[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] S/Key codebook scheme S/MIME sa command sabotage saboteurs [See intruders] safe shutdown, accounts for SafeTP Safeware: System Safety and Computers. A Guide to Preventing Accidents and Losses Caused by Technolo salt Saltzer, Jerome Samba 2nd [See also SMB]3rd authorization client security configuring data integrity security and server connections user authentication sanitizing media SANS (Systems Administration and Network Security) 2nd SANTA (Security Administrator Network Tool for Analysis) SASL (Simple Authentication and Security Layer) SATAN (Security Administrator Tool for Analyzing Networks) 2nd savacct file saved UIDs sbrk() system call SC Magazine (InfoSecurity News) scanf() system call scanners , telephone SCCS (Source Code Control System) Schales, Doug Schiller, Jeffrey 2nd Schneier, Bruce Applied Cryptography: Protocols, Algorithms, and Source Code in C Secrets and Lies: Digital Security in a Networked World Schroeder, M. D. Schwartz, Randal L. (Learning Perl) scp program screensavers back doors to password-protected script command, logging break-ins with SE Linux (Security Enhanced Linux) secrecy [See confidentiality] secret key algorithms [See symmetric key algorithms] secret keys 2nd 3rd 4th Secret Service, U.S. Secrets and Lies: Digital Security in a Networked World (Schneier, Bruce) Secure European System for Applications in a Multivendor Environment (SESAME) secure file Secure Hash Algorithms (SHA) Secure NFS Secure RPC authentication limitations of logging in/out with NFS using NIS+ using 2nd with NIS/NIS+ and NTP Secure Shell [See SSH] Secure Sockets Layer [See SSL] secure terminals 2nd Secure Tracking of Office Property (STOP) secure Unix systems SecureID card securenets file securetty file security breaches, responding to [See break-ins] design principles for history of laws and [See legal issues] mailing lists regarding organizations regarding outsourcing policy of 2nd 3rd published resources on responsibility for risks [See risks] simplified in four steps software for 2nd through obscurity 2nd types of Unix and Usenet groups regarding web sites regarding security account Security Administrator Network Tool for Analysis (SANTA) Security Administrator Tool for Analyzing Networks [See SATAN] Security Alert Consensus mailing list Security Engineering (Anderson, Ross) Security Enhanced Linux (SE Linux) security experts, shortage of security holes [See also back doors; threats] preserve program reporting superuser account Security in Computing (Pfleeger, Charles P.) security levels, kernel security response teams [See response teams ] security scanners security tools published resources on used as programmed threats 2nd sed scripts, Trojan horses in Seebass, Scott (UNIX System Administration Handbook) seeds , random number 2nd Seger, Karl (Computer Crime: A Crimefighter's Handbook) select() system call self-destruct sequences sendmail program 2nd 3rd 4th [See also email] .forward file 2nd aliases back door in configuration files, security and disabling mail delivery to programs DontBlameSendmail option finding system administrator using .forward file options, security run as daemon same Internet/NIS domain security problems with startup file attacks sendmail.cf file 2nd sendmail.mc file separation of duties principle sequence of commands ser2net program serial interfaces Serial Line Internet Protocol [See SLIP] serial numbers , logging serial ports, uucp user for Server Message Block [See SMB] server statelessness server vulnerability attacks server-side NFS security servers 2nd backing up bringing up securely Internet [See Internet servers] load shedding master/slave [See NIS] nameserver [See DNS] overloading with requests physical security of [See physical security] run as root setting up for FTP Xauthority service overloading services [See denial of service attacks network services] services file 2nd 3rd Services table (NIS+) SESAME (Secure European System for Applications in a Multivendor Environment) session hijacking session IDs 2nd session keys 2nd SETATTR function (RPC) setgid() system call 2nd [See also SGID programs]3rd setlogmask() system call setpgrp() system call setrlimit() system call setsid() system call setuid file setuid() system call [See also SUID programs]2nd SG (Signal Ground) SGID bit clearing with chown command on directories on files SGID permission SGID programs created by intruders disabling (turning off) finding all files for security problems with writing sh (Bourne shell) [See also shells ] IFS variable used by prompt SUID version of SHA (Secure Hash Algorithms) SHA-1 algorithm shadow file 2nd 3rd 4th 5th shadow passwords 2nd 3rd 4th Shamir, Adi "A Method for Obtaining Digital Signatures" share command shared libraries, protecting shared systems sharetab file shareware, viruses in SHARITY client shell escapes 2nd shell scripts, SUID shell service shells changing for one-time passwords history files in passwd file login, changing protecting from attacks restricted running Trojan horses in shells file Shender, Alex Shimomura, Tsutomu (Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Comput Shockwave Rider (Brunner, John) shoulder surfing showmount command 2nd showrev command shredders, paper shutdown command shutdowns logged by wtmp file safe accounts for SIGHUP signal SIGKILL signal Signal Ground (SG) signal- grounding attacks signals catching kill command and signatures, data [See also digital signatures] detecting file changes with 2nd RPM files having SIGSTOP signal 2nd SIGTERM signal 2nd 3rd Simple Authentication and Security Layer (SASL) Simple Mail Transfer Protocol [See SMTP] Simple Network Management Protocol (SNMP) Singh, Simon (The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography) single-user mode booting in upgrading in single-user reboot site inspection, example of slash (/) as IFS separator pathnames beginning with slave server [See also NIS]2nd SLIP (Serial Line Internet Protocol) 2nd SMB (Server Message Block) 2nd authentication file access for history of name service for protocols for Samba implementation of [See Samba] smb.conf file 2nd smbclient smbpasswd program smoke detectors smoke, damaging hardware smoking, effects on hardware SMTP (Simple Mail Transfer Protocol) 2nd banners, security and commands, security and relaying security and 2nd TLS for encryption with 2nd smtp service SNA (System Network Architecture) sniffers 2nd [See also eavesdropping] network packet 2nd password 2nd 3rd SNMP (Simple Network Management Protocol) 2nd snoop program 2nd Snort system snprintf () system call Snyder, Garth (UNIX System Administration Handbook) So, Bryan ("An Empirical Study of the Reliability of UNIX Utilities") social engineering attacks 2nd socket UDP Unix domain SOCKS socks service soft process limits software [See also programming] access to 2nd backing up [See backups ] backups bugs in 2nd checking new 2nd coding standards for consistency of copyrighted , legal issues regarding data corruption by default accounts for design principles for development files, protecting digital signatures distributed with distributed through mirror sites documentation for filtering, for schools hacker challenges and integrity-checking log files created by malicious [See programmed threats] management systems monitoring obtained from outside sources 2nd operating systems [See specific operating systems] patches for, logging processes and published resources on quality of race conditions running as superuser security bugs in security- related 2nd specifications, importance of stolen (pirated) 2nd stored via FTP system, updating testing 2nd threads and toolkit for break-ins tools in Unix trusting Solaris 2nd [See also System V Unix] ACL support for AUTH_SYS and AUTH_UNIX bug fixes, responsibility for clri command Cryptfs support for Door construct 2nd exporting NFS directories with extra file permission character Fingerprints Database group passwords and history of host-based firewall for Kerberos client and server support Kerberos client for loginlog file mountd daemon ncheck command nonexecutable stack package management commands PAM support for passwd command, -r option supported password file, printing portmon variable process limit random number generators rpcbind program 2nd S/Key support Secure RPC time window secure version of server startup on SGID and sticky bits for directories SGID bit used for file locking shadow password file SMB support snoop program su log, scanning swapping to files TCP wrappers support ttywatch program ufsdump program versions of wtmpx log file X security Solstice PC-NetLink Source Code Control System (SCCS) source code, keeping secret 2nd [See also programming; software] source-based software management systems backing out of upgrades upgrading with space bit spaces, in passwords Spaf's first principle Spafford, Gene 2nd 3rd 4th 5th 6th spam, email 2nd 3rd sparse files Speciner, Mike (Network Security: Private Communications in a Public World) spies industrial planting programmed threats spoofing IP 2nd network connection sprinkler systems sprintf() system call 2nd square brackets ([]), indicating optional syntax sscanf () system call ssh keys, using for passwords ssh program 2nd 3rd SSH protocol client authentication with host authentication with tunneling X with ssh service .ssh/authorized_keys file back door in .ssh/known_hosts file ssh_config file sshd binary, back door in sshd user sshd_config file 2nd SSL (Secure Sockets Layer) attacks on MD5, use of SSL/TLS 2nd staff [See employees ] stale file handles Stallings, William (Cryptography and Network Security: Principles and Practices) Stallman, Richard 2nd 3rd standalone firewall appliance standards, security policy 2nd Starnes, W. Wyatt start bit 2nd startup command startup files attacks through modified by intruders stat command stateful inspection, firewalls stateless servers (NFS) 2nd static electricity static links Steele, Guy L., Jr. (C, a Reference Manual) Sterling, Bruce (The Hacker Crackdown: Law and Disorder on the Electronic Frontier) sticky bit permission sticky bits clearing with chown command on directories Stoll, Cliff (The Cuckoo's Egg) STOP (Secure Tracking of Office Property) stop bit 2nd storage, local strcat() system call strcpy () system call 2nd streadd() system call stream algorithms strecpy() system call Stripp, Alan (Code Breakers: The Inside Story of Bletchley Park) strncat () system call strncpy () system call strtrns() system call students, programmed threats authored by stunnel su command 2nd becoming superuser with 2nd log of failed attempts logging by logging to sulog file restrictions on running commands from scripts running with exec command security precautions for sudo program as alternative to using while superuser utmp and wtmp files and su file subnetting substitution ciphers sudo program 2nd sudoers file SUID bit 2nd SUID permission SUID programs 2nd back door via chroot() system call and created by intruders disabling (turning off) finding all files for security problems with 2nd shell scripts writing sulog file 2nd 3rd 4th sum command Sun NIS [See NIS] Sun NIS+ [See NIS+] Sun RPC [See RPC] SUN-DES-1 authentication SunOS history of SGID and sticky bits for directories trusted hosts and unlink command versions of SunRay systems sunrpc service 2nd Superincreasing Knapsack Problem superuser 2nd abilities of becoming with su command 2nd 3rd becoming with SUID csh bugs giving access to capabilities of changing file group changing file owner changing file permissions changing file times changing system clock changing user passwords 2nd compartmentalization as alternative to fingering kermit program and logging attempts to become [See sulog file] MAC systems not having modem devices owned by nameserver owned by NFS ownership NFS protocol and NTP running as password for forgetting as point of attack Posix P1003.1e/2c restrictions for privileges removed by secure Unix programs running as prompt for protecting account for restricting abilities of restrictions on 2nd Samba daemons run as security checklist for security implications of security precautions for 2nd security problems with sendmail running as servers run as stealing SUID scripts run as Trojan horse compromising UID for username for using passwd command using privileges with sudo command wheel group and 2nd suppliers [See vendors ] surge suppressors SVR4 Unix [See also System V Unix] chroot() system call and expiring accounts group passwords and history of password aging preventing users from changing passwords process accounting with restricting root account to console shadow password file wtmp file, viewing swap partition swap space, running out of swapping Swatch program 2nd sweeping telephone lines symbolic links [See also links] avoiding in restricted filesystems permissions and read-only partitions and SYMLINK function (RPC) symmetric key algorithms attacks on block algorithms common types of cryptographic strength of key length and 2nd security problems with stream algorithms verifying with peer review SYN bit SYN flood attacks 2nd sync account sync command sync() system call synchronization of passwords sysadmsh program sysctl command syslog facility 2nd 3rd alternatives to argument length checked by buffer overruns in configuration file false log entries files used by library for list of facilities in messages generated by in networked environment priorities for programming with where to log syslog file 2nd syslog service syslog.conf file 2nd syslogd file systat service system [See also specific operating systems] auditing activity on backing up critical files configuration files CPU overload attacks database files safe shutdown 2nd startup files trust in system administrator [See also superuser] adm account for blocking system accounts from changing password for cooperating with intruders errors by listed in wheel group mail aliases for published resources for remote, contacting regarding break-in sanitizing backup tapes setting umask sudo program used by multiple administrators trusting system calls [See also specific system calls] checking arguments to checking return codes from failures of format used in book system clock changing for random seeds Secure RPC timestamp sudden time changes in synchronizing system files initialization files read-only access to world-writable system libraries, protecting system manuals [See manuals] System Network Architecture (SNA) system software, updating system users System V Unix 2nd [See also Linux; Solaris; SVR4 Unix] chroot() system call and default umask value device file permissions exporting NFS directories FIFO file type history of inittab program loginlog file logins recorded in lastlog modems and password files password generators permission options for process accounting with ps command published resources for random number generators Release 4 [See SVR4 Unix] server startup on SGID bit on files su command and sulog file settings terminal security on utmp and wtmp log files wtmpx log file system() system call 2nd 3rd Systems Administration and Network Security [See SANS] systems-based crytpographic attacks |