start page | rating of books | rating of authors | reviews | copyrights
Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
Index: C
- C programming language
- 1.3. History of UNIX
- 23.2. Tips on Avoiding Security-related Bugs
- -Wall compiler option : 23.2. Tips on Avoiding Security-related Bugs
- C shell : (see csh)
- C2 audit : 10.1. The Basic Log Files
- cables, network
- 12.2.4.2. Network cables
- 12.3.1.5. Fiber optic cable
- cutting : 25.1. Destructive Attacks
- tampering detectors for : 12.3.1.1. Wiretapping
- wiretapping : 12.3.1.1. Wiretapping
- cache, nameserver : 16.3.2. Security and Nameservice
- caching : 5.6. Device Files
- Caesar Cipher : 6.4.3. ROT13: Great for Encoding Offensive Jokes
- calculating costs of losses : 2.3.1. The Cost of Loss
- call forwarding : 14.5.4. Physical Protection of Modems
- Call Trace : 24.2.4. Tracing a Connection
- CALLBACK= command : 15.5.2. Permissions Commands
- callbacks
- 14.4.2.
- 14.6. Additional Security for Modems
- BNU UUCP : 15.5.2. Permissions Commands
- Version 2 UUCP : 15.4.1.5. Requiring callback
- Caller-ID (CNID)
- 14.4.3. Caller-ID (CNID)
- 14.6. Additional Security for Modems
- 24.2.4. Tracing a Connection
- Canada, export control in : 6.7.2. Cryptography and Export Controls
- carbon monoxide : 12.2.1.2. Smoke
- caret (^) in encrypted messages : 6.2. What Is Encryption?
- case in usernames : 3.1. Usernames
- cat command
- 3.2.2. The /etc/passwd File and Network Databases
- 15.4.3. L.cmds: Providing Remote Command Execution
- -ve option : 5.5.4.1. The ncheck command
- -v option : 24.4.1.7. Hidden files and directories
- cat-passwd command : 3.2.2. The /etc/passwd File and Network Databases
- CBC (cipher block chaining)
- 6.4.4.2. DES modes
- 6.6.2. des: The Data Encryption Standard
- CBW (Crypt Breaker's Workbench) : 6.6.1.1. The crypt program
- CCTA IT Security & Infrastructure Group : F.3.4.39. UK: other government departments and agencies
- CD-ROM : 9.1.2. Read-only Filesystems
- CDFs (context-dependent files)
- 5.9.2. Context-Dependent Files
- 24.4.1.7. Hidden files and directories
- ceilings, dropped : 12.2.3.1. Raised floors and dropped ceilings
- cellular telephones : 12.2.1.8. Electrical noise
- CERCUS (Computer Emergency Response Committee for Unclassified Systems) : F.3.4.36. TRW network area and system administrators
- Cerf, Vint : 16.2. IPv4: The Internet Protocol Version 4
- CERN : E.4.1. CERN HTTP Daemon
- CERT (Computer Emergency Response Team)
- 6.5.2. Using Message Digests
- 27.3.5. Response Personnel?
- F.3.4.1. All Internet sites
- CERT-NL (Netherlands) : F.3.4.25. Netherlands: SURFnet-connected sites
- mailing list for : E.1.3.4. CERT-advisory
- CFB (cipher feedback) : 6.4.4.2. DES modes
- CGI (Common Gateway Interface) : 18.1. Security and the World Wide Web
- scripts
- 18.2. Running a Secure Server
- 18.2.3. Writing Secure CGI Scripts and Programs
- 18.2.4.1. Beware mixing HTTP with anonymous FTP
- cgi-bin directory : 18.2.2. Understand Your Server's Directory Structure
- chacl command : 5.2.5.2. HP-UX access control lists
- -f option : 5.2.5.2. HP-UX access control lists
- -r option : 5.2.5.2. HP-UX access control lists
- change detection
- 9.2. Detecting Change
- 9.3. A Final Note
- character devices : 5.6. Device Files
- chat groups, harassment via : 26.4.7. Harassment, Threatening Communication, and Defamation
- chdir command
- 23.2. Tips on Avoiding Security-related Bugs
- 25.2.2.8. Tree-structure attacks
- checklists for detecting changes
- 9.2.2. Checklists and Metadata
- 9.2.3. Checksums and Signatures
- checksums
- 6.5.5.1. Checksums
- 9.2.3. Checksums and Signatures
- Chesson, Greg : 15.2. Versions of UUCP
- chfn command : 8.2. Monitoring File Format
- chgrp command : 5.8. chgrp: Changing a File's Group
- child processes : C.2. Creating Processes
- chkey command : 19.3.1.1. Proving your identity
- chmod command
- 5.2.1. chmod: Changing a File's Permissions
- 5.2.4. Using Octal File Permissions
- 8.3. Restricting Logins
- -A option : 5.2.5.2. HP-UX access control lists
- -f option : 5.2.1. chmod: Changing a File's Permissions
- -h option : 5.2.1. chmod: Changing a File's Permissions
- -R option : 5.2.1. chmod: Changing a File's Permissions
- chokes : (see firewalls)
- chown command
- 5.7. chown: Changing a File's Owner
- 23.2. Tips on Avoiding Security-related Bugs
- chroot system call
- 8.1.5. Restricted Filesystem
- 8.1.5.2. Checking new software
- 11.1.4. Trojan Horses
- 23.4.1. Using chroot()
- with anonymous FTP : 17.3.2.6. Setting up anonymous FTP with the standard UNIX FTP server
- chrootuid daemon : E.4.2. chrootuid
- chsh command : 8.7.1. Integrating One-time Passwords with UNIX
- CIAC (Computer Incident Advisory Capability) : F.3.4.43. U.S. Department of Energy sites, Energy Sciences Network (ESnet), and DOE contractors
- CIDR (Classless InterDomain Routing)
- 16.2.1.1. IP networks
- 16.2.1.3. CIDR addresses
- cigarettes : 12.2.1.2. Smoke
- cipher
- 6.4.3. ROT13: Great for Encoding Offensive Jokes
- (see also cryptography; encryption)
- block chaining (CBC)
- 6.4.4.2. DES modes
- 6.6.2. des: The Data Encryption Standard
- ciphertext
- 6.2. What Is Encryption?
- 8.6.1. The crypt() Algorithm
- feedback (CFB) : 6.4.4.2. DES modes
- CISCO : F.3.4.8. CISCO Systems
- civil actions (lawsuits) : 26.3. Civil Actions
- classified data and breakins
- 26.1. Legal Options After a Break-in
- 26.2.2. Federal Jurisdiction
- Classless InterDomain Routing (CIDR)
- 16.2.1.1. IP networks
- 16.2.1.3. CIDR addresses
- clear text : 8.6.1. The crypt() Algorithm
- Clear to Send (CTS) : 14.3. The RS-232 Serial Protocol
- client flooding : 16.3.2. Security and Nameservice
- client/server model : 16.2.5. Clients and Servers
- clients, NIS : (see NIS)
- clock, system
- 5.1.5. File Times
- 17.3.14. Network Time Protocol (NTP) (UDP Port 123)
- for random seeds : 23.8. Picking a Random Seed
- resetting : 9.2.3. Checksums and Signatures
- Secure RPC timestamp : 19.3.1.3. Setting the window
- clogging : 25.3.4. Clogging
- CMW (Compartmented-Mode Workstation) : "Secure" Versions of UNIX
- CNID (Caller-ID)
- 14.4.3. Caller-ID (CNID)
- 14.6. Additional Security for Modems
- 24.2.4. Tracing a Connection
- CO2 system (for fires) : 12.2.1.1. Fire
- COAST (Computer Operations, Audit, and Security Technology)
- E.3.2. COAST
- E.4. Software Resources
- code breaking : (see cryptography)
- codebooks : 8.7.3. Code Books
- CodeCenter : 23.2. Tips on Avoiding Security-related Bugs
- cold, extreme : 12.2.1.6. Temperature extremes
- command shells : (see shells)
- commands
- 8.1.3. Accounts That Run a Single Command
- (see also under specific command name)
- accounts running single : 8.1.3. Accounts That Run a Single Command
- in addresses : 15.7. Early Security Problems with UUCP
- editor, embedded : 11.5.2.7. Other initializations
- remote execution of
- 15.1.2. uux Command
- 15.4.3. L.cmds: Providing Remote Command Execution
- 17.3.17. rexec (TCP Port 512)
- running simultaneously
- 23.2. Tips on Avoiding Security-related Bugs
- (see also multitasking)
- commands in <Directory> blocks : 18.3.2. Commands Within the <Directory> Block
- COMMANDS= command : 15.5.2. Permissions Commands
- commenting out services : 17.3. Primary UNIX Network Services
- comments in BNU UUCP : 15.5.1.3. A Sample Permissions file
- Common Gateway Interface : (see CGI)
- communications
- modems : (see modems)
- national telecommunications : 26.2.2. Federal Jurisdiction
- threatening : 26.4.7. Harassment, Threatening Communication, and Defamation
- comparison copies
- 9.2.1. Comparison Copies
- 9.2.1.3. rdist
- compress program : 6.6.1.2. Ways of improving the security of crypt
- Compressed SLIP (CSLIP) : 16.2. IPv4: The Internet Protocol Version 4
- Computer Emergency Response Committee for Unclassified Systems (CERCUS) : F.3.4.36. TRW network area and system administrators
- Computer Emergency Response Team : (see CERT)
- Computer Incident Advisory Capability (CIAC) : F.3.4.43. U.S. Department of Energy sites, Energy Sciences Network (ESnet), and DOE contractors
- computer networks : 1.4.3. Add-On Functionality Breeds Problems
- Computer Security Institute (CSI) : F.1.3. Computer Security Institute (CSI)
- computers
- assigning UUCP name : 15.5.2. Permissions Commands
- auxiliary ports : 12.3.1.4. Auxiliary ports on terminals
- backing up individual : 7.2.1. Individual Workstation
- contacting administrator of : 24.2.4.2. How to contact the system administrator of a computer you don't know
- cutting cables to : 25.1. Destructive Attacks
- failure of : 7.1.1.1. A taxonomy of computer failures
- hostnames for
- 16.2.3. Hostnames
- 16.2.3.1. The /etc/hosts file
- modems : (see modems)
- multiple screens : 12.3.4.3. Multiple screens
- multiple suppliers of : 18.6. Dependence on Third Parties
- non-citizen access to : 26.4.1. Munitions Export
- operating after breakin : 24.6. Resuming Operation
- portable : 12.2.6.3. Portables
- remote command execution : 17.3.17. rexec (TCP Port 512)
- running NIS+ : 19.5.5. NIS+ Limitations
- screen savers : 12.3.5.2. X screen savers
- security
- culture of : D.1.10. Understanding the Computer Security "Culture"
- four steps toward : 2.4.4.7. Defend in depth
- physical : 12.2.6.1. Physically secure your computer
- references for : D.1.7. General Computer Security
- resources on : D.1.1. Other Computer References
- seized as evidence : 26.2.4. Hazards of Criminal Prosecution
- transferring files between : 15.1.1. uucp Command
- trusting
- 27.1. Can you Trust Your Computer?
- 27.1.3. What the Superuser Can and Cannot Do
- unattended
- 12.3.5. Unattended Terminals
- 12.3.5.2. X screen savers
- unplugging : 24.2.5. Getting Rid of the Intruder
- vacuums for : 12.2.1.3. Dust
- vandalism of : (see vandalism)
- virtual : (see Telnet utility)
- computing base (TCB) : 8.5.3.2. Trusted computing base
- conf directory : 18.2.2.1. Configuration files
- conf/access.conf : (see access.conf file)
- conf/srm.conf file : 18.3.1. The access.conf and .htaccess Files
- confidentiality : (see encryption; privacy)
- configuration
- errors : 9.1. Prevention
- files : 11.5.3. Abusing Automatic Mechanisms
- logging : 10.7.2.2. Informational material
- MCSA web server : 18.2.2.1. Configuration files
- UUCP version differences : 15.2. Versions of UUCP
- simplifying management of : 9.1.2. Read-only Filesystems
- connections
- hijacking : 16.3. IP Security
- laundering : 16.1.1.1. Who is on the Internet?
- tracing
- 24.2.4. Tracing a Connection
- 24.2.4.2. How to contact the system administrator of a computer you don't know
- unplugging : 24.2.5. Getting Rid of the Intruder
- connectors, network : 12.2.4.3. Network connectors
- consistency of software : 2.1. Planning Your Security Needs
- console device : 5.6. Device Files
- CONSOLE variable : 8.5.1. Secure Terminals
- constraining passwords : 8.8.2. Constraining Passwords
- consultants : 27.3.4. Your Consultants?
- context-dependent files (CDFs)
- 5.9.2. Context-Dependent Files
- 24.4.1.7. Hidden files and directories
- control characters in usernames : 3.1. Usernames
- cookies
- 17.3.21.4. Using Xauthority magic cookies
- 18.2.3.1. Do not trust the user's browser!
- COPS (Computer Oracle and Password System)
- 19.5.5. NIS+ Limitations
- E.4.3. COPS (Computer Oracle and Password System)
- copyright
- 9.2.1. Comparison Copies
- 26.4.2. Copyright Infringement
- 26.4.2.1. Software piracy and the SPA
- notices of : 26.2.6. Other Tips
- CORBA (Common Object Request Broker Architecture) : 19.2. Sun's Remote Procedure Call (RPC)
- core files
- 23.2. Tips on Avoiding Security-related Bugs
- C.4. The kill Command
- cost-benefit analysis
- 2.3. Cost-Benefit Analysis
- 2.3.4. Convincing Management
- costs of losses : 2.3.1. The Cost of Loss
- cp command : 7.4.1. Simple Local Copies
- cpio program
- 7.3.2. Building an Automatic Backup System
- 7.4.2. Simple Archives
- crack program
- 8.8.3. Cracking Your Own Passwords
- 18.3.3. Setting Up Web Users and Passwords
- cracking
- backing up because of : 7.1.1.1. A taxonomy of computer failures
- passwords
- 3.6.1. Bad Passwords: Open Doors
- 3.6.4. Passwords on Multiple Machines
- 8.6.1. The crypt() Algorithm
- 8.8.3. Cracking Your Own Passwords
- 8.8.3.2. The dilemma of password crackers
- 17.3.3. TELNET (TCP Port 23)
- logging failed attempts : 10.5.3. syslog Messages
- responding to
- 24. Discovering a Break-in
- 24.7. Damage Control
- using rexecd : 17.3.17. rexec (TCP Port 512)
- crashes, logging : 10.7.2.1. Exception and activity reports
- CRC checksums : (see checksums)
- Cred table (NIS+) : 19.5.3. NIS+ Tables
- criminal prosecution
- 26.2. Criminal Prosecution
- 26.2.7. A Final Note on Criminal Actions
- cron file
- 9.2.2.1. Simple listing
- 11.5.1.4. Filename attacks
- 11.5.3.1. crontab entries
- automating backups : 7.3.2. Building an Automatic Backup System
- cleaning up /tmp directory : 25.2.4. /tmp Problems
- collecting login times : 10.1.1. lastlog File
- symbolic links in : 10.3.7. Other Logs
- system clock and : 17.3.14. Network Time Protocol (NTP) (UDP Port 123)
- uucp scripts in : 15.6.2. Automatic Execution of Cleanup Scripts
- crontab file : 15.6.2. Automatic Execution of Cleanup Scripts
- Crypt Breaker's Workbench (CBW) : 6.6.1.1. The crypt program
- crypt command/algorithm
- 6.4.1. Summary of Private Key Systems
- 6.6.1. UNIX crypt: The Original UNIX Encryption Command
- 6.6.1.3. Example
- 8.6. The UNIX Encrypted Password System
- 18.3.3. Setting Up Web Users and Passwords
- crypt function
- 8.6. The UNIX Encrypted Password System
- 8.6.1. The crypt() Algorithm
- 8.8.7. Algorithm and Library Changes
- 23.5. Tips on Using Passwords
- crypt16 algorithm : 8.6.4. Crypt16() and Other Algorithms
- cryptography
- 6. Cryptography
- 6.7.2. Cryptography and Export Controls
- 14.4.4.2. Protection against eavesdropping
- checklist for : A.1.1.5. Chapter 6: Cryptography
- checksums : 6.5.5.1. Checksums
- digital signatures : (see digital signatures)
- export laws concerning : 6.7.2. Cryptography and Export Controls
- Message Authentication Codes (MACs) : 6.5.5.2. Message authentication codes
- message digests : (see message digests)
- PGP : (see PGP)
- private-key
- 6.4. Common Cryptographic Algorithms
- 6.4.1. Summary of Private Key Systems
- public-key
- 6.4. Common Cryptographic Algorithms
- 6.4.2. Summary of Public Key Systems
- 6.4.6. RSA and Public Key Cryptography
- 6.4.6.3. Strength of RSA
- 6.5.3. Digital Signatures
- 18.3. Controlling Access to Files on Your Server
- 18.6. Dependence on Third Parties
- references on : D.1.5. Cryptography Books
- and U.S. patents : 6.7.1. Cryptography and the U.S. Patent System
- csh (C shell)
- 5.5.2. Problems with SUID
- 11.5.1. Shell Features
- 23.2. Tips on Avoiding Security-related Bugs
- C.5.3. Running the User's Shell
- (see also shells)
- autologout variable : 12.3.5.1. Built-in shell autologout
- history file : 10.4.1. Shell History
- uucp command : 15.1.1.1. uucp with the C shell
- .cshrc file
- 11.5.2.2. .cshrc, .kshrc
- 12.3.5.1. Built-in shell autologout
- 24.4.1.6. Changes to startup files
- CSI (Computer Security Institute) : F.1.3. Computer Security Institute (CSI)
- CSLIP (Compressed SLIP) : 16.2. IPv4: The Internet Protocol Version 4
- ctime
- 5.1.2. Inodes
- 5.1.5. File Times
- 5.2.1. chmod: Changing a File's Permissions
- 7.4.7. inode Modification Times
- 9.2.3. Checksums and Signatures
- cu command
- 14.5. Modems and UNIX
- 14.5.3.1. Originate testing
- 14.5.3.3. Privilege testing
- -l option : 14.5.3.1. Originate testing
- culture, computer security : D.1.10. Understanding the Computer Security "Culture"
- current directory : 5.1.3. Current Directory and Paths
- Customer Warning System (CWS) : F.3.4.34. Sun Microsystems customers
Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
Copyright © 1999 O'Reilly & Associates, Inc. All Rights Reserved.