S flag, 374
-s flag, 408
-s queue, 409
sappnd flag, 184
savecore_flags variable, 98
sb0 (SoundBlaster device zero), 211
schg flag, 184
scratch partition, 314
screen blank, 294–95
script kiddies, 180
scripts, 69–70, 268
scrub function, 353
scrub rules, 364
SCSI bus, 230
SCSI card, 230
SCSI controller, 33
SCSI disk, 52, 229–30, 305–6
SCSI disk system, 33
sd0 drive, 82–83
search keywords, 286
searches line, 411
second field, 124
second route, 164
section numbers, 18–19, 20–21
sectors, 46, 53, 54, 76
securelevels, 185–88
security, 9–10, 179–97, 322
administrator, 131
announcements about, 24, 182
attackers, 180–81
breaches, 114
check script, 267
checksums, 182–83
creating systrace policies, 193–95
file flags, 183–85
real-time systrace monitoring, 195
researchers, 181
securelevels, 185–88
software security features, 195–97
systrace, 188–93
SECURITY file, 253, 287
SEE ALSO heading, 21
send_message, 117–18
sendmail_flags, 95
sendmail(8) UNIX mail transfer agent, 275, 276
serial consoles, 104–7
Serial Line Internet Protocol (SLIP), 171, 288
serial ports, 292
support for, 285–86
trouble setting up, 105
servers, 10
service name, 272
services file, 287
set authkey line, 171
set block-policy keyword, 363
set ifaddr line, 171
set limit frags keyword, 363
set limits keyword, 363
set limits states keyword, 363
set login statement, 170
set tty command, 106
setenv environment setting, 128
sets, distribution, 38–40
sets installation, custom, 69–70
setuid programs, 61
setup, of serial console, 105
sh shell, 118
shadow root directory, 334
share directory, 250
shared-library programs, 197
Shell command, 51
shell configuration, 267
shell environment setting, 128
shell script, 69, 107, 287
shellpref, 118
shells file, 287
shells, user, 280, 287
shlib_dirs variable, 98
shmmaxpgs kernel option, 217
shmseg kernel option, 217 "short" entry, 411
show argument, 412, 414
signal name, 283
single-user mode, 101, 333–34
single-user systems, 114
siteXX.tgz distribution set, 69
size abbreviations, 56
size field, 55, 282
sizing files, 317
skel directory, 117, 288
skey authentication method, 130
S/Key onetime password system, 288
skeykeys file, 288
skilled attackers, 181
skip-steps, 403
SLIP (Serial Line Internet Protocol), 171, 288
sliphome/ file, 288
slX network interface, 161
snapshots directory, 36
snapshots release, 323
snk authentication method, 130
Snort tool, 259–60
socket type, 273
soft update mounts, 301
software
See also add-on software; names of specific software
base, installing updated, 329–32
building with make build command, 258
custom startup, 110
finding, 242–43
foreign, 262–63
free, 8
installed, upgrading, 338
installing with make fake command, 258
interface between and hardware, 200
making, 238–40
modems, 168
port-based, startup, 109–10
security features, 195–97
serial console, 104
uninstalls, 110
software-porting process, lags in, 251
software-synchronization requirements, lags in, 251
song32.mp3 file, 35
songs directory, 36
source address, 387
source code, 238–39, 253–54, 339–45
applying own patches to, 257
CVS setup, 343
CVSup setup, 344–45
distribution, 339–40
extracting, 257
installing, 98
kernel, 225
management, 340
mixing repository versions, 341
repositories, 340–41
running CVS, 343–44
running CVSup, 345
source-changes@OpenBSD.org, 341–42
tags, 341
uncompress, 257
source-hash load balancing, 392
source-hash option, 395
spoofed packets, 381–82
spwd.db file, 288
Squid proxy, 388–89
Squid (/usr/ports/www/squid), 350
src directory, 36
src label, 249
src repository, 340, 341, 345
srcsys.tar.gz file, 225
SSH clients, 416
SSH connections, 407
ssh/ directory, 288
ssh queue, 403
SSH traffic, 399
ssh_bulk queue, 403
ssh_interactive queue, 403
sshd_flags="" variable, 94
sshd(8) program, 280
ssh/sshd_config, 417
ssl/ directory, 288
-stable release, 324
stack, non-executable, 196
stackable mounts, 313
stacksize resource-limiting login.conf variable, 127
standalone package, 245
standalone partitioning, 41–45
standard device node, 298
standard OpenBSD partition, 299
Standard PC, 32
standard source build process, 346–48
starting over option, 80
startup and booting, 99–111
boot configuration, 100–103
editing /etc/rc scripts, 109–11
/etc/boot.conf, 103
multiuser startup, 107–9
serial consoles, 104–7
startup messages, 200–203
state modulation, 379–80
state statistics, 410
state table, 379, 410, 414–15
stateful inspection, 378–81, 380
statistics, 412
status line, 161
su(1) command, 131
sub comparison, 191
subscribing, mailing list, 24
subsequent disks, 59
sudo, 135–44
disadvantages to, 135–36
duplicating alias names, 141
/etc/sudoer aliases, 138–40
excluding commands from all, 143–44
nesting aliases, 141
overview, 136–38
reasons to use, 135
sudo logs, 144
using, 142–43
using aliases in /etc/sudoers, 140– 41
using system groups as user aliases, 141
sudo logs, 144
sudo(1) program, 346
sudo(8) program, 288
sudoer aliases, 138–41
sudoers file, 137, 288
supfile, 344
svnd0 c device, 316
swap file, 43
swap space partition, 42–43, 56–57, 314
swap splitting, 43
switch, 176
SYN flag set, 374–75
SYN packet, 352, 374–75
SYN+ACK packet, 352, 373
synchronization acknowledgment, 352
synchronous mounts, 301
SYNOPSIS heading, 21
sysadmin practices, 114
syscall aliases, 191
sysctl.conf file, 288, 351
sysctls, 203–8
syslog facility, 289
syslog.conf file, 288–91, 290
syslogd_flags variable, 95
syslogd(8) program, 290
system bugs, 324–25
system calls, 188–89, 190
system check, 267–68
system configuration, 329
system controls, 203
system crash, 303, 318
system groups, 141
system host name, 281
system initialization, 285
system message buffer, 200–201
system source code, 325–26
system-level append-only flag, 184
system-level immutable flag, 184
systems administrators, 181
system-wide defaults, 267
systrace, 188–93, 291
systrace monitoring, real-time, 195
systrace policies, 193–95, 291
systrace policy file, 192
systrace(1) program, 291