another user’s, Changing another user’s password
to disable accounts, Disabling an Account by Changing the Account’s Password
characters allowed in, Good Passwords: Locked Doors
choosing, Bad Passwords: Open Doors, Bad Passwords: Open Doors, Bad Passwords: Open Doors, Bad Passwords: Open Doors
codebooks for, Codebooks
compromised, Verifying your new password
constraining choices for, Constraining Passwords
control characters in, Verifying your new password, Good Passwords: Locked Doors
cracking, Bad Passwords: Open Doors, The traditional crypt ( ) algorithm, The traditional crypt ( ) algorithm, Cracking Your Own PasswordsThe dilemma of password crackers
encryption of, Password Synchronization: Using the Same Password on Many Machines, Writing Down Passwords, The Unix Encrypted Password SystemThe shadow password and master password files, User authentication, Algorithm and Library ChangesAlgorithm and Library Changes
entering, Entering your password
expiring, Password Aging and Expiration
file stored in, The /etc/passwd File
FTP and, FTP: File Transfer Protocol (TCP Ports 20 and 21)
generators for, Password Generators
good choices for, Good Passwords: Locked Doors
group, The /etc/group file
guessing attacks, IP Security
hit lists of, Bad Passwords: Open Doors
identical to username (Joes), Smoking Joes, Joetest: a simple password cracker
for Instant Messaging, Communicating with MUDs, Internet Relay Chat (IRC), and Instant Messaging
keeping secure, Responsible Disclosure, The Care and Feeding of PasswordsWriting Down Passwords, Summary
Kerberos, Kerberos Limitations
keystroke recorder capturing, Authenticating with Passwords
location of, Accounts Without Passwords
locking account if incorrect, Entering your password
logging changes to, Exception and activity reports
logging failed attempts at, Logging everything everywhere
master file, The shadow password and master password files
for MUDs, Communicating with MUDs, Internet Relay Chat (IRC), and Instant Messaging
on multiple machines, Unix salt
over network connections, Things to Avoid
NIS+, changing, Changing your password
NIS, with Secure RPC, Creating passwords for users
one-time, One-Time Passwords, One-Time PasswordsCodebooks, Codebooks
periodic scanning of, Cracking Your Own PasswordsThe dilemma of password crackers
with POP, POP, POPS: Post Office Protocol, and IMAP, IMAPS: Internet Message Access Protocol (TCP Ports 109, 110, 143, 993, 995)
preventing users from changing, Assigning Passwords to Users
programmed to function keys, Function keys
public key authentication as alternative to, Public Key Authentication
security checklist for, Chapter 4: Users, Passwords, and Authentication
shadow, The shadow password and master password files, Disabling an Account by Changing the Account’s Password, Shadow Password Files
shoulder surfing, Authenticating with Passwords
sniffing, Add-on Functionality Breeds Problems, Users, Passwords, and Authentication, Authenticating with Passwords, Telnet (TCP Port 23), One-Time Passwords
spaces in, Good Passwords: Locked Doors
ssh keys used for, Password Synchronization: Using the Same Password on Many Machines
synchronized on multiple accounts, Password Synchronization: Using the Same Password on Many Machines
system clock and, Sudden changes in time
token-based generator for, Token CardsToken Cards
unique, number of, Good Passwords: Locked Doors
using in programs, Tips on Using Passwords
verifying new, Verifying your new password
wizard’s (sendmail), Overall security of Berkeley sendmail versus other MTAs
writing down, Writing Down Passwords
patch diff, Source code and patches
patch program, Source code and patches
patches, Updating System Software, Learning About Patches, Informational material
finding, Learning About Patches
installing, Updating System Software
logging, Informational material
PATH variable, Tips on Writing SUID/SGID Programs, PATH attacks
PATHCONF function (RPC), The NFS Protocol
pathname, Current Directory and Paths
The Pathology of Computer Viruses (Ferbrache, David), Computer Viruses and Programmed Threats
paths, Current Directory and Paths, Trusted path
pathname for, Current Directory and Paths
trusted, Trusted path
pax program, Simple Archives
PDP-11 processors, The traditional crypt ( ) algorithm
peer review, verifying cryptographic algorithms with, Cryptanalysis
Pengo, Understanding the Computer Security “Culture”
per-machine log books, Per-Machine Logs
per-site log books, Per-Site Logs
percent sign (%), Unix C shell prompt, Conventions Used in This Book
performance reviews, Performance Reviews and Monitoring
performance, overload attacks affecting, Process and CPU Overload ProblemsCPU overload attacks
peripheral devices, Device Files (see device files)
Perl, SUID Scripts, Before You Finish, Tips on Writing SUID/SGID Programs, A Good Random Seed GeneratorA Good Random Seed Generator, Trojan horses in mobile code
random seed generator, A Good Random Seed GeneratorA Good Random Seed Generator
Trojan horses in scripts, Trojan horses in mobile code
using for SUID/SGID programs, Tips on Writing SUID/SGID Programs
using instead of shell scripts, Before You Finish
Perlman, Radia (Network Security: Private Communications in a Public World), Network Technology and Security
permissions, Inodes, File PermissionsA file permissions example, File Permissions, File Permissions, File Permissions, File Permissions, Directory Permissions, Directory Permissions, Directory Permissions, Directory Permissions, chmod: Changing a File’s Permissionschmod: Changing a File’s Permissions, chmod: Changing a File’s Permissions, chmod: Changing a File’s Permissions, chmod: Changing a File’s Permissions, chmod: Changing a File’s Permissions, chmod: Changing a File’s Permissions, Setting a File’s Permissions, Calculating octal file permissions, Calculating octal file permissions, The umaskCommon umask Values, SUID and SGIDTurning Off SUID and SGID in Mounted Filesystems, Device Files, Connecting a Modem to Your Computer, Setting Up the Unix Device, DNS best practices, Using NIS+, NIS+ Limitations, Examining the utmp and wtmp files, Changes in file and directory protections, Viruses, File ProtectionsWorld-readable backup devices
changing, chmod: Changing a File’s Permissionschmod: Changing a File’s Permissions
devices, Device Files
directories, Directory Permissions, Calculating octal file permissions
/etc/utmp file, Examining the utmp and wtmp files
execute, File Permissions, Directory Permissions, chmod: Changing a File’s Permissions
files, File PermissionsA file permissions example
modem devices, Setting Up the Unix Device
modem files, Connecting a Modem to Your Computer
modified by intruders, Changes in file and directory protections
nameserver files, DNS best practices
of NIS+ objects, Using NIS+, NIS+ Limitations
octal, Calculating octal file permissions
of commands, Viruses
read, File Permissions, Directory Permissions, chmod: Changing a File’s Permissions
setting, Setting a File’s Permissions
sticky bit, chmod: Changing a File’s Permissions
stored in inodes, Inodes
SUID and SGID, chmod: Changing a File’s Permissions, SUID and SGIDTurning Off SUID and SGID in Mounted Filesystems
symbolic links and, File Permissions
umasks, The umaskCommon umask Values
write, File Permissions, Directory Permissions, chmod: Changing a File’s Permissions
personnel, Personnel Security (see employees)
pf program, Using a Host-Based Packet Firewall
Pfleeger, Charles P. (Security in Computing), General Computer Security
PGP (Pretty Good Privacy), Uses of Message Digest Functions, SMTP: Simple Mail Transfer Protocol (TCP Port 25), Building an Automatic Backup System, Software Resources
for backups, Building an Automatic Backup System
for email, SMTP: Simple Mail Transfer Protocol (TCP Port 25)
software signature, Software Resources
PGP: Pretty Good Privacy (Garfinkel, Simson), Cryptography Books
ph program, Networking and Unix
phantom mail, Overflowing system mailboxes
Phoenix, Tom (Learning Perl), Miscellaneous References
phones, Banners (see telephones)
physical security, Physical Security for Servers, Planning for the Forgotten ThreatsOther Contingencies, The Physical Security Plan, The Physical Security Plan, Protecting Computer Hardware, Protecting Against Environmental DangersEnvironmental monitoring, Preventing Accidents, Controlling Physical Access, Defending Against VandalismUtility connections, Defending Against Acts of War and Terrorism, Preventing TheftEncryption, Easy pickings, Auditing Access, Modems and Security, Protection of Modems and LinesAdditional Security for Modems, Protection of Modems and Lines, Firewalls and Physical Isolation, Security for BackupsData security for backups, Read-Only FilesystemsRead-Only Filesystems, Signal Grounding and Jamming, Chapter 8: Physical Security for ServersChapter 8: Physical Security for Servers
access to hardware, Controlling Physical Access, Auditing Access
accidents, Preventing Accidents
acts of war and terrorism, Defending Against Acts of War and Terrorism
of backups, Security for BackupsData security for backups
checklist for, Chapter 8: Physical Security for ServersChapter 8: Physical Security for Servers
costs of, The Physical Security Plan
environmental dangers, Protecting Against Environmental DangersEnvironmental monitoring
hardware, protection for, Protecting Computer Hardware
importance of, Physical Security for Servers
IP network computers, Firewalls and Physical Isolation
modems, Modems and Security, Protection of Modems and LinesAdditional Security for Modems
planning, Planning for the Forgotten ThreatsOther Contingencies
read-only filesystems, Read-Only FilesystemsRead-Only Filesystems
real-world example, Easy pickings
security perimeter for, The Physical Security Plan
signal-grounding attacks, Signal Grounding and Jamming
telephone lines, Protection of Modems and Lines
theft of hardware, Preventing TheftEncryption
vandalism, Defending Against VandalismUtility connections
PIDs (process IDs), Process identification numbers (PIDs), Process groups and sessions
Pike, Rob (The UNIX Programming Environment), Unix Programming and System Administration
ping of death attacks, Hardening Against Attacks, Ping of Death and Other Malformed Traffic Attacks
piracy, software, Access Devices and Copyrighted Software
pkg (package) system, Integrity checking with the BSD pkg_info command
pkgadd command, Package-Based Systems
pkginfo command, Package-Based Systems
pkgrm command, Package-Based Systems
pkg_add command, Package-Based Systems
pkg_delete command, Package-Based Systems
pkg_info command, Package-Based Systems, Integrity checking with the BSD pkg_info command
PKI (Public Key Infrastructure), Public Key Authentication, DNSSEC
pkill command, Recovering from too many processes
plaintext attacks, Common Symmetric Key Algorithms, Cryptanalysis, Cryptanalysis
.plan file, The .plan and .project files
platforms, Preface (see specific operating systems)
play account, Open Accounts
playback attacks, Using the ticket-granting ticket
Pluggable Authentication Modules, Pluggable Authentication Modules (PAM) (see PAM)
plus sign (+), File Permissions, Specifying trusted hosts with /etc/hosts.equiv and ~/.rhosts, NIS Fundamentals, NIS is confused about “+”
in file permissions, File Permissions
in hosts.equiv file, Specifying trusted hosts with /etc/hosts.equiv and ~/.rhosts
in NIS, NIS Fundamentals, NIS is confused about “+”
Point-to-Point Protocol, Modems and Unix (see PPP)
policy, security, What Is an Operating System?, Policies and GuidelinesRisk Management Means Common Sense, Risk AssessmentReview Your Risks, Cost-Benefit Analysis and Best PracticesConvincing Management, Best PracticesBest Practices, PolicyRisk Management Means Common Sense, The Role of Policy, Standards, Guidelines, Some Key Ideas in Developing a Workable Policy, Be positive, Defend in depth, Risk Management Means Common Sense, Compliance Audits, Chapter 3: Policies and Guidelines
best practices used for, Best PracticesBest Practices
checklist for, Chapter 3: Policies and Guidelines
compliance audits for, Compliance Audits
cost-benefit analysis, Cost-Benefit Analysis and Best PracticesConvincing Management
guidelines in, Guidelines
positive statements in, Be positive
risk assessment, Risk AssessmentReview Your Risks, Risk Management Means Common Sense
role of, The Role of Policy, Some Key Ideas in Developing a Workable Policy
simplified in four steps, Defend in depth
standards in, Standards
writing, PolicyRisk Management Means Common Sense
political activists, Authors, Authors
as authors of programmed threats, Authors
planting programmed threats, Authors
Pollard, J. M. (“The Number Field Sieve”), Cryptography Papers and Other Publications
polygraph tests, of employees, Intensive Investigations
POP (Post Office Protocol), POP, POPS: Post Office Protocol, and IMAP, IMAPS: Internet Message Access Protocol (TCP Ports 109, 110, 143, 993, 995)
pop3 service, TCP
popen() system call, Things to Avoid, Tips on Writing SUID/SGID Programs
POPS (secure POP), POP, POPS: Post Office Protocol, and IMAP, IMAPS: Internet Message Access Protocol (TCP Ports 109, 110, 143, 993, 995)
pornography laws, Pornography, Indecency, and ObscenityChild pornography
port scanners, Network Scanning
portable I/O library, The Birth of Unix
portmap daemon, portmap
portmapper program, UDP, Sun RPC’s portmapper (UDP and TCP Ports 111), Sun’s portmap/rpcbind, Spoofing RPC, Unintended Disclosure of Site Information with NIS, Exporting NFS directories under System V: share and dfstab, Well-Known Bugs
bugs in, Well-Known Bugs
firewalls and, Unintended Disclosure of Site Information with NIS
proxy forwarding enabled by, Exporting NFS directories under System V: share and dfstab
spoofing RPC with, Spoofing RPC
portmon variable, Set the portmon Variable
ports, TCP, The /etc/services FilePorts cannot be trusted, The /etc/services File, Calling getservbyname( )
for network services, The /etc/services FilePorts cannot be trusted
trusted, Calling getservbyname( )
well-known, The /etc/services File
ports collection, source-based management systems in, Source code and patches
portsentry program, portsentry
POSIX, Unix Wars 2: SVR4 versus OSF/1, Software Quality, The Failed P1003.1e/2c Unix Security Standard, Use chown with caution, Process real and effective UIDs, Process groups and sessions
and chown command, Use chown with caution
orphaned process groups, Process groups and sessions
saved user ID, Process real and effective UIDs
standards, Unix Wars 2: SVR4 versus OSF/1, Software Quality, The Failed P1003.1e/2c Unix Security Standard
Post Office Protocol, POP, POPS: Post Office Protocol, and IMAP, IMAPS: Internet Message Access Protocol (TCP Ports 109, 110, 143, 993, 995) (see POP)
postfix program, Networking and Unix, SMTP: Simple Mail Transfer Protocol (TCP Port 25), SMTP relaying and bulk email (a.k.a. spam)
postmaster account, Alternative contact strategies
PostScript files, Trojan horses in mobile code, Viruses
Trojan horses in, Trojan horses in mobile code
viruses in, Viruses
power, Protecting Computer Hardware, Exception and activity reports, Destructive Attacks
outages, logging, Exception and activity reports
shutting off, as destructive attack, Destructive Attacks
surges, Protecting Computer Hardware
power users, Convincing Management
Power, Richard (Tangled Web), Computer Crime and Law
PPP (Point-to-Point Protocol), Modems and Unix, IP: The Internet Protocol
preserve program, security hole in, An example of a SUID attack: IFS and the /usr/lib/preserve hole
Press Enter (Varley, John), Understanding the Computer Security “Culture”
Pretty Good Privacy, Uses of Message Digest Functions (see PGP)
primary group, Groups and Group Identifiers (GIDs)
principals, NIS+, What NIS+ Does
print through process, Verify your backups
printed media, TCP (see media, printed)
printer service, TCP
printers, Users and Groups, Printer output, /etc/hosts.lpd file, Logging to a printer
/etc/hosts.lpd file, /etc/hosts.lpd file
logging to, Logging to a printer
lp user for, Users and Groups
output, security of, Printer output
priority of process, Process priority and nicenessProcess priority and niceness
privacy, Integrity Management (see confidentiality)
private key algorithms, Cryptographic Algorithms and Functions (see symmetric key algorithms)
private keys, Cryptographic Algorithms and Functions, Cryptographic Algorithms and Functions (see secret keys)
privilege testing, modems, Privilege testing
privileges, file, File Permissions, Changes in file and directory protections (see permissions)
privileges, SUID, SUID and SGID (see SUID programs)
/proc filesystem, /proc: Examining a Process Directly
process accounting, Process Accounting: The acct/pacct Filemessages Log File
process group IDs, Other IDs
process IDs, Process groups and sessions (see PIDs)
processes, What the Superuser Can Do, Limitation of netstat and lsof, Process and CPU Overload ProblemsCPU overload attacks, Soft Process Limits: Preventing Accidental Denial of Service, Service Overloading, About ProcessesRunning the User’s Shell, Processes and Programs, The ps CommandListing processes with versions of Unix derived from BSD, including Linux, The ps Command, Process PropertiesProcess groups and sessions, Process priority and nicenessProcess priority and niceness, Process priority and nicenessProcess priority and niceness, Process priority and niceness, Process groups and sessions, Process groups and sessions, Creating Processes, SignalsSignals, Killing Rogue or Questionable Processes, Controlling and Examining Processes, gdb: Controlling a Process, gcore: Dumping Core, lsof: Examining a Process, /proc: Examining a Process Directly, pstree: Viewing the Process Tree, Starting Up Unix and Logging InRunning the User’s Shell
commands to control, Controlling and Examining Processes
controlling, gdb: Controlling a Process
core file of, gcore: Dumping Core
creating, Creating Processes
defunct, Limitation of netstat and lsof
examining, lsof: Examining a Process, /proc: Examining a Process Directly
group IDs for, Process groups and sessions
listing with ps command, The ps CommandListing processes with versions of Unix derived from BSD, including Linux
listing with top command, The ps Command
niceness of, Process priority and nicenessProcess priority and niceness
overload attacks, Process and CPU Overload ProblemsCPU overload attacks
priority of, Process priority and nicenessProcess priority and niceness
programs running in, Processes and Programs
properties of, Process PropertiesProcess groups and sessions
scheduler, Process priority and niceness
session IDs for, Process groups and sessions
signals and, SignalsSignals
slave (zombies or Trojans), Service Overloading
soft process limits, Soft Process Limits: Preventing Accidental Denial of Service
stopping, Killing Rogue or Questionable Processes
superuser control of, What the Superuser Can Do
tree for, pstree: Viewing the Process Tree
Unix startup and login, Starting Up Unix and Logging InRunning the User’s Shell
procmail system, .forward, .procmailrc
.procmailrc file, .forward, .procmailrc
.profile file, Changes to startup files, Changes to startup files, .login, .profile, /etc/profile, .login, .profile, /etc/profile
ProFTPD server, Setting up an FTP server
programmed threats, Keeping Secrets, Use su with Caution, SMTP: Simple Mail Transfer Protocol (TCP Port 25), Programmed Threats: Definitions, Security Scanners and Other Tools, Back Doors and Trap DoorsBack Doors and Trap Doors, Logic Bombs, Trojan HorsesAvoiding Trojan horses, Viruses, WormsWorms, Bacteria and Rabbits, Bacteria and Rabbits, Damage, AuthorsAuthors, Entry, Protecting Yourself, Protecting Yourself, Protecting YourselfShared Libraries, Shell Features, Startup File AttacksOther initializations, Abusing Automatic MechanismsIssues with NFS, Viruses on the Distribution Disk, Viruses on the Distribution Disk, Chapter 23: Protecting Against Programmed Threats, Computer Viruses and Programmed Threats
authors of, AuthorsAuthors
to automatic mechanisms, Abusing Automatic MechanismsIssues with NFS
back doors, Keeping Secrets, Back Doors and Trap DoorsBack Doors and Trap Doors, Protecting Yourself
bacteria, Bacteria and Rabbits
damage done by, Damage
entry into computer system, Entry
logic bombs, Logic Bombs, Viruses on the Distribution Disk
protection from, Protecting YourselfShared Libraries
published resources on, Computer Viruses and Programmed Threats
rabbit programs, Bacteria and Rabbits
security checklist for, Chapter 23: Protecting Against Programmed Threats
security tools, Security Scanners and Other Tools
to shells, Shell Features
to startup files, Startup File AttacksOther initializations
Trojan horses, Use su with Caution, Trojan HorsesAvoiding Trojan horses, Protecting Yourself
types of, Programmed Threats: Definitions
viruses, SMTP: Simple Mail Transfer Protocol (TCP Port 25), Viruses, Viruses on the Distribution Disk
worms, WormsWorms
programming, Secure Programming Techniques, Design Principles, Coding StandardsBefore You Finish, Tips on Writing Network ProgramsThings to Avoid, Tips on Writing SUID/SGID ProgramsTips on Writing SUID/SGID Programs, Incorporating syslog into your own programs, Chapter 16: Secure Programming Techniques, Processes and Programs, Unix Programming and System Administration
coding standards for, Coding StandardsBefore You Finish
design principles for, Secure Programming Techniques, Design Principles
network services, Tips on Writing Network ProgramsThings to Avoid
published resources on, Unix Programming and System Administration
security checklist for, Chapter 16: Secure Programming Techniques
SUID/SGID programs, Tips on Writing SUID/SGID ProgramsTips on Writing SUID/SGID Programs
syslog calls in, Incorporating syslog into your own programs
threads and, Processes and Programs
Programming Perl (Wall, Larry; Christiansen, Tom; Orwant, Jon), Miscellaneous References
programs, Third-Party Security Tools, What he found (see software)
Project Athena, Kerberos, Kerberos
(see also Kerberos system)
.project file, The .plan and .project files
prompts, symbols for, Conventions Used in This Book
protocols, Packets and Protocols (see specific protocols)
Protocols table (NIS+), NIS+ Tables and Other Objects
proxy, using in network services, Things to Do
ps command, Making sure Secure RPC support is running on every workstation, Examining the utmp and wtmp files, Discovering an Intruder, Monitoring commands, Getting Rid of the Intruder, Recovering from too many processesRecovering from too many processes, The ps CommandListing processes with versions of Unix derived from BSD, including Linux
with kill command, Getting Rid of the Intruder
to stop process overload, Recovering from too many processesRecovering from too many processes
pseudo-devices, Device Files
pseudorandom functions, Tips on Generating Random Numbersdrand48( ), lrand48( ), and mrand48( )
pstree command, pstree: Viewing the Process Tree
public key algorithms, Public Key Authentication, Cryptographic Algorithms and FunctionsCryptographic Algorithms and Functions, Cryptographic Algorithms and Functions, Cryptographic Algorithms and Functions, Public Key AlgorithmsKnown versus published methods, Public Key Algorithms, Public Key Algorithms, Uses for Public Key Encryption, Attacks on Public Key Algorithms, Known versus published methods, Proving your identity, Building an Automatic Backup System
applications of, Uses for Public Key Encryption
attacks on, Attacks on Public Key Algorithms
authentication and, Public Key Authentication, Proving your identity
backups and, Building an Automatic Backup System
computational expense of, Cryptographic Algorithms and Functions
digital signatures created with, Cryptographic Algorithms and Functions
key length and, Public Key Algorithms
known versus published methods of, Known versus published methods
types of, Public Key Algorithms
Public Key Infrastructure, Public Key Authentication (see PKI)
Public Key Partners, Secure RPC (AUTH_DES)
public keys, Cryptographic Algorithms and Functions, Cryptographic Algorithms and Functions, Systems-based attacks, Proving your identity, Limitations of Secure RPC
publications, security, Paper SourcesSecurity Periodicals
publicity, as motivation for programmed threats, Authors
publickey file, Creating passwords for users
PureFTPd server, Setting up an FTP server
PurifyPlus (Rational), Before You Finish
pwck command, Monitoring File Format
pwdadm program, Assigning Passwords to Users