[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [X] [Z] sa command (process acounting) Samba, SWAT configuration tool sandboxed environments [See also chroot( environment)] BIND, running in restricting services with chroot( ) jail( ) security enhancement with grsecurity scrub rules (PacketFilter) sdrop rule, Snort_inline searching packets, Snort rule options Sebek (honeypot monitoring package) SecFilter keyword SecFilterSelective keyword sectors offsets for a partition secure tunnels [See tunnels, secure] securelevels (BSD systems) security holes (system), automating patching of security policy auditing on Windows creating for Windows firewall setting up for IPsec connections on FreeBSD Security Policy Database (SPD) FreeBSD, IPsec connections Linux, IPsec connections security scanner (Nessus) Self-certifying File System (SFS) self-signed certificates Sendmail, setting up to use TLS sensor_id (ACID) server clocks, keeping synchronized services common port numbers emulated by honeyd attempts to access preventing from binding to an interface restricting with sandboxed environments running, listing on Windows scanning for vulnerabilities with Nessus session cookies, attacks using session-timeout values, setting for PacketFilter seteuid( ) setfacl command setkey utility setuid( ) sfscd (SFS client daemon) sfskey command SGID or SUID programs, scanning for Sguil client and server, testing compiling and installing Barnyard components of configuring sguild creating a MySQL database database tables, creating log_packets.sh script, setting up op_sguil output plug-in sensor agent script, setting up sensors, setting up SSL, using with starting up sguild and xscriptd Tcl packages required xscriptd, setting up shared-medium Ethernet networks, sniffers and shares (default), disabling on Windows sharing files, using SFS (Self-certifying File System) shell scripts, SUID or SGID bits on shells exploit with shell code against SSH daemon restricted signature verification, automating Simple WATCHer [See swatch] skipinterval option, SnortSam SMTP (TLS-enabled), setting up sniffdet tool ARP test DNS test SNMP interface statistics (for SNMP daemon on a router) snmpget utility Snort GUI for Lamerz [See Sguil] Snort NIDS alerts analyzing with Sguil tracking with ACID automatic rule updates with Oinkmaster Barnyard, using to increase performance unified output format for Snort configuration built-in preprocessors databases editing snort.conf file files provided with distribution rule signatures database support, enabling output plug-in downloading and installing firewalling with SnortSam configuring SnortSam firewall communications, setting up output plug-ins rules that trigger firewall rules flexible response preventing and containing intrusions with Snort_inline rules sensor network, managing support for sending alerts to a database testing in sniffer mode writing your own rules actions, built-in activate and dynamic actions defining custom actions direction of packets IP addresses and ports for packets online rule documentation options protocol, specifying for rule rule header and options SnortCenter admin account information, editing config.php file, editing MySQL database sensor agent, adding to main management console sensor agents, setting up setting up sockets (open), listing with lsof utility SOCKS proxy, using SSH as sockstat command software authenticity, checking Solaris Sebek honeypot monitoring module TUN/TAP driver source entries (syslog-ng) Spade IDS alerts generated by SPD [See Security Policy Database] spoofing addresses ARP spoofing preventing IP spoofing with egress filtering preventing with FilterPacket SQL-injection attacks squid proxy over SSH SSH -D switch authpf shell and exploit launched against daemon, monitoring forwarding and encrypting traffic with keys, automating client logins security concerns with public keys login keys, generating for PPP, using with to create secure VPN tunnel SOCKS proxy, using as squid proxy over tunneling connection over HTTP with httptunnel VTun, using over SSL Apache, installing with certificates encrypting and tunneling traffic with encrypting IMAP and POP with OpenVPN, use by Sguil, using with 2nd SnortCenter sensor, using with using for HTTPS with ntop Stackguard stacks buffer overflows based on PAM modules for startup, running commands out of system rc files startx command, -nolisten tcp option stateless protocol Statistical Anomaly Detection Engine [See Spade IDS] statistics (network), collecting with firewall rules stealth mode, running IDS sensors in sticky bit set on directories, scanning for stream4 preprocessor, enabling for Snort strings, searching packets for with Snort stunnel configuration file, stunnel.conf forwarding local port to remote port su utility sudo utility suEXEC (Apache) enabling and configuring SUID bit, disabling SUID files, monitoring on your system SUID or SGID programs, scanning for SUID wrapper program, used by Apache swapping SWAT (Samba's web-based configuration tool) swatch (log file monitor) regular expressions to match log messages symlink restrictions (grsecurity) sysctl.conf file, enabling packet forwarding syslog aggregating logs from remote sites Barnyard output to centralized server, running filtering information into separate files integrating Windows into syslog-ng 2nd configuration file entries encrypting tunnel for secure traffic between daemons filters, defining libol library package macros syslog.conf, translating to source, destination, and log entries TCP support web site syslog.conf file, translating to syslog-ng configuration entries system binaries modification by root kits performing functions of with BusyBox verifying for chrootkit system calls definition of interception by Sebek restricting [See systrace utility] system groups, specifying for use of sudo system logs, protecting from tampering by intruders system updates automating Windows, checking for systrace utility aliases policies policy-generation tool |