Search |
Symbols
| A
| B
| C
| D
| E
| F
| G
| H
| I
| J
| K
| L
| M
| N
| O
| P
| Q
| R
| S
| T
| U
| V
| W
| X
| Y
| Z
Index: C
- C programming language
- 1.3. History of UNIX
- 23.2. Tips on Avoiding Security-related Bugs
- -Wall compiler option
: 23.2. Tips on Avoiding Security-related Bugs
- C shell
: (see csh)
- C2 audit
: 10.1. The Basic Log Files
- cables, network
- 12.2.4.2. Network cables
- 12.3.1.5. Fiber optic cable
- cutting
: 25.1. Destructive Attacks
- tampering detectors for
: 12.3.1.1. Wiretapping
- wiretapping
: 12.3.1.1. Wiretapping
- cache, nameserver
: 16.3.2. Security and Nameservice
- caching
: 5.6. Device Files
- Caesar Cipher
: 6.4.3. ROT13: Great for Encoding Offensive Jokes
- calculating costs of losses
: 2.3.1. The Cost of Loss
- call forwarding
: 14.5.4. Physical Protection of Modems
- Call Trace
: 24.2.4. Tracing a Connection
- CALLBACK= command
: 15.5.2. Permissions Commands
- callbacks
- 14.4.2.
- 14.6. Additional Security for Modems
- BNU UUCP
: 15.5.2. Permissions Commands
- Version 2 UUCP
: 15.4.1.5. Requiring callback
- Caller-ID (CNID)
- 14.4.3. Caller-ID (CNID)
- 14.6. Additional Security for Modems
- 24.2.4. Tracing a Connection
- Canada, export control in
: 6.7.2. Cryptography and Export Controls
- carbon monoxide
: 12.2.1.2. Smoke
- caret (^) in encrypted messages
: 6.2. What Is Encryption?
- case in usernames
: 3.1. Usernames
- cat command
- 3.2.2. The /etc/passwd File and Network Databases
- 15.4.3. L.cmds: Providing Remote Command Execution
- -ve option
: 5.5.4.1. The ncheck command
- -v option
: 24.4.1.7. Hidden files and directories
- cat-passwd command
: 3.2.2. The /etc/passwd File and Network Databases
- CBC (cipher block chaining)
- 6.4.4.2. DES modes
- 6.6.2. des: The Data Encryption Standard
- CBW (Crypt Breaker's Workbench)
: 6.6.1.1. The crypt program
- CCTA IT Security & Infrastructure Group
: F.3.4.39. UK: other government departments and agencies
- CD-ROM
: 9.1.2. Read-only Filesystems
- CDFs (context-dependent files)
- 5.9.2. Context-Dependent Files
- 24.4.1.7. Hidden files and directories
- ceilings, dropped
: 12.2.3.1. Raised floors and dropped ceilings
- cellular telephones
: 12.2.1.8. Electrical noise
- CERCUS (Computer Emergency Response Committee for Unclassified Systems)
: F.3.4.36. TRW network area and system administrators
- Cerf, Vint
: 16.2. IPv4: The Internet Protocol Version 4
- CERN
: E.4.1. CERN HTTP Daemon
- CERT (Computer Emergency Response Team)
- 6.5.2. Using Message Digests
- 27.3.5. Response Personnel?
- F.3.4.1. All Internet sites
- CERT-NL (Netherlands)
: F.3.4.25. Netherlands: SURFnet-connected sites
- mailing list for
: E.1.3.4. CERT-advisory
- CFB (cipher feedback)
: 6.4.4.2. DES modes
- CGI (Common Gateway Interface)
: 18.1. Security and the World Wide Web
- scripts
- 18.2. Running a Secure Server
- 18.2.3. Writing Secure CGI Scripts and Programs
- 18.2.4.1. Beware mixing HTTP with anonymous FTP
- cgi-bin directory
: 18.2.2. Understand Your Server's Directory Structure
- chacl command
: 5.2.5.2. HP-UX access control lists
- -f option
: 5.2.5.2. HP-UX access control lists
- -r option
: 5.2.5.2. HP-UX access control lists
- change detection
- 9.2. Detecting Change
- 9.3. A Final Note
- character devices
: 5.6. Device Files
- chat groups, harassment via
: 26.4.7. Harassment, Threatening Communication, and Defamation
- chdir command
- 23.2. Tips on Avoiding Security-related Bugs
- 25.2.2.8. Tree-structure attacks
- checklists for detecting changes
- 9.2.2. Checklists and Metadata
- 9.2.3. Checksums and Signatures
- checksums
- 6.5.5.1. Checksums
- 9.2.3. Checksums and Signatures
- Chesson, Greg
: 15.2. Versions of UUCP
- chfn command
: 8.2. Monitoring File Format
- chgrp command
: 5.8. chgrp: Changing a File's Group
- child processes
: C.2. Creating Processes
- chkey command
: 19.3.1.1. Proving your identity
- chmod command
- 5.2.1. chmod: Changing a File's Permissions
- 5.2.4. Using Octal File Permissions
- 8.3. Restricting Logins
- -A option
: 5.2.5.2. HP-UX access control lists
- -f option
: 5.2.1. chmod: Changing a File's Permissions
- -h option
: 5.2.1. chmod: Changing a File's Permissions
- -R option
: 5.2.1. chmod: Changing a File's Permissions
- chokes
: (see firewalls)
- chown command
- 5.7. chown: Changing a File's Owner
- 23.2. Tips on Avoiding Security-related Bugs
- chroot system call
- 8.1.5. Restricted Filesystem
- 8.1.5.2. Checking new software
- 11.1.4. Trojan Horses
- 23.4.1. Using chroot()
- with anonymous FTP
: 17.3.2.6. Setting up anonymous FTP with the standard UNIX FTP server
- chrootuid daemon
: E.4.2. chrootuid
- chsh command
: 8.7.1. Integrating One-time Passwords with UNIX
- CIAC (Computer Incident Advisory Capability)
: F.3.4.43. U.S. Department of Energy sites, Energy Sciences Network (ESnet), and DOE contractors
- CIDR (Classless InterDomain Routing)
- 16.2.1.1. IP networks
- 16.2.1.3. CIDR addresses
- cigarettes
: 12.2.1.2. Smoke
- cipher
- 6.4.3. ROT13: Great for Encoding Offensive Jokes
- (see also cryptography; encryption)
- block chaining (CBC)
- 6.4.4.2. DES modes
- 6.6.2. des: The Data Encryption Standard
- ciphertext
- 6.2. What Is Encryption?
- 8.6.1. The crypt() Algorithm
- feedback (CFB)
: 6.4.4.2. DES modes
- CISCO
: F.3.4.8. CISCO Systems
- civil actions (lawsuits)
: 26.3. Civil Actions
- classified data and breakins
- 26.1. Legal Options After a Break-in
- 26.2.2. Federal Jurisdiction
- Classless InterDomain Routing (CIDR)
- 16.2.1.1. IP networks
- 16.2.1.3. CIDR addresses
- clear text
: 8.6.1. The crypt() Algorithm
- Clear to Send (CTS)
: 14.3. The RS-232 Serial Protocol
- client flooding
: 16.3.2. Security and Nameservice
- client/server model
: 16.2.5. Clients and Servers
- clients, NIS
: (see NIS)
- clock, system
- 5.1.5. File Times
- 17.3.14. Network Time Protocol (NTP) (UDP Port 123)
- for random seeds
: 23.8. Picking a Random Seed
- resetting
: 9.2.3. Checksums and Signatures
- Secure RPC timestamp
: 19.3.1.3. Setting the window
- clogging
: 25.3.4. Clogging
- CMW (Compartmented-Mode Workstation)
: "Secure" Versions of UNIX
- CNID (Caller-ID)
- 14.4.3. Caller-ID (CNID)
- 14.6. Additional Security for Modems
- 24.2.4. Tracing a Connection
- CO2 system (for fires)
: 12.2.1.1. Fire
- COAST (Computer Operations, Audit, and Security Technology)
- E.3.2. COAST
- E.4. Software Resources
- code breaking
: (see cryptography)
- codebooks
: 8.7.3. Code Books
- CodeCenter
: 23.2. Tips on Avoiding Security-related Bugs
- cold, extreme
: 12.2.1.6. Temperature extremes
- command shells
: (see shells)
- commands
- 8.1.3. Accounts That Run a Single Command
- (see also under specific command name)
- accounts running single
: 8.1.3. Accounts That Run a Single Command
- in addresses
: 15.7. Early Security Problems with UUCP
- editor, embedded
: 11.5.2.7. Other initializations
- remote execution of
- 15.1.2. uux Command
- 15.4.3. L.cmds: Providing Remote Command Execution
- 17.3.17. rexec (TCP Port 512)
- running simultaneously
- 23.2. Tips on Avoiding Security-related Bugs
- (see also multitasking)
- commands in <Directory> blocks
: 18.3.2. Commands Within the <Directory> Block
- COMMANDS= command
: 15.5.2. Permissions Commands
- commenting out services
: 17.3. Primary UNIX Network Services
- comments in BNU UUCP
: 15.5.1.3. A Sample Permissions file
- Common Gateway Interface
: (see CGI)
- communications
- modems
: (see modems)
- national telecommunications
: 26.2.2. Federal Jurisdiction
- threatening
: 26.4.7. Harassment, Threatening Communication, and Defamation
- comparison copies
- 9.2.1. Comparison Copies
- 9.2.1.3. rdist
- compress program
: 6.6.1.2. Ways of improving the security of crypt
- Compressed SLIP (CSLIP)
: 16.2. IPv4: The Internet Protocol Version 4
- Computer Emergency Response Committee for Unclassified Systems (CERCUS)
: F.3.4.36. TRW network area and system administrators
- Computer Emergency Response Team
: (see CERT)
- Computer Incident Advisory Capability (CIAC)
: F.3.4.43. U.S. Department of Energy sites, Energy Sciences Network (ESnet), and DOE contractors
- computer networks
: 1.4.3. Add-On Functionality Breeds Problems
- Computer Security Institute (CSI)
: F.1.3. Computer Security Institute (CSI)
- computers
- assigning UUCP name
: 15.5.2. Permissions Commands
- auxiliary ports
: 12.3.1.4. Auxiliary ports on terminals
- backing up individual
: 7.2.1. Individual Workstation
- contacting administrator of
: 24.2.4.2. How to contact the system administrator of a computer you don't know
- cutting cables to
: 25.1. Destructive Attacks
- failure of
: 7.1.1.1. A taxonomy of computer failures
- hostnames for
- 16.2.3. Hostnames
- 16.2.3.1. The /etc/hosts file
- modems
: (see modems)
- multiple screens
: 12.3.4.3. Multiple screens
- multiple suppliers of
: 18.6. Dependence on Third Parties
- non-citizen access to
: 26.4.1. Munitions Export
- operating after breakin
: 24.6. Resuming Operation
- portable
: 12.2.6.3. Portables
- remote command execution
: 17.3.17. rexec (TCP Port 512)
- running NIS+
: 19.5.5. NIS+ Limitations
- screen savers
: 12.3.5.2. X screen savers
- security
- culture of
: D.1.10. Understanding the Computer Security "Culture"
- four steps toward
: 2.4.4.7. Defend in depth
- physical
: 12.2.6.1. Physically secure your computer
- references for
: D.1.7. General Computer Security
- resources on
: D.1.1. Other Computer References
- seized as evidence
: 26.2.4. Hazards of Criminal Prosecution
- transferring files between
: 15.1.1. uucp Command
- trusting
- 27.1. Can you Trust Your Computer?
- 27.1.3. What the Superuser Can and Cannot Do
- unattended
- 12.3.5. Unattended Terminals
- 12.3.5.2. X screen savers
- unplugging
: 24.2.5. Getting Rid of the Intruder
- vacuums for
: 12.2.1.3. Dust
- vandalism of
: (see vandalism)
- virtual
: (see Telnet utility)
- computing base (TCB)
: 8.5.3.2. Trusted computing base
- conf directory
: 18.2.2.1. Configuration files
- conf/access.conf
: (see access.conf file)
- conf/srm.conf file
: 18.3.1. The access.conf and .htaccess Files
- confidentiality
: (see encryption; privacy)
- configuration
- errors
: 9.1. Prevention
- files
: 11.5.3. Abusing Automatic Mechanisms
- logging
: 10.7.2.2. Informational material
- MCSA web server
: 18.2.2.1. Configuration files
- UUCP version differences
: 15.2. Versions of UUCP
- simplifying management of
: 9.1.2. Read-only Filesystems
- connections
- hijacking
: 16.3. IP Security
- laundering
: 16.1.1.1. Who is on the Internet?
- tracing
- 24.2.4. Tracing a Connection
- 24.2.4.2. How to contact the system administrator of a computer you don't know
- unplugging
: 24.2.5. Getting Rid of the Intruder
- connectors, network
: 12.2.4.3. Network connectors
- consistency of software
: 2.1. Planning Your Security Needs
- console device
: 5.6. Device Files
- CONSOLE variable
: 8.5.1. Secure Terminals
- constraining passwords
: 8.8.2. Constraining Passwords
- consultants
: 27.3.4. Your Consultants?
- context-dependent files (CDFs)
- 5.9.2. Context-Dependent Files
- 24.4.1.7. Hidden files and directories
- control characters in usernames
: 3.1. Usernames
- cookies
- 17.3.21.4. Using Xauthority magic cookies
- 18.2.3.1. Do not trust the user's browser!
- COPS (Computer Oracle and Password System)
- 19.5.5. NIS+ Limitations
- E.4.3. COPS (Computer Oracle and Password System)
- copyright
- 9.2.1. Comparison Copies
- 26.4.2. Copyright Infringement
- 26.4.2.1. Software piracy and the SPA
- notices of
: 26.2.6. Other Tips
- CORBA (Common Object Request Broker Architecture)
: 19.2. Sun's Remote Procedure Call (RPC)
- core files
- 23.2. Tips on Avoiding Security-related Bugs
- C.4. The kill Command
- cost-benefit analysis
- 2.3. Cost-Benefit Analysis
- 2.3.4. Convincing Management
- costs of losses
: 2.3.1. The Cost of Loss
- cp command
: 7.4.1. Simple Local Copies
- cpio program
- 7.3.2. Building an Automatic Backup System
- 7.4.2. Simple Archives
- crack program
- 8.8.3. Cracking Your Own Passwords
- 18.3.3. Setting Up Web Users and Passwords
- cracking
- backing up because of
: 7.1.1.1. A taxonomy of computer failures
- passwords
- 3.6.1. Bad Passwords: Open Doors
- 3.6.4. Passwords on Multiple Machines
- 8.6.1. The crypt() Algorithm
- 8.8.3. Cracking Your Own Passwords
- 8.8.3.2. The dilemma of password crackers
- 17.3.3. TELNET (TCP Port 23)
- logging failed attempts
: 10.5.3. syslog Messages
- responding to
- 24. Discovering a Break-in
- 24.7. Damage Control
- using rexecd
: 17.3.17. rexec (TCP Port 512)
- crashes, logging
: 10.7.2.1. Exception and activity reports
- CRC checksums
: (see checksums)
- Cred table (NIS+)
: 19.5.3. NIS+ Tables
- criminal prosecution
- 26.2. Criminal Prosecution
- 26.2.7. A Final Note on Criminal Actions
- cron file
- 9.2.2.1. Simple listing
- 11.5.1.4. Filename attacks
- 11.5.3.1. crontab entries
- automating backups
: 7.3.2. Building an Automatic Backup System
- cleaning up /tmp directory
: 25.2.4. /tmp Problems
- collecting login times
: 10.1.1. lastlog File
- symbolic links in
: 10.3.7. Other Logs
- system clock and
: 17.3.14. Network Time Protocol (NTP) (UDP Port 123)
- uucp scripts in
: 15.6.2. Automatic Execution of Cleanup Scripts
- crontab file
: 15.6.2. Automatic Execution of Cleanup Scripts
- Crypt Breaker's Workbench (CBW)
: 6.6.1.1. The crypt program
- crypt command/algorithm
- 6.4.1. Summary of Private Key Systems
- 6.6.1. UNIX crypt: The Original UNIX Encryption Command
- 6.6.1.3. Example
- 8.6. The UNIX Encrypted Password System
- 18.3.3. Setting Up Web Users and Passwords
- crypt function
- 8.6. The UNIX Encrypted Password System
- 8.6.1. The crypt() Algorithm
- 8.8.7. Algorithm and Library Changes
- 23.5. Tips on Using Passwords
- crypt16 algorithm
: 8.6.4. Crypt16() and Other Algorithms
- cryptography
- 6. Cryptography
- 6.7.2. Cryptography and Export Controls
- 14.4.4.2. Protection against eavesdropping
- checklist for
: A.1.1.5. Chapter 6: Cryptography
- checksums
: 6.5.5.1. Checksums
- digital signatures
: (see digital signatures)
- export laws concerning
: 6.7.2. Cryptography and Export Controls
- Message Authentication Codes (MACs)
: 6.5.5.2. Message authentication codes
- message digests
: (see message digests)
- PGP
: (see PGP)
- private-key
- 6.4. Common Cryptographic Algorithms
- 6.4.1. Summary of Private Key Systems
- public-key
- 6.4. Common Cryptographic Algorithms
- 6.4.2. Summary of Public Key Systems
- 6.4.6. RSA and Public Key Cryptography
- 6.4.6.3. Strength of RSA
- 6.5.3. Digital Signatures
- 18.3. Controlling Access to Files on Your Server
- 18.6. Dependence on Third Parties
- references on
: D.1.5. Cryptography Books
- and U.S. patents
: 6.7.1. Cryptography and the U.S. Patent System
- csh (C shell)
- 5.5.2. Problems with SUID
- 11.5.1. Shell Features
- 23.2. Tips on Avoiding Security-related Bugs
- C.5.3. Running the User's Shell
- (see also shells)
- autologout variable
: 12.3.5.1. Built-in shell autologout
- history file
: 10.4.1. Shell History
- uucp command
: 15.1.1.1. uucp with the C shell
- .cshrc file
- 11.5.2.2. .cshrc, .kshrc
- 12.3.5.1. Built-in shell autologout
- 24.4.1.6. Changes to startup files
- CSI (Computer Security Institute)
: F.1.3. Computer Security Institute (CSI)
- CSLIP (Compressed SLIP)
: 16.2. IPv4: The Internet Protocol Version 4
- ctime
- 5.1.2. Inodes
- 5.1.5. File Times
- 5.2.1. chmod: Changing a File's Permissions
- 7.4.7. inode Modification Times
- 9.2.3. Checksums and Signatures
- cu command
- 14.5. Modems and UNIX
- 14.5.3.1. Originate testing
- 14.5.3.3. Privilege testing
- -l option
: 14.5.3.1. Originate testing
- culture, computer security
: D.1.10. Understanding the Computer Security "Culture"
- current directory
: 5.1.3. Current Directory and Paths
- Customer Warning System (CWS)
: F.3.4.34. Sun Microsystems customers
Search |
Symbols
| A
| B
| C
| D
| E
| F
| G
| H
| I
| J
| K
| L
| M
| N
| O
| P
| Q
| R
| S
| T
| U
| V
| W
| X
| Y
| Z
Copyright © 1999
O'Reilly & Associates, Inc.
All Rights Reserved.
|