%!PS-Adobe-2.0 %%Creator: dvips(k) 5.92b Copyright 2002 Radical Eye Software %%Title: Security-HOWTO.dvi %%Pages: 52 %%PageOrder: Ascend %%BoundingBox: 0 0 612 792 %%DocumentFonts: Helvetica-Bold Palatino-Roman Palatino-Bold %%+ Palatino-Italic Courier Courier-Oblique Courier-Bold %%EndComments %DVIPSWebPage: (www.radicaleye.com) %DVIPSCommandLine: dvips -R -q -t letter Security-HOWTO.dvi -o %+ Security-HOWTO.ps %DVIPSParameters: dpi=600, compressed %DVIPSSource: TeX output 2004.01.26:1317 %%BeginProcSet: texc.pro %! /TeXDict 300 dict def TeXDict begin/N{def}def/B{bind def}N/S{exch}N/X{S N}B/A{dup}B/TR{translate}N/isls false N/vsize 11 72 mul N/hsize 8.5 72 mul N/landplus90{false}def/@rigin{isls{[0 landplus90{1 -1}{-1 1}ifelse 0 0 0]concat}if 72 Resolution div 72 VResolution div neg scale isls{ landplus90{VResolution 72 div vsize mul 0 exch}{Resolution -72 div hsize mul 0}ifelse TR}if Resolution VResolution vsize -72 div 1 add mul TR[ matrix currentmatrix{A A round sub abs 0.00001 lt{round}if}forall round exch round exch]setmatrix}N/@landscape{/isls true N}B/@manualfeed{ statusdict/manualfeed true put}B/@copies{/#copies X}B/FMat[1 0 0 -1 0 0] N/FBB[0 0 0 0]N/nn 0 N/IEn 0 N/ctr 0 N/df-tail{/nn 8 dict N nn begin /FontType 3 N/FontMatrix fntrx N/FontBBox FBB N string/base X array /BitMaps X/BuildChar{CharBuilder}N/Encoding IEn N end A{/foo setfont}2 array copy cvx N load 0 nn put/ctr 0 N[}B/sf 0 N/df{/sf 1 N/fntrx FMat N df-tail}B/dfs{div/sf X/fntrx[sf 0 0 sf neg 0 0]N df-tail}B/E{pop nn A definefont setfont}B/Cw{Cd A length 5 sub get}B/Ch{Cd A length 4 sub get }B/Cx{128 Cd A length 3 sub get sub}B/Cy{Cd A length 2 sub get 127 sub} B/Cdx{Cd A length 1 sub get}B/Ci{Cd A type/stringtype ne{ctr get/ctr ctr 1 add N}if}B/id 0 N/rw 0 N/rc 0 N/gp 0 N/cp 0 N/G 0 N/CharBuilder{save 3 1 roll S A/base get 2 index get S/BitMaps get S get/Cd X pop/ctr 0 N Cdx 0 Cx Cy Ch sub Cx Cw add Cy setcachedevice Cw Ch true[1 0 0 -1 -.1 Cx sub Cy .1 sub]/id Ci N/rw Cw 7 add 8 idiv string N/rc 0 N/gp 0 N/cp 0 N{ rc 0 ne{rc 1 sub/rc X rw}{G}ifelse}imagemask restore}B/G{{id gp get/gp gp 1 add N A 18 mod S 18 idiv pl S get exec}loop}B/adv{cp add/cp X}B /chg{rw cp id gp 4 index getinterval putinterval A gp add/gp X adv}B/nd{ /cp 0 N rw exit}B/lsh{rw cp 2 copy get A 0 eq{pop 1}{A 255 eq{pop 254}{ A A add 255 and S 1 and or}ifelse}ifelse put 1 adv}B/rsh{rw cp 2 copy get A 0 eq{pop 128}{A 255 eq{pop 127}{A 2 idiv S 128 and or}ifelse} ifelse put 1 adv}B/clr{rw cp 2 index string putinterval adv}B/set{rw cp fillstr 0 4 index getinterval putinterval adv}B/fillstr 18 string 0 1 17 {2 copy 255 put pop}for N/pl[{adv 1 chg}{adv 1 chg nd}{1 add chg}{1 add chg nd}{adv lsh}{adv lsh nd}{adv rsh}{adv rsh nd}{1 add adv}{/rc X nd}{ 1 add set}{1 add clr}{adv 2 chg}{adv 2 chg nd}{pop nd}]A{bind pop} forall N/D{/cc X A type/stringtype ne{]}if nn/base get cc ctr put nn /BitMaps get S ctr S sf 1 ne{A A length 1 sub A 2 index S get sf div put }if put/ctr ctr 1 add N}B/I{cc 1 add D}B/bop{userdict/bop-hook known{ bop-hook}if/SI save N @rigin 0 0 moveto/V matrix currentmatrix A 1 get A mul exch 0 get A mul add .99 lt{/QV}{/RV}ifelse load def pop pop}N/eop{ SI restore userdict/eop-hook known{eop-hook}if showpage}N/@start{ userdict/start-hook known{start-hook}if pop/VResolution X/Resolution X 1000 div/DVImag X/IEn 256 array N 2 string 0 1 255{IEn S A 360 add 36 4 index cvrs cvn put}for pop 65781.76 div/vsize X 65781.76 div/hsize X}N /p{show}N/RMat[1 0 0 -1 0 0]N/BDot 260 string N/Rx 0 N/Ry 0 N/V{}B/RV/v{ /Ry X/Rx X V}B statusdict begin/product where{pop false[(Display)(NeXT) (LaserWriter 16/600)]{A length product length le{A length product exch 0 exch getinterval eq{pop true exit}if}{pop}ifelse}forall}{false}ifelse end{{gsave TR -.1 .1 TR 1 1 scale Rx Ry false RMat{BDot}imagemask grestore}}{{gsave TR -.1 .1 TR Rx Ry scale 1 1 false RMat{BDot} imagemask grestore}}ifelse B/QV{gsave newpath transform round exch round exch itransform moveto Rx 0 rlineto 0 Ry neg rlineto Rx neg 0 rlineto fill grestore}B/a{moveto}B/delta 0 N/tail{A/delta X 0 rmoveto}B/M{S p delta add tail}B/b{S p tail}B/c{-4 M}B/d{-3 M}B/e{-2 M}B/f{-1 M}B/g{0 M} B/h{1 M}B/i{2 M}B/j{3 M}B/k{4 M}B/w{0 rmoveto}B/l{p -4 w}B/m{p -3 w}B/n{ p -2 w}B/o{p -1 w}B/q{p 1 w}B/r{p 2 w}B/s{p 3 w}B/t{p 4 w}B/x{0 S rmoveto}B/y{3 2 roll p a}B/bos{/SS save N}B/eos{SS restore}B end %%EndProcSet %%BeginProcSet: 8r.enc % File 8r.enc as of 2002-03-12 for PSNFSS 9 % % This is the encoding vector for Type1 and TrueType fonts to be used % with TeX. This file is part of the PSNFSS bundle, version 9 % % Authors: S. Rahtz, P. MacKay, Alan Jeffrey, B. Horn, K. Berry, W. Schmidt % % Idea is to have all the characters normally included in Type 1 fonts % available for typesetting. This is effectively the characters in Adobe % Standard Encoding + ISO Latin 1 + extra characters from Lucida + Euro. % % Character code assignments were made as follows: % % (1) the Windows ANSI characters are almost all in their Windows ANSI % positions, because some Windows users cannot easily reencode the % fonts, and it makes no difference on other systems. The only Windows % ANSI characters not available are those that make no sense for % typesetting -- rubout (127 decimal), nobreakspace (160), softhyphen % (173). quotesingle and grave are moved just because it's such an % irritation not having them in TeX positions. % % (2) Remaining characters are assigned arbitrarily to the lower part % of the range, avoiding 0, 10 and 13 in case we meet dumb software. % % (3) Y&Y Lucida Bright includes some extra text characters; in the % hopes that other PostScript fonts, perhaps created for public % consumption, will include them, they are included starting at 0x12. % % (4) Remaining positions left undefined are for use in (hopefully) % upward-compatible revisions, if someday more characters are generally % available. % % (5) hyphen appears twice for compatibility with both ASCII and Windows. % % (6) /Euro is assigned to 128, as in Windows ANSI % /TeXBase1Encoding [ % 0x00 (encoded characters from Adobe Standard not in Windows 3.1) /.notdef /dotaccent /fi /fl /fraction /hungarumlaut /Lslash /lslash /ogonek /ring /.notdef /breve /minus /.notdef % These are the only two remaining unencoded characters, so may as % well include them. /Zcaron /zcaron % 0x10 /caron /dotlessi % (unusual TeX characters available in, e.g., Lucida Bright) /dotlessj /ff /ffi /ffl /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef % very contentious; it's so painful not having quoteleft and quoteright % at 96 and 145 that we move the things normally found there down to here. /grave /quotesingle % 0x20 (ASCII begins) /space /exclam /quotedbl /numbersign /dollar /percent /ampersand /quoteright /parenleft /parenright /asterisk /plus /comma /hyphen /period /slash % 0x30 /zero /one /two /three /four /five /six /seven /eight /nine /colon /semicolon /less /equal /greater /question % 0x40 /at /A /B /C /D /E /F /G /H /I /J /K /L /M /N /O % 0x50 /P /Q /R /S /T /U /V /W /X /Y /Z /bracketleft /backslash /bracketright /asciicircum /underscore % 0x60 /quoteleft /a /b /c /d /e /f /g /h /i /j /k /l /m /n /o % 0x70 /p /q /r /s /t /u /v /w /x /y /z /braceleft /bar /braceright /asciitilde /.notdef % rubout; ASCII ends % 0x80 /Euro /.notdef /quotesinglbase /florin /quotedblbase /ellipsis /dagger /daggerdbl /circumflex /perthousand /Scaron /guilsinglleft /OE /.notdef /.notdef /.notdef % 0x90 /.notdef /.notdef /.notdef /quotedblleft /quotedblright /bullet /endash /emdash /tilde /trademark /scaron /guilsinglright /oe /.notdef /.notdef /Ydieresis % 0xA0 /.notdef % nobreakspace /exclamdown /cent /sterling /currency /yen /brokenbar /section /dieresis /copyright /ordfeminine /guillemotleft /logicalnot /hyphen % Y&Y (also at 45); Windows' softhyphen /registered /macron % 0xD0 /degree /plusminus /twosuperior /threesuperior /acute /mu /paragraph /periodcentered /cedilla /onesuperior /ordmasculine /guillemotright /onequarter /onehalf /threequarters /questiondown % 0xC0 /Agrave /Aacute /Acircumflex /Atilde /Adieresis /Aring /AE /Ccedilla /Egrave /Eacute /Ecircumflex /Edieresis /Igrave /Iacute /Icircumflex /Idieresis % 0xD0 /Eth /Ntilde /Ograve /Oacute /Ocircumflex /Otilde /Odieresis /multiply /Oslash /Ugrave /Uacute /Ucircumflex /Udieresis /Yacute /Thorn /germandbls % 0xE0 /agrave /aacute /acircumflex /atilde /adieresis /aring /ae /ccedilla /egrave /eacute /ecircumflex /edieresis /igrave /iacute /icircumflex /idieresis % 0xF0 /eth /ntilde /ograve /oacute /ocircumflex /otilde /odieresis /divide /oslash /ugrave /uacute /ucircumflex /udieresis /yacute /thorn /ydieresis ] def %%EndProcSet %%BeginProcSet: texps.pro %! TeXDict begin/rf{findfont dup length 1 add dict begin{1 index/FID ne 2 index/UniqueID ne and{def}{pop pop}ifelse}forall[1 index 0 6 -1 roll exec 0 exch 5 -1 roll VResolution Resolution div mul neg 0 0]FontType 0 ne{/Metrics exch def dict begin Encoding{exch dup type/integertype ne{ pop pop 1 sub dup 0 le{pop}{[}ifelse}{FontMatrix 0 get div Metrics 0 get div def}ifelse}forall Metrics/Metrics currentdict end def}{{1 index type /nametype eq{exit}if exch pop}loop}ifelse[2 index currentdict end definefont 3 -1 roll makefont/setfont cvx]cvx def}def/ObliqueSlant{dup sin S cos div neg}B/SlantFont{4 index mul add}def/ExtendFont{3 -1 roll mul exch}def/ReEncodeFont{CharStrings rcheck{/Encoding false def dup[ exch{dup CharStrings exch known not{pop/.notdef/Encoding true def}if} forall Encoding{]exch pop}{cleartomark}ifelse}if/Encoding exch def}def end %%EndProcSet %%BeginProcSet: special.pro %! TeXDict begin/SDict 200 dict N SDict begin/@SpecialDefaults{/hs 612 N /vs 792 N/ho 0 N/vo 0 N/hsc 1 N/vsc 1 N/ang 0 N/CLIP 0 N/rwiSeen false N /rhiSeen false N/letter{}N/note{}N/a4{}N/legal{}N}B/@scaleunit 100 N /@hscale{@scaleunit div/hsc X}B/@vscale{@scaleunit div/vsc X}B/@hsize{ /hs X/CLIP 1 N}B/@vsize{/vs X/CLIP 1 N}B/@clip{/CLIP 2 N}B/@hoffset{/ho X}B/@voffset{/vo X}B/@angle{/ang X}B/@rwi{10 div/rwi X/rwiSeen true N}B /@rhi{10 div/rhi X/rhiSeen true N}B/@llx{/llx X}B/@lly{/lly X}B/@urx{ /urx X}B/@ury{/ury X}B/magscale true def end/@MacSetUp{userdict/md known {userdict/md get type/dicttype eq{userdict begin md length 10 add md maxlength ge{/md md dup length 20 add dict copy def}if end md begin /letter{}N/note{}N/legal{}N/od{txpose 1 0 mtx defaultmatrix dtransform S atan/pa X newpath clippath mark{transform{itransform moveto}}{transform{ itransform lineto}}{6 -2 roll transform 6 -2 roll transform 6 -2 roll transform{itransform 6 2 roll itransform 6 2 roll itransform 6 2 roll curveto}}{{closepath}}pathforall newpath counttomark array astore/gc xdf pop ct 39 0 put 10 fz 0 fs 2 F/|______Courier fnt invertflag{PaintBlack} if}N/txpose{pxs pys scale ppr aload pop por{noflips{pop S neg S TR pop 1 -1 scale}if xflip yflip and{pop S neg S TR 180 rotate 1 -1 scale ppr 3 get ppr 1 get neg sub neg ppr 2 get ppr 0 get neg sub neg TR}if xflip yflip not and{pop S neg S TR pop 180 rotate ppr 3 get ppr 1 get neg sub neg 0 TR}if yflip xflip not and{ppr 1 get neg ppr 0 get neg TR}if}{ noflips{TR pop pop 270 rotate 1 -1 scale}if xflip yflip and{TR pop pop 90 rotate 1 -1 scale ppr 3 get ppr 1 get neg sub neg ppr 2 get ppr 0 get neg sub neg TR}if xflip yflip not and{TR pop pop 90 rotate ppr 3 get ppr 1 get neg sub neg 0 TR}if yflip xflip not and{TR pop pop 270 rotate ppr 2 get ppr 0 get neg sub neg 0 S TR}if}ifelse scaleby96{ppr aload pop 4 -1 roll add 2 div 3 1 roll add 2 div 2 copy TR .96 dup scale neg S neg S TR}if}N/cp{pop pop showpage pm restore}N end}if}if}N/normalscale{ Resolution 72 div VResolution 72 div neg scale magscale{DVImag dup scale }if 0 setgray}N/psfts{S 65781.76 div N}N/startTexFig{/psf$SavedState save N userdict maxlength dict begin/magscale true def normalscale currentpoint TR/psf$ury psfts/psf$urx psfts/psf$lly psfts/psf$llx psfts /psf$y psfts/psf$x psfts currentpoint/psf$cy X/psf$cx X/psf$sx psf$x psf$urx psf$llx sub div N/psf$sy psf$y psf$ury psf$lly sub div N psf$sx psf$sy scale psf$cx psf$sx div psf$llx sub psf$cy psf$sy div psf$ury sub TR/showpage{}N/erasepage{}N/setpagedevice{pop}N/copypage{}N/p 3 def @MacSetUp}N/doclip{psf$llx psf$lly psf$urx psf$ury currentpoint 6 2 roll newpath 4 copy 4 2 roll moveto 6 -1 roll S lineto S lineto S lineto closepath clip newpath moveto}N/endTexFig{end psf$SavedState restore}N /@beginspecial{SDict begin/SpecialSave save N gsave normalscale currentpoint TR @SpecialDefaults count/ocount X/dcount countdictstack N} N/@setspecial{CLIP 1 eq{newpath 0 0 moveto hs 0 rlineto 0 vs rlineto hs neg 0 rlineto closepath clip}if ho vo TR hsc vsc scale ang rotate rwiSeen{rwi urx llx sub div rhiSeen{rhi ury lly sub div}{dup}ifelse scale llx neg lly neg TR}{rhiSeen{rhi ury lly sub div dup scale llx neg lly neg TR}if}ifelse CLIP 2 eq{newpath llx lly moveto urx lly lineto urx ury lineto llx ury lineto closepath clip}if/showpage{}N/erasepage{}N /setpagedevice{pop}N/copypage{}N newpath}N/@endspecial{count ocount sub{ pop}repeat countdictstack dcount sub{end}repeat grestore SpecialSave restore end}N/@defspecial{SDict begin}N/@fedspecial{end}B/li{lineto}B /rl{rlineto}B/rc{rcurveto}B/np{/SaveX currentpoint/SaveY X N 1 setlinecap newpath}N/st{stroke SaveX SaveY moveto}N/fil{fill SaveX SaveY moveto}N/ellipse{/endangle X/startangle X/yrad X/xrad X/savematrix matrix currentmatrix N TR xrad yrad scale 0 0 1 startangle endangle arc savematrix setmatrix}N end %%EndProcSet %%BeginProcSet: color.pro %! TeXDict begin/setcmykcolor where{pop}{/setcmykcolor{dup 10 eq{pop setrgbcolor}{1 sub 4 1 roll 3{3 index add neg dup 0 lt{pop 0}if 3 1 roll }repeat setrgbcolor pop}ifelse}B}ifelse/TeXcolorcmyk{setcmykcolor}def /TeXcolorrgb{setrgbcolor}def/TeXcolorgrey{setgray}def/TeXcolorgray{ setgray}def/TeXcolorhsb{sethsbcolor}def/currentcmykcolor where{pop}{ /currentcmykcolor{currentrgbcolor 10}B}ifelse/DC{exch dup userdict exch known{pop pop}{X}ifelse}B/GreenYellow{0.15 0 0.69 0 setcmykcolor}DC /Yellow{0 0 1 0 setcmykcolor}DC/Goldenrod{0 0.10 0.84 0 setcmykcolor}DC /Dandelion{0 0.29 0.84 0 setcmykcolor}DC/Apricot{0 0.32 0.52 0 setcmykcolor}DC/Peach{0 0.50 0.70 0 setcmykcolor}DC/Melon{0 0.46 0.50 0 setcmykcolor}DC/YellowOrange{0 0.42 1 0 setcmykcolor}DC/Orange{0 0.61 0.87 0 setcmykcolor}DC/BurntOrange{0 0.51 1 0 setcmykcolor}DC /Bittersweet{0 0.75 1 0.24 setcmykcolor}DC/RedOrange{0 0.77 0.87 0 setcmykcolor}DC/Mahogany{0 0.85 0.87 0.35 setcmykcolor}DC/Maroon{0 0.87 0.68 0.32 setcmykcolor}DC/BrickRed{0 0.89 0.94 0.28 setcmykcolor}DC/Red{ 0 1 1 0 setcmykcolor}DC/OrangeRed{0 1 0.50 0 setcmykcolor}DC/RubineRed{ 0 1 0.13 0 setcmykcolor}DC/WildStrawberry{0 0.96 0.39 0 setcmykcolor}DC /Salmon{0 0.53 0.38 0 setcmykcolor}DC/CarnationPink{0 0.63 0 0 setcmykcolor}DC/Magenta{0 1 0 0 setcmykcolor}DC/VioletRed{0 0.81 0 0 setcmykcolor}DC/Rhodamine{0 0.82 0 0 setcmykcolor}DC/Mulberry{0.34 0.90 0 0.02 setcmykcolor}DC/RedViolet{0.07 0.90 0 0.34 setcmykcolor}DC /Fuchsia{0.47 0.91 0 0.08 setcmykcolor}DC/Lavender{0 0.48 0 0 setcmykcolor}DC/Thistle{0.12 0.59 0 0 setcmykcolor}DC/Orchid{0.32 0.64 0 0 setcmykcolor}DC/DarkOrchid{0.40 0.80 0.20 0 setcmykcolor}DC/Purple{ 0.45 0.86 0 0 setcmykcolor}DC/Plum{0.50 1 0 0 setcmykcolor}DC/Violet{ 0.79 0.88 0 0 setcmykcolor}DC/RoyalPurple{0.75 0.90 0 0 setcmykcolor}DC /BlueViolet{0.86 0.91 0 0.04 setcmykcolor}DC/Periwinkle{0.57 0.55 0 0 setcmykcolor}DC/CadetBlue{0.62 0.57 0.23 0 setcmykcolor}DC /CornflowerBlue{0.65 0.13 0 0 setcmykcolor}DC/MidnightBlue{0.98 0.13 0 0.43 setcmykcolor}DC/NavyBlue{0.94 0.54 0 0 setcmykcolor}DC/RoyalBlue{1 0.50 0 0 setcmykcolor}DC/Blue{1 1 0 0 setcmykcolor}DC/Cerulean{0.94 0.11 0 0 setcmykcolor}DC/Cyan{1 0 0 0 setcmykcolor}DC/ProcessBlue{0.96 0 0 0 setcmykcolor}DC/SkyBlue{0.62 0 0.12 0 setcmykcolor}DC/Turquoise{0.85 0 0.20 0 setcmykcolor}DC/TealBlue{0.86 0 0.34 0.02 setcmykcolor}DC /Aquamarine{0.82 0 0.30 0 setcmykcolor}DC/BlueGreen{0.85 0 0.33 0 setcmykcolor}DC/Emerald{1 0 0.50 0 setcmykcolor}DC/JungleGreen{0.99 0 0.52 0 setcmykcolor}DC/SeaGreen{0.69 0 0.50 0 setcmykcolor}DC/Green{1 0 1 0 setcmykcolor}DC/ForestGreen{0.91 0 0.88 0.12 setcmykcolor}DC /PineGreen{0.92 0 0.59 0.25 setcmykcolor}DC/LimeGreen{0.50 0 1 0 setcmykcolor}DC/YellowGreen{0.44 0 0.74 0 setcmykcolor}DC/SpringGreen{ 0.26 0 0.76 0 setcmykcolor}DC/OliveGreen{0.64 0 0.95 0.40 setcmykcolor} DC/RawSienna{0 0.72 1 0.45 setcmykcolor}DC/Sepia{0 0.83 1 0.70 setcmykcolor}DC/Brown{0 0.81 1 0.60 setcmykcolor}DC/Tan{0.14 0.42 0.56 0 setcmykcolor}DC/Gray{0 0 0 0.50 setcmykcolor}DC/Black{0 0 0 1 setcmykcolor}DC/White{0 0 0 0 setcmykcolor}DC end %%EndProcSet TeXDict begin @defspecial /DvipsToPDF { 72.27 mul Resolution div } def /PDFToDvips { 72.27 div Resolution mul } def /HyperBorder { 1 PDFToDvips } def /H.V {pdf@hoff pdf@voff null} def /H.B {/Rect[pdf@llx pdf@lly pdf@urx pdf@ury]} def /H.S { currentpoint HyperBorder add /pdf@lly exch def dup DvipsToPDF /pdf@hoff exch def HyperBorder sub /pdf@llx exch def } def /H.L { 2 sub dup /HyperBasePt exch def PDFToDvips /HyperBaseDvips exch def currentpoint HyperBaseDvips sub /pdf@ury exch def /pdf@urx exch def } def /H.A { H.L currentpoint exch pop vsize 72 sub exch DvipsToPDF HyperBasePt sub sub /pdf@voff exch def } def /H.R { currentpoint HyperBorder sub /pdf@ury exch def HyperBorder add /pdf@urx exch def currentpoint exch pop vsize 72 sub exch DvipsToPDF sub /pdf@voff exch def } def systemdict /pdfmark known not {userdict /pdfmark systemdict /cleartomark get put} if @fedspecial end TeXDict begin 40258431 52099146 1000 600 600 (Security-HOWTO.dvi) @start /Fa 198[25 25 25 25 25 1[25 25 25 25 48[{ TeXBase1Encoding ReEncodeFont }9 49.8132 /Palatino-Italic rf /Fb 139[54 54 4[54 1[54 3[54 2[54 101[{ TeXBase1Encoding ReEncodeFont }6 90.411 /Courier-Bold rf /Fc 139[45 45 4[45 1[45 3[45 2[45 101[{ TeXBase1Encoding ReEncodeFont }6 74.7198 /Courier-Oblique rf /Fd 106[36 149[{ TeXBase1Encoding ReEncodeFont }1 59.7758 /Palatino-Roman rf /Fe 198[25 25 25 25 25 25 25 25 25 25 48[{ TeXBase1Encoding ReEncodeFont }10 49.8132 /Palatino-Roman rf /Ff 199[27 27 27 27 2[27 27 49[{ TeXBase1Encoding ReEncodeFont }6 44.8318 /Courier rf /Fg 106[40 149[{ TeXBase1Encoding ReEncodeFont }1 66.4176 /Palatino-Roman rf /Fh 129[45 1[45 1[45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 1[45 45 45 2[45 45 45 45 45 45 45 1[45 45 45 45 45 2[45 45 45 45 1[45 45 1[45 45 45 45 45 45 1[45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 45 3[45 45 45 33[{ TeXBase1Encoding ReEncodeFont }80 74.7198 /Courier rf /Fi 133[50 56 56 78 56 61 33 56 39 61 61 61 61 89 28 56 28 28 61 61 33 56 61 56 61 56 1[56 5[67 67 95 67 73 61 67 73 1[67 78 73 84 61 73 56 28 73 78 61 67 73 73 73 73 1[61 10[56 1[56 56 56 28 28 33 28 2[33 33 28 4[48 31[61 2[{ TeXBase1Encoding ReEncodeFont }65 100.457 /Helvetica-Bold rf /Fj 134[42 42 60 42 46 28 32 32 38 42 37 46 65 23 37 1[23 42 42 23 32 42 34 38 37 1[42 5[55 1[78 1[65 51 46 55 65 51 65 65 78 46 55 28 28 65 60 46 51 65 55 51 60 6[21 42 42 42 42 42 42 42 42 42 42 25 21 28 3[28 28 23 4[42 30[45 44 2[{ TeXBase1Encoding ReEncodeFont }68 83.022 /Palatino-Italic rf /Fk 134[46 1[69 46 51 28 37 32 51 51 46 51 74 28 51 1[28 51 46 32 42 51 37 51 42 9[83 2[55 51 1[69 51 69 69 1[51 65 1[32 1[69 46 51 69 60 55 65 7[42 42 1[42 42 42 42 42 42 2[21 28 3[28 28 40[{ TeXBase1Encoding ReEncodeFont }52 83.022 /Palatino-Bold rf /Fl 60[65 12[52 33[42 42 20[50 3[42 46 43 69 47 50 27 35 33 46 50 45 48 73 24 46 19 24 48 46 28 40 51 37 46 42 23 42 1[28 1[28 55 55 55 83 60 65 51 44 55 65 50 65 69 79 51 60 28 28 69 63 46 51 64 59 51 65 62 37 50 50 50 21 21 42 42 42 42 42 42 42 42 42 42 50 21 28 21 50 32 28 28 23 65 1[42 1[31 23 29[50 50 2[{ TeXBase1Encoding ReEncodeFont }93 83.022 /Palatino-Roman rf /Fm 134[51 51 71 51 56 30 51 36 1[56 56 56 81 25 51 25 25 56 56 30 51 56 51 56 51 8[61 1[61 1[56 61 2[61 71 66 1[56 2[25 66 71 2[66 66 66 66 89 14[51 2[25 30 25 2[30 30 6[30 33[{ TeXBase1Encoding ReEncodeFont }47 91.3242 /Helvetica-Bold rf /Fn 133[55 61 1[86 61 68 37 61 43 68 68 68 68 98 31 61 1[31 68 68 37 61 68 61 68 61 9[104 2[68 74 1[86 74 86 80 1[68 80 1[31 1[86 68 74 80 80 80 80 19[37 3[37 37 40[{ TeXBase1Encoding ReEncodeFont }44 110.502 /Helvetica-Bold rf /Fo 134[74 74 2[82 45 1[52 3[82 4[37 3[74 1[74 11[126 2[82 89 3[104 2[82 3[97 72[{ TeXBase1Encoding ReEncodeFont }15 133.707 /Helvetica-Bold rf end %%EndProlog %%BeginSetup %%Feature: *Resolution 600dpi TeXDict begin %%BeginPaperSize: Letter letter %%EndPaperSize end %%EndSetup %%Page: 1 1 TeXDict begin 1 0 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a -600 -600 a SDict begin [ /Title () /Subject () /Creator (LaTeX with hyperref package) /Author () /Producer (dvips + Distiller) /Keywords () /DOCINFO pdfmark end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.1) cvn H.B /DEST pdfmark end 197 -102 a Black Black 197 6 a SDict begin [ /Count -15 /Dest (1.0) cvn /Title (Table of Contents) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -4 /Dest (1.1.1) cvn /Title (Introduction) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.1.1.2) cvn /Title (New Versions of this Document) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.1.2.2) cvn /Title (Feedback) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.1.3.2) cvn /Title (Disclaimer) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.1.4.2) cvn /Title (Copyright Information) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -6 /Dest (1.2.1) cvn /Title (Overview) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.2.5.2) cvn /Title (Why Do We Need Security?) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.2.6.2) cvn /Title (How Secure Is Secure?) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.2.7.2) cvn /Title (What Are You Trying to Protect?) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.2.8.2) cvn /Title (Developing A Security Policy) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -3 /Dest (1.2.9.2) cvn /Title (Means of Securing Your Site) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.2.9.1.3) cvn /Title (Host Security) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.2.9.2.3) cvn /Title (Local Network Security) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.2.9.3.3) cvn /Title (Security Through Obscurity) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.2.10.2) cvn /Title (Organization of This Document) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -6 /Dest (1.3.1) cvn /Title (Physical Security) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.3.11.2) cvn /Title (Computer locks) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.3.12.2) cvn /Title (BIOS Security) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.3.13.2) cvn /Title (Boot Loader Security) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.3.14.2) cvn /Title (xlock and vlock) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.3.15.2) cvn /Title (Security of local devices) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.3.16.2) cvn /Title (Detecting Physical Security Compromises) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -2 /Dest (1.4.1) cvn /Title (Local Security) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.4.17.2) cvn /Title (Creating New Accounts) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.4.18.2) cvn /Title (Root Security) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -4 /Dest (1.5.1) cvn /Title (Files and File system Security) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.5.19.2) cvn /Title (Umask Settings) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.5.20.2) cvn /Title (File Permissions) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.5.21.2) cvn /Title (Integrity Checking) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.5.22.2) cvn /Title (Trojan Horses) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -11 /Dest (1.6.1) cvn /Title (Password Security and Encryption) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.6.23.2) cvn /Title (PGP and PublicKey Cryptography) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.6.24.2) cvn /Title (SSL, SHTTP and S/MIME) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.6.25.2) cvn /Title (Linux IPSEC Implementations) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.6.26.2) cvn /Title (ssh \(Secure Shell\) and stelnet) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.6.27.2) cvn /Title (PAM Pluggable Authentication Modules) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.6.28.2) cvn /Title (Cryptographic IP Encapsulation \(CIPE\)) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.6.29.2) cvn /Title (Kerberos) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.6.30.2) cvn /Title (Shadow Passwords.) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.6.31.2) cvn /Title ("Crack" and "John the Ripper") /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.6.32.2) cvn /Title (CFS Cryptographic File System and TCFS Transparent Cryptographic File System) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -3 /Dest (1.6.33.2) cvn /Title (X11, SVGA and display security) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.6.33.4.3) cvn /Title (X11) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.6.33.5.3) cvn /Title (SVGA) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.6.33.6.3) cvn /Title (GGI \(Generic Graphics Interface project\)) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -3 /Dest (1.7.1) cvn /Title (Kernel Security) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.7.34.2) cvn /Title (2.0 Kernel Compile Options) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.7.35.2) cvn /Title (2.2 Kernel Compile Options) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.7.36.2) cvn /Title (Kernel Devices) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -14 /Dest (1.8.1) cvn /Title (Network Security) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.37.2) cvn /Title (Packet Sniffers) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.38.2) cvn /Title (System services and tcpwrappers) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.39.2) cvn /Title (Verify Your DNS Information) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.40.2) cvn /Title (identd) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.41.2) cvn /Title (Configuring and Securing the Postfix MTA) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -1 /Dest (1.8.42.2) cvn /Title (SATAN, ISS, and Other Network Scanners) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.42.7.3) cvn /Title (Detecting Port Scans) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.43.2) cvn /Title (sendmail, qmail and MTA's) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.44.2) cvn /Title (Denial of Service Attacks) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.45.2) cvn /Title (NFS \(Network File System\) Security.) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.46.2) cvn /Title (NIS \(Network Information Service\) \(formerly YP\).) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.47.2) cvn /Title (Firewalls) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.48.2) cvn /Title (IP Chains Linux Kernel 2.2.x Firewalling) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.49.2) cvn /Title (Netfilter Linux Kernel 2.4.x Firewalling) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.8.50.2) cvn /Title (VPNs Virtual Private Networks) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -6 /Dest (1.9.1) cvn /Title (Security Preparation \(before you go online\)) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.9.51.2) cvn /Title (Make a Full Backup of Your Machine) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.9.52.2) cvn /Title (Choosing a Good Backup Schedule) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.9.53.2) cvn /Title (Testing your backups) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.9.54.2) cvn /Title (Backup Your RPM or Debian File Database) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.9.55.2) cvn /Title (Keep Track of Your System Accounting Data) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.9.56.2) cvn /Title (Apply All New System Updates.) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -2 /Dest (1.10.1) cvn /Title (What To Do During and After a Breakin) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.10.57.2) cvn /Title (Security Compromise Underway.) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -4 /Dest (1.10.58.2) cvn /Title (Security Compromise has already happened) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.10.58.8.3) cvn /Title (Closing the Hole) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.10.58.9.3) cvn /Title (Assessing the Damage) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.10.58.10.3) cvn /Title (Backups, Backups, Backups!) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.10.58.11.3) cvn /Title (Tracking Down the Intruder.) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -5 /Dest (1.11.1) cvn /Title (Security Sources) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.11.59.2) cvn /Title (LinuxSecurity.com References) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.11.60.2) cvn /Title (FTP Sites) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.11.61.2) cvn /Title (Web Sites) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.11.62.2) cvn /Title (Mailing Lists) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.11.63.2) cvn /Title (Books Printed Reading Material) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.12.1) cvn /Title (Glossary) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.13.1) cvn /Title (Frequently Asked Questions) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.14.1) cvn /Title (Conclusion) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Count -0 /Dest (1.15.1) cvn /Title (Acknowledgments) /OUT pdfmark end 197 6 a 197 6 a SDict begin [ /Page 1 /View [ /Fit ] /PageMode /UseOutlines /DOCVIEW pdfmark end 197 6 a 197 6 a SDict begin [ {Catalog} << /ViewerPreferences << >> >> /PUT pdfmark end 197 6 a 197 6 a SDict begin H.S end 197 6 a 197 6 a SDict begin 12 H.A end 197 6 a 197 6 a SDict begin [ /View [/XYZ H.V] /Dest (Doc-Start) cvn H.B /DEST pdfmark end 197 6 a 197 6 a SDict begin H.S end 197 6 a 197 6 a SDict begin 12 H.A end 197 6 a 197 6 a SDict begin [ /View [/XYZ H.V] /Dest (0) cvn H.B /DEST pdfmark end 197 6 a 1212 104 a Fo(Lin)o(ux)36 b(Security)i(HO)-7 b(WT)i(O)1635 300 y Fn(K)n(e)n(vin)31 b(Fenzi)1595 392 y Fm(tumm)m(y)-7 b(.com,)27 b(ltd.)1205 566 y(ke)o(vin-securityho)o(wto@tumm)m(y)-7 b(.com)1613 937 y Fn(Da)n(ve)32 b(Wreski)1556 1029 y Fm(lin)o(uxsecurity)-7 b(.com)1408 1203 y(da)o(ve@lin)o(uxsecurity)g(.com)326 1593 y Fl(This)32 b(document)h(is)f(a)f(general)h(overview)f(of)h (security)g(issues)h(that)f(face)e(the)i(administrator)g(of)326 1685 y(Linux)22 b(systems.)g(It)g(covers)g(general)f(security)h (philosophy)i(and)e(a)f(number)h(of)g(speci\002c)g(examples)326 1776 y(of)g(how)h(to)f(better)g(secur)o(e)f(your)h(Linux)g(system)h(fr) o(om)e(intr)o(uders.)h(Also)h(included)f(ar)o(e)e(pointers)j(to)326 1867 y(security-r)o(elated)18 b(material)i(and)g(pr)o(ograms.)g(Impr)o (ovements,)g(constr)o(uctive)h(criticism,)g(additions)326 1959 y(and)g(corr)o(ections)h(ar)o(e)f(gratefully)h(accepted.)e(Please) i(mail)g(your)h(feedback)d(to)j(both)f(authors,)g(with)326 2050 y("Security)e(HOWT)o(O")g(in)h(the)g(subject.)197 2562 y Fn(T)-9 b(ab)o(le)30 b(of)g(Contents)1121 2562 y SDict begin H.S end 1121 2562 a 1121 2562 a SDict begin 14.641 H.A end 1121 2562 a 1121 2562 a SDict begin [ /View [/XYZ H.V] /Dest (1.0) cvn H.B /DEST pdfmark end 1121 2562 a 0 TeXcolorgray 596 2708 a SDict begin H.S end 596 2708 a Fk(Introduction)1077 2708 y SDict begin 11 H.L end 1077 2708 a 1077 2708 a SDict begin [ /Subtype /Link /Dest (20) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1077 2708 a Black Black 12 w Fk(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black 0 TeXcolorgray 3642 2708 a SDict begin H.S end 3642 2708 a Fk(3)3684 2708 y SDict begin 11 H.L end 3684 2708 a 3684 2708 a SDict begin [ /Subtype /Link /Dest (20) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3684 2708 a Black 0 TeXcolorgray 596 2819 a SDict begin H.S end 596 2819 a Fk(Overview)970 2819 y SDict begin 11 H.L end 970 2819 a 970 2819 a SDict begin [ /Subtype /Link /Dest (81) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 970 2819 a Black Black 16 w Fk(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black 0 TeXcolorgray 3642 2819 a SDict begin H.S end 3642 2819 a Fk(4)3684 2819 y SDict begin 11 H.L end 3684 2819 a 3684 2819 a SDict begin [ /Subtype /Link /Dest (81) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3684 2819 a Black 0 TeXcolorgray 596 2931 a SDict begin H.S end 596 2931 a Fk(Physical)18 b(Security)1249 2931 y SDict begin 11 H.L end 1249 2931 a 1249 2931 a SDict begin [ /Subtype /Link /Dest (physical-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1249 2931 a Black Black 7 w Fk(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black 0 TeXcolorgray 3642 2931 a SDict begin H.S end 3642 2931 a Fk(8)3684 2931 y SDict begin 11 H.L end 3684 2931 a 3684 2931 a SDict begin [ /Subtype /Link /Dest (physical-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3684 2931 a Black 0 TeXcolorgray 596 3042 a SDict begin H.S end 596 3042 a Fk(Local)h(Security)1134 3042 y SDict begin 11 H.L end 1134 3042 a 1134 3042 a SDict begin [ /Subtype /Link /Dest (local-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1134 3042 a Black Black 18 w Fk(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray 3601 3042 a SDict begin H.S end 3601 3042 a Fk(11)3685 3042 y SDict begin 11 H.L end 3685 3042 a 3685 3042 a SDict begin [ /Subtype /Link /Dest (local-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3685 3042 a Black 0 TeXcolorgray 596 3153 a SDict begin H.S end 596 3153 a Fk(Files)g(and)h(File)g(system)f(Security)1722 3153 y SDict begin 11 H.L end 1722 3153 a 1722 3153 a SDict begin [ /Subtype /Link /Dest (file-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1722 3153 a Black Black 11 w Fk(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray 3601 3153 a SDict begin H.S end 3601 3153 a Fk(13)3685 3153 y SDict begin 11 H.L end 3685 3153 a 3685 3153 a SDict begin [ /Subtype /Link /Dest (file-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3685 3153 a Black 0 TeXcolorgray 596 3264 a SDict begin H.S end 596 3264 a Fk(Password)h(Security)f(and)h(Encryption)1900 3264 y SDict begin 11 H.L end 1900 3264 a 1900 3264 a SDict begin [ /Subtype /Link /Dest (password-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1900 3264 a Black Black -1 w Fk(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray 3601 3264 a SDict begin H.S end 3601 3264 a Fk(19)3685 3264 y SDict begin 11 H.L end 3685 3264 a 3685 3264 a SDict begin [ /Subtype /Link /Dest (password-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3685 3264 a Black 0 TeXcolorgray 596 3376 a SDict begin H.S end 596 3376 a Fk(Kernel)f(Security)1190 3376 y SDict begin 11 H.L end 1190 3376 a 1190 3376 a SDict begin [ /Subtype /Link /Dest (kernel-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1190 3376 a Black Black 3 w Fk(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray 3601 3376 a SDict begin H.S end 3601 3376 a Fk(25)3685 3376 y SDict begin 11 H.L end 3685 3376 a 3685 3376 a SDict begin [ /Subtype /Link /Dest (kernel-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3685 3376 a Black 0 TeXcolorgray 596 3487 a SDict begin H.S end 596 3487 a Fk(Network)h(Security)1268 3487 y SDict begin 11 H.L end 1268 3487 a 1268 3487 a SDict begin [ /Subtype /Link /Dest (network-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1268 3487 a Black Black 8 w Fk(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray 3601 3487 a SDict begin H.S end 3601 3487 a Fk(29)3685 3487 y SDict begin 11 H.L end 3685 3487 a 3685 3487 a SDict begin [ /Subtype /Link /Dest (network-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3685 3487 a Black 0 TeXcolorgray 596 3598 a SDict begin H.S end 596 3598 a Fk(Security)f(Preparation)f(\(before)i(you)h(go)g (on-line\))2265 3598 y SDict begin 11 H.L end 2265 3598 a 2265 3598 a SDict begin [ /Subtype /Link /Dest (secure-prep) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 2265 3598 a Black Black 8 w Fk(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray 3601 3598 a SDict begin H.S end 3601 3598 a Fk(36)3685 3598 y SDict begin 11 H.L end 3685 3598 a 3685 3598 a SDict begin [ /Subtype /Link /Dest (secure-prep) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3685 3598 a Black 0 TeXcolorgray 596 3709 a SDict begin H.S end 596 3709 a Fk(What)e(T)-9 b(o)21 b(Do)g(During)g(and)f(After)g(a)g(Breakin) 2112 3709 y SDict begin 11 H.L end 2112 3709 a 2112 3709 a SDict begin [ /Subtype /Link /Dest (after-breakin) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 2112 3709 a Black Black 15 w Fk(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray 3601 3709 a SDict begin H.S end 3601 3709 a Fk(38)3685 3709 y SDict begin 11 H.L end 3685 3709 a 3685 3709 a SDict begin [ /Subtype /Link /Dest (after-breakin) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3685 3709 a Black 0 TeXcolorgray 596 3821 a SDict begin H.S end 596 3821 a Fk(Security)f(Sources)1226 3821 y SDict begin 11 H.L end 1226 3821 a 1226 3821 a SDict begin [ /Subtype /Link /Dest (sources) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1226 3821 a Black Black 9 w Fk(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray 3601 3821 a SDict begin H.S end 3601 3821 a Fk(41)3685 3821 y SDict begin 11 H.L end 3685 3821 a 3685 3821 a SDict begin [ /Subtype /Link /Dest (sources) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3685 3821 a Black 0 TeXcolorgray 596 3932 a SDict begin H.S end 596 3932 a Fk(Glossary)933 3932 y SDict begin 11 H.L end 933 3932 a 933 3932 a SDict begin [ /Subtype /Link /Dest (1356) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 933 3932 a Black Black 11 w Fk(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray 3601 3932 a SDict begin H.S end 3601 3932 a Fk(43)3685 3932 y SDict begin 11 H.L end 3685 3932 a 3685 3932 a SDict begin [ /Subtype /Link /Dest (1356) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3685 3932 a Black 0 TeXcolorgray 596 4043 a SDict begin H.S end 596 4043 a Fk(Frequently)f(Asked)i(Questions)1686 4043 y SDict begin 11 H.L end 1686 4043 a 1686 4043 a SDict begin [ /Subtype /Link /Dest (q-and-a) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1686 4043 a Black Black 5 w Fk(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray 3601 4043 a SDict begin H.S end 3601 4043 a Fk(44)3685 4043 y SDict begin 11 H.L end 3685 4043 a 3685 4043 a SDict begin [ /Subtype /Link /Dest (q-and-a) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3685 4043 a Black 0 TeXcolorgray 596 4154 a SDict begin H.S end 596 4154 a Fk(Conclusion)1031 4154 y SDict begin 11 H.L end 1031 4154 a 1031 4154 a SDict begin [ /Subtype /Link /Dest (conclusion) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1031 4154 a Black Black 17 w Fk(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray 3601 4154 a SDict begin H.S end 3601 4154 a Fk(46)3685 4154 y SDict begin 11 H.L end 3685 4154 a 3685 4154 a SDict begin [ /Subtype /Link /Dest (conclusion) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3685 4154 a Black 0 TeXcolorgray 596 4266 a SDict begin H.S end 596 4266 a Fk(Acknowledgments) 1314 4266 y SDict begin 11 H.L end 1314 4266 a 1314 4266 a SDict begin [ /Subtype /Link /Dest (1504) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1314 4266 a Black Black 4 w Fk(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black Black(.)p Black Black(.)p Black Black -1 w(.)p Black Black(.)p Black 0 TeXcolorgray 3601 4266 a SDict begin H.S end 3601 4266 a Fk(46)3685 4266 y SDict begin 11 H.L end 3685 4266 a 3685 4266 a SDict begin [ /Subtype /Link /Dest (1504) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3685 4266 a Black Black Black eop end %%Page: 2 2 TeXDict begin 2 1 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.2) cvn H.B /DEST pdfmark end 197 -102 a Black Black Black Black eop end %%Page: 3 3 TeXDict begin 3 2 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.3) cvn H.B /DEST pdfmark end 197 -102 a Black Black 197 6 a SDict begin H.S end 197 6 a 197 6 a SDict begin 11 H.A end 197 6 a 197 6 a SDict begin [ /View [/XYZ H.V] /Dest (20) cvn H.B /DEST pdfmark end 197 6 a 83 x Fn(Intr)n(oduction)843 89 y SDict begin H.S end 843 89 a 843 89 a SDict begin 14.641 H.A end 843 89 a 843 89 a SDict begin [ /View [/XYZ H.V] /Dest (1.1.1) cvn H.B /DEST pdfmark end 843 89 a 197 146 a SDict begin H.S end 197 146 a 197 146 a SDict begin 11 H.A end 197 146 a 197 146 a SDict begin [ /View [/XYZ H.V] /Dest (22) cvn H.B /DEST pdfmark end 197 146 a 596 236 a Fl(This)32 b(document)g(covers)g (some)g(of)g(the)f(main)h(issues)h(that)e(af)o(fect)f(Linux)i(security) -9 b(.)31 b(General)596 327 y(philosophy)22 b(and)e(net-born)h(r)o (esour)o(ces)f(ar)o(e)f(discussed.)197 392 y SDict begin H.S end 197 392 a 197 392 a SDict begin 11 H.A end 197 392 a 197 392 a SDict begin [ /View [/XYZ H.V] /Dest (23) cvn H.B /DEST pdfmark end 197 392 a 596 460 a Fl(A)h(number)h(of) g(other)g(HOWT)o(O)g(documents)g(overlap)g(with)g(security)g(issues,)g (and)g(those)g(doc-)596 551 y(uments)g(have)f(been)h(pointed)g(to)g (wher)o(ever)f(appr)o(opriate.)197 616 y SDict begin H.S end 197 616 a 197 616 a SDict begin 11 H.A end 197 616 a 197 616 a SDict begin [ /View [/XYZ H.V] /Dest (24) cvn H.B /DEST pdfmark end 197 616 a 596 684 a Fl(This)i(document)g(is) 1250 684 y SDict begin H.S end 1250 684 a 1250 684 a SDict begin 11 H.A end 1250 684 a 1250 684 a SDict begin [ /View [/XYZ H.V] /Dest (25) cvn H.B /DEST pdfmark end 1250 684 a Fj(not)g Fl(meant)g(to)g(be)f(a)h(up-to-date)e(exploits)i (document.)g(Lar)o(ge)f(numbers)h(of)596 775 y(new)e(exploits)h(happen) g(all)f(the)h(time.)f(This)i(document)f(will)g(tell)g(you)g(wher)o(e)f (to)h(look)g(for)f(such)596 867 y(up-to-date)d(information,)i(and)f (will)h(give)g(some)g(general)f(methods)h(to)g(pr)o(event)f(such)h (exploits)596 958 y(fr)o(om)h(taking)h(place.)197 981 y SDict begin H.S end 197 981 a 197 981 a SDict begin 11 H.A end 197 981 a 197 981 a SDict begin [ /View [/XYZ H.V] /Dest (26) cvn H.B /DEST pdfmark end 197 981 a 596 1227 a Fi(Ne)n(w)27 b(V)-5 b(er)n(sions)29 b(of)g(this)f(Document)2093 1227 y SDict begin H.S end 2093 1227 a 2093 1227 a SDict begin 13.31 H.A end 2093 1227 a 2093 1227 a SDict begin [ /View [/XYZ H.V] /Dest (1.1.1.2) cvn H.B /DEST pdfmark end 2093 1227 a 197 1278 a SDict begin H.S end 197 1278 a 197 1278 a SDict begin 11 H.A end 197 1278 a 197 1278 a SDict begin [ /View [/XYZ H.V] /Dest (28) cvn H.B /DEST pdfmark end 197 1278 a 596 1368 a Fl(New)d(versions)h(of)g(this)g (document)g(will)g(be)f(periodically)g(posted)h(to)2903 1368 y SDict begin H.S end 2903 1368 a 2903 1368 a SDict begin 11 H.A end 2903 1368 a 2903 1368 a SDict begin [ /View [/XYZ H.V] /Dest (29) cvn H.B /DEST pdfmark end 2903 1368 a Fj(comp.os.linux.answers)p Fl(.)596 1460 y(They)19 b(will)i(also)f(be)f(added)f(to)i(the)g(various)g(sites)g (that)f(ar)o(chive)g(such)h(information,)g(including:)197 1525 y SDict begin H.S end 197 1525 a 197 1525 a SDict begin 11 H.A end 197 1525 a 197 1525 a SDict begin [ /View [/XYZ H.V] /Dest (30) cvn H.B /DEST pdfmark end 197 1525 a 197 1525 a SDict begin H.S end 197 1525 a 197 1525 a SDict begin 11 H.A end 197 1525 a 197 1525 a SDict begin [ /View [/XYZ H.V] /Dest (31) cvn H.B /DEST pdfmark end 197 1525 a 197 1525 a SDict begin H.S end 197 1525 a 197 1525 a SDict begin 11 H.A end 197 1525 a 197 1525 a SDict begin [ /View [/XYZ H.V] /Dest (32) cvn H.B /DEST pdfmark end 197 1525 a 596 1593 a Fh(http://www.linuxdoc.org/)197 1646 y SDict begin H.S end 197 1646 a 197 1646 a SDict begin 11 H.A end 197 1646 a 197 1646 a SDict begin [ /View [/XYZ H.V] /Dest (33) cvn H.B /DEST pdfmark end 197 1646 a 596 1725 a Fl(The)i(very)g(latest)g(version)h(of)f(this)h (document)g(should)g(also)g(be)f(available)f(in)i(various)f(formats)596 1817 y(fr)o(om:)197 1860 y SDict begin H.S end 197 1860 a 197 1860 a SDict begin 11 H.A end 197 1860 a 197 1860 a SDict begin [ /View [/XYZ H.V] /Dest (34) cvn H.B /DEST pdfmark end 197 1860 a 197 1860 a SDict begin H.S end 197 1860 a 197 1860 a SDict begin 11 H.A end 197 1860 a 197 1860 a SDict begin [ /View [/XYZ H.V] /Dest (35) cvn H.B /DEST pdfmark end 197 1860 a 197 1901 a SDict begin H.S end 197 1901 a 197 1901 a SDict begin 11 H.A end 197 1901 a 197 1901 a SDict begin [ /View [/XYZ H.V] /Dest (36) cvn H.B /DEST pdfmark end 197 1901 a Black 596 2074 a Fg(\225)p Black 679 2074 a SDict begin H.S end 679 2074 a 679 2074 a SDict begin 11 H.A end 679 2074 a 679 2074 a SDict begin [ /View [/XYZ H.V] /Dest (37) cvn H.B /DEST pdfmark end 679 2074 a 679 2074 a SDict begin H.S end 679 2074 a 679 2074 a SDict begin 11 H.A end 679 2074 a 679 2074 a SDict begin [ /View [/XYZ H.V] /Dest (38) cvn H.B /DEST pdfmark end 679 2074 a 679 2074 a SDict begin H.S end 679 2074 a 679 2074 a SDict begin 11 H.A end 679 2074 a 679 2074 a SDict begin [ /View [/XYZ H.V] /Dest (39) cvn H.B /DEST pdfmark end 679 2074 a Fh(http://scrye.com/~kevin/lsh/)197 2086 y SDict begin H.S end 197 2086 a 197 2086 a SDict begin 11 H.A end 197 2086 a 197 2086 a SDict begin [ /View [/XYZ H.V] /Dest (40) cvn H.B /DEST pdfmark end 197 2086 a Black 596 2207 a Fg(\225)p Black 679 2207 a SDict begin H.S end 679 2207 a 679 2207 a SDict begin 11 H.A end 679 2207 a 679 2207 a SDict begin [ /View [/XYZ H.V] /Dest (41) cvn H.B /DEST pdfmark end 679 2207 a 679 2207 a SDict begin H.S end 679 2207 a 679 2207 a SDict begin 11 H.A end 679 2207 a 679 2207 a SDict begin [ /View [/XYZ H.V] /Dest (42) cvn H.B /DEST pdfmark end 679 2207 a 679 2207 a SDict begin H.S end 679 2207 a 679 2207 a SDict begin 11 H.A end 679 2207 a 679 2207 a SDict begin [ /View [/XYZ H.V] /Dest (43) cvn H.B /DEST pdfmark end 679 2207 a Fh(http://www.linuxsecurity.com/docs/Se)o(curity)o(-HOWTO)197 2219 y SDict begin H.S end 197 2219 a 197 2219 a SDict begin 11 H.A end 197 2219 a 197 2219 a SDict begin [ /View [/XYZ H.V] /Dest (44) cvn H.B /DEST pdfmark end 197 2219 a Black 596 2340 a Fg(\225)p Black 679 2340 a SDict begin H.S end 679 2340 a 679 2340 a SDict begin 11 H.A end 679 2340 a 679 2340 a SDict begin [ /View [/XYZ H.V] /Dest (45) cvn H.B /DEST pdfmark end 679 2340 a 679 2340 a SDict begin H.S end 679 2340 a 679 2340 a SDict begin 11 H.A end 679 2340 a 679 2340 a SDict begin [ /View [/XYZ H.V] /Dest (46) cvn H.B /DEST pdfmark end 679 2340 a 679 2340 a SDict begin H.S end 679 2340 a 679 2340 a SDict begin 11 H.A end 679 2340 a 679 2340 a SDict begin [ /View [/XYZ H.V] /Dest (47) cvn H.B /DEST pdfmark end 679 2340 a Fh(http://www.tummy.com/security-howto)197 2514 y SDict begin H.S end 197 2514 a 197 2514 a SDict begin 11 H.A end 197 2514 a 197 2514 a SDict begin [ /View [/XYZ H.V] /Dest (48) cvn H.B /DEST pdfmark end 197 2514 a 596 2791 a Fi(Feedbac)n(k)1057 2791 y SDict begin H.S end 1057 2791 a 1057 2791 a SDict begin 13.31 H.A end 1057 2791 a 1057 2791 a SDict begin [ /View [/XYZ H.V] /Dest (1.1.2.2) cvn H.B /DEST pdfmark end 1057 2791 a 197 2842 a SDict begin H.S end 197 2842 a 197 2842 a SDict begin 11 H.A end 197 2842 a 197 2842 a SDict begin [ /View [/XYZ H.V] /Dest (50) cvn H.B /DEST pdfmark end 197 2842 a 596 2932 a Fl(All)g(comments,)i(err)o(or)d(r)o(eports,)h (additional)g(information)i(and)e(criticism)h(of)g(all)f(sorts)h (should)596 3023 y(be)d(dir)o(ected)f(to:)197 3067 y SDict begin H.S end 197 3067 a 197 3067 a SDict begin 11 H.A end 197 3067 a 197 3067 a SDict begin [ /View [/XYZ H.V] /Dest (51) cvn H.B /DEST pdfmark end 197 3067 a 197 3067 a SDict begin H.S end 197 3067 a 197 3067 a SDict begin 11 H.A end 197 3067 a 197 3067 a SDict begin [ /View [/XYZ H.V] /Dest (52) cvn H.B /DEST pdfmark end 197 3067 a 197 3067 a SDict begin H.S end 197 3067 a 197 3067 a SDict begin 11 H.A end 197 3067 a 197 3067 a SDict begin [ /View [/XYZ H.V] /Dest (53) cvn H.B /DEST pdfmark end 197 3067 a 596 3156 a Fh(kevin-securityhowto@tummy.com) 1901 3126 y Ff(5)197 3210 y SDict begin H.S end 197 3210 a 197 3210 a SDict begin 11 H.A end 197 3210 a 197 3210 a SDict begin [ /View [/XYZ H.V] /Dest (54) cvn H.B /DEST pdfmark end 197 3210 a 596 3289 a Fl(and)197 3331 y SDict begin H.S end 197 3331 a 197 3331 a SDict begin 11 H.A end 197 3331 a 197 3331 a SDict begin [ /View [/XYZ H.V] /Dest (55) cvn H.B /DEST pdfmark end 197 3331 a 197 3331 a SDict begin H.S end 197 3331 a 197 3331 a SDict begin 11 H.A end 197 3331 a 197 3331 a SDict begin [ /View [/XYZ H.V] /Dest (56) cvn H.B /DEST pdfmark end 197 3331 a 197 3331 a SDict begin H.S end 197 3331 a 197 3331 a SDict begin 11 H.A end 197 3331 a 197 3331 a SDict begin [ /View [/XYZ H.V] /Dest (57) cvn H.B /DEST pdfmark end 197 3331 a 596 3422 a Fh(dave@linuxsecurity.com)1586 3392 y Ff(6)197 3475 y SDict begin H.S end 197 3475 a 197 3475 a SDict begin 11 H.A end 197 3475 a 197 3475 a SDict begin [ /View [/XYZ H.V] /Dest (58) cvn H.B /DEST pdfmark end 197 3475 a 197 3475 a SDict begin H.S end 197 3475 a 197 3475 a SDict begin 11 H.A end 197 3475 a 197 3475 a SDict begin [ /View [/XYZ H.V] /Dest (59) cvn H.B /DEST pdfmark end 197 3475 a 596 3555 a Fj(Note)p Fl(:)26 b(Please)h(send)h(your)f(feedback)f(to)1922 3555 y SDict begin H.S end 1922 3555 a 1922 3555 a SDict begin 11 H.A end 1922 3555 a 1922 3555 a SDict begin [ /View [/XYZ H.V] /Dest (60) cvn H.B /DEST pdfmark end 1922 3555 a Fj(both)h Fl(authors.)g(Also,)h(be)f(sur)o(e)g(and)g(include)g ("Linux")596 3646 y("security",)20 b(or)h("HOWT)o(O")f(in)h(your)g (subject)g(to)g(avoid)g(Kevin's)g(spam)g(\002lter)-6 b(.)197 3711 y SDict begin H.S end 197 3711 a 197 3711 a SDict begin 11 H.A end 197 3711 a 197 3711 a SDict begin [ /View [/XYZ H.V] /Dest (61) cvn H.B /DEST pdfmark end 197 3711 a 596 3964 a Fi(Disc)n(laimer)1103 3964 y SDict begin H.S end 1103 3964 a 1103 3964 a SDict begin 13.31 H.A end 1103 3964 a 1103 3964 a SDict begin [ /View [/XYZ H.V] /Dest (1.1.3.2) cvn H.B /DEST pdfmark end 1103 3964 a 197 4016 a SDict begin H.S end 197 4016 a 197 4016 a SDict begin 11 H.A end 197 4016 a 197 4016 a SDict begin [ /View [/XYZ H.V] /Dest (63) cvn H.B /DEST pdfmark end 197 4016 a 596 4106 a Fl(No)23 b(liability)h(for)e(the)i (contents)g(of)f(this)h(document)f(can)g(be)g(accepted.)e(Use)i(the)g (concepts,)h(ex-)596 4197 y(amples)31 b(and)g(other)h(content)g(at)f (your)h(own)g(risk.)f(Additionally)-9 b(,)32 b(this)g(is)g(an)f(early)g (version,)596 4288 y(possibly)21 b(with)h(many)f(inaccuracies)f(or)h (err)o(ors.)197 4353 y SDict begin H.S end 197 4353 a 197 4353 a SDict begin 11 H.A end 197 4353 a 197 4353 a SDict begin [ /View [/XYZ H.V] /Dest (64) cvn H.B /DEST pdfmark end 197 4353 a 596 4421 a Fl(A)f(number)h(of)g(the)h(examples) e(and)h(descriptions)g(use)h(the)f(RedHat\(tm\))f(package)g(layout)h (and)596 4513 y(system)g(setup.)f(Y)-8 b(our)22 b(mileage)f(may)f(vary) -9 b(.)197 4578 y SDict begin H.S end 197 4578 a 197 4578 a SDict begin 11 H.A end 197 4578 a 197 4578 a SDict begin [ /View [/XYZ H.V] /Dest (65) cvn H.B /DEST pdfmark end 197 4578 a 596 4645 a Fl(As)25 b(far)f(as)i(we)f(know)-8 b(,)27 b(only)g(pr)o(ograms)e(that,)g(under)g(certain)g(terms)h(may)g (be)f(used)g(or)h(evalu-)596 4737 y(ated)18 b(for)i(personal)g (purposes)g(will)g(be)f(described.)g(Most)h(of)f(the)h(pr)o(ograms)g (will)g(be)g(available,)596 4828 y(complete)g(with)i(sour)o(ce,)e (under)1664 4828 y SDict begin H.S end 1664 4828 a 1664 4828 a SDict begin 11 H.A end 1664 4828 a 1664 4828 a SDict begin [ /View [/XYZ H.V] /Dest (66) cvn H.B /DEST pdfmark end 1664 4828 a Fl(GNU)1861 4795 y Fe(7)1907 4828 y Fl(terms.)197 4893 y SDict begin H.S end 197 4893 a 197 4893 a SDict begin 11 H.A end 197 4893 a 197 4893 a SDict begin [ /View [/XYZ H.V] /Dest (67) cvn H.B /DEST pdfmark end 197 4893 a 596 5146 a Fi(Cop)n(yright)29 b(Inf)n(ormation)1644 5146 y SDict begin H.S end 1644 5146 a 1644 5146 a SDict begin 13.31 H.A end 1644 5146 a 1644 5146 a SDict begin [ /View [/XYZ H.V] /Dest (1.1.4.2) cvn H.B /DEST pdfmark end 1644 5146 a 197 5219 a SDict begin H.S end 197 5219 a 197 5219 a SDict begin 11 H.A end 197 5219 a 197 5219 a SDict begin [ /View [/XYZ H.V] /Dest (69) cvn H.B /DEST pdfmark end 197 5219 a 596 5288 a Fl(This)e(document)g(is)g(copyrighted)g(\(c\)1998-2000)22 b(Kevin)27 b(Fenzi)g(and)g(Dave)f(W)-6 b(r)o(eski,)26 b(and)g(dis-)596 5379 y(tributed)20 b(under)g(the)h(following)h(terms:) 197 5444 y SDict begin H.S end 197 5444 a 197 5444 a SDict begin 11 H.A end 197 5444 a 197 5444 a SDict begin [ /View [/XYZ H.V] /Dest (70) cvn H.B /DEST pdfmark end 197 5444 a 197 5444 a SDict begin H.S end 197 5444 a 197 5444 a SDict begin 11 H.A end 197 5444 a 197 5444 a SDict begin [ /View [/XYZ H.V] /Dest (71) cvn H.B /DEST pdfmark end 197 5444 a 197 5485 a SDict begin H.S end 197 5485 a 197 5485 a SDict begin 11 H.A end 197 5485 a 197 5485 a SDict begin [ /View [/XYZ H.V] /Dest (72) cvn H.B /DEST pdfmark end 197 5485 a Black 3642 5585 a Fj(3)p Black eop end %%Page: 4 4 TeXDict begin 4 3 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.4) cvn H.B /DEST pdfmark end 197 -102 a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black Black 596 89 a Fg(\225)p Black 679 89 a SDict begin H.S end 679 89 a 679 89 a SDict begin 11 H.A end 679 89 a 679 89 a SDict begin [ /View [/XYZ H.V] /Dest (73) cvn H.B /DEST pdfmark end 679 89 a Fl(Linux)c(HOWT)o(O)g(documents)h(may)g(be)f(r)o (epr)o(oduced)e(and)i(distributed)g(in)g(whole)i(or)e(in)h(part,)679 180 y(in)24 b(any)g(medium,)g(physical)h(or)f(electr)o(onic,)g(as)f (long)j(as)d(this)i(copyright)g(notice)g(is)f(r)o(etained)679 272 y(on)e(all)f(copies.)h(Commer)o(cial)f(r)o(edistribution)h(is)g (allowed)f(and)h(encouraged;)e(however)-6 b(,)22 b(the)679 363 y(authors)f(would)g(like)g(to)g(be)f(noti\002ed)i(of)f(any)f(such)h (distributions.)197 386 y SDict begin H.S end 197 386 a 197 386 a SDict begin 11 H.A end 197 386 a 197 386 a SDict begin [ /View [/XYZ H.V] /Dest (74) cvn H.B /DEST pdfmark end 197 386 a Black 596 496 a Fg(\225)p Black 679 496 a SDict begin H.S end 679 496 a 679 496 a SDict begin 11 H.A end 679 496 a 679 496 a SDict begin [ /View [/XYZ H.V] /Dest (75) cvn H.B /DEST pdfmark end 679 496 a Fl(All)32 b(translations,)i(derivative)e(works,)h(or)g(aggr)o (egate)e(works)j(incorporating)g(any)f(Linux)679 587 y(HOWT)o(O)f(documents)i(must)f(be)f(cover)o(ed)g(under)g(this)i (copyright)f(notice.)g(That)g(is,)f(you)679 679 y(may)18 b(not)h(pr)o(oduce)e(a)h(derivative)f(work)i(fr)o(om)e(a)h(HOWT)o(O)g (and)g(impose)h(additional)f(r)o(estric-)679 770 y(tions)29 b(on)g(its)g(distribution.)g(Exceptions)f(to)h(these)g(r)o(ules)f(may)h (be)f(granted)f(under)h(certain)679 861 y(conditions;)21 b(please)f(contact)h(the)g(Linux)g(HOWT)o(O)f(coor)o(dinator)h(at)f (the)h(addr)o(ess)e(given)i(be-)679 953 y(low)-8 b(.)197 955 y SDict begin H.S end 197 955 a 197 955 a SDict begin 11 H.A end 197 955 a 197 955 a SDict begin [ /View [/XYZ H.V] /Dest (76) cvn H.B /DEST pdfmark end 197 955 a Black 596 1085 a Fg(\225)p Black 679 1085 a SDict begin H.S end 679 1085 a 679 1085 a SDict begin 11 H.A end 679 1085 a 679 1085 a SDict begin [ /View [/XYZ H.V] /Dest (77) cvn H.B /DEST pdfmark end 679 1085 a Fl(If)20 b(you)h(have)f(questions,)i(please)e(contact)g(T)-5 b(im)22 b(Bynum,)f(the)f(Linux)h(HOWT)o(O)g(coor)o(dinator)-6 b(,)679 1177 y(at)197 1351 y SDict begin H.S end 197 1351 a 197 1351 a SDict begin 11 H.A end 197 1351 a 197 1351 a SDict begin [ /View [/XYZ H.V] /Dest (78) cvn H.B /DEST pdfmark end 197 1351 a 197 1351 a SDict begin H.S end 197 1351 a 197 1351 a SDict begin 11 H.A end 197 1351 a 197 1351 a SDict begin [ /View [/XYZ H.V] /Dest (79) cvn H.B /DEST pdfmark end 197 1351 a 197 1351 a SDict begin H.S end 197 1351 a 197 1351 a SDict begin 11 H.A end 197 1351 a 197 1351 a SDict begin [ /View [/XYZ H.V] /Dest (80) cvn H.B /DEST pdfmark end 197 1351 a 596 1442 a Fh(tjbynum@metalab.unc.edu)1631 1412 y Ff(8)197 1579 y SDict begin H.S end 197 1579 a 197 1579 a SDict begin 11 H.A end 197 1579 a 197 1579 a SDict begin [ /View [/XYZ H.V] /Dest (81) cvn H.B /DEST pdfmark end 197 1579 a 275 x Fn(Over)q(vie)n(w)686 1854 y SDict begin H.S end 686 1854 a 686 1854 a SDict begin 14.641 H.A end 686 1854 a 686 1854 a SDict begin [ /View [/XYZ H.V] /Dest (1.2.1) cvn H.B /DEST pdfmark end 686 1854 a 197 1911 a SDict begin H.S end 197 1911 a 197 1911 a SDict begin 11 H.A end 197 1911 a 197 1911 a SDict begin [ /View [/XYZ H.V] /Dest (83) cvn H.B /DEST pdfmark end 197 1911 a 596 2001 a Fl(This)29 b(document)f(will)i(attempt)e(to)h(explain)f (some)h(pr)o(ocedur)o(es)d(and)i(commonly-used)i(soft-)596 2092 y(war)o(e)25 b(to)j(help)f(your)g(Linux)h(system)f(be)g(mor)o(e)g (secur)o(e.)e(It)j(is)f(important)g(to)h(discuss)f(some)h(of)596 2184 y(the)20 b(basic)h(concepts)g(\002rst,)g(and)f(cr)o(eate)f(a)h (security)h(foundation,)g(befor)o(e)f(we)g(get)h(started.)197 2207 y SDict begin H.S end 197 2207 a 197 2207 a SDict begin 11 H.A end 197 2207 a 197 2207 a SDict begin [ /View [/XYZ H.V] /Dest (84) cvn H.B /DEST pdfmark end 197 2207 a 596 2453 a Fi(Wh)n(y)27 b(Do)h(W)l(e)g(Need)g(Security?)1901 2453 y SDict begin H.S end 1901 2453 a 1901 2453 a SDict begin 13.31 H.A end 1901 2453 a 1901 2453 a SDict begin [ /View [/XYZ H.V] /Dest (1.2.5.2) cvn H.B /DEST pdfmark end 1901 2453 a 197 2524 a SDict begin H.S end 197 2524 a 197 2524 a SDict begin 11 H.A end 197 2524 a 197 2524 a SDict begin [ /View [/XYZ H.V] /Dest (86) cvn H.B /DEST pdfmark end 197 2524 a 596 2594 a Fl(In)17 b(the)g(ever)o(-changing)f (world)h(of)g(global)g(data)f(communications,)j(inexpensive)e(Internet) g(con-)596 2685 y(nections,)i(and)g(fast-paced)e(softwar)o(e)h (development,)h(security)g(is)g(becoming)h(mor)o(e)f(and)f(mor)o(e)596 2777 y(of)24 b(an)h(issue.)g(Security)g(is)g(now)h(a)f(basic)f(r)o (equir)o(ement)h(because)f(global)h(computing)h(is)f(inher)o(-)596 2868 y(ently)16 b(insecur)o(e.)g(As)g(your)h(data)e(goes)i(fr)o(om)f (point)h(A)f(to)h(point)g(B)f(on)h(the)g(Internet,)f(for)g(example,)596 2959 y(it)i(may)h(pass)f(thr)o(ough)h(several)f(other)g(points)i(along) f(the)f(way)-9 b(,)18 b(giving)i(other)e(users)h(the)g(oppor)o(-)596 3051 y(tunity)31 b(to)h(inter)o(cept,)d(and)i(even)f(alter)-6 b(,)30 b(it.)h(Even)g(other)g(users)g(on)g(your)h(system)f(may)g(mali-) 596 3142 y(ciously)19 b(transform)g(your)h(data)d(into)j(something)h (you)e(did)g(not)g(intend.)g(Unauthorized)g(access)596 3233 y(to)28 b(your)h(system)h(may)e(be)h(obtained)f(by)h(intr)o (uders,)f(also)h(known)h(as)e("crackers",)f(who)i(then)596 3325 y(use)e(advanced)g(knowledge)h(to)h(impersonate)f(you,)g(steal)g (information)g(fr)o(om)g(you,)g(or)g(even)596 3416 y(deny)e(you)g (access)g(to)g(your)h(own)g(r)o(esour)o(ces.)e(If)h(you'r)o(e)f (wondering)i(what)g(the)f(dif)o(fer)o(ence)e(is)596 3507 y(between)17 b(a)g("Hacker")g(and)g(a)g("Cracker",)f(see)i(Eric)f (Raymond's)i(document,)f("How)g(to)g(Become)596 3599 y(A)i(Hacker",)f(available)h(at)1459 3599 y SDict begin H.S end 1459 3599 a 1459 3599 a SDict begin 11 H.A end 1459 3599 a 1459 3599 a SDict begin [ /View [/XYZ H.V] /Dest (87) cvn H.B /DEST pdfmark end 1459 3599 a Fl(http://www)-8 b(.catb.or)o(g/~esr/faqs/hacker)o(-howto.html.)197 3664 y SDict begin H.S end 197 3664 a 197 3664 a SDict begin 11 H.A end 197 3664 a 197 3664 a SDict begin [ /View [/XYZ H.V] /Dest (88) cvn H.B /DEST pdfmark end 197 3664 a 596 3917 a Fi(Ho)n(w)28 b(Secure)g(Is)g(Secure?)1705 3917 y SDict begin H.S end 1705 3917 a 1705 3917 a SDict begin 13.31 H.A end 1705 3917 a 1705 3917 a SDict begin [ /View [/XYZ H.V] /Dest (1.2.6.2) cvn H.B /DEST pdfmark end 1705 3917 a 197 3968 a SDict begin H.S end 197 3968 a 197 3968 a SDict begin 11 H.A end 197 3968 a 197 3968 a SDict begin [ /View [/XYZ H.V] /Dest (90) cvn H.B /DEST pdfmark end 197 3968 a 596 4058 a Fl(First,)23 b(keep)f(in)i(mind)f (that)g(no)h(computer)f(system)h(can)e(ever)h(be)f(completely)i(secur)o (e.)d(All)i(you)596 4150 y(can)e(do)h(is)g(make)f(it)h(incr)o(easingly) g(dif)o(\002cult)g(for)f(someone)i(to)f(compr)o(omise)g(your)g(system.) h(For)596 4241 y(the)e(average)e(home)j(Linux)f(user)-6 b(,)20 b(not)i(much)f(is)h(r)o(equir)o(ed)d(to)j(keep)e(the)h(casual)g (cracker)e(at)i(bay)-9 b(.)596 4332 y(However)j(,)25 b(for)h(high-pr)o(o\002le)g(Linux)g(users)g(\(banks,)f (telecommunications)j(companies,)e(etc\),)596 4424 y(much)21 b(mor)o(e)f(work)i(is)f(r)o(equir)o(ed.)197 4489 y SDict begin H.S end 197 4489 a 197 4489 a SDict begin 11 H.A end 197 4489 a 197 4489 a SDict begin [ /View [/XYZ H.V] /Dest (91) cvn H.B /DEST pdfmark end 197 4489 a 596 4556 a Fl(Another)i(factor)g(to)i(take)e(into)h(account)g(is)g(that)g (the)g(mor)o(e)f(secur)o(e)g(your)h(system)g(is,)g(the)g(mor)o(e)596 4648 y(intr)o(usive)19 b(your)h(security)f(becomes.)g(Y)-8 b(ou)20 b(need)f(to)h(decide)e(wher)o(e)g(in)i(this)g(balancing)f(act)g (your)596 4739 y(system)i(will)h(still)f(be)g(usable,)f(and)g(yet)h (secur)o(e)f(for)h(your)g(purposes.)f(For)i(instance,)e(you)i(could)596 4830 y(r)o(equir)o(e)16 b(everyone)i(dialing)f(into)i(your)f(system)g (to)g(use)g(a)f(call-back)g(modem)h(to)g(call)f(them)h(back)596 4922 y(at)i(their)h(home)h(number)-6 b(.)21 b(This)h(is)f(mor)o(e)g (secur)o(e,)f(but)h(if)g(someone)h(is)f(not)h(at)f(home,)g(it)h(makes)f (it)596 5013 y(dif)o(\002cult)g(for)h(them)g(to)g(login.)h(Y)-8 b(ou)23 b(could)f(also)g(setup)g(your)g(Linux)g(system)h(with)g(no)f (network)596 5104 y(or)e(connection)i(to)g(the)f(Internet,)f(but)h (this)g(limits)h(its)f(usefulness.)197 5159 y SDict begin H.S end 197 5159 a 197 5159 a SDict begin 11 H.A end 197 5159 a 197 5159 a SDict begin [ /View [/XYZ H.V] /Dest (92) cvn H.B /DEST pdfmark end 197 5159 a 596 5237 a Fl(If)62 b(you)h(ar)o(e)f(a)g(medium)h(to)h(lar)o(ge-sized)c(site,)j (you)h(should)f(establish)g(a)g(security)596 5329 y(policy)45 b(stating)h(how)h(much)e(security)h(is)g(r)o(equir)o(ed)e(by)h(your)h (site)f(and)g(what)h(auditing)596 5420 y(is)d(in)i(place)d(to)i(check)g (it.)g(Y)-8 b(ou)44 b(can)g(\002nd)g(a)f(well-known)i(security)e (policy)h(example)f(at)p Black 197 5585 a Fj(4)p Black eop end %%Page: 5 5 TeXDict begin 5 4 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.5) cvn H.B /DEST pdfmark end 197 -102 a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a SDict begin H.S end 596 89 a 596 89 a SDict begin 11 H.A end 596 89 a 596 89 a SDict begin [ /View [/XYZ H.V] /Dest (93) cvn H.B /DEST pdfmark end 596 89 a Fl(http://www)-8 b(.faqs.or)o(g/rfcs/rfc2196.html.)22 b(It)h(has)g(been)h(r)o(ecently)e (updated,)g(and)h(contains)596 180 y(a)d(gr)o(eat)f(framework)i(for)f (establishing)i(a)e(security)h(policy)g(for)g(your)g(company)-9 b(.)197 245 y SDict begin H.S end 197 245 a 197 245 a SDict begin 11 H.A end 197 245 a 197 245 a SDict begin [ /View [/XYZ H.V] /Dest (94) cvn H.B /DEST pdfmark end 197 245 a 596 498 a Fi(What)28 b(Are)f(Y)-10 b(ou)29 b(T)-8 b(r)q(ying)29 b(to)g(Pr)n(otect?)2127 498 y SDict begin H.S end 2127 498 a 2127 498 a SDict begin 13.31 H.A end 2127 498 a 2127 498 a SDict begin [ /View [/XYZ H.V] /Dest (1.2.7.2) cvn H.B /DEST pdfmark end 2127 498 a 197 571 a SDict begin H.S end 197 571 a 197 571 a SDict begin 11 H.A end 197 571 a 197 571 a SDict begin [ /View [/XYZ H.V] /Dest (96) cvn H.B /DEST pdfmark end 197 571 a 596 640 a Fl(Befor)o(e)17 b(you)j(attempt)f(to)g(secur)o(e)g(your)g (system,)h(you)g(should)g(determine)e(what)i(level)f(of)g(thr)o(eat)596 731 y(you)i(have)g(to)h(pr)o(otect)f(against,)g(what)g(risks)h(you)g (should)g(or)g(should)g(not)g(take,)f(and)g(how)h(vul-)596 823 y(nerable)27 b(your)i(system)h(is)f(as)f(a)g(r)o(esult.)g(Y)-8 b(ou)30 b(should)f(analyze)f(your)h(system)g(to)g(know)h(what)596 914 y(you'r)o(e)19 b(pr)o(otecting,)h(why)g(you'r)o(e)g(pr)o(otecting)f (it,)h(what)g(value)f(it)i(has,)e(and)h(who)g(has)g(r)o(esponsi-)596 1005 y(bility)h(for)f(your)i(data)d(and)h(other)h(assets.)197 1070 y SDict begin H.S end 197 1070 a 197 1070 a SDict begin 11 H.A end 197 1070 a 197 1070 a SDict begin [ /View [/XYZ H.V] /Dest (97) cvn H.B /DEST pdfmark end 197 1070 a 197 1070 a SDict begin H.S end 197 1070 a 197 1070 a SDict begin 11 H.A end 197 1070 a 197 1070 a SDict begin [ /View [/XYZ H.V] /Dest (98) cvn H.B /DEST pdfmark end 197 1070 a 197 1112 a SDict begin H.S end 197 1112 a 197 1112 a SDict begin 11 H.A end 197 1112 a 197 1112 a SDict begin [ /View [/XYZ H.V] /Dest (99) cvn H.B /DEST pdfmark end 197 1112 a Black 596 1263 a Fg(\225)p Black 679 1263 a SDict begin H.S end 679 1263 a 679 1263 a SDict begin 11 H.A end 679 1263 a 679 1263 a SDict begin [ /View [/XYZ H.V] /Dest (100) cvn H.B /DEST pdfmark end 679 1263 a 679 1263 a SDict begin H.S end 679 1263 a 679 1263 a SDict begin 11 H.A end 679 1263 a 679 1263 a SDict begin [ /View [/XYZ H.V] /Dest (101) cvn H.B /DEST pdfmark end 679 1263 a Fj(Risk)29 b Fl(is)g(the)g(possibility)g (that)g(an)f(intr)o(uder)h(may)f(be)g(successful)h(in)g(attempting)g (to)g(access)679 1354 y(your)19 b(computer)-6 b(.)19 b(Can)h(an)f(intr)o(uder)g(r)o(ead)f(or)h(write)h(\002les,)f(or)h (execute)f(pr)o(ograms)f(that)i(could)679 1445 y(cause)k(damage?)g(Can) h(they)g(delete)f(critical)h(data?)f(Can)g(they)i(pr)o(event)e(you)h (or)g(your)h(com-)679 1537 y(pany)c(fr)o(om)g(getting)i(important)f (work)g(done?)g(Don't)h(for)o(get:)d(someone)j(gaining)f(access)g(to) 679 1628 y(your)e(account,)f(or)h(your)g(system,)g(can)g(also)g (impersonate)g(you.)197 1693 y SDict begin H.S end 197 1693 a 197 1693 a SDict begin 11 H.A end 197 1693 a 197 1693 a SDict begin [ /View [/XYZ H.V] /Dest (102) cvn H.B /DEST pdfmark end 197 1693 a 679 1761 a Fl(Additionally)-9 b(,)18 b(having)h(one)h(insecur)o(e)e(account)h(on)g(your)g(system)h (can)f(r)o(esult)f(in)h(your)h(entir)o(e)679 1852 y(network)25 b(being)h(compr)o(omised.)f(If)g(you)h(allow)f(a)g(single)h(user)f(to)h (login)g(using)g(a)3370 1852 y SDict begin H.S end 3370 1852 a 3370 1852 a SDict begin 11 H.A end 3370 1852 a 3370 1852 a SDict begin [ /View [/XYZ H.V] /Dest (103) cvn H.B /DEST pdfmark end 3370 1852 a Fh(.rhosts)679 1943 y Fl(\002le,)i(or)h(to)h(use)e(an)h(insecur)o(e)f(service)h(such)g (as)2247 1943 y SDict begin H.S end 2247 1943 a 2247 1943 a SDict begin 11 H.A end 2247 1943 a 2247 1943 a SDict begin [ /View [/XYZ H.V] /Dest (104) cvn H.B /DEST pdfmark end 2247 1943 a Fh(tftp)p Fl(,)e(you)j(risk)f(an)g(intr)o(uder)g (getting)g('his)679 2035 y(foot)18 b(in)h(the)g(door)6 b('.)19 b(Once)f(the)h(intr)o(uder)f(has)h(a)f(user)g(account)h(on)g (your)f(system,)h(or)g(someone)679 2126 y(else's)h(system,)i(it)f(can)f (be)h(used)f(to)h(gain)g(access)f(to)h(another)g(system,)g(or)g (another)g(account.)637 2259 y SDict begin H.S end 637 2259 a 637 2259 a SDict begin 11 H.A end 637 2259 a 637 2259 a SDict begin [ /View [/XYZ H.V] /Dest (105) cvn H.B /DEST pdfmark end 637 2259 a Black 596 2392 a Fg(\225)p Black 679 2392 a SDict begin H.S end 679 2392 a 679 2392 a SDict begin 11 H.A end 679 2392 a 679 2392 a SDict begin [ /View [/XYZ H.V] /Dest (106) cvn H.B /DEST pdfmark end 679 2392 a 679 2392 a SDict begin H.S end 679 2392 a 679 2392 a SDict begin 11 H.A end 679 2392 a 679 2392 a SDict begin [ /View [/XYZ H.V] /Dest (107) cvn H.B /DEST pdfmark end 679 2392 a Fj(Thr)o(eat)26 b Fl(is)h(typically)h(fr)o (om)e(someone)j(with)f(motivation)g(to)g(gain)f(unauthorized)g(access)g (to)679 2483 y(your)k(network)h(or)g(computer)-6 b(.)31 b(Y)-8 b(ou)32 b(must)g(decide)f(whom)h(you)g(tr)o(ust)g(to)g(have)f (access)g(to)679 2574 y(your)21 b(system,)g(and)f(what)h(thr)o(eat)f (they)h(could)g(pose.)197 2639 y SDict begin H.S end 197 2639 a 197 2639 a SDict begin 11 H.A end 197 2639 a 197 2639 a SDict begin [ /View [/XYZ H.V] /Dest (108) cvn H.B /DEST pdfmark end 197 2639 a 679 2707 a Fl(Ther)o(e)g(ar)o(e)g (several)g(types)i(of)f(intr)o(uders,)g(and)g(it)g(is)h(useful)f(to)h (keep)f(their)g(dif)o(fer)o(ent)e(charac-)679 2799 y(teristics)h(in)g (mind)g(as)g(you)g(ar)o(e)e(securing)i(your)g(systems.)197 2822 y SDict begin H.S end 197 2822 a 197 2822 a SDict begin 11 H.A end 197 2822 a 197 2822 a SDict begin [ /View [/XYZ H.V] /Dest (109) cvn H.B /DEST pdfmark end 197 2822 a 197 2864 a SDict begin H.S end 197 2864 a 197 2864 a SDict begin 11 H.A end 197 2864 a 197 2864 a SDict begin [ /View [/XYZ H.V] /Dest (110) cvn H.B /DEST pdfmark end 197 2864 a Black 679 3014 a Fd(\225)p Black 762 3014 a SDict begin H.S end 762 3014 a 762 3014 a SDict begin 11 H.A end 762 3014 a 762 3014 a SDict begin [ /View [/XYZ H.V] /Dest (111) cvn H.B /DEST pdfmark end 762 3014 a 762 3014 a SDict begin H.S end 762 3014 a 762 3014 a SDict begin 11 H.A end 762 3014 a 762 3014 a SDict begin [ /View [/XYZ H.V] /Dest (112) cvn H.B /DEST pdfmark end 762 3014 a Fj(The)c(Curious)h Fl(-)f(This)h(type)g(of)f(intr)o (uder)h(is)g(basically)f(inter)o(ested)f(in)i(\002nding)h(out)e(what)h (type)762 3106 y(of)i(system)i(and)e(data)g(you)h(have.)197 3129 y SDict begin H.S end 197 3129 a 197 3129 a SDict begin 11 H.A end 197 3129 a 197 3129 a SDict begin [ /View [/XYZ H.V] /Dest (113) cvn H.B /DEST pdfmark end 197 3129 a Black 679 3239 a Fd(\225)p Black 762 3239 a SDict begin H.S end 762 3239 a 762 3239 a SDict begin 11 H.A end 762 3239 a 762 3239 a SDict begin [ /View [/XYZ H.V] /Dest (114) cvn H.B /DEST pdfmark end 762 3239 a 762 3239 a SDict begin H.S end 762 3239 a 762 3239 a SDict begin 11 H.A end 762 3239 a 762 3239 a SDict begin [ /View [/XYZ H.V] /Dest (115) cvn H.B /DEST pdfmark end 762 3239 a Fj(The)e(Malicious)h Fl(-)f(This)i(type)e(of)h(intr)o(uder)f(is) h(out)h(to)f(either)f(bring)h(down)g(your)g(systems,)h(or)762 3330 y(deface)h(your)j(web)f(page,)f(or)h(otherwise)h(for)o(ce)e(you)i (to)g(spend)f(time)g(and)g(money)h(r)o(ecov-)762 3421 y(ering)c(fr)o(om)f(the)h(damage)e(he)i(has)g(caused.)197 3445 y SDict begin H.S end 197 3445 a 197 3445 a SDict begin 11 H.A end 197 3445 a 197 3445 a SDict begin [ /View [/XYZ H.V] /Dest (116) cvn H.B /DEST pdfmark end 197 3445 a Black 679 3554 a Fd(\225)p Black 762 3554 a SDict begin H.S end 762 3554 a 762 3554 a SDict begin 11 H.A end 762 3554 a 762 3554 a SDict begin [ /View [/XYZ H.V] /Dest (117) cvn H.B /DEST pdfmark end 762 3554 a 762 3554 a SDict begin H.S end 762 3554 a 762 3554 a SDict begin 11 H.A end 762 3554 a 762 3554 a SDict begin [ /View [/XYZ H.V] /Dest (118) cvn H.B /DEST pdfmark end 762 3554 a Fj(The)27 b(High-Pr)o(o\002le)e(Intruder)i Fl(-)g(This)h(type)g (of)f(intr)o(uder)h(is)f(trying)h(to)g(use)g(your)f(system)i(to)762 3645 y(gain)20 b(popularity)h(and)g(infamy)-9 b(.)20 b(He)h(might)g(use)g(your)g(high-pr)o(o\002le)g(system)h(to)f (advertise)762 3737 y(his)g(abilities.)197 3739 y SDict begin H.S end 197 3739 a 197 3739 a SDict begin 11 H.A end 197 3739 a 197 3739 a SDict begin [ /View [/XYZ H.V] /Dest (119) cvn H.B /DEST pdfmark end 197 3739 a Black 679 3870 a Fd(\225)p Black 762 3870 a SDict begin H.S end 762 3870 a 762 3870 a SDict begin 11 H.A end 762 3870 a 762 3870 a SDict begin [ /View [/XYZ H.V] /Dest (120) cvn H.B /DEST pdfmark end 762 3870 a 762 3870 a SDict begin H.S end 762 3870 a 762 3870 a SDict begin 11 H.A end 762 3870 a 762 3870 a SDict begin [ /View [/XYZ H.V] /Dest (121) cvn H.B /DEST pdfmark end 762 3870 a Fj(The)28 b(Competition)g Fl(-)g(This)h(type)g(of)g(intr)o(uder)f(is)h(inter)o (ested)f(in)h(what)g(data)f(you)h(have)f(on)762 3961 y(your)g(system.)g(It)g(might)h(be)f(someone)h(who)f(thinks)i(you)e (have)f(something)j(that)e(could)762 4052 y(bene\002t)20 b(him,)i(\002nancially)f(or)g(otherwise.)197 4076 y SDict begin H.S end 197 4076 a 197 4076 a SDict begin 11 H.A end 197 4076 a 197 4076 a SDict begin [ /View [/XYZ H.V] /Dest (122) cvn H.B /DEST pdfmark end 197 4076 a Black 679 4185 a Fd(\225)p Black 762 4185 a SDict begin H.S end 762 4185 a 762 4185 a SDict begin 11 H.A end 762 4185 a 762 4185 a SDict begin [ /View [/XYZ H.V] /Dest (123) cvn H.B /DEST pdfmark end 762 4185 a 762 4185 a SDict begin H.S end 762 4185 a 762 4185 a SDict begin 11 H.A end 762 4185 a 762 4185 a SDict begin [ /View [/XYZ H.V] /Dest (124) cvn H.B /DEST pdfmark end 762 4185 a Fj(The)30 b(Borr)o(owers)i Fl(-)f(This)h(type)f(of)g(intr)o(uder)g(is)h(inter)o (ested)e(in)i(setting)g(up)f(shop)h(on)g(your)762 4276 y(system)h(and)f(using)h(its)g(r)o(esour)o(ces)e(for)h(their)h(own)g (purposes.)f(He)h(typically)f(will)h(r)o(un)762 4368 y(chat)20 b(or)h(ir)o(c)f(servers,)g(porn)h(ar)o(chive)f(sites,)h(or)f (even)h(DNS)g(servers.)197 4391 y SDict begin H.S end 197 4391 a 197 4391 a SDict begin 11 H.A end 197 4391 a 197 4391 a SDict begin [ /View [/XYZ H.V] /Dest (125) cvn H.B /DEST pdfmark end 197 4391 a Black 679 4501 a Fd(\225)p Black 762 4501 a SDict begin H.S end 762 4501 a 762 4501 a SDict begin 11 H.A end 762 4501 a 762 4501 a SDict begin [ /View [/XYZ H.V] /Dest (126) cvn H.B /DEST pdfmark end 762 4501 a 762 4501 a SDict begin H.S end 762 4501 a 762 4501 a SDict begin 11 H.A end 762 4501 a 762 4501 a SDict begin [ /View [/XYZ H.V] /Dest (127) cvn H.B /DEST pdfmark end 762 4501 a Fj(The)27 b(Leapfr)o(ogger)g Fl(-)g(This)h(type)g(of)g(intr)o(uder)f(is)i(only)f(inter)o(ested)f(in) h(your)g(system)h(to)f(use)762 4592 y(it)e(to)g(get)f(into)i(other)f (systems.)g(If)g(your)g(system)g(is)g(well-connected)g(or)g(a)f (gateway)g(to)h(a)762 4683 y(number)20 b(of)g(internal)h(hosts,)g(you)f (may)h(well)f(see)g(this)h(type)f(trying)h(to)g(compr)o(omise)g(your) 762 4775 y(system.)637 4907 y SDict begin H.S end 637 4907 a 637 4907 a SDict begin 11 H.A end 637 4907 a 637 4907 a SDict begin [ /View [/XYZ H.V] /Dest (128) cvn H.B /DEST pdfmark end 637 4907 a Black 596 5040 a Fg(\225)p Black 679 5040 a SDict begin H.S end 679 5040 a 679 5040 a SDict begin 11 H.A end 679 5040 a 679 5040 a SDict begin [ /View [/XYZ H.V] /Dest (129) cvn H.B /DEST pdfmark end 679 5040 a Fl(V)-8 b(ulnerability)33 b(describes)f(how)i (well-pr)o(otected)e(your)h(computer)g(is)h(fr)o(om)e(another)h(net-) 679 5132 y(work,)21 b(and)f(the)h(potential)g(for)f(someone)i(to)f (gain)g(unauthorized)g(access.)197 5196 y SDict begin H.S end 197 5196 a 197 5196 a SDict begin 11 H.A end 197 5196 a 197 5196 a SDict begin [ /View [/XYZ H.V] /Dest (130) cvn H.B /DEST pdfmark end 197 5196 a 679 5264 a Fl(What's)26 b(at)g(stake)h(if)f(someone)i(br)o(eaks)d(into)i(your)g (system?)g(Of)g(course)f(the)h(concerns)g(of)f(a)679 5356 y(dynamic)17 b(PPP)h(home)g(user)f(will)h(be)f(dif)o(fer)o(ent)e (fr)o(om)i(those)h(of)f(a)g(company)g(connecting)i(their)679 5447 y(machine)i(to)g(the)g(Internet,)f(or)h(another)g(lar)o(ge)f (network.)p Black 3642 5585 a Fj(5)p Black eop end %%Page: 6 6 TeXDict begin 6 5 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.6) cvn H.B /DEST pdfmark end 197 -102 a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 197 6 a SDict begin H.S end 197 6 a 197 6 a SDict begin 11 H.A end 197 6 a 197 6 a SDict begin [ /View [/XYZ H.V] /Dest (131) cvn H.B /DEST pdfmark end 197 6 a 679 89 a Fl(How)c(much)g(time)f (would)h(it)g(take)f(to)h(r)o(etrieve/r)o(ecr)o(eate)12 b(any)17 b(data)e(that)i(was)f(lost?)h(An)f(initial)679 180 y(time)29 b(investment)i(now)f(can)g(save)f(ten)h(times)g(mor)o(e)f (time)h(later)f(if)g(you)h(have)g(to)g(r)o(ecr)o(eate)679 272 y(data)18 b(that)h(was)h(lost.)g(Have)e(you)i(checked)f(your)h (backup)f(strategy)-9 b(,)19 b(and)g(veri\002ed)f(your)i(data)679 363 y(lately?)197 670 y SDict begin H.S end 197 670 a 197 670 a SDict begin 11 H.A end 197 670 a 197 670 a SDict begin [ /View [/XYZ H.V] /Dest (132) cvn H.B /DEST pdfmark end 197 670 a 596 947 a Fi(De)n(veloping)28 b(A)g(Security)g(P)l (olic)o(y)1979 947 y SDict begin H.S end 1979 947 a 1979 947 a SDict begin 13.31 H.A end 1979 947 a 1979 947 a SDict begin [ /View [/XYZ H.V] /Dest (1.2.8.2) cvn H.B /DEST pdfmark end 1979 947 a 197 1019 a SDict begin H.S end 197 1019 a 197 1019 a SDict begin 11 H.A end 197 1019 a 197 1019 a SDict begin [ /View [/XYZ H.V] /Dest (134) cvn H.B /DEST pdfmark end 197 1019 a 596 1088 a Fl(Cr)o(eate)e(a)i (simple,)g(generic)g(policy)h(for)f(your)g(system)h(that)f(your)h (users)f(can)g(r)o(eadily)f(under)o(-)596 1180 y(stand)f(and)h(follow) -8 b(.)27 b(It)g(should)h(pr)o(otect)e(the)h(data)e(you'r)o(e)i (safeguar)o(ding)e(as)i(well)g(as)f(the)h(pri-)596 1271 y(vacy)22 b(of)h(the)g(users.)g(Some)g(things)h(to)g(consider)f(adding) g(ar)o(e:)e(who)j(has)f(access)g(to)g(the)g(system)596 1362 y(\(Can)i(my)h(friend)g(use)f(my)i(account?\),)e(who's)i(allowed)f (to)g(install)h(softwar)o(e)e(on)h(the)g(system,)596 1454 y(who)21 b(owns)h(what)f(data,)e(disaster)h(r)o(ecovery)-9 b(,)20 b(and)g(appr)o(opriate)f(use)i(of)f(the)h(system.)197 1519 y SDict begin H.S end 197 1519 a 197 1519 a SDict begin 11 H.A end 197 1519 a 197 1519 a SDict begin [ /View [/XYZ H.V] /Dest (135) cvn H.B /DEST pdfmark end 197 1519 a 596 1586 a Fl(A)f(generally-accepted)f(security)h(policy)i (starts)e(with)i(the)f(phrase)197 1651 y SDict begin H.S end 197 1651 a 197 1651 a SDict begin 11 H.A end 197 1651 a 197 1651 a SDict begin [ /View [/XYZ H.V] /Dest (136) cvn H.B /DEST pdfmark end 197 1651 a 197 1651 a SDict begin H.S end 197 1651 a 197 1651 a SDict begin 11 H.A end 197 1651 a 197 1651 a SDict begin [ /View [/XYZ H.V] /Dest (137) cvn H.B /DEST pdfmark end 197 1651 a 596 1719 a Fl(\223)638 1719 y SDict begin H.S end 638 1719 a 638 1719 a SDict begin 11 H.A end 638 1719 a 638 1719 a SDict begin [ /View [/XYZ H.V] /Dest (138) cvn H.B /DEST pdfmark end 638 1719 a 20 w Fj(That)e(which)h(is)h(not)f(permitted)g (is)h(pr)o(ohibited)p Fl(\224)197 1784 y SDict begin H.S end 197 1784 a 197 1784 a SDict begin 11 H.A end 197 1784 a 197 1784 a SDict begin [ /View [/XYZ H.V] /Dest (139) cvn H.B /DEST pdfmark end 197 1784 a 596 1852 a Fl(This)27 b(means)h(that)f(unless)h(you)g(grant)f(access)g(to)g(a)g(service)g (for)g(a)g(user)-6 b(,)26 b(that)i(user)f(shouldn't)596 1943 y(be)21 b(using)i(that)f(service)f(until)h(you)h(do)f(grant)f (access.)g(Make)g(sur)o(e)g(the)h(policies)h(work)f(on)h(your)596 2035 y(r)o(egular)17 b(user)h(account.)g(Saying,)g("Ah,)g(I)g(can't)g (\002gur)o(e)g(out)h(this)g(permissions)h(pr)o(oblem,)d(I'll)i(just)596 2126 y(do)30 b(it)g(as)g(r)o(oot")g(can)f(lead)g(to)i(security)f(holes) h(that)f(ar)o(e)f(very)g(obvious,)i(and)f(even)f(ones)i(that)596 2217 y(haven't)20 b(been)h(exploited)f(yet.)197 2282 y SDict begin H.S end 197 2282 a 197 2282 a SDict begin 11 H.A end 197 2282 a 197 2282 a SDict begin [ /View [/XYZ H.V] /Dest (140) cvn H.B /DEST pdfmark end 197 2282 a 197 2282 a SDict begin H.S end 197 2282 a 197 2282 a SDict begin 11 H.A end 197 2282 a 197 2282 a SDict begin [ /View [/XYZ H.V] /Dest (141) cvn H.B /DEST pdfmark end 197 2282 a 596 2350 a Fl(rfc1244)862 2317 y Fe(11)930 2350 y Fl(is)i(a)g(document)g(that)f(describes)h(how)g(to)g(cr)o(eate)e (your)i(own)h(network)f(security)g(pol-)596 2442 y(icy)-9 b(.)197 2507 y SDict begin H.S end 197 2507 a 197 2507 a SDict begin 11 H.A end 197 2507 a 197 2507 a SDict begin [ /View [/XYZ H.V] /Dest (142) cvn H.B /DEST pdfmark end 197 2507 a 197 2507 a SDict begin H.S end 197 2507 a 197 2507 a SDict begin 11 H.A end 197 2507 a 197 2507 a SDict begin [ /View [/XYZ H.V] /Dest (143) cvn H.B /DEST pdfmark end 197 2507 a 596 2574 a Fl(rfc1281)862 2541 y Fe(12)929 2574 y Fl(is)20 b(a)g(document)h(that)f(shows)h(an)f (example)g(security)g(policy)h(with)g(detailed)e(descrip-)596 2666 y(tions)i(of)g(each)f(step.)197 2731 y SDict begin H.S end 197 2731 a 197 2731 a SDict begin 11 H.A end 197 2731 a 197 2731 a SDict begin [ /View [/XYZ H.V] /Dest (144) cvn H.B /DEST pdfmark end 197 2731 a 596 2799 a Fl(Finally)-9 b(,)92 b(you)g(might)h(want)f(to)g(look)h(at)f(the)g (COAST)f(policy)i(ar)o(chive)d(at)596 2890 y SDict begin H.S end 596 2890 a 596 2890 a SDict begin 11 H.A end 596 2890 a 596 2890 a SDict begin [ /View [/XYZ H.V] /Dest (145) cvn H.B /DEST pdfmark end 596 2890 a Fl(ftp://coast.cs.pur)o (due.edu/pub/doc/policy)54 b(to)i(see)g(what)g(some)g(r)o(eal-life)e (security)596 2981 y(policies)21 b(look)h(like.)197 3046 y SDict begin H.S end 197 3046 a 197 3046 a SDict begin 11 H.A end 197 3046 a 197 3046 a SDict begin [ /View [/XYZ H.V] /Dest (146) cvn H.B /DEST pdfmark end 197 3046 a 596 3299 a Fi(Means)27 b(of)i(Securing)g(Y)-10 b(our)28 b(Site)1947 3299 y SDict begin H.S end 1947 3299 a 1947 3299 a SDict begin 13.31 H.A end 1947 3299 a 1947 3299 a SDict begin [ /View [/XYZ H.V] /Dest (1.2.9.2) cvn H.B /DEST pdfmark end 1947 3299 a 197 3372 a SDict begin H.S end 197 3372 a 197 3372 a SDict begin 11 H.A end 197 3372 a 197 3372 a SDict begin [ /View [/XYZ H.V] /Dest (148) cvn H.B /DEST pdfmark end 197 3372 a 596 3441 a Fl(This)21 b(document)g(will)g(discuss)g(various)g(means)f(with)i(which)f(you)g (can)g(secur)o(e)e(the)i(assets)f(you)596 3532 y(have)d(worked)g(har)o (d)f(for:)h(your)h(local)g(machine,)f(your)h(data,)e(your)i(users,)f (your)h(network,)g(even)596 3623 y(your)j(r)o(eputation.)e(What)i (would)g(happen)g(to)g(your)g(r)o(eputation)f(if)g(an)h(intr)o(uder)g (deleted)e(some)596 3715 y(of)h(your)i(users')f(data?)e(Or)i(defaced)e (your)i(web)g(site?)g(Or)g(published)g(your)h(company's)f(corpo-)596 3806 y(rate)26 b(pr)o(oject)h(plan)g(for)g(next)g(quarter?)g(If)f(you)i (ar)o(e)e(planning)i(a)f(network)h(installation,)g(ther)o(e)596 3897 y(ar)o(e)19 b(many)j(factors)f(you)g(must)h(take)f(into)h(account) g(befor)o(e)e(adding)h(a)f(single)i(machine)g(to)g(your)596 3989 y(network.)197 4032 y SDict begin H.S end 197 4032 a 197 4032 a SDict begin 11 H.A end 197 4032 a 197 4032 a SDict begin [ /View [/XYZ H.V] /Dest (149) cvn H.B /DEST pdfmark end 197 4032 a 596 4122 a Fl(Even)32 b(if)g(you)h(have)f (a)g(single)h(dial)g(up)f(PPP)h(account,)f(or)h(just)g(a)f(small)h (site,)f(this)i(does)e(not)596 4213 y(mean)21 b(intr)o(uders)i(won't)g (be)e(inter)o(ested)g(in)i(your)f(systems.)h(Lar)o(ge,)d(high-pr)o (o\002le)i(sites)h(ar)o(e)d(not)596 4304 y(the)k(only)i(tar)o(gets)e (--)g(many)h(intr)o(uders)g(simply)h(want)f(to)g(exploit)g(as)g(many)g (sites)g(as)g(possible,)596 4396 y(r)o(egar)o(dless)16 b(of)j(their)g(size.)f(Additionally)-9 b(,)18 b(they)h(may)g(use)f(a)h (security)f(hole)i(in)f(your)g(site)g(to)g(gain)596 4487 y(access)h(to)h(other)g(sites)g(you'r)o(e)f(connected)h(to.)197 4552 y SDict begin H.S end 197 4552 a 197 4552 a SDict begin 11 H.A end 197 4552 a 197 4552 a SDict begin [ /View [/XYZ H.V] /Dest (150) cvn H.B /DEST pdfmark end 197 4552 a 596 4620 a Fl(Intr)o(uders)i(have)f(a)h(lot)h(of)f(time)h(on)f (their)h(hands,)f(and)g(can)f(avoid)h(guessing)h(how)h(you've)e(ob-)596 4711 y(scur)o(ed)29 b(your)i(system)h(just)f(by)g(trying)h(all)e(the)h (possibilities.)h(Ther)o(e)e(ar)o(e)g(also)h(a)f(number)h(of)596 4802 y(r)o(easons)20 b(an)g(intr)o(uder)h(may)g(be)f(inter)o(ested)g (in)i(your)f(systems,)g(which)h(we)e(will)i(discuss)f(later)-6 b(.)197 4826 y SDict begin H.S end 197 4826 a 197 4826 a SDict begin 11 H.A end 197 4826 a 197 4826 a SDict begin [ /View [/XYZ H.V] /Dest (151) cvn H.B /DEST pdfmark end 197 4826 a 596 5054 a Fm(Host)25 b(Security)1185 5054 y SDict begin H.S end 1185 5054 a 1185 5054 a SDict begin 12.1 H.A end 1185 5054 a 1185 5054 a SDict begin [ /View [/XYZ H.V] /Dest (1.2.9.1.3) cvn H.B /DEST pdfmark end 1185 5054 a 197 5119 a SDict begin H.S end 197 5119 a 197 5119 a SDict begin 11 H.A end 197 5119 a 197 5119 a SDict begin [ /View [/XYZ H.V] /Dest (153) cvn H.B /DEST pdfmark end 197 5119 a 596 5191 a Fl(Per)o(haps)20 b(the)i(ar)o(ea)e(of)h (security)h(on)g(which)h(administrators)f(concentrate)f(most)h(is)g (host-based)596 5283 y(security)-9 b(.)20 b(This)h(typically)g (involves)h(making)f(sur)o(e)f(your)i(own)f(system)h(is)f(secur)o(e,)e (and)i(hoping)596 5374 y(everyone)j(else)g(on)i(your)f(network)g(does)f (the)h(same.)f(Choosing)j(good)e(passwor)o(ds,)f(securing)p Black 197 5585 a Fj(6)p Black eop end %%Page: 7 7 TeXDict begin 7 6 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.7) cvn H.B /DEST pdfmark end 197 -102 a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fl(your)29 b(host's)h(local)f(network)h(services,)f(keeping)g (good)g(accounting)h(r)o(ecor)o(ds,)e(and)g(upgrad-)596 180 y(ing)f(pr)o(ograms)e(with)j(known)f(security)g(exploits)g(ar)o(e)e (among)i(the)f(things)i(the)e(local)h(security)596 272 y(administrator)f(is)h(r)o(esponsible)g(for)f(doing.)h(Although)h(this) f(is)g(absolutely)g(necessary)-9 b(,)25 b(it)i(can)596 363 y(become)20 b(a)g(daunting)i(task)e(once)h(your)g(network)h (becomes)f(lar)o(ger)e(than)i(a)f(few)h(machines.)197 428 y SDict begin H.S end 197 428 a 197 428 a SDict begin 11 H.A end 197 428 a 197 428 a SDict begin [ /View [/XYZ H.V] /Dest (154) cvn H.B /DEST pdfmark end 197 428 a 596 671 a Fm(Local)j(Netw)n(ork)h(Security)1604 671 y SDict begin H.S end 1604 671 a 1604 671 a SDict begin 12.1 H.A end 1604 671 a 1604 671 a SDict begin [ /View [/XYZ H.V] /Dest (1.2.9.2.3) cvn H.B /DEST pdfmark end 1604 671 a 197 736 a SDict begin H.S end 197 736 a 197 736 a SDict begin 11 H.A end 197 736 a 197 736 a SDict begin [ /View [/XYZ H.V] /Dest (156) cvn H.B /DEST pdfmark end 197 736 a 596 808 a Fl(Network)19 b(security)h(is)g(as)f(necessary)g(as)g (local)g(host)i(security)-9 b(.)19 b(W)-5 b(ith)20 b(hundr)o(eds,)f (thousands,)h(or)596 899 y(mor)o(e)25 b(computers)i(on)g(the)f(same)g (network,)h(you)f(can't)g(r)o(ely)g(on)h(each)e(one)i(of)f(those)h (systems)596 991 y(being)i(secur)o(e.)f(Ensuring)i(that)g(only)g (authorized)f(users)g(can)g(use)h(your)f(network,)h(building)596 1082 y(\002r)o(ewalls,)25 b(using)i(str)o(ong)f(encryption,)g(and)g (ensuring)g(ther)o(e)f(ar)o(e)g(no)h("r)o(ogue")f(\(that)h(is,)g(unse-) 596 1173 y(cur)o(ed\))16 b(machines)i(on)h(your)g(network)f(ar)o(e)f (all)h(part)f(of)h(the)h(network)f(security)h(administrator)6 b('s)596 1265 y(duties.)197 1308 y SDict begin H.S end 197 1308 a 197 1308 a SDict begin 11 H.A end 197 1308 a 197 1308 a SDict begin [ /View [/XYZ H.V] /Dest (157) cvn H.B /DEST pdfmark end 197 1308 a 596 1398 a Fl(This)33 b(document)g(will)h(discuss)g(some)f(of)g(the)g(techniques)h(used)f(to) g(secur)o(e)f(your)h(site,)g(and)596 1489 y(hopefully)23 b(show)g(you)g(some)g(of)g(the)f(ways)h(to)g(pr)o(event)e(an)i(intr)o (uder)f(fr)o(om)g(gaining)i(access)e(to)596 1580 y(what)e(you)i(ar)o(e) d(trying)i(to)h(pr)o(otect.)197 1645 y SDict begin H.S end 197 1645 a 197 1645 a SDict begin 11 H.A end 197 1645 a 197 1645 a SDict begin [ /View [/XYZ H.V] /Dest (158) cvn H.B /DEST pdfmark end 197 1645 a 596 1888 a Fm(Security)i(Thr)n (ough)g(Obscurity)1802 1888 y SDict begin H.S end 1802 1888 a 1802 1888 a SDict begin 12.1 H.A end 1802 1888 a 1802 1888 a SDict begin [ /View [/XYZ H.V] /Dest (1.2.9.3.3) cvn H.B /DEST pdfmark end 1802 1888 a 197 1954 a SDict begin H.S end 197 1954 a 197 1954 a SDict begin 11 H.A end 197 1954 a 197 1954 a SDict begin [ /View [/XYZ H.V] /Dest (160) cvn H.B /DEST pdfmark end 197 1954 a 596 2025 a Fl(One)33 b(type)h(of)f(security)h(that)f(must)h(be)f(discussed)h(is) f("security)h(thr)o(ough)g(obscurity".)f(This)596 2116 y(means,)c(for)g(example,)f(moving)i(a)f(service)f(that)i(has)f(known)h (security)g(vulnerabilities)f(to)g(a)596 2208 y(non-standar)o(d)23 b(port)i(in)g(hopes)g(that)f(attackers)g(won't)i(notice)f(it's)g(ther)o (e)f(and)g(thus)h(won't)h(ex-)596 2299 y(ploit)17 b(it.)f(Rest)h(assur) o(ed)f(that)g(they)h(can)g(determine)f(that)h(it's)g(ther)o(e)f(and)g (will)h(exploit)g(it.)f(Security)596 2390 y(thr)o(ough)22 b(obscurity)h(is)f(no)h(security)f(at)f(all.)h(Simply)g(because)f(you)i (may)f(have)f(a)h(small)g(site,)g(or)596 2482 y(a)i(r)o(elatively)g (low)i(pr)o(o\002le,)e(does)h(not)h(mean)f(an)g(intr)o(uder)g(won't)h (be)f(inter)o(ested)f(in)h(what)g(you)596 2573 y(have.)20 b(W)-8 b(e'll)21 b(discuss)g(what)g(you'r)o(e)f(pr)o(otecting)h(in)g (the)g(next)g(sections.)197 2721 y SDict begin H.S end 197 2721 a 197 2721 a SDict begin 11 H.A end 197 2721 a 197 2721 a SDict begin [ /View [/XYZ H.V] /Dest (161) cvn H.B /DEST pdfmark end 197 2721 a 596 2974 a Fi(Or)n(ganization)30 b(of)f(This)f(Document)2083 2974 y SDict begin H.S end 2083 2974 a 2083 2974 a SDict begin 13.31 H.A end 2083 2974 a 2083 2974 a SDict begin [ /View [/XYZ H.V] /Dest (1.2.10.2) cvn H.B /DEST pdfmark end 2083 2974 a 197 3047 a SDict begin H.S end 197 3047 a 197 3047 a SDict begin 11 H.A end 197 3047 a 197 3047 a SDict begin [ /View [/XYZ H.V] /Dest (163) cvn H.B /DEST pdfmark end 197 3047 a 596 3116 a Fl(This)39 b(document)g(has)f(been)h(divided)f(into)h(a)f (number)h(of)g(sections.)g(They)g(cover)f(several)596 3207 y(br)o(oad)87 b(security)i(issues.)g(The)g(\002rst,)p 0 TeXcolorgray 2091 3207 a SDict begin H.S end 2091 3207 a Fl(the)21 b(Section)g(called)f Fj(Physical)g(Security)3338 3207 y SDict begin 11 H.L end 3338 3207 a 3338 3207 a SDict begin [ /Subtype /Link /Dest (physical-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3338 3207 a Black Fl(,)88 b(covers)596 3298 y(how)45 b(you)f(need)g(to)h(pr)o(otect)e(your)h(physical)h(machine)f(fr)o(om)g (tampering.)g(The)g(second,)p 0 TeXcolorgray 596 3390 a SDict begin H.S end 596 3390 a Fl(the)20 b(Section)h(called)f Fj(Local)h(Security)1736 3390 y SDict begin 11 H.L end 1736 3390 a 1736 3390 a SDict begin [ /Subtype /Link /Dest (local-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1736 3390 a Black Fl(,)69 b(describes)g(how)h(to)g(pr)o(otect)e(your)i(system)g(fr)o(om)596 3481 y(tampering)33 b(by)h(local)g(users.)g(The)g(thir)o(d,)p 0 TeXcolorgray 2001 3481 a SDict begin H.S end 2001 3481 a Fl(the)21 b(Section)g(called)f Fj(Files)h(and)f(File)i(system)e(Security)3663 3481 y SDict begin 11 H.L end 3663 3481 a 3663 3481 a SDict begin [ /Subtype /Link /Dest (file-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3663 3481 a Black Fl(,)596 3572 y(shows)57 b(you)g(how)g(to)f(setup)g(your)h(\002le)f(systems)h(and)f (permissions)i(on)e(your)h(\002les.)596 3664 y(The)191 b(next,)p 0 TeXcolorgray 1297 3664 a SDict begin H.S end 1297 3664 a Fl(the)21 b(Section)g(called)f Fj(Password)g(Security)h(and)f(Encryption)3130 3664 y SDict begin 11 H.L end 3130 3664 a 3130 3664 a SDict begin [ /Subtype /Link /Dest (password-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3130 3664 a Black -1 w Fl(,)192 b(discusses)596 3755 y(how)86 b(to)g(use)f(encryption)i(to)e (better)g(secur)o(e)g(your)h(machine)f(and)h(network.)p 0 TeXcolorgray 596 3846 a SDict begin H.S end 596 3846 a Fl(the)20 b(Section)h(called)f Fj(Kernel)i(Security)1780 3846 y SDict begin 11 H.L end 1780 3846 a 1780 3846 a SDict begin [ /Subtype /Link /Dest (kernel-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1780 3846 a Black 53 w Fl(discusses)54 b(what)f(kernel)g(options)h (you)g(should)g(set)596 3938 y(or)i(be)g(awar)o(e)e(of)j(for)f(a)f(mor) o(e)h(secur)o(e)g(system.)p 0 TeXcolorgray 2409 3938 a SDict begin H.S end 2409 3938 a Fl(the)21 b(Section)g(called)f Fj(Network)g(Security)3663 3938 y SDict begin 11 H.L end 3663 3938 a 3663 3938 a SDict begin [ /Subtype /Link /Dest (network-security) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3663 3938 a Black Fl(,)596 4029 y(describes)65 b(how)h(to)h(better)e(secur)o(e)f(your)j(Linux)e (system)i(fr)o(om)e(network)i(attacks.)p 0 TeXcolorgray 596 4120 a SDict begin H.S end 596 4120 a Fl(the)20 b(Section)h(called)f Fj(Security)h(Pr)o(eparation)f(\(befor)o(e)h(you)f(go)g(on-line\))2724 4120 y SDict begin 11 H.L end 2724 4120 a 2724 4120 a SDict begin [ /Subtype /Link /Dest (secure-prep) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 2724 4120 a Black Fl(,)597 b(discusses)596 4212 y(how)87 b(to)g(pr)o(epar)o(e)d(your)k (machine\(s\))e(befor)o(e)f(bringing)j(them)f(on-line.)h(Next,)p 0 TeXcolorgray 596 4303 a SDict begin H.S end 596 4303 a Fl(the)20 b(Section)h(called)f Fj(What)g(T)-9 b(o)20 b(Do)h(During)f(and)h(After)g(a)f(Br)o(eakin)2612 4303 y SDict begin 11 H.L end 2612 4303 a 2612 4303 a SDict begin [ /Subtype /Link /Dest (after-breakin) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 2612 4303 a Black Fl(,)88 b(discusses)h(what)g(to)g(do)596 4394 y(when)30 b(you)g(detect)f(a)g (system)h(compr)o(omise)h(in)f(pr)o(ogr)o(ess)e(or)i(detect)f(one)h (that)g(has)g(r)o(ecently)596 4486 y(happened.)40 b(In)p 0 TeXcolorgray 1144 4486 a SDict begin H.S end 1144 4486 a Fl(the)21 b(Section)g(called)f Fj(Security)g(Sour)o(ces)2365 4486 y SDict begin 11 H.L end 2365 4486 a 2365 4486 a SDict begin [ /Subtype /Link /Dest (sources) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 2365 4486 a Black 1 w Fl(,)41 b(some)h(primary)f(security)h(r)o (esour)o(ces)596 4577 y(ar)o(e)29 b(enumerated.)g(The)i(Q)g(and)f(A)h (section)p 0 TeXcolorgray 2053 4577 a SDict begin H.S end 2053 4577 a Fl(the)21 b(Section)g(called)f Fj(Fr)o(equently)h(Asked)g(Questions)3663 4577 y SDict begin 11 H.L end 3663 4577 a 3663 4577 a SDict begin [ /Subtype /Link /Dest (q-and-a) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3663 4577 a Black Fl(,)596 4668 y(answers)89 b(some)h(fr)o(equently-asked)e(questions,)j(and)e (\002nally)h(a)e(conclusion)j(in)p 0 TeXcolorgray 596 4760 a SDict begin H.S end 596 4760 a Fl(the)20 b(Section)h(called)f Fj(Conclusion)1634 4760 y SDict begin 11 H.L end 1634 4760 a 1634 4760 a SDict begin [ /Subtype /Link /Dest (conclusion) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1634 4760 a Black 197 4803 a SDict begin H.S end 197 4803 a 197 4803 a SDict begin 11 H.A end 197 4803 a 197 4803 a SDict begin [ /View [/XYZ H.V] /Dest (175) cvn H.B /DEST pdfmark end 197 4803 a 596 4892 a Fl(The)g(two)i(main)f(points)g(to)h(r)o(ealize)c (when)k(r)o(eading)e(this)h(document)g(ar)o(e:)197 4957 y SDict begin H.S end 197 4957 a 197 4957 a SDict begin 11 H.A end 197 4957 a 197 4957 a SDict begin [ /View [/XYZ H.V] /Dest (176) cvn H.B /DEST pdfmark end 197 4957 a 197 4957 a SDict begin H.S end 197 4957 a 197 4957 a SDict begin 11 H.A end 197 4957 a 197 4957 a SDict begin [ /View [/XYZ H.V] /Dest (177) cvn H.B /DEST pdfmark end 197 4957 a 197 4999 a SDict begin H.S end 197 4999 a 197 4999 a SDict begin 11 H.A end 197 4999 a 197 4999 a SDict begin [ /View [/XYZ H.V] /Dest (178) cvn H.B /DEST pdfmark end 197 4999 a Black 596 5150 a Fg(\225)p Black 679 5150 a SDict begin H.S end 679 5150 a 679 5150 a SDict begin 11 H.A end 679 5150 a 679 5150 a SDict begin [ /View [/XYZ H.V] /Dest (179) cvn H.B /DEST pdfmark end 679 5150 a Fl(Be)16 b(awar)o(e)f(of)i(your)h(system.)f(Check)g (system)h(logs)g(such)f(as)2572 5150 y SDict begin H.S end 2572 5150 a 2572 5150 a SDict begin 11 H.A end 2572 5150 a 2572 5150 a SDict begin [ /View [/XYZ H.V] /Dest (180) cvn H.B /DEST pdfmark end 2572 5150 a Fh(/var/log/messages)d Fl(and)i(keep)679 5241 y(an)k(eye)h(on)g(your)g(system,)g(and)197 5265 y SDict begin H.S end 197 5265 a 197 5265 a SDict begin 11 H.A end 197 5265 a 197 5265 a SDict begin [ /View [/XYZ H.V] /Dest (181) cvn H.B /DEST pdfmark end 197 5265 a Black 3642 5585 a Fj(7)p Black eop end %%Page: 8 8 TeXDict begin 8 7 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.8) cvn H.B /DEST pdfmark end 197 -102 a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black Black 596 89 a Fg(\225)p Black 679 89 a SDict begin H.S end 679 89 a 679 89 a SDict begin 11 H.A end 679 89 a 679 89 a SDict begin [ /View [/XYZ H.V] /Dest (182) cvn H.B /DEST pdfmark end 679 89 a Fl(Keep)k(your)h(system)h(up-to-date)d(by)i(making) h(sur)o(e)e(you)h(have)f(installed)h(the)g(curr)o(ent)f(ver)o(-)679 180 y(sions)g(of)g(softwar)o(e)e(and)i(have)f(upgraded)f(per)h (security)h(alerts.)e(Just)i(doing)g(this)h(will)f(help)679 272 y(make)20 b(your)h(system)h(markedly)e(mor)o(e)g(secur)o(e.)197 529 y SDict begin H.S end 197 529 a 197 529 a SDict begin 11 H.A end 197 529 a 197 529 a SDict begin [ /View [/XYZ H.V] /Dest (physical-security) cvn H.B /DEST pdfmark end 197 529 a 288 x Fn(Ph)n(ysical)31 b(Security)1110 817 y SDict begin H.S end 1110 817 a 1110 817 a SDict begin 14.641 H.A end 1110 817 a 1110 817 a SDict begin [ /View [/XYZ H.V] /Dest (1.3.1) cvn H.B /DEST pdfmark end 1110 817 a 197 895 a SDict begin H.S end 197 895 a 197 895 a SDict begin 11 H.A end 197 895 a 197 895 a SDict begin [ /View [/XYZ H.V] /Dest (185) cvn H.B /DEST pdfmark end 197 895 a 596 963 a Fl(The)d(\002rst)h(layer)f(of)h(security)g(you)g(need)f(to) i(take)e(into)h(account)g(is)g(the)g(physical)g(security)g(of)596 1055 y(your)i(computer)h(systems.)g(Who)g(has)f(dir)o(ect)f(physical)i (access)f(to)h(your)f(machine?)h(Should)596 1146 y(they?)20 b(Can)h(you)g(pr)o(otect)f(your)h(machine)g(fr)o(om)g(their)g (tampering?)f(Should)h(you?)197 1211 y SDict begin H.S end 197 1211 a 197 1211 a SDict begin 11 H.A end 197 1211 a 197 1211 a SDict begin [ /View [/XYZ H.V] /Dest (186) cvn H.B /DEST pdfmark end 197 1211 a 596 1279 a Fl(How)28 b(much)h(physical)f(security)h(you)f(need)g(on)h(your)f(system)h(is)g (very)e(dependent)h(on)h(your)596 1370 y(situation,)21 b(and/or)g(budget.)197 1435 y SDict begin H.S end 197 1435 a 197 1435 a SDict begin 11 H.A end 197 1435 a 197 1435 a SDict begin [ /View [/XYZ H.V] /Dest (187) cvn H.B /DEST pdfmark end 197 1435 a 596 1503 a Fl(If)j(you)i(ar)o(e)e(a)h (home)h(user)-6 b(,)25 b(you)h(pr)o(obably)e(don't)i(need)f(a)g(lot)h (\(although)f(you)h(might)h(need)e(to)596 1594 y(pr)o(otect)e(your)i (machine)g(fr)o(om)f(tampering)g(by)h(childr)o(en)f(or)h(annoying)g(r)o (elatives\).)e(If)h(you)h(ar)o(e)596 1686 y(in)d(a)g(lab,)g(you)h(need) f(considerably)g(mor)o(e,)g(but)h(users)f(will)h(still)g(need)f(to)h (be)f(able)g(to)h(get)f(work)596 1777 y(done)g(on)h(the)g(machines.)f (Many)g(of)h(the)f(following)i(sections)g(will)f(help)f(out.)h(If)f (you)h(ar)o(e)e(in)i(an)596 1868 y(of)o(\002ce,)g(you)h(may)g(or)g(may) g(not)h(need)f(to)g(secur)o(e)f(your)h(machine)h(of)o(f-hours)e(or)h (while)h(you)f(ar)o(e)596 1960 y(away)-9 b(.)19 b(At)i(some)g (companies,)g(leaving)g(your)g(console)g(unsecur)o(ed)f(is)h(a)g (termination)g(of)o(fense.)197 2024 y SDict begin H.S end 197 2024 a 197 2024 a SDict begin 11 H.A end 197 2024 a 197 2024 a SDict begin [ /View [/XYZ H.V] /Dest (188) cvn H.B /DEST pdfmark end 197 2024 a 596 2092 a Fl(Obvious)27 b(physical)g(security)f(methods)i(such)f(as)f(locks)h(on)g(doors,)g (cables,)f(locked)g(cabinets,)596 2184 y(and)20 b(video)g(surveillance) h(ar)o(e)e(all)i(good)g(ideas,)f(but)h(beyond)g(the)g(scope)f(of)h (this)h(document.)f(:\))197 2207 y SDict begin H.S end 197 2207 a 197 2207 a SDict begin 11 H.A end 197 2207 a 197 2207 a SDict begin [ /View [/XYZ H.V] /Dest (189) cvn H.B /DEST pdfmark end 197 2207 a 596 2453 a Fi(Computer)29 b(loc)n(ks)1353 2453 y SDict begin H.S end 1353 2453 a 1353 2453 a SDict begin 13.31 H.A end 1353 2453 a 1353 2453 a SDict begin [ /View [/XYZ H.V] /Dest (1.3.11.2) cvn H.B /DEST pdfmark end 1353 2453 a 197 2524 a SDict begin H.S end 197 2524 a 197 2524 a SDict begin 11 H.A end 197 2524 a 197 2524 a SDict begin [ /View [/XYZ H.V] /Dest (191) cvn H.B /DEST pdfmark end 197 2524 a 596 2594 a Fl(Many)24 b(modern)h(PC)g(cases)f(include)h(a)f("locking")h(featur)o(e.)e (Usually)i(this)g(will)g(be)g(a)f(socket)h(on)596 2685 y(the)d(fr)o(ont)f(of)h(the)g(case)g(that)g(allows)g(you)h(to)f(turn)g (an)g(included)g(key)g(to)g(a)g(locked)f(or)i(unlocked)596 2777 y(position.)31 b(Case)e(locks)h(can)g(help)g(pr)o(event)f(someone) i(fr)o(om)e(stealing)h(your)g(PC,)g(or)g(opening)596 2868 y(up)21 b(the)h(case)e(and)h(dir)o(ectly)g(manipulating/stealing)i (your)e(har)o(dwar)o(e.)e(They)j(can)f(also)h(some-)596 2959 y(times)16 b(pr)o(event)f(someone)i(fr)o(om)f(r)o(ebooting)g(your) h(computer)f(fr)o(om)g(their)g(own)h(\003oppy)f(or)h(other)596 3051 y(har)o(dwar)o(e.)197 3094 y SDict begin H.S end 197 3094 a 197 3094 a SDict begin 11 H.A end 197 3094 a 197 3094 a SDict begin [ /View [/XYZ H.V] /Dest (192) cvn H.B /DEST pdfmark end 197 3094 a 596 3184 a Fl(These)h(case)g(locks)i (do)f(dif)o(fer)o(ent)e(things)j(accor)o(ding)e(to)h(the)g(support)g (in)g(the)g(motherboar)o(d)f(and)596 3275 y(how)g(the)g(case)f(is)h (constr)o(ucted.)g(On)g(many)g(PC's)g(they)g(make)f(it)h(so)g(you)g (have)f(to)i(br)o(eak)d(the)i(case)596 3366 y(to)27 b(get)g(the)h(case) e(open.)i(On)f(some)h(others,)g(they)f(will)h(not)g(let)f(you)h(plug)g (in)f(new)h(keyboar)o(ds)596 3458 y(or)k(mice.)f(Check)h(your)h (motherboar)o(d)e(or)h(case)f(instr)o(uctions)j(for)e(mor)o(e)g (information.)g(This)596 3549 y(can)22 b(sometimes)h(be)f(a)g(very)g (useful)g(featur)o(e,)e(even)i(though)i(the)e(locks)h(ar)o(e)e(usually) i(very)f(low-)596 3640 y(quality)f(and)f(can)h(easily)f(be)h(defeated)e (by)h(attackers)g(with)i(locksmithing.)197 3705 y SDict begin H.S end 197 3705 a 197 3705 a SDict begin 11 H.A end 197 3705 a 197 3705 a SDict begin [ /View [/XYZ H.V] /Dest (193) cvn H.B /DEST pdfmark end 197 3705 a 596 3773 a Fl(Some)f(machines)i(\(most)f(notably)g(SP)-8 b(ARC's)22 b(and)g(macs\))f(have)g(a)h(dongle)g(on)g(the)g(back)g (that,)f(if)596 3864 y(you)d(put)g(a)f(cable)g(thr)o(ough,)h(attackers) f(would)h(have)f(to)i(cut)e(the)h(cable)f(or)h(br)o(eak)f(the)h(case)f (to)h(get)596 3956 y(into)i(it.)f(Just)g(putting)h(a)f(padlock)g(or)g (combo)h(lock)g(thr)o(ough)g(these)f(can)g(be)g(a)g(good)h(deterr)o (ent)e(to)596 4047 y(someone)j(stealing)g(your)g(machine.)197 4112 y SDict begin H.S end 197 4112 a 197 4112 a SDict begin 11 H.A end 197 4112 a 197 4112 a SDict begin [ /View [/XYZ H.V] /Dest (194) cvn H.B /DEST pdfmark end 197 4112 a 596 4365 a Fi(BIOS)27 b(Security)1265 4365 y SDict begin H.S end 1265 4365 a 1265 4365 a SDict begin 13.31 H.A end 1265 4365 a 1265 4365 a SDict begin [ /View [/XYZ H.V] /Dest (1.3.12.2) cvn H.B /DEST pdfmark end 1265 4365 a 197 4436 a SDict begin H.S end 197 4436 a 197 4436 a SDict begin 11 H.A end 197 4436 a 197 4436 a SDict begin [ /View [/XYZ H.V] /Dest (196) cvn H.B /DEST pdfmark end 197 4436 a 596 4507 a Fl(The)j(BIOS)g(is)g(the)h(lowest)g(level)f(of) g(softwar)o(e)f(that)i(con\002gur)o(es)f(or)h(manipulates)f(your)g (x86-)596 4598 y(based)23 b(har)o(dwar)o(e.)g(LILO)h(and)g(other)h (Linux)g(boot)g(methods)h(access)e(the)h(BIOS)f(to)h(determine)596 4689 y(how)d(to)g(boot)g(up)f(your)h(Linux)f(machine.)h(Other)f(har)o (dwar)o(e)e(that)j(Linux)f(r)o(uns)h(on)g(has)g(similar)596 4781 y(softwar)o(e)j(\(Open)h(Firmwar)o(e)f(on)i(Macs)f(and)f(new)i (Suns,)f(Sun)g(boot)h(PROM,)f(etc...\).)f(Y)-8 b(ou)27 b(can)596 4872 y(use)c(your)h(BIOS)g(to)g(pr)o(event)f(attackers)f(fr)o (om)i(r)o(ebooting)g(your)g(machine)g(and)f(manipulating)596 4963 y(your)e(Linux)f(system.)197 5028 y SDict begin H.S end 197 5028 a 197 5028 a SDict begin 11 H.A end 197 5028 a 197 5028 a SDict begin [ /View [/XYZ H.V] /Dest (197) cvn H.B /DEST pdfmark end 197 5028 a 596 5096 a Fl(Many)j(PC)h (BIOSs)g(let)g(you)h(set)f(a)g(boot)h(passwor)o(d.)e(This)i(doesn't)f (pr)o(ovide)g(all)g(that)g(much)g(se-)596 5187 y(curity)19 b(\(the)g(BIOS)g(can)f(be)h(r)o(eset,)f(or)i(r)o(emoved)e(if)h(someone) h(can)f(get)g(into)h(the)g(case\),)e(but)h(might)596 5279 y(be)28 b(a)f(good)i(deterr)o(ent)e(\(i.e.)h(it)g(will)h(take)f (time)h(and)e(leave)h(traces)f(of)i(tampering\).)e(Similarly)-9 b(,)596 5370 y(on)21 b(S/Linux)h(\(Linux)f(for)g(SP)-8 b(ARC\(tm\))21 b(pr)o(ocessor)g(machines\),)g(your)g(EEPROM)g(can)g(be) g(set)h(to)596 5461 y(r)o(equir)o(e)d(a)h(boot-up)h(passwor)o(d.)f (This)i(might)f(slow)h(attackers)e(down.)p Black 197 5585 a Fj(8)p Black eop end %%Page: 9 9 TeXDict begin 9 8 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.9) cvn H.B /DEST pdfmark end 197 -102 a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 197 6 a SDict begin H.S end 197 6 a 197 6 a SDict begin 11 H.A end 197 6 a 197 6 a SDict begin [ /View [/XYZ H.V] /Dest (198) cvn H.B /DEST pdfmark end 197 6 a 596 89 a Fl(Another)26 b(risk)g(of)g(tr)o(usting)h(BIOS)f(passwor)o(ds)f(to)i (secur)o(e)e(your)h(system)h(is)f(the)h(default)d(pass-)596 180 y(wor)o(d)16 b(pr)o(oblem.)g(Most)h(BIOS)f(makers)g(don't)h(expect) f(people)g(to)h(open)g(up)g(their)g(computer)f(and)596 272 y(disconnect)29 b(batteries)f(if)h(they)h(for)o(get)e(their)h (passwor)o(d)f(and)h(have)g(equipped)f(their)h(BIOSes)596 363 y(with)24 b(default)e(passwor)o(ds)h(that)h(work)g(r)o(egar)o (dless)d(of)j(your)g(chosen)g(passwor)o(d.)f(Some)g(of)h(the)596 454 y(mor)o(e)c(common)i(passwor)o(ds)f(include:)197 519 y SDict begin H.S end 197 519 a 197 519 a SDict begin 11 H.A end 197 519 a 197 519 a SDict begin [ /View [/XYZ H.V] /Dest (199) cvn H.B /DEST pdfmark end 197 519 a 596 587 a Fl(j262)g(A)-6 b(W)e(ARD_SW)22 b(A)-6 b(W)e(ARD_PW)23 b(lkwpeter)f(Biostar)g(AMI)g(A)-6 b(war)o(d)21 b(bios)i(BIOS)g(setup)f (cmos)596 679 y(AMI!SW1)d(AMI?SW1)f(passwor)o(d)j(hewittrand)f(shift)h (+)h(s)e(y)h(x)g(z)197 743 y SDict begin H.S end 197 743 a 197 743 a SDict begin 11 H.A end 197 743 a 197 743 a SDict begin [ /View [/XYZ H.V] /Dest (200) cvn H.B /DEST pdfmark end 197 743 a 596 811 a Fl(I)g(tested)g(an)g(A)-6 b(war)o(d)19 b(BIOS)i(and)g(A)-6 b(W)e(ARD_PW)21 b(worked.)g(These)g (passwor)o(ds)g(ar)o(e)f(quite)i(easily)596 903 y(available)31 b(fr)o(om)h(manufactur)o(ers')f(websites)i(and)2282 903 y SDict begin H.S end 2282 903 a 2282 903 a SDict begin 11 H.A end 2282 903 a 2282 903 a SDict begin [ /View [/XYZ H.V] /Dest (201) cvn H.B /DEST pdfmark end 2282 903 a Fl(http://astalavista.box.sk)f(and)g(as)g(such)596 994 y(a)26 b(BIOS)h(passwor)o(d)g(cannot)h(be)f(consider)o(ed)f (adequate)h(pr)o(otection)g(fr)o(om)g(a)g(knowledgeable)596 1085 y(attacker)-6 b(.)197 1129 y SDict begin H.S end 197 1129 a 197 1129 a SDict begin 11 H.A end 197 1129 a 197 1129 a SDict begin [ /View [/XYZ H.V] /Dest (202) cvn H.B /DEST pdfmark end 197 1129 a 596 1218 a Fl(Many)16 b(x86)g(BIOSs)g(also)h(allow)g(you)h(to)f(specify)f(various)h(other)g (good)h(security)e(settings.)i(Check)596 1310 y(your)k(BIOS)g(manual)f (or)i(look)g(at)e(it)i(the)f(next)g(time)g(you)h(boot)f(up.)g(For)g (example,)g(some)g(BIOSs)596 1401 y(disallow)33 b(booting)h(fr)o(om)e (\003oppy)i(drives)e(and)g(some)i(r)o(equir)o(e)e(passwor)o(ds)g(to)h (access)f(some)596 1492 y(BIOS)20 b(featur)o(es.)197 1535 y SDict begin H.S end 197 1535 a 197 1535 a SDict begin 11 H.A end 197 1535 a 197 1535 a SDict begin [ /View [/XYZ H.V] /Dest (203) cvn H.B /DEST pdfmark end 197 1535 a 197 1535 a SDict begin H.S end 197 1535 a 197 1535 a SDict begin 11 H.A end 197 1535 a 197 1535 a SDict begin [ /View [/XYZ H.V] /Dest (204) cvn H.B /DEST pdfmark end 197 1535 a 596 1625 a Fj(Note)p Fl(:)k(If)g(you)i(have)f(a)f (server)g(machine,)h(and)g(you)h(set)f(up)g(a)f(boot)i(passwor)o(d,)e (your)i(machine)596 1716 y(will)20 b(not)h(boot)f(up)g(unattended.)f (Keep)g(in)i(mind)f(that)g(you)g(will)h(need)e(to)i(come)f(in)g(and)g (supply)596 1808 y(the)g(passwor)o(d)h(in)g(the)g(event)f(of)h(a)f (power)h(failur)o(e.)e(;\()197 1873 y SDict begin H.S end 197 1873 a 197 1873 a SDict begin 11 H.A end 197 1873 a 197 1873 a SDict begin [ /View [/XYZ H.V] /Dest (205) cvn H.B /DEST pdfmark end 197 1873 a 596 2126 a Fi(Boot)28 b(Loader)h(Security)1611 2126 y SDict begin H.S end 1611 2126 a 1611 2126 a SDict begin 13.31 H.A end 1611 2126 a 1611 2126 a SDict begin [ /View [/XYZ H.V] /Dest (1.3.13.2) cvn H.B /DEST pdfmark end 1611 2126 a 197 2197 a SDict begin H.S end 197 2197 a 197 2197 a SDict begin 11 H.A end 197 2197 a 197 2197 a SDict begin [ /View [/XYZ H.V] /Dest (207) cvn H.B /DEST pdfmark end 197 2197 a 596 2267 a Fl(The)16 b(various)h(Linux)g(boot)g(loaders)g(also)g(can)f (have)h(a)f(boot)h(passwor)o(d)g(set.)f(LILO,)g(for)h(example,)596 2359 y(has)749 2359 y SDict begin H.S end 749 2359 a 749 2359 a SDict begin 11 H.A end 749 2359 a 749 2359 a SDict begin [ /View [/XYZ H.V] /Dest (208) cvn H.B /DEST pdfmark end 749 2359 a Fh(password)26 b Fl(and)1304 2359 y SDict begin H.S end 1304 2359 a 1304 2359 a SDict begin 11 H.A end 1304 2359 a 1304 2359 a SDict begin [ /View [/XYZ H.V] /Dest (209) cvn H.B /DEST pdfmark end 1304 2359 a Fh(restricted)g Fl(settings;)2112 2359 y SDict begin H.S end 2112 2359 a 2112 2359 a SDict begin 11 H.A end 2112 2359 a 2112 2359 a SDict begin [ /View [/XYZ H.V] /Dest (210) cvn H.B /DEST pdfmark end 2112 2359 a Fh(password)g Fl(r)o(equir)o(es)h(passwor)o(d)h(at)f(boot)i (time,)596 2450 y(wher)o(eas)918 2450 y SDict begin H.S end 918 2450 a 918 2450 a SDict begin 11 H.A end 918 2450 a 918 2450 a SDict begin [ /View [/XYZ H.V] /Dest (211) cvn H.B /DEST pdfmark end 918 2450 a Fh(restricted)16 b Fl(r)o(equir)o(es)g(a)h(boot-time)h(passwor)o(d)f(only)h(if)f(you)h (specify)f(options)i(\(such)596 2541 y(as)693 2541 y SDict begin H.S end 693 2541 a 693 2541 a SDict begin 11 H.A end 693 2541 a 693 2541 a SDict begin [ /View [/XYZ H.V] /Dest (212) cvn H.B /DEST pdfmark end 693 2541 a Fh(single)p Fl(\))g(at)i(the)1236 2541 y SDict begin H.S end 1236 2541 a 1236 2541 a SDict begin 11 H.A end 1236 2541 a 1236 2541 a SDict begin [ /View [/XYZ H.V] /Dest (213) cvn H.B /DEST pdfmark end 1236 2541 a Fh(LILO)65 b Fl(pr)o(ompt.)197 2606 y SDict begin H.S end 197 2606 a 197 2606 a SDict begin 11 H.A end 197 2606 a 197 2606 a SDict begin [ /View [/XYZ H.V] /Dest (214) cvn H.B /DEST pdfmark end 197 2606 a 596 2674 a Fl(>Fr)o(om)21 b(the)g(lilo.conf)g(man)g(page:)197 2780 y SDict begin H.S end 197 2780 a 197 2780 a SDict begin 9.9 H.A end 197 2780 a 197 2780 a SDict begin [ /View [/XYZ H.V] /Dest (215) cvn H.B /DEST pdfmark end 197 2780 a 596 2839 a Fh(password=password)1223 2921 y(The)44 b(per-image)g(option)g (`password=...')e(\(see)i(below\))g(applies)g(to)g(all)h(images.)596 3086 y(restricted)1223 3168 y(The)f(per-image)g(option)g(`restricted')e (\(see)j(below\))e(applies)h(to)h(all)f(images.)909 3332 y(password=password)1223 3415 y(Protect)g(the)g(image)g(by)h(a)f (password.)909 3579 y(restricted)1223 3661 y(A)h(password)e(is)i(only)f (required)f(to)i(boot)f(the)g(image)g(if)1223 3743 y(parameters)f(are)i (specified)88 b(on)h(the)g(command)g(line)1223 3826 y(\(e.g.)44 b(single\).)197 4041 y SDict begin H.S end 197 4041 a 197 4041 a SDict begin 11 H.A end 197 4041 a 197 4041 a SDict begin [ /View [/XYZ H.V] /Dest (216) cvn H.B /DEST pdfmark end 197 4041 a 596 4133 a Fl(Keep)29 b(in)g(mind)h(when)g (setting)g(all)f(these)h(passwor)o(ds)f(that)g(you)h(need)f(to)g(r)o (emember)g(them.)596 4224 y(:\))i(Also)g(r)o(emember)g(that)h(these)f (passwor)o(ds)h(will)g(mer)o(ely)f(slow)i(the)f(determined)f(attacker) -6 b(.)596 4315 y(They)26 b(won't)i(pr)o(event)e(someone)i(fr)o(om)e (booting)i(fr)o(om)f(a)f(\003oppy)-9 b(,)27 b(and)f(mounting)j(your)e (r)o(oot)596 4407 y(partition.)g(If)f(you)i(ar)o(e)e(using)i(security)f (in)g(conjunction)i(with)f(a)f(boot)h(loader)-6 b(,)26 b(you)h(might)h(as)596 4498 y(well)c(disable)g(booting)i(fr)o(om)e(a)f (\003oppy)j(in)e(your)h(computer)6 b('s)25 b(BIOS,)f(and)g(passwor)o (d-pr)o(otect)596 4589 y(the)c(BIOS.)197 4633 y SDict begin H.S end 197 4633 a 197 4633 a SDict begin 11 H.A end 197 4633 a 197 4633 a SDict begin [ /View [/XYZ H.V] /Dest (217) cvn H.B /DEST pdfmark end 197 4633 a 596 4722 a Fl(Also)25 b(keep)h(in)g(mind)g(that)f(the)h(/etc/lilo.conf)g(will)h (need)e(to)h(be)f(mode)h("600")e(\(r)o(eadable)e(and)596 4814 y(writing)f(for)g(r)o(oot)f(only\),)i(or)e(others)i(will)f(be)g (able)f(to)h(r)o(ead)e(your)i(passwor)o(ds!)197 4878 y SDict begin H.S end 197 4878 a 197 4878 a SDict begin 11 H.A end 197 4878 a 197 4878 a SDict begin [ /View [/XYZ H.V] /Dest (218) cvn H.B /DEST pdfmark end 197 4878 a 596 4946 a Fl(Fr)o(om)e(the)g(GRUB)h(info)f(page:)g(GRUB)g(pr)o (ovides)f("passwor)o(d")h(featur)o(e,)e(so)j(that)f(only)h(adminis-)596 5038 y(trators)g(can)h(start)f(the)h(interactive)f(operations)h(\(i.e.) f(editing)h(menu)g(entries)g(and)g(entering)g(the)596 5129 y(command-line)28 b(interface\).)f(T)-8 b(o)29 b(use)g(this)g (featur)o(e,)e(you)i(need)f(to)h(r)o(un)g(the)g(command)f(`pass-)596 5220 y(wor)o(d')20 b(in)h(your)g(con\002guration)h(\002le)f(\(*note)g (passwor)o(d::\),)e(like)i(this:)197 5285 y SDict begin H.S end 197 5285 a 197 5285 a SDict begin 11 H.A end 197 5285 a 197 5285 a SDict begin [ /View [/XYZ H.V] /Dest (219) cvn H.B /DEST pdfmark end 197 5285 a 596 5353 a Fl(passwor)o(d)f(--md5)f(P)-8 b(ASSWORD)p Black 3642 5585 a Fj(9)p Black eop end %%Page: 10 10 TeXDict begin 10 9 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.10) cvn H.B /DEST pdfmark end 197 -102 a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 197 6 a SDict begin H.S end 197 6 a 197 6 a SDict begin 11 H.A end 197 6 a 197 6 a SDict begin [ /View [/XYZ H.V] /Dest (220) cvn H.B /DEST pdfmark end 197 6 a 596 89 a Fl(If)26 b(this)i(is)f(speci\002ed,)f(GRUB)h(disallows)h(any)f (interactive)f(contr)o(ol,)h(until)h(you)f(pr)o(ess)g(the)g(key)596 180 y(
)21 b(and)g(enter)g(a)g(corr)o(ect)f(passwor)o(d.)h(The)g (option)i(`--md5')d(tells)i(GRUB)f(that)h(`P)-8 b(ASSWORD')596 272 y(is)21 b(in)g(MD5)f(format.)g(If)g(it)h(is)h(omitted,)e(GRUB)h (assumes)g(the)g(`P)-8 b(ASSWORD')21 b(is)h(in)f(clear)f(text.)197 327 y SDict begin H.S end 197 327 a 197 327 a SDict begin 11 H.A end 197 327 a 197 327 a SDict begin [ /View [/XYZ H.V] /Dest (221) cvn H.B /DEST pdfmark end 197 327 a 596 405 a Fl(Y)-8 b(ou)29 b(can)e(encrypt)h(your)g(passwor)o(d)f (with)i(the)f(command)g(`md5crypt')f(\(*note)i(md5crypt::\).)596 496 y(For)17 b(example,)g(r)o(un)h(the)f(gr)o(ub)h(shell)g(\(*note)g (Invoking)g(the)g(gr)o(ub)g(shell::\),)f(and)g(enter)g(your)g(pass-)596 587 y(wor)o(d:)197 631 y SDict begin H.S end 197 631 a 197 631 a SDict begin 11 H.A end 197 631 a 197 631 a SDict begin [ /View [/XYZ H.V] /Dest (222) cvn H.B /DEST pdfmark end 197 631 a 596 720 a Fl(gr)o(ub>)k(md5crypt)f(Passwor)o(d:)g (**********)k(Encrypted:)c($1$U$JK7xFegdxWH6V)-8 b(uppCUSIb.)197 785 y SDict begin H.S end 197 785 a 197 785 a SDict begin 11 H.A end 197 785 a 197 785 a SDict begin [ /View [/XYZ H.V] /Dest (223) cvn H.B /DEST pdfmark end 197 785 a 596 853 a Fl(Then,)20 b(cut)h(and)f(paste)h(the)f(encrypted)h (passwor)o(d)f(to)h(your)g(con\002guration)h(\002le.)197 918 y SDict begin H.S end 197 918 a 197 918 a SDict begin 11 H.A end 197 918 a 197 918 a SDict begin [ /View [/XYZ H.V] /Dest (224) cvn H.B /DEST pdfmark end 197 918 a 596 986 a Fl(Gr)o(ub)k(also)f(has)h(a)f('lock')h(command)g(that)g (will)g(allow)g(you)h(to)f(lock)g(a)f(partition)h(if)f(you)h(don't)596 1077 y(pr)o(ovide)20 b(the)h(corr)o(ect)f(passwor)o(d.)h(Simply)g(add)f ('lock')i(and)f(the)h(partition)f(will)h(not)g(be)f(access-)596 1168 y(able)f(until)h(the)g(user)g(supplies)g(a)f(passwor)o(d.)197 1233 y SDict begin H.S end 197 1233 a 197 1233 a SDict begin 11 H.A end 197 1233 a 197 1233 a SDict begin [ /View [/XYZ H.V] /Dest (225) cvn H.B /DEST pdfmark end 197 1233 a 596 1301 a Fl(If)29 b(anyone)i(has)f(security-r)o(elated)e (information)j(fr)o(om)f(a)f(dif)o(fer)o(ent)g(boot)h(loader)-6 b(,)29 b(we)h(would)596 1393 y(love)20 b(to)i(hear)e(it.)g(\()1169 1393 y SDict begin H.S end 1169 1393 a 1169 1393 a SDict begin 11 H.A end 1169 1393 a 1169 1393 a SDict begin [ /View [/XYZ H.V] /Dest (226) cvn H.B /DEST pdfmark end 1169 1393 a Fh(grub)p Fl(,)1390 1393 y SDict begin H.S end 1390 1393 a 1390 1393 a SDict begin 11 H.A end 1390 1393 a 1390 1393 a SDict begin [ /View [/XYZ H.V] /Dest (227) cvn H.B /DEST pdfmark end 1390 1393 a Fh(silo)p Fl(,)1611 1393 y SDict begin H.S end 1611 1393 a 1611 1393 a SDict begin 11 H.A end 1611 1393 a 1611 1393 a SDict begin [ /View [/XYZ H.V] /Dest (228) cvn H.B /DEST pdfmark end 1611 1393 a Fh(milo)p Fl(,)1832 1393 y SDict begin H.S end 1832 1393 a 1832 1393 a SDict begin 11 H.A end 1832 1393 a 1832 1393 a SDict begin [ /View [/XYZ H.V] /Dest (229) cvn H.B /DEST pdfmark end 1832 1393 a Fh(linload)p Fl(,)f(etc\).)197 1451 y SDict begin H.S end 197 1451 a 197 1451 a SDict begin 11 H.A end 197 1451 a 197 1451 a SDict begin [ /View [/XYZ H.V] /Dest (230) cvn H.B /DEST pdfmark end 197 1451 a 197 1451 a SDict begin H.S end 197 1451 a 197 1451 a SDict begin 11 H.A end 197 1451 a 197 1451 a SDict begin [ /View [/XYZ H.V] /Dest (231) cvn H.B /DEST pdfmark end 197 1451 a 596 1525 a Fj(Note)p Fl(:)24 b(If)g(you)i(have)f(a)f(server)g(machine,)h (and)g(you)h(set)f(up)g(a)f(boot)i(passwor)o(d,)e(your)i(machine)596 1617 y(will)758 1617 y SDict begin H.S end 758 1617 a 758 1617 a SDict begin 11 H.A end 758 1617 a 758 1617 a SDict begin [ /View [/XYZ H.V] /Dest (232) cvn H.B /DEST pdfmark end 758 1617 a Fj(not)20 b Fl(boot)h(up)f(unattended.)g(Keep)g (in)h(mind)g(that)g(you)g(will)g(need)f(to)h(come)g(in)g(and)f(supply) 596 1708 y(the)g(passwor)o(d)h(in)g(the)g(event)f(of)h(a)f(power)h (failur)o(e.)e(;\()197 1773 y SDict begin H.S end 197 1773 a 197 1773 a SDict begin 11 H.A end 197 1773 a 197 1773 a SDict begin [ /View [/XYZ H.V] /Dest (233) cvn H.B /DEST pdfmark end 197 1773 a 596 2026 a Fi(xloc)n(k)27 b(and)i(vloc)n(k)1340 2026 y SDict begin H.S end 1340 2026 a 1340 2026 a SDict begin 13.31 H.A end 1340 2026 a 1340 2026 a SDict begin [ /View [/XYZ H.V] /Dest (1.3.14.2) cvn H.B /DEST pdfmark end 1340 2026 a 197 2078 a SDict begin H.S end 197 2078 a 197 2078 a SDict begin 11 H.A end 197 2078 a 197 2078 a SDict begin [ /View [/XYZ H.V] /Dest (235) cvn H.B /DEST pdfmark end 197 2078 a 596 2168 a Fl(If)15 b(you)i(wander)f(away)f(fr)o(om)h(your)h(machine)f(fr)o(om)g (time)g(to)h(time,)f(it)g(is)h(nice)f(to)h(be)f(able)f(to)i("lock")596 2259 y(your)25 b(console)h(so)g(that)f(no)g(one)h(can)f(tamper)f(with,) i(or)f(look)h(at,)f(your)g(work.)g(T)-7 b(wo)25 b(pr)o(ograms)596 2350 y(that)20 b(do)h(this)h(ar)o(e:)1187 2350 y SDict begin H.S end 1187 2350 a 1187 2350 a SDict begin 11 H.A end 1187 2350 a 1187 2350 a SDict begin [ /View [/XYZ H.V] /Dest (236) cvn H.B /DEST pdfmark end 1187 2350 a Fh(xlock)e Fl(and)1593 2350 y SDict begin H.S end 1593 2350 a 1593 2350 a SDict begin 11 H.A end 1593 2350 a 1593 2350 a SDict begin [ /View [/XYZ H.V] /Dest (237) cvn H.B /DEST pdfmark end 1593 2350 a Fh(vlock)p Fl(.)197 2394 y SDict begin H.S end 197 2394 a 197 2394 a SDict begin 11 H.A end 197 2394 a 197 2394 a SDict begin [ /View [/XYZ H.V] /Dest (238) cvn H.B /DEST pdfmark end 197 2394 a 197 2394 a SDict begin H.S end 197 2394 a 197 2394 a SDict begin 11 H.A end 197 2394 a 197 2394 a SDict begin [ /View [/XYZ H.V] /Dest (239) cvn H.B /DEST pdfmark end 197 2394 a 596 2483 a Fh(xlock)30 b Fl(is)i(a)f(X)g(display)g (locker)-6 b(.)31 b(It)h(should)g(be)f(included)g(in)h(any)f(Linux)h (distributions)g(that)596 2574 y(support)27 b(X.)g(Check)f(out)i(the)f (man)g(page)f(for)g(it)h(for)g(mor)o(e)g(options,)g(but)g(in)h(general) e(you)h(can)596 2666 y(r)o(un)752 2666 y SDict begin H.S end 752 2666 a 752 2666 a SDict begin 11 H.A end 752 2666 a 752 2666 a SDict begin [ /View [/XYZ H.V] /Dest (240) cvn H.B /DEST pdfmark end 752 2666 a Fh(xlock)e Fl(fr)o(om)g(any)g (xterm)h(on)g(your)g(console)h(and)e(it)h(will)g(lock)h(the)e(display)h (and)f(r)o(equir)o(e)596 2757 y(your)c(passwor)o(d)f(to)h(unlock.)197 2822 y SDict begin H.S end 197 2822 a 197 2822 a SDict begin 11 H.A end 197 2822 a 197 2822 a SDict begin [ /View [/XYZ H.V] /Dest (241) cvn H.B /DEST pdfmark end 197 2822 a 197 2822 a SDict begin H.S end 197 2822 a 197 2822 a SDict begin 11 H.A end 197 2822 a 197 2822 a SDict begin [ /View [/XYZ H.V] /Dest (242) cvn H.B /DEST pdfmark end 197 2822 a 596 2890 a Fh(vlock)29 b Fl(is)i(a)e(simple)i(little) g(pr)o(ogram)e(that)h(allows)h(you)g(to)g(lock)f(some)h(or)g(all)f(of)g (the)g(virtual)596 2981 y(consoles)e(on)f(your)g(Linux)g(box.)g(Y)-8 b(ou)28 b(can)f(lock)g(just)h(the)f(one)g(you)g(ar)o(e)f(working)i(in)f (or)g(all)g(of)596 3073 y(them.)17 b(If)f(you)h(just)h(lock)f(one,)g (others)h(can)e(come)h(in)h(and)e(use)h(the)g(console;)g(they)h(will)f (just)h(not)f(be)596 3164 y(able)j(to)i(use)f(your)h(virtual)f(console) i(until)f(you)g(unlock)g(it.)2492 3164 y SDict begin H.S end 2492 3164 a 2492 3164 a SDict begin 11 H.A end 2492 3164 a 2492 3164 a SDict begin [ /View [/XYZ H.V] /Dest (243) cvn H.B /DEST pdfmark end 2492 3164 a Fh(vlock)f Fl(ships)h(with)g(RedHat)f(Linux,)596 3255 y(but)f(your)h(mileage)g (may)g(vary)-9 b(.)197 3320 y SDict begin H.S end 197 3320 a 197 3320 a SDict begin 11 H.A end 197 3320 a 197 3320 a SDict begin [ /View [/XYZ H.V] /Dest (244) cvn H.B /DEST pdfmark end 197 3320 a 596 3388 a Fl(Of)34 b(course)g(locking)i (your)f(console)g(will)h(pr)o(event)d(someone)j(fr)o(om)e(tampering)g (with)i(your)596 3479 y(work,)20 b(but)g(won't)h(pr)o(event)e(them)i (fr)o(om)f(r)o(ebooting)g(your)h(machine)f(or)g(otherwise)h(disr)o (upting)596 3571 y(your)f(work.)h(It)g(also)f(does)h(not)g(pr)o(event)f (them)h(fr)o(om)f(accessing)g(your)h(machine)g(fr)o(om)f(another)596 3662 y(machine)h(on)g(the)g(network)g(and)g(causing)g(pr)o(oblems.)197 3727 y SDict begin H.S end 197 3727 a 197 3727 a SDict begin 11 H.A end 197 3727 a 197 3727 a SDict begin [ /View [/XYZ H.V] /Dest (245) cvn H.B /DEST pdfmark end 197 3727 a 596 3795 a Fl(Mor)o(e)e(importantly)-9 b(,)21 b(it)g(does)g(not)h(pr)o(event)d(someone)j(fr)o(om)e(switching)j(out)e (of)g(the)g(X)g(W)-5 b(indow)596 3886 y(System)29 b(entir)o(ely)-9 b(,)28 b(and)h(going)h(to)g(a)f(normal)h(virtual)e(console)j(login)f (pr)o(ompt,)f(or)g(to)h(the)f(VC)596 3978 y(that)18 b(X11)g(was)g (started)f(fr)o(om,)h(and)g(suspending)h(it,)f(thus)h(obtaining)h(your) e(privileges.)h(For)f(this)596 4069 y(r)o(eason,)h(you)j(might)g (consider)e(only)i(using)g(it)f(while)g(under)g(contr)o(ol)g(of)f(xdm.) 197 4134 y SDict begin H.S end 197 4134 a 197 4134 a SDict begin 11 H.A end 197 4134 a 197 4134 a SDict begin [ /View [/XYZ H.V] /Dest (246) cvn H.B /DEST pdfmark end 197 4134 a 596 4387 a Fi(Security)28 b(of)h(local)e(de)n(vices)1766 4387 y SDict begin H.S end 1766 4387 a 1766 4387 a SDict begin 13.31 H.A end 1766 4387 a 1766 4387 a SDict begin [ /View [/XYZ H.V] /Dest (1.3.15.2) cvn H.B /DEST pdfmark end 1766 4387 a 197 4458 a SDict begin H.S end 197 4458 a 197 4458 a SDict begin 11 H.A end 197 4458 a 197 4458 a SDict begin [ /View [/XYZ H.V] /Dest (248) cvn H.B /DEST pdfmark end 197 4458 a 596 4528 a Fl(If)18 b(you)h(have)f(a)g(webcam)g (or)g(a)g(micr)o(ophone)h(attached)f(to)h(your)f(system,)h(you)g (should)h(consider)596 4620 y(if)e(ther)o(e)h(is)g(some)h(danger)e(of)i (a)e(attacker)g(gaining)i(access)f(to)g(those)h(devices.)e(When)i(not)g (in)f(use,)596 4711 y(unplugging)32 b(or)g(r)o(emoving)g(such)f (devices)g(might)i(be)e(an)g(option.)h(Otherwise)g(you)g(should)596 4802 y(car)o(efully)19 b(r)o(ead)g(and)h(look)i(at)e(any)h(softwar)o(e) f(with)h(pr)o(ovides)f(access)h(to)g(such)g(devices.)197 4867 y SDict begin H.S end 197 4867 a 197 4867 a SDict begin 11 H.A end 197 4867 a 197 4867 a SDict begin [ /View [/XYZ H.V] /Dest (249) cvn H.B /DEST pdfmark end 197 4867 a 596 5120 a Fi(Detecting)28 b(Ph)n(ysical)g(Security)g(Compr)n (omises)2606 5120 y SDict begin H.S end 2606 5120 a 2606 5120 a SDict begin 13.31 H.A end 2606 5120 a 2606 5120 a SDict begin [ /View [/XYZ H.V] /Dest (1.3.16.2) cvn H.B /DEST pdfmark end 2606 5120 a 197 5193 a SDict begin H.S end 197 5193 a 197 5193 a SDict begin 11 H.A end 197 5193 a 197 5193 a SDict begin [ /View [/XYZ H.V] /Dest (251) cvn H.B /DEST pdfmark end 197 5193 a 596 5262 a Fl(The)c(\002rst)h(thing) g(to)g(always)f(note)h(is)g(when)g(your)g(machine)f(was)h(r)o(ebooted.) e(Since)h(Linux)h(is)f(a)596 5353 y(r)o(obust)d(and)g(stable)g(OS,)g (the)g(only)i(times)e(your)h(machine)g(should)g(r)o(eboot)f(is)h(when) 3311 5353 y SDict begin H.S end 3311 5353 a 3311 5353 a SDict begin 11 H.A end 3311 5353 a 3311 5353 a SDict begin [ /View [/XYZ H.V] /Dest (252) cvn H.B /DEST pdfmark end 3311 5353 a Fj(you)f Fl(take)g(it)596 5445 y(down)c(for)f(OS)g (upgrades,)f(har)o(dwar)o(e)g(swapping,)h(or)h(the)f(like.)h(If)f(your) h(machine)f(has)h(r)o(ebooted)p Black 197 5585 a Fj(10)p Black eop end %%Page: 11 11 TeXDict begin 11 10 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.11) cvn H.B /DEST pdfmark end 197 -102 a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fl(without)i(you)f(doing)g(it,)g(that)g(may)g(be)f(a)h (sign)g(that)g(an)g(intr)o(uder)g(has)g(compr)o(omised)g(it.)f(Many)596 180 y(of)f(the)h(ways)g(that)g(your)g(machine)g(can)g(be)f(compr)o (omised)h(r)o(equir)o(e)f(the)h(intr)o(uder)g(to)g(r)o(eboot)g(or)596 272 y(power)f(of)o(f)g(your)h(machine.)197 337 y SDict begin H.S end 197 337 a 197 337 a SDict begin 11 H.A end 197 337 a 197 337 a SDict begin [ /View [/XYZ H.V] /Dest (253) cvn H.B /DEST pdfmark end 197 337 a 596 405 a Fl(Check)e(for)g(signs)h(of)g(tampering)f(on)h(the)g(case)e(and)h (computer)h(ar)o(ea.)d(Although)j(many)g(intr)o(ud-)596 496 y(ers)j(clean)h(traces)f(of)h(their)g(pr)o(esence)f(out)h(of)g (logs,)h(it's)f(a)g(good)g(idea)g(to)g(check)g(thr)o(ough)g(them)596 587 y(all)c(and)g(note)i(any)e(discr)o(epancy)-9 b(.)197 652 y SDict begin H.S end 197 652 a 197 652 a SDict begin 11 H.A end 197 652 a 197 652 a SDict begin [ /View [/XYZ H.V] /Dest (254) cvn H.B /DEST pdfmark end 197 652 a 596 720 a Fl(It)27 b(is)h(also)f(a)g(good)h(idea)f(to)g(stor)o(e)g (log)i(data)d(at)h(a)g(secur)o(e)f(location,)i(such)g(as)f(a)g (dedicated)e(log)596 811 y(server)20 b(within)j(your)f(well-pr)o (otected)e(network.)i(Once)g(a)f(machine)g(has)h(been)f(compr)o (omised,)596 903 y(log)f(data)e(becomes)i(of)f(little)h(use)f(as)h(it)f (most)i(likely)f(has)f(also)h(been)f(modi\002ed)h(by)g(the)f(intr)o (uder)-6 b(.)197 968 y SDict begin H.S end 197 968 a 197 968 a SDict begin 11 H.A end 197 968 a 197 968 a SDict begin [ /View [/XYZ H.V] /Dest (255) cvn H.B /DEST pdfmark end 197 968 a 596 1036 a Fl(The)32 b(syslog)h(daemon)f(can)g(be)f (con\002gur)o(ed)h(to)h(automatically)f(send)g(log)h(data)d(to)j(a)e (central)596 1127 y(syslog)g(server)-6 b(,)30 b(but)g(this)h(is)g (typically)g(sent)g(unencrypted,)f(allowing)h(an)f(intr)o(uder)h(to)g (view)596 1218 y(data)21 b(as)h(it)g(is)h(being)g(transferr)o(ed.)d (This)j(may)f(r)o(eveal)f(information)i(about)f(your)h(network)g(that) 596 1310 y(is)18 b(not)g(intended)g(to)g(be)g(public.)g(Ther)o(e)e(ar)o (e)h(syslog)i(daemons)f(available)f(that)g(encrypt)h(the)g(data)596 1401 y(as)i(it)h(is)g(being)g(sent.)197 1466 y SDict begin H.S end 197 1466 a 197 1466 a SDict begin 11 H.A end 197 1466 a 197 1466 a SDict begin [ /View [/XYZ H.V] /Dest (256) cvn H.B /DEST pdfmark end 197 1466 a 596 1534 a Fl(Also)f(be)h(awar)o(e)e(that)h(faking)h(syslog)h(messages)f(is)g (easy)f(--)g(with)h(an)g(exploit)g(pr)o(ogram)f(having)596 1625 y(been)j(published.)i(Syslog)f(even)g(accepts)g(net)g(log)h (entries)f(claiming)h(to)f(come)h(fr)o(om)f(the)g(local)596 1716 y(host)d(without)h(indicating)f(their)g(tr)o(ue)g(origin.)197 1781 y SDict begin H.S end 197 1781 a 197 1781 a SDict begin 11 H.A end 197 1781 a 197 1781 a SDict begin [ /View [/XYZ H.V] /Dest (257) cvn H.B /DEST pdfmark end 197 1781 a 596 1849 a Fl(Some)f(things)i(to)f(check)g(for)g(in)g(your)g (logs:)2018 1849 y SDict begin H.S end 2018 1849 a 2018 1849 a SDict begin 11 H.A end 2018 1849 a 2018 1849 a SDict begin [ /View [/XYZ H.V] /Dest (258) cvn H.B /DEST pdfmark end 2018 1849 a 197 1914 a SDict begin H.S end 197 1914 a 197 1914 a SDict begin 11 H.A end 197 1914 a 197 1914 a SDict begin [ /View [/XYZ H.V] /Dest (259) cvn H.B /DEST pdfmark end 197 1914 a Black 596 2065 a Fg(\225)p Black 679 2065 a SDict begin H.S end 679 2065 a 679 2065 a SDict begin 11 H.A end 679 2065 a 679 2065 a SDict begin [ /View [/XYZ H.V] /Dest (260) cvn H.B /DEST pdfmark end 679 2065 a Fl(Short)f(or)h(incomplete)h(logs.)197 2088 y SDict begin H.S end 197 2088 a 197 2088 a SDict begin 11 H.A end 197 2088 a 197 2088 a SDict begin [ /View [/XYZ H.V] /Dest (261) cvn H.B /DEST pdfmark end 197 2088 a Black 596 2198 a Fg(\225)p Black 679 2198 a SDict begin H.S end 679 2198 a 679 2198 a SDict begin 11 H.A end 679 2198 a 679 2198 a SDict begin [ /View [/XYZ H.V] /Dest (262) cvn H.B /DEST pdfmark end 679 2198 a Fl(Logs)f (containing)h(strange)e(timestamps.)197 2221 y SDict begin H.S end 197 2221 a 197 2221 a SDict begin 11 H.A end 197 2221 a 197 2221 a SDict begin [ /View [/XYZ H.V] /Dest (263) cvn H.B /DEST pdfmark end 197 2221 a Black 596 2331 a Fg(\225)p Black 679 2331 a SDict begin H.S end 679 2331 a 679 2331 a SDict begin 11 H.A end 679 2331 a 679 2331 a SDict begin [ /View [/XYZ H.V] /Dest (264) cvn H.B /DEST pdfmark end 679 2331 a Fl(Logs)h(with)g(incorr)o(ect)f (permissions)j(or)d(ownership.)197 2354 y SDict begin H.S end 197 2354 a 197 2354 a SDict begin 11 H.A end 197 2354 a 197 2354 a SDict begin [ /View [/XYZ H.V] /Dest (265) cvn H.B /DEST pdfmark end 197 2354 a Black 596 2464 a Fg(\225)p Black 679 2464 a SDict begin H.S end 679 2464 a 679 2464 a SDict begin 11 H.A end 679 2464 a 679 2464 a SDict begin [ /View [/XYZ H.V] /Dest (266) cvn H.B /DEST pdfmark end 679 2464 a Fl(Recor)o(ds)g(of)h(r)o(eboots)f (or)h(r)o(estarting)f(of)h(services.)197 2487 y SDict begin H.S end 197 2487 a 197 2487 a SDict begin 11 H.A end 197 2487 a 197 2487 a SDict begin [ /View [/XYZ H.V] /Dest (267) cvn H.B /DEST pdfmark end 197 2487 a Black 596 2596 a Fg(\225)p Black 679 2596 a SDict begin H.S end 679 2596 a 679 2596 a SDict begin 11 H.A end 679 2596 a 679 2596 a SDict begin [ /View [/XYZ H.V] /Dest (268) cvn H.B /DEST pdfmark end 679 2596 a Fl(missing)h(logs.)197 2620 y SDict begin H.S end 197 2620 a 197 2620 a SDict begin 11 H.A end 197 2620 a 197 2620 a SDict begin [ /View [/XYZ H.V] /Dest (269) cvn H.B /DEST pdfmark end 197 2620 a Black 596 2729 a Fg(\225)p Black 679 2729 a SDict begin H.S end 679 2729 a 679 2729 a SDict begin 11 H.A end 679 2729 a 679 2729 a SDict begin [ /View [/XYZ H.V] /Dest (270) cvn H.B /DEST pdfmark end 679 2729 a 679 2729 a SDict begin H.S end 679 2729 a 679 2729 a SDict begin 11 H.A end 679 2729 a 679 2729 a SDict begin [ /View [/XYZ H.V] /Dest (271) cvn H.B /DEST pdfmark end 679 2729 a Fh(su)e Fl(entries)h(or)g(logins)h(fr)o(om)e(strange)h(places.) 197 2904 y SDict begin H.S end 197 2904 a 197 2904 a SDict begin 11 H.A end 197 2904 a 197 2904 a SDict begin [ /View [/XYZ H.V] /Dest (272) cvn H.B /DEST pdfmark end 197 2904 a 596 2995 a Fl(W)-8 b(e)15 b(will)i(discuss)f(system)h(log) f(data)p 0 TeXcolorgray 1748 2995 a SDict begin H.S end 1748 2995 a Fl(the)21 b(Section)f(called)g Fj(Keep)i(T)-9 b(rack)20 b(of)g(Y)-9 b(our)22 b(System)e(Accounting)g(Data)3903 2995 y SDict begin 11 H.L end 3903 2995 a 3903 2995 a SDict begin [ /Subtype /Link /Dest (logs) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3903 2995 a Black 596 3086 a Fl(in)h(the)g(HOWT)o (O.)197 3212 y SDict begin H.S end 197 3212 a 197 3212 a SDict begin 11 H.A end 197 3212 a 197 3212 a SDict begin [ /View [/XYZ H.V] /Dest (local-security) cvn H.B /DEST pdfmark end 197 3212 a 286 x Fn(Local)30 b(Security)952 3498 y SDict begin H.S end 952 3498 a 952 3498 a SDict begin 14.641 H.A end 952 3498 a 952 3498 a SDict begin [ /View [/XYZ H.V] /Dest (1.4.1) cvn H.B /DEST pdfmark end 952 3498 a 197 3576 a SDict begin H.S end 197 3576 a 197 3576 a SDict begin 11 H.A end 197 3576 a 197 3576 a SDict begin [ /View [/XYZ H.V] /Dest (276) cvn H.B /DEST pdfmark end 197 3576 a 596 3645 a Fl(The)d(next)g(thing)h(to)f(take)g(a)f(look)i (at)f(is)g(the)g(security)g(in)h(your)f(system)h(against)f(attacks)f (fr)o(om)596 3736 y(local)20 b(users.)h(Did)g(we)f(just)i(say)1609 3736 y SDict begin H.S end 1609 3736 a 1609 3736 a SDict begin 11 H.A end 1609 3736 a 1609 3736 a SDict begin [ /View [/XYZ H.V] /Dest (277) cvn H.B /DEST pdfmark end 1609 3736 a Fj(local)e Fl(users?)h(Y)-8 b(es!)197 3801 y SDict begin H.S end 197 3801 a 197 3801 a SDict begin 11 H.A end 197 3801 a 197 3801 a SDict begin [ /View [/XYZ H.V] /Dest (278) cvn H.B /DEST pdfmark end 197 3801 a 596 3869 a Fl(Getting)24 b(access)g(to)g(a)g(local)g(user)g(account)g (is)g(one)h(of)f(the)g(\002rst)h(things)g(that)f(system)h(intr)o(uders) 596 3960 y(attempt)30 b(while)h(on)g(their)g(way)f(to)h(exploiting)h (the)e(r)o(oot)h(account.)f(W)-5 b(ith)32 b(lax)e(local)g(security)-9 b(,)596 4052 y(they)30 b(can)g(then)g("upgrade")f(their)h(normal)g (user)g(access)f(to)i(r)o(oot)f(access)f(using)i(a)f(variety)f(of)596 4143 y(bugs)f(and)g(poorly)h(setup)f(local)g(services.)g(If)g(you)h (make)f(sur)o(e)g(your)g(local)g(security)h(is)f(tight,)596 4234 y(then)21 b(the)g(intr)o(uder)f(will)i(have)e(another)h(hur)o(dle) f(to)h(jump.)197 4299 y SDict begin H.S end 197 4299 a 197 4299 a SDict begin 11 H.A end 197 4299 a 197 4299 a SDict begin [ /View [/XYZ H.V] /Dest (279) cvn H.B /DEST pdfmark end 197 4299 a 596 4367 a Fl(Local)k(users)h(can)f(also)h (cause)f(a)g(lot)i(of)e(havoc)h(with)g(your)h(system)f(even)f (\(especially\))g(if)h(they)596 4458 y(r)o(eally)18 b(ar)o(e)g(who)i (they)f(say)g(they)h(ar)o(e.)d(Pr)o(oviding)j(accounts)f(to)h(people)f (you)h(don't)g(know)g(or)f(for)596 4550 y(whom)i(you)h(have)e(no)h (contact)g(information)h(is)f(a)f(very)h(bad)f(idea.)197 4573 y SDict begin H.S end 197 4573 a 197 4573 a SDict begin 11 H.A end 197 4573 a 197 4573 a SDict begin [ /View [/XYZ H.V] /Dest (280) cvn H.B /DEST pdfmark end 197 4573 a 596 4819 a Fi(Creating)28 b(Ne)n(w)g(Accounts)1721 4819 y SDict begin H.S end 1721 4819 a 1721 4819 a SDict begin 13.31 H.A end 1721 4819 a 1721 4819 a SDict begin [ /View [/XYZ H.V] /Dest (1.4.17.2) cvn H.B /DEST pdfmark end 1721 4819 a 197 4891 a SDict begin H.S end 197 4891 a 197 4891 a SDict begin 11 H.A end 197 4891 a 197 4891 a SDict begin [ /View [/XYZ H.V] /Dest (282) cvn H.B /DEST pdfmark end 197 4891 a 596 4960 a Fl(Y)-8 b(ou)32 b(should)h(make)e (sur)o(e)g(you)h(pr)o(ovide)e(user)i(accounts)f(with)i(only)f(the)g (minimal)g(r)o(equir)o(e-)596 5052 y(ments)20 b(for)h(the)f(task)g (they)h(need)f(to)g(do.)h(If)f(you)g(pr)o(ovide)g(your)g(son)i(\(age)d (10\))g(with)i(an)f(account,)596 5143 y(you)26 b(might)h(want)f(him)h (to)f(only)h(have)f(access)f(to)h(a)g(wor)o(d)f(pr)o(ocessor)h(or)g (drawing)g(pr)o(ogram,)596 5234 y(but)20 b(be)h(unable)f(to)h(delete)f (data)g(that)h(is)g(not)g(his.)197 5278 y SDict begin H.S end 197 5278 a 197 5278 a SDict begin 11 H.A end 197 5278 a 197 5278 a SDict begin [ /View [/XYZ H.V] /Dest (283) cvn H.B /DEST pdfmark end 197 5278 a 596 5367 a Fl(Several)k(good)i(r)o(ules)h(of)f(thumb)g(when)h(allowing)g(other)f (people)g(legitimate)g(access)f(to)i(your)596 5458 y(Linux)20 b(machine:)p Black 3601 5585 a Fj(11)p Black eop end %%Page: 12 12 TeXDict begin 12 11 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.12) cvn H.B /DEST pdfmark end 197 -102 a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 197 6 a SDict begin H.S end 197 6 a 197 6 a SDict begin 11 H.A end 197 6 a 197 6 a SDict begin [ /View [/XYZ H.V] /Dest (284) cvn H.B /DEST pdfmark end 197 6 a 197 6 a SDict begin H.S end 197 6 a 197 6 a SDict begin 11 H.A end 197 6 a 197 6 a SDict begin [ /View [/XYZ H.V] /Dest (285) cvn H.B /DEST pdfmark end 197 6 a 197 6 a SDict begin H.S end 197 6 a 197 6 a SDict begin 11 H.A end 197 6 a 197 6 a SDict begin [ /View [/XYZ H.V] /Dest (286) cvn H.B /DEST pdfmark end 197 6 a Black 596 89 a Fg(\225)p Black 679 89 a SDict begin H.S end 679 89 a 679 89 a SDict begin 11 H.A end 679 89 a 679 89 a SDict begin [ /View [/XYZ H.V] /Dest (287) cvn H.B /DEST pdfmark end 679 89 a Fl(Give)f(them)i(the)f(minimal)g(amount)h(of)e(privileges)h(they)g (need.)197 112 y SDict begin H.S end 197 112 a 197 112 a SDict begin 11 H.A end 197 112 a 197 112 a SDict begin [ /View [/XYZ H.V] /Dest (288) cvn H.B /DEST pdfmark end 197 112 a Black 596 222 a Fg(\225)p Black 679 222 a SDict begin H.S end 679 222 a 679 222 a SDict begin 11 H.A end 679 222 a 679 222 a SDict begin [ /View [/XYZ H.V] /Dest (289) cvn H.B /DEST pdfmark end 679 222 a Fl(Be)f(awar)o(e)f (when/wher)o(e)i(they)g(login)h(fr)o(om,)e(or)h(should)g(be)g(logging)h (in)f(fr)o(om.)197 245 y SDict begin H.S end 197 245 a 197 245 a SDict begin 11 H.A end 197 245 a 197 245 a SDict begin [ /View [/XYZ H.V] /Dest (290) cvn H.B /DEST pdfmark end 197 245 a Black 596 355 a Fg(\225)p Black 679 355 a SDict begin H.S end 679 355 a 679 355 a SDict begin 11 H.A end 679 355 a 679 355 a SDict begin [ /View [/XYZ H.V] /Dest (291) cvn H.B /DEST pdfmark end 679 355 a Fl(Make)k(sur)o(e)g(you)i(r)o(emove)e(inactive)h(accounts,)g (which)h(you)f(can)g(determine)g(by)g(using)h(the)679 446 y('last')20 b(command)i(and/or)e(checking)i(log)f(\002les)g(for)g (any)f(activity)h(by)g(the)g(user)-6 b(.)197 469 y SDict begin H.S end 197 469 a 197 469 a SDict begin 11 H.A end 197 469 a 197 469 a SDict begin [ /View [/XYZ H.V] /Dest (292) cvn H.B /DEST pdfmark end 197 469 a Black 596 579 a Fg(\225)p Black 679 579 a SDict begin H.S end 679 579 a 679 579 a SDict begin 11 H.A end 679 579 a 679 579 a SDict begin [ /View [/XYZ H.V] /Dest (293) cvn H.B /DEST pdfmark end 679 579 a Fl(The)31 b(use)g(of)g(the)g(same)g(userid)f (on)i(all)f(computers)g(and)g(networks)h(is)f(advisable)f(to)i(ease)679 670 y(account)20 b(maintenance,)h(and)f(permits)h(easier)f(analysis)h (of)g(log)g(data.)197 694 y SDict begin H.S end 197 694 a 197 694 a SDict begin 11 H.A end 197 694 a 197 694 a SDict begin [ /View [/XYZ H.V] /Dest (294) cvn H.B /DEST pdfmark end 197 694 a Black 596 803 a Fg(\225)p Black 679 803 a SDict begin H.S end 679 803 a 679 803 a SDict begin 11 H.A end 679 803 a 679 803 a SDict begin [ /View [/XYZ H.V] /Dest (295) cvn H.B /DEST pdfmark end 679 803 a Fl(The)c(cr)o(eation)g(of)h(gr)o(oup)f(user)o(-id's)g(should)h (be)f(absolutely)h(pr)o(ohibited.)f(User)g(accounts)h(also)679 894 y(pr)o(ovide)h(accountability)-9 b(,)21 b(and)f(this)i(is)f(not)g (possible)h(with)f(gr)o(oup)g(accounts.)197 1069 y SDict begin H.S end 197 1069 a 197 1069 a SDict begin 11 H.A end 197 1069 a 197 1069 a SDict begin [ /View [/XYZ H.V] /Dest (296) cvn H.B /DEST pdfmark end 197 1069 a 596 1160 a Fl(Many)g(local)i(user)f(accounts)g(that)g(ar)o(e)f(used)h(in)h (security)f(compr)o(omises)h(have)f(not)h(been)f(used)596 1251 y(in)f(months)h(or)f(years.)f(Since)g(no)i(one)f(is)g(using)h (them)f(they)-9 b(,)20 b(pr)o(ovide)g(the)h(ideal)f(attack)g(vehicle.) 197 1316 y SDict begin H.S end 197 1316 a 197 1316 a SDict begin 11 H.A end 197 1316 a 197 1316 a SDict begin [ /View [/XYZ H.V] /Dest (root-security) cvn H.B /DEST pdfmark end 197 1316 a 596 1569 a Fi(Root)28 b(Security)1248 1569 y SDict begin H.S end 1248 1569 a 1248 1569 a SDict begin 13.31 H.A end 1248 1569 a 1248 1569 a SDict begin [ /View [/XYZ H.V] /Dest (1.4.18.2) cvn H.B /DEST pdfmark end 1248 1569 a 197 1640 a SDict begin H.S end 197 1640 a 197 1640 a SDict begin 11 H.A end 197 1640 a 197 1640 a SDict begin [ /View [/XYZ H.V] /Dest (299) cvn H.B /DEST pdfmark end 197 1640 a 596 1711 a Fl(The)20 b(most)h(sought-after)f(account) h(on)g(your)f(machine)h(is)g(the)f(r)o(oot)h(\(super)o(user\))e (account.)h(This)596 1802 y(account)32 b(has)h(authority)g(over)g(the)g (entir)o(e)f(machine,)h(which)h(may)f(also)g(include)f(authority)596 1894 y(over)26 b(other)i(machines)f(on)h(the)f(network.)h(Remember)f (that)g(you)h(should)g(only)g(use)f(the)g(r)o(oot)596 1985 y(account)c(for)g(very)g(short,)g(speci\002c)g(tasks,)g(and)g (should)h(mostly)h(r)o(un)e(as)g(a)g(normal)h(user)-6 b(.)22 b(Even)596 2076 y(small)k(mistakes)g(made)g(while)g(logged)h(in) f(as)g(the)g(r)o(oot)g(user)g(can)g(cause)f(pr)o(oblems.)h(The)g(less) 596 2168 y(time)21 b(you)g(ar)o(e)e(on)j(with)f(r)o(oot)g(privileges,)f (the)h(safer)f(you)h(will)h(be.)197 2233 y SDict begin H.S end 197 2233 a 197 2233 a SDict begin 11 H.A end 197 2233 a 197 2233 a SDict begin [ /View [/XYZ H.V] /Dest (300) cvn H.B /DEST pdfmark end 197 2233 a 596 2300 a Fl(Several)d(tricks)i(to)g(avoid)f(messing)i(up)f(your)g(own)h(box)e (as)h(r)o(oot:)2716 2300 y SDict begin H.S end 2716 2300 a 2716 2300 a SDict begin 11 H.A end 2716 2300 a 2716 2300 a SDict begin [ /View [/XYZ H.V] /Dest (301) cvn H.B /DEST pdfmark end 2716 2300 a 197 2365 a SDict begin H.S end 197 2365 a 197 2365 a SDict begin 11 H.A end 197 2365 a 197 2365 a SDict begin [ /View [/XYZ H.V] /Dest (302) cvn H.B /DEST pdfmark end 197 2365 a Black 596 2516 a Fg(\225)p Black 679 2516 a SDict begin H.S end 679 2516 a 679 2516 a SDict begin 11 H.A end 679 2516 a 679 2516 a SDict begin [ /View [/XYZ H.V] /Dest (303) cvn H.B /DEST pdfmark end 679 2516 a Fl(When)35 b(doing)g(some)g(complex) g(command,)g(try)g(r)o(unning)h(it)f(\002rst)g(in)g(a)g(non-destr)o (uctive)679 2608 y(way)-9 b(...especially)21 b(commands)i(that)g(use)f (globing:)i(e.g.,)e(if)g(you)h(want)g(to)g(do)3170 2608 y SDict begin H.S end 3170 2608 a 3170 2608 a SDict begin 11 H.A end 3170 2608 a 3170 2608 a SDict begin [ /View [/XYZ H.V] /Dest (304) cvn H.B /DEST pdfmark end 3170 2608 a Fh(rm)45 b(foo*.bak)p Fl(,)679 2699 y(\002rst)18 b(do)956 2699 y SDict begin H.S end 956 2699 a 956 2699 a SDict begin 11 H.A end 956 2699 a 956 2699 a SDict begin [ /View [/XYZ H.V] /Dest (305) cvn H.B /DEST pdfmark end 956 2699 a Fh(ls)45 b(foo*.bak)17 b Fl(and)h(make)g(sur)o(e)f (you)i(ar)o(e)e(going)i(to)g(delete)e(the)i(\002les)f(you)h(think)g (you)679 2790 y(ar)o(e.)g(Using)1072 2790 y SDict begin H.S end 1072 2790 a 1072 2790 a SDict begin 11 H.A end 1072 2790 a 1072 2790 a SDict begin [ /View [/XYZ H.V] /Dest (306) cvn H.B /DEST pdfmark end 1072 2790 a Fh(echo)h Fl(in)h(place)f(of)h(destr)o(uctive)f(commands)i(also)f(sometimes)g (works.)197 2814 y SDict begin H.S end 197 2814 a 197 2814 a SDict begin 11 H.A end 197 2814 a 197 2814 a SDict begin [ /View [/XYZ H.V] /Dest (307) cvn H.B /DEST pdfmark end 197 2814 a Black 596 2923 a Fg(\225)p Black 679 2923 a SDict begin H.S end 679 2923 a 679 2923 a SDict begin 11 H.A end 679 2923 a 679 2923 a SDict begin [ /View [/XYZ H.V] /Dest (308) cvn H.B /DEST pdfmark end 679 2923 a Fl(Pr)o(ovide)f(your)h(users)g(with)g(a)f(default)g(alias)h(to)g (the)2347 2923 y SDict begin H.S end 2347 2923 a 2347 2923 a SDict begin 11 H.A end 2347 2923 a 2347 2923 a SDict begin [ /View [/XYZ H.V] /Dest (309) cvn H.B /DEST pdfmark end 2347 2923 a Fh(rm)f Fl(command)h(to)g(ask)g(for)g (con\002rmation)679 3014 y(for)f(deletion)h(of)g(\002les.)197 3016 y SDict begin H.S end 197 3016 a 197 3016 a SDict begin 11 H.A end 197 3016 a 197 3016 a SDict begin [ /View [/XYZ H.V] /Dest (310) cvn H.B /DEST pdfmark end 197 3016 a Black 596 3147 a Fg(\225)p Black 679 3147 a SDict begin H.S end 679 3147 a 679 3147 a SDict begin 11 H.A end 679 3147 a 679 3147 a SDict begin [ /View [/XYZ H.V] /Dest (311) cvn H.B /DEST pdfmark end 679 3147 a Fl(Only)26 b(become)g(r)o(oot)g(to)h(do)f(single)h(speci\002c)f(tasks.)g(If)f(you) i(\002nd)f(yourself)g(trying)h(to)f(\002gur)o(e)679 3239 y(out)g(how)h(to)f(do)h(something,)g(go)g(back)e(to)i(a)e(normal)i (user)e(shell)i(until)g(you)g(ar)o(e)3330 3239 y SDict begin H.S end 3330 3239 a 3330 3239 a SDict begin 11 H.A end 3330 3239 a 3330 3239 a SDict begin [ /View [/XYZ H.V] /Dest (312) cvn H.B /DEST pdfmark end 3330 3239 a Fj(sur)o(e)g Fl(what)679 3330 y(needs)20 b(to)h(be)g(done)g(by)f(r)o (oot.)197 3353 y SDict begin H.S end 197 3353 a 197 3353 a SDict begin 11 H.A end 197 3353 a 197 3353 a SDict begin [ /View [/XYZ H.V] /Dest (313) cvn H.B /DEST pdfmark end 197 3353 a Black 596 3463 a Fg(\225)p Black 679 3463 a SDict begin H.S end 679 3463 a 679 3463 a SDict begin 11 H.A end 679 3463 a 679 3463 a SDict begin [ /View [/XYZ H.V] /Dest (314) cvn H.B /DEST pdfmark end 679 3463 a Fl(The)e(command)h(path)f(for)h(the)g(r)o(oot)f(user)h(is)g (very)f(important.)h(The)f(command)h(path)g(\(that)f(is,)679 3554 y(the)812 3554 y SDict begin H.S end 812 3554 a 812 3554 a SDict begin 11 H.A end 812 3554 a 812 3554 a SDict begin [ /View [/XYZ H.V] /Dest (315) cvn H.B /DEST pdfmark end 812 3554 a Fh(PATH)h Fl(envir)o(onment)g(variable\))e (speci\002es)i(the)g(dir)o(ectories)f(in)h(which)h(the)f(shell)g(sear)o (ches)679 3645 y(for)g(pr)o(ograms.)g(T)-7 b(ry)19 b(to)h(limit)g(the)g (command)g(path)f(for)h(the)g(r)o(oot)f(user)h(as)f(much)h(as)g (possible,)679 3737 y(and)837 3737 y SDict begin H.S end 837 3737 a 837 3737 a SDict begin 11 H.A end 837 3737 a 837 3737 a SDict begin [ /View [/XYZ H.V] /Dest (316) cvn H.B /DEST pdfmark end 837 3737 a Fj(never)e Fl(include)1331 3737 y SDict begin H.S end 1331 3737 a 1331 3737 a SDict begin 11 H.A end 1331 3737 a 1331 3737 a SDict begin [ /View [/XYZ H.V] /Dest (317) cvn H.B /DEST pdfmark end 1331 3737 a Fh(.)f Fl(\(which)i(means)f("the)f(curr)o(ent)g(dir)o (ectory"\))g(in)h(your)g(P)-8 b(A)i(TH.)17 b(Addition-)679 3828 y(ally)-9 b(,)18 b(never)g(have)g(writable)h(dir)o(ectories)f(in)h (your)g(sear)o(ch)f(path,)g(as)h(this)g(can)g(allow)g(attackers)679 3919 y(to)k(modify)f(or)h(place)f(new)h(binaries)f(in)h(your)g(sear)o (ch)f(path,)g(allowing)i(them)f(to)g(r)o(un)g(as)f(r)o(oot)679 4011 y(the)e(next)h(time)g(you)h(r)o(un)f(that)g(command.)197 4034 y SDict begin H.S end 197 4034 a 197 4034 a SDict begin 11 H.A end 197 4034 a 197 4034 a SDict begin [ /View [/XYZ H.V] /Dest (318) cvn H.B /DEST pdfmark end 197 4034 a Black 596 4144 a Fg(\225)p Black 679 4144 a SDict begin H.S end 679 4144 a 679 4144 a SDict begin 11 H.A end 679 4144 a 679 4144 a SDict begin [ /View [/XYZ H.V] /Dest (319) cvn H.B /DEST pdfmark end 679 4144 a Fl(Never)26 b(use)i(the)f(rlogin/rsh/r)o(exec)h(suite)f(of)h(tools)g(\(called)e (the)i(r)o(-utilities\))f(as)g(r)o(oot.)g(They)679 4235 y(ar)o(e)h(subject)i(to)g(many)g(sorts)g(of)g(attacks,)e(and)i(ar)o(e)e (downright)j(danger)o(ous)e(when)h(r)o(un)g(as)679 4326 y(r)o(oot.)20 b(Never)g(cr)o(eate)f(a)1417 4326 y SDict begin H.S end 1417 4326 a 1417 4326 a SDict begin 11 H.A end 1417 4326 a 1417 4326 a SDict begin [ /View [/XYZ H.V] /Dest (320) cvn H.B /DEST pdfmark end 1417 4326 a Fh(.rhosts)h Fl(\002le)h(for)f(r)o(oot.)197 4328 y SDict begin H.S end 197 4328 a 197 4328 a SDict begin 11 H.A end 197 4328 a 197 4328 a SDict begin [ /View [/XYZ H.V] /Dest (321) cvn H.B /DEST pdfmark end 197 4328 a Black 596 4459 a Fg(\225)p Black 679 4459 a SDict begin H.S end 679 4459 a 679 4459 a SDict begin 11 H.A end 679 4459 a 679 4459 a SDict begin [ /View [/XYZ H.V] /Dest (322) cvn H.B /DEST pdfmark end 679 4459 a Fl(The)844 4459 y SDict begin H.S end 844 4459 a 844 4459 a SDict begin 11 H.A end 844 4459 a 844 4459 a SDict begin [ /View [/XYZ H.V] /Dest (323) cvn H.B /DEST pdfmark end 844 4459 a Fh(/etc/securetty)k Fl(\002le)j(contains)g(a)f(list)h(of)f (terminals)h(that)f(r)o(oot)h(can)f(login)h(fr)o(om.)f(By)679 4550 y(default)36 b(\(on)i(Red)f(Hat)h(Linux\))f(this)h(is)g(set)g(to)f (only)i(the)f(local)f(virtual)g(consoles\(vtys\).)679 4642 y(Be)d(very)g(wary)g(of)h(adding)f(anything)i(else)e(to)h(this)h (\002le.)e(Y)-8 b(ou)36 b(should)f(be)g(able)f(to)h(login)679 4733 y(r)o(emotely)23 b(as)h(your)g(r)o(egular)e(user)i(account)f(and)h (then)2460 4733 y SDict begin H.S end 2460 4733 a 2460 4733 a SDict begin 11 H.A end 2460 4733 a 2460 4733 a SDict begin [ /View [/XYZ H.V] /Dest (324) cvn H.B /DEST pdfmark end 2460 4733 a Fh(su)f Fl(if)h(you)g(need)f(to)h(\(hopefully)g (over)p 0 TeXcolorgray 679 4824 a SDict begin H.S end 679 4824 a Fl(the)c(Section)h(called) f Fc(ssh)g Fj(\(Secur)o(e)h(Shell\))g(and)f Fc(stelnet)2438 4824 y SDict begin 11 H.L end 2438 4824 a 2438 4824 a SDict begin [ /Subtype /Link /Dest (ssh) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 2438 4824 a Black 37 w Fl(or)37 b(other)h(encrypted)f(channel\),)g(so)679 4916 y(ther)o(e)20 b(is)h(no)g(need)f(to)i(be)e(able)g(to)h(login)h(dir)o (ectly)e(as)g(r)o(oot.)197 4939 y SDict begin H.S end 197 4939 a 197 4939 a SDict begin 11 H.A end 197 4939 a 197 4939 a SDict begin [ /View [/XYZ H.V] /Dest (326) cvn H.B /DEST pdfmark end 197 4939 a Black 596 5048 a Fg(\225)p Black 679 5048 a SDict begin H.S end 679 5048 a 679 5048 a SDict begin 11 H.A end 679 5048 a 679 5048 a SDict begin [ /View [/XYZ H.V] /Dest (327) cvn H.B /DEST pdfmark end 679 5048 a Fl(Always)25 b(be)h(slow)h(and)e(deliberate)g(r)o (unning)i(as)f(r)o(oot.)g(Y)-8 b(our)27 b(actions)f(could)g(af)o(fect)e (a)h(lot)i(of)679 5140 y(things.)21 b(Think)h(befor)o(e)d(you)j(type!)p Black 197 5585 a Fj(12)p Black eop end %%Page: 13 13 TeXDict begin 13 12 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.13) cvn H.B /DEST pdfmark end 197 -102 a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 197 6 a SDict begin H.S end 197 6 a 197 6 a SDict begin 11 H.A end 197 6 a 197 6 a SDict begin [ /View [/XYZ H.V] /Dest (328) cvn H.B /DEST pdfmark end 197 6 a 596 89 a Fl(If)h(you)i(absolutely)g(positively)g(need)f(to)g(allow)h (someone)g(\(hopefully)g(very)f(tr)o(usted\))g(to)g(have)596 180 y(r)o(oot)e(access)g(to)h(your)f(machine,)h(ther)o(e)e(ar)o(e)g(a)h (few)g(tools)i(that)e(can)g(help.)2935 180 y SDict begin H.S end 2935 180 a 2935 180 a SDict begin 11 H.A end 2935 180 a 2935 180 a SDict begin [ /View [/XYZ H.V] /Dest (329) cvn H.B /DEST pdfmark end 2935 180 a Fh(sudo)g Fl(allows)h(users)g(to)596 272 y(use)17 b(their)g(passwor)o(d)g(to)h (access)f(a)f(limited)i(set)f(of)h(commands)g(as)f(r)o(oot.)g(This)h (would)g(allow)f(you)596 363 y(to,)j(for)f(instance,)h(let)g(a)g(user)f (be)h(able)f(to)h(eject)g(and)g(mount)h(r)o(emovable)e(media)g(on)i (your)f(Linux)596 454 y(box,)29 b(but)h(have)f(no)i(other)f(r)o(oot)f (privileges.)2078 454 y SDict begin H.S end 2078 454 a 2078 454 a SDict begin 11 H.A end 2078 454 a 2078 454 a SDict begin [ /View [/XYZ H.V] /Dest (330) cvn H.B /DEST pdfmark end 2078 454 a Fh(sudo)g Fl(also)h(keeps)g(a)f(log)h(of)g(all) g(successful)f(and)596 546 y(unsuccessful)24 b(sudo)h(attempts,)f (allowing)h(you)g(to)f(track)g(down)h(who)g(used)f(what)h(command)596 637 y(to)18 b(do)g(what.)g(For)h(this)g(r)o(eason)1580 637 y SDict begin H.S end 1580 637 a 1580 637 a SDict begin 11 H.A end 1580 637 a 1580 637 a SDict begin [ /View [/XYZ H.V] /Dest (331) cvn H.B /DEST pdfmark end 1580 637 a Fh(sudo)f Fl(works)h(well)f(even)g(in)h(places)e(wher)o(e)h(a)g (number)g(of)g(people)596 728 y(have)i(r)o(oot)h(access,)e(because)h (it)h(helps)g(you)h(keep)e(track)g(of)h(changes)g(made.)197 793 y SDict begin H.S end 197 793 a 197 793 a SDict begin 11 H.A end 197 793 a 197 793 a SDict begin [ /View [/XYZ H.V] /Dest (332) cvn H.B /DEST pdfmark end 197 793 a 596 861 a Fl(Although)969 861 y SDict begin H.S end 969 861 a 969 861 a SDict begin 11 H.A end 969 861 a 969 861 a SDict begin [ /View [/XYZ H.V] /Dest (333) cvn H.B /DEST pdfmark end 969 861 a Fh(sudo)d Fl(can)h(be)g(used)h(to)f(give) h(speci\002c)f(users)g(speci\002c)g(privileges)h(for)f(speci\002c)g (tasks,)596 953 y(it)25 b(does)h(have)f(several)g(shortcomings.)j(It)d (should)i(be)e(used)g(only)i(for)f(a)f(limited)h(set)f(of)h(tasks,)596 1044 y(like)d(r)o(estarting)f(a)g(server)-6 b(,)22 b(or)h(adding)f(new) i(users.)e(Any)h(pr)o(ogram)f(that)h(of)o(fers)f(a)g(shell)i(escape)596 1135 y(will)k(give)g(r)o(oot)g(access)g(to)g(a)g(user)f(invoking)j(it)e (via)2314 1135 y SDict begin H.S end 2314 1135 a 2314 1135 a SDict begin 11 H.A end 2314 1135 a 2314 1135 a SDict begin [ /View [/XYZ H.V] /Dest (334) cvn H.B /DEST pdfmark end 2314 1135 a Fh(sudo)p Fl(.)f(This)h(includes)g(most)h (editors,)f(for)596 1226 y(example.)23 b(Also,)i(a)f(pr)o(ogram)g(as)g (innocuous)j(as)2189 1226 y SDict begin H.S end 2189 1226 a 2189 1226 a SDict begin 11 H.A end 2189 1226 a 2189 1226 a SDict begin [ /View [/XYZ H.V] /Dest (335) cvn H.B /DEST pdfmark end 2189 1226 a Fh(/bin/cat)c Fl(can)i(be)f(used)g(to)h (overwrite)g(\002les,)596 1318 y(which)c(could)g(allow)h(r)o(oot)e(to)i (be)e(exploited.)h(Consider)2408 1318 y SDict begin H.S end 2408 1318 a 2408 1318 a SDict begin 11 H.A end 2408 1318 a 2408 1318 a SDict begin [ /View [/XYZ H.V] /Dest (336) cvn H.B /DEST pdfmark end 2408 1318 a Fh(sudo)f Fl(as)g(a)h(means)g(for)f(accountability)-9 b(,)596 1409 y(and)20 b(don't)h(expect)f(it)h(to)g(r)o(eplace)e(the)i(r)o(oot)g (user)f(and)h(still)g(be)g(secur)o(e.)197 1557 y SDict begin H.S end 197 1557 a 197 1557 a SDict begin 11 H.A end 197 1557 a 197 1557 a SDict begin [ /View [/XYZ H.V] /Dest (file-security) cvn H.B /DEST pdfmark end 197 1557 a 264 x Fn(Files)31 b(and)f(File)g(system)i(Security)1775 1821 y SDict begin H.S end 1775 1821 a 1775 1821 a SDict begin 14.641 H.A end 1775 1821 a 1775 1821 a SDict begin [ /View [/XYZ H.V] /Dest (1.5.1) cvn H.B /DEST pdfmark end 1775 1821 a 197 1899 a SDict begin H.S end 197 1899 a 197 1899 a SDict begin 11 H.A end 197 1899 a 197 1899 a SDict begin [ /View [/XYZ H.V] /Dest (339) cvn H.B /DEST pdfmark end 197 1899 a 596 1968 a Fl(A)24 b(few)h(minutes)h(of)f(pr)o (eparation)f(and)g(planning)i(ahead)e(befor)o(e)g(putting)i(your)g (systems)g(on-)596 2059 y(line)21 b(can)f(help)h(to)g(pr)o(otect)f (them)h(and)g(the)g(data)e(stor)o(ed)h(on)i(them.)2757 2059 y SDict begin H.S end 2757 2059 a 2757 2059 a SDict begin 11 H.A end 2757 2059 a 2757 2059 a SDict begin [ /View [/XYZ H.V] /Dest (340) cvn H.B /DEST pdfmark end 2757 2059 a 197 2138 a SDict begin H.S end 197 2138 a 197 2138 a SDict begin 11 H.A end 197 2138 a 197 2138 a SDict begin [ /View [/XYZ H.V] /Dest (341) cvn H.B /DEST pdfmark end 197 2138 a Black 596 2316 a Fg(\225)p Black 679 2316 a SDict begin H.S end 679 2316 a 679 2316 a SDict begin 11 H.A end 679 2316 a 679 2316 a SDict begin [ /View [/XYZ H.V] /Dest (342) cvn H.B /DEST pdfmark end 679 2316 a Fl(Ther)o(e)j(should)j(never)f(be)f(a)h(r)o(eason)f(for)h (users')g(home)g(dir)o(ectories)f(to)i(allow)f(SUID/SGID)679 2408 y(pr)o(ograms)17 b(to)h(be)f(r)o(un)i(fr)o(om)e(ther)o(e.)g(Use)g (the)2104 2408 y SDict begin H.S end 2104 2408 a 2104 2408 a SDict begin 11 H.A end 2104 2408 a 2104 2408 a SDict begin [ /View [/XYZ H.V] /Dest (343) cvn H.B /DEST pdfmark end 2104 2408 a Fh(nosuid)g Fl(option)i(in)2739 2408 y SDict begin H.S end 2739 2408 a 2739 2408 a SDict begin 11 H.A end 2739 2408 a 2739 2408 a SDict begin [ /View [/XYZ H.V] /Dest (344) cvn H.B /DEST pdfmark end 2739 2408 a Fh(/etc/fstab)d Fl(for)h(partitions)679 2499 y(that)22 b(ar)o(e)e(writable)i(by)g(others)g(than)h(r)o(oot.)e(Y) -8 b(ou)24 b(may)e(also)g(wish)h(to)f(use)3006 2499 y SDict begin H.S end 3006 2499 a 3006 2499 a SDict begin 11 H.A end 3006 2499 a 3006 2499 a SDict begin [ /View [/XYZ H.V] /Dest (345) cvn H.B /DEST pdfmark end 3006 2499 a Fh(nodev)f Fl(and)3415 2499 y SDict begin H.S end 3415 2499 a 3415 2499 a SDict begin 11 H.A end 3415 2499 a 3415 2499 a SDict begin [ /View [/XYZ H.V] /Dest (346) cvn H.B /DEST pdfmark end 3415 2499 a Fh(noexec)679 2590 y Fl(on)e(users')f(home)i(partitions,)f(as)f(well)h(as)2012 2590 y SDict begin H.S end 2012 2590 a 2012 2590 a SDict begin 11 H.A end 2012 2590 a 2012 2590 a SDict begin [ /View [/XYZ H.V] /Dest (347) cvn H.B /DEST pdfmark end 2012 2590 a Fh(/var)p Fl(,)f(thus)h(pr)o(ohibiting)g(execution)g(of)g (pr)o(ograms,)679 2682 y(and)24 b(cr)o(eation)g(of)g(character)g(or)g (block)i(devices,)d(which)j(should)f(never)g(be)f(necessary)g(any-)679 2773 y(way)-9 b(.)197 2796 y SDict begin H.S end 197 2796 a 197 2796 a SDict begin 11 H.A end 197 2796 a 197 2796 a SDict begin [ /View [/XYZ H.V] /Dest (348) cvn H.B /DEST pdfmark end 197 2796 a Black 596 2906 a Fg(\225)p Black 679 2906 a SDict begin H.S end 679 2906 a 679 2906 a SDict begin 11 H.A end 679 2906 a 679 2906 a SDict begin [ /View [/XYZ H.V] /Dest (349) cvn H.B /DEST pdfmark end 679 2906 a Fl(If)28 b(you)i(ar)o(e)e(exporting)i(\002le-systems) g(using)g(NFS,)f(be)f(sur)o(e)h(to)h(con\002gur)o(e)3146 2906 y SDict begin H.S end 3146 2906 a 3146 2906 a SDict begin 11 H.A end 3146 2906 a 3146 2906 a SDict begin [ /View [/XYZ H.V] /Dest (350) cvn H.B /DEST pdfmark end 3146 2906 a Fh(/etc/exports)679 2997 y Fl(with)24 b(the)g(most)h(r)o (estrictive)e(access)g(possible.)h(This)h(means)f(not)g(using)h(wild)f (car)o(ds,)e(not)j(al-)679 3088 y(lowing)d(r)o(oot)e(write)h(access,)f (and)g(exporting)i(r)o(ead-only)d(wher)o(ever)h(possible.)197 3112 y SDict begin H.S end 197 3112 a 197 3112 a SDict begin 11 H.A end 197 3112 a 197 3112 a SDict begin [ /View [/XYZ H.V] /Dest (351) cvn H.B /DEST pdfmark end 197 3112 a Black 596 3221 a Fg(\225)p Black 679 3221 a SDict begin H.S end 679 3221 a 679 3221 a SDict begin 11 H.A end 679 3221 a 679 3221 a SDict begin [ /View [/XYZ H.V] /Dest (352) cvn H.B /DEST pdfmark end 679 3221 a Fl(Con\002gur)o(e)42 b(your)g(users')h(\002le-cr)o(eation)2044 3221 y SDict begin H.S end 2044 3221 a 2044 3221 a SDict begin 11 H.A end 2044 3221 a 2044 3221 a SDict begin [ /View [/XYZ H.V] /Dest (353) cvn H.B /DEST pdfmark end 2044 3221 a Fh(umask)e Fl(to)i(be)f(as)g(r)o(estrictive)f(as)h(possible.)h(See)p 0 TeXcolorgray 679 3313 a SDict begin H.S end 679 3313 a Fl(the)20 b(Section)h(called)f Fj(Umask)g(Settings)1871 3313 y SDict begin 11 H.L end 1871 3313 a 1871 3313 a SDict begin [ /Subtype /Link /Dest (umask) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 1871 3313 a Black Fl(.)197 3335 y SDict begin H.S end 197 3335 a 197 3335 a SDict begin 11 H.A end 197 3335 a 197 3335 a SDict begin [ /View [/XYZ H.V] /Dest (355) cvn H.B /DEST pdfmark end 197 3335 a Black 596 3445 a Fg(\225)p Black 679 3445 a SDict begin H.S end 679 3445 a 679 3445 a SDict begin 11 H.A end 679 3445 a 679 3445 a SDict begin [ /View [/XYZ H.V] /Dest (356) cvn H.B /DEST pdfmark end 679 3445 a Fl(If)h(you)i(ar)o(e)e(mounting)j(\002le)e(systems)h (using)g(a)f(network)h(\002le)f(system)h(such)g(as)f(NFS,)g(be)g(sur)o (e)679 3537 y(to)j(con\002gur)o(e)h(/etc/exports)f(with)i(suitable)e(r) o(estrictions.)g(T)-7 b(ypically)e(,)25 b(using)h(`nodev',)g(`no-)679 3628 y(suid',)20 b(and)h(per)o(haps)e(`noexec',)i(ar)o(e)e(desirable.) 197 3651 y SDict begin H.S end 197 3651 a 197 3651 a SDict begin 11 H.A end 197 3651 a 197 3651 a SDict begin [ /View [/XYZ H.V] /Dest (357) cvn H.B /DEST pdfmark end 197 3651 a Black 596 3761 a Fg(\225)p Black 679 3761 a SDict begin H.S end 679 3761 a 679 3761 a SDict begin 11 H.A end 679 3761 a 679 3761 a SDict begin [ /View [/XYZ H.V] /Dest (358) cvn H.B /DEST pdfmark end 679 3761 a Fl(Set)47 b(\002le)h(system)g(limits)h(instead)f(of)f(allowing)2365 3761 y SDict begin H.S end 2365 3761 a 2365 3761 a SDict begin 11 H.A end 2365 3761 a 2365 3761 a SDict begin [ /View [/XYZ H.V] /Dest (359) cvn H.B /DEST pdfmark end 2365 3761 a Fh(unlimited)g Fl(as)g(is)h(the)g(default.)f(Y)-8 b(ou)679 3852 y(can)51 b(contr)o(ol)h(the)g(per)o(-user)e(limits)j (using)f(the)g(r)o(esour)o(ce-limits)f(P)-8 b(AM)51 b(module)h(and)679 3943 y SDict begin H.S end 679 3943 a 679 3943 a SDict begin 11 H.A end 679 3943 a 679 3943 a SDict begin [ /View [/XYZ H.V] /Dest (360) cvn H.B /DEST pdfmark end 679 3943 a Fh(/etc/pam.d/limits.conf)p Fl(.)25 b(For)30 b(example,)f (limits)i(for)e(gr)o(oup)2857 3943 y SDict begin H.S end 2857 3943 a 2857 3943 a SDict begin 11 H.A end 2857 3943 a 2857 3943 a SDict begin [ /View [/XYZ H.V] /Dest (361) cvn H.B /DEST pdfmark end 2857 3943 a Fh(users)f Fl(might)j(look)g(like)679 4035 y(this:)197 4078 y SDict begin H.S end 197 4078 a 197 4078 a SDict begin 11 H.A end 197 4078 a 197 4078 a SDict begin [ /View [/XYZ H.V] /Dest (362) cvn H.B /DEST pdfmark end 197 4078 a 197 4120 a SDict begin H.S end 197 4120 a 197 4120 a SDict begin 9.9 H.A end 197 4120 a 197 4120 a SDict begin [ /View [/XYZ H.V] /Dest (363) cvn H.B /DEST pdfmark end 197 4120 a 768 4200 a Fh(@users)223 b(hard)89 b(core)179 b(0)768 4282 y(@users)223 b(hard)89 b(nproc)134 b(50)768 4364 y(@users)223 b(hard)89 b(rss)224 b(5000)197 4539 y SDict begin H.S end 197 4539 a 197 4539 a SDict begin 11 H.A end 197 4539 a 197 4539 a SDict begin [ /View [/XYZ H.V] /Dest (364) cvn H.B /DEST pdfmark end 197 4539 a 679 4630 a Fl(This)26 b(says)g(to)g(pr)o(ohibit)g(the)g(cr)o(eation)f (of)h(cor)o(e)f(\002les,)h(r)o(estrict)f(the)h(number)f(of)h(pr)o (ocesses)g(to)679 4721 y(50,)19 b(and)h(r)o(estrict)g(memory)i(usage)e (per)g(user)h(to)g(5M.)197 4786 y SDict begin H.S end 197 4786 a 197 4786 a SDict begin 11 H.A end 197 4786 a 197 4786 a SDict begin [ /View [/XYZ H.V] /Dest (365) cvn H.B /DEST pdfmark end 197 4786 a 679 4854 a Fl(Y)-8 b(ou)21 b(can)g(also)g(use)g(the)g(/etc/login.defs)g(con\002guration)h (\002le)f(to)g(set)g(the)f(same)h(limits.)637 4987 y SDict begin H.S end 637 4987 a 637 4987 a SDict begin 11 H.A end 637 4987 a 637 4987 a SDict begin [ /View [/XYZ H.V] /Dest (366) cvn H.B /DEST pdfmark end 637 4987 a Black 596 5120 a Fg(\225)p Black 679 5120 a SDict begin H.S end 679 5120 a 679 5120 a SDict begin 11 H.A end 679 5120 a 679 5120 a SDict begin [ /View [/XYZ H.V] /Dest (367) cvn H.B /DEST pdfmark end 679 5120 a Fl(The)834 5120 y SDict begin H.S end 834 5120 a 834 5120 a SDict begin 11 H.A end 834 5120 a 834 5120 a SDict begin [ /View [/XYZ H.V] /Dest (368) cvn H.B /DEST pdfmark end 834 5120 a Fh(/var/log/wtmp)14 b Fl(and)1589 5120 y SDict begin H.S end 1589 5120 a 1589 5120 a SDict begin 11 H.A end 1589 5120 a 1589 5120 a SDict begin [ /View [/XYZ H.V] /Dest (369) cvn H.B /DEST pdfmark end 1589 5120 a Fh(/var/run/utmp)g Fl(\002les)i(contain)h(the)f(login)i(r)o(ecor)o (ds)c(for)i(all)g(users)679 5211 y(on)27 b(your)g(system.)g(Their)g (integrity)g(must)g(be)g(maintained)f(because)g(they)h(can)g(be)f(used) h(to)679 5303 y(determine)g(when)i(and)f(fr)o(om)f(wher)o(e)h(a)f(user) h(\(or)g(potential)g(intr)o(uder\))g(has)g(enter)o(ed)f(your)679 5394 y(system.)32 b(These)f(\002les)h(should)g(also)g(have)2085 5394 y SDict begin H.S end 2085 5394 a 2085 5394 a SDict begin 11 H.A end 2085 5394 a 2085 5394 a SDict begin [ /View [/XYZ H.V] /Dest (370) cvn H.B /DEST pdfmark end 2085 5394 a Fh(644)f Fl(permissions,)i(without)f(af)o(fecting)f (normal)679 5485 y(system)21 b(operation.)197 5509 y SDict begin H.S end 197 5509 a 197 5509 a SDict begin 11 H.A end 197 5509 a 197 5509 a SDict begin [ /View [/XYZ H.V] /Dest (371) cvn H.B /DEST pdfmark end 197 5509 a Black 3601 5585 a Fj(13)p Black eop end %%Page: 14 14 TeXDict begin 14 13 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.14) cvn H.B /DEST pdfmark end 197 -102 a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black Black 596 89 a Fg(\225)p Black 679 89 a SDict begin H.S end 679 89 a 679 89 a SDict begin 11 H.A end 679 89 a 679 89 a SDict begin [ /View [/XYZ H.V] /Dest (372) cvn H.B /DEST pdfmark end 679 89 a Fl(The)27 b(immutable)h(bit)f(can)g(be) g(used)g(to)h(pr)o(event)f(accidentally)f(deleting)i(or)f(overwriting)h (a)679 180 y(\002le)d(that)h(must)g(be)g(pr)o(otected.)e(It)i(also)g (pr)o(events)e(someone)j(fr)o(om)e(cr)o(eating)g(a)h(har)o(d)e(link)j (to)679 272 y(the)20 b(\002le.)h(See)f(the)1250 272 y SDict begin H.S end 1250 272 a 1250 272 a SDict begin 11 H.A end 1250 272 a 1250 272 a SDict begin [ /View [/XYZ H.V] /Dest (373) cvn H.B /DEST pdfmark end 1250 272 a Fh(chattr)p Fl(\(1\))e(man)j(page)f(for)h(information)h(on)f(the)g (immutable)g(bit.)197 295 y SDict begin H.S end 197 295 a 197 295 a SDict begin 11 H.A end 197 295 a 197 295 a SDict begin [ /View [/XYZ H.V] /Dest (374) cvn H.B /DEST pdfmark end 197 295 a Black 596 405 a Fg(\225)p Black 679 405 a SDict begin H.S end 679 405 a 679 405 a SDict begin 11 H.A end 679 405 a 679 405 a SDict begin [ /View [/XYZ H.V] /Dest (375) cvn H.B /DEST pdfmark end 679 405 a Fl(SUID)26 b(and)h(SGID)g(\002les)g(on)h(your)f(system)h(ar)o(e)e (a)g(potential)i(security)f(risk,)g(and)f(should)i(be)679 496 y(monitor)o(ed)18 b(closely)-9 b(.)18 b(Because)f(these)h(pr)o (ograms)g(grant)g(special)f(privileges)h(to)h(the)f(user)g(who)679 587 y(is)f(executing)g(them,)h(it)g(is)f(necessary)g(to)h(ensur)o(e)e (that)i(insecur)o(e)e(pr)o(ograms)h(ar)o(e)f(not)i(installed.)679 679 y(A)28 b(favorite)g(trick)i(of)f(crackers)f(is)h(to)g(exploit)h (SUID-r)o(oot)e(pr)o(ograms,)g(then)i(leave)e(a)h(SUID)679 770 y(pr)o(ogram)18 b(as)i(a)f(back)g(door)h(to)g(get)f(in)h(the)g (next)g(time,)f(even)h(if)f(the)h(original)g(hole)g(is)g(plugged.)197 835 y SDict begin H.S end 197 835 a 197 835 a SDict begin 11 H.A end 197 835 a 197 835 a SDict begin [ /View [/XYZ H.V] /Dest (376) cvn H.B /DEST pdfmark end 197 835 a 679 903 a Fl(Find)26 b(all)g(SUID/SGID)g(pr)o(ograms)g(on)h(your)g (system,)f(and)g(keep)g(track)f(of)i(what)f(they)h(ar)o(e,)679 994 y(so)20 b(you)g(ar)o(e)e(awar)o(e)f(of)j(any)f(changes)h(which)g (could)g(indicate)f(a)g(potential)h(intr)o(uder)-6 b(.)19 b(Use)g(the)679 1085 y(following)j(command)f(to)g(\002nd)g(all)g (SUID/SGID)f(pr)o(ograms)h(on)g(your)g(system:)197 1150 y SDict begin H.S end 197 1150 a 197 1150 a SDict begin 11 H.A end 197 1150 a 197 1150 a SDict begin [ /View [/XYZ H.V] /Dest (377) cvn H.B /DEST pdfmark end 197 1150 a 197 1192 a SDict begin H.S end 197 1192 a 197 1192 a SDict begin 9.9 H.A end 197 1192 a 197 1192 a SDict begin [ /View [/XYZ H.V] /Dest (378) cvn H.B /DEST pdfmark end 197 1192 a 1396 1251 a Fh(root#)89 b(find)44 b(/)g(-type)g(f)h(\\\()g (-perm)f(-04000)f(-o)i(-perm)f(-02000)g(\\\))197 1425 y SDict begin H.S end 197 1425 a 197 1425 a SDict begin 11 H.A end 197 1425 a 197 1425 a SDict begin [ /View [/XYZ H.V] /Dest (379) cvn H.B /DEST pdfmark end 197 1425 a 679 1516 a Fl(The)18 b(Debian)h(distribution)g(r)o(uns)g(a)g(job)g (each)f(night)i(to)f(determine)f(what)h(SUID)f(\002les)h(exist.)f(It) 679 1608 y(then)g(compar)o(es)g(this)h(to)g(the)f(pr)o(evious)g (night's)i(r)o(un.)e(Y)-8 b(ou)20 b(can)e(look)h(in)2967 1608 y SDict begin H.S end 2967 1608 a 2967 1608 a SDict begin 11 H.A end 2967 1608 a 2967 1608 a SDict begin [ /View [/XYZ H.V] /Dest (380) cvn H.B /DEST pdfmark end 2967 1608 a Fh(/var/log/setuid*)679 1699 y Fl(for)h(this)i(log.)197 1764 y SDict begin H.S end 197 1764 a 197 1764 a SDict begin 11 H.A end 197 1764 a 197 1764 a SDict begin [ /View [/XYZ H.V] /Dest (381) cvn H.B /DEST pdfmark end 197 1764 a 679 1832 a Fl(Y)-8 b(ou)35 b(can)f(r)o(emove)g(the)g(SUID)g(or)h (SGID)f(permissions)i(on)f(a)f(suspicious)h(pr)o(ogram)f(with)679 1923 y SDict begin H.S end 679 1923 a 679 1923 a SDict begin 11 H.A end 679 1923 a 679 1923 a SDict begin [ /View [/XYZ H.V] /Dest (382) cvn H.B /DEST pdfmark end 679 1923 a Fh(chmod)p Fl(,)19 b(then)i(r)o(estor)o(e)f(them)h(back)f(if)h (you)g(absolutely)g(feel)f(it)h(is)g(necessary)-9 b(.)637 2056 y SDict begin H.S end 637 2056 a 637 2056 a SDict begin 11 H.A end 637 2056 a 637 2056 a SDict begin [ /View [/XYZ H.V] /Dest (383) cvn H.B /DEST pdfmark end 637 2056 a Black 596 2189 a Fg(\225)p Black 679 2189 a SDict begin H.S end 679 2189 a 679 2189 a SDict begin 11 H.A end 679 2189 a 679 2189 a SDict begin [ /View [/XYZ H.V] /Dest (384) cvn H.B /DEST pdfmark end 679 2189 a Fl(W)h (orld-writable)29 b(\002les,)g(particularly)g(system)h(\002les,)f(can)g (be)h(a)f(security)g(hole)h(if)f(a)g(cracker)679 2280 y(gains)16 b(access)g(to)h(your)g(system)g(and)f(modi\002es)i(them.)e (Additionally)-9 b(,)16 b(world-writable)g(dir)o(ec-)679 2371 y(tories)21 b(ar)o(e)f(danger)o(ous,)g(since)i(they)g(allow)f(a)g (cracker)f(to)i(add)e(or)i(delete)e(\002les)i(as)f(he)g(wishes.)679 2463 y(T)-8 b(o)21 b(locate)f(all)h(world-writable)f(\002les)h(on)h (your)f(system,)g(use)g(the)g(following)h(command:)197 2528 y SDict begin H.S end 197 2528 a 197 2528 a SDict begin 11 H.A end 197 2528 a 197 2528 a SDict begin [ /View [/XYZ H.V] /Dest (385) cvn H.B /DEST pdfmark end 197 2528 a 197 2569 a SDict begin H.S end 197 2569 a 197 2569 a SDict begin 9.9 H.A end 197 2569 a 197 2569 a SDict begin [ /View [/XYZ H.V] /Dest (386) cvn H.B /DEST pdfmark end 197 2569 a 768 2628 a Fh(root#)44 b(find)g(/)h(-perm)f(-2)h(!)f (-type)g(l)h(-ls)679 2761 y Fl(and)20 b(be)h(sur)o(e)g(you)h(know)g (why)g(those)g(\002les)f(ar)o(e)f(writable.)h(In)g(the)h(normal)g (course)f(of)g(opera-)679 2852 y(tion,)g(several)f(\002les)i(will)g(be) e(world-writable,)h(including)h(some)f(fr)o(om)2970 2852 y SDict begin H.S end 2970 2852 a 2970 2852 a SDict begin 11 H.A end 2970 2852 a 2970 2852 a SDict begin [ /View [/XYZ H.V] /Dest (387) cvn H.B /DEST pdfmark end 2970 2852 a Fh(/dev)p Fl(,)f(and)h(symbolic)679 2943 y(links,)e(thus)g(the) 1209 2943 y SDict begin H.S end 1209 2943 a 1209 2943 a SDict begin 11 H.A end 1209 2943 a 1209 2943 a SDict begin [ /View [/XYZ H.V] /Dest (388) cvn H.B /DEST pdfmark end 1209 2943 a Fh(!)45 b(-type)f(l)19 b Fl(which)g(excludes)f (these)h(fr)o(om)f(the)h(pr)o(evious)3096 2943 y SDict begin H.S end 3096 2943 a 3096 2943 a SDict begin 11 H.A end 3096 2943 a 3096 2943 a SDict begin [ /View [/XYZ H.V] /Dest (389) cvn H.B /DEST pdfmark end 3096 2943 a Fh(find)f Fl(command.)637 3076 y SDict begin H.S end 637 3076 a 637 3076 a SDict begin 11 H.A end 637 3076 a 637 3076 a SDict begin [ /View [/XYZ H.V] /Dest (390) cvn H.B /DEST pdfmark end 637 3076 a Black 596 3209 a Fg(\225)p Black 679 3209 a SDict begin H.S end 679 3209 a 679 3209 a SDict begin 11 H.A end 679 3209 a 679 3209 a SDict begin [ /View [/XYZ H.V] /Dest (391) cvn H.B /DEST pdfmark end 679 3209 a 197 3251 a SDict begin H.S end 197 3251 a 197 3251 a SDict begin 11 H.A end 197 3251 a 197 3251 a SDict begin [ /View [/XYZ H.V] /Dest (392) cvn H.B /DEST pdfmark end 197 3251 a 679 3342 a Fl(Unowned)29 b(\002les)g(may)g(also)h(be)e(an)h(indication)h(an)f(intr)o(uder)g(has) g(accessed)f(your)h(system.)679 3433 y(Y)-8 b(ou)19 b(can)g(locate)f (\002les)h(on)g(your)g(system)g(that)g(have)f(no)h(owner)-6 b(,)19 b(or)f(belong)i(to)f(no)g(gr)o(oup)f(with)679 3525 y(the)i(command:)197 3568 y SDict begin H.S end 197 3568 a 197 3568 a SDict begin 11 H.A end 197 3568 a 197 3568 a SDict begin [ /View [/XYZ H.V] /Dest (393) cvn H.B /DEST pdfmark end 197 3568 a 197 3609 a SDict begin H.S end 197 3609 a 197 3609 a SDict begin 9.9 H.A end 197 3609 a 197 3609 a SDict begin [ /View [/XYZ H.V] /Dest (394) cvn H.B /DEST pdfmark end 197 3609 a 768 3690 a Fh(root#)44 b(find)g(/)h(\\\()g(-nouser)e(-o)i(-nogroup)e(\\\))i (-print)637 3955 y SDict begin H.S end 637 3955 a 637 3955 a SDict begin 11 H.A end 637 3955 a 637 3955 a SDict begin [ /View [/XYZ H.V] /Dest (395) cvn H.B /DEST pdfmark end 637 3955 a Black 596 4088 a Fg(\225)p Black 679 4088 a SDict begin H.S end 679 4088 a 679 4088 a SDict begin 11 H.A end 679 4088 a 679 4088 a SDict begin [ /View [/XYZ H.V] /Dest (396) cvn H.B /DEST pdfmark end 679 4088 a Fl(Finding)990 4088 y SDict begin H.S end 990 4088 a 990 4088 a SDict begin 11 H.A end 990 4088 a 990 4088 a SDict begin [ /View [/XYZ H.V] /Dest (397) cvn H.B /DEST pdfmark end 990 4088 a Fh(.rhosts)22 b Fl(\002les)i(should)g(be)f (a)g(part)f(of)i(your)f(r)o(egular)f(system)j(administration)f(du-)679 4180 y(ties,)i(as)h(these)g(\002les)g(should)h(not)f(be)g(permitted)f (on)i(your)f(system.)g(Remember)-6 b(,)27 b(a)f(cracker)679 4271 y(only)c(needs)g(one)g(insecur)o(e)f(account)h(to)g(potentially)g (gain)g(access)f(to)h(your)g(entir)o(e)g(network.)679 4362 y(Y)-8 b(ou)21 b(can)g(locate)f(all)1336 4362 y SDict begin H.S end 1336 4362 a 1336 4362 a SDict begin 11 H.A end 1336 4362 a 1336 4362 a SDict begin [ /View [/XYZ H.V] /Dest (398) cvn H.B /DEST pdfmark end 1336 4362 a Fh(.rhosts)f Fl(\002les)j(on)f(your)g(system)h(with)f(the)g (following)h(command:)197 4427 y SDict begin H.S end 197 4427 a 197 4427 a SDict begin 9.9 H.A end 197 4427 a 197 4427 a SDict begin [ /View [/XYZ H.V] /Dest (399) cvn H.B /DEST pdfmark end 197 4427 a 1351 4486 a Fh(root#)44 b(find)g(/home)g(-name)g(.rhosts)g(-print)197 4539 y SDict begin H.S end 197 4539 a 197 4539 a SDict begin 11 H.A end 197 4539 a 197 4539 a SDict begin [ /View [/XYZ H.V] /Dest (400) cvn H.B /DEST pdfmark end 197 4539 a Black 596 4660 a Fg(\225)p Black 679 4660 a SDict begin H.S end 679 4660 a 679 4660 a SDict begin 11 H.A end 679 4660 a 679 4660 a SDict begin [ /View [/XYZ H.V] /Dest (401) cvn H.B /DEST pdfmark end 679 4660 a 197 4702 a SDict begin H.S end 197 4702 a 197 4702 a SDict begin 11 H.A end 197 4702 a 197 4702 a SDict begin [ /View [/XYZ H.V] /Dest (402) cvn H.B /DEST pdfmark end 197 4702 a 679 4793 a Fl(Finally)-9 b(,)29 b(befor)o(e)f(changing)i(permissions) h(on)f(any)g(system)g(\002les,)f(make)g(sur)o(e)g(you)h(under)o(-)679 4884 y(stand)f(what)g(you)h(ar)o(e)e(doing.)i(Never)e(change)i (permissions)g(on)g(a)f(\002le)h(because)e(it)i(seems)679 4976 y(like)c(the)h(easy)f(way)g(to)h(get)g(things)g(working.)h(Always) e(determine)g(why)h(the)g(\002le)f(has)h(that)679 5067 y(permission)21 b(befor)o(e)f(changing)h(it.)239 5333 y SDict begin H.S end 239 5333 a 239 5333 a SDict begin 11 H.A end 239 5333 a 239 5333 a SDict begin [ /View [/XYZ H.V] /Dest (umask) cvn H.B /DEST pdfmark end 239 5333 a Black 197 5585 a Fj(14)p Black eop end %%Page: 15 15 TeXDict begin 15 14 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.15) cvn H.B /DEST pdfmark end 197 -102 a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fi(Umask)27 b(Settings)1348 89 y SDict begin H.S end 1348 89 a 1348 89 a SDict begin 13.31 H.A end 1348 89 a 1348 89 a SDict begin [ /View [/XYZ H.V] /Dest (1.5.19.2) cvn H.B /DEST pdfmark end 1348 89 a 197 162 a SDict begin H.S end 197 162 a 197 162 a SDict begin 11 H.A end 197 162 a 197 162 a SDict begin [ /View [/XYZ H.V] /Dest (405) cvn H.B /DEST pdfmark end 197 162 a 596 231 a Fl(The)753 231 y SDict begin H.S end 753 231 a 753 231 a SDict begin 11 H.A end 753 231 a 753 231 a SDict begin [ /View [/XYZ H.V] /Dest (406) cvn H.B /DEST pdfmark end 753 231 a Fh(umask)18 b Fl(command)g(can)g(be)h(used)f(to)h (determine)f(the)g(default)g(\002le)g(cr)o(eation)g(mode)h(on)g(your) 596 322 y(system.)24 b(It)h(is)f(the)h(octal)f(complement)h(of)f(the)g (desir)o(ed)f(\002le)i(mode.)f(If)g(\002les)g(ar)o(e)f(cr)o(eated)g (with-)596 413 y(out)17 b(any)g(r)o(egar)o(d)e(to)j(their)f (permissions)h(settings,)g(the)f(user)g(could)g(inadvertently)g(give)g (r)o(ead)f(or)596 505 y(write)h(permission)i(to)e(someone)i(that)e (should)h(not)h(have)e(this)h(permission.)g(T)-7 b(ypical)3313 505 y SDict begin H.S end 3313 505 a 3313 505 a SDict begin 11 H.A end 3313 505 a 3313 505 a SDict begin [ /View [/XYZ H.V] /Dest (407) cvn H.B /DEST pdfmark end 3313 505 a Fh(umask)16 b Fl(set-)596 596 y(tings)24 b(include)1098 596 y SDict begin H.S end 1098 596 a 1098 596 a SDict begin 11 H.A end 1098 596 a 1098 596 a SDict begin [ /View [/XYZ H.V] /Dest (408) cvn H.B /DEST pdfmark end 1098 596 a Fh(022)p Fl(,)1277 596 y SDict begin H.S end 1277 596 a 1277 596 a SDict begin 11 H.A end 1277 596 a 1277 596 a SDict begin [ /View [/XYZ H.V] /Dest (409) cvn H.B /DEST pdfmark end 1277 596 a Fh(027)p Fl(,)e(and)1619 596 y SDict begin H.S end 1619 596 a 1619 596 a SDict begin 11 H.A end 1619 596 a 1619 596 a SDict begin [ /View [/XYZ H.V] /Dest (410) cvn H.B /DEST pdfmark end 1619 596 a Fh(077)i Fl(\(which)g(is)g(the)f(most)i(r)o(estrictive\).)d (Normally)i(the)g(umask)596 687 y(is)29 b(set)h(in)918 687 y SDict begin H.S end 918 687 a 918 687 a SDict begin 11 H.A end 918 687 a 918 687 a SDict begin [ /View [/XYZ H.V] /Dest (411) cvn H.B /DEST pdfmark end 918 687 a Fh(/etc/profile)p Fl(,)e(so)i(it)g(applies)f(to)h(all)f(users)h(on)g (the)g(system.)g(The)g(r)o(esulting)f(per)o(-)596 779 y(mission)23 b(is)f(calculated)e(as)h(follows:)h(The)g(default)e (permission)j(of)e(user/gr)o(oup/others)i(\(7)d(for)596 870 y(dir)o(ectories,)25 b(6)g(for)h(\002les\))g(is)h(combined)f(with)h (the)f(inverted)g(mask)g(\(NOT\))g(using)h(AND)f(on)g(a)596 961 y(per)o(-bit-basis.)197 1026 y SDict begin H.S end 197 1026 a 197 1026 a SDict begin 11 H.A end 197 1026 a 197 1026 a SDict begin [ /View [/XYZ H.V] /Dest (412) cvn H.B /DEST pdfmark end 197 1026 a 596 1094 a Fl(Example)19 b(1:)197 1159 y SDict begin H.S end 197 1159 a 197 1159 a SDict begin 11 H.A end 197 1159 a 197 1159 a SDict begin [ /View [/XYZ H.V] /Dest (413) cvn H.B /DEST pdfmark end 197 1159 a 596 1227 a Fl(\002le,)h(default)g(6,)g(binary:)g(110) g(mask,)g(eg.)h(2:)f(010,)f(NOT)-5 b(:)21 b(101)197 1292 y SDict begin H.S end 197 1292 a 197 1292 a SDict begin 11 H.A end 197 1292 a 197 1292 a SDict begin [ /View [/XYZ H.V] /Dest (414) cvn H.B /DEST pdfmark end 197 1292 a 596 1360 a Fl(r)o(esulting)f(permission,)i(AND:)e(100)g(\(equals)g (4,)g(r__\))197 1425 y SDict begin H.S end 197 1425 a 197 1425 a SDict begin 11 H.A end 197 1425 a 197 1425 a SDict begin [ /View [/XYZ H.V] /Dest (415) cvn H.B /DEST pdfmark end 197 1425 a 596 1493 a Fl(Example)f(2:)197 1557 y SDict begin H.S end 197 1557 a 197 1557 a SDict begin 11 H.A end 197 1557 a 197 1557 a SDict begin [ /View [/XYZ H.V] /Dest (416) cvn H.B /DEST pdfmark end 197 1557 a 596 1625 a Fl(\002le,)h(default)g(6,)g(binary:)g(110)g(mask,)g (eg.)h(6:)f(110,)f(NOT)-5 b(:)21 b(001)197 1690 y SDict begin H.S end 197 1690 a 197 1690 a SDict begin 11 H.A end 197 1690 a 197 1690 a SDict begin [ /View [/XYZ H.V] /Dest (417) cvn H.B /DEST pdfmark end 197 1690 a 596 1758 a Fl(r)o(esulting)f(permission,)i(AND:)e(000)g(\(equals)g(0,)g (___\))197 1823 y SDict begin H.S end 197 1823 a 197 1823 a SDict begin 11 H.A end 197 1823 a 197 1823 a SDict begin [ /View [/XYZ H.V] /Dest (418) cvn H.B /DEST pdfmark end 197 1823 a 596 1891 a Fl(Example)f(3:)197 1956 y SDict begin H.S end 197 1956 a 197 1956 a SDict begin 11 H.A end 197 1956 a 197 1956 a SDict begin [ /View [/XYZ H.V] /Dest (419) cvn H.B /DEST pdfmark end 197 1956 a 596 2024 a Fl(dir)o(ectory)-9 b(,)19 b(default)h(7,)g(binary:)g(111)f (mask,)i(eg.)f(2:)g(010,)g(NOT)-5 b(:)21 b(101)197 2089 y SDict begin H.S end 197 2089 a 197 2089 a SDict begin 11 H.A end 197 2089 a 197 2089 a SDict begin [ /View [/XYZ H.V] /Dest (420) cvn H.B /DEST pdfmark end 197 2089 a 596 2157 a Fl(r)o(esulting)f(permission,)i(AND:)e(101)g(\(equals)g (5,)g(r_x\))197 2222 y SDict begin H.S end 197 2222 a 197 2222 a SDict begin 11 H.A end 197 2222 a 197 2222 a SDict begin [ /View [/XYZ H.V] /Dest (421) cvn H.B /DEST pdfmark end 197 2222 a 596 2290 a Fl(Example)f(4:)197 2355 y SDict begin H.S end 197 2355 a 197 2355 a SDict begin 11 H.A end 197 2355 a 197 2355 a SDict begin [ /View [/XYZ H.V] /Dest (422) cvn H.B /DEST pdfmark end 197 2355 a 596 2422 a Fl(dir)o(ectory)-9 b(,)19 b(default)h(7,)g(binary:)g (111)f(mask,)i(eg.)f(6:)g(110,)g(NOT)-5 b(:)21 b(001)197 2487 y SDict begin H.S end 197 2487 a 197 2487 a SDict begin 11 H.A end 197 2487 a 197 2487 a SDict begin [ /View [/XYZ H.V] /Dest (423) cvn H.B /DEST pdfmark end 197 2487 a 596 2555 a Fl(r)o(esulting)f(permission,)i(AND:)e(001)g (\(equals)g(1,)g(__x\))197 2620 y SDict begin H.S end 197 2620 a 197 2620 a SDict begin 11 H.A end 197 2620 a 197 2620 a SDict begin [ /View [/XYZ H.V] /Dest (424) cvn H.B /DEST pdfmark end 197 2620 a 197 2703 a SDict begin H.S end 197 2703 a 197 2703 a SDict begin 9.9 H.A end 197 2703 a 197 2703 a SDict begin [ /View [/XYZ H.V] /Dest (425) cvn H.B /DEST pdfmark end 197 2703 a 685 2762 a Fh(#)45 b(Set)f(the)g(user's)g(default)g(umask)685 2844 y(umask)g(033)596 3019 y Fl(Be)25 b(sur)o(e)h(to)g(make)g(r)o (oot's)h(umask)1726 3019 y SDict begin H.S end 1726 3019 a 1726 3019 a SDict begin 11 H.A end 1726 3019 a 1726 3019 a SDict begin [ /View [/XYZ H.V] /Dest (426) cvn H.B /DEST pdfmark end 1726 3019 a Fh(077)p Fl(,)f(which)h(will)f(disable)g (r)o(ead,)e(write,)i(and)g(execute)f(per)o(-)596 3110 y(mission)j(for)e(other)h(users,)f(unless)h(explicitly)f(changed)h (using)2693 3110 y SDict begin H.S end 2693 3110 a 2693 3110 a SDict begin 11 H.A end 2693 3110 a 2693 3110 a SDict begin [ /View [/XYZ H.V] /Dest (427) cvn H.B /DEST pdfmark end 2693 3110 a Fh(chmod)p Fl(.)e(In)i(this)g(case,)f(newly-) 596 3201 y(cr)o(eated)h(dir)o(ectories)i(would)h(have)g(744)e (permissions,)j(obtained)e(by)h(subtracting)g(033)e(fr)o(om)596 3292 y(777.)19 b(Newly-cr)o(eated)f(\002les)j(using)h(the)f(033)e (umask)i(would)h(have)e(permissions)i(of)f(644.)197 3357 y SDict begin H.S end 197 3357 a 197 3357 a SDict begin 11 H.A end 197 3357 a 197 3357 a SDict begin [ /View [/XYZ H.V] /Dest (428) cvn H.B /DEST pdfmark end 197 3357 a 596 3425 a Fl(If)29 b(you)i(ar)o(e)e(using)i(Red)f(Hat,)g(and)g (adher)o(e)e(to)j(their)f(user)g(and)g(gr)o(oup)g(ID)g(cr)o(eation)g (scheme)596 3517 y(\(User)22 b(Private)h(Gr)o(oups\),)g(it)h(is)g(only) h(necessary)e(to)h(use)2422 3517 y SDict begin H.S end 2422 3517 a 2422 3517 a SDict begin 11 H.A end 2422 3517 a 2422 3517 a SDict begin [ /View [/XYZ H.V] /Dest (429) cvn H.B /DEST pdfmark end 2422 3517 a Fh(002)f Fl(for)h(a)2775 3517 y SDict begin H.S end 2775 3517 a 2775 3517 a SDict begin 11 H.A end 2775 3517 a 2775 3517 a SDict begin [ /View [/XYZ H.V] /Dest (430) cvn H.B /DEST pdfmark end 2775 3517 a Fh(umask)p Fl(.)e(This)i(is)h(due)e(to)h(the)596 3608 y(fact)19 b(that)i(the)g(default)f(con\002guration)i(is)f(one)g (user)f(per)h(gr)o(oup.)197 3673 y SDict begin H.S end 197 3673 a 197 3673 a SDict begin 11 H.A end 197 3673 a 197 3673 a SDict begin [ /View [/XYZ H.V] /Dest (431) cvn H.B /DEST pdfmark end 197 3673 a 596 3926 a Fi(File)28 b(P)m(ermissions)1391 3926 y SDict begin H.S end 1391 3926 a 1391 3926 a SDict begin 13.31 H.A end 1391 3926 a 1391 3926 a SDict begin [ /View [/XYZ H.V] /Dest (1.5.20.2) cvn H.B /DEST pdfmark end 1391 3926 a 197 3978 a SDict begin H.S end 197 3978 a 197 3978 a SDict begin 11 H.A end 197 3978 a 197 3978 a SDict begin [ /View [/XYZ H.V] /Dest (433) cvn H.B /DEST pdfmark end 197 3978 a 596 4068 a Fl(It's)18 b(important)g(to)g(ensur)o(e)f(that)h(your)g(system)h (\002les)f(ar)o(e)e(not)j(open)f(for)g(casual)f(editing)h(by)g(users) 596 4159 y(and)i(gr)o(oups)h(who)g(shouldn't)h(be)f(doing)g(such)g (system)h(maintenance.)197 4224 y SDict begin H.S end 197 4224 a 197 4224 a SDict begin 11 H.A end 197 4224 a 197 4224 a SDict begin [ /View [/XYZ H.V] /Dest (434) cvn H.B /DEST pdfmark end 197 4224 a 596 4292 a Fl(Unix)29 b(separates)g(access)g(contr)o(ol)h(on)h(\002les)f(and)f(dir)o (ectories)g(accor)o(ding)g(to)h(thr)o(ee)f(character)o(-)596 4383 y(istics:)g(owner)-6 b(,)29 b(gr)o(oup,)f(and)g(other)-6 b(.)29 b(Ther)o(e)f(is)h(always)g(exactly)f(one)h(owner)-6 b(,)29 b(any)g(number)g(of)596 4474 y(members)20 b(of)h(the)g(gr)o (oup,)f(and)h(everyone)f(else.)197 4539 y SDict begin H.S end 197 4539 a 197 4539 a SDict begin 11 H.A end 197 4539 a 197 4539 a SDict begin [ /View [/XYZ H.V] /Dest (435) cvn H.B /DEST pdfmark end 197 4539 a 596 4607 a Fl(A)g(quick)h(explanation)g(of)g(Unix)f(permissions:)197 4672 y SDict begin H.S end 197 4672 a 197 4672 a SDict begin 11 H.A end 197 4672 a 197 4672 a SDict begin [ /View [/XYZ H.V] /Dest (436) cvn H.B /DEST pdfmark end 197 4672 a 596 4740 a Fl(Ownership)25 b(-)e(Which)i(user\(s\))e(and)h(gr)o (oup\(s\))f(r)o(etain\(s\))g(contr)o(ol)i(of)f(the)g(permission)h (settings)596 4831 y(of)20 b(the)h(node)g(and)f(par)o(ent)g(of)h(the)g (node)197 4896 y SDict begin H.S end 197 4896 a 197 4896 a SDict begin 11 H.A end 197 4896 a 197 4896 a SDict begin [ /View [/XYZ H.V] /Dest (437) cvn H.B /DEST pdfmark end 197 4896 a 596 4964 a Fl(Permissions)33 b(-)e(Bits)h(capable)e (of)h(being)h(set)g(or)g(r)o(eset)e(to)i(allow)g(certain)f(types)h(of)g (access)f(to)596 5056 y(it.)h(Permissions)i(for)e(dir)o(ectories)f(may) h(have)g(a)g(dif)o(fer)o(ent)e(meaning)j(than)f(the)h(same)f(set)g(of) 596 5147 y(permissions)22 b(on)f(\002les.)197 5212 y SDict begin H.S end 197 5212 a 197 5212 a SDict begin 11 H.A end 197 5212 a 197 5212 a SDict begin [ /View [/XYZ H.V] /Dest (438) cvn H.B /DEST pdfmark end 197 5212 a 197 5212 a SDict begin H.S end 197 5212 a 197 5212 a SDict begin 11 H.A end 197 5212 a 197 5212 a SDict begin [ /View [/XYZ H.V] /Dest (439) cvn H.B /DEST pdfmark end 197 5212 a 596 5280 a Fj(Read:)824 5280 y SDict begin H.S end 824 5280 a 824 5280 a SDict begin 11 H.A end 824 5280 a 824 5280 a SDict begin [ /View [/XYZ H.V] /Dest (440) cvn H.B /DEST pdfmark end 824 5280 a 197 5322 a SDict begin H.S end 197 5322 a 197 5322 a SDict begin 11 H.A end 197 5322 a 197 5322 a SDict begin [ /View [/XYZ H.V] /Dest (441) cvn H.B /DEST pdfmark end 197 5322 a Black 3601 5585 a Fj(15)p Black eop end %%Page: 16 16 TeXDict begin 16 15 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.16) cvn H.B /DEST pdfmark end 197 -102 a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black Black 596 89 a Fg(\225)p Black 679 89 a SDict begin H.S end 679 89 a 679 89 a SDict begin 11 H.A end 679 89 a 679 89 a SDict begin [ /View [/XYZ H.V] /Dest (442) cvn H.B /DEST pdfmark end 679 89 a Fl(T)-8 b(o)21 b(be)f(able)g(to)i(view) e(contents)i(of)f(a)f(\002le)197 91 y SDict begin H.S end 197 91 a 197 91 a SDict begin 11 H.A end 197 91 a 197 91 a SDict begin [ /View [/XYZ H.V] /Dest (443) cvn H.B /DEST pdfmark end 197 91 a Black 596 222 a Fg(\225)p Black 679 222 a SDict begin H.S end 679 222 a 679 222 a SDict begin 11 H.A end 679 222 a 679 222 a SDict begin [ /View [/XYZ H.V] /Dest (444) cvn H.B /DEST pdfmark end 679 222 a Fl(T)-8 b(o)21 b(be)f(able)g(to)i(r)o(ead)d(a)h(dir)o (ectory)197 396 y SDict begin H.S end 197 396 a 197 396 a SDict begin 11 H.A end 197 396 a 197 396 a SDict begin [ /View [/XYZ H.V] /Dest (445) cvn H.B /DEST pdfmark end 197 396 a 197 396 a SDict begin H.S end 197 396 a 197 396 a SDict begin 11 H.A end 197 396 a 197 396 a SDict begin [ /View [/XYZ H.V] /Dest (446) cvn H.B /DEST pdfmark end 197 396 a 596 488 a Fj(W)n(rite:)850 488 y SDict begin H.S end 850 488 a 850 488 a SDict begin 11 H.A end 850 488 a 850 488 a SDict begin [ /View [/XYZ H.V] /Dest (447) cvn H.B /DEST pdfmark end 850 488 a 197 530 a SDict begin H.S end 197 530 a 197 530 a SDict begin 11 H.A end 197 530 a 197 530 a SDict begin [ /View [/XYZ H.V] /Dest (448) cvn H.B /DEST pdfmark end 197 530 a Black 596 703 a Fg(\225)p Black 679 703 a SDict begin H.S end 679 703 a 679 703 a SDict begin 11 H.A end 679 703 a 679 703 a SDict begin [ /View [/XYZ H.V] /Dest (449) cvn H.B /DEST pdfmark end 679 703 a Fl(T)-8 b(o)21 b(be)f(able)g(to)i(add)d (to)i(or)g(change)g(a)f(\002le)197 727 y SDict begin H.S end 197 727 a 197 727 a SDict begin 11 H.A end 197 727 a 197 727 a SDict begin [ /View [/XYZ H.V] /Dest (450) cvn H.B /DEST pdfmark end 197 727 a Black 596 836 a Fg(\225)p Black 679 836 a SDict begin H.S end 679 836 a 679 836 a SDict begin 11 H.A end 679 836 a 679 836 a SDict begin [ /View [/XYZ H.V] /Dest (451) cvn H.B /DEST pdfmark end 679 836 a Fl(T)-8 b(o)21 b(be)f(able)g(to)i(delete)e(or)g(move)i (\002les)f(in)g(a)f(dir)o(ectory)197 1011 y SDict begin H.S end 197 1011 a 197 1011 a SDict begin 11 H.A end 197 1011 a 197 1011 a SDict begin [ /View [/XYZ H.V] /Dest (452) cvn H.B /DEST pdfmark end 197 1011 a 197 1011 a SDict begin H.S end 197 1011 a 197 1011 a SDict begin 11 H.A end 197 1011 a 197 1011 a SDict begin [ /View [/XYZ H.V] /Dest (453) cvn H.B /DEST pdfmark end 197 1011 a 596 1102 a Fj(Execute:)922 1102 y SDict begin H.S end 922 1102 a 922 1102 a SDict begin 11 H.A end 922 1102 a 922 1102 a SDict begin [ /View [/XYZ H.V] /Dest (454) cvn H.B /DEST pdfmark end 922 1102 a 197 1144 a SDict begin H.S end 197 1144 a 197 1144 a SDict begin 11 H.A end 197 1144 a 197 1144 a SDict begin [ /View [/XYZ H.V] /Dest (455) cvn H.B /DEST pdfmark end 197 1144 a Black 596 1318 a Fg(\225)p Black 679 1318 a SDict begin H.S end 679 1318 a 679 1318 a SDict begin 11 H.A end 679 1318 a 679 1318 a SDict begin [ /View [/XYZ H.V] /Dest (456) cvn H.B /DEST pdfmark end 679 1318 a Fl(T)-8 b(o)21 b(be)f(able)g(to)i(r) o(un)f(a)f(binary)h(pr)o(ogram)f(or)h(shell)g(script)197 1341 y SDict begin H.S end 197 1341 a 197 1341 a SDict begin 11 H.A end 197 1341 a 197 1341 a SDict begin [ /View [/XYZ H.V] /Dest (457) cvn H.B /DEST pdfmark end 197 1341 a Black 596 1451 a Fg(\225)p Black 679 1451 a SDict begin H.S end 679 1451 a 679 1451 a SDict begin 11 H.A end 679 1451 a 679 1451 a SDict begin [ /View [/XYZ H.V] /Dest (458) cvn H.B /DEST pdfmark end 679 1451 a Fl(T)-8 b(o)21 b(be)f(able)g(to)i(sear)o(ch)d(in)j(a)e(dir)o(ectory)-9 b(,)19 b(combined)i(with)h(r)o(ead)d(permission)197 1625 y SDict begin H.S end 197 1625 a 197 1625 a SDict begin 11 H.A end 197 1625 a 197 1625 a SDict begin [ /View [/XYZ H.V] /Dest (459) cvn H.B /DEST pdfmark end 197 1625 a 197 1625 a SDict begin H.S end 197 1625 a 197 1625 a SDict begin 11 H.A end 197 1625 a 197 1625 a SDict begin [ /View [/XYZ H.V] /Dest (460) cvn H.B /DEST pdfmark end 197 1625 a 197 1750 a SDict begin H.S end 197 1750 a 197 1750 a SDict begin 11 H.A end 197 1750 a 197 1750 a SDict begin [ /View [/XYZ H.V] /Dest (462) cvn H.B /DEST pdfmark end 197 1750 a 596 1841 a Fl(Save)g(T)-8 b(ext)21 b(Attribute:)f(\(For)g(dir)o(ectories\))197 1858 y SDict begin H.S end 197 1858 a 197 1858 a SDict begin 11 H.A end 197 1858 a 197 1858 a SDict begin [ /View [/XYZ H.V] /Dest (463) cvn H.B /DEST pdfmark end 197 1858 a Black Black 762 1974 a SDict begin H.S end 762 1974 a 762 1974 a SDict begin 11 H.A end 762 1974 a 762 1974 a SDict begin [ /View [/XYZ H.V] /Dest (464) cvn H.B /DEST pdfmark end 762 1974 a Fl(The)29 b("sticky)g(bit")g(also)h(has)f(a)f(dif)o (fer)o(ent)f(meaning)j(when)g(applied)e(to)h(dir)o(ectories)g(than)762 2065 y(when)34 b(applied)f(to)i(\002les.)f(If)g(the)g(sticky)g(bit)h (is)f(set)g(on)h(a)e(dir)o(ectory)-9 b(,)33 b(then)i(a)e(user)h(may)762 2156 y(only)25 b(delete)g(\002les)g(that)g(the)g(he)g(owns)h(or)f(for)f (which)i(he)f(has)g(explicit)g(write)g(permission)762 2248 y(granted,)c(even)h(when)g(he)g(has)h(write)f(access)f(to)i(the)f (dir)o(ectory)-9 b(.)21 b(This)h(is)h(designed)f(for)f(di-)762 2339 y(r)o(ectories)f(like)1251 2339 y SDict begin H.S end 1251 2339 a 1251 2339 a SDict begin 11 H.A end 1251 2339 a 1251 2339 a SDict begin [ /View [/XYZ H.V] /Dest (465) cvn H.B /DEST pdfmark end 1251 2339 a Fh(/tmp)p Fl(,)g(which)j(ar)o(e)d(world-writable,)g(but)i(wher)o(e)f(it)g(may)h (not)g(be)f(desirable)762 2430 y(to)30 b(allow)g(any)f(user)h(to)g (delete)e(\002les)i(at)g(will.)g(The)f(sticky)h(bit)g(is)g(seen)g(as)f (a)3272 2430 y SDict begin H.S end 3272 2430 a 3272 2430 a SDict begin 11 H.A end 3272 2430 a 3272 2430 a SDict begin [ /View [/XYZ H.V] /Dest (466) cvn H.B /DEST pdfmark end 3272 2430 a Fh(t)h Fl(in)g(a)f(long)762 2522 y(dir)o(ectory)19 b(listing.)197 2696 y SDict begin H.S end 197 2696 a 197 2696 a SDict begin 11 H.A end 197 2696 a 197 2696 a SDict begin [ /View [/XYZ H.V] /Dest (467) cvn H.B /DEST pdfmark end 197 2696 a 197 2696 a SDict begin H.S end 197 2696 a 197 2696 a SDict begin 11 H.A end 197 2696 a 197 2696 a SDict begin [ /View [/XYZ H.V] /Dest (468) cvn H.B /DEST pdfmark end 197 2696 a 197 2821 a SDict begin H.S end 197 2821 a 197 2821 a SDict begin 11 H.A end 197 2821 a 197 2821 a SDict begin [ /View [/XYZ H.V] /Dest (470) cvn H.B /DEST pdfmark end 197 2821 a 596 2912 a Fl(SUID)h(Attribute:)g(\(For)g(Files\))197 2929 y SDict begin H.S end 197 2929 a 197 2929 a SDict begin 11 H.A end 197 2929 a 197 2929 a SDict begin [ /View [/XYZ H.V] /Dest (471) cvn H.B /DEST pdfmark end 197 2929 a Black Black 762 3045 a SDict begin H.S end 762 3045 a 762 3045 a SDict begin 11 H.A end 762 3045 a 762 3045 a SDict begin [ /View [/XYZ H.V] /Dest (472) cvn H.B /DEST pdfmark end 762 3045 a Fl(This)28 b(describes)f(set-user)o(-id)g (permissions)i(on)g(the)f(\002le.)g(When)g(the)h(set)f(user)f(ID)i (access)762 3136 y(mode)19 b(is)h(set)f(in)h(the)f(owner)h (permissions,)h(and)e(the)g(\002le)h(is)f(executable,)f(pr)o(ocesses)h (which)762 3227 y(r)o(un)g(it)h(ar)o(e)e(granted)h(access)f(to)i (system)g(r)o(esour)o(ces)e(based)h(on)h(user)f(who)h(owns)g(the)g (\002le,)f(as)762 3319 y(opposed)25 b(to)g(the)g(user)g(who)h(cr)o (eated)d(the)i(pr)o(ocess.)f(This)i(is)f(the)g(cause)g(of)g(many)g ("buf)o(fer)762 3410 y(over\003ow")c(exploits.)197 3433 y SDict begin H.S end 197 3433 a 197 3433 a SDict begin 11 H.A end 197 3433 a 197 3433 a SDict begin [ /View [/XYZ H.V] /Dest (473) cvn H.B /DEST pdfmark end 197 3433 a 197 3558 a SDict begin H.S end 197 3558 a 197 3558 a SDict begin 11 H.A end 197 3558 a 197 3558 a SDict begin [ /View [/XYZ H.V] /Dest (475) cvn H.B /DEST pdfmark end 197 3558 a 596 3626 a Fl(SGID)f(Attribute:)g(\(For)h(Files\))197 3643 y SDict begin H.S end 197 3643 a 197 3643 a SDict begin 11 H.A end 197 3643 a 197 3643 a SDict begin [ /View [/XYZ H.V] /Dest (476) cvn H.B /DEST pdfmark end 197 3643 a Black Black 762 3759 a SDict begin H.S end 762 3759 a 762 3759 a SDict begin 11 H.A end 762 3759 a 762 3759 a SDict begin [ /View [/XYZ H.V] /Dest (477) cvn H.B /DEST pdfmark end 762 3759 a Fl(If)e(set)i(in)f(the)h(gr)o(oup)e (permissions,)j(this)f(bit)f(contr)o(ols)h(the)f("set)g(gr)o(oup)g(id") g(status)g(of)g(a)g(\002le.)762 3850 y(This)28 b(behaves)e(the)i(same)f (way)h(as)f(SUID,)g(except)f(the)i(gr)o(oup)f(is)h(af)o(fected)d (instead.)i(The)762 3941 y(\002le)20 b(must)i(be)e(executable)g(for)g (this)i(to)f(have)f(any)h(ef)o(fect.)197 4116 y SDict begin H.S end 197 4116 a 197 4116 a SDict begin 11 H.A end 197 4116 a 197 4116 a SDict begin [ /View [/XYZ H.V] /Dest (478) cvn H.B /DEST pdfmark end 197 4116 a 197 4116 a SDict begin H.S end 197 4116 a 197 4116 a SDict begin 11 H.A end 197 4116 a 197 4116 a SDict begin [ /View [/XYZ H.V] /Dest (479) cvn H.B /DEST pdfmark end 197 4116 a 197 4240 a SDict begin H.S end 197 4240 a 197 4240 a SDict begin 11 H.A end 197 4240 a 197 4240 a SDict begin [ /View [/XYZ H.V] /Dest (481) cvn H.B /DEST pdfmark end 197 4240 a 596 4332 a Fl(SGID)f(Attribute:)g(\(For)h(dir)o (ectories\))197 4349 y SDict begin H.S end 197 4349 a 197 4349 a SDict begin 11 H.A end 197 4349 a 197 4349 a SDict begin [ /View [/XYZ H.V] /Dest (482) cvn H.B /DEST pdfmark end 197 4349 a Black Black 762 4464 a SDict begin H.S end 762 4464 a 762 4464 a SDict begin 11 H.A end 762 4464 a 762 4464 a SDict begin [ /View [/XYZ H.V] /Dest (483) cvn H.B /DEST pdfmark end 762 4464 a Fl(If)d(you)i(set)f(the)g (SGID)h(bit)f(on)h(a)e(dir)o(ectory)h(\(with)2329 4464 y SDict begin H.S end 2329 4464 a 2329 4464 a SDict begin 11 H.A end 2329 4464 a 2329 4464 a SDict begin [ /View [/XYZ H.V] /Dest (484) cvn H.B /DEST pdfmark end 2329 4464 a Fh(chmod)44 b(g+s)g(directory)p Fl(\),)17 b(\002les)j(cr)o (eated)762 4556 y(in)h(that)g(dir)o(ectory)e(will)j(have)e(their)h(gr)o (oup)g(set)f(to)h(the)g(dir)o(ectory's)g(gr)o(oup.)197 4730 y SDict begin H.S end 197 4730 a 197 4730 a SDict begin 11 H.A end 197 4730 a 197 4730 a SDict begin [ /View [/XYZ H.V] /Dest (485) cvn H.B /DEST pdfmark end 197 4730 a 596 4821 a Fl(Y)-8 b(ou)21 b(-)g(The)g(owner)g(of)f(the)h (\002le)197 4865 y SDict begin H.S end 197 4865 a 197 4865 a SDict begin 11 H.A end 197 4865 a 197 4865 a SDict begin [ /View [/XYZ H.V] /Dest (486) cvn H.B /DEST pdfmark end 197 4865 a 596 4954 a Fl(Gr)o(oup)f(-)h(The)f(gr)o(oup)h(you)g (belong)h(to)197 5019 y SDict begin H.S end 197 5019 a 197 5019 a SDict begin 11 H.A end 197 5019 a 197 5019 a SDict begin [ /View [/XYZ H.V] /Dest (487) cvn H.B /DEST pdfmark end 197 5019 a 596 5087 a Fl(Everyone)e(-)g(Anyone)i(on)f(the) g(system)g(that)g(is)g(not)h(the)f(owner)g(or)g(a)f(member)h(of)f(the)h (gr)o(oup)197 5152 y SDict begin H.S end 197 5152 a 197 5152 a SDict begin 11 H.A end 197 5152 a 197 5152 a SDict begin [ /View [/XYZ H.V] /Dest (488) cvn H.B /DEST pdfmark end 197 5152 a 197 5152 a SDict begin H.S end 197 5152 a 197 5152 a SDict begin 11 H.A end 197 5152 a 197 5152 a SDict begin [ /View [/XYZ H.V] /Dest (489) cvn H.B /DEST pdfmark end 197 5152 a 596 5220 a Fj(File)g(Example:)197 5284 y SDict begin H.S end 197 5284 a 197 5284 a SDict begin 11 H.A end 197 5284 a 197 5284 a SDict begin [ /View [/XYZ H.V] /Dest (490) cvn H.B /DEST pdfmark end 197 5284 a 197 5367 a SDict begin H.S end 197 5367 a 197 5367 a SDict begin 9.9 H.A end 197 5367 a 197 5367 a SDict begin [ /View [/XYZ H.V] /Dest (491) cvn H.B /DEST pdfmark end 197 5367 a 954 5427 a Fh(-rw-r--r--)88 b(1)45 b(kevin)89 b(users)402 b(114)45 b(Aug)f(28)89 b(1997)44 b(.zlogin)p Black 197 5585 a Fj(16)p Black eop end %%Page: 17 17 TeXDict begin 17 16 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.17) cvn H.B /DEST pdfmark end 197 -102 a Black 197 -201 a SDict begin H.S end 197 -201 a 197 -201 a SDict begin 11 H.A end 197 -201 a 197 -201 a SDict begin [ /View [/XYZ H.V] /Dest (500) cvn H.B /DEST pdfmark end 197 -201 a 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 954 89 a Fh(1st)44 b(bit)h(-)f(directory?)582 b(\(no\))999 171 y(2nd)44 b(bit)h(-)f(read)g(by)h(owner?)402 b(\(yes,)44 b(by)h(kevin\))1044 253 y(3rd)f(bit)g(-)h(write)f(by)h(owner?)357 b(\(yes,)44 b(by)h(kevin\))1089 336 y(4th)f(bit)g(-)h(execute)f(by)g (owner?)268 b(\(no\))1133 418 y(5th)45 b(bit)f(-)h(read)f(by)g(group?) 403 b(\(yes,)44 b(by)g(users\))1178 500 y(6th)h(bit)f(-)h(write)f(by)g (group?)358 b(\(no\))1223 582 y(7th)44 b(bit)h(-)f(execute)g(by)h (group?)268 b(\(no\))1268 664 y(8th)44 b(bit)h(-)f(read)g(by)h (everyone?)267 b(\(yes,)44 b(by)h(everyone\))1313 747 y(9th)f(bit)g(-)h(write)f(by)h(everyone?)222 b(\(no\))1358 829 y(10th)44 b(bit)g(-)h(execute)e(by)i(everyone?)88 b(\(no\))197 1127 y SDict begin H.S end 197 1127 a 197 1127 a SDict begin 11 H.A end 197 1127 a 197 1127 a SDict begin [ /View [/XYZ H.V] /Dest (492) cvn H.B /DEST pdfmark end 197 1127 a 596 1218 a Fl(The)30 b(following)j(lines)e(ar)o (e)e(examples)i(of)g(the)g(minimum)h(sets)f(of)g(permissions)h(that)f (ar)o(e)e(r)o(e-)596 1310 y(quir)o(ed)20 b(to)h(perform)g(the)g(access) f(described.)g(Y)-8 b(ou)22 b(may)f(want)g(to)g(give)g(mor)o(e)g (permission)h(than)596 1401 y(what's)c(listed)g(her)o(e,)f(but)h(this)h (should)g(describe)e(what)i(these)f(minimum)h(permissions)h(on)f (\002les)596 1492 y(do:)197 1535 y SDict begin H.S end 197 1535 a 197 1535 a SDict begin 11 H.A end 197 1535 a 197 1535 a SDict begin [ /View [/XYZ H.V] /Dest (493) cvn H.B /DEST pdfmark end 197 1535 a 197 1618 a SDict begin H.S end 197 1618 a 197 1618 a SDict begin 9.9 H.A end 197 1618 a 197 1618 a SDict begin [ /View [/XYZ H.V] /Dest (494) cvn H.B /DEST pdfmark end 197 1618 a 596 1781 a Fh(-r--------)87 b(Allow)44 b(read)h(access)e(to)i(the)f(file)g(by)h (owner)596 1863 y(--w-------)87 b(Allows)44 b(the)h(owner)f(to)g (modify)g(or)g(delete)g(the)h(file)1133 1945 y(\(Note)f(that)h(anyone)e (with)i(write)f(permission)f(to)h(the)h(directory)1178 2028 y(the)g(file)f(is)g(in)h(can)f(overwrite)f(it)i(and)f(thus)g (delete)g(it\))596 2110 y(---x------)87 b(The)45 b(owner)f(can)g (execute)g(this)g(program,)f(but)i(not)f(shell)g(scripts,)865 2192 y(which)f(still)h(need)h(read)f(permission)596 2274 y(---s------)87 b(Will)45 b(execute)e(with)h(effective)g(User)g(ID)g(=) h(to)g(owner)596 2356 y(--------s-)87 b(Will)45 b(execute)e(with)h (effective)g(Group)g(ID)g(=)h(to)f(group)596 2439 y(-rw------T)87 b(No)45 b(update)f(of)g("last)g(modified)g(time".)88 b(Usually)44 b(used)g(for)h(swap)865 2521 y(files)596 2603 y(---t------)87 b(No)45 b(effect.)88 b(\(formerly)44 b(sticky)g(bit\))197 2685 y SDict begin H.S end 197 2685 a 197 2685 a SDict begin 11 H.A end 197 2685 a 197 2685 a SDict begin [ /View [/XYZ H.V] /Dest (495) cvn H.B /DEST pdfmark end 197 2685 a 596 2860 a Fj(Dir)o(ectory)19 b(Example:)197 2965 y SDict begin H.S end 197 2965 a 197 2965 a SDict begin 9.9 H.A end 197 2965 a 197 2965 a SDict begin [ /View [/XYZ H.V] /Dest (496) cvn H.B /DEST pdfmark end 197 2965 a 954 3107 a Fh(drwxr-xr-x)88 b(3)45 b(kevin)89 b(users)402 b(512)45 b(Sep)f(19)g(13:47)g(.public_html/)954 3189 y(1st)g(bit)h(-)f(directory?)582 b(\(yes,)44 b(it)g(contains)g (many)g(files\))999 3271 y(2nd)g(bit)h(-)f(read)g(by)h(owner?)402 b(\(yes,)44 b(by)h(kevin\))1044 3354 y(3rd)f(bit)g(-)h(write)f(by)h (owner?)357 b(\(yes,)44 b(by)h(kevin\))1089 3436 y(4th)f(bit)g(-)h (execute)f(by)g(owner?)268 b(\(yes,)44 b(by)h(kevin\))1133 3518 y(5th)g(bit)f(-)h(read)f(by)g(group?)403 b(\(yes,)44 b(by)g(users)1178 3600 y(6th)h(bit)f(-)h(write)f(by)g(group?)358 b(\(no\))1223 3682 y(7th)44 b(bit)h(-)f(execute)g(by)h(group?)268 b(\(yes,)44 b(by)g(users\))1268 3764 y(8th)g(bit)h(-)f(read)g(by)h (everyone?)267 b(\(yes,)44 b(by)h(everyone\))1313 3847 y(9th)f(bit)g(-)h(write)f(by)h(everyone?)222 b(\(no\))1358 3929 y(10th)44 b(bit)g(-)h(execute)e(by)i(everyone?)88 b(\(yes,)44 b(by)h(everyone\))197 4227 y SDict begin H.S end 197 4227 a 197 4227 a SDict begin 11 H.A end 197 4227 a 197 4227 a SDict begin [ /View [/XYZ H.V] /Dest (497) cvn H.B /DEST pdfmark end 197 4227 a 596 4318 a Fl(The)30 b(following)j(lines)e(ar)o(e)e(examples)i(of)g(the)g(minimum)h(sets)f (of)g(permissions)h(that)f(ar)o(e)e(r)o(e-)596 4410 y(quir)o(ed)20 b(to)h(perform)g(the)g(access)f(described.)g(Y)-8 b(ou)22 b(may)f(want)g(to)g(give)g(mor)o(e)g(permission)h(than)596 4501 y(what's)g(listed,)g(but)g(this)h(should)g(describe)e(what)h (these)g(minimum)i(permissions)f(on)g(dir)o(ecto-)596 4592 y(ries)d(do:)197 4635 y SDict begin H.S end 197 4635 a 197 4635 a SDict begin 11 H.A end 197 4635 a 197 4635 a SDict begin [ /View [/XYZ H.V] /Dest (498) cvn H.B /DEST pdfmark end 197 4635 a 197 4719 a SDict begin H.S end 197 4719 a 197 4719 a SDict begin 9.9 H.A end 197 4719 a 197 4719 a SDict begin [ /View [/XYZ H.V] /Dest (499) cvn H.B /DEST pdfmark end 197 4719 a 596 4799 a Fh(dr--------)87 b(The)45 b(contents)e(can)i(be)f(listed,)g(but)g(file)g(attributes)f (can't)h(be)h(read)596 4881 y(d--x------)87 b(The)45 b(directory)e(can)h(be)h(entered,)e(and)i(used)f(in)g(full)h(execution) e(paths)596 4963 y(dr-x------)87 b(File)45 b(attributes)e(can)h(be)h (read)f(by)g(owner)596 5045 y(d-wx------)87 b(Files)44 b(can)h(be)f(created/deleted,)e(even)j(if)f(the)g(directory)865 5128 y(isn't)f(the)i(current)e(one)596 5210 y(d------x-t)87 b(Prevents)44 b(files)g(from)g(deletion)g(by)g(others)g(with)g(write) 865 5292 y(access.)f(Used)h(on)h(/tmp)596 5374 y(d---s--s--)87 b(No)45 b(effect)p Black 3601 5585 a Fj(17)p Black eop end %%Page: 18 18 TeXDict begin 18 17 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.18) cvn H.B /DEST pdfmark end 197 -102 a Black 197 -201 a SDict begin H.S end 197 -201 a 197 -201 a SDict begin 11 H.A end 197 -201 a 197 -201 a SDict begin [ /View [/XYZ H.V] /Dest (536) cvn H.B /DEST pdfmark end 197 -201 a 69 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 222 a Fl(System)d(con\002guration)i(\002les)g(\(usually)e(in) i Fh(/etc)p Fl(\))d(ar)o(e)h(usually)h(mode)2847 222 y SDict begin H.S end 2847 222 a 2847 222 a SDict begin 11 H.A end 2847 222 a 2847 222 a SDict begin [ /View [/XYZ H.V] /Dest (502) cvn H.B /DEST pdfmark end 2847 222 a Fh(640)f Fl(\()3028 222 y SDict begin H.S end 3028 222 a 3028 222 a SDict begin 11 H.A end 3028 222 a 3028 222 a SDict begin [ /View [/XYZ H.V] /Dest (503) cvn H.B /DEST pdfmark end 3028 222 a Fh(-rw-r-----)p Fl(\),)e(and)596 313 y(owned)29 b(by)h(r)o(oot.)g(Depending)f(on)i(your)f(site's)g (security)f(r)o(equir)o(ements,)g(you)h(might)h(adjust)596 405 y(this.)22 b(Never)g(leave)g(any)g(system)h(\002les)g(writable)f (by)g(a)g(gr)o(oup)g(or)h(everyone.)f(Some)g(con\002gura-)596 496 y(tion)d(\002les,)g(including)1320 496 y SDict begin H.S end 1320 496 a 1320 496 a SDict begin 11 H.A end 1320 496 a 1320 496 a SDict begin [ /View [/XYZ H.V] /Dest (504) cvn H.B /DEST pdfmark end 1320 496 a Fh(/etc/shadow)p Fl(,)e(should)j(only)f(be)g(r)o(eadable)d(by)j(r)o(oot,)g(and)f(dir)o (ectories)g(in)596 587 y SDict begin H.S end 596 587 a 596 587 a SDict begin 11 H.A end 596 587 a 596 587 a SDict begin [ /View [/XYZ H.V] /Dest (505) cvn H.B /DEST pdfmark end 596 587 a Fh(/etc)i Fl(should)h(at)f(least)h(not)g(be)g (accessible)f(by)h(others.)197 652 y SDict begin H.S end 197 652 a 197 652 a SDict begin 11 H.A end 197 652 a 197 652 a SDict begin [ /View [/XYZ H.V] /Dest (506) cvn H.B /DEST pdfmark end 197 652 a 197 652 a SDict begin H.S end 197 652 a 197 652 a SDict begin 11 H.A end 197 652 a 197 652 a SDict begin [ /View [/XYZ H.V] /Dest (507) cvn H.B /DEST pdfmark end 197 652 a 197 777 a SDict begin H.S end 197 777 a 197 777 a SDict begin 11 H.A end 197 777 a 197 777 a SDict begin [ /View [/XYZ H.V] /Dest (509) cvn H.B /DEST pdfmark end 197 777 a 596 845 a Fl(SUID)f(Shell)g (Scripts)197 868 y SDict begin H.S end 197 868 a 197 868 a SDict begin 11 H.A end 197 868 a 197 868 a SDict begin [ /View [/XYZ H.V] /Dest (510) cvn H.B /DEST pdfmark end 197 868 a Black Black 762 977 a SDict begin H.S end 762 977 a 762 977 a SDict begin 11 H.A end 762 977 a 762 977 a SDict begin [ /View [/XYZ H.V] /Dest (511) cvn H.B /DEST pdfmark end 762 977 a Fl(SUID)j(shell)h(scripts)g(ar)o(e)e(a) h(serious)h(security)g(risk,)g(and)f(for)g(this)i(r)o(eason)e(the)h (kernel)f(will)762 1069 y(not)f(honor)i(them.)e(Regar)o(dless)f(of)i (how)g(secur)o(e)e(you)h(think)i(the)e(shell)h(script)f(is,)g(it)g(can) g(be)762 1160 y(exploited)e(to)h(give)g(the)g(cracker)e(a)i(r)o(oot)f (shell.)197 1334 y SDict begin H.S end 197 1334 a 197 1334 a SDict begin 11 H.A end 197 1334 a 197 1334 a SDict begin [ /View [/XYZ H.V] /Dest (512) cvn H.B /DEST pdfmark end 197 1334 a 596 1611 a Fi(Integrity)29 b(Chec)n(king)1470 1611 y SDict begin H.S end 1470 1611 a 1470 1611 a SDict begin 13.31 H.A end 1470 1611 a 1470 1611 a SDict begin [ /View [/XYZ H.V] /Dest (1.5.21.2) cvn H.B /DEST pdfmark end 1470 1611 a 197 1684 a SDict begin H.S end 197 1684 a 197 1684 a SDict begin 11 H.A end 197 1684 a 197 1684 a SDict begin [ /View [/XYZ H.V] /Dest (514) cvn H.B /DEST pdfmark end 197 1684 a 596 1753 a Fl(Another)22 b(very)h(good)g(way)f (to)h(detect)f(local)h(\(and)e(also)i(network\))g(attacks)f(on)h(your)g (system)h(is)596 1844 y(to)f(r)o(un)h(an)f(integrity)h(checker)f(like) 1758 1844 y SDict begin H.S end 1758 1844 a 1758 1844 a SDict begin 11 H.A end 1758 1844 a 1758 1844 a SDict begin [ /View [/XYZ H.V] /Dest (515) cvn H.B /DEST pdfmark end 1758 1844 a Fh(Tripwire)p Fl(,)2161 1844 y SDict begin H.S end 2161 1844 a 2161 1844 a SDict begin 11 H.A end 2161 1844 a 2161 1844 a SDict begin [ /View [/XYZ H.V] /Dest (516) cvn H.B /DEST pdfmark end 2161 1844 a Fh(Aide)g Fl(or)2465 1844 y SDict begin H.S end 2465 1844 a 2465 1844 a SDict begin 11 H.A end 2465 1844 a 2465 1844 a SDict begin [ /View [/XYZ H.V] /Dest (517) cvn H.B /DEST pdfmark end 2465 1844 a Fh(Osiris)p Fl(.)f(These)h(integr)o (ety)g(checkers)596 1935 y(r)o(un)e(a)f(number)h(of)g(checksums)h(on)f (all)g(your)g(important)g(binaries)g(and)f(con\002g)i(\002les)f(and)g (com-)596 2026 y(par)o(es)27 b(them)i(against)g(a)f(database)f(of)i (former)-6 b(,)28 b(known-good)i(values)f(as)f(a)h(r)o(efer)o(ence.)d (Thus,)596 2118 y(any)20 b(changes)h(in)g(the)g(\002les)g(will)h(be)e (\003agged.)197 2183 y SDict begin H.S end 197 2183 a 197 2183 a SDict begin 11 H.A end 197 2183 a 197 2183 a SDict begin [ /View [/XYZ H.V] /Dest (518) cvn H.B /DEST pdfmark end 197 2183 a 596 2251 a Fl(It's)k(a)f(good)h(idea)f(to)i (install)f(these)g(sorts)g(of)g(pr)o(ograms)f(onto)i(a)f(\003oppy)-9 b(,)24 b(and)f(then)h(physically)596 2342 y(set)17 b(the)h(write)g(pr)o (otect)f(on)h(the)g(\003oppy)-9 b(.)18 b(This)h(way)e(intr)o(uders)h (can't)g(tamper)f(with)h(the)g(integr)o(ety)596 2433 y(checker)25 b(itself)h(or)f(change)h(the)g(database.)e(Once)i(you)g (have)f(something)i(like)f(this)h(setup,)e(it's)596 2525 y(a)f(good)i(idea)f(to)h(r)o(un)g(it)f(as)h(part)e(of)i(your)f(normal)h (security)g(administration)g(duties)f(to)h(see)f(if)596 2616 y(anything)c(has)g(changed.)197 2681 y SDict begin H.S end 197 2681 a 197 2681 a SDict begin 11 H.A end 197 2681 a 197 2681 a SDict begin [ /View [/XYZ H.V] /Dest (519) cvn H.B /DEST pdfmark end 197 2681 a 596 2749 a Fl(Y)-8 b(ou)25 b(can)e(even)h(add)f(a)1344 2749 y SDict begin H.S end 1344 2749 a 1344 2749 a SDict begin 11 H.A end 1344 2749 a 1344 2749 a SDict begin [ /View [/XYZ H.V] /Dest (520) cvn H.B /DEST pdfmark end 1344 2749 a Fh(crontab)g Fl(entry)h(to)h(r)o(un)f(the)g(checker)g(fr)o(om)f (your)i(\003oppy)g(every)e(night)596 2840 y(and)d(mail)h(you)g(the)g(r) o(esults)f(in)i(the)f(morning.)g(Something)h(like:)197 2947 y SDict begin H.S end 197 2947 a 197 2947 a SDict begin 9.9 H.A end 197 2947 a 197 2947 a SDict begin [ /View [/XYZ H.V] /Dest (521) cvn H.B /DEST pdfmark end 197 2947 a 685 3005 a Fh(#)45 b(set)f(mailto)685 3088 y(MAILTO=kevin)685 3170 y(#)h(run)f(Tripwire)685 3252 y(15)h(05)f(*)h(*)f(*)h(root)f (/usr/local/adm/tcheck/tripwire)596 3426 y Fl(will)21 b(mail)g(you)g(a)f(r)o(eport)g(each)h(morning)h(at)e(5:15am.)197 3491 y SDict begin H.S end 197 3491 a 197 3491 a SDict begin 11 H.A end 197 3491 a 197 3491 a SDict begin [ /View [/XYZ H.V] /Dest (522) cvn H.B /DEST pdfmark end 197 3491 a 596 3559 a Fl(Integrity)25 b(checkers)g(can)g(be)f(a)h(godsend)g (to)g(detecting)g(intr)o(uders)h(befor)o(e)d(you)j(would)g(other)o(-) 596 3650 y(wise)g(notice)h(them.)g(Since)f(a)g(lot)i(of)e(\002les)h (change)f(on)i(the)e(average)f(system,)i(you)g(have)f(to)h(be)596 3742 y(car)o(eful)19 b(what)h(is)i(cracker)d(activity)i(and)f(what)h (is)g(your)g(own)h(doing.)197 3807 y SDict begin H.S end 197 3807 a 197 3807 a SDict begin 11 H.A end 197 3807 a 197 3807 a SDict begin [ /View [/XYZ H.V] /Dest (523) cvn H.B /DEST pdfmark end 197 3807 a 596 3875 a Fl(Y)-8 b(ou)79 b(can)e(\002nd)h(the)g(fr)o(eely)f(available)f(unsusported)j (version)f(of)3179 3875 y SDict begin H.S end 3179 3875 a 3179 3875 a SDict begin 11 H.A end 3179 3875 a 3179 3875 a SDict begin [ /View [/XYZ H.V] /Dest (524) cvn H.B /DEST pdfmark end 3179 3875 a Fh(Tripwire)e Fl(at)596 3966 y SDict begin H.S end 596 3966 a 596 3966 a SDict begin 11 H.A end 596 3966 a 596 3966 a SDict begin [ /View [/XYZ H.V] /Dest (525) cvn H.B /DEST pdfmark end 596 3966 a Fl(http://www)-8 b(.tripwir)o(e.or)o(g,)21 b(fr)o(ee)e(of)h (char)o(ge.)g(Manuals)g(and)g(support)h(can)g(be)f(pur)o(chased.)197 4031 y SDict begin H.S end 197 4031 a 197 4031 a SDict begin 11 H.A end 197 4031 a 197 4031 a SDict begin [ /View [/XYZ H.V] /Dest (526) cvn H.B /DEST pdfmark end 197 4031 a 197 4031 a SDict begin H.S end 197 4031 a 197 4031 a SDict begin 11 H.A end 197 4031 a 197 4031 a SDict begin [ /View [/XYZ H.V] /Dest (527) cvn H.B /DEST pdfmark end 197 4031 a 596 4099 a Fh(Aide)g Fl(can)g(be)g(found)h(at)1382 4099 y SDict begin H.S end 1382 4099 a 1382 4099 a SDict begin 11 H.A end 1382 4099 a 1382 4099 a SDict begin [ /View [/XYZ H.V] /Dest (528) cvn H.B /DEST pdfmark end 1382 4099 a Fl(http://www)-8 b(.cs.tut.\002/~rammer/aide.html.)197 4164 y SDict begin H.S end 197 4164 a 197 4164 a SDict begin 11 H.A end 197 4164 a 197 4164 a SDict begin [ /View [/XYZ H.V] /Dest (529) cvn H.B /DEST pdfmark end 197 4164 a 197 4164 a SDict begin H.S end 197 4164 a 197 4164 a SDict begin 11 H.A end 197 4164 a 197 4164 a SDict begin [ /View [/XYZ H.V] /Dest (530) cvn H.B /DEST pdfmark end 197 4164 a 596 4232 a Fh(Osiris)19 b Fl(can)i(be)f(found)h(at) 1471 4232 y SDict begin H.S end 1471 4232 a 1471 4232 a SDict begin 11 H.A end 1471 4232 a 1471 4232 a SDict begin [ /View [/XYZ H.V] /Dest (531) cvn H.B /DEST pdfmark end 1471 4232 a Fl(http://www)-8 b(.shmoo.com/osiris/.)197 4296 y SDict begin H.S end 197 4296 a 197 4296 a SDict begin 11 H.A end 197 4296 a 197 4296 a SDict begin [ /View [/XYZ H.V] /Dest (532) cvn H.B /DEST pdfmark end 197 4296 a 596 4550 a Fi(T)g(r)n(ojan)28 b(Hor)n(ses)1259 4550 y SDict begin H.S end 1259 4550 a 1259 4550 a SDict begin 13.31 H.A end 1259 4550 a 1259 4550 a SDict begin [ /View [/XYZ H.V] /Dest (1.5.22.2) cvn H.B /DEST pdfmark end 1259 4550 a 197 4621 a SDict begin H.S end 197 4621 a 197 4621 a SDict begin 11 H.A end 197 4621 a 197 4621 a SDict begin [ /View [/XYZ H.V] /Dest (534) cvn H.B /DEST pdfmark end 197 4621 a 596 4691 a Fl("T)-7 b(r)o(ojan)19 b(Horses")i(ar)o(e)e(named)h(after)g(the)g(fabled)g(ploy)h(in)g(V)-5 b(ir)o(gil's)21 b("Aenid".)f(The)g(idea)g(is)h(that)f(a)596 4782 y(cracker)d(distributes)i(a)f(pr)o(ogram)g(or)g(binary)h(that)f (sounds)i(gr)o(eat,)d(and)h(encourages)g(other)h(peo-)596 4874 y(ple)f(to)g(download)h(it)f(and)g(r)o(un)h(it)g(as)f(r)o(oot.)g (Then)g(the)h(pr)o(ogram)e(can)h(compr)o(omise)h(their)f(system)596 4965 y(while)33 b(they)f(ar)o(e)f(not)j(paying)e(attention.)h(While)g (they)g(think)g(the)g(binary)f(they)h(just)g(pulled)596 5056 y(down)21 b(does)g(one)g(thing)h(\(and)e(it)h(might)g(very)g (well\),)f(it)h(also)g(compr)o(omises)h(their)e(security)-9 b(.)197 5121 y SDict begin H.S end 197 5121 a 197 5121 a SDict begin 11 H.A end 197 5121 a 197 5121 a SDict begin [ /View [/XYZ H.V] /Dest (535) cvn H.B /DEST pdfmark end 197 5121 a 596 5189 a Fl(Y)h(ou)29 b(should)g(take)f(car)o(e)f(of)h (what)g(pr)o(ograms)g(you)h(install)g(on)g(your)g(machine.)f(RedHat)g (pr)o(o-)596 5281 y(vides)g(MD5)g(checksums)h(and)g(PGP)g(signatur)o (es)f(on)i(its)f(RPM)f(\002les)i(so)f(you)g(can)f(verify)g(you)596 5372 y(ar)o(e)f(installing)i(the)g(r)o(eal)e(thing.)i(Other)g (distributions)h(have)e(similar)h(methods.)g(Y)-8 b(ou)29 b(should)p Black 197 5585 a Fj(18)p Black eop end %%Page: 19 19 TeXDict begin 19 18 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.19) cvn H.B /DEST pdfmark end 197 -102 a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fl(never)j(r)o(un)i(any)g(unfamiliar)f(binary)-9 b(,)24 b(for)i(which)g(you)g(don't)g(have)e(the)i(sour)o(ce,)f(as)g(r)o (oot.)g(Few)596 180 y(attackers)19 b(ar)o(e)h(willing)i(to)f(r)o (elease)e(sour)o(ce)h(code)h(to)g(public)g(scr)o(utiny)-9 b(.)596 313 y(Although)18 b(it)h(can)e(be)h(complex,)g(make)f(sur)o(e)h (you)g(ar)o(e)f(getting)h(the)g(sour)o(ce)g(for)g(a)f(pr)o(ogram)g(fr)o (om)596 405 y(its)23 b(r)o(eal)e(distribution)j(site.)e(If)h(the)f(pr)o (ogram)g(is)h(going)h(to)f(r)o(un)h(as)e(r)o(oot,)g(make)h(sur)o(e)f (either)g(you)596 496 y(or)e(someone)i(you)f(tr)o(ust)h(has)f(looked)g (over)f(the)h(sour)o(ce)f(and)h(veri\002ed)f(it.)197 644 y SDict begin H.S end 197 644 a 197 644 a SDict begin 11 H.A end 197 644 a 197 644 a SDict begin [ /View [/XYZ H.V] /Dest (password-security) cvn H.B /DEST pdfmark end 197 644 a 264 x Fn(P)m(ass)n(w)n(or)n(d)30 b(Security)h(and)f(Encr)q(yption) 2014 908 y SDict begin H.S end 2014 908 a 2014 908 a SDict begin 14.641 H.A end 2014 908 a 2014 908 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.1) cvn H.B /DEST pdfmark end 2014 908 a 197 986 a SDict begin H.S end 197 986 a 197 986 a SDict begin 11 H.A end 197 986 a 197 986 a SDict begin [ /View [/XYZ H.V] /Dest (539) cvn H.B /DEST pdfmark end 197 986 a 596 1055 a Fl(One)16 b(of)h(the)g(most)g(important) g(security)g(featur)o(es)d(used)j(today)f(ar)o(e)f(passwor)o(ds.)h(It)h (is)f(important)596 1146 y(for)23 b(both)h(you)g(and)f(all)g(your)h (users)g(to)g(have)f(secur)o(e,)f(unguessable)i(passwor)o(ds.)f(Most)g (of)h(the)596 1237 y(mor)o(e)h(r)o(ecent)g(Linux)h(distributions)h (include)2099 1237 y SDict begin H.S end 2099 1237 a 2099 1237 a SDict begin 11 H.A end 2099 1237 a 2099 1237 a SDict begin [ /View [/XYZ H.V] /Dest (540) cvn H.B /DEST pdfmark end 2099 1237 a Fh(passwd)d Fl(pr)o(ograms)i(that)g(do)g(not) h(allow)f(you)h(to)596 1329 y(set)d(a)g(easily)g(guessable)g(passwor)o (d.)f(Make)g(sur)o(e)h(your)2418 1329 y SDict begin H.S end 2418 1329 a 2418 1329 a SDict begin 11 H.A end 2418 1329 a 2418 1329 a SDict begin [ /View [/XYZ H.V] /Dest (541) cvn H.B /DEST pdfmark end 2418 1329 a Fh(passwd)f Fl(pr)o(ogram)h(is)g(up)g(to)h(date)e(and)596 1420 y(has)d(these)h (featur)o(es.)197 1463 y SDict begin H.S end 197 1463 a 197 1463 a SDict begin 11 H.A end 197 1463 a 197 1463 a SDict begin [ /View [/XYZ H.V] /Dest (542) cvn H.B /DEST pdfmark end 197 1463 a 596 1553 a Fl(In-depth)k(discussion)j(of)e (encryption)h(is)g(beyond)f(the)h(scope)f(of)g(this)h(document,)f(but)h (an)f(in-)596 1644 y(tr)o(oduction)c(is)h(in)g(or)o(der)-6 b(.)21 b(Encryption)i(is)g(very)f(useful,)g(possibly)h(even)f (necessary)g(in)h(this)h(day)596 1735 y(and)g(age.)h(Ther)o(e)f(ar)o(e) g(all)h(sorts)h(of)g(methods)g(of)f(encrypting)h(data,)e(each)g(with)j (its)e(own)i(set)e(of)596 1827 y(characteristics.)197 1870 y SDict begin H.S end 197 1870 a 197 1870 a SDict begin 11 H.A end 197 1870 a 197 1870 a SDict begin [ /View [/XYZ H.V] /Dest (543) cvn H.B /DEST pdfmark end 197 1870 a 596 1960 a Fl(Most)32 b(Unicies)g(\(and)f(Linux)h(is)h(no)f (exception\))g(primarily)g(use)g(a)g(one-way)g(encryption)h(al-)596 2051 y(gorithm,)f(called)g(DES)f(\(Data)g(Encryption)i(Standar)o(d\))c (to)k(encrypt)f(your)g(passwor)o(ds.)f(This)596 2142 y(encrypted)e(passwor)o(d)h(is)h(then)g(stor)o(ed)f(in)h(\(typically\)) 2439 2142 y SDict begin H.S end 2439 2142 a 2439 2142 a SDict begin 11 H.A end 2439 2142 a 2439 2142 a SDict begin [ /View [/XYZ H.V] /Dest (544) cvn H.B /DEST pdfmark end 2439 2142 a Fh(/etc/passwd)d Fl(\(or)j(less)g(commonly\))596 2234 y SDict begin H.S end 596 2234 a 596 2234 a SDict begin 11 H.A end 596 2234 a 596 2234 a SDict begin [ /View [/XYZ H.V] /Dest (545) cvn H.B /DEST pdfmark end 596 2234 a Fh(/etc/shadow)p Fl(.)d(When)j(you)g(attempt)f(to)h(login,)g (the)g(passwor)o(d)f(you)h(type)f(in)h(is)g(encrypted)596 2325 y(again)f(and)h(compar)o(ed)e(with)j(the)f(entry)h(in)f(the)g (\002le)g(that)g(stor)o(es)g(your)h(passwor)o(ds.)e(If)h(they)596 2416 y(match,)18 b(it)i(must)f(be)g(the)g(same)g(passwor)o(d,)f(and)g (you)i(ar)o(e)e(allowed)g(access.)h(Although)h(DES)e(is)h(a)596 2507 y(two-way)j(encryption)i(algorithm)f(\(you)g(can)f(code)g(and)h (then)g(decode)e(a)i(message,)f(given)h(the)596 2599 y(right)k(keys\),)g(the)g(variant)f(that)h(most)h(Unixes)f(use)g(is)g (one-way)-9 b(.)26 b(This)i(means)f(that)g(it)g(should)596 2690 y(not)i(be)f(possible)h(to)g(r)o(everse)e(the)h(encryption)h(to)g (get)g(the)f(passwor)o(d)g(fr)o(om)g(the)h(contents)g(of)596 2781 y SDict begin H.S end 596 2781 a 596 2781 a SDict begin 11 H.A end 596 2781 a 596 2781 a SDict begin [ /View [/XYZ H.V] /Dest (546) cvn H.B /DEST pdfmark end 596 2781 a Fh(/etc/passwd)18 b Fl(\(or)1236 2781 y SDict begin H.S end 1236 2781 a 1236 2781 a SDict begin 11 H.A end 1236 2781 a 1236 2781 a SDict begin [ /View [/XYZ H.V] /Dest (547) cvn H.B /DEST pdfmark end 1236 2781 a Fh(/etc/shadow)p Fl(\).)197 2840 y SDict begin H.S end 197 2840 a 197 2840 a SDict begin 11 H.A end 197 2840 a 197 2840 a SDict begin [ /View [/XYZ H.V] /Dest (548) cvn H.B /DEST pdfmark end 197 2840 a 596 2914 a Fl(Br)o(ute)75 b(for)o(ce)f(attacks,)h (such)h(as)f("Crack")g(or)g("John)h(the)g(Ripper")f(\(see)g(section)p 0 TeXcolorgray 596 3006 a SDict begin H.S end 596 3006 a Fl(the)20 b(Section)h(called)f Fj("Crack")g(and)g("John)g(the)g(Ripper")2304 3006 y SDict begin 11 H.L end 2304 3006 a 2304 3006 a SDict begin [ /Subtype /Link /Dest (crack) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 2304 3006 a Black Fl(\))40 b(can)h(often)g (guess)h(passwor)o(ds)e(unless)596 3097 y(your)22 b(passwor)o(d)g(is)h (suf)o(\002ciently)g(random.)f(P)-8 b(AM)22 b(modules)h(\(see)f (below\))g(allow)h(you)g(to)g(use)f(a)596 3188 y(dif)o(fer)o(ent)30 b(encryption)j(r)o(outine)f(with)i(your)e(passwor)o(ds)h(\(MD5)e(or)h (the)h(like\).)f(Y)-8 b(ou)34 b(can)e(use)596 3280 y(Crack)20 b(to)j(your)f(advantage,)e(as)h(well.)h(Consider)g(periodically)g(r)o (unning)h(Crack)e(against)h(your)596 3371 y(own)36 b(passwor)o(d)g (database,)e(to)i(\002nd)g(insecur)o(e)g(passwor)o(ds.)f(Then)h (contact)g(the)g(of)o(fending)596 3462 y(user)-6 b(,)20 b(and)g(instr)o(uct)i(him)f(to)g(change)g(his)g(passwor)o(d.)197 3527 y SDict begin H.S end 197 3527 a 197 3527 a SDict begin 11 H.A end 197 3527 a 197 3527 a SDict begin [ /View [/XYZ H.V] /Dest (550) cvn H.B /DEST pdfmark end 197 3527 a 596 3595 a Fl(Y)-8 b(ou)17 b(can)f(go)h(to)1095 3595 y SDict begin H.S end 1095 3595 a 1095 3595 a SDict begin 11 H.A end 1095 3595 a 1095 3595 a SDict begin [ /View [/XYZ H.V] /Dest (551) cvn H.B /DEST pdfmark end 1095 3595 a Fl (http://consult.cern.ch/writeup/security/security_3.html)h(for)e (informa-)596 3686 y(tion)21 b(on)h(how)f(to)g(choose)h(a)e(good)h (passwor)o(d.)197 3710 y SDict begin H.S end 197 3710 a 197 3710 a SDict begin 11 H.A end 197 3710 a 197 3710 a SDict begin [ /View [/XYZ H.V] /Dest (552) cvn H.B /DEST pdfmark end 197 3710 a 596 3955 a Fi(PGP)28 b(and)g(Pub)o(lic-K)n(e)n (y)h(Cr)q(yptograph)n(y)2241 3955 y SDict begin H.S end 2241 3955 a 2241 3955 a SDict begin 13.31 H.A end 2241 3955 a 2241 3955 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.23.2) cvn H.B /DEST pdfmark end 2241 3955 a 197 4028 a SDict begin H.S end 197 4028 a 197 4028 a SDict begin 11 H.A end 197 4028 a 197 4028 a SDict begin [ /View [/XYZ H.V] /Dest (554) cvn H.B /DEST pdfmark end 197 4028 a 596 4097 a Fl(Public-key)j(cryptography)-9 b(,)31 b(such)i(as)f(that) g(used)g(for)g(PGP)-11 b(,)32 b(uses)h(one)f(key)h(for)f(encryption,) 596 4188 y(and)27 b(one)h(key)f(for)h(decryption.)f(T)-7 b(raditional)27 b(cryptography)-9 b(,)27 b(however)-6 b(,)27 b(uses)h(the)g(same)f(key)596 4279 y(for)k(encryption)i(and)e (decryption;)h(this)h(key)f(must)g(be)g(known)h(to)f(both)h(parties,)e (and)g(thus)596 4371 y(somehow)22 b(transferr)o(ed)c(fr)o(om)j(one)g (to)g(the)g(other)g(secur)o(ely)-9 b(.)197 4436 y SDict begin H.S end 197 4436 a 197 4436 a SDict begin 11 H.A end 197 4436 a 197 4436 a SDict begin [ /View [/XYZ H.V] /Dest (555) cvn H.B /DEST pdfmark end 197 4436 a 596 4504 a Fl(T)h(o)24 b(alleviate)f(the)i(need)e(to)i(secur)o(ely)e (transmit)i(the)f(encryption)h(key)-9 b(,)23 b(public-key)h(encryption) 596 4595 y(uses)i(two)g(separate)f(keys:)h(a)f(public)h(key)g(and)g(a)f (private)g(key)-9 b(.)26 b(Each)f(person's)i(public)f(key)g(is)596 4686 y(available)21 b(by)i(anyone)h(to)f(do)g(the)g(encryption,)h (while)f(at)g(the)g(same)g(time)g(each)g(person)g(keeps)596 4778 y(his)e(or)g(her)f(private)g(key)h(to)g(decrypt)f(messages)h (encrypted)f(with)i(the)f(corr)o(ect)e(public)i(key)-9 b(.)197 4843 y SDict begin H.S end 197 4843 a 197 4843 a SDict begin 11 H.A end 197 4843 a 197 4843 a SDict begin [ /View [/XYZ H.V] /Dest (556) cvn H.B /DEST pdfmark end 197 4843 a 596 4910 a Fl(Ther)o(e)21 b(ar)o(e)f(advantages)h(to)i (both)f(public)g(key)g(and)g(private)f(key)h(cryptography)-9 b(,)22 b(and)g(you)g(can)596 5002 y(r)o(ead)17 b(about)j(those)g(dif)o (fer)o(ences)d(in)1734 5002 y SDict begin H.S end 1734 5002 a 1734 5002 a SDict begin 11 H.A end 1734 5002 a 1734 5002 a SDict begin [ /View [/XYZ H.V] /Dest (557) cvn H.B /DEST pdfmark end 1734 5002 a Fl(the)i(RSA)g(Cryptography)h(F)-6 b(AQ)2766 4969 y Fe(19)2815 5002 y Fl(,)19 b(listed)h(at)f(the)h(end)f (of)g(this)596 5093 y(section.)197 5136 y SDict begin H.S end 197 5136 a 197 5136 a SDict begin 11 H.A end 197 5136 a 197 5136 a SDict begin [ /View [/XYZ H.V] /Dest (558) cvn H.B /DEST pdfmark end 197 5136 a 596 5226 a Fl(PGP)31 b(\(Pr)o(etty)g(Good)h(Privacy\))e(is)i(well-supported)f (on)g(Linux.)h(V)-9 b(ersions)31 b(2.6.2)f(and)g(5.0)g(ar)o(e)596 5317 y(known)22 b(to)g(work)h(well.)e(For)h(a)f(good)h(primer)g(on)g (PGP)g(and)f(how)i(to)f(use)f(it,)h(take)f(a)g(look)i(at)e(the)596 5409 y(PGP)g(F)-6 b(AQ:)991 5409 y SDict begin H.S end 991 5409 a 991 5409 a SDict begin 11 H.A end 991 5409 a 991 5409 a SDict begin [ /View [/XYZ H.V] /Dest (559) cvn H.B /DEST pdfmark end 991 5409 a Fl(http://www)e (.pgp.com/service/export/faq/55faq.cgi)p Black 3601 5585 a Fj(19)p Black eop end %%Page: 20 20 TeXDict begin 20 19 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.20) cvn H.B /DEST pdfmark end 197 -102 a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 197 6 a SDict begin H.S end 197 6 a 197 6 a SDict begin 11 H.A end 197 6 a 197 6 a SDict begin [ /View [/XYZ H.V] /Dest (560) cvn H.B /DEST pdfmark end 197 6 a 596 89 a Fl(Be)16 b(sur)o(e)h(to)h(use)f(the)g(version)h(that)f(is)h (applicable)e(to)i(your)f(country)-9 b(.)18 b(Due)f(to)h(export)f(r)o (estrictions)596 180 y(by)32 b(the)g(US)f(Government,)i(str)o (ong-encryption)f(is)h(pr)o(ohibited)f(fr)o(om)f(being)i(transferr)o (ed)c(in)596 272 y(electr)o(onic)20 b(form)h(outside)g(the)g(country)-9 b(.)197 337 y SDict begin H.S end 197 337 a 197 337 a SDict begin 11 H.A end 197 337 a 197 337 a SDict begin [ /View [/XYZ H.V] /Dest (561) cvn H.B /DEST pdfmark end 197 337 a 596 405 a Fl(US)23 b(export)h(contr)o(ols)g(ar)o(e)f(now)i (managed)e(by)h(EAR)g(\(Export)g(Administration)g(Regulations\).)596 496 y(They)c(ar)o(e)g(no)h(longer)g(governed)g(by)g(IT)-6 b(AR.)197 561 y SDict begin H.S end 197 561 a 197 561 a SDict begin 11 H.A end 197 561 a 197 561 a SDict begin [ /View [/XYZ H.V] /Dest (562) cvn H.B /DEST pdfmark end 197 561 a 596 629 a Fl(Ther)o(e)46 b(is)h(also)g(a)f(step-by-step)h (guide)f(for)h(con\002guring)i(PGP)e(on)h(Linux)f(available)e(at)596 720 y SDict begin H.S end 596 720 a 596 720 a SDict begin 11 H.A end 596 720 a 596 720 a SDict begin [ /View [/XYZ H.V] /Dest (563) cvn H.B /DEST pdfmark end 596 720 a Fl(http://mer)o(cury)-9 b (.chem.pitt.edu/~angel/LinuxFocus/English/November1997/article7.html)p (.)596 811 y(It)33 b(was)g(written)g(for)g(the)g(international)h (version)g(of)f(PGP)-11 b(,)33 b(but)h(is)f(easily)g(adaptable)e(to)j (the)596 903 y(United)25 b(States)g(version.)h(Y)-8 b(ou)28 b(may)d(also)i(need)e(a)h(patch)f(for)h(some)h(of)e(the)i(latest)e (versions)i(of)596 994 y(Linux;)20 b(the)h(patch)f(is)i(available)d(at) 1733 994 y SDict begin H.S end 1733 994 a 1733 994 a SDict begin 11 H.A end 1733 994 a 1733 994 a SDict begin [ /View [/XYZ H.V] /Dest (564) cvn H.B /DEST pdfmark end 1733 994 a Fl(ftp://metalab.unc.edu/pub/Linux/apps/crypto.)197 1059 y SDict begin H.S end 197 1059 a 197 1059 a SDict begin 11 H.A end 197 1059 a 197 1059 a SDict begin [ /View [/XYZ H.V] /Dest (565) cvn H.B /DEST pdfmark end 197 1059 a 596 1127 a Fl(Ther)o(e)31 b(is)h(a)g(pr)o(oject)g(maintaining)h (a)e(fr)o(ee)g(r)o(e-implementation)h(of)g(pgp)g(with)h(open)g(sour)o (ce.)596 1218 y(GnuPG)47 b(is)g(a)f(complete)h(and)f(fr)o(ee)f(r)o (eplacement)g(for)h(PGP)-11 b(.)47 b(Because)f(it)g(does)h(not)g(use) 596 1310 y(IDEA)39 b(or)h(RSA)f(it)h(can)g(be)f(used)h(without)h(any)f (r)o(estrictions.)f(GnuPG)i(is)f(in)h(compliance)596 1401 y(with)805 1401 y SDict begin H.S end 805 1401 a 805 1401 a SDict begin 11 H.A end 805 1401 a 805 1401 a SDict begin [ /View [/XYZ H.V] /Dest (566) cvn H.B /DEST pdfmark end 805 1401 a Fl(OpenPGP)1171 1368 y Fe(23)1221 1401 y Fl(.)g(See)e(the)i(GNU)f(Privacy)g(Guar)o(d)g(web)g(page)g(for)g (mor)o(e)g(information:)596 1492 y SDict begin H.S end 596 1492 a 596 1492 a SDict begin 11 H.A end 596 1492 a 596 1492 a SDict begin [ /View [/XYZ H.V] /Dest (567) cvn H.B /DEST pdfmark end 596 1492 a Fl(http://www)-8 b(.gnupg.or)o(g/) 1523 1459 y Fe(24)1574 1492 y Fl(.)197 1557 y SDict begin H.S end 197 1557 a 197 1557 a SDict begin 11 H.A end 197 1557 a 197 1557 a SDict begin [ /View [/XYZ H.V] /Dest (568) cvn H.B /DEST pdfmark end 197 1557 a 596 1625 a Fl(Mor)o(e)33 b(information)i(on)h(cryptography)e(can)g(be)g(found)h (in)g(the)g(RSA)f(cryptography)g(F)-6 b(AQ,)596 1716 y(available)21 b(at)1039 1716 y SDict begin H.S end 1039 1716 a 1039 1716 a SDict begin 11 H.A end 1039 1716 a 1039 1716 a SDict begin [ /View [/XYZ H.V] /Dest (569) cvn H.B /DEST pdfmark end 1039 1716 a Fl(http://www)-8 b(.rsa.com/rsalabs/newfaq/.)24 b(Her)o(e)d(you)j(will)f(\002nd)g (information)596 1808 y(on)k(such)h(terms)f(as)g("Dif)o (\002e-Hellman",)f("public-key)h(cryptography",)f("digital)h (certi\002cates",)596 1899 y(etc.)197 1942 y SDict begin H.S end 197 1942 a 197 1942 a SDict begin 11 H.A end 197 1942 a 197 1942 a SDict begin [ /View [/XYZ H.V] /Dest (570) cvn H.B /DEST pdfmark end 197 1942 a 596 2217 a Fi(SSL,)h(S-HTTP)g(and)h(S/MIME)1802 2217 y SDict begin H.S end 1802 2217 a 1802 2217 a SDict begin 13.31 H.A end 1802 2217 a 1802 2217 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.24.2) cvn H.B /DEST pdfmark end 1802 2217 a 197 2284 a SDict begin H.S end 197 2284 a 197 2284 a SDict begin 11 H.A end 197 2284 a 197 2284 a SDict begin [ /View [/XYZ H.V] /Dest (572) cvn H.B /DEST pdfmark end 197 2284 a 596 2359 a Fl(Often)f(users)g(ask)f(about)h(the)g(dif)o(fer)o (ences)e(between)i(the)g(various)g(security)g(and)f(encryption)596 2450 y(pr)o(otocols,)19 b(and)f(how)i(to)g(use)f(them.)g(While)g(this)h (isn't)g(an)f(encryption)g(document,)g(it)h(is)f(a)f(good)596 2541 y(idea)h(to)j(explain)e(brie\003y)h(what)g(each)f(pr)o(otocol)h (is,)g(and)f(wher)o(e)g(to)i(\002nd)f(mor)o(e)f(information.)3622 2541 y SDict begin H.S end 3622 2541 a 3622 2541 a SDict begin 11 H.A end 3622 2541 a 3622 2541 a SDict begin [ /View [/XYZ H.V] /Dest (573) cvn H.B /DEST pdfmark end 3622 2541 a 197 2615 a SDict begin H.S end 197 2615 a 197 2615 a SDict begin 11 H.A end 197 2615 a 197 2615 a SDict begin [ /View [/XYZ H.V] /Dest (574) cvn H.B /DEST pdfmark end 197 2615 a Black 596 2783 a Fg(\225)p Black 679 2783 a SDict begin H.S end 679 2783 a 679 2783 a SDict begin 11 H.A end 679 2783 a 679 2783 a SDict begin [ /View [/XYZ H.V] /Dest (575) cvn H.B /DEST pdfmark end 679 2783 a 679 2783 a SDict begin H.S end 679 2783 a 679 2783 a SDict begin 11 H.A end 679 2783 a 679 2783 a SDict begin [ /View [/XYZ H.V] /Dest (576) cvn H.B /DEST pdfmark end 679 2783 a Fj(SSL:)44 b Fl(-)g(SSL,)e(or)j(Secur)o(e)d (Sockets)i(Layer)-6 b(,)43 b(is)h(an)g(encryption)h(method)g(developed) e(by)679 2875 y(Netscape)i(to)i(pr)o(ovide)f(security)h(over)f(the)h (Internet.)f(It)h(supports)g(several)f(dif)o(fer)o(ent)679 2966 y(encryption)24 b(pr)o(otocols,)g(and)f(pr)o(ovides)g(client)i (and)e(server)g(authentication.)h(SSL)f(operates)679 3057 y(at)31 b(the)h(transport)g(layer)-6 b(,)31 b(cr)o(eates)g(a)g (secur)o(e)g(encrypted)g(channel)i(of)f(data,)e(and)i(thus)g(can)679 3149 y(seamlessly)25 b(encrypt)f(data)g(of)h(many)g(types.)g(This)g(is) g(most)h(commonly)g(seen)f(when)h(going)679 3240 y(to)d(a)f(secur)o(e)f (site)i(to)g(view)f(a)h(secur)o(e)e(online)j(document)f(with)g (Communicator)-6 b(,)23 b(and)f(serves)679 3331 y(as)38 b(the)g(basis)h(for)f(secur)o(e)f(communications)j(with)g(Communicator) -6 b(,)39 b(as)f(well)g(as)h(many)679 3422 y(other)52 b(Netscape)f(Communications)j(data)c(encryption.)j(Mor)o(e)e (information)i(can)e(be)679 3514 y(found)72 b(at)1114 3514 y SDict begin H.S end 1114 3514 a 1114 3514 a SDict begin 11 H.A end 1114 3514 a 1114 3514 a SDict begin [ /View [/XYZ H.V] /Dest (577) cvn H.B /DEST pdfmark end 1114 3514 a Fl(http://www)-8 b (.consensus.com/security/ssl-talk-faq.html.)75 b(Information)679 3605 y(on)44 b(Netscape's)e(other)i(security)g(implementations,)g(and)f (a)g(good)h(starting)g(point)g(for)679 3696 y(these)21 b(pr)o(otocols)h(is)h(available)d(at)1775 3696 y SDict begin H.S end 1775 3696 a 1775 3696 a SDict begin 11 H.A end 1775 3696 a 1775 3696 a SDict begin [ /View [/XYZ H.V] /Dest (578) cvn H.B /DEST pdfmark end 1775 3696 a Fl(http://home.netscape.com/info/security-doc.html.)679 3788 y(It's)80 b(also)g(worth)h(noting)g(that)f(the)g(SSL)f(pr)o (otocol)h(can)f(be)h(used)g(to)g(pass)679 3879 y(many)97 b(other)g(common)h(pr)o(otocols,)f("wrapping")f(them)i(for)e(security) -9 b(.)97 b(See)679 3970 y SDict begin H.S end 679 3970 a 679 3970 a SDict begin 11 H.A end 679 3970 a 679 3970 a SDict begin [ /View [/XYZ H.V] /Dest (579) cvn H.B /DEST pdfmark end 679 3970 a Fl(http://www)-8 b (.quiltaholic.com/rickk/sslwrap/)197 3994 y SDict begin H.S end 197 3994 a 197 3994 a SDict begin 11 H.A end 197 3994 a 197 3994 a SDict begin [ /View [/XYZ H.V] /Dest (580) cvn H.B /DEST pdfmark end 197 3994 a Black 596 4103 a Fg(\225)p Black 679 4103 a SDict begin H.S end 679 4103 a 679 4103 a SDict begin 11 H.A end 679 4103 a 679 4103 a SDict begin [ /View [/XYZ H.V] /Dest (581) cvn H.B /DEST pdfmark end 679 4103 a 679 4103 a SDict begin H.S end 679 4103 a 679 4103 a SDict begin 11 H.A end 679 4103 a 679 4103 a SDict begin [ /View [/XYZ H.V] /Dest (582) cvn H.B /DEST pdfmark end 679 4103 a Fj(S-HTTP:)28 b Fl(-)j(S-HTTP)e(is)i(another)g(pr)o(otocol)g(that)f(pr)o(ovides)g (security)h(services)f(acr)o(oss)g(the)679 4195 y(Internet.)25 b(It)h(was)g(designed)g(to)h(pr)o(ovide)e(con\002dentiality)-9 b(,)26 b(authentication,)g(integrity)-9 b(,)26 b(and)679 4286 y(non-r)o(epudiability)e([cannot)g(be)g(mistaken)h(for)g(someone)g (else])f(while)h(supporting)h(multi-)679 4377 y(ple)c(key-management)g (mechanisms)i(and)e(cryptographic)g(algorithms)i(via)e(option)i(nego-) 679 4469 y(tiation)h(between)f(the)h(parties)f(involved)h(in)g(each)f (transaction.)h(S-HTTP)f(is)h(limited)g(to)g(the)679 4560 y(speci\002c)d(softwar)o(e)f(that)h(is)g(implementing)i(it,)e(and) f(encrypts)i(each)e(message)h(individually)-9 b(.)679 4651 y([)20 b(Fr)o(om)h(RSA)f(Cryptography)h(F)-6 b(AQ,)20 b(page)g(138])197 4675 y SDict begin H.S end 197 4675 a 197 4675 a SDict begin 11 H.A end 197 4675 a 197 4675 a SDict begin [ /View [/XYZ H.V] /Dest (583) cvn H.B /DEST pdfmark end 197 4675 a Black 596 4784 a Fg(\225)p Black 679 4784 a SDict begin H.S end 679 4784 a 679 4784 a SDict begin 11 H.A end 679 4784 a 679 4784 a SDict begin [ /View [/XYZ H.V] /Dest (584) cvn H.B /DEST pdfmark end 679 4784 a 679 4784 a SDict begin H.S end 679 4784 a 679 4784 a SDict begin 11 H.A end 679 4784 a 679 4784 a SDict begin [ /View [/XYZ H.V] /Dest (585) cvn H.B /DEST pdfmark end 679 4784 a Fj(S/MIME:)33 b Fl(-)g(S/MIME,)e(or)j(Secur)o (e)e(Multipurpose)h(Internet)h(Mail)e(Extension,)i(is)g(an)f(en-)679 4875 y(cryption)h(standar)o(d)e(used)i(to)g(encrypt)f(electr)o(onic)h (mail)g(and)f(other)h(types)g(of)g(messages)679 4967 y(on)29 b(the)g(Internet.)g(It)f(is)i(an)e(open)h(standar)o(d)f (developed)f(by)i(RSA,)f(so)i(it)f(is)g(likely)g(we)g(will)679 5058 y(see)35 b(it)h(on)h(Linux)f(one)h(day)e(soon.)i(Mor)o(e)e (information)i(on)f(S/MIME)f(can)h(be)f(found)h(at)679 5149 y SDict begin H.S end 679 5149 a 679 5149 a SDict begin 11 H.A end 679 5149 a 679 5149 a SDict begin [ /View [/XYZ H.V] /Dest (586) cvn H.B /DEST pdfmark end 679 5149 a Fl(http://home.netscape.com/assist/security/smime/overview)-8 b(.html.)197 5324 y SDict begin H.S end 197 5324 a 197 5324 a SDict begin 11 H.A end 197 5324 a 197 5324 a SDict begin [ /View [/XYZ H.V] /Dest (587) cvn H.B /DEST pdfmark end 197 5324 a Black 261 x Fj(20)p Black eop end %%Page: 21 21 TeXDict begin 21 20 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.21) cvn H.B /DEST pdfmark end 197 -102 a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fi(Lin)o(ux)28 b(IPSEC)g(Implementations)2016 89 y SDict begin H.S end 2016 89 a 2016 89 a SDict begin 13.31 H.A end 2016 89 a 2016 89 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.25.2) cvn H.B /DEST pdfmark end 2016 89 a 197 160 a SDict begin H.S end 197 160 a 197 160 a SDict begin 11 H.A end 197 160 a 197 160 a SDict begin [ /View [/XYZ H.V] /Dest (589) cvn H.B /DEST pdfmark end 197 160 a 596 231 a Fl(Along)76 b(with)h(CIPE,)e(and)h(other)g(forms)h(of)f (data)e(encryption,)j(ther)o(e)e(ar)o(e)g(also)596 322 y(several)62 b(other)h(implementations)i(of)e(IPSEC)g(for)g(Linux.)g (IPSEC)f(is)i(an)f(ef)o(fort)f(by)596 413 y(the)90 b(IETF)g(to)h(cr)o (eate)d(cryptographically-secur)o(e)h(communications)j(at)e(the)h(IP) 596 505 y(network)62 b(level,)g(and)g(to)h(pr)o(ovide)e (authentication,)i(integrity)-9 b(,)62 b(access)g(contr)o(ol,)g(and)596 596 y(con\002dentiality)-9 b(.)66 b(Information)h(on)g(IPSEC)e(and)h (Internet)g(draft)f(can)h(be)g(found)g(at)596 687 y SDict begin H.S end 596 687 a 596 687 a SDict begin 11 H.A end 596 687 a 596 687 a SDict begin [ /View [/XYZ H.V] /Dest (590) cvn H.B /DEST pdfmark end 596 687 a Fl(http://www)-8 b(.ietf.or)o(g/html.charters/ipsec-charter)i(.html.)41 b(Y)-8 b(ou)42 b(can)f(also)g(\002nd)g(links)i(to)596 779 y(other)21 b(pr)o(otocols)g(involving)h(key)f(management,)f(and)h (an)f(IPSEC)g(mailing)i(list)f(and)f(ar)o(chives.)197 844 y SDict begin H.S end 197 844 a 197 844 a SDict begin 11 H.A end 197 844 a 197 844 a SDict begin [ /View [/XYZ H.V] /Dest (591) cvn H.B /DEST pdfmark end 197 844 a 596 911 a Fl(The)109 b(x-kernel)h(Linux)g(implementation,)g(which)h (is)f(being)g(developed)f(at)596 1003 y(the)121 b(University)h(of)g (Arizona,)e(uses)i(an)f(object-based)g(framework)g(for)596 1094 y(implementing)83 b(network)g(pr)o(otocols)f(called)f(x-kernel,)g (and)h(can)g(be)f(found)h(at)596 1185 y SDict begin H.S end 596 1185 a 596 1185 a SDict begin 11 H.A end 596 1185 a 596 1185 a SDict begin [ /View [/XYZ H.V] /Dest (592) cvn H.B /DEST pdfmark end 596 1185 a Fl(http://www)-8 b(.cs.arizona.edu/xkernel/hpcc-blue/linux.html.)104 b(Most)g(simply)-9 b(,)104 b(the)596 1277 y(x-kernel)30 b(is)h(a)g(method)g(of)g(passing)h (messages)f(at)f(the)h(kernel)g(level,)g(which)g(makes)g(for)g(an)596 1368 y(easier)19 b(implementation.)197 1433 y SDict begin H.S end 197 1433 a 197 1433 a SDict begin 11 H.A end 197 1433 a 197 1433 a SDict begin [ /View [/XYZ H.V] /Dest (593) cvn H.B /DEST pdfmark end 197 1433 a 596 1501 a Fl(Another)37 b(fr)o(eely-available)d(IPSEC)i(implementation)i(is)g (the)f(Linux)g(Fr)o(eeS/W)-8 b(AN)36 b(IPSEC.)596 1592 y(Their)28 b(web)g(page)g(states,)1464 1592 y SDict begin H.S end 1464 1592 a 1464 1592 a SDict begin 11 H.A end 1464 1592 a 1464 1592 a SDict begin [ /View [/XYZ H.V] /Dest (594) cvn H.B /DEST pdfmark end 1464 1592 a Fl(\223"These)g (services)g(allow)g(you)h(to)g(build)g(secur)o(e)e(tunnels)i(thr)o (ough)596 1684 y(untr)o(usted)d(networks.)h(Everything)g(passing)f(thr) o(ough)h(the)g(untr)o(usted)f(net)h(is)f(encrypted)g(by)596 1775 y(the)31 b(IPSEC)g(gateway)g(machine)h(and)f(decrypted)f(by)i(the) f(gateway)g(at)g(the)h(other)g(end.)f(The)596 1866 y(r)o(esult)k(is)h (V)-5 b(irtual)36 b(Private)f(Network)h(or)g(VPN.)f(This)h(is)g(a)g (network)g(which)g(is)h(ef)o(fectively)596 1957 y(private)23 b(even)h(though)i(it)f(includes)f(machines)h(at)f(several)g(dif)o(fer)o (ent)e(sites)j(connected)f(by)h(the)596 2049 y(insecur)o(e)20 b(Internet."\224)197 2092 y SDict begin H.S end 197 2092 a 197 2092 a SDict begin 11 H.A end 197 2092 a 197 2092 a SDict begin [ /View [/XYZ H.V] /Dest (595) cvn H.B /DEST pdfmark end 197 2092 a 596 2182 a Fl(It's)36 b(available)e(for)i (download)g(fr)o(om)1877 2182 y SDict begin H.S end 1877 2182 a 1877 2182 a SDict begin 11 H.A end 1877 2182 a 1877 2182 a SDict begin [ /View [/XYZ H.V] /Dest (596) cvn H.B /DEST pdfmark end 1877 2182 a Fl(http://www)-8 b(.xs4all.nl/~fr)o(eeswan/,)37 b(and)e(has)h(just)596 2273 y(r)o(eached)19 b(1.0)g(at)h(the)h(time)g(of)g(this)h(writing.)197 2338 y SDict begin H.S end 197 2338 a 197 2338 a SDict begin 11 H.A end 197 2338 a 197 2338 a SDict begin [ /View [/XYZ H.V] /Dest (597) cvn H.B /DEST pdfmark end 197 2338 a 596 2406 a Fl(As)g(with)i(other)f(forms)g(of)f(cryptography)-9 b(,)22 b(it)h(is)g(not)h(distributed)e(with)i(the)f(kernel)f(by)h (default)596 2497 y(due)d(to)h(export)f(r)o(estrictions.)197 2562 y SDict begin H.S end 197 2562 a 197 2562 a SDict begin 11 H.A end 197 2562 a 197 2562 a SDict begin [ /View [/XYZ H.V] /Dest (ssh) cvn H.B /DEST pdfmark end 197 2562 a 596 2815 a Fb(ssh)28 b Fi(\(Secure)h(Shell\))f(and)h Fb(stelnet)2069 2815 y SDict begin H.S end 2069 2815 a 2069 2815 a SDict begin 13.31 H.A end 2069 2815 a 2069 2815 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.26.2) cvn H.B /DEST pdfmark end 2069 2815 a 197 2886 a SDict begin H.S end 197 2886 a 197 2886 a SDict begin 11 H.A end 197 2886 a 197 2886 a SDict begin [ /View [/XYZ H.V] /Dest (602) cvn H.B /DEST pdfmark end 197 2886 a 197 2886 a SDict begin H.S end 197 2886 a 197 2886 a SDict begin 11 H.A end 197 2886 a 197 2886 a SDict begin [ /View [/XYZ H.V] /Dest (603) cvn H.B /DEST pdfmark end 197 2886 a 596 2957 a Fh(ssh)d Fl(and)924 2957 y SDict begin H.S end 924 2957 a 924 2957 a SDict begin 11 H.A end 924 2957 a 924 2957 a SDict begin [ /View [/XYZ H.V] /Dest (604) cvn H.B /DEST pdfmark end 924 2957 a Fh(stelnet)g Fl(ar)o(e)f(suites)j(of)e(pr) o(ograms)h(that)g(allow)g(you)g(to)g(login)h(to)g(r)o(emote)e(systems) 596 3048 y(and)20 b(have)g(a)g(encrypted)g(connection.)197 3113 y SDict begin H.S end 197 3113 a 197 3113 a SDict begin 11 H.A end 197 3113 a 197 3113 a SDict begin [ /View [/XYZ H.V] /Dest (605) cvn H.B /DEST pdfmark end 197 3113 a 197 3113 a SDict begin H.S end 197 3113 a 197 3113 a SDict begin 11 H.A end 197 3113 a 197 3113 a SDict begin [ /View [/XYZ H.V] /Dest (606) cvn H.B /DEST pdfmark end 197 3113 a 596 3181 a Fh(openssh)c Fl(is)i(a)f(suite)h(of)g(pr)o (ograms)f(used)g(as)g(a)h(secur)o(e)e(r)o(eplacement)h(for)2911 3181 y SDict begin H.S end 2911 3181 a 2911 3181 a SDict begin 11 H.A end 2911 3181 a 2911 3181 a SDict begin [ /View [/XYZ H.V] /Dest (607) cvn H.B /DEST pdfmark end 2911 3181 a Fh(rlogin)p Fl(,)3218 3181 y SDict begin H.S end 3218 3181 a 3218 3181 a SDict begin 11 H.A end 3218 3181 a 3218 3181 a SDict begin [ /View [/XYZ H.V] /Dest (608) cvn H.B /DEST pdfmark end 3218 3181 a Fh(rsh)g Fl(and)3529 3181 y SDict begin H.S end 3529 3181 a 3529 3181 a SDict begin 11 H.A end 3529 3181 a 3529 3181 a SDict begin [ /View [/XYZ H.V] /Dest (609) cvn H.B /DEST pdfmark end 3529 3181 a Fh(rcp)p Fl(.)596 3272 y(It)27 b(uses)h(public-key)f(cryptography)h(to)g(encrypt)g(communications)h (between)e(two)i(hosts,)f(as)596 3364 y(well)19 b(as)g(to)h (authenticate)e(users.)h(It)h(can)f(be)g(used)g(to)g(secur)o(ely)g (login)h(to)g(a)e(r)o(emote)h(host)h(or)g(copy)596 3455 y(data)i(between)i(hosts,)h(while)g(pr)o(eventing)f(man-in-the-middle)g (attacks)f(\(session)i(hijacking\))596 3546 y(and)16 b(DNS)i(spoo\002ng.)g(It)g(will)g(perform)f(data)f(compr)o(ession)i(on) g(your)f(connections,)i(and)e(secur)o(e)596 3638 y(X11)j (communications)i(between)f(hosts.)197 3681 y SDict begin H.S end 197 3681 a 197 3681 a SDict begin 11 H.A end 197 3681 a 197 3681 a SDict begin [ /View [/XYZ H.V] /Dest (610) cvn H.B /DEST pdfmark end 197 3681 a 596 3770 a Fl(Ther)o(e)88 b(ar)o(e)f(several)i(ssh)h(implementiations)g(now)-8 b(.)90 b(The)g(original)f(commer)o(cial)596 3862 y(implementation)26 b(by)g(Data)f(Fellows)h(can)f(be)g(found)h(at)f(The)2603 3862 y SDict begin H.S end 2603 3862 a 2603 3862 a SDict begin 11 H.A end 2603 3862 a 2603 3862 a SDict begin [ /View [/XYZ H.V] /Dest (611) cvn H.B /DEST pdfmark end 2603 3862 a Fh(ssh)g Fl(home)i(page)e(can)g(be)g(found)596 3953 y(at)685 3953 y SDict begin H.S end 685 3953 a 685 3953 a SDict begin 11 H.A end 685 3953 a 685 3953 a SDict begin [ /View [/XYZ H.V] /Dest (612) cvn H.B /DEST pdfmark end 685 3953 a Fl(http://www)-8 b(.datafellows.com.)197 4018 y SDict begin H.S end 197 4018 a 197 4018 a SDict begin 11 H.A end 197 4018 a 197 4018 a SDict begin [ /View [/XYZ H.V] /Dest (613) cvn H.B /DEST pdfmark end 197 4018 a 596 4086 a Fl(The)19 b(excellent)h(Openssh)h(implementation)g (is)g(based)e(on)h(a)g(early)f(version)i(of)e(the)i(datafellows)596 4177 y(ssh)g(and)f(has)h(been)f(totally)h(r)o(eworked)f(to)g(not)i (include)e(any)h(patented)f(or)g(pr)o(oprietary)g(pieces.)596 4268 y(It)g(is)h(fr)o(ee)f(and)g(under)g(a)h(BSD)f(license.)h(It)g(can) f(be)g(found)h(at:)2528 4268 y SDict begin H.S end 2528 4268 a 2528 4268 a SDict begin 11 H.A end 2528 4268 a 2528 4268 a SDict begin [ /View [/XYZ H.V] /Dest (614) cvn H.B /DEST pdfmark end 2528 4268 a Fl(http://www)-8 b(.openssh.com.)197 4333 y SDict begin H.S end 197 4333 a 197 4333 a SDict begin 11 H.A end 197 4333 a 197 4333 a SDict begin [ /View [/XYZ H.V] /Dest (615) cvn H.B /DEST pdfmark end 197 4333 a 596 4401 a Fl(Ther)o(e)26 b(is)i(also)g(a)g(open)g(sour)o(ce)f(pr)o(oject)g(to)h(r)o(e-implement) g(ssh)g(fr)o(om)g(the)f(gr)o(ound)h(up)g(called)596 4493 y("psst...".)19 b(For)i(mor)o(e)g(information)g(see:)1879 4493 y SDict begin H.S end 1879 4493 a 1879 4493 a SDict begin 11 H.A end 1879 4493 a 1879 4493 a SDict begin [ /View [/XYZ H.V] /Dest (616) cvn H.B /DEST pdfmark end 1879 4493 a Fl(http://www)-8 b(.net.lut.ac.uk/psst/)197 4558 y SDict begin H.S end 197 4558 a 197 4558 a SDict begin 11 H.A end 197 4558 a 197 4558 a SDict begin [ /View [/XYZ H.V] /Dest (617) cvn H.B /DEST pdfmark end 197 4558 a 596 4625 a Fl(Y)g(ou)34 b(can)e(also)h(use)1268 4625 y SDict begin H.S end 1268 4625 a 1268 4625 a SDict begin 11 H.A end 1268 4625 a 1268 4625 a SDict begin [ /View [/XYZ H.V] /Dest (618) cvn H.B /DEST pdfmark end 1268 4625 a Fh(ssh)g Fl(fr)o(om)f(your)i(W)-5 b(indows)34 b(workstation)g(to)f(your)h(Linux)3275 4625 y SDict begin H.S end 3275 4625 a 3275 4625 a SDict begin 11 H.A end 3275 4625 a 3275 4625 a SDict begin [ /View [/XYZ H.V] /Dest (619) cvn H.B /DEST pdfmark end 3275 4625 a Fh(ssh)e Fl(server)-6 b(.)596 4717 y(Ther)o(e)32 b(ar)o(e)h(several)g(fr)o(eely) g(available)f(W)-5 b(indows)36 b(client)e(implementations,)h(including) g(the)596 4808 y(one)26 b(at)849 4808 y SDict begin H.S end 849 4808 a 849 4808 a SDict begin 11 H.A end 849 4808 a 849 4808 a SDict begin [ /View [/XYZ H.V] /Dest (620) cvn H.B /DEST pdfmark end 849 4808 a Fl(http://guar)o (dian.htu.tuwien.ac.at/therapy/ssh/)f(as)h(well)g(as)f(a)h(commer)o (cial)f(im-)596 4899 y(plementation)c(fr)o(om)f(DataFellows,)h(at)1892 4899 y SDict begin H.S end 1892 4899 a 1892 4899 a SDict begin 11 H.A end 1892 4899 a 1892 4899 a SDict begin [ /View [/XYZ H.V] /Dest (621) cvn H.B /DEST pdfmark end 1892 4899 a Fl(http://www)-8 b(.datafellows.com.)197 4964 y SDict begin H.S end 197 4964 a 197 4964 a SDict begin 11 H.A end 197 4964 a 197 4964 a SDict begin [ /View [/XYZ H.V] /Dest (622) cvn H.B /DEST pdfmark end 197 4964 a 596 5032 a Fl(SSLeay)20 b(is)j(a)f(fr)o(ee)f(implementation)i (of)g(Netscape's)e(Secur)o(e)g(Sockets)h(Layer)g(pr)o(otocol,)g(devel-) 596 5124 y(oped)e(by)h(Eric)g(Y)-8 b(oung.)23 b(It)e(includes)g (several)f(applications,)h(such)h(as)f(Secur)o(e)e(telnet,)i(a)g (module)596 5215 y(for)30 b(Apache,)f(several)g(databases,)f(as)i(well) h(as)f(several)f(algorithms)j(including)f(DES,)e(IDEA)596 5306 y(and)20 b(Blow\002sh.)p Black 3601 5585 a Fj(21)p Black eop end %%Page: 22 22 TeXDict begin 22 21 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.22) cvn H.B /DEST pdfmark end 197 -102 a Black 197 -201 a SDict begin H.S end 197 -201 a 197 -201 a SDict begin 11 H.A end 197 -201 a 197 -201 a SDict begin [ /View [/XYZ H.V] /Dest (655) cvn H.B /DEST pdfmark end 197 -201 a 69 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 197 6 a SDict begin H.S end 197 6 a 197 6 a SDict begin 11 H.A end 197 6 a 197 6 a SDict begin [ /View [/XYZ H.V] /Dest (623) cvn H.B /DEST pdfmark end 197 6 a 596 89 a Fl(Using)h(this)h(library)-9 b(,)21 b(a)g(secur)o(e)g(telnet)i (r)o(eplacement)d(has)i(been)g(cr)o(eated)e(that)i(does)g(encryption) 596 180 y(over)e(a)h(telnet)g(connection.)i(Unlike)e(SSH,)f(stelnet)i (uses)f(SSL,)f(the)h(Secur)o(e)f(Sockets)h(Layer)f(pr)o(o-)596 272 y(tocol)j(developed)g(by)g(Netscape.)f(Y)-8 b(ou)24 b(can)f(\002nd)g(Secur)o(e)f(telnet)h(and)g(Secur)o(e)e(FTP)i(by)h (starting)596 363 y(with)d(the)g(SSLeay)e(F)-6 b(AQ,)20 b(available)g(at)1858 363 y SDict begin H.S end 1858 363 a 1858 363 a SDict begin 11 H.A end 1858 363 a 1858 363 a SDict begin [ /View [/XYZ H.V] /Dest (624) cvn H.B /DEST pdfmark end 1858 363 a Fl(http://www)-8 b(.psy)f (.uq.oz.au/~ftp/Crypto/.)197 428 y SDict begin H.S end 197 428 a 197 428 a SDict begin 11 H.A end 197 428 a 197 428 a SDict begin [ /View [/XYZ H.V] /Dest (625) cvn H.B /DEST pdfmark end 197 428 a 596 496 a Fl(SRP)20 b(is)i(another)e (secur)o(e)g(telnet/ftp)h(implementation.)h(Fr)o(om)e(their)h(web)g (page:)197 561 y SDict begin H.S end 197 561 a 197 561 a SDict begin 11 H.A end 197 561 a 197 561 a SDict begin [ /View [/XYZ H.V] /Dest (626) cvn H.B /DEST pdfmark end 197 561 a 197 561 a SDict begin H.S end 197 561 a 197 561 a SDict begin 11 H.A end 197 561 a 197 561 a SDict begin [ /View [/XYZ H.V] /Dest (627) cvn H.B /DEST pdfmark end 197 561 a 596 629 a Fl(\223"The)32 b(SRP)i(pr)o(oject)f(is)g (developing)h(secur)o(e)e(Internet)h(softwar)o(e)g(for)g(fr)o(ee)f (worldwide)h(use.)596 720 y(Starting)24 b(with)i(a)f(fully-secur)o(e)f (T)-8 b(elnet)25 b(and)g(FTP)g(distribution,)h(we)f(hope)h(to)f (supplant)g(weak)596 811 y(networked)35 b(authentication)h(systems)h (with)f(str)o(ong)g(r)o(eplacements)f(that)h(do)f(not)i(sacri\002ce)596 903 y(user)o(-friendliness)19 b(for)i(security)-9 b(.)20 b(Security)h(should)g(be)g(the)f(default,)g(not)h(an)g(option!")h(\224) 197 968 y SDict begin H.S end 197 968 a 197 968 a SDict begin 11 H.A end 197 968 a 197 968 a SDict begin [ /View [/XYZ H.V] /Dest (628) cvn H.B /DEST pdfmark end 197 968 a 596 1036 a Fl(For)f(mor)o(e)f(information,)h(go)h(to)1636 1036 y SDict begin H.S end 1636 1036 a 1636 1036 a SDict begin 11 H.A end 1636 1036 a 1636 1036 a SDict begin [ /View [/XYZ H.V] /Dest (629) cvn H.B /DEST pdfmark end 1636 1036 a Fl(http://www-cs-students.stanfor)o(d.edu/~tjw/srp/)197 1100 y SDict begin H.S end 197 1100 a 197 1100 a SDict begin 11 H.A end 197 1100 a 197 1100 a SDict begin [ /View [/XYZ H.V] /Dest (630) cvn H.B /DEST pdfmark end 197 1100 a 596 1354 a Fi(P)-10 b(AM)27 b(-)h(Plug)o(gab)o(le)h(A)m (uthentication)h(Modules)2539 1354 y SDict begin H.S end 2539 1354 a 2539 1354 a SDict begin 13.31 H.A end 2539 1354 a 2539 1354 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.27.2) cvn H.B /DEST pdfmark end 2539 1354 a 197 1426 a SDict begin H.S end 197 1426 a 197 1426 a SDict begin 11 H.A end 197 1426 a 197 1426 a SDict begin [ /View [/XYZ H.V] /Dest (632) cvn H.B /DEST pdfmark end 197 1426 a 596 1495 a Fl(Newer)16 b(versions)h(of)g(the)g(Red)f(Hat)h(Linux)f (and)h(Debian)f(Linux)h(distributions)h(ship)f(with)h(a)e(uni-)596 1586 y(\002ed)22 b(authentication)h(scheme)h(called)e("P)-8 b(AM".)21 b(P)-8 b(AM)23 b(allows)g(you)h(to)f(change)g(your)g (authenti-)596 1678 y(cation)e(methods)h(and)f(r)o(equir)o(ements)g(on) h(the)g(\003y)-9 b(,)21 b(and)g(encapsulate)g(all)g(local)g (authentication)596 1769 y(methods)g(without)h(r)o(ecompiling)e(any)h (of)g(your)f(binaries.)g(Con\002guration)i(of)f(P)-8 b(AM)20 b(is)h(beyond)596 1860 y(the)i(scope)h(of)g(this)g(document,)g (but)g(be)f(sur)o(e)g(to)h(take)f(a)g(look)i(at)e(the)h(P)-8 b(AM)23 b(web)h(site)g(for)f(mor)o(e)596 1952 y(information.)1075 1952 y SDict begin H.S end 1075 1952 a 1075 1952 a SDict begin 11 H.A end 1075 1952 a 1075 1952 a SDict begin [ /View [/XYZ H.V] /Dest (633) cvn H.B /DEST pdfmark end 1075 1952 a Fl(http://www)-8 b(.kernel.or)o (g/pub/linux/libs/pam/index.html.)197 2017 y SDict begin H.S end 197 2017 a 197 2017 a SDict begin 11 H.A end 197 2017 a 197 2017 a SDict begin [ /View [/XYZ H.V] /Dest (634) cvn H.B /DEST pdfmark end 197 2017 a 596 2085 a Fl(Just)20 b(a)h(few)f(of)h(the)g(things)h(you)f(can)f(do)h(with)h(P) -8 b(AM:)197 2150 y SDict begin H.S end 197 2150 a 197 2150 a SDict begin 11 H.A end 197 2150 a 197 2150 a SDict begin [ /View [/XYZ H.V] /Dest (635) cvn H.B /DEST pdfmark end 197 2150 a 197 2150 a SDict begin H.S end 197 2150 a 197 2150 a SDict begin 11 H.A end 197 2150 a 197 2150 a SDict begin [ /View [/XYZ H.V] /Dest (636) cvn H.B /DEST pdfmark end 197 2150 a 197 2191 a SDict begin H.S end 197 2191 a 197 2191 a SDict begin 11 H.A end 197 2191 a 197 2191 a SDict begin [ /View [/XYZ H.V] /Dest (637) cvn H.B /DEST pdfmark end 197 2191 a Black 596 2342 a Fg(\225)p Black 679 2342 a SDict begin H.S end 679 2342 a 679 2342 a SDict begin 11 H.A end 679 2342 a 679 2342 a SDict begin [ /View [/XYZ H.V] /Dest (638) cvn H.B /DEST pdfmark end 679 2342 a Fl(Use)17 b(encryption)i(other)f (than)g(DES)g(for)f(your)i(passwor)o(ds.)e(\(Making)g(them)i(har)o(der) d(to)i(br)o(ute-)679 2433 y(for)o(ce)h(decode\))197 2451 y SDict begin H.S end 197 2451 a 197 2451 a SDict begin 11 H.A end 197 2451 a 197 2451 a SDict begin [ /View [/XYZ H.V] /Dest (639) cvn H.B /DEST pdfmark end 197 2451 a Black 596 2566 a Fg(\225)p Black 679 2566 a SDict begin H.S end 679 2566 a 679 2566 a SDict begin 11 H.A end 679 2566 a 679 2566 a SDict begin [ /View [/XYZ H.V] /Dest (640) cvn H.B /DEST pdfmark end 679 2566 a Fl(Set)g(r)o(esour)o(ce)f (limits)j(on)g(all)e(your)i(users)f(so)g(they)g(can't)g(perform)f (denial-of-service)g(attacks)679 2657 y(\(number)h(of)h(pr)o(ocesses,)f (amount)h(of)g(memory)-9 b(,)21 b(etc\))197 2681 y SDict begin H.S end 197 2681 a 197 2681 a SDict begin 11 H.A end 197 2681 a 197 2681 a SDict begin [ /View [/XYZ H.V] /Dest (641) cvn H.B /DEST pdfmark end 197 2681 a Black 596 2790 a Fg(\225)p Black 679 2790 a SDict begin H.S end 679 2790 a 679 2790 a SDict begin 11 H.A end 679 2790 a 679 2790 a SDict begin [ /View [/XYZ H.V] /Dest (642) cvn H.B /DEST pdfmark end 679 2790 a Fl(Enable)f(shadow)h(passwor)o (ds)f(\(see)g(below\))h(on)g(the)g(\003y)197 2814 y SDict begin H.S end 197 2814 a 197 2814 a SDict begin 11 H.A end 197 2814 a 197 2814 a SDict begin [ /View [/XYZ H.V] /Dest (643) cvn H.B /DEST pdfmark end 197 2814 a Black 596 2923 a Fg(\225)p Black 679 2923 a SDict begin H.S end 679 2923 a 679 2923 a SDict begin 11 H.A end 679 2923 a 679 2923 a SDict begin [ /View [/XYZ H.V] /Dest (644) cvn H.B /DEST pdfmark end 679 2923 a Fl(allow)g(speci\002c)f(users)h (to)g(login)h(only)g(at)e(speci\002c)h(times)g(fr)o(om)g(speci\002c)f (places)197 3097 y SDict begin H.S end 197 3097 a 197 3097 a SDict begin 11 H.A end 197 3097 a 197 3097 a SDict begin [ /View [/XYZ H.V] /Dest (645) cvn H.B /DEST pdfmark end 197 3097 a 596 3189 a Fl(W)-5 b(ithin)39 b(a)f(few)g(hours)h(of) f(installing)i(and)e(con\002guring)i(your)e(system,)h(you)g(can)f(pr)o (event)596 3280 y(many)52 b(attacks)f(befor)o(e)g(they)i(even)f(occur) -6 b(.)51 b(For)i(example,)e(use)h(P)-8 b(AM)52 b(to)g(disable)g(the) 596 3371 y(system-wide)22 b(usage)g(of)1416 3371 y SDict begin H.S end 1416 3371 a 1416 3371 a SDict begin 11 H.A end 1416 3371 a 1416 3371 a SDict begin [ /View [/XYZ H.V] /Dest (646) cvn H.B /DEST pdfmark end 1416 3371 a Fh(.rhosts)f Fl(\002les)i(in)g(user)6 b('s)22 b(home)h(dir)o (ectories)f(by)g(adding)g(these)g(lines)596 3463 y(to)689 3463 y SDict begin H.S end 689 3463 a 689 3463 a SDict begin 11 H.A end 689 3463 a 689 3463 a SDict begin [ /View [/XYZ H.V] /Dest (647) cvn H.B /DEST pdfmark end 689 3463 a Fh(/etc/pam.d/rlogin)p Fl(:)197 3558 y SDict begin H.S end 197 3558 a 197 3558 a SDict begin 9.9 H.A end 197 3558 a 197 3558 a SDict begin [ /View [/XYZ H.V] /Dest (648) cvn H.B /DEST pdfmark end 197 3558 a 685 3628 a Fh(#)685 3710 y(#)45 b(Disable)e(rsh/rlogin/rexec)g(for)h(users)685 3792 y(#)685 3875 y(login)g(auth)g(required)g(pam_rhosts_auth.so)e (no_rhosts)197 4090 y SDict begin H.S end 197 4090 a 197 4090 a SDict begin 11 H.A end 197 4090 a 197 4090 a SDict begin [ /View [/XYZ H.V] /Dest (649) cvn H.B /DEST pdfmark end 197 4090 a 596 4367 a Fi(Cr)q(yptographic)29 b(IP)f(Encapsulation)h(\(CIPE\))2449 4367 y SDict begin H.S end 2449 4367 a 2449 4367 a SDict begin 13.31 H.A end 2449 4367 a 2449 4367 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.28.2) cvn H.B /DEST pdfmark end 2449 4367 a 197 4440 a SDict begin H.S end 197 4440 a 197 4440 a SDict begin 11 H.A end 197 4440 a 197 4440 a SDict begin [ /View [/XYZ H.V] /Dest (651) cvn H.B /DEST pdfmark end 197 4440 a 596 4509 a Fl(The)f(primary)f(goal)h(of)g(this)h(softwar)o(e)e (is)i(to)f(pr)o(ovide)f(a)h(facility)g(for)g(secur)o(e)f(\(against)g (eaves-)596 4600 y(dr)o(opping,)21 b(including)j(traf)o(\002c)d (analysis,)h(and)g(faked)f(message)h(injection\))i(subnetwork)f(inter)o (-)596 4691 y(connection)f(acr)o(oss)e(an)g(insecur)o(e)h(packet)f (network)h(such)g(as)g(the)g(Internet.)197 4756 y SDict begin H.S end 197 4756 a 197 4756 a SDict begin 11 H.A end 197 4756 a 197 4756 a SDict begin [ /View [/XYZ H.V] /Dest (652) cvn H.B /DEST pdfmark end 197 4756 a 596 4824 a Fl(CIPE)i(encrypts)g(the)g(data)g(at)g(the)g(network)h(level.)f (Packets)g(traveling)g(between)g(hosts)i(on)f(the)596 4915 y(network)d(ar)o(e)e(encrypted.)h(The)g(encryption)i(engine)f(is)g (placed)f(near)g(the)g(driver)g(which)i(sends)596 5007 y(and)e(r)o(eceives)f(packets.)197 5072 y SDict begin H.S end 197 5072 a 197 5072 a SDict begin 11 H.A end 197 5072 a 197 5072 a SDict begin [ /View [/XYZ H.V] /Dest (653) cvn H.B /DEST pdfmark end 197 5072 a 596 5139 a Fl(This)33 b(is)f(unlike)h(SSH,)f(which)h(encrypts)g(the)f(data)g(by) g(connection,)i(at)e(the)h(socket)f(level.)g(A)596 5231 y(logical)21 b(connection)h(between)e(pr)o(ograms)h(r)o(unning)h(on)f (dif)o(fer)o(ent)e(hosts)j(is)f(encrypted.)p Black 197 5585 a Fj(22)p Black eop end %%Page: 23 23 TeXDict begin 23 22 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.23) cvn H.B /DEST pdfmark end 197 -102 a Black 197 -201 a SDict begin H.S end 197 -201 a 197 -201 a SDict begin 11 H.A end 197 -201 a 197 -201 a SDict begin [ /View [/XYZ H.V] /Dest (crack) cvn H.B /DEST pdfmark end 197 -201 a 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 197 6 a SDict begin H.S end 197 6 a 197 6 a SDict begin 11 H.A end 197 6 a 197 6 a SDict begin [ /View [/XYZ H.V] /Dest (654) cvn H.B /DEST pdfmark end 197 6 a 596 89 a Fl(CIPE)26 b(can)h(be)f(used)h(in)g(tunnelling,)h(in)f(or)o (der)f(to)h(cr)o(eate)f(a)g(V)-5 b(irtual)27 b(Private)f(Network.)h (Low-)596 180 y(level)15 b(encryption)i(has)f(the)h(advantage)d(that)i (it)h(can)e(be)h(made)g(to)g(work)h(transpar)o(ently)e(between)596 272 y(the)j(two)g(networks)h(connected)f(in)h(the)f(VPN,)g(without)h (any)f(change)g(to)g(application)g(softwar)o(e.)596 405 y(Summarized)h(fr)o(om)h(the)h(CIPE)g(documentation:)197 448 y SDict begin H.S end 197 448 a 197 448 a SDict begin 11 H.A end 197 448 a 197 448 a SDict begin [ /View [/XYZ H.V] /Dest (656) cvn H.B /DEST pdfmark end 197 448 a 197 448 a SDict begin H.S end 197 448 a 197 448 a SDict begin 11 H.A end 197 448 a 197 448 a SDict begin [ /View [/XYZ H.V] /Dest (657) cvn H.B /DEST pdfmark end 197 448 a 596 537 a Fl(\223The)33 b(IPSEC)g(standar)o(ds)f(de\002ne)i(a)f (set)h(of)f(pr)o(otocols)i(which)f(can)g(be)f(used)h(\(among)g(other) 596 629 y(things\))21 b(to)g(build)f(encrypted)g(VPNs.)g(However)-6 b(,)20 b(IPSEC)g(is)h(a)e(rather)h(heavyweight)h(and)f(com-)596 720 y(plicated)27 b(pr)o(otocol)i(set)f(with)h(a)f(lot)h(of)f(options,) h(implementations)h(of)e(the)h(full)f(pr)o(otocol)h(set)596 811 y(ar)o(e)21 b(still)j(rar)o(ely)d(used)i(and)f(some)i(issues)f (\(such)g(as)g(key)g(management\))f(ar)o(e)g(still)i(not)f(fully)g(r)o (e-)596 903 y(solved.)15 b(CIPE)h(uses)h(a)e(simpler)i(appr)o(oach,)d (in)j(which)g(many)f(things)i(which)f(can)f(be)f(parameter)o(-)596 994 y(ized)23 b(\(such)i(as)f(the)g(choice)h(of)g(the)f(actual)g (encryption)h(algorithm)g(used\))f(ar)o(e)f(an)h(install-time)596 1085 y(\002xed)29 b(choice.)h(This)g(limits)h(\003exibility)-9 b(,)30 b(but)g(allows)h(for)e(a)g(simple)i(\(and)e(ther)o(efor)o(e)f (ef)o(\002cient,)596 1177 y(easy)20 b(to)h(debug...\))e (implementation.\224)197 1242 y SDict begin H.S end 197 1242 a 197 1242 a SDict begin 11 H.A end 197 1242 a 197 1242 a SDict begin [ /View [/XYZ H.V] /Dest (658) cvn H.B /DEST pdfmark end 197 1242 a 596 1310 a Fl(Further)g(information)i (can)f(be)g(found)g(at)1933 1310 y SDict begin H.S end 1933 1310 a 1933 1310 a SDict begin 11 H.A end 1933 1310 a 1933 1310 a SDict begin [ /View [/XYZ H.V] /Dest (659) cvn H.B /DEST pdfmark end 1933 1310 a Fl(http://www)-8 b(.inka.de/~bigr)o(ed/devel/cipe.html)197 1374 y SDict begin H.S end 197 1374 a 197 1374 a SDict begin 11 H.A end 197 1374 a 197 1374 a SDict begin [ /View [/XYZ H.V] /Dest (660) cvn H.B /DEST pdfmark end 197 1374 a 596 1442 a Fl(As)22 b(with)i(other)f(forms)g(of)f(cryptography)-9 b(,)22 b(it)h(is)g(not)h(distributed)e(with)i(the)f(kernel)f(by)h (default)596 1534 y(due)d(to)h(export)f(r)o(estrictions.)197 1599 y SDict begin H.S end 197 1599 a 197 1599 a SDict begin 11 H.A end 197 1599 a 197 1599 a SDict begin [ /View [/XYZ H.V] /Dest (661) cvn H.B /DEST pdfmark end 197 1599 a 596 1852 a Fi(K)n(erber)n(os)1033 1852 y SDict begin H.S end 1033 1852 a 1033 1852 a SDict begin 13.31 H.A end 1033 1852 a 1033 1852 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.29.2) cvn H.B /DEST pdfmark end 1033 1852 a 197 1903 a SDict begin H.S end 197 1903 a 197 1903 a SDict begin 11 H.A end 197 1903 a 197 1903 a SDict begin [ /View [/XYZ H.V] /Dest (663) cvn H.B /DEST pdfmark end 197 1903 a 596 1993 a Fl(Kerber)o(os)g(is)h(an)f(authentication)i (system)f(developed)f(by)h(the)f(Athena)h(Pr)o(oject)f(at)h(MIT)-6 b(.)20 b(When)596 2085 y(a)g(user)g(logs)h(in,)g(Kerber)o(os)f (authenticates)g(that)h(user)f(\(using)h(a)f(passwor)o(d\),)g(and)g(pr) o(ovides)g(the)596 2176 y(user)f(with)i(a)e(way)h(to)g(pr)o(ove)f(her)h (identity)g(to)h(other)f(servers)f(and)h(hosts)h(scatter)o(ed)d(ar)o (ound)h(the)596 2267 y(network.)197 2311 y SDict begin H.S end 197 2311 a 197 2311 a SDict begin 11 H.A end 197 2311 a 197 2311 a SDict begin [ /View [/XYZ H.V] /Dest (664) cvn H.B /DEST pdfmark end 197 2311 a 596 2400 a Fl(This)30 b(authentication)g(is)g(then)g(used)g(by)f(pr)o(ograms)h (such)g(as)2644 2400 y SDict begin H.S end 2644 2400 a 2644 2400 a SDict begin 11 H.A end 2644 2400 a 2644 2400 a SDict begin [ /View [/XYZ H.V] /Dest (665) cvn H.B /DEST pdfmark end 2644 2400 a Fh(rlogin)f Fl(to)h(allow)g(the)g(user)g(to) 596 2491 y(login)c(to)g(other)f(hosts)i(without)f(a)f(passwor)o(d)g (\(in)g(place)g(of)g(the)2690 2491 y SDict begin H.S end 2690 2491 a 2690 2491 a SDict begin 11 H.A end 2690 2491 a 2690 2491 a SDict begin [ /View [/XYZ H.V] /Dest (666) cvn H.B /DEST pdfmark end 2690 2491 a Fh(.rhosts)g Fl(\002le\).)f(This)i(authen-)596 2583 y(tication)f(method)h(can)e (also)i(used)e(by)h(the)h(mail)f(system)h(in)f(or)o(der)f(to)h (guarantee)f(that)h(mail)h(is)596 2674 y(deliver)o(ed)j(to)i(the)g (corr)o(ect)f(person,)i(as)e(well)i(as)e(to)i(guarantee)e(that)h(the)g (sender)g(is)g(who)h(he)596 2765 y(claims)20 b(to)i(be.)197 2809 y SDict begin H.S end 197 2809 a 197 2809 a SDict begin 11 H.A end 197 2809 a 197 2809 a SDict begin [ /View [/XYZ H.V] /Dest (667) cvn H.B /DEST pdfmark end 197 2809 a 596 2898 a Fl(Kerber)o(os)27 b(and)h(the)g(other)g(pr)o(ograms)g (that)g(come)h(with)g(it,)f(pr)o(event)f(users)h(fr)o(om)g ("spoo\002ng")596 2990 y(the)e(system)h(into)g(believing)g(they)g(ar)o (e)e(someone)i(else.)f(Unfortunately)-9 b(,)26 b(installing)i(Kerber)o (os)596 3081 y(is)h(very)f(intr)o(usive,)h(r)o(equiring)g(the)g (modi\002cation)h(or)e(r)o(eplacement)g(of)h(numer)o(ous)g(standar)o(d) 596 3172 y(pr)o(ograms.)197 3237 y SDict begin H.S end 197 3237 a 197 3237 a SDict begin 11 H.A end 197 3237 a 197 3237 a SDict begin [ /View [/XYZ H.V] /Dest (668) cvn H.B /DEST pdfmark end 197 3237 a 596 3305 a Fl(Y)-8 b(ou)21 b(can)f(\002nd)g(mor)o(e)g(information)h(about)f(kerber)o(os)g (by)g(looking)i(at)2811 3305 y SDict begin H.S end 2811 3305 a 2811 3305 a SDict begin 11 H.A end 2811 3305 a 2811 3305 a SDict begin [ /View [/XYZ H.V] /Dest (669) cvn H.B /DEST pdfmark end 2811 3305 a Fl(the)e(kerber)o(os)g(F)-6 b(AQ)3453 3272 y Fe(42)3502 3305 y Fl(,)20 b(and)596 3396 y(the)g(code)h(can)f(be)h(found)g(at)1511 3396 y SDict begin H.S end 1511 3396 a 1511 3396 a SDict begin 11 H.A end 1511 3396 a 1511 3396 a SDict begin [ /View [/XYZ H.V] /Dest (670) cvn H.B /DEST pdfmark end 1511 3396 a Fl(http://nii.isi.edu/info/kerber)o(os/.)197 3461 y SDict begin H.S end 197 3461 a 197 3461 a SDict begin 11 H.A end 197 3461 a 197 3461 a SDict begin [ /View [/XYZ H.V] /Dest (671) cvn H.B /DEST pdfmark end 197 3461 a 596 3529 a Fl([Fr)o(om:)e(Stein,)h(Jennifer)f(G.,)h(Clif)o(for)o(d)e (Neuman,)i(and)g(Jef)o(fr)o(ey)d(L.)i(Schiller)-6 b(.)20 b("Kerber)o(os:)f(An)h(Au-)596 3621 y(thentication)26 b(Service)d(for)i(Open)h(Network)f(Systems.")g(USENIX)f(Confer)o(ence)g (Pr)o(oceedings,)596 3712 y(Dallas,)c(T)-8 b(exas,)20 b(W)-5 b(inter)21 b(1998.])197 3769 y SDict begin H.S end 197 3769 a 197 3769 a SDict begin 11 H.A end 197 3769 a 197 3769 a SDict begin [ /View [/XYZ H.V] /Dest (672) cvn H.B /DEST pdfmark end 197 3769 a 596 3845 a Fl(Kerber)o(os)h (should)i(not)g(be)e(your)i(\002rst)f(step)g(in)h(impr)o(oving)f (security)h(of)f(your)g(host.)h(It)f(is)g(quite)596 3936 y(involved,)d(and)h(not)g(as)g(widely)g(used)f(as,)g(say)-9 b(,)20 b(SSH.)197 4001 y SDict begin H.S end 197 4001 a 197 4001 a SDict begin 11 H.A end 197 4001 a 197 4001 a SDict begin [ /View [/XYZ H.V] /Dest (673) cvn H.B /DEST pdfmark end 197 4001 a 596 4254 a Fi(Shado)n(w)29 b(P)m(ass)n(w)n(or)n (ds.)1556 4254 y SDict begin H.S end 1556 4254 a 1556 4254 a SDict begin 13.31 H.A end 1556 4254 a 1556 4254 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.30.2) cvn H.B /DEST pdfmark end 1556 4254 a 197 4306 a SDict begin H.S end 197 4306 a 197 4306 a SDict begin 11 H.A end 197 4306 a 197 4306 a SDict begin [ /View [/XYZ H.V] /Dest (675) cvn H.B /DEST pdfmark end 197 4306 a 596 4396 a Fl(Shadow)g(passwor)o(ds) g(ar)o(e)f(a)h(means)g(of)h(keeping)f(your)h(encrypted)f(passwor)o(d)g (information)596 4487 y(secr)o(et)g(fr)o(om)h(normal)h(users.)g(Recent) g(versions)g(of)f(both)i(Red)e(Hat)g(and)h(Debian)f(Linux)h(use)596 4578 y(shadow)18 b(passwor)o(ds)g(by)g(default,)f(but)i(on)g(other)f (systems,)h(encrypted)f(passwor)o(ds)g(ar)o(e)f(stor)o(ed)596 4670 y(in)687 4670 y SDict begin H.S end 687 4670 a 687 4670 a SDict begin 11 H.A end 687 4670 a 687 4670 a SDict begin [ /View [/XYZ H.V] /Dest (676) cvn H.B /DEST pdfmark end 687 4670 a Fh(/etc/passwd)f Fl(\002le)j(for)f(all)h(to)g(r)o (ead.)d(Anyone)j(can)g(then)g(r)o(un)g(passwor)o(d-guesser)e(pr)o (ograms)596 4761 y(on)28 b(them)g(and)f(attempt)g(to)h(determine)g (what)f(they)h(ar)o(e.)e(Shadow)h(passwor)o(ds,)g(by)h(contrast,)596 4852 y(ar)o(e)j(saved)h(in)1094 4852 y SDict begin H.S end 1094 4852 a 1094 4852 a SDict begin 11 H.A end 1094 4852 a 1094 4852 a SDict begin [ /View [/XYZ H.V] /Dest (677) cvn H.B /DEST pdfmark end 1094 4852 a Fh(/etc/shadow)p Fl(,)e(which)k(only)g(privileged)f(users)g(can)f(r)o(ead.)f(In)j(or)o (der)e(to)h(use)596 4944 y(shadow)20 b(passwor)o(ds,)g(you)h(need)f(to) g(make)g(sur)o(e)g(all)g(your)h(utilities)g(that)f(need)g(access)g(to)g (pass-)596 5035 y(wor)o(d)32 b(information)j(ar)o(e)d(r)o(ecompiled)g (to)i(support)f(them.)h(P)-8 b(AM)33 b(\(above\))f(also)h(allows)h(you) 596 5126 y(to)c(just)i(plug)f(in)g(a)f(shadow)h(module;)f(it)h(doesn't) g(r)o(equir)o(e)e(r)o(e-compilation)i(of)f(executables.)596 5218 y(Y)-8 b(ou)33 b(can)g(r)o(efer)e(to)i(the)g(Shadow-Passwor)o(d)f (HOWT)o(O)h(for)g(further)f(information)i(if)e(neces-)596 5309 y(sary)-9 b(.)31 b(It)i(is)g(available)f(at)1439 5309 y SDict begin H.S end 1439 5309 a 1439 5309 a SDict begin 11 H.A end 1439 5309 a 1439 5309 a SDict begin [ /View [/XYZ H.V] /Dest (678) cvn H.B /DEST pdfmark end 1439 5309 a Fl(http://metalab.unc.edu/LDP/HOWT)o(O/Shadow-Passwor)o (d-)p Black 3601 5585 a Fj(23)p Black eop end %%Page: 24 24 TeXDict begin 24 23 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.24) cvn H.B /DEST pdfmark end 197 -102 a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fl(HOWT)o(O.html)i(It)g(is)h(rather)e(dated)g(now)-8 b(,)24 b(and)e(will)i(not)g(be)f(r)o(equir)o(ed)e(for)i(distributions)h (sup-)596 180 y(porting)d(P)-8 b(AM.)197 245 y SDict begin H.S end 197 245 a 197 245 a SDict begin 11 H.A end 197 245 a 197 245 a SDict begin [ /View [/XYZ H.V] /Dest (crack) cvn H.B /DEST pdfmark end 197 245 a 596 498 a Fi("Crac)n(k")26 b(and)i("John)h(the)g(Ripper")2063 498 y SDict begin H.S end 2063 498 a 2063 498 a SDict begin 13.31 H.A end 2063 498 a 2063 498 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.31.2) cvn H.B /DEST pdfmark end 2063 498 a 197 569 a SDict begin H.S end 197 569 a 197 569 a SDict begin 11 H.A end 197 569 a 197 569 a SDict begin [ /View [/XYZ H.V] /Dest (681) cvn H.B /DEST pdfmark end 197 569 a 596 640 a Fl(If)c(for)g(some)h(r)o(eason)f(your)1494 640 y SDict begin H.S end 1494 640 a 1494 640 a SDict begin 11 H.A end 1494 640 a 1494 640 a SDict begin [ /View [/XYZ H.V] /Dest (682) cvn H.B /DEST pdfmark end 1494 640 a Fh(passwd)f Fl(pr)o(ogram)h(is)h(not)g(enfor)o(cing)f(har)o(d-to-guess)g(passwor)o (ds,)596 731 y(you)33 b(might)g(want)g(to)g(r)o(un)g(a)f(passwor)o (d-cracking)f(pr)o(ogram)h(and)g(make)g(sur)o(e)g(your)h(users')596 823 y(passwor)o(ds)20 b(ar)o(e)f(secur)o(e.)197 888 y SDict begin H.S end 197 888 a 197 888 a SDict begin 11 H.A end 197 888 a 197 888 a SDict begin [ /View [/XYZ H.V] /Dest (683) cvn H.B /DEST pdfmark end 197 888 a 596 956 a Fl(Passwor)o(d)j(cracking)g(pr)o(ograms)g(work)g(on)h(a)f(simple) h(idea:)e(they)i(try)f(every)g(wor)o(d)g(in)h(the)g(dic-)596 1047 y(tionary)-9 b(,)31 b(and)g(then)i(variations)e(on)i(those)f(wor)o (ds,)f(encrypting)i(each)e(one)h(and)f(checking)i(it)596 1138 y(against)c(your)g(encrypted)g(passwor)o(d.)f(If)h(they)h(get)f(a) g(match)g(they)h(know)g(what)g(your)f(pass-)596 1229 y(wor)o(d)20 b(is.)197 1273 y SDict begin H.S end 197 1273 a 197 1273 a SDict begin 11 H.A end 197 1273 a 197 1273 a SDict begin [ /View [/XYZ H.V] /Dest (684) cvn H.B /DEST pdfmark end 197 1273 a 596 1362 a Fl(Ther)o(e)15 b(ar)o(e)h(a)g(number)h(of)g(pr)o(ograms)f(out)h(ther)o(e...the)e(two)j (most)g(notable)e(of)h(which)h(ar)o(e)d("Crack")596 1454 y(and)h("John)i(the)f(Ripper")g(\()1431 1454 y SDict begin H.S end 1431 1454 a 1431 1454 a SDict begin 11 H.A end 1431 1454 a 1431 1454 a SDict begin [ /View [/XYZ H.V] /Dest (685) cvn H.B /DEST pdfmark end 1431 1454 a Fl(http://www)-8 b(.openwall.com/john/\))21 b(.)c(They)g(will)h(take)e(up)i(a)e(lot)i (of)596 1545 y(your)f(CPU)f(time,)h(but)f(you)i(should)f(be)g(able)f (to)h(tell)g(if)f(an)h(attacker)e(could)i(get)g(in)g(using)h(them)f(by) 596 1636 y(r)o(unning)25 b(them)g(\002rst)f(yourself)h(and)e(notifying) j(users)e(with)h(weak)f(passwor)o(ds.)g(Note)g(that)g(an)596 1728 y(attacker)d(would)i(have)f(to)h(use)g(some)g(other)g(hole)g (\002rst)g(in)g(or)o(der)f(to)h(r)o(ead)e(your)3191 1728 y SDict begin H.S end 3191 1728 a 3191 1728 a SDict begin 11 H.A end 3191 1728 a 3191 1728 a SDict begin [ /View [/XYZ H.V] /Dest (686) cvn H.B /DEST pdfmark end 3191 1728 a Fh(/etc/passwd)596 1819 y Fl(\002le,)f(but)h(such)g(holes)h(ar)o (e)d(mor)o(e)h(common)j(than)e(you)g(might)h(think.)197 1884 y SDict begin H.S end 197 1884 a 197 1884 a SDict begin 11 H.A end 197 1884 a 197 1884 a SDict begin [ /View [/XYZ H.V] /Dest (687) cvn H.B /DEST pdfmark end 197 1884 a 596 1952 a Fl(Because)i(security)h(is)h(only)h(as)e(str)o(ong)g (as)h(the)f(most)h(insecur)o(e)f(host,)h(it)g(is)g(worth)g(mentioning) 596 2043 y(that)44 b(if)h(you)h(have)e(any)h(W)-5 b(indows)46 b(machines)g(on)f(your)g(network,)h(you)f(should)h(check)596 2134 y(out)63 b(L0phtCrack,)f(a)h(Crack)f(implementation)i(for)g(W)-5 b(indows.)64 b(It's)g(available)d(fr)o(om)596 2226 y SDict begin H.S end 596 2226 a 596 2226 a SDict begin 11 H.A end 596 2226 a 596 2226 a SDict begin [ /View [/XYZ H.V] /Dest (688) cvn H.B /DEST pdfmark end 596 2226 a Fl(http://www)-8 b(.l0pht.com)197 2291 y SDict begin H.S end 197 2291 a 197 2291 a SDict begin 11 H.A end 197 2291 a 197 2291 a SDict begin [ /View [/XYZ H.V] /Dest (689) cvn H.B /DEST pdfmark end 197 2291 a 596 2544 a Fi(CFS)27 b(-)i(Cr)q(yptographic)g(File)f(System)g(and)h(TCFS)f(-)h (T)-8 b(ransparent)596 2654 y(Cr)q(yptographic)29 b(File)f(System)1869 2654 y SDict begin H.S end 1869 2654 a 1869 2654 a SDict begin 13.31 H.A end 1869 2654 a 1869 2654 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.32.2) cvn H.B /DEST pdfmark end 1869 2654 a 197 2727 a SDict begin H.S end 197 2727 a 197 2727 a SDict begin 11 H.A end 197 2727 a 197 2727 a SDict begin [ /View [/XYZ H.V] /Dest (691) cvn H.B /DEST pdfmark end 197 2727 a 596 2796 a Fl(CFS)33 b(is)g(a)g(way)h(of)f (encrypting)h(entir)o(e)f(dir)o(ectory)g(tr)o(ees)f(and)h(allowing)i (users)e(to)h(stor)o(e)f(en-)596 2887 y(crypted)c(\002les)i(on)f(them.) h(It)f(uses)h(an)f(NFS)f(server)h(r)o(unning)i(on)e(the)h(local)f (machine.)g(RPMS)596 2978 y(ar)o(e)23 b(available)g(at)1181 2978 y SDict begin H.S end 1181 2978 a 1181 2978 a SDict begin 11 H.A end 1181 2978 a 1181 2978 a SDict begin [ /View [/XYZ H.V] /Dest (692) cvn H.B /DEST pdfmark end 1181 2978 a Fl(http://www)-8 b(.zedz.net/r)o(edhat/,)23 b(and)i(mor)o(e)f(information)i(on)f(how)h(it)f(all)596 3070 y(works)c(is)g(at)1014 3070 y SDict begin H.S end 1014 3070 a 1014 3070 a SDict begin 11 H.A end 1014 3070 a 1014 3070 a SDict begin [ /View [/XYZ H.V] /Dest (693) cvn H.B /DEST pdfmark end 1014 3070 a Fl(ftp://ftp.r)o(esear)o (ch.att.com/dist/mab/.)197 3135 y SDict begin H.S end 197 3135 a 197 3135 a SDict begin 11 H.A end 197 3135 a 197 3135 a SDict begin [ /View [/XYZ H.V] /Dest (694) cvn H.B /DEST pdfmark end 197 3135 a 596 3203 a Fl(TCFS)34 b(impr)o(oves)h(on)g(CFS)f(by)h(adding)g(mor)o(e)f(integration)i(with)f (the)g(\002le)g(system,)h(so)f(that)596 3294 y(it's)26 b(transpar)o(ent)g(to)g(users)h(that)f(the)h(\002le)f(system)h(that)g (is)f(encrypted.)g(Mor)o(e)f(information)j(at:)596 3385 y SDict begin H.S end 596 3385 a 596 3385 a SDict begin 11 H.A end 596 3385 a 596 3385 a SDict begin [ /View [/XYZ H.V] /Dest (695) cvn H.B /DEST pdfmark end 596 3385 a Fl(http://www)-8 b(.tcfs.it/.)197 3450 y SDict begin H.S end 197 3450 a 197 3450 a SDict begin 11 H.A end 197 3450 a 197 3450 a SDict begin [ /View [/XYZ H.V] /Dest (696) cvn H.B /DEST pdfmark end 197 3450 a 596 3518 a Fl(It)20 b(also)h(need)g(not)g(be)g(used)f(on)h(entir)o(e)g(\002le)f (systems.)i(It)f(works)g(on)h(dir)o(ectory)d(tr)o(ees)h(as)h(well.)197 3583 y SDict begin H.S end 197 3583 a 197 3583 a SDict begin 11 H.A end 197 3583 a 197 3583 a SDict begin [ /View [/XYZ H.V] /Dest (697) cvn H.B /DEST pdfmark end 197 3583 a 596 3836 a Fi(X11,)27 b(SV)-5 b(GA)28 b(and)g(displa)n(y)g (security)2101 3836 y SDict begin H.S end 2101 3836 a 2101 3836 a SDict begin 13.31 H.A end 2101 3836 a 2101 3836 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.33.2) cvn H.B /DEST pdfmark end 2101 3836 a 197 3857 a SDict begin H.S end 197 3857 a 197 3857 a SDict begin 11 H.A end 197 3857 a 197 3857 a SDict begin [ /View [/XYZ H.V] /Dest (699) cvn H.B /DEST pdfmark end 197 3857 a 596 4088 a Fm(X11)759 4088 y SDict begin H.S end 759 4088 a 759 4088 a SDict begin 12.1 H.A end 759 4088 a 759 4088 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.33.4.3) cvn H.B /DEST pdfmark end 759 4088 a 197 4134 a SDict begin H.S end 197 4134 a 197 4134 a SDict begin 11 H.A end 197 4134 a 197 4134 a SDict begin [ /View [/XYZ H.V] /Dest (701) cvn H.B /DEST pdfmark end 197 4134 a 596 4225 a Fl(It's)16 b(important)g(for)g(you)g(to)g (secur)o(e)f(your)h(graphical)g(display)f(to)i(pr)o(event)e(attackers)f (fr)o(om)i(grab-)596 4316 y(bing)26 b(your)g(passwor)o(ds)f(as)g(you)h (type)g(them,)f(r)o(eading)g(documents)h(or)g(information)g(you)g(ar)o (e)596 4408 y(r)o(eading)d(on)i(your)g(scr)o(een,)f(or)h(even)f(using)i (a)e(hole)h(to)g(gain)g(r)o(oot)g(access.)f(Running)i(r)o(emote)f(X)596 4499 y(applications)18 b(over)h(a)f(network)i(also)f(can)f(be)h (fraught)f(with)i(peril,)e(allowing)i(snif)o(fers)e(to)i(see)e(all)596 4590 y(your)j(interaction)g(with)g(the)g(r)o(emote)f(system.)197 4655 y SDict begin H.S end 197 4655 a 197 4655 a SDict begin 11 H.A end 197 4655 a 197 4655 a SDict begin [ /View [/XYZ H.V] /Dest (702) cvn H.B /DEST pdfmark end 197 4655 a 596 4723 a Fl(X)27 b(has)h(a)f(number)g(of)h(access-contr)o(ol)f (mechanisms.)h(The)f(simplest)h(of)g(them)g(is)g(host-based:)596 4815 y(you)20 b(use)901 4815 y SDict begin H.S end 901 4815 a 901 4815 a SDict begin 11 H.A end 901 4815 a 901 4815 a SDict begin [ /View [/XYZ H.V] /Dest (703) cvn H.B /DEST pdfmark end 901 4815 a Fh(xhost)f Fl(to)h(specify)f(the)h (hosts)h(that)e(ar)o(e)g(allowed)g(access)g(to)h(your)g(display)-9 b(.)19 b(This)h(is)g(not)596 4906 y(very)h(secur)o(e)g(at)h(all,)g (because)f(if)h(someone)i(has)e(access)f(to)i(your)g(machine,)f(they)g (can)3370 4906 y SDict begin H.S end 3370 4906 a 3370 4906 a SDict begin 11 H.A end 3370 4906 a 3370 4906 a SDict begin [ /View [/XYZ H.V] /Dest (704) cvn H.B /DEST pdfmark end 3370 4906 a Fh(xhost)44 b(+)596 4997 y(their)g(machine)17 b Fl(and)i(get)g(in)h(easily)-9 b(.)18 b(Also,)h(if)g(you)h(have)f(to)g (allow)g(access)g(fr)o(om)g(an)g(untr)o(usted)596 5089 y(machine,)h(anyone)h(ther)o(e)f(can)h(compr)o(omise)g(your)g(display) -9 b(.)197 5154 y SDict begin H.S end 197 5154 a 197 5154 a SDict begin 11 H.A end 197 5154 a 197 5154 a SDict begin [ /View [/XYZ H.V] /Dest (705) cvn H.B /DEST pdfmark end 197 5154 a 596 5221 a Fl(When)42 b(using)1102 5221 y SDict begin H.S end 1102 5221 a 1102 5221 a SDict begin 11 H.A end 1102 5221 a 1102 5221 a SDict begin [ /View [/XYZ H.V] /Dest (706) cvn H.B /DEST pdfmark end 1102 5221 a Fh(xdm)f Fl(\(X)h(Display)g(Manager\))e(to)i(log)g(in,)g (you)g(get)f(a)g(much)i(better)e(access)596 5313 y(method:)21 b(MIT)-5 b(-MAGIC-COOKIE-1.)18 b(A)j(128-bit)e("cookie")i(is)g (generated)f(and)g(stor)o(ed)g(in)i(your)596 5404 y SDict begin H.S end 596 5404 a 596 5404 a SDict begin 11 H.A end 596 5404 a 596 5404 a SDict begin [ /View [/XYZ H.V] /Dest (707) cvn H.B /DEST pdfmark end 596 5404 a Fh(.Xauthority)32 b Fl(\002le.)i(If)f(you)i(need)e(to)i(allow)f(a)g(r)o(emote)f(machine)h (access)g(to)g(your)h(display)-9 b(,)p Black 197 5585 a Fj(24)p Black eop end %%Page: 25 25 TeXDict begin 25 24 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.25) cvn H.B /DEST pdfmark end 197 -102 a Black 197 -201 a SDict begin H.S end 197 -201 a 197 -201 a SDict begin 11 H.A end 197 -201 a 197 -201 a SDict begin [ /View [/XYZ H.V] /Dest (743) cvn H.B /DEST pdfmark end 197 -201 a 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p Black 596 89 a Fl(you)37 b(can)f(use)g(the)1250 89 y SDict begin H.S end 1250 89 a 1250 89 a SDict begin 11 H.A end 1250 89 a 1250 89 a SDict begin [ /View [/XYZ H.V] /Dest (708) cvn H.B /DEST pdfmark end 1250 89 a Fh(xauth)g Fl(command)h(and)f(the)h(information)g(in)g(your)3040 89 y SDict begin H.S end 3040 89 a 3040 89 a SDict begin 11 H.A end 3040 89 a 3040 89 a SDict begin [ /View [/XYZ H.V] /Dest (709) cvn H.B /DEST pdfmark end 3040 89 a Fh(.Xauthority)e Fl(\002le)596 180 y(to)42 b(pr)o(ovide)f(access)g (to)h(only)h(that)f(connection.)h(See)e(the)h(Remote-X-Apps)f (mini-howto,)596 272 y(available)19 b(at)1035 272 y SDict begin H.S end 1035 272 a 1035 272 a SDict begin 11 H.A end 1035 272 a 1035 272 a SDict begin [ /View [/XYZ H.V] /Dest (710) cvn H.B /DEST pdfmark end 1035 272 a Fl (http://metalab.unc.edu/LDP/HOWT)o(O/mini/Remote-X-Apps.html.)197 337 y SDict begin H.S end 197 337 a 197 337 a SDict begin 11 H.A end 197 337 a 197 337 a SDict begin [ /View [/XYZ H.V] /Dest (711) cvn H.B /DEST pdfmark end 197 337 a 596 405 a Fl(Y)-8 b(ou)22 b(can)f(also)h(use)1222 405 y SDict begin H.S end 1222 405 a 1222 405 a SDict begin 11 H.A end 1222 405 a 1222 405 a SDict begin [ /View [/XYZ H.V] /Dest (712) cvn H.B /DEST pdfmark end 1222 405 a Fh(ssh)f Fl(\(see)p 0 TeXcolorgray 1542 405 a SDict begin H.S end 1542 405 a Fl(the)g(Section)g(called)f Fc(ssh)g Fj(\(Secur)o(e)h(Shell\))g (and)f Fc(stelnet)3302 405 y SDict begin 11 H.L end 3302 405 a 3302 405 a SDict begin [ /Subtype /Link /Dest (ssh) cvn /H /I /Border [0 0 0] /Color [1 0 0] H.B /ANN pdfmark end 3302 405 a Black -1 w Fl(,)h(above\))g(to)596 496 y(allow)k(secur)o(e)f(X)h (connections.)h(This)f(has)g(the)g(advantage)f(of)h(also)g(being)g (transpar)o(ent)f(to)h(the)596 587 y(end)20 b(user)-6 b(,)20 b(and)h(means)f(that)h(no)h(unencrypted)e(data)g(\003ows)i(acr)o (oss)e(the)h(network.)197 652 y SDict begin H.S end 197 652 a 197 652 a SDict begin 11 H.A end 197 652 a 197 652 a SDict begin [ /View [/XYZ H.V] /Dest (714) cvn H.B /DEST pdfmark end 197 652 a 596 720 a Fl(Y)-8 b(ou)22 b(can)f(also)h (disable)f(any)g(r)o(emote)g(connections)i(to)f(your)f(X)h(server)f(by) g(using)h(the)g('-nolisten)596 811 y(tcp')32 b(options)i(to)f(your)f(X) h(server)-6 b(.)31 b(This)i(will)h(pr)o(event)d(any)i(network)g (connections)h(to)f(your)596 903 y(server)20 b(over)g(tcp)h(sockets.) 197 968 y SDict begin H.S end 197 968 a 197 968 a SDict begin 11 H.A end 197 968 a 197 968 a SDict begin [ /View [/XYZ H.V] /Dest (715) cvn H.B /DEST pdfmark end 197 968 a 596 1036 a Fl(T)-8 b(ake)20 b(a)h(look)h(at)f(the)1259 1036 y SDict begin H.S end 1259 1036 a 1259 1036 a SDict begin 11 H.A end 1259 1036 a 1259 1036 a SDict begin [ /View [/XYZ H.V] /Dest (716) cvn H.B /DEST pdfmark end 1259 1036 a Fh(Xsecurity)e Fl(man)j(page)e(for)h(mor)o(e)g (information)h(on)g(X)g(security)-9 b(.)21 b(The)g(safe)596 1127 y(bet)k(is)h(to)h(use)1068 1127 y SDict begin H.S end 1068 1127 a 1068 1127 a SDict begin 11 H.A end 1068 1127 a 1068 1127 a SDict begin [ /View [/XYZ H.V] /Dest (717) cvn H.B /DEST pdfmark end 1068 1127 a Fh(xdm)f Fl(to)g(login)h(to) f(your)g(console)h(and)e(then)i(use)2647 1127 y SDict begin H.S end 2647 1127 a 2647 1127 a SDict begin 11 H.A end 2647 1127 a 2647 1127 a SDict begin [ /View [/XYZ H.V] /Dest (718) cvn H.B /DEST pdfmark end 2647 1127 a Fh(ssh)e Fl(to)h(go)g(to)h(r)o(emote)e(sites)h(on)596 1218 y(which)21 b(you)g(wish)h(to)f(r)o(un)h(X)f(pr)o(ograms.)197 1283 y SDict begin H.S end 197 1283 a 197 1283 a SDict begin 11 H.A end 197 1283 a 197 1283 a SDict begin [ /View [/XYZ H.V] /Dest (719) cvn H.B /DEST pdfmark end 197 1283 a 596 1526 a Fm(SV)-5 b(GA)850 1526 y SDict begin H.S end 850 1526 a 850 1526 a SDict begin 12.1 H.A end 850 1526 a 850 1526 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.33.5.3) cvn H.B /DEST pdfmark end 850 1526 a 197 1573 a SDict begin H.S end 197 1573 a 197 1573 a SDict begin 11 H.A end 197 1573 a 197 1573 a SDict begin [ /View [/XYZ H.V] /Dest (721) cvn H.B /DEST pdfmark end 197 1573 a 596 1663 a Fl(SVGAlib)33 b(pr)o(ograms)g(ar)o(e)f(typically)i(SUID-r) o(oot)f(in)h(or)o(der)f(to)h(access)f(all)h(your)g(Linux)f(ma-)596 1755 y(chine's)c(video)g(har)o(dwar)o(e.)d(This)j(makes)g(them)g(very)f (danger)o(ous.)g(If)h(they)g(crash,)f(you)h(typi-)596 1846 y(cally)18 b(need)h(to)g(r)o(eboot)g(your)g(machine)g(to)g(get)g (a)g(usable)f(console)i(back.)e(Make)g(sur)o(e)h(any)f(SVGA)596 1937 y(pr)o(ograms)i(you)h(ar)o(e)e(r)o(unning)j(ar)o(e)d(authentic,)h (and)h(can)f(at)g(least)g(be)h(somewhat)g(tr)o(usted.)f(Even)596 2028 y(better)-6 b(,)19 b(don't)j(r)o(un)f(them)g(at)f(all.)197 2084 y SDict begin H.S end 197 2084 a 197 2084 a SDict begin 11 H.A end 197 2084 a 197 2084 a SDict begin [ /View [/XYZ H.V] /Dest (722) cvn H.B /DEST pdfmark end 197 2084 a 596 2336 a Fm(GGI)25 b(\(Generic)g(Graphics)g(Interface)g(pr)n (oject\))2345 2336 y SDict begin H.S end 2345 2336 a 2345 2336 a SDict begin 12.1 H.A end 2345 2336 a 2345 2336 a SDict begin [ /View [/XYZ H.V] /Dest (1.6.33.6.3) cvn H.B /DEST pdfmark end 2345 2336 a 197 2401 a SDict begin H.S end 197 2401 a 197 2401 a SDict begin 11 H.A end 197 2401 a 197 2401 a SDict begin [ /View [/XYZ H.V] /Dest (724) cvn H.B /DEST pdfmark end 197 2401 a 596 2473 a Fl(The)18 b(Linux)h(GGI)g(pr)o(oject)f(is)h(trying)g(to)g(solve)g(several)f(of)g (the)h(pr)o(oblems)f(with)h(video)g(interfaces)596 2565 y(on)25 b(Linux.)f(GGI)h(will)g(move)g(a)e(small)i(piece)f(of)g(the)h (video)f(code)g(into)h(the)g(Linux)f(kernel,)g(and)596 2656 y(then)f(contr)o(ol)g(access)f(to)i(the)f(video)f(system.)i(This)f (means)g(GGI)g(will)h(be)f(able)f(to)h(r)o(estor)o(e)f(your)596 2747 y(console)28 b(at)f(any)h(time)g(to)g(a)f(known)i(good)f(state.)f (They)h(will)g(also)g(allow)g(a)f(secur)o(e)f(attention)596 2839 y(key)-9 b(,)20 b(so)h(you)g(can)f(be)h(sur)o(e)f(that)g(ther)o(e) g(is)h(no)g(T)-7 b(r)o(ojan)20 b(horse)2491 2839 y SDict begin H.S end 2491 2839 a 2491 2839 a SDict begin 11 H.A end 2491 2839 a 2491 2839 a SDict begin [ /View [/XYZ H.V] /Dest (725) cvn H.B /DEST pdfmark end 2491 2839 a Fh(login)g Fl(pr)o(ogram)g(r)o(unning)i(on)g(your)596 2930 y(console.)912 2930 y SDict begin H.S end 912 2930 a 912 2930 a SDict begin 11 H.A end 912 2930 a 912 2930 a SDict begin [ /View [/XYZ H.V] /Dest (726) cvn H.B /DEST pdfmark end 912 2930 a Fl(http://syner)o(gy)-9 b(.caltech.edu/~ggi/)197 3161 y SDict begin H.S end 197 3161 a 197 3161 a SDict begin 11 H.A end 197 3161 a 197 3161 a SDict begin [ /View [/XYZ H.V] /Dest (kernel-security) cvn H.B /DEST pdfmark end 197 3161 a 264 x Fn(K)n(ernel)31 b(Security)1006 3425 y SDict begin H.S end 1006 3425 a 1006 3425 a SDict begin 14.641 H.A end 1006 3425 a 1006 3425 a SDict begin [ /View [/XYZ H.V] /Dest (1.7.1) cvn H.B /DEST pdfmark end 1006 3425 a 197 3503 a SDict begin H.S end 197 3503 a 197 3503 a SDict begin 11 H.A end 197 3503 a 197 3503 a SDict begin [ /View [/XYZ H.V] /Dest (729) cvn H.B /DEST pdfmark end 197 3503 a 596 3572 a Fl(This)19 b(is)h(a)f(description)g(of)h(the)f(kernel)g(con\002guration)i(options) f(that)g(r)o(elate)e(to)h(security)-9 b(,)19 b(and)g(an)596 3663 y(explanation)h(of)h(what)g(they)g(do,)f(and)h(how)g(to)g(use)g (them.)197 3728 y SDict begin H.S end 197 3728 a 197 3728 a SDict begin 11 H.A end 197 3728 a 197 3728 a SDict begin [ /View [/XYZ H.V] /Dest (730) cvn H.B /DEST pdfmark end 197 3728 a 596 3796 a Fl(As)29 b(the)g(kernel)g(contr)o(ols)h (your)g(computer)6 b('s)29 b(networking,)i(it)e(is)h(important)g(that)f (it)g(be)g(very)596 3887 y(secur)o(e,)24 b(and)h(not)i(be)f(compr)o (omised.)f(T)-8 b(o)27 b(pr)o(event)e(some)h(of)g(the)g(latest)g (networking)h(attacks,)596 3979 y(you)33 b(should)h(try)f(to)h(keep)e (your)i(kernel)f(version)g(curr)o(ent.)f(Y)-8 b(ou)35 b(can)d(\002nd)i(new)f(kernels)g(at)596 4070 y SDict begin H.S end 596 4070 a 596 4070 a SDict begin 11 H.A end 596 4070 a 596 4070 a SDict begin [ /View [/XYZ H.V] /Dest (731) cvn H.B /DEST pdfmark end 596 4070 a Fl(<65533>)906 4037 y Fe(52)974 4070 y Fl(or)21 b(fr)o(om)f(your)i(distribution)f (vendor)-6 b(.)197 4135 y SDict begin H.S end 197 4135 a 197 4135 a SDict begin 11 H.A end 197 4135 a 197 4135 a SDict begin [ /View [/XYZ H.V] /Dest (732) cvn H.B /DEST pdfmark end 197 4135 a 596 4203 a Fl(Ther)o(e)43 b(is)i(also)f(a)g (international)h(gr)o(oup)f(pr)o(oviding)g(a)g(single)h(uni\002ed)g (crypto)g(patch)f(to)596 4294 y(the)53 b(mainstr)o(eam)f(Linux)h (kernel.)g(This)h(patch)f(pr)o(ovides)f(support)h(for)g(a)g(number)g (of)596 4385 y(cryptographic)35 b(subsystems)h(and)f(things)h(that)g (cannot)f(be)g(included)g(in)h(the)f(mainstr)o(eam)596 4477 y(kernel)i(due)h(to)g(export)g(r)o(estrictions.)g(For)g(mor)o(e)f (information,)i(visit)g(their)f(web)f(page)h(at:)596 4568 y SDict begin H.S end 596 4568 a 596 4568 a SDict begin 11 H.A end 596 4568 a 596 4568 a SDict begin [ /View [/XYZ H.V] /Dest (733) cvn H.B /DEST pdfmark end 596 4568 a Fl(http://www)-8 b(.kerneli.or)o(g)197 4591 y SDict begin H.S end 197 4591 a 197 4591 a SDict begin 11 H.A end 197 4591 a 197 4591 a SDict begin [ /View [/XYZ H.V] /Dest (734) cvn H.B /DEST pdfmark end 197 4591 a 596 4837 a Fi(2.0)27 b(K)n(ernel)h(Compile)g(Options)1904 4837 y SDict begin H.S end 1904 4837 a 1904 4837 a SDict begin 13.31 H.A end 1904 4837 a 1904 4837 a SDict begin [ /View [/XYZ H.V] /Dest (1.7.34.2) cvn H.B /DEST pdfmark end 1904 4837 a 197 4908 a SDict begin H.S end 197 4908 a 197 4908 a SDict begin 11 H.A end 197 4908 a 197 4908 a SDict begin [ /View [/XYZ H.V] /Dest (736) cvn H.B /DEST pdfmark end 197 4908 a 596 4979 a Fl(For)51 b(2.0.x)f(kernels,)h(the)h (following)g(options)h(apply)-9 b(.)51 b(Y)-8 b(ou)52 b(should)g(see)f(these)h(options)596 5070 y(during)42 b(the)h(kernel)g(con\002guration)g(pr)o(ocess.)f(Many)g(of)h(the)g (comments)g(her)o(e)f(ar)o(e)f(fr)o(om)596 5161 y SDict begin H.S end 596 5161 a 596 5161 a SDict begin 11 H.A end 596 5161 a 596 5161 a SDict begin [ /View [/XYZ H.V] /Dest (737) cvn H.B /DEST pdfmark end 596 5161 a Fh (./linux/Documentation/Configure.help)o Fl(,)35 b(which)42 b(is)g(the)f(same)g(document)h(that)f(is)596 5252 y(r)o(efer)o(enced)19 b(while)24 b(using)f(the)g(Help)f(facility)h(during)f(the)2488 5252 y SDict begin H.S end 2488 5252 a 2488 5252 a SDict begin 11 H.A end 2488 5252 a 2488 5252 a SDict begin [ /View [/XYZ H.V] /Dest (738) cvn H.B /DEST pdfmark end 2488 5252 a Fh(make)44 b(config)22 b Fl(stage)g(of)h(compiling)596 5344 y(the)d(kernel.)197 5387 y SDict begin H.S end 197 5387 a 197 5387 a SDict begin 11 H.A end 197 5387 a 197 5387 a SDict begin [ /View [/XYZ H.V] /Dest (739) cvn H.B /DEST pdfmark end 197 5387 a 197 5387 a SDict begin H.S end 197 5387 a 197 5387 a SDict begin 11 H.A end 197 5387 a 197 5387 a SDict begin [ /View [/XYZ H.V] /Dest (740) cvn H.B /DEST pdfmark end 197 5387 a 197 5429 a SDict begin H.S end 197 5429 a 197 5429 a SDict begin 11 H.A end 197 5429 a 197 5429 a SDict begin [ /View [/XYZ H.V] /Dest (741) cvn H.B /DEST pdfmark end 197 5429 a Black 3601 5585 a Fj(25)p Black eop end %%Page: 26 26 TeXDict begin 26 25 bop -600 -600 a SDict begin /product where{pop product(Distiller)search{pop pop pop version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show grestore}if}{pop}ifelse}{pop}ifelse}if end -600 -600 a Black 0 TeXcolorgray 197 -102 a SDict begin H.S end 197 -102 a 0 TeXcolorgray 0 TeXcolorgray 197 -102 a SDict begin H.R end 197 -102 a 197 -102 a SDict begin [ /View [/XYZ H.V] /Dest (page.26) cvn H.B /DEST pdfmark end 197 -102 a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black Black 596 89 a Fg(\225)p Black 679 89 a SDict begin H.S end 679 89 a 679 89 a SDict begin 11 H.A end 679 89 a 679 89 a SDict begin [ /View [/XYZ H.V] /Dest (742) cvn H.B /DEST pdfmark end 679 89 a Fl(Network)g(Fir)o(ewalls)f (\(CONFIG_FIREW)-8 b(ALL\))679 222 y(This)22 b(option)g(should)h(be)e (on)h(if)g(you)g(intend)g(to)g(r)o(un)g(any)f(\002r)o(ewalling)h(or)g (masquerading)f(on)679 313 y(your)f(Linux)h(machine.)f(If)g(it's)h (just)h(going)f(to)g(be)f(a)g(r)o(egular)f(client)i(machine,)g(it's)g (safe)e(to)i(say)679 405 y(no.)637 537 y SDict begin H.S end 637 537 a 637 537 a SDict begin 11 H.A end 637 537 a 637 537 a SDict begin [ /View [/XYZ H.V] /Dest (744) cvn H.B /DEST pdfmark end 637 537 a Black 596 670 a Fg(\225)p Black 679 670 a SDict begin H.S end 679 670 a 679 670 a SDict begin 11 H.A end 679 670 a 679 670 a SDict begin [ /View [/XYZ H.V] /Dest (745) cvn H.B /DEST pdfmark end 679 670 a Fl(IP:)f(forwar)o(ding/gatewaying)g(\(CONFIG_IP_FOR)m(W)-8 b(ARD\))197 735 y SDict begin H.S end 197 735 a 197 735 a SDict begin 11 H.A end 197 735 a 197 735 a SDict begin [ /View [/XYZ H.V] /Dest (746) cvn H.B /DEST pdfmark end 197 735 a 679 803 a Fl(If)23 b(you)i(enable)f(IP)g(forwar)o(ding,)f (your)i(Linux)f(box)g(essentially)h(becomes)f(a)g(r)o(outer)-6 b(.)23 b(If)h(your)679 894 y(machine)h(is)g(on)g(a)g(network,)g(you)g (could)g(be)g(forwar)o(ding)f(data)f(fr)o(om)i(one)g(network)g(to)g (an-)679 986 y(other)-6 b(,)28 b(and)g(per)o(haps)g(subverting)h(a)f (\002r)o(ewall)g(that)g(was)h(put)g(ther)o(e)e(to)i(pr)o(event)f(this)h (fr)o(om)679 1077 y(happening.)20 b(Normal)g(dial-up)g(users)g(will)h (want)f(to)h(disable)f(this,)g(and)g(other)h(users)f(should)679 1168 y(concentrate)e(on)i(the)f(security)g(implications)h(of)f(doing)g (this.)h(Fir)o(ewall)e(machines)h(will)h(want)679 1260 y(this)h(enabled,)f(and)g(used)h(in)g(conjunction)i(with)e(\002r)o (ewall)f(softwar)o(e.)197 1325 y SDict begin H.S end 197 1325 a 197 1325 a SDict begin 11 H.A end 197 1325 a 197 1325 a SDict begin [ /View [/XYZ H.V] /Dest (747) cvn H.B /DEST pdfmark end 197 1325 a 679 1393 a Fl(Y)-8 b(ou)21 b(can)g(enable)f(IP)h(forwar)o(ding)f(dynamically)h(using)g (the)g(following)h(command:)197 1457 y SDict begin H.S end 197 1457 a 197 1457 a SDict begin 11 H.A end 197 1457 a 197 1457 a SDict begin [ /View [/XYZ H.V] /Dest (748) cvn H.B /DEST pdfmark end 197 1457 a 197 1499 a SDict begin H.S end 197 1499 a 197 1499 a SDict begin 9.9 H.A end 197 1499 a 197 1499 a SDict begin [ /View [/XYZ H.V] /Dest (749) cvn H.B /DEST pdfmark end 197 1499 a 723 1558 a Fh(root#)89 b(echo)44 b(1)h(>)g(/proc/sys/net/ipv4/ip_forward) 679 1691 y Fl(and)20 b(disable)g(it)h(with)h(the)e(command:)197 1734 y SDict begin H.S end 197 1734 a 197 1734 a SDict begin 9.9 H.A end 197 1734 a 197 1734 a SDict begin [ /View [/XYZ H.V] /Dest (750) cvn H.B /DEST pdfmark end 197 1734 a 723 1814 a Fh(root#)89 b(echo)44 b(0)h(>)g (/proc/sys/net/ipv4/ip_forward)679 1947 y Fl(Keep)29 b(in)i(mind)f(the)h(\002les)f(in)h(/pr)o(oc)e(ar)o(e)g("virtual")g (\002les)i(and)e(the)h(shown)i(size)e(of)g(the)g(\002le)679 2038 y(might)21 b(not)h(r)o(e\003ect)e(the)h(data)e(output)i(fr)o(om)g (it.)637 2171 y SDict begin H.S end 637 2171 a 637 2171 a SDict begin 11 H.A end 637 2171 a 637 2171 a SDict begin [ /View [/XYZ H.V] /Dest (751) cvn H.B /DEST pdfmark end 637 2171 a Black 596 2304 a Fg(\225)p Black 679 2304 a SDict begin H.S end 679 2304 a 679 2304 a SDict begin 11 H.A end 679 2304 a 679 2304 a SDict begin [ /View [/XYZ H.V] /Dest (752) cvn H.B /DEST pdfmark end 679 2304 a Fl(IP:)f(syn)i(cookies)f(\(CONFIG_SYN_COOKIES\))197 2369 y SDict begin H.S end 197 2369 a 197 2369 a SDict begin 11 H.A end 197 2369 a 197 2369 a SDict begin [ /View [/XYZ H.V] /Dest (753) cvn H.B /DEST pdfmark end 197 2369 a 679 2437 a Fl(a)j("SYN)g(Attack")g(is)h(a)g(denial)f(of)h (service)f(\(DoS\))g(attack)g(that)h(consumes)h(all)e(the)h(r)o(esour)o (ces)679 2528 y(on)g(your)h(machine,)f(for)o(cing)g(you)h(to)g(r)o (eboot.)f(W)-8 b(e)25 b(can't)g(think)h(of)g(a)e(r)o(eason)h(you)h (wouldn't)679 2620 y(normally)20 b(enable)f(this.)g(In)h(the)g(2.2.x)e (kernel)h(series)g(this)h(con\002g)h(option)f(mer)o(ely)f(allows)h(syn) 679 2711 y(cookies,)h(but)g(does)f(not)i(enable)e(them.)h(T)-8 b(o)21 b(enable)g(them,)g(you)g(have)f(to)h(do:)197 2776 y SDict begin H.S end 197 2776 a 197 2776 a SDict begin 11 H.A end 197 2776 a 197 2776 a SDict begin [ /View [/XYZ H.V] /Dest (754) cvn H.B /DEST pdfmark end 197 2776 a 197 2817 a SDict begin H.S end 197 2817 a 197 2817 a SDict begin 9.9 H.A end 197 2817 a 197 2817 a SDict begin [ /View [/XYZ H.V] /Dest (755) cvn H.B /DEST pdfmark end 197 2817 a 768 2876 a Fh(root#)44 b(echo)g(1)h(>)g (/proc/sys/net/ipv4/tcp_syncookies)39 b(
)637 3142
y
SDict begin H.S end
637 3142 a 637 3142 a
SDict begin 11 H.A end
637 3142 a 637 3142 a
SDict begin [ /View [/XYZ H.V] /Dest (756) cvn H.B /DEST pdfmark end
637 3142
a Black 596 3275 a Fg(\225)p Black 679 3275 a
SDict begin H.S end
679 3275
a 679 3275 a
SDict begin 11 H.A end
679 3275 a 679 3275 a
SDict begin [ /View [/XYZ H.V] /Dest (757) cvn H.B /DEST pdfmark end
679 3275 a Fl(IP:)20
b(Fir)o(ewalling)h(\(CONFIG_IP_FIREW)-8 b(ALL\))197 3340
y
SDict begin H.S end
197 3340 a 197 3340 a
SDict begin 11 H.A end
197 3340 a 197 3340 a
SDict begin [ /View [/XYZ H.V] /Dest (758) cvn H.B /DEST pdfmark end
197 3340
a 679 3407 a Fl(This)17 b(option)h(is)f(necessary)g(if)f(you)i(ar)o(e)d
(going)j(to)g(con\002gur)o(e)f(your)g(machine)g(as)f(a)h(\002r)o
(ewall,)f(do)679 3499 y(masquerading,)h(or)g(wish)i(to)e(pr)o(otect)g
(your)h(dial-up)f(workstation)h(fr)o(om)f(someone)i(entering)679
3590 y(via)h(your)h(PPP)g(dial-up)f(interface.)637 3723
y
SDict begin H.S end
637 3723 a 637 3723 a
SDict begin 11 H.A end
637 3723 a 637 3723 a
SDict begin [ /View [/XYZ H.V] /Dest (759) cvn H.B /DEST pdfmark end
637 3723
a Black 596 3856 a Fg(\225)p Black 679 3856 a
SDict begin H.S end
679 3856
a 679 3856 a
SDict begin 11 H.A end
679 3856 a 679 3856 a
SDict begin [ /View [/XYZ H.V] /Dest (760) cvn H.B /DEST pdfmark end
679 3856 a Fl(IP:)g(\002r)o(ewall)g
(packet)g(logging)j(\(CONFIG_IP_FIREW)-8 b(ALL_VERBOSE\))197
3921 y
SDict begin H.S end
197 3921 a 197 3921 a
SDict begin 11 H.A end
197 3921 a 197 3921 a
SDict begin [ /View [/XYZ H.V] /Dest (761) cvn H.B /DEST pdfmark end
197
3921 a 679 3989 a Fl(This)43 b(option)h(gives)f(you)h(information)g
(about)f(packets)f(your)h(\002r)o(ewall)g(r)o(eceived,)e(like)679
4080 y(sender)-6 b(,)19 b(r)o(ecipient,)h(port,)h(etc.)637
4213 y
SDict begin H.S end
637 4213 a 637 4213 a
SDict begin 11 H.A end
637 4213 a 637 4213 a
SDict begin [ /View [/XYZ H.V] /Dest (762) cvn H.B /DEST pdfmark end
637
4213 a Black 596 4346 a Fg(\225)p Black 679 4346 a
SDict begin H.S end
679
4346 a 679 4346 a
SDict begin 11 H.A end
679 4346 a 679 4346 a
SDict begin [ /View [/XYZ H.V] /Dest (763) cvn H.B /DEST pdfmark end
679 4346 a Fl(IP:)f(Dr)o(op)h
(sour)o(ce)f(r)o(outed)g(frames)g(\(CONFIG_IP_NOSR\))197
4411 y
SDict begin H.S end
197 4411 a 197 4411 a
SDict begin 11 H.A end
197 4411 a 197 4411 a
SDict begin [ /View [/XYZ H.V] /Dest (764) cvn H.B /DEST pdfmark end
197
4411 a 679 4478 a Fl(This)32 b(option)g(should)h(be)e(enabled.)f(Sour)o
(ce)h(r)o(outed)g(frames)f(contain)j(the)e(entir)o(e)g(path)h(to)679
4570 y(their)25 b(destination)i(inside)f(of)f(the)h(packet.)f(This)h
(means)g(that)g(r)o(outers)f(thr)o(ough)h(which)h(the)679
4661 y(packet)17 b(goes)h(do)g(not)h(need)e(to)i(inspect)f(it,)g(and)f
(just)i(forwar)o(d)e(it)h(on.)g(This)h(could)f(lead)f(to)h(data)679
4752 y(entering)j(your)g(system)g(that)g(may)g(be)f(a)g(potential)h
(exploit.)637 4885 y
SDict begin H.S end
637 4885 a 637 4885 a
SDict begin 11 H.A end
637 4885 a
637 4885 a
SDict begin [ /View [/XYZ H.V] /Dest (765) cvn H.B /DEST pdfmark end
637 4885 a Black 596 5018 a Fg(\225)p Black
679 5018 a
SDict begin H.S end
679 5018 a 679 5018 a
SDict begin 11 H.A end
679 5018 a 679 5018
a
SDict begin [ /View [/XYZ H.V] /Dest (766) cvn H.B /DEST pdfmark end
679 5018 a Fl(IP:)g(masquerading)g(\(CONFIG_IP_MASQUERADE\))e(If)i
(one)g(of)h(the)f(computers)h(on)g(your)679 5109 y(local)d(network)h
(for)f(which)i(your)f(Linux)f(box)h(acts)f(as)g(a)g(\002r)o(ewall)g
(wants)h(to)g(send)f(something)679 5201 y(to)i(the)g(outside,)h(your)f
(box)g(can)g("masquerade")f(as)h(that)g(host,)h(i.e.,)f(it)g(for)o
(ewor)o(ds)f(the)h(traf)o(\002c)679 5292 y(to)29 b(the)f(intended)h
(destination,)g(but)g(makes)f(it)h(look)h(like)f(it)g(came)f(fr)o(om)g
(the)h(\002r)o(ewall)f(box)679 5383 y(itself.)20 b(See)1042
5383 y
SDict begin H.S end
1042 5383 a 1042 5383 a
SDict begin 11 H.A end
1042 5383 a 1042 5383
a
SDict begin [ /View [/XYZ H.V] /Dest (767) cvn H.B /DEST pdfmark end
1042 5383 a Fl(http://www)-8 b(.indyramp.com/masq)23
b(for)e(mor)o(e)f(information.)197 5407 y
SDict begin H.S end
197 5407 a
197 5407 a
SDict begin 11 H.A end
197 5407 a 197 5407 a
SDict begin [ /View [/XYZ H.V] /Dest (768) cvn H.B /DEST pdfmark end
197 5407 a Black 178
x Fj(26)p Black eop end
%%Page: 27 27
TeXDict begin 27 26 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.27) cvn H.B /DEST pdfmark
end
197 -102
a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black Black 596 89 a Fg(\225)p Black 679 89 a
SDict begin H.S end
679 89
a 679 89 a
SDict begin 11 H.A end
679 89 a 679 89 a
SDict begin [ /View [/XYZ H.V] /Dest (769) cvn H.B /DEST pdfmark end
679 89 a Fl(IP:)29 b(ICMP)g(masquerading)h
(\(CONFIG_IP_MASQUERADE_ICMP\))c(This)k(option)h(adds)679
180 y(ICMP)e(masquerading)g(to)h(the)g(pr)o(evious)f(option)i(of)f
(only)g(masquerading)g(TCP)f(or)h(UDP)679 272 y(traf)o(\002c.)197
274 y
SDict begin H.S end
197 274 a 197 274 a
SDict begin 11 H.A end
197 274 a 197 274 a
SDict begin [ /View [/XYZ H.V] /Dest (770) cvn H.B /DEST pdfmark end
197 274
a Black 596 405 a Fg(\225)p Black 679 405 a
SDict begin H.S end
679 405 a
679 405 a
SDict begin 11 H.A end
679 405 a 679 405 a
SDict begin [ /View [/XYZ H.V] /Dest (771) cvn H.B /DEST pdfmark end
679 405 a Fl(IP:)36 b(transpar)o(ent)e
(pr)o(oxy)i(support)h(\(CONFIG_IP_TRANSP)-8 b(ARENT_PROXY\))35
b(This)i(en-)679 496 y(ables)23 b(your)g(Linux)h(\002r)o(ewall)f(to)g
(transpar)o(ently)g(r)o(edir)o(ect)e(any)j(network)g(traf)o(\002c)e
(originating)679 587 y(fr)o(om)28 b(the)h(local)f(network)h(and)g
(destined)f(for)g(a)h(r)o(emote)f(host)h(to)g(a)f(local)h(server)-6
b(,)28 b(called)f(a)679 679 y("transpar)o(ent)j(pr)o(oxy)h(server".)g
(This)i(makes)f(the)g(local)g(computers)g(think)h(they)f(ar)o(e)e
(talk-)679 770 y(ing)25 b(to)h(the)f(r)o(emote)f(end,)h(while)h(in)f
(fact)f(they)h(ar)o(e)f(connected)h(to)g(the)h(local)f(pr)o(oxy)-9
b(.)24 b(See)g(the)679 861 y(IP-Masquerading)16 b(HOWT)o(O)i(and)1846
861 y
SDict begin H.S end
1846 861 a 1846 861 a
SDict begin 11 H.A end
1846 861 a 1846 861 a
SDict begin [ /View [/XYZ H.V] /Dest (772) cvn H.B /DEST pdfmark end
1846
861 a Fl(http://www)-8 b(.indyramp.com/masq)20 b(for)e(mor)o(e)g(infor)
o(-)679 953 y(mation.)197 955 y
SDict begin H.S end
197 955 a 197 955 a
SDict begin 11 H.A end
197
955 a 197 955 a
SDict begin [ /View [/XYZ H.V] /Dest (773) cvn H.B /DEST pdfmark end
197 955 a Black 596 1085 a Fg(\225)p
Black 679 1085 a
SDict begin H.S end
679 1085 a 679 1085 a
SDict begin 11 H.A end
679 1085 a 679
1085 a
SDict begin [ /View [/XYZ H.V] /Dest (774) cvn H.B /DEST pdfmark end
679 1085 a Fl(IP:)i(always)h(defragment)f(\(CONFIG_IP_AL)-6
b(W)e(A)f(YS_DEFRAG\))197 1150 y
SDict begin H.S end
197 1150 a 197 1150
a
SDict begin 11 H.A end
197 1150 a 197 1150 a
SDict begin [ /View [/XYZ H.V] /Dest (775) cvn H.B /DEST pdfmark end
197 1150 a 679 1218 a Fl(Generally)18
b(this)h(option)g(is)g(disabled,)e(but)h(if)g(you)h(ar)o(e)e(building)i
(a)e(\002r)o(ewall)h(or)g(a)g(masquerad-)679 1310 y(ing)27
b(host,)h(you)f(will)h(want)f(to)g(enable)f(it.)h(When)g(data)f(is)h
(sent)g(fr)o(om)g(one)g(host)h(to)f(another)-6 b(,)679
1401 y(it)26 b(does)h(not)g(always)g(get)g(sent)g(as)f(a)g(single)i
(packet)d(of)i(data,)e(but)i(rather)f(it)h(is)g(fragmented)679
1492 y(into)22 b(several)e(pieces.)h(The)g(pr)o(oblem)g(with)h(this)g
(is)f(that)g(the)h(port)f(numbers)h(ar)o(e)d(only)k(stor)o(ed)679
1583 y(in)h(the)h(\002rst)g(fragment.)e(This)i(means)g(that)f(someone)h
(can)f(insert)h(information)g(into)h(the)e(r)o(e-)679
1675 y(maining)j(packets)g(that)g(isn't)g(supposed)h(to)f(be)f(ther)o
(e.)g(It)h(could)g(also)h(pr)o(event)e(a)g(tear)o(dr)o(op)679
1766 y(attack)19 b(against)i(an)g(internal)g(host)g(that)g(is)g(not)h
(yet)e(itself)h(patched)f(against)h(it.)637 1899 y
SDict begin H.S end
637
1899 a 637 1899 a
SDict begin 11 H.A end
637 1899 a 637 1899 a
SDict begin [ /View [/XYZ H.V] /Dest (776) cvn H.B /DEST pdfmark end
637 1899 a Black
596 2032 a Fg(\225)p Black 679 2032 a
SDict begin H.S end
679 2032 a 679
2032 a
SDict begin 11 H.A end
679 2032 a 679 2032 a
SDict begin [ /View [/XYZ H.V] /Dest (777) cvn H.B /DEST pdfmark end
679 2032 a Fl(Packet)f(Signatur)o(es)g
(\(CONFIG_NCPFS_P)-8 b(ACKET_SIGNING\))197 2097 y
SDict begin H.S end
197
2097 a 197 2097 a
SDict begin 11 H.A end
197 2097 a 197 2097 a
SDict begin [ /View [/XYZ H.V] /Dest (778) cvn H.B /DEST pdfmark end
197 2097 a 679
2165 a Fl(This)20 b(is)f(an)h(option)g(that)g(is)g(available)e(in)i
(the)g(2.2.x)d(kernel)j(series)f(that)h(will)g(sign)g(NCP)g(pack-)679
2256 y(ets)e(for)g(str)o(onger)g(security)-9 b(.)18 b(Normally)h(you)g
(can)f(leave)g(it)g(of)o(f,)f(but)i(it)f(is)h(ther)o(e)f(if)g(you)h(do)
f(need)679 2347 y(it.)637 2480 y
SDict begin H.S end
637 2480 a 637 2480
a
SDict begin 11 H.A end
637 2480 a 637 2480 a
SDict begin [ /View [/XYZ H.V] /Dest (779) cvn H.B /DEST pdfmark end
637 2480 a Black 596 2613 a Fg(\225)p
Black 679 2613 a
SDict begin H.S end
679 2613 a 679 2613 a
SDict begin 11 H.A end
679 2613 a 679
2613 a
SDict begin [ /View [/XYZ H.V] /Dest (780) cvn H.B /DEST pdfmark end
679 2613 a Fl(IP:)i(Fir)o(ewall)g(packet)g(netlink)i(device)e
(\(CONFIG_IP_FIREW)-8 b(ALL_NETLINK\))197 2678 y
SDict begin H.S end
197
2678 a 197 2678 a
SDict begin 11 H.A end
197 2678 a 197 2678 a
SDict begin [ /View [/XYZ H.V] /Dest (781) cvn H.B /DEST pdfmark end
197 2678 a 679
2746 a Fl(This)31 b(is)g(a)g(r)o(eally)f(neat)g(option)i(that)f(allows)
h(you)f(to)g(analyze)f(the)h(\002rst)g(128)f(bytes)h(of)g(the)679
2837 y(packets)21 b(in)h(a)f(user)o(-space)f(pr)o(ogram,)h(to)h
(determine)f(if)h(you)g(would)g(like)g(to)g(accept)f(or)h(deny)679
2928 y(the)e(packet,)g(based)g(on)h(its)h(validity)-9
b(.)197 3236 y
SDict begin H.S end
197 3236 a 197 3236 a
SDict begin 11 H.A end
197 3236 a 197 3236
a
SDict begin [ /View [/XYZ H.V] /Dest (782) cvn H.B /DEST pdfmark end
197 3236 a 596 3512 a Fi(2.2)27 b(K)n(ernel)h(Compile)g(Options)1904
3512 y
SDict begin H.S end
1904 3512 a 1904 3512 a
SDict begin 13.31 H.A end
1904 3512 a 1904 3512
a
SDict begin [ /View [/XYZ H.V] /Dest (1.7.35.2) cvn H.B /DEST pdfmark
end
1904 3512 a 197 3583 a
SDict begin H.S end
197 3583 a 197 3583 a
SDict begin 11 H.A end
197 3583
a 197 3583 a
SDict begin [ /View [/XYZ H.V] /Dest (784) cvn H.B /DEST pdfmark end
197 3583 a 596 3654 a Fl(For)72 b(2.2.x)f(kernels,)h(many)
h(of)f(the)h(options)g(ar)o(e)e(the)i(same,)e(but)i(a)f(few)g(new)596
3745 y(ones)93 b(have)g(been)g(developed.)e(Many)i(of)g(the)g(comments)
i(her)o(e)d(ar)o(e)f(fr)o(om)596 3836 y
SDict begin H.S end
596 3836 a 596
3836 a
SDict begin 11 H.A end
596 3836 a 596 3836 a
SDict begin [ /View [/XYZ H.V] /Dest (785) cvn H.B /DEST pdfmark end
596 3836 a Fh
(./linux/Documentation/Configure.help)o Fl(,)52 b(which)59
b(is)f(the)g(same)g(document)g(that)596 3928 y(is)51
b(r)o(efer)o(enced)d(while)k(using)g(the)f(Help)g(facility)g(during)g
(the)2826 3928 y
SDict begin H.S end
2826 3928 a 2826 3928 a
SDict begin 11 H.A end
2826 3928 a
2826 3928 a
SDict begin [ /View [/XYZ H.V] /Dest (786) cvn H.B /DEST pdfmark end
2826 3928 a Fh(make)44 b(config)50 b Fl(stage)h(of)596
4019 y(compiling)28 b(the)g(kernel.)f(Only)i(the)f(newly-)f(added)f
(options)j(ar)o(e)d(listed)i(below)-8 b(.)28 b(Consult)h(the)596
4110 y(2.0)d(description)i(for)f(a)g(list)i(of)e(other)h(necessary)f
(options.)i(The)f(most)g(signi\002cant)h(change)e(in)596
4202 y(the)f(2.2)f(kernel)i(series)f(is)h(the)g(IP)f(\002r)o(ewalling)h
(code.)f(The)2501 4202 y
SDict begin H.S end
2501 4202 a 2501 4202 a
SDict begin 11 H.A end
2501
4202 a 2501 4202 a
SDict begin [ /View [/XYZ H.V] /Dest (787) cvn H.B /DEST pdfmark end
2501 4202 a Fh(ipchains)f Fl(pr)o(ogram)h(is)h(now)g
(used)596 4293 y(to)21 b(install)g(IP)g(\002r)o(ewalling,)f(instead)h
(of)g(the)1991 4293 y
SDict begin H.S end
1991 4293 a 1991 4293 a
SDict begin 11 H.A end
1991 4293
a 1991 4293 a
SDict begin [ /View [/XYZ H.V] /Dest (788) cvn H.B /DEST pdfmark end
1991 4293 a Fh(ipfwadm)e Fl(pr)o(ogram)h(used)h(in)g(the)
g(2.0)e(kernel.)197 4358 y
SDict begin H.S end
197 4358 a 197 4358 a
SDict begin 11 H.A end
197
4358 a 197 4358 a
SDict begin [ /View [/XYZ H.V] /Dest (789) cvn H.B /DEST pdfmark end
197 4358 a 197 4358 a
SDict begin H.S end
197 4358 a 197
4358 a
SDict begin 11 H.A end
197 4358 a 197 4358 a
SDict begin [ /View [/XYZ H.V] /Dest (790) cvn H.B /DEST pdfmark end
197 4358 a 197 4399 a
SDict begin H.S end
197
4399 a 197 4399 a
SDict begin 11 H.A end
197 4399 a 197 4399 a
SDict begin [ /View [/XYZ H.V] /Dest (791) cvn H.B /DEST pdfmark end
197 4399 a Black
596 4550 a Fg(\225)p Black 679 4550 a
SDict begin H.S end
679 4550 a 679
4550 a
SDict begin 11 H.A end
679 4550 a 679 4550 a
SDict begin [ /View [/XYZ H.V] /Dest (792) cvn H.B /DEST pdfmark end
679 4550 a Fl(Socket)h(Filtering)i
(\(CONFIG_FIL)-6 b(TER\))197 4615 y
SDict begin H.S end
197 4615 a 197 4615
a
SDict begin 11 H.A end
197 4615 a 197 4615 a
SDict begin [ /View [/XYZ H.V] /Dest (793) cvn H.B /DEST pdfmark end
197 4615 a 679 4683 a Fl(For)18
b(most)g(people,)g(it's)g(safe)f(to)h(say)g(no)h(to)f(this)g(option.)h
(This)f(option)h(allows)g(you)f(to)g(connect)679 4775
y(a)30 b(user)o(-space)g(\002lter)h(to)h(any)f(socket)h(and)f
(determine)g(if)g(packets)g(should)h(be)f(allowed)g(or)679
4866 y(denied.)g(Unless)i(you)g(have)f(a)g(very)g(speci\002c)g(need)g
(and)g(ar)o(e)f(capable)g(of)i(pr)o(ogramming)679 4957
y(such)19 b(a)g(\002lter)-6 b(,)19 b(you)h(should)h(say)e(no.)h(Also)g
(note)f(that)h(as)f(of)g(this)i(writing,)f(all)f(pr)o(otocols)h(wer)o
(e)679 5048 y(supported)g(except)g(TCP)-11 b(.)637 5181
y
SDict begin H.S end
637 5181 a 637 5181 a
SDict begin 11 H.A end
637 5181 a 637 5181 a
SDict begin [ /View [/XYZ H.V] /Dest (794) cvn H.B /DEST pdfmark end
637 5181
a Black 596 5314 a Fg(\225)p Black 679 5314 a
SDict begin H.S end
679 5314
a 679 5314 a
SDict begin 11 H.A end
679 5314 a 679 5314 a
SDict begin [ /View [/XYZ H.V] /Dest (795) cvn H.B /DEST pdfmark end
679 5314 a Fl(Port)21
b(Forwar)o(ding)p Black 3601 5585 a Fj(27)p Black eop
end
%%Page: 28 28
TeXDict begin 28 27 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.28) cvn H.B /DEST pdfmark
end
197 -102
a Black 197 -201 a
SDict begin H.S end
197 -201 a 197 -201 a
SDict begin 11 H.A end
197 -201 a 197
-201 a
SDict begin [ /View [/XYZ H.V] /Dest (823) cvn H.B /DEST pdfmark end
197 -201 a 69 x Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black 197 6 a
SDict begin H.S end
197 6 a 197 6 a
SDict begin 11 H.A end
197 6 a 197 6 a
SDict begin [ /View [/XYZ H.V] /Dest (796) cvn H.B /DEST pdfmark end
197 6 a
679 89 a Fl(Port)c(Forwar)o(ding)g(is)h(an)f(addition)g(to)h(IP)f
(Masquerading)g(which)h(allows)g(some)g(forwar)o(ding)679
180 y(of)j(packets)h(fr)o(om)f(outside)i(to)f(inside)g(a)f(\002r)o
(ewall)h(on)g(given)h(ports.)e(This)i(could)f(be)g(useful)f(if,)679
272 y(for)26 b(example,)h(you)g(want)g(to)h(r)o(un)g(a)e(web)h(server)g
(behind)g(the)g(\002r)o(ewall)g(or)g(masquerading)679
363 y(host)21 b(and)f(that)h(web)f(server)g(should)h(be)f(accessible)g
(fr)o(om)g(the)h(outside)g(world.)f(An)h(external)679
454 y(client)d(sends)h(a)f(r)o(equest)h(to)g(port)f(80)g(of)g(the)h
(\002r)o(ewall,)f(the)h(\002r)o(ewall)f(forwar)o(ds)f(this)i(r)o
(equest)g(to)679 546 y(the)g(web)g(server)-6 b(,)17 b(the)i(web)g
(server)g(handles)f(the)i(r)o(equest)e(and)h(the)g(r)o(esults)g(ar)o(e)
e(sent)i(thr)o(ough)679 637 y(the)24 b(\002r)o(ewall)g(to)g(the)h
(original)g(client.)f(The)h(client)f(thinks)i(that)e(the)h(\002r)o
(ewall)e(machine)i(itself)679 728 y(is)g(r)o(unning)i(the)f(web)f
(server)-6 b(.)25 b(This)h(can)f(also)h(be)f(used)g(for)g(load)h
(balancing)f(if)g(you)h(have)f(a)679 820 y(farm)20 b(of)g(identical)h
(web)f(servers)h(behind)g(the)f(\002r)o(ewall.)197 863
y
SDict begin H.S end
197 863 a 197 863 a
SDict begin 11 H.A end
197 863 a 197 863 a
SDict begin [ /View [/XYZ H.V] /Dest (797) cvn H.B /DEST pdfmark end
197 863 a 679
953 a Fl(Information)233 b(about)f(this)i(featur)o(e)c(is)j(available)e
(fr)o(om)679 1044 y(http://www)-8 b
(.monmouth.demon.co.uk/ipsubs/portforwar)o(ding.html)399
b(\(to)679 1135 y(br)o(owse)49 b(the)g(WWW)-8 b(,)50
b(you)f(need)g(to)h(have)f(access)f(to)i(a)f(machine)g(on)h(the)g
(Internet)679 1226 y(that)58 b(has)h(a)f(pr)o(ogram)g(like)h(lynx)h(or)
f(Netscape\).)e(For)i(general)f(info,)h(please)f(see)679
1318 y(ftp://ftp.compsoc.net/users/steve/ipportfw/linux21/)637
1451 y
SDict begin H.S end
637 1451 a 637 1451 a
SDict begin 11 H.A end
637 1451 a 637 1451 a
SDict begin [ /View [/XYZ H.V] /Dest (798) cvn H.B /DEST pdfmark end
637
1451 a Black 596 1583 a Fg(\225)p Black 679 1583 a
SDict begin H.S end
679
1583 a 679 1583 a
SDict begin 11 H.A end
679 1583 a 679 1583 a
SDict begin [ /View [/XYZ H.V] /Dest (799) cvn H.B /DEST pdfmark end
679 1583 a Fl(Socket)20
b(Filtering)i(\(CONFIG_FIL)-6 b(TER\))197 1648 y
SDict begin H.S end
197
1648 a 197 1648 a
SDict begin 11 H.A end
197 1648 a 197 1648 a
SDict begin [ /View [/XYZ H.V] /Dest (800) cvn H.B /DEST pdfmark end
197 1648 a 679
1716 a Fl(Using)17 b(this)i(option,)f(user)o(-space)d(pr)o(ograms)i
(can)h(attach)e(a)h(\002lter)h(to)f(any)h(socket)g(and)f(ther)o(eby)679
1808 y(tell)22 b(the)g(kernel)h(that)f(it)g(should)h(allow)g(or)f
(disallow)h(certain)f(types)g(of)g(data)f(to)i(get)f(thr)o(ough)679
1899 y(the)29 b(socket.)h(Linux)f(socket)h(\002ltering)g(works)g(on)g
(all)f(socket)h(types)f(except)g(TCP)g(for)g(now)-8 b(.)679
1990 y(See)26 b(the)i(text)f(\002le)1278 1990 y
SDict begin H.S end
1278
1990 a 1278 1990 a
SDict begin 11 H.A end
1278 1990 a 1278 1990 a
SDict begin [ /View [/XYZ H.V] /Dest (801) cvn H.B /DEST pdfmark end
1278 1990
a Fh(./linux/Documentation/networking/filter)o(.txt)21
b Fl(for)28 b(mor)o(e)f(in-)679 2082 y(formation.)637
2214 y
SDict begin H.S end
637 2214 a 637 2214 a
SDict begin 11 H.A end
637 2214 a 637 2214 a
SDict begin [ /View [/XYZ H.V] /Dest (802) cvn H.B /DEST pdfmark end
637
2214 a Black 596 2347 a Fg(\225)p Black 679 2347 a
SDict begin H.S end
679
2347 a 679 2347 a
SDict begin 11 H.A end
679 2347 a 679 2347 a
SDict begin [ /View [/XYZ H.V] /Dest (803) cvn H.B /DEST pdfmark end
679 2347 a Fl(IP:)20
b(Masquerading)197 2412 y
SDict begin H.S end
197 2412 a 197 2412 a
SDict begin 11 H.A end
197 2412
a 197 2412 a
SDict begin [ /View [/XYZ H.V] /Dest (804) cvn H.B /DEST pdfmark end
197 2412 a 679 2480 a Fl(The)27 b(2.2)f(kernel)i
(masquerading)f(has)h(been)f(impr)o(oved.)f(It)i(pr)o(ovides)f
(additional)g(support)679 2571 y(for)19 b(masquerading)i(special)e(pr)o
(otocols,)i(etc.)e(Be)h(sur)o(e)g(to)g(r)o(ead)f(the)h(IP)g(Chains)h
(HOWT)o(O)f(for)679 2663 y(mor)o(e)g(information.)197
2970 y
SDict begin H.S end
197 2970 a 197 2970 a
SDict begin 11 H.A end
197 2970 a 197 2970 a
SDict begin [ /View [/XYZ H.V] /Dest (805) cvn H.B /DEST pdfmark end
197
2970 a 596 3246 a Fi(K)n(ernel)28 b(De)n(vices)1314 3246
y
SDict begin H.S end
1314 3246 a 1314 3246 a
SDict begin 13.31 H.A end
1314 3246 a 1314 3246 a
SDict begin [ /View [/XYZ H.V] /Dest (1.7.36.2) cvn H.B /DEST pdfmark
end
1314
3246 a 197 3298 a
SDict begin H.S end
197 3298 a 197 3298 a
SDict begin 11 H.A end
197 3298 a 197
3298 a
SDict begin [ /View [/XYZ H.V] /Dest (807) cvn H.B /DEST pdfmark end
197 3298 a 596 3388 a Fl(Ther)o(e)16 b(ar)o(e)g(a)h(few)g(block)
h(and)f(character)f(devices)h(available)f(on)j(Linux)e(that)h(will)g
(also)g(help)f(you)596 3479 y(with)k(security)-9 b(.)197
3544 y
SDict begin H.S end
197 3544 a 197 3544 a
SDict begin 11 H.A end
197 3544 a 197 3544 a
SDict begin [ /View [/XYZ H.V] /Dest (808) cvn H.B /DEST pdfmark end
197
3544 a 596 3612 a Fl(The)20 b(two)h(devices)1211 3612
y
SDict begin H.S end
1211 3612 a 1211 3612 a
SDict begin 11 H.A end
1211 3612 a 1211 3612 a
SDict begin [ /View [/XYZ H.V] /Dest (809) cvn H.B /DEST pdfmark end
1211
3612 a Fh(/dev/random)e Fl(and)1886 3612 y
SDict begin H.S end
1886 3612
a 1886 3612 a
SDict begin 11 H.A end
1886 3612 a 1886 3612 a
SDict begin [ /View [/XYZ H.V] /Dest (810) cvn H.B /DEST pdfmark end
1886 3612 a Fh(/dev/urandom)g
Fl(ar)o(e)g(pr)o(ovided)g(by)i(the)f(kernel)h(to)g(pr)o(o-)596
3704 y(vide)f(random)h(data)e(at)h(any)h(time.)197 3768
y
SDict begin H.S end
197 3768 a 197 3768 a
SDict begin 11 H.A end
197 3768 a 197 3768 a
SDict begin [ /View [/XYZ H.V] /Dest (811) cvn H.B /DEST pdfmark end
197 3768
a 596 3836 a Fl(Both)788 3836 y
SDict begin H.S end
788 3836 a 788 3836 a
SDict begin 11 H.A end
788 3836 a 788 3836 a
SDict begin [ /View [/XYZ H.V] /Dest (812) cvn H.B /DEST pdfmark end
788 3836 a Fh(/dev/random)e Fl(and)1464
3836 y
SDict begin H.S end
1464 3836 a 1464 3836 a
SDict begin 11 H.A end
1464 3836 a 1464 3836
a
SDict begin [ /View [/XYZ H.V] /Dest (813) cvn H.B /DEST pdfmark end
1464 3836 a Fh(/dev/urandom)g Fl(should)i(be)g(secur)o(e)f(enough)i
(to)f(use)g(in)h(generating)596 3928 y(PGP)f(keys,)988
3928 y
SDict begin H.S end
988 3928 a 988 3928 a
SDict begin 11 H.A end
988 3928 a 988 3928 a
SDict begin [ /View [/XYZ H.V] /Dest (814) cvn H.B /DEST pdfmark end
988
3928 a Fh(ssh)f Fl(challenges,)g(and)g(other)h(applications)f(wher)o(e)
g(secur)o(e)f(random)i(numbers)f(ar)o(e)596 4019 y(r)o(equir)o(ed.)28
b(Attackers)h(should)j(be)e(unable)g(to)g(pr)o(edict)f(the)i(next)f
(number)h(given)f(any)g(initial)596 4110 y(sequence)24
b(of)g(numbers)g(fr)o(om)g(these)g(sour)o(ces.)g(Ther)o(e)f(has)h(been)
g(a)f(lot)i(of)f(ef)o(fort)f(put)h(in)h(to)f(en-)596
4202 y(suring)c(that)g(the)h(numbers)f(you)h(get)f(fr)o(om)g(these)g
(sour)o(ces)g(ar)o(e)f(random)h(in)h(every)e(sense)i(of)f(the)596
4293 y(wor)o(d.)197 4336 y
SDict begin H.S end
197 4336 a 197 4336 a
SDict begin 11 H.A end
197
4336 a 197 4336 a
SDict begin [ /View [/XYZ H.V] /Dest (815) cvn H.B /DEST pdfmark end
197 4336 a 596 4426 a Fl(The)c(only)h(dif)o(fer)o
(ence)d(between)i(the)g(two)h(devices,)e(is)i(that)2473
4426 y
SDict begin H.S end
2473 4426 a 2473 4426 a
SDict begin 11 H.A end
2473 4426 a 2473 4426
a
SDict begin [ /View [/XYZ H.V] /Dest (816) cvn H.B /DEST pdfmark end
2473 4426 a Fh(/dev/random)d Fl(r)o(uns)j(out)g(of)f(random)596
4517 y(bytes)j(and)g(it)h(makes)f(you)h(wait)g(for)f(mor)o(e)g(to)h(be)
f(accumulated.)f(Note)i(that)f(on)h(some)g(systems,)596
4608 y(it)30 b(can)f(block)i(for)f(a)f(long)i(time)g(waiting)f(for)g
(new)g(user)o(-generated)e(entr)o(opy)i(to)h(be)e(enter)o(ed)596
4700 y(into)19 b(the)g(system.)g(So)g(you)g(have)g(to)g(use)g(car)o(e)e
(befor)o(e)g(using)2527 4700 y
SDict begin H.S end
2527 4700 a 2527 4700
a
SDict begin 11 H.A end
2527 4700 a 2527 4700 a
SDict begin [ /View [/XYZ H.V] /Dest (817) cvn H.B /DEST pdfmark end
2527 4700 a Fh(/dev/random)p
Fl(.)g(\(Per)o(haps)g(the)i(best)596 4791 y(thing)h(to)g(do)f(is)h(to)f
(use)h(it)f(when)h(you'r)o(e)f(generating)h(sensitive)f(keying)h
(information,)h(and)d(you)596 4882 y(tell)i(the)g(user)g(to)h(pound)g
(on)g(the)f(keyboar)o(d)f(r)o(epeatedly)f(until)j(you)g(print)g(out)f
("OK,)h(enough".\))197 4947 y
SDict begin H.S end
197 4947 a 197 4947 a
SDict begin 11 H.A end
197
4947 a 197 4947 a
SDict begin [ /View [/XYZ H.V] /Dest (818) cvn H.B /DEST pdfmark end
197 4947 a 197 4947 a
SDict begin H.S end
197 4947 a 197
4947 a
SDict begin 11 H.A end
197 4947 a 197 4947 a
SDict begin [ /View [/XYZ H.V] /Dest (819) cvn H.B /DEST pdfmark end
197 4947 a 596 5015 a Fh(/dev/random)i
Fl(is)j(high)h(quality)f(entr)o(opy)-9 b(,)25 b(generated)g(fr)o(om)g
(measuring)h(the)f(inter)o(-interr)o(upt)596 5107 y(times)c(etc.)f(It)h
(blocks)g(until)h(enough)f(bits)g(of)g(random)g(data)f(ar)o(e)f
(available.)197 5172 y
SDict begin H.S end
197 5172 a 197 5172 a
SDict begin 11 H.A end
197 5172
a 197 5172 a
SDict begin [ /View [/XYZ H.V] /Dest (820) cvn H.B /DEST pdfmark end
197 5172 a 197 5172 a
SDict begin H.S end
197 5172 a 197 5172
a
SDict begin 11 H.A end
197 5172 a 197 5172 a
SDict begin [ /View [/XYZ H.V] /Dest (821) cvn H.B /DEST pdfmark end
197 5172 a 596 5239 a Fh(/dev/urandom)i
Fl(is)k(similar)-6 b(,)24 b(but)g(when)g(the)g(stor)o(e)g(of)g(entr)o
(opy)g(is)g(r)o(unning)i(low)-8 b(,)25 b(it'll)f(r)o(eturn)f(a)596
5331 y(cryptographically)j(str)o(ong)h(hash)g(of)f(what)h(ther)o(e)f
(is.)g(This)h(isn't)h(as)e(secur)o(e,)f(but)i(it's)g(enough)596
5422 y(for)20 b(most)i(applications.)p Black 197 5585
a Fj(28)p Black eop end
%%Page: 29 29
TeXDict begin 29 28 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.29) cvn H.B /DEST pdfmark
end
197 -102
a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black 197 6 a
SDict begin H.S end
197 6 a 197 6 a
SDict begin 11 H.A end
197 6 a 197 6 a
SDict begin [ /View [/XYZ H.V] /Dest (822) cvn H.B /DEST pdfmark end
197 6 a
596 89 a Fl(Y)-8 b(ou)21 b(might)h(r)o(ead)d(fr)o(om)i(the)f(devices)h
(using)g(something)i(like:)640 296 y Fh(root#)89 b(head)44
b(-c)h(6)f(/dev/urandom)f(|)i(mimencode)596 470 y Fl(This)26
b(will)g(print)g(six)f(random)h(characters)e(on)i(the)g(console,)g
(suitable)g(for)f(passwor)o(d)g(genera-)596 561 y(tion.)c(Y)-8
b(ou)22 b(can)e(\002nd)1263 561 y
SDict begin H.S end
1263 561 a 1263 561
a
SDict begin 11 H.A end
1263 561 a 1263 561 a
SDict begin [ /View [/XYZ H.V] /Dest (825) cvn H.B /DEST pdfmark end
1263 561 a Fh(mimencode)f Fl(in)j(the)1917
561 y
SDict begin H.S end
1917 561 a 1917 561 a
SDict begin 11 H.A end
1917 561 a 1917 561 a
SDict begin [ /View [/XYZ H.V] /Dest (826) cvn H.B /DEST pdfmark end
1917
561 a Fh(metamail)d Fl(package.)197 626 y
SDict begin H.S end
197 626 a 197
626 a
SDict begin 11 H.A end
197 626 a 197 626 a
SDict begin [ /View [/XYZ H.V] /Dest (827) cvn H.B /DEST pdfmark end
197 626 a 596 694 a Fl(See)739
694 y
SDict begin H.S end
739 694 a 739 694 a
SDict begin 11 H.A end
739 694 a 739 694 a
SDict begin [ /View [/XYZ H.V] /Dest (828) cvn H.B /DEST pdfmark end
739 694
a Fh(/usr/src/linux/drivers/char/random.c)c Fl(for)21
b(a)f(description)h(of)g(the)g(algorithm.)197 759 y
SDict begin H.S end
197
759 a 197 759 a
SDict begin 11 H.A end
197 759 a 197 759 a
SDict begin [ /View [/XYZ H.V] /Dest (829) cvn H.B /DEST pdfmark end
197 759 a 596 827
a Fl(Thanks)g(to)h(Theodor)o(e)f(Y)-9 b(.)21 b(T)-7 b(s'o,)21
b(Jon)h(Lewis,)f(and)g(others)h(fr)o(om)f(Linux-kernel)g(for)g(helping)
h(me)596 918 y(\(Dave\))d(with)j(this.)197 1060 y
SDict begin H.S end
197
1060 a 197 1060 a
SDict begin 11 H.A end
197 1060 a 197 1060 a
SDict begin [ /View [/XYZ H.V] /Dest (network-security) cvn H.B /DEST
pdfmark end
197 1060 a 271
x Fn(Netw)n(ork)30 b(Security)1097 1331 y
SDict begin H.S end
1097 1331 a
1097 1331 a
SDict begin 14.641 H.A end
1097 1331 a 1097 1331 a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.1) cvn H.B /DEST pdfmark
end
1097 1331 a 197 1409
a
SDict begin H.S end
197 1409 a 197 1409 a
SDict begin 11 H.A end
197 1409 a 197 1409 a
SDict begin [ /View [/XYZ H.V] /Dest (832) cvn H.B /DEST pdfmark end
197 1409
a 596 1477 a Fl(Network)23 b(security)g(is)h(becoming)g(mor)o(e)f(and)g
(mor)o(e)g(important)g(as)g(people)g(spend)g(mor)o(e)g(and)596
1569 y(mor)o(e)34 b(time)i(connected.)e(Compr)o(omising)j(network)e
(security)g(is)h(often)f(much)h(easier)e(than)596 1660
y(compr)o(omising)22 b(physical)f(or)f(local)h(security)-9
b(,)21 b(and)f(is)h(much)g(mor)o(e)g(common.)197 1725
y
SDict begin H.S end
197 1725 a 197 1725 a
SDict begin 11 H.A end
197 1725 a 197 1725 a
SDict begin [ /View [/XYZ H.V] /Dest (833) cvn H.B /DEST pdfmark end
197 1725
a 596 1793 a Fl(Ther)o(e)d(ar)o(e)f(a)h(number)i(of)f(good)g(tools)h
(to)f(assist)h(with)f(network)h(security)-9 b(,)19 b(and)f(mor)o(e)h
(and)f(mor)o(e)596 1884 y(of)i(them)h(ar)o(e)f(shipping)i(with)f(Linux)
g(distributions.)197 1907 y
SDict begin H.S end
197 1907 a 197 1907 a
SDict begin 11 H.A end
197
1907 a 197 1907 a
SDict begin [ /View [/XYZ H.V] /Dest (834) cvn H.B /DEST pdfmark end
197 1907 a 596 2153 a Fi(P)m(ac)n(ket)27
b(Sniff)o(er)n(s)1312 2153 y
SDict begin H.S end
1312 2153 a 1312 2153 a
SDict begin 13.31 H.A end
1312 2153 a 1312 2153 a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.37.2) cvn H.B /DEST pdfmark
end
1312 2153 a 197 2204 a
SDict begin H.S end
197 2204
a 197 2204 a
SDict begin 11 H.A end
197 2204 a 197 2204 a
SDict begin [ /View [/XYZ H.V] /Dest (836) cvn H.B /DEST pdfmark end
197 2204 a 596 2294
a Fl(One)f(of)f(the)h(most)h(common)g(ways)f(intr)o(uders)g(gain)g
(access)f(to)h(mor)o(e)g(systems)h(on)f(your)g(net-)596
2386 y(work)k(is)g(by)f(employing)i(a)e(packet)g(snif)o(fer)g(on)h(a)f
(alr)o(eady)f(compr)o(omised)i(host.)g(This)g("snif-)596
2477 y(fer")23 b(just)i(listens)h(on)f(the)g(Ethernet)f(port)h(for)f
(things)i(like)2485 2477 y
SDict begin H.S end
2485 2477 a 2485 2477 a
SDict begin 11 H.A end
2485
2477 a 2485 2477 a
SDict begin [ /View [/XYZ H.V] /Dest (837) cvn H.B /DEST pdfmark end
2485 2477 a Fh(passwd)d Fl(and)2944
2477 y
SDict begin H.S end
2944 2477 a 2944 2477 a
SDict begin 11 H.A end
2944 2477 a 2944 2477
a
SDict begin [ /View [/XYZ H.V] /Dest (838) cvn H.B /DEST pdfmark end
2944 2477 a Fh(login)g Fl(and)3357 2477 y
SDict begin H.S end
3357 2477
a 3357 2477 a
SDict begin 11 H.A end
3357 2477 a 3357 2477 a
SDict begin [ /View [/XYZ H.V] /Dest (839) cvn H.B /DEST pdfmark end
3357 2477 a Fh(su)i
Fl(in)g(the)596 2568 y(packet)20 b(str)o(eam)g(and)g(then)i(logs)f(the)
h(traf)o(\002c)d(after)h(that.)g(This)i(way)-9 b(,)20
b(attackers)g(gain)h(passwor)o(ds)596 2660 y(for)d(systems)i(they)e(ar)
o(e)g(not)h(even)g(attempting)g(to)g(br)o(eak)e(into.)i(Clear)o(-text)e
(passwor)o(ds)h(ar)o(e)f(very)596 2751 y(vulnerable)j(to)h(this)g
(attack.)197 2794 y
SDict begin H.S end
197 2794 a 197 2794 a
SDict begin 11 H.A end
197 2794 a
197 2794 a
SDict begin [ /View [/XYZ H.V] /Dest (840) cvn H.B /DEST pdfmark end
197 2794 a 596 2884 a Fl(Example:)h(Host)i(A)f(has)g(been)g
(compr)o(omised.)g(Attacker)f(installs)i(a)f(snif)o(fer)-6
b(.)22 b(Snif)o(fer)f(picks)j(up)596 2975 y(admin)30
b(logging)h(into)g(Host)g(B)e(fr)o(om)h(Host)h(C.)e(It)h(gets)g(the)h
(admins)f(personal)g(passwor)o(d)f(as)596 3067 y(they)22
b(login)i(to)f(B.)f(Then,)h(the)f(admin)h(does)f(a)2065
3067 y
SDict begin H.S end
2065 3067 a 2065 3067 a
SDict begin 11 H.A end
2065 3067 a 2065 3067
a
SDict begin [ /View [/XYZ H.V] /Dest (841) cvn H.B /DEST pdfmark end
2065 3067 a Fh(su)h Fl(to)g(\002x)f(a)g(pr)o(oblem.)g(They)h(now)g
(have)f(the)h(r)o(oot)596 3158 y(passwor)o(d)d(for)g(Host)h(B.)f(Later)
g(the)h(admin)f(lets)h(someone)2492 3158 y
SDict begin H.S end
2492 3158
a 2492 3158 a
SDict begin 11 H.A end
2492 3158 a 2492 3158 a
SDict begin [ /View [/XYZ H.V] /Dest (842) cvn H.B /DEST pdfmark end
2492 3158 a Fh(telnet)e
Fl(fr)o(om)h(his)i(account)e(to)h(Host)596 3249 y(Z)g(on)g(another)g
(site.)g(Now)g(the)g(attacker)e(has)i(a)f(passwor)o(d/login)i(on)f
(Host)h(Z.)197 3314 y
SDict begin H.S end
197 3314 a 197 3314 a
SDict begin 11 H.A end
197 3314
a 197 3314 a
SDict begin [ /View [/XYZ H.V] /Dest (843) cvn H.B /DEST pdfmark end
197 3314 a 596 3382 a Fl(In)28 b(this)h(day)f(and)g(age,)g
(the)g(attacker)f(doesn't)i(even)f(need)g(to)h(compr)o(omise)g(a)f
(system)h(to)g(do)596 3473 y(this:)21 b(they)g(could)g(also)g(bring)g
(a)f(laptop)h(or)g(pc)f(into)i(a)e(building)h(and)g(tap)f(into)i(your)f
(net.)197 3538 y
SDict begin H.S end
197 3538 a 197 3538 a
SDict begin 11 H.A end
197 3538 a 197
3538 a
SDict begin [ /View [/XYZ H.V] /Dest (844) cvn H.B /DEST pdfmark end
197 3538 a 596 3606 a Fl(Using)848 3606 y
SDict begin H.S end
848
3606 a 848 3606 a
SDict begin 11 H.A end
848 3606 a 848 3606 a
SDict begin [ /View [/XYZ H.V] /Dest (845) cvn H.B /DEST pdfmark end
848 3606 a Fh(ssh)33
b Fl(or)h(other)g(encrypted)f(passwor)o(d)g(methods)h(thwarts)g(this)g
(attack.)f(Things)i(like)596 3697 y(APOP)22 b(for)h(POP)g(accounts)g
(also)g(pr)o(events)f(this)i(attack.)d(\(Normal)i(POP)g(logins)h(ar)o
(e)e(very)g(vul-)596 3789 y(nerable)d(to)j(this,)f(as)f(is)h(anything)h
(that)f(sends)g(clear)o(-text)e(passwor)o(ds)h(over)h(the)f(network.\))
197 3854 y
SDict begin H.S end
197 3854 a 197 3854 a
SDict begin 11 H.A end
197 3854 a 197 3854
a
SDict begin [ /View [/XYZ H.V] /Dest (846) cvn H.B /DEST pdfmark end
197 3854 a 596 4107 a Fi(System)28 b(ser)q(vices)f(and)h(tcp_wrapper)
n(s)2268 4107 y
SDict begin H.S end
2268 4107 a 2268 4107 a
SDict begin 13.31 H.A end
2268 4107 a 2268
4107 a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.38.2) cvn H.B /DEST pdfmark
end
2268 4107 a 197 4178 a
SDict begin H.S end
197 4178 a 197 4178 a
SDict begin 11 H.A end
197
4178 a 197 4178 a
SDict begin [ /View [/XYZ H.V] /Dest (848) cvn H.B /DEST pdfmark end
197 4178 a 596 4248 a Fl(Befor)o(e)20
b(you)j(put)f(your)g(Linux)h(system)f(on)1994 4248 y
SDict begin H.S end
1994 4248 a 1994 4248 a
SDict begin 11 H.A end
1994 4248 a 1994 4248 a
SDict begin [ /View [/XYZ H.V] /Dest (849) cvn H.B /DEST pdfmark end
1994
4248 a Fj(ANY)h Fl(network)f(the)h(\002rst)f(thing)h(to)g(look)g(at)e
(is)i(what)596 4340 y(services)f(you)i(need)e(to)h(of)o(fer)-6
b(.)21 b(Services)h(that)h(you)h(do)f(not)g(need)g(to)g(of)o(fer)f
(should)h(be)g(disabled)596 4431 y(so)i(that)g(you)g(have)g(one)g(less)
g(thing)h(to)f(worry)h(about)e(and)h(attackers)f(have)g(one)h(less)g
(place)g(to)596 4522 y(look)c(for)g(a)f(hole.)197 4566
y
SDict begin H.S end
197 4566 a 197 4566 a
SDict begin 11 H.A end
197 4566 a 197 4566 a
SDict begin [ /View [/XYZ H.V] /Dest (850) cvn H.B /DEST pdfmark end
197 4566
a 596 4655 a Fl(Ther)o(e)26 b(ar)o(e)g(a)h(number)h(of)f(ways)h(to)g
(disable)f(services)g(under)g(Linux.)g(Y)-8 b(ou)29 b(can)e(look)i(at)e
(your)596 4747 y
SDict begin H.S end
596 4747 a 596 4747 a
SDict begin 11 H.A end
596 4747 a 596
4747 a
SDict begin [ /View [/XYZ H.V] /Dest (851) cvn H.B /DEST pdfmark end
596 4747 a Fh(/etc/inetd.conf)14 b Fl(\002le)j(and)g(see)g(what)
g(services)g(ar)o(e)f(being)h(of)o(fer)o(ed)e(by)i(your)3147
4747 y
SDict begin H.S end
3147 4747 a 3147 4747 a
SDict begin 11 H.A end
3147 4747 a 3147 4747
a
SDict begin [ /View [/XYZ H.V] /Dest (852) cvn H.B /DEST pdfmark end
3147 4747 a Fh(inetd)p Fl(.)f(Disable)596 4838 y(any)25
b(that)g(you)h(do)f(not)i(need)d(by)i(commenting)h(them)f(out)f(\()2559
4838 y
SDict begin H.S end
2559 4838 a 2559 4838 a
SDict begin 11 H.A end
2559 4838 a 2559 4838
a
SDict begin [ /View [/XYZ H.V] /Dest (853) cvn H.B /DEST pdfmark end
2559 4838 a Fh(#)g Fl(at)g(the)h(beginning)g(of)g(the)f(line\),)596
4929 y(and)20 b(then)h(sending)g(your)h(inetd)e(pr)o(ocess)h(a)f
(SIGHUP)-11 b(.)197 4994 y
SDict begin H.S end
197 4994 a 197 4994 a
SDict begin 11 H.A end
197
4994 a 197 4994 a
SDict begin [ /View [/XYZ H.V] /Dest (854) cvn H.B /DEST pdfmark end
197 4994 a 596 5062 a Fl(Y)j(ou)33
b(can)e(also)h(r)o(emove)f(\(or)h(comment)h(out\))f(services)f(in)i
(your)2744 5062 y
SDict begin H.S end
2744 5062 a 2744 5062 a
SDict begin 11 H.A end
2744 5062 a
2744 5062 a
SDict begin [ /View [/XYZ H.V] /Dest (855) cvn H.B /DEST pdfmark end
2744 5062 a Fh(/etc/services)d Fl(\002le.)h(This)596
5153 y(will)i(mean)g(that)h(local)f(clients)h(will)f(also)h(be)f
(unable)g(to)g(\002nd)h(the)f(service)g(\(i.e.,)f(if)g(you)i(r)o(e-)596
5245 y(move)822 5245 y
SDict begin H.S end
822 5245 a 822 5245 a
SDict begin 11 H.A end
822 5245
a 822 5245 a
SDict begin [ /View [/XYZ H.V] /Dest (856) cvn H.B /DEST pdfmark end
822 5245 a Fh(ftp)p Fl(,)20 b(and)h(try)g(and)g(ftp)f(to)i
(a)f(r)o(emote)f(site)h(fr)o(om)g(that)g(machine)h(it)f(will)h(fail)e
(with)i(an)f("un-)596 5336 y(known)i(service")e(message\).)g(It's)h
(usually)g(not)h(worth)f(the)g(tr)o(ouble)g(to)g(r)o(emove)f(services)g
(fr)o(om)596 5427 y
SDict begin H.S end
596 5427 a 596 5427 a
SDict begin 11 H.A end
596 5427 a
596 5427 a
SDict begin [ /View [/XYZ H.V] /Dest (857) cvn H.B /DEST pdfmark end
596 5427 a Fh(/etc/services)p Fl(,)g(since)i(it)h(pr)o
(ovides)f(no)h(additional)f(security)-9 b(.)23 b(If)g(a)g(local)h
(person)f(wanted)h(to)p Black 3601 5585 a Fj(29)p Black
eop end
%%Page: 30 30
TeXDict begin 30 29 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.30) cvn H.B /DEST pdfmark
end
197 -102
a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black
596 89 a Fl(use)745 89 y
SDict begin H.S end
745 89 a 745 89 a
SDict begin 11 H.A end
745 89 a 745
89 a
SDict begin [ /View [/XYZ H.V] /Dest (858) cvn H.B /DEST pdfmark end
745 89 a Fh(ftp)j Fl(even)g(though)h(you)g(had)f(commented)h(it)g
(out,)f(they)h(would)g(make)f(their)g(own)i(client)596
180 y(that)20 b(used)h(the)g(common)h(FTP)f(port)g(and)f(would)h(still)
h(work)f(\002ne.)197 245 y
SDict begin H.S end
197 245 a 197 245 a
SDict begin 11 H.A end
197 245
a 197 245 a
SDict begin [ /View [/XYZ H.V] /Dest (859) cvn H.B /DEST pdfmark end
197 245 a 596 313 a Fl(Some)f(of)h(the)g(services)f(you)i
(might)f(want)g(to)g(leave)f(enabled)g(ar)o(e:)197 378
y
SDict begin H.S end
197 378 a 197 378 a
SDict begin 11 H.A end
197 378 a 197 378 a
SDict begin [ /View [/XYZ H.V] /Dest (860) cvn H.B /DEST pdfmark end
197 378 a 197
378 a
SDict begin H.S end
197 378 a 197 378 a
SDict begin 11 H.A end
197 378 a 197 378 a
SDict begin [ /View [/XYZ H.V] /Dest (861) cvn H.B /DEST pdfmark end
197 378
a 197 420 a
SDict begin H.S end
197 420 a 197 420 a
SDict begin 11 H.A end
197 420 a 197 420 a
SDict begin [ /View [/XYZ H.V] /Dest (862) cvn H.B /DEST pdfmark end
197
420 a Black 596 571 a Fg(\225)p Black 679 571 a
SDict begin H.S end
679 571
a 679 571 a
SDict begin 11 H.A end
679 571 a 679 571 a
SDict begin [ /View [/XYZ H.V] /Dest (863) cvn H.B /DEST pdfmark end
679 571 a 679 571 a
SDict begin H.S end
679
571 a 679 571 a
SDict begin 11 H.A end
679 571 a 679 571 a
SDict begin [ /View [/XYZ H.V] /Dest (864) cvn H.B /DEST pdfmark end
679 571 a Fh(ftp)197
583 y
SDict begin H.S end
197 583 a 197 583 a
SDict begin 11 H.A end
197 583 a 197 583 a
SDict begin [ /View [/XYZ H.V] /Dest (865) cvn H.B /DEST pdfmark end
197 583
a Black 596 703 a Fg(\225)p Black 679 703 a
SDict begin H.S end
679 703 a
679 703 a
SDict begin 11 H.A end
679 703 a 679 703 a
SDict begin [ /View [/XYZ H.V] /Dest (866) cvn H.B /DEST pdfmark end
679 703 a 679 703 a
SDict begin H.S end
679
703 a 679 703 a
SDict begin 11 H.A end
679 703 a 679 703 a
SDict begin [ /View [/XYZ H.V] /Dest (867) cvn H.B /DEST pdfmark end
679 703 a Fh(telnet)f
Fl(\(or)1095 703 y
SDict begin H.S end
1095 703 a 1095 703 a
SDict begin 11 H.A end
1095 703 a 1095
703 a
SDict begin [ /View [/XYZ H.V] /Dest (868) cvn H.B /DEST pdfmark end
1095 703 a Fh(ssh)p Fl(\))197 721 y
SDict begin H.S end
197 721 a 197
721 a
SDict begin 11 H.A end
197 721 a 197 721 a
SDict begin [ /View [/XYZ H.V] /Dest (869) cvn H.B /DEST pdfmark end
197 721 a Black 596 836 a Fg(\225)p
Black 679 836 a
SDict begin H.S end
679 836 a 679 836 a
SDict begin 11 H.A end
679 836 a 679 836
a
SDict begin [ /View [/XYZ H.V] /Dest (870) cvn H.B /DEST pdfmark end
679 836 a Fl(mail,)h(such)h(as)1172 836 y
SDict begin H.S end
1172 836
a 1172 836 a
SDict begin 11 H.A end
1172 836 a 1172 836 a
SDict begin [ /View [/XYZ H.V] /Dest (871) cvn H.B /DEST pdfmark end
1172 836 a Fh(pop-3)f
Fl(or)1516 836 y
SDict begin H.S end
1516 836 a 1516 836 a
SDict begin 11 H.A end
1516 836 a 1516
836 a
SDict begin [ /View [/XYZ H.V] /Dest (872) cvn H.B /DEST pdfmark end
1516 836 a Fh(imap)197 850 y
SDict begin H.S end
197 850 a 197 850
a
SDict begin 11 H.A end
197 850 a 197 850 a
SDict begin [ /View [/XYZ H.V] /Dest (873) cvn H.B /DEST pdfmark end
197 850 a Black 596 969 a Fg(\225)p
Black 679 969 a
SDict begin H.S end
679 969 a 679 969 a
SDict begin 11 H.A end
679 969 a 679 969
a
SDict begin [ /View [/XYZ H.V] /Dest (874) cvn H.B /DEST pdfmark end
679 969 a 679 969 a
SDict begin H.S end
679 969 a 679 969 a
SDict begin 11 H.A end
679 969 a 679
969 a
SDict begin [ /View [/XYZ H.V] /Dest (875) cvn H.B /DEST pdfmark end
679 969 a Fh(identd)197 1143 y
SDict begin H.S end
197 1143 a 197 1143
a
SDict begin 11 H.A end
197 1143 a 197 1143 a
SDict begin [ /View [/XYZ H.V] /Dest (876) cvn H.B /DEST pdfmark end
197 1143 a 596 1235 a Fl(If)25
b(you)h(know)h(you)g(ar)o(e)d(not)i(going)h(to)g(use)e(some)i
(particular)d(package,)h(you)h(can)g(also)g(delete)596
1326 y(it)d(entir)o(ely)-9 b(.)985 1326 y
SDict begin H.S end
985 1326 a
985 1326 a
SDict begin 11 H.A end
985 1326 a 985 1326 a
SDict begin [ /View [/XYZ H.V] /Dest (877) cvn H.B /DEST pdfmark end
985 1326 a Fh(rpm)44
b(-e)h(packagename)21 b Fl(under)h(the)h(Red)g(Hat)g(distribution)g
(will)h(erase)e(an)h(entir)o(e)596 1417 y(package.)c(Under)h(Debian)
1481 1417 y
SDict begin H.S end
1481 1417 a 1481 1417 a
SDict begin 11 H.A end
1481 1417 a 1481
1417 a
SDict begin [ /View [/XYZ H.V] /Dest (878) cvn H.B /DEST pdfmark end
1481 1417 a Fh(dpkg)44 b(--remove)19 b Fl(does)i(the)g(same)f
(thing.)197 1482 y
SDict begin H.S end
197 1482 a 197 1482 a
SDict begin 11 H.A end
197 1482 a 197
1482 a
SDict begin [ /View [/XYZ H.V] /Dest (879) cvn H.B /DEST pdfmark end
197 1482 a 596 1550 a Fl(Additionally)-9 b(,)22
b(you)h(r)o(eally)f(want)h(to)h(disable)e(the)h(rsh/rlogin/r)o(cp)h
(utilities,)f(including)h(login)596 1642 y(\(used)f(by)939
1642 y
SDict begin H.S end
939 1642 a 939 1642 a
SDict begin 11 H.A end
939 1642 a 939 1642 a
SDict begin [ /View [/XYZ H.V] /Dest (880) cvn H.B /DEST pdfmark end
939
1642 a Fh(rlogin)p Fl(\),)f(shell)j(\(used)e(by)1819
1642 y
SDict begin H.S end
1819 1642 a 1819 1642 a
SDict begin 11 H.A end
1819 1642 a 1819 1642
a
SDict begin [ /View [/XYZ H.V] /Dest (881) cvn H.B /DEST pdfmark end
1819 1642 a Fh(rcp)p Fl(\),)g(and)h(exec)f(\(used)g(by)2717
1642 y
SDict begin H.S end
2717 1642 a 2717 1642 a
SDict begin 11 H.A end
2717 1642 a 2717 1642
a
SDict begin [ /View [/XYZ H.V] /Dest (882) cvn H.B /DEST pdfmark end
2717 1642 a Fh(rsh)p Fl(\))g(fr)o(om)h(being)g(started)f(in)596
1733 y
SDict begin H.S end
596 1733 a 596 1733 a
SDict begin 11 H.A end
596 1733 a 596 1733 a
SDict begin [ /View [/XYZ H.V] /Dest (883) cvn H.B /DEST pdfmark end
596
1733 a Fh(/etc/inetd.conf)p Fl(.)f(These)j(pr)o(otocols)g(ar)o(e)e
(extr)o(emely)h(insecur)o(e)h(and)f(have)h(been)f(the)i(cause)596
1824 y(of)20 b(exploits)h(in)h(the)f(past.)197 1889 y
SDict begin H.S end
197 1889 a 197 1889 a
SDict begin 11 H.A end
197 1889 a 197 1889 a
SDict begin [ /View [/XYZ H.V] /Dest (884) cvn H.B /DEST pdfmark end
197 1889
a 596 1957 a Fl(Y)-8 b(ou)61 b(should)h(check)1382 1957
y
SDict begin H.S end
1382 1957 a 1382 1957 a
SDict begin 11 H.A end
1382 1957 a 1382 1957 a
SDict begin [ /View [/XYZ H.V] /Dest (885) cvn H.B /DEST pdfmark end
1382
1957 a Fh(/etc/rc.d/rc[0-9].d)c Fl(\(on)i(Red)h(Hat;)2902
1957 y
SDict begin H.S end
2902 1957 a 2902 1957 a
SDict begin 11 H.A end
2902 1957 a 2902 1957
a
SDict begin [ /View [/XYZ H.V] /Dest (886) cvn H.B /DEST pdfmark end
2902 1957 a Fh(/etc/rc[0-9].d)d Fl(on)596 2048 y(Debian\),)31
b(and)h(see)g(if)f(any)i(of)f(the)g(servers)g(started)f(in)h(those)h
(dir)o(ectories)f(ar)o(e)e(not)j(needed.)596 2140 y(The)k(\002les)h(in)
g(those)g(dir)o(ectories)f(ar)o(e)f(actually)h(symbolic)i(links)f(to)g
(\002les)g(in)g(the)g(dir)o(ectory)596 2231 y
SDict begin H.S end
596 2231
a 596 2231 a
SDict begin 11 H.A end
596 2231 a 596 2231 a
SDict begin [ /View [/XYZ H.V] /Dest (887) cvn H.B /DEST pdfmark end
596 2231 a Fh(/etc/rc.d/init.d)30
b Fl(\(on)k(Red)f(Hat;)1871 2231 y
SDict begin H.S end
1871 2231 a 1871 2231
a
SDict begin 11 H.A end
1871 2231 a 1871 2231 a
SDict begin [ /View [/XYZ H.V] /Dest (888) cvn H.B /DEST pdfmark end
1871 2231 a Fh(/etc/init.d)f
Fl(on)i(Debian\).)e(Renaming)i(the)g(\002les)f(in)596
2322 y(the)731 2322 y
SDict begin H.S end
731 2322 a 731 2322 a
SDict begin 11 H.A end
731 2322
a 731 2322 a
SDict begin [ /View [/XYZ H.V] /Dest (889) cvn H.B /DEST pdfmark end
731 2322 a Fh(init.d)20 b Fl(dir)o(ectory)f(disables)i
(all)f(the)h(symbolic)g(links)h(that)e(point)i(to)f(that)f(\002le.)h
(If)f(you)h(only)596 2414 y(wish)i(to)g(disable)f(a)g(service)g(for)g
(a)g(particular)g(r)o(un)h(level,)f(r)o(ename)f(the)i(appr)o(opriate)e
(symbolic)596 2505 y(link)g(by)g(r)o(eplacing)f(the)h(upper)o(-case)
1793 2505 y
SDict begin H.S end
1793 2505 a 1793 2505 a
SDict begin 11 H.A end
1793 2505 a 1793
2505 a
SDict begin [ /View [/XYZ H.V] /Dest (890) cvn H.B /DEST pdfmark end
1793 2505 a Fh(S)g Fl(with)g(a)g(lower)o(-case)2522
2505 y
SDict begin H.S end
2522 2505 a 2522 2505 a
SDict begin 11 H.A end
2522 2505 a 2522 2505
a
SDict begin [ /View [/XYZ H.V] /Dest (891) cvn H.B /DEST pdfmark end
2522 2505 a Fh(s)p Fl(,)g(like)g(this:)197 2570 y
SDict begin H.S end
197
2570 a 197 2570 a
SDict begin 11 H.A end
197 2570 a 197 2570 a
SDict begin [ /View [/XYZ H.V] /Dest (892) cvn H.B /DEST pdfmark end
197 2570 a 197
2653 a
SDict begin H.S end
197 2653 a 197 2653 a
SDict begin 9.9 H.A end
197 2653 a 197 2653 a
SDict begin [ /View [/XYZ H.V] /Dest (893) cvn H.B /DEST pdfmark end
197
2653 a 909 2712 a Fh(root#)89 b(cd)45 b(/etc/rc6.d)909
2794 y(root#)89 b(mv)45 b(S45dhcpd)e(s45dhcpd)197 3010
y
SDict begin H.S end
197 3010 a 197 3010 a
SDict begin 11 H.A end
197 3010 a 197 3010 a
SDict begin [ /View [/XYZ H.V] /Dest (894) cvn H.B /DEST pdfmark end
197 3010
a 596 3101 a Fl(If)27 b(you)h(have)f(BSD-style)1438 3101
y
SDict begin H.S end
1438 3101 a 1438 3101 a
SDict begin 11 H.A end
1438 3101 a 1438 3101 a
SDict begin [ /View [/XYZ H.V] /Dest (895) cvn H.B /DEST pdfmark end
1438
3101 a Fh(rc)g Fl(\002les,)h(you)g(will)g(want)g(to)f(check)2640
3101 y
SDict begin H.S end
2640 3101 a 2640 3101 a
SDict begin 11 H.A end
2640 3101 a 2640 3101
a
SDict begin [ /View [/XYZ H.V] /Dest (896) cvn H.B /DEST pdfmark end
2640 3101 a Fh(/etc/rc*)f Fl(for)h(pr)o(ograms)g(you)596
3192 y(don't)21 b(need.)197 3236 y
SDict begin H.S end
197 3236 a 197 3236
a
SDict begin 11 H.A end
197 3236 a 197 3236 a
SDict begin [ /View [/XYZ H.V] /Dest (897) cvn H.B /DEST pdfmark end
197 3236 a 596 3325 a Fl(Most)h(Linux)h
(distributions)g(ship)g(with)g(tcp_wrappers)e("wrapping")h(all)g(your)h
(TCP)g(services.)596 3417 y(A)28 b(tcp_wrapper)g(\()1218
3417 y
SDict begin H.S end
1218 3417 a 1218 3417 a
SDict begin 11 H.A end
1218 3417 a 1218 3417
a
SDict begin [ /View [/XYZ H.V] /Dest (898) cvn H.B /DEST pdfmark end
1218 3417 a Fh(tcpd)p Fl(\))f(is)j(invoked)g(fr)o(om)2079
3417 y
SDict begin H.S end
2079 3417 a 2079 3417 a
SDict begin 11 H.A end
2079 3417 a 2079 3417
a
SDict begin [ /View [/XYZ H.V] /Dest (899) cvn H.B /DEST pdfmark end
2079 3417 a Fh(inetd)f Fl(instead)g(of)g(the)g(r)o(eal)f(server)-6
b(.)3312 3417 y
SDict begin H.S end
3312 3417 a 3312 3417 a
SDict begin 11 H.A end
3312 3417 a 3312
3417 a
SDict begin [ /View [/XYZ H.V] /Dest (900) cvn H.B /DEST pdfmark end
3312 3417 a Fh(tcpd)28 b Fl(then)596 3508 y(checks)d(the)h(host)
g(that)f(is)h(r)o(equesting)g(the)f(service,)g(and)g(either)g(executes)
g(the)g(r)o(eal)g(server)-6 b(,)24 b(or)596 3599 y(denies)d(access)f
(fr)o(om)h(that)g(host.)1663 3599 y
SDict begin H.S end
1663 3599 a 1663
3599 a
SDict begin 11 H.A end
1663 3599 a 1663 3599 a
SDict begin [ /View [/XYZ H.V] /Dest (901) cvn H.B /DEST pdfmark end
1663 3599 a Fh(tcpd)f
Fl(allows)i(you)g(to)f(r)o(estrict)g(access)f(to)i(your)f(TCP)h
(services.)596 3691 y(Y)-8 b(ou)19 b(should)g(make)f(a)1307
3691 y
SDict begin H.S end
1307 3691 a 1307 3691 a
SDict begin 11 H.A end
1307 3691 a 1307 3691
a
SDict begin [ /View [/XYZ H.V] /Dest (902) cvn H.B /DEST pdfmark end
1307 3691 a Fh(/etc/hosts.allow)e Fl(and)h(add)g(in)i(only)g(those)g
(hosts)g(that)f(need)g(to)g(have)596 3782 y(access)i(to)h(your)g
(machine's)g(services.)197 3847 y
SDict begin H.S end
197 3847 a 197 3847
a
SDict begin 11 H.A end
197 3847 a 197 3847 a
SDict begin [ /View [/XYZ H.V] /Dest (903) cvn H.B /DEST pdfmark end
197 3847 a 596 3915 a Fl(If)k(you)h(ar)o(e)e(a)
h(home)h(dial)g(up)f(user)-6 b(,)25 b(we)h(suggest)g(you)g(deny)g(ALL.)
2801 3915 y
SDict begin H.S end
2801 3915 a 2801 3915 a
SDict begin 11 H.A end
2801 3915 a 2801
3915 a
SDict begin [ /View [/XYZ H.V] /Dest (904) cvn H.B /DEST pdfmark end
2801 3915 a Fh(tcpd)f Fl(also)h(logs)g(failed)f(at-)596
4006 y(tempts)18 b(to)h(access)f(services,)f(so)i(this)g(can)g(alert)e
(you)i(if)f(you)h(ar)o(e)e(under)h(attack.)f(If)h(you)h(add)f(new)596
4097 y(services,)j(you)i(should)g(be)g(sur)o(e)e(to)i(con\002gur)o(e)g
(them)f(to)h(use)g(tcp_wrappers)d(if)j(they)f(ar)o(e)f(TCP-)596
4189 y(based.)f(For)j(example,)e(a)g(normal)i(dial-up)e(user)h(can)f
(pr)o(event)g(outsiders)i(fr)o(om)e(connecting)j(to)596
4280 y(his)c(machine,)f(yet)g(still)h(have)f(the)h(ability)f(to)h(r)o
(etrieve)e(mail,)h(and)g(make)g(network)h(connections)596
4371 y(to)h(the)g(Internet.)f(T)-8 b(o)21 b(do)g(this,)h(you)f(might)h
(add)d(the)i(following)i(to)e(your)2925 4371 y
SDict begin H.S end
2925 4371
a 2925 4371 a
SDict begin 11 H.A end
2925 4371 a 2925 4371 a
SDict begin [ /View [/XYZ H.V] /Dest (905) cvn H.B /DEST pdfmark end
2925 4371 a Fh(/etc/hosts.allow)p
Fl(:)197 4436 y
SDict begin H.S end
197 4436 a 197 4436 a
SDict begin 11 H.A end
197 4436 a 197
4436 a
SDict begin [ /View [/XYZ H.V] /Dest (906) cvn H.B /DEST pdfmark end
197 4436 a 596 4504 a Fl(ALL:)e(127.)197 4546
y
SDict begin H.S end
197 4546 a 197 4546 a
SDict begin 11 H.A end
197 4546 a 197 4546 a
SDict begin [ /View [/XYZ H.V] /Dest (907) cvn H.B /DEST pdfmark end
197 4546
a 596 4637 a Fl(And)h(of)h(course)f(/etc/hosts.deny)i(would)g(contain:)
197 4702 y
SDict begin H.S end
197 4702 a 197 4702 a
SDict begin 11 H.A end
197 4702 a 197 4702
a
SDict begin [ /View [/XYZ H.V] /Dest (908) cvn H.B /DEST pdfmark end
197 4702 a 596 4770 a Fl(ALL:)d(ALL)197 4812 y
SDict begin H.S end
197
4812 a 197 4812 a
SDict begin 11 H.A end
197 4812 a 197 4812 a
SDict begin [ /View [/XYZ H.V] /Dest (909) cvn H.B /DEST pdfmark end
197 4812 a 596
4903 a Fl(which)g(will)g(pr)o(event)e(external)h(connections)i(to)f
(your)f(machine,)h(yet)f(still)h(allow)g(you)g(fr)o(om)f(the)596
4994 y(inside)j(to)g(connect)g(to)g(servers)f(on)i(the)f(Internet.)197
5037 y
SDict begin H.S end
197 5037 a 197 5037 a
SDict begin 11 H.A end
197 5037 a 197 5037 a
SDict begin [ /View [/XYZ H.V] /Dest (910) cvn H.B /DEST pdfmark end
197
5037 a 596 5127 a Fl(Keep)j(in)i(mind)f(that)g(tcp_wrappers)f(only)i
(pr)o(otects)f(services)f(executed)g(fr)o(om)3207 5127
y
SDict begin H.S end
3207 5127 a 3207 5127 a
SDict begin 11 H.A end
3207 5127 a 3207 5127 a
SDict begin [ /View [/XYZ H.V] /Dest (911) cvn H.B /DEST pdfmark end
3207
5127 a Fh(inetd)p Fl(,)g(and)g(a)596 5218 y(select)h(few)h(others.)g
(Ther)o(e)f(very)h(well)g(may)g(be)g(other)g(services)g(r)o(unning)h
(on)g(your)f(machine.)596 5310 y(Y)-8 b(ou)21 b(can)g(use)1053
5310 y
SDict begin H.S end
1053 5310 a 1053 5310 a
SDict begin 11 H.A end
1053 5310 a 1053 5310
a
SDict begin [ /View [/XYZ H.V] /Dest (912) cvn H.B /DEST pdfmark end
1053 5310 a Fh(netstat)43 b(-ta)21 b Fl(to)g(\002nd)g(a)f(list)h(of)g
(all)g(the)g(services)f(your)h(machine)g(is)g(of)o(fering.)197
5374 y
SDict begin H.S end
197 5374 a 197 5374 a
SDict begin 11 H.A end
197 5374 a 197 5374 a
SDict begin [ /View [/XYZ H.V] /Dest (913) cvn H.B /DEST pdfmark end
197
5374 a Black 211 x Fj(30)p Black eop end
%%Page: 31 31
TeXDict begin 31 30 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.31) cvn H.B /DEST pdfmark
end
197 -102
a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black 596 89 a Fi(V)-5 b(erify)28 b(Y)-10 b(our)28 b(DNS)f(Inf)n
(ormation)1932 89 y
SDict begin H.S end
1932 89 a 1932 89 a
SDict begin 13.31 H.A end
1932 89 a 1932
89 a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.39.2) cvn H.B /DEST pdfmark
end
1932 89 a 197 160 a
SDict begin H.S end
197 160 a 197 160 a
SDict begin 11 H.A end
197 160
a 197 160 a
SDict begin [ /View [/XYZ H.V] /Dest (915) cvn H.B /DEST pdfmark end
197 160 a 596 231 a Fl(Keeping)i(up-to-date)f(DNS)h
(information)h(about)f(all)g(hosts)h(on)g(your)g(network)f(can)g(help)h
(to)596 322 y(incr)o(ease)24 b(security)-9 b(.)25 b(If)g(an)g
(unauthorized)g(host)i(becomes)e(connected)h(to)g(your)f(network,)h
(you)596 413 y(can)g(r)o(ecognize)f(it)i(by)g(its)g(lack)f(of)g(a)g
(DNS)g(entry)-9 b(.)27 b(Many)f(services)g(can)g(be)g(con\002gur)o(ed)g
(to)h(not)596 505 y(accept)19 b(connections)k(fr)o(om)d(hosts)i(that)e
(do)h(not)h(have)e(valid)g(DNS)h(entries.)197 570 y
SDict begin H.S end
197
570 a 197 570 a
SDict begin 11 H.A end
197 570 a 197 570 a
SDict begin [ /View [/XYZ H.V] /Dest (916) cvn H.B /DEST pdfmark end
197 570 a 596 823
a Fi(identd)896 823 y
SDict begin H.S end
896 823 a 896 823 a
SDict begin 13.31 H.A end
896 823 a 896
823 a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.40.2) cvn H.B /DEST pdfmark
end
896 823 a 197 874 a
SDict begin H.S end
197 874 a 197 874 a
SDict begin 11 H.A end
197 874
a 197 874 a
SDict begin [ /View [/XYZ H.V] /Dest (918) cvn H.B /DEST pdfmark end
197 874 a 197 874 a
SDict begin H.S end
197 874 a 197 874 a
SDict begin 11 H.A end
197
874 a 197 874 a
SDict begin [ /View [/XYZ H.V] /Dest (919) cvn H.B /DEST pdfmark end
197 874 a 596 964 a Fh(identd)c Fl(is)j(a)e(small)h(pr)
o(ogram)g(that)g(typically)g(r)o(uns)g(out)h(of)f(your)2692
964 y
SDict begin H.S end
2692 964 a 2692 964 a
SDict begin 11 H.A end
2692 964 a 2692 964 a
SDict begin [ /View [/XYZ H.V] /Dest (920) cvn H.B /DEST pdfmark end
2692
964 a Fh(inetd)f Fl(server)-6 b(.)18 b(It)h(keeps)g(track)596
1056 y(of)h(what)h(user)g(is)h(r)o(unning)g(what)f(TCP)g(service,)f
(and)g(then)i(r)o(eports)e(this)i(to)f(whoever)g(r)o(equests)596
1147 y(it.)197 1189 y
SDict begin H.S end
197 1189 a 197 1189 a
SDict begin 11 H.A end
197 1189
a 197 1189 a
SDict begin [ /View [/XYZ H.V] /Dest (921) cvn H.B /DEST pdfmark end
197 1189 a 596 1280 a Fl(Many)h(people)i(misunderstand)f
(the)h(usefulness)g(of)2330 1280 y
SDict begin H.S end
2330 1280 a 2330 1280
a
SDict begin 11 H.A end
2330 1280 a 2330 1280 a
SDict begin [ /View [/XYZ H.V] /Dest (922) cvn H.B /DEST pdfmark end
2330 1280 a Fh(identd)p Fl(,)e(and)h(so)h
(disable)f(it)h(or)f(block)h(all)596 1371 y(of)o(f)g(site)h(r)o
(equests)g(for)h(it.)1430 1371 y
SDict begin H.S end
1430 1371 a 1430 1371
a
SDict begin 11 H.A end
1430 1371 a 1430 1371 a
SDict begin [ /View [/XYZ H.V] /Dest (923) cvn H.B /DEST pdfmark end
1430 1371 a Fh(identd)e Fl(is)i(not)g(ther)o
(e)e(to)i(help)f(out)h(r)o(emote)f(sites.)g(Ther)o(e)f(is)i(no)g(way)
596 1462 y(of)d(knowing)i(if)e(the)g(data)f(you)i(get)f(fr)o(om)g(the)g
(r)o(emote)2360 1462 y
SDict begin H.S end
2360 1462 a 2360 1462 a
SDict begin 11 H.A end
2360 1462
a 2360 1462 a
SDict begin [ /View [/XYZ H.V] /Dest (924) cvn H.B /DEST pdfmark end
2360 1462 a Fh(identd)f Fl(is)i(corr)o(ect)e(or)i(not.)f
(Ther)o(e)g(is)g(no)596 1554 y(authentication)e(in)1239
1554 y
SDict begin H.S end
1239 1554 a 1239 1554 a
SDict begin 11 H.A end
1239 1554 a 1239 1554
a
SDict begin [ /View [/XYZ H.V] /Dest (925) cvn H.B /DEST pdfmark end
1239 1554 a Fh(identd)f Fl(r)o(equests.)197 1619 y
SDict begin H.S end
197 1619 a 197 1619 a
SDict begin 11 H.A end
197 1619 a 197 1619 a
SDict begin [ /View [/XYZ H.V] /Dest (926) cvn H.B /DEST pdfmark end
197 1619
a 596 1687 a Fl(Why)25 b(would)h(you)h(want)e(to)h(r)o(un)g(it)g(then?)
f(Because)g(it)h(helps)2617 1687 y
SDict begin H.S end
2617 1687 a 2617 1687
a
SDict begin 11 H.A end
2617 1687 a 2617 1687 a
SDict begin [ /View [/XYZ H.V] /Dest (927) cvn H.B /DEST pdfmark end
2617 1687 a Fj(you)f Fl(out,)h(and)f(is)h
(another)f(data-)596 1778 y(point)h(in)g(tracking.)f(If)h(your)1545
1778 y
SDict begin H.S end
1545 1778 a 1545 1778 a
SDict begin 11 H.A end
1545 1778 a 1545 1778
a
SDict begin [ /View [/XYZ H.V] /Dest (928) cvn H.B /DEST pdfmark end
1545 1778 a Fh(identd)e Fl(is)i(un)g(compr)o(omised,)g(then)g(you)g
(know)h(it's)f(telling)g(r)o(e-)596 1869 y(mote)16 b(sites)h(the)g
(user)o(-name)e(or)i(uid)f(of)h(people)f(using)i(TCP)e(services.)g(If)g
(the)h(admin)f(at)g(a)g(r)o(emote)596 1960 y(site)k(comes)g(back)g(to)g
(you)h(and)e(tells)i(you)f(user)g(so-and-so)g(was)g(trying)h(to)f(hack)
g(into)h(their)f(site,)596 2052 y(you)j(can)g(easily)h(take)f(action)g
(against)g(that)h(user)-6 b(.)23 b(If)g(you)g(ar)o(e)f(not)i(r)o
(unning)3064 2052 y
SDict begin H.S end
3064 2052 a 3064 2052 a
SDict begin 11 H.A end
3064 2052
a 3064 2052 a
SDict begin [ /View [/XYZ H.V] /Dest (929) cvn H.B /DEST pdfmark end
3064 2052 a Fh(identd)p Fl(,)e(you)i(will)596
2143 y(have)18 b(to)i(look)g(at)f(lots)h(and)e(lots)i(of)g(logs,)f
(\002gur)o(e)g(out)h(who)g(was)f(on)h(at)e(the)i(time,)f(and)g(in)g
(general)596 2234 y(take)h(a)g(lot)h(mor)o(e)g(time)g(to)g(track)f
(down)i(the)e(user)-6 b(.)197 2278 y
SDict begin H.S end
197 2278 a 197 2278
a
SDict begin 11 H.A end
197 2278 a 197 2278 a
SDict begin [ /View [/XYZ H.V] /Dest (930) cvn H.B /DEST pdfmark end
197 2278 a 596 2367 a Fl(The)750
2367 y
SDict begin H.S end
750 2367 a 750 2367 a
SDict begin 11 H.A end
750 2367 a 750 2367 a
SDict begin [ /View [/XYZ H.V] /Dest (931) cvn H.B /DEST pdfmark end
750
2367 a Fh(identd)15 b Fl(that)h(ships)h(with)f(most)h(distributions)g
(is)f(mor)o(e)g(con\002gurable)g(than)g(many)g(people)596
2459 y(think.)25 b(Y)-8 b(ou)26 b(can)f(disable)f(it)h(for)f
(speci\002c)h(users)g(\(they)g(can)f(make)h(a)2820 2459
y
SDict begin H.S end
2820 2459 a 2820 2459 a
SDict begin 11 H.A end
2820 2459 a 2820 2459 a
SDict begin [ /View [/XYZ H.V] /Dest (932) cvn H.B /DEST pdfmark end
2820
2459 a Fh(.noident)f Fl(\002le\),)g(you)h(can)596 2550
y(log)i(all)854 2550 y
SDict begin H.S end
854 2550 a 854 2550 a
SDict begin 11 H.A end
854 2550
a 854 2550 a
SDict begin [ /View [/XYZ H.V] /Dest (933) cvn H.B /DEST pdfmark end
854 2550 a Fh(identd)f Fl(r)o(equests)g(\(W)-8
b(e)26 b(r)o(ecommend)h(it\),)f(you)h(can)f(even)h(have)f(identd)g(r)o
(eturn)g(a)g(uid)596 2641 y(instead)20 b(of)h(a)f(user)h(name)f(or)h
(even)g(NO-USER.)197 2685 y
SDict begin H.S end
197 2685 a 197 2685 a
SDict begin 11 H.A end
197
2685 a 197 2685 a
SDict begin [ /View [/XYZ H.V] /Dest (934) cvn H.B /DEST pdfmark end
197 2685 a 596 2959 a Fi(Con\002guring)30
b(and)e(Securing)h(the)g(P)l(ost\002x)f(MT)-9 b(A)2603
2959 y
SDict begin H.S end
2603 2959 a 2603 2959 a
SDict begin 13.31 H.A end
2603 2959 a 2603 2959
a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.41.2) cvn H.B /DEST pdfmark
end
2603 2959 a 197 3032 a
SDict begin H.S end
197 3032 a 197 3032 a
SDict begin 11 H.A end
197 3032
a 197 3032 a
SDict begin [ /View [/XYZ H.V] /Dest (936) cvn H.B /DEST pdfmark end
197 3032 a 596 3101 a Fl(The)21 b(Post\002x)g(mail)h
(server)e(was)h(written)g(by)g(W)-5 b(ietse)22 b(V)-9
b(enema,)20 b(author)h(of)g(Post\002x)h(and)f(several)596
3192 y(other)d(staple)f(Internet)h(security)g(pr)o(oducts,)f(as)h(an)g
("attempt)f(to)i(pr)o(ovide)e(an)g(alternative)g(to)i(the)596
3284 y(widely-used)24 b(Sendmail)h(pr)o(ogram.)f(Post\002x)i(attempts)e
(to)i(be)f(fast,)f(easy)g(to)i(administer)-6 b(,)24 b(and)596
3375 y(hopefully)i(secur)o(e,)f(while)i(at)f(the)g(same)h(time)f(being)
h(sendmail)f(compatible)g(enough)i(to)e(not)596 3466
y(upset)20 b(your)h(users.")197 3531 y
SDict begin H.S end
197 3531 a 197
3531 a
SDict begin 11 H.A end
197 3531 a 197 3531 a
SDict begin [ /View [/XYZ H.V] /Dest (937) cvn H.B /DEST pdfmark end
197 3531 a 596 3599 a Fl(Further)g
(information)h(on)g(post\002x)g(can)f(be)g(found)h(at)f(the)2465
3599 y
SDict begin H.S end
2465 3599 a 2465 3599 a
SDict begin 11 H.A end
2465 3599 a 2465 3599
a
SDict begin [ /View [/XYZ H.V] /Dest (938) cvn H.B /DEST pdfmark end
2465 3599 a Fl(Post\002x)h(home)2943 3566 y Fe(56)3015
3599 y Fl(and)f(in)h(the)3407 3599 y
SDict begin H.S end
3407 3599 a 3407
3599 a
SDict begin 11 H.A end
3407 3599 a 3407 3599 a
SDict begin [ /View [/XYZ H.V] /Dest (939) cvn H.B /DEST pdfmark end
3407 3599 a Fl(Con\002g-)596
3690 y(uring)f(and)f(Securing)h(Post\002x)1572 3657 y
Fe(57)1622 3690 y Fl(.)197 3755 y
SDict begin H.S end
197 3755 a 197 3755
a
SDict begin 11 H.A end
197 3755 a 197 3755 a
SDict begin [ /View [/XYZ H.V] /Dest (940) cvn H.B /DEST pdfmark end
197 3755 a 596 4008 a Fi(SA)-9
b(T)g(AN,)26 b(ISS,)i(and)h(Other)f(Netw)n(ork)h(Scanner)n(s)2572
4008 y
SDict begin H.S end
2572 4008 a 2572 4008 a
SDict begin 13.31 H.A end
2572 4008 a 2572 4008
a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.42.2) cvn H.B /DEST pdfmark
end
2572 4008 a 197 4075 a
SDict begin H.S end
197 4075 a 197 4075 a
SDict begin 11 H.A end
197 4075
a 197 4075 a
SDict begin [ /View [/XYZ H.V] /Dest (942) cvn H.B /DEST pdfmark end
197 4075 a 596 4150 a Fl(Ther)o(e)17 b(ar)o(e)h(a)g
(number)h(of)g(dif)o(fer)o(ent)e(softwar)o(e)h(packages)g(out)h(ther)o
(e)g(that)f(do)h(port)g(and)g(service-)596 4241 y(based)i(scanning)i
(of)f(machines)g(or)g(networks.)h(SA)-6 b(T)g(AN,)20
b(ISS,)h(SAINT)-6 b(,)21 b(and)g(Nessus)i(ar)o(e)d(some)596
4333 y(of)29 b(the)g(mor)o(e)f(well-known)j(ones.)e(This)h(softwar)o(e)
e(connects)i(to)f(the)g(tar)o(get)f(machine)h(\(or)g(all)596
4424 y(the)h(tar)o(get)e(machines)j(on)f(a)g(network\))g(on)h(all)e
(the)i(ports)f(they)g(can,)f(and)h(try)g(to)g(determine)596
4515 y(what)22 b(service)g(is)h(r)o(unning)h(ther)o(e.)e(Based)f(on)i
(this)g(information,)h(you)f(can)f(tell)h(if)f(the)h(machine)596
4607 y(is)e(vulnerable)f(to)h(a)f(speci\002c)h(exploit)g(on)g(that)g
(server)-6 b(.)197 4671 y
SDict begin H.S end
197 4671 a 197 4671 a
SDict begin 11 H.A end
197 4671
a 197 4671 a
SDict begin [ /View [/XYZ H.V] /Dest (943) cvn H.B /DEST pdfmark end
197 4671 a 596 4739 a Fl(SA)g(T)g(AN)64
b(\(Security)g(Administrator)6 b('s)67 b(T)-8 b(ool)66
b(for)g(Analyzing)g(Networks\))f(is)i(a)e(port)596 4831
y(scanner)51 b(with)h(a)e(web)i(interface.)d(It)j(can)f(be)g
(con\002gur)o(ed)g(to)g(do)h(light,)f(medium,)h(or)596
4922 y(str)o(ong)41 b(checks)g(on)g(a)f(machine)h(or)g(a)f(network)i
(of)e(machines.)h(It's)g(a)g(good)g(idea)f(to)h(get)596
5013 y(SA)-6 b(T)g(AN)33 b(and)h(scan)h(your)h(machine)f(or)g(network,)
h(and)e(\002x)h(the)h(pr)o(oblems)e(it)i(\002nds.)f(Make)596
5105 y(sur)o(e)46 b(you)i(get)f(the)g(copy)h(of)f(SA)-6
b(T)g(AN)46 b(fr)o(om)2208 5105 y
SDict begin H.S end
2208 5105 a 2208 5105
a
SDict begin 11 H.A end
2208 5105 a 2208 5105 a
SDict begin [ /View [/XYZ H.V] /Dest (944) cvn H.B /DEST pdfmark end
2208 5105 a Fl(metalab)2502
5071 y Fe(58)2599 5105 y Fl(or)h(a)g(r)o(eputable)e(FTP)j(or)f(web)596
5196 y(site.)d(Ther)o(e)f(was)h(a)g(T)-7 b(r)o(ojan)43
b(copy)i(of)f(SA)-6 b(T)g(AN)42 b(that)i(was)g(distributed)g(out)h(on)g
(the)f(net.)596 5287 y
SDict begin H.S end
596 5287 a 596 5287 a
SDict begin 11 H.A end
596 5287
a 596 5287 a
SDict begin [ /View [/XYZ H.V] /Dest (945) cvn H.B /DEST pdfmark end
596 5287 a Fl(http://www)-8 b(.tr)o(ouble.or)o
(g/~zen/satan/satan.html.)39 b(Note)f(that)g(SA)-6 b(T)g(AN)37
b(has)h(not)h(been)596 5379 y(updated)19 b(in)i(quite)h(a)e(while,)h
(and)f(some)i(of)e(the)h(other)g(tools)h(below)f(might)h(do)f(a)f
(better)g(job.)p Black 3601 5585 a Fj(31)p Black eop
end
%%Page: 32 32
TeXDict begin 32 31 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.32) cvn H.B /DEST pdfmark
end
197 -102
a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black
197 6 a
SDict begin H.S end
197 6 a 197 6 a
SDict begin 11 H.A end
197 6 a 197 6 a
SDict begin [ /View [/XYZ H.V] /Dest (946) cvn H.B /DEST pdfmark end
197 6 a 596 89
a Fl(ISS)i(\(Internet)h(Security)g(Scanner\))f(is)i(another)g
(port-based)e(scanner)-6 b(.)24 b(It)g(is)h(faster)f(than)g(Satan,)596
180 y(and)17 b(thus)h(might)g(be)f(better)g(for)h(lar)o(ge)e(networks.)
i(However)-6 b(,)17 b(SA)-6 b(T)g(AN)16 b(tends)i(to)g(pr)o(ovide)e
(mor)o(e)596 272 y(information.)197 315 y
SDict begin H.S end
197 315 a 197
315 a
SDict begin 11 H.A end
197 315 a 197 315 a
SDict begin [ /View [/XYZ H.V] /Dest (947) cvn H.B /DEST pdfmark end
197 315 a 596 405 a Fl(Abacus)68
b(is)i(a)f(suite)g(of)g(tools)i(to)f(pr)o(ovide)e(host-based)h
(security)g(and)g(intr)o(usion)596 496 y(detection.)78
b(Look)g(at)g(it's)h(home)g(page)f(on)h(the)f(web)g(for)g(mor)o(e)g
(information.)596 587 y
SDict begin H.S end
596 587 a 596 587 a
SDict begin 11 H.A end
596 587 a
596 587 a
SDict begin [ /View [/XYZ H.V] /Dest (948) cvn H.B /DEST pdfmark end
596 587 a Fl(http://www)-8 b(.psionic.com/abacus/)1880
554 y Fe(60)197 652 y
SDict begin H.S end
197 652 a 197 652 a
SDict begin 11 H.A end
197 652 a 197
652 a
SDict begin [ /View [/XYZ H.V] /Dest (949) cvn H.B /DEST pdfmark end
197 652 a 596 720 a Fl(SAINT)64 b(is)j(a)e(updated)g(version)h
(of)g(SA)-6 b(T)g(AN.)64 b(It)i(is)g(web-based)e(and)i(has)g(many)596
811 y(mor)o(e)g(up-to-date)f(tests)i(than)g(SA)-6 b(T)g(AN.)65
b(Y)-8 b(ou)68 b(can)e(\002nd)h(out)g(mor)o(e)f(about)h(it)g(at:)596
903 y
SDict begin H.S end
596 903 a 596 903 a
SDict begin 11 H.A end
596 903 a 596 903 a
SDict begin [ /View [/XYZ H.V] /Dest (950) cvn H.B /DEST pdfmark end
596 903
a Fl(http://www)-8 b(.wwdsi.com/~saint)1789 869 y Fe(61)197
968 y
SDict begin H.S end
197 968 a 197 968 a
SDict begin 11 H.A end
197 968 a 197 968 a
SDict begin [ /View [/XYZ H.V] /Dest (951) cvn H.B /DEST pdfmark end
197 968
a 596 1036 a Fl(Nessus)25 b(is)g(a)g(fr)o(ee)e(security)i(scanner)-6
b(.)25 b(It)g(has)g(a)f(GTK)i(graphical)e(interface)g(for)h(ease)f(of)h
(use.)g(It)596 1127 y(is)20 b(also)h(designed)f(with)h(a)f(very)g(nice)
g(plug)h(in)f(setup)h(for)f(new)g(port-scanning)h(tests.)g(For)f(mor)o
(e)596 1218 y(information,)h(take)f(a)g(look)i(at:)1604
1218 y
SDict begin H.S end
1604 1218 a 1604 1218 a
SDict begin 11 H.A end
1604 1218 a 1604 1218
a
SDict begin [ /View [/XYZ H.V] /Dest (952) cvn H.B /DEST pdfmark end
1604 1218 a Fl(http://www)-8 b(.nessus.or)o(g)2484
1185 y Fe(62)197 1242 y
SDict begin H.S end
197 1242 a 197 1242 a
SDict begin 11 H.A end
197 1242
a 197 1242 a
SDict begin [ /View [/XYZ H.V] /Dest (953) cvn H.B /DEST pdfmark end
197 1242 a 596 1470 a Fm(Detecting)25 b(P)l(or)r(t)g
(Scans)1513 1470 y
SDict begin H.S end
1513 1470 a 1513 1470 a
SDict begin 12.1 H.A end
1513 1470
a 1513 1470 a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.42.7.3) cvn H.B /DEST pdfmark
end
1513 1470 a 197 1536 a
SDict begin H.S end
197 1536 a 197 1536
a
SDict begin 11 H.A end
197 1536 a 197 1536 a
SDict begin [ /View [/XYZ H.V] /Dest (955) cvn H.B /DEST pdfmark end
197 1536 a 596 1607 a Fl(Ther)o(e)g(ar)o(e)g
(some)j(tools)f(designed)g(to)g(alert)f(you)h(to)g(pr)o(obes)f(by)h(SA)
-6 b(T)g(AN)25 b(and)h(ISS)f(and)i(other)596 1698 y(scanning)e(softwar)
o(e.)f(However)-6 b(,)25 b(if)g(you)g(liberally)g(use)g(tcp_wrappers,)e
(and)i(look)h(over)f(your)596 1790 y(log)e(\002les)h(r)o(egularly)-9
b(,)21 b(you)j(should)g(be)f(able)f(to)h(notice)h(such)f(pr)o(obes.)g
(Even)g(on)g(the)g(lowest)h(set-)596 1881 y(ting,)d(SA)-6
b(T)g(AN)19 b(still)i(leaves)f(traces)g(in)i(the)e(logs)i(on)g(a)e
(stock)h(Red)g(Hat)f(system.)197 1946 y
SDict begin H.S end
197 1946 a 197
1946 a
SDict begin 11 H.A end
197 1946 a 197 1946 a
SDict begin [ /View [/XYZ H.V] /Dest (956) cvn H.B /DEST pdfmark end
197 1946 a 596 2014 a Fl(Ther)o(e)g(ar)o
(e)g(also)h("stealth")g(port)h(scanners.)f(A)f(packet)h(with)h(the)g
(TCP)f(ACK)g(bit)g(set)g(\(as)g(is)h(done)596 2105 y(with)j
(established)f(connections\))i(will)f(likely)g(get)g(thr)o(ough)g(a)f
(packet-\002ltering)g(\002r)o(ewall.)g(The)596 2197 y(r)o(eturned)17
b(RST)i(packet)g(fr)o(om)f(a)h(port)g(that)1958 2197
y
SDict begin H.S end
1958 2197 a 1958 2197 a
SDict begin 11 H.A end
1958 2197 a 1958 2197 a
SDict begin [ /View [/XYZ H.V] /Dest (957) cvn H.B /DEST pdfmark end
1958
2197 a Fj(_had)e(no)i(established)h(session_)f Fl(can)g(be)g(taken)g
(as)f(pr)o(oof)596 2288 y(of)i(life)h(on)g(that)g(port.)f(I)h(don't)g
(think)h(TCP)f(wrappers)f(will)h(detect)f(this.)197 2353
y
SDict begin H.S end
197 2353 a 197 2353 a
SDict begin 11 H.A end
197 2353 a 197 2353 a
SDict begin [ /View [/XYZ H.V] /Dest (958) cvn H.B /DEST pdfmark end
197 2353
a 596 2421 a Fl(Y)-8 b(ou)33 b(might)g(also)g(look)g(at)f(SNOR)m(T)-6
b(,)32 b(which)h(is)g(a)f(fr)o(ee)f(IDS)h(\(Intr)o(usion)i(Detection)e
(System\),)596 2512 y(which)21 b(can)g(detect)f(other)h(network)g(intr)
o(usions.)2188 2512 y
SDict begin H.S end
2188 2512 a 2188 2512 a
SDict begin 11 H.A end
2188 2512
a 2188 2512 a
SDict begin [ /View [/XYZ H.V] /Dest (959) cvn H.B /DEST pdfmark end
2188 2512 a Fl(http://www)-8 b(.snort.or)o(g)197
2660 y
SDict begin H.S end
197 2660 a 197 2660 a
SDict begin 11 H.A end
197 2660 a 197 2660 a
SDict begin [ /View [/XYZ H.V] /Dest (960) cvn H.B /DEST pdfmark end
197
2660 a 596 2913 a Fi(sendmail,)28 b(qmail)g(and)h(MT)-9
b(A')j(s)1871 2913 y
SDict begin H.S end
1871 2913 a 1871 2913 a
SDict begin 13.31 H.A end
1871 2913
a 1871 2913 a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.43.2) cvn H.B /DEST pdfmark
end
1871 2913 a 197 2984 a
SDict begin H.S end
197 2984 a 197 2984
a
SDict begin 11 H.A end
197 2984 a 197 2984 a
SDict begin [ /View [/XYZ H.V] /Dest (962) cvn H.B /DEST pdfmark end
197 2984 a 596 3055 a Fl(One)24
b(of)f(the)h(most)h(important)f(services)g(you)g(can)g(pr)o(ovide)f(is)
h(a)f(mail)h(server)-6 b(.)23 b(Unfortunately)-9 b(,)596
3146 y(it)26 b(is)g(also)g(one)h(of)f(the)g(most)h(vulnerable)e(to)i
(attack,)d(simply)j(due)f(to)g(the)g(number)h(of)f(tasks)g(it)596
3237 y(must)21 b(perform)f(and)h(the)f(privileges)h(it)g(typically)g
(needs.)197 3302 y
SDict begin H.S end
197 3302 a 197 3302 a
SDict begin 11 H.A end
197 3302 a 197
3302 a
SDict begin [ /View [/XYZ H.V] /Dest (963) cvn H.B /DEST pdfmark end
197 3302 a 596 3370 a Fl(If)37 b(you)i(ar)o(e)e(using)1262
3370 y
SDict begin H.S end
1262 3370 a 1262 3370 a
SDict begin 11 H.A end
1262 3370 a 1262 3370
a
SDict begin [ /View [/XYZ H.V] /Dest (964) cvn H.B /DEST pdfmark end
1262 3370 a Fh(sendmail)g Fl(it)h(is)h(very)e(important)i(to)f(keep)g
(up)g(on)h(curr)o(ent)f(versions.)596 3462 y
SDict begin H.S end
596 3462
a 596 3462 a
SDict begin 11 H.A end
596 3462 a 596 3462 a
SDict begin [ /View [/XYZ H.V] /Dest (965) cvn H.B /DEST pdfmark end
596 3462 a Fh(sendmail)30
b Fl(has)h(a)g(long)i(long)f(history)h(of)e(security)h(exploits.)g
(Always)f(make)g(sur)o(e)g(you)h(ar)o(e)596 3553 y(r)o(unning)22
b(the)f(most)g(r)o(ecent)f(version)h(fr)o(om)1987 3553
y
SDict begin H.S end
1987 3553 a 1987 3553 a
SDict begin 11 H.A end
1987 3553 a 1987 3553 a
SDict begin [ /View [/XYZ H.V] /Dest (966) cvn H.B /DEST pdfmark end
1987
3553 a Fl(http://www)-8 b(.sendmail.or)o(g)2961 3520
y Fe(64)3012 3553 y Fl(.)197 3618 y
SDict begin H.S end
197 3618 a 197 3618
a
SDict begin 11 H.A end
197 3618 a 197 3618 a
SDict begin [ /View [/XYZ H.V] /Dest (967) cvn H.B /DEST pdfmark end
197 3618 a 596 3686 a Fl(Keep)28
b(in)h(mind)g(that)g(sendmail)g(does)f(not)i(have)e(to)h(be)f(r)o
(unning)i(in)g(or)o(der)d(for)i(you)g(to)g(send)596 3777
y(mail.)21 b(If)g(you)h(ar)o(e)e(a)h(home)h(user)-6 b(,)21
b(you)h(can)f(disable)g(sendmail)h(entir)o(ely)-9 b(,)21
b(and)g(simply)h(use)g(your)596 3868 y(mail)30 b(client)h(to)f(send)h
(mail.)f(Y)-8 b(ou)31 b(might)h(also)e(choose)h(to)g(r)o(emove)f(the)g
("-bd")f(\003ag)i(fr)o(om)f(the)596 3960 y(sendmail)24
b(startup)h(\002le,)f(ther)o(eby)g(disabling)h(incoming)h(r)o(equests)f
(for)f(mail.)h(In)f(other)h(wor)o(ds,)596 4051 y(you)c(can)f(execute)g
(sendmail)h(fr)o(om)f(your)h(startup)g(script)g(using)g(the)g
(following)h(instead:)197 4157 y
SDict begin H.S end
197 4157 a 197 4157
a
SDict begin 9.9 H.A end
197 4157 a 197 4157 a
SDict begin [ /View [/XYZ H.V] /Dest (968) cvn H.B /DEST pdfmark end
197 4157 a 685 4216 a Fh(#)45
b(/usr/lib/sendmail)d(-q15m)596 4391 y Fl(This)24 b(will)g(cause)g
(sendmail)f(to)i(\003ush)f(the)g(mail)g(queue)g(every)f(\002fteen)h
(minutes)h(for)e(any)h(mes-)596 4482 y(sages)c(that)h(could)g(not)g(be)
g(successfully)g(deliver)o(ed)e(on)i(the)g(\002rst)g(attempt.)197
4547 y
SDict begin H.S end
197 4547 a 197 4547 a
SDict begin 11 H.A end
197 4547 a 197 4547 a
SDict begin [ /View [/XYZ H.V] /Dest (969) cvn H.B /DEST pdfmark end
197
4547 a 596 4615 a Fl(Many)c(administrators)h(choose)h(not)g(to)f(use)h
(sendmail,)f(and)f(instead)h(choose)h(one)f(of)g(the)h(other)596
4706 y(mail)26 b(transport)h(agents.)g(Y)-8 b(ou)28 b(might)f(consider)
g(switching)i(over)d(to)2870 4706 y
SDict begin H.S end
2870 4706 a 2870
4706 a
SDict begin 11 H.A end
2870 4706 a 2870 4706 a
SDict begin [ /View [/XYZ H.V] /Dest (970) cvn H.B /DEST pdfmark end
2870 4706 a Fh(qmail)p
Fl(.)3142 4706 y
SDict begin H.S end
3142 4706 a 3142 4706 a
SDict begin 11 H.A end
3142 4706 a
3142 4706 a
SDict begin [ /View [/XYZ H.V] /Dest (971) cvn H.B /DEST pdfmark end
3142 4706 a Fh(qmail)g Fl(was)h(de-)596 4797
y(signed)22 b(with)g(security)g(in)h(mind)f(fr)o(om)g(the)g(gr)o(ound)f
(up.)h(It's)g(fast,)f(stable,)h(and)f(secur)o(e.)g(Qmail)596
4889 y(can)f(be)g(found)h(at)1182 4889 y
SDict begin H.S end
1182 4889 a
1182 4889 a
SDict begin 11 H.A end
1182 4889 a 1182 4889 a
SDict begin [ /View [/XYZ H.V] /Dest (972) cvn H.B /DEST pdfmark end
1182 4889 a Fl(http://www)-8
b(.qmail.or)o(g)197 4954 y
SDict begin H.S end
197 4954 a 197 4954 a
SDict begin 11 H.A end
197
4954 a 197 4954 a
SDict begin [ /View [/XYZ H.V] /Dest (973) cvn H.B /DEST pdfmark end
197 4954 a 596 5022 a Fl(In)26 b(dir)o(ect)e
(competition)j(to)f(qmail)h(is)f("post\002x",)f(written)h(by)g(W)-5
b(ietse)26 b(V)-9 b(enema,)25 b(the)h(author)g(of)596
5113 y(tcp_wrappers)h(and)h(other)i(security)f(tools.)h(Formerly)f
(called)f(vmailer)-6 b(,)28 b(and)h(sponsor)o(ed)g(by)596
5204 y(IBM,)22 b(this)j(is)f(also)g(a)f(mail)h(transport)g(agent)f
(written)h(fr)o(om)g(the)g(gr)o(ound)f(up)h(with)h(security)e(in)596
5295 y(mind.)e(Y)-8 b(ou)21 b(can)g(\002nd)g(mor)o(e)f(information)i
(about)f(post\002x)g(at)2575 5295 y
SDict begin H.S end
2575 5295 a 2575
5295 a
SDict begin 11 H.A end
2575 5295 a 2575 5295 a
SDict begin [ /View [/XYZ H.V] /Dest (974) cvn H.B /DEST pdfmark end
2575 5295 a Fl(http://www)-8
b(.post\002x.or)o(g)3462 5262 y Fe(66)197 5360 y
SDict begin H.S end
197
5360 a 197 5360 a
SDict begin 11 H.A end
197 5360 a 197 5360 a
SDict begin [ /View [/XYZ H.V] /Dest (975) cvn H.B /DEST pdfmark end
197 5360 a Black
225 x Fj(32)p Black eop end
%%Page: 33 33
TeXDict begin 33 32 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.33) cvn H.B /DEST pdfmark
end
197 -102
a Black 197 -201 a
SDict begin H.S end
197 -201 a 197 -201 a
SDict begin 11 H.A end
197 -201 a 197
-201 a
SDict begin [ /View [/XYZ H.V] /Dest (1011) cvn H.B /DEST pdfmark end
197 -201 a 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black 596 89 a Fi(Denial)27 b(of)i(Ser)q(vice)e(Attac)n(ks)1795
89 y
SDict begin H.S end
1795 89 a 1795 89 a
SDict begin 13.31 H.A end
1795 89 a 1795 89 a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.44.2) cvn H.B /DEST pdfmark
end
1795 89
a 197 141 a
SDict begin H.S end
197 141 a 197 141 a
SDict begin 11 H.A end
197 141 a 197 141 a
SDict begin [ /View [/XYZ H.V] /Dest (977) cvn H.B /DEST pdfmark end
197
141 a 596 231 a Fl(A)f("Denial)h(of)f(Service")g(\(DoS\))g(attack)g(is)
h(one)g(wher)o(e)f(the)h(attacker)f(tries)g(to)h(make)g(some)g(r)o(e-)
596 322 y(sour)o(ce)d(too)i(busy)g(to)g(answer)f(legitimate)g(r)o
(equests,)g(or)h(to)g(deny)f(legitimate)g(users)h(access)f(to)596
413 y(your)c(machine.)197 478 y
SDict begin H.S end
197 478 a 197 478 a
SDict begin 11 H.A end
197
478 a 197 478 a
SDict begin [ /View [/XYZ H.V] /Dest (978) cvn H.B /DEST pdfmark end
197 478 a 596 546 a Fl(Denial)30 b(of)g(service)f
(attacks)h(have)f(incr)o(eased)g(gr)o(eatly)g(in)i(r)o(ecent)e(years.)g
(Some)h(of)g(the)g(mor)o(e)596 637 y(popular)24 b(and)g(r)o(ecent)g
(ones)i(ar)o(e)d(listed)i(below)-8 b(.)25 b(Note)g(that)g(new)g(ones)h
(show)g(up)e(all)h(the)g(time,)596 729 y(so)f(this)h(is)f(just)h(a)e
(few)h(examples.)f(Read)g(the)h(Linux)h(security)f(lists)g(and)g(the)g
(bugtraq)g(list)g(and)596 820 y(ar)o(chives)19 b(for)i(mor)o(e)f(curr)o
(ent)g(information.)197 863 y
SDict begin H.S end
197 863 a 197 863 a
SDict begin 11 H.A end
197
863 a 197 863 a
SDict begin [ /View [/XYZ H.V] /Dest (979) cvn H.B /DEST pdfmark end
197 863 a 197 863 a
SDict begin H.S end
197 863 a 197 863
a
SDict begin 11 H.A end
197 863 a 197 863 a
SDict begin [ /View [/XYZ H.V] /Dest (980) cvn H.B /DEST pdfmark end
197 863 a 197 905 a
SDict begin H.S end
197 905 a 197
905 a
SDict begin 11 H.A end
197 905 a 197 905 a
SDict begin [ /View [/XYZ H.V] /Dest (981) cvn H.B /DEST pdfmark end
197 905 a Black 596 1077 a
Fg(\225)p Black 679 1077 a
SDict begin H.S end
679 1077 a 679 1077 a
SDict begin 11 H.A end
679
1077 a 679 1077 a
SDict begin [ /View [/XYZ H.V] /Dest (982) cvn H.B /DEST pdfmark end
679 1077 a 679 1077 a
SDict begin H.S end
679 1077 a 679
1077 a
SDict begin 11 H.A end
679 1077 a 679 1077 a
SDict begin [ /View [/XYZ H.V] /Dest (983) cvn H.B /DEST pdfmark end
679 1077 a Fj(SYN)45 b(Flooding)f
Fl(-)h(SYN)g(\003ooding)h(is)g(a)e(network)i(denial)f(of)g(service)f
(attack.)g(It)h(takes)679 1169 y(advantage)33 b(of)h(a)g("loophole")i
(in)f(the)f(way)h(TCP)f(connections)i(ar)o(e)d(cr)o(eated.)g(The)h
(newer)679 1260 y(Linux)29 b(kernels)h(\(2.0.30)c(and)j(up\))g(have)g
(several)g(con\002gurable)g(options)i(to)f(pr)o(event)e(SYN)679
1351 y(\003ood)49 b(attacks)e(fr)o(om)h(denying)h(people)f(access)g(to)
h(your)f(machine)h(or)f(services.)g(See)p 0 TeXcolorgray
679 1443 a
SDict begin H.S end
679 1443 a Fl(the)20 b(Section)h(called)f
Fj(Kernel)i(Security)1863 1443 y
SDict begin 11 H.L end
1863 1443 a 1863 1443
a
SDict begin [ /Subtype /Link /Dest (kernel-security) cvn /H /I /Border
[0 0 0] /Color [1 0 0] H.B /ANN pdfmark end
1863 1443 a Black 21 w Fl(for)f(pr)o(oper)e(kernel)i(pr)o(otection)g
(options.)197 1466 y
SDict begin H.S end
197 1466 a 197 1466 a
SDict begin 11 H.A end
197 1466 a
197 1466 a
SDict begin [ /View [/XYZ H.V] /Dest (985) cvn H.B /DEST pdfmark end
197 1466 a Black 596 1576 a Fg(\225)p Black
679 1576 a
SDict begin H.S end
679 1576 a 679 1576 a
SDict begin 11 H.A end
679 1576 a 679 1576
a
SDict begin [ /View [/XYZ H.V] /Dest (986) cvn H.B /DEST pdfmark end
679 1576 a 679 1576 a
SDict begin H.S end
679 1576 a 679 1576 a
SDict begin 11 H.A end
679 1576
a 679 1576 a
SDict begin [ /View [/XYZ H.V] /Dest (987) cvn H.B /DEST pdfmark end
679 1576 a Fj(Pentium)28 b("F00F")g(Bug)h
Fl(-)g(It)g(was)g(r)o(ecently)g(discover)o(ed)f(that)h(a)g(series)g(of)
h(assembly)f(codes)679 1667 y(sent)c(to)g(a)f(genuine)i(Intel)f
(Pentium)g(pr)o(ocessor)g(would)g(r)o(eboot)g(the)g(machine.)f(This)i
(af)o(fects)679 1758 y(every)e(machine)i(with)g(a)e(Pentium)i(pr)o
(ocessor)f(\(not)h(clones,)f(not)h(Pentium)g(Pr)o(o)f(or)h(PII\),)e(no)
679 1850 y(matter)g(what)g(operating)h(system)g(it's)g(r)o(unning.)h
(Linux)f(kernels)f(2.0.32)f(and)h(up)g(contain)h(a)679
1941 y(work)e(ar)o(ound)g(for)g(this)h(bug,)f(pr)o(eventing)g(it)h(fr)o
(om)f(locking)h(your)g(machine.)f(Kernel)g(2.0.33)679
2032 y(has)g(an)g(impr)o(oved)g(version)h(of)f(the)h(kernel)f(\002x,)g
(and)g(is)h(suggested)g(over)f(2.0.32.)d(If)j(you)h(ar)o(e)679
2124 y(r)o(unning)e(on)f(a)f(Pentium,)i(you)f(should)h(upgrade)d(now!)
197 2147 y
SDict begin H.S end
197 2147 a 197 2147 a
SDict begin 11 H.A end
197 2147 a 197 2147
a
SDict begin [ /View [/XYZ H.V] /Dest (988) cvn H.B /DEST pdfmark end
197 2147 a Black 596 2256 a Fg(\225)p Black 679 2256
a
SDict begin H.S end
679 2256 a 679 2256 a
SDict begin 11 H.A end
679 2256 a 679 2256 a
SDict begin [ /View [/XYZ H.V] /Dest (989) cvn H.B /DEST pdfmark end
679 2256
a 679 2256 a
SDict begin H.S end
679 2256 a 679 2256 a
SDict begin 11 H.A end
679 2256 a 679 2256
a
SDict begin [ /View [/XYZ H.V] /Dest (990) cvn H.B /DEST pdfmark end
679 2256 a Fj(Ping)26 b(Flooding)h Fl(-)g(Ping)h(\003ooding)g(is)g(a)
f(simple)g(br)o(ute-for)o(ce)f(denial)h(of)g(service)g(attack.)f(The)
679 2348 y(attacker)g(sends)h(a)g("\003ood")h(of)g(ICMP)f(packets)g(to)
h(your)g(machine.)f(If)g(they)h(ar)o(e)e(doing)i(this)679
2439 y(fr)o(om)j(a)g(host)i(with)f(better)f(bandwidth)h(than)g(yours,)g
(your)g(machine)f(will)i(be)e(unable)h(to)679 2530 y(send)21
b(anything)h(on)f(the)h(network.)f(A)g(variation)g(on)g(this)h(attack,)
e(called)g("smur\002ng",)i(sends)679 2622 y(ICMP)34 b(packets)g(to)i(a)
e(host)i(with)1819 2622 y
SDict begin H.S end
1819 2622 a 1819 2622 a
SDict begin 11 H.A end
1819
2622 a 1819 2622 a
SDict begin [ /View [/XYZ H.V] /Dest (991) cvn H.B /DEST pdfmark end
1819 2622 a Fj(your)f Fl(machine's)g(r)o(eturn)f(IP)
-11 b(,)35 b(allowing)h(them)g(to)f(\003ood)679 2713
y(you)e(less)h(detectably)-9 b(.)31 b(Y)-8 b(ou)35 b(can)e(\002nd)g
(mor)o(e)g(information)h(about)f(the)g("smurf")g(attack)f(at)679
2804 y
SDict begin H.S end
679 2804 a 679 2804 a
SDict begin 11 H.A end
679 2804 a 679 2804 a
SDict begin [ /View [/XYZ H.V] /Dest (992) cvn H.B /DEST pdfmark end
679
2804 a 20 w Fl(http://www)-8 b(.quadr)o(unner)i
(.com/~chuegen/smurf.txt)2598 2771 y Fe(67)197 2869 y
SDict begin H.S end
197 2869 a 197 2869 a
SDict begin 11 H.A end
197 2869 a 197 2869 a
SDict begin [ /View [/XYZ H.V] /Dest (993) cvn H.B /DEST pdfmark end
197 2869
a 679 2937 a Fl(If)30 b(you)i(ar)o(e)e(ever)g(under)h(a)g(ping)g
(\003ood)h(attack,)e(use)i(a)e(tool)i(like)2860 2937
y
SDict begin H.S end
2860 2937 a 2860 2937 a
SDict begin 11 H.A end
2860 2937 a 2860 2937 a
SDict begin [ /View [/XYZ H.V] /Dest (994) cvn H.B /DEST pdfmark end
2860
2937 a Fh(tcpdump)e Fl(to)h(determine)679 3028 y(wher)o(e)d(the)h
(packets)f(ar)o(e)g(coming)i(fr)o(om)e(\(or)h(appear)e(to)i(be)g
(coming)h(fr)o(om\),)e(then)h(contact)679 3120 y(your)20
b(pr)o(ovider)g(with)h(this)g(information.)g(Ping)h(\003oods)f(can)f
(most)i(easily)e(be)g(stopped)h(at)f(the)679 3211 y(r)o(outer)g(level)g
(or)h(by)g(using)g(a)g(\002r)o(ewall.)637 3344 y
SDict begin H.S end
637
3344 a 637 3344 a
SDict begin 11 H.A end
637 3344 a 637 3344 a
SDict begin [ /View [/XYZ H.V] /Dest (995) cvn H.B /DEST pdfmark end
637 3344 a Black
596 3477 a Fg(\225)p Black 679 3477 a
SDict begin H.S end
679 3477 a 679
3477 a
SDict begin 11 H.A end
679 3477 a 679 3477 a
SDict begin [ /View [/XYZ H.V] /Dest (996) cvn H.B /DEST pdfmark end
679 3477 a 679 3477 a
SDict begin H.S end
679
3477 a 679 3477 a
SDict begin 11 H.A end
679 3477 a 679 3477 a
SDict begin [ /View [/XYZ H.V] /Dest (997) cvn H.B /DEST pdfmark end
679 3477 a Fj(Ping)d(o')h
(Death)f Fl(-)g(The)h(Ping)h(o')g(Death)f(attack)f(sends)h(ICMP)f(ECHO)
h(REQUEST)g(packets)f(that)679 3568 y(ar)o(e)28 b(too)i(lar)o(ge)f(to)h
(\002t)g(in)g(the)g(kernel)f(data)g(str)o(uctur)o(es)g(intended)h(to)g
(stor)o(e)f(them.)h(Because)679 3659 y(sending)i(a)f(single,)i(lar)o
(ge)d(\(65,510)f(bytes\))j("ping")g(packet)f(to)h(many)g(systems)h
(will)g(cause)679 3751 y(them)21 b(to)g(hang)g(or)f(even)h(crash,)f
(this)h(pr)o(oblem)f(was)h(quickly)h(dubbed)d(the)i("Ping)g(o')g
(Death.")679 3842 y(This)g(one)g(has)g(long)h(been)e(\002xed,)g(and)g
(is)i(no)f(longer)g(anything)h(to)f(worry)g(about.)197
3866 y
SDict begin H.S end
197 3866 a 197 3866 a
SDict begin 11 H.A end
197 3866 a 197 3866 a
SDict begin [ /View [/XYZ H.V] /Dest (998) cvn H.B /DEST pdfmark end
197
3866 a Black 596 3975 a Fg(\225)p Black 679 3975 a
SDict begin H.S end
679
3975 a 679 3975 a
SDict begin 11 H.A end
679 3975 a 679 3975 a
SDict begin [ /View [/XYZ H.V] /Dest (999) cvn H.B /DEST pdfmark end
679 3975 a 679
3975 a
SDict begin H.S end
679 3975 a 679 3975 a
SDict begin 11 H.A end
679 3975 a 679 3975 a
SDict begin [ /View [/XYZ H.V] /Dest (1000) cvn H.B /DEST pdfmark end
679
3975 a Fj(T)-9 b(eardr)o(op)16 b(/)g(New)i(T)-9 b(ear)17
b Fl(-)g(One)g(of)h(the)f(most)h(r)o(ecent)f(exploits)h(involves)g(a)e
(bug)i(pr)o(esent)f(in)g(the)h(IP)679 4066 y(fragmentation)j(code)g(on)
h(Linux)f(and)g(W)-5 b(indows)23 b(platforms.)e(It)h(is)f(\002xed)g(in)
h(kernel)f(version)679 4158 y(2.0.33,)15 b(and)i(does)h(not)h(r)o
(equir)o(e)d(selecting)j(any)e(kernel)h(compile-time)h(options)g(to)f
(utilize)g(the)679 4249 y(\002x.)i(Linux)h(is)g(appar)o(ently)e(not)j
(vulnerable)e(to)h(the)g("newtear")f(exploit.)596 4382
y(Y)-8 b(ou)29 b(can)g(\002nd)g(code)f(for)h(most)g(exploits,)g(and)f
(a)g(mor)o(e)h(in-depth)f(description)h(of)g(how)h(they)596
4473 y(work,)21 b(at)920 4473 y
SDict begin H.S end
920 4473 a 920 4473 a
SDict begin 11 H.A end
920 4473 a 920 4473 a
SDict begin [ /View [/XYZ H.V] /Dest (1001) cvn H.B /DEST pdfmark end
920 4473 a Fl(http://www)-8 b(.r)o(ootshell.com)
23 b(using)f(their)f(sear)o(ch)e(engine.)197 4538 y
SDict begin H.S end
197
4538 a 197 4538 a
SDict begin 11 H.A end
197 4538 a 197 4538 a
SDict begin [ /View [/XYZ H.V] /Dest (1002) cvn H.B /DEST pdfmark end
197 4538 a 596
4791 a Fi(NFS)27 b(\(Netw)n(ork)i(File)f(System\))h(Security)-8
b(.)2316 4791 y
SDict begin H.S end
2316 4791 a 2316 4791 a
SDict begin 13.31 H.A end
2316 4791 a 2316
4791 a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.45.2) cvn H.B /DEST pdfmark
end
2316 4791 a 197 4862 a
SDict begin H.S end
197 4862 a 197 4862 a
SDict begin 11 H.A end
197
4862 a 197 4862 a
SDict begin [ /View [/XYZ H.V] /Dest (1004) cvn H.B /DEST pdfmark end
197 4862 a 596 4933 a Fl(NFS)23 b(is)i(a)f(very)g
(widely-used)f(\002le)i(sharing)f(pr)o(otocol.)h(It)f(allows)h(servers)
e(r)o(unning)3340 4933 y
SDict begin H.S end
3340 4933 a 3340 4933 a
SDict begin 11 H.A end
3340
4933 a 3340 4933 a
SDict begin [ /View [/XYZ H.V] /Dest (1005) cvn H.B /DEST pdfmark end
3340 4933 a Fh(nfsd)g Fl(and)596 5024
y
SDict begin H.S end
596 5024 a 596 5024 a
SDict begin 11 H.A end
596 5024 a 596 5024 a
SDict begin [ /View [/XYZ H.V] /Dest (1006) cvn H.B /DEST pdfmark end
596 5024
a Fh(mountd)15 b Fl(to)h("export")g(entir)o(e)f(\002le)i(systems)g(to)f
(other)h(machines)g(using)g(NFS)f(\002lesystem)h(support)596
5115 y(built)i(in)h(to)g(their)g(kernels)f(\(or)h(some)g(other)g
(client)f(support)h(if)f(they)h(ar)o(e)e(not)i(Linux)g(machines\).)596
5207 y
SDict begin H.S end
596 5207 a 596 5207 a
SDict begin 11 H.A end
596 5207 a 596 5207 a
SDict begin [ /View [/XYZ H.V] /Dest (1007) cvn H.B /DEST pdfmark end
596
5207 a Fh(mountd)15 b Fl(keeps)i(track)f(of)h(mounted)g(\002le)g
(systems)g(in)2280 5207 y
SDict begin H.S end
2280 5207 a 2280 5207 a
SDict begin 11 H.A end
2280
5207 a 2280 5207 a
SDict begin [ /View [/XYZ H.V] /Dest (1008) cvn H.B /DEST pdfmark end
2280 5207 a Fh(/etc/mtab)p Fl(,)e(and)h(can)g
(display)h(them)g(with)596 5298 y
SDict begin H.S end
596 5298 a 596 5298
a
SDict begin 11 H.A end
596 5298 a 596 5298 a
SDict begin [ /View [/XYZ H.V] /Dest (1009) cvn H.B /DEST pdfmark end
596 5298 a Fh(showmount)p Fl(.)p
Black 3601 5585 a Fj(33)p Black eop end
%%Page: 34 34
TeXDict begin 34 33 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.34) cvn H.B /DEST pdfmark
end
197 -102
a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black
197 6 a
SDict begin H.S end
197 6 a 197 6 a
SDict begin 11 H.A end
197 6 a 197 6 a
SDict begin [ /View [/XYZ H.V] /Dest (1010) cvn H.B /DEST pdfmark end
197 6 a 596 89
a Fl(Many)k(sites)i(use)f(NFS)g(to)h(serve)e(home)i(dir)o(ectories)f
(to)g(users,)g(so)h(that)f(no)h(matter)f(what)g(ma-)596
180 y(chine)21 b(in)g(the)g(cluster)f(they)i(login)f(to,)g(they)g(will)
h(have)e(all)h(their)g(home)g(\002les.)596 313 y(Ther)o(e)26
b(is)i(some)g(small)f(amount)h(of)g(security)f(allowed)h(in)f
(exporting)h(\002le)g(systems.)g(Y)-8 b(ou)28 b(can)596
405 y(make)21 b(your)g Fh(nfsd)g Fl(map)g(the)g(r)o(emote)g(r)o(oot)g
(user)g(\(uid=0\))g(to)g(the)2687 405 y
SDict begin H.S end
2687 405 a 2687
405 a
SDict begin 11 H.A end
2687 405 a 2687 405 a
SDict begin [ /View [/XYZ H.V] /Dest (1013) cvn H.B /DEST pdfmark end
2687 405 a Fh(nobody)f Fl(user)-6
b(,)21 b(denying)g(them)596 496 y(total)e(access)f(to)h(the)g(\002les)h
(exported.)d(However)-6 b(,)19 b(since)g(individual)g(users)g(have)f
(access)h(to)g(their)596 587 y(own)25 b(\(or)g(at)f(least)g(the)h(same)
f(uid\))h(\002les,)g(the)f(r)o(emote)h(r)o(oot)f(user)h(can)f(login)i
(or)3170 587 y
SDict begin H.S end
3170 587 a 3170 587 a
SDict begin 11 H.A end
3170 587 a 3170
587 a
SDict begin [ /View [/XYZ H.V] /Dest (1014) cvn H.B /DEST pdfmark end
3170 587 a Fh(su)e Fl(to)h(their)g(ac-)596 679
y(count)20 b(and)f(have)g(total)g(access)g(to)h(their)f(\002les.)h
(This)g(is)g(only)g(a)f(small)h(hindrance)f(to)h(an)f(attacker)596
770 y(that)h(has)h(access)f(to)h(mount)h(your)f(r)o(emote)g(\002le)f
(systems.)197 835 y
SDict begin H.S end
197 835 a 197 835 a
SDict begin 11 H.A end
197 835 a 197
835 a
SDict begin [ /View [/XYZ H.V] /Dest (1015) cvn H.B /DEST pdfmark end
197 835 a 596 903 a Fl(If)25 b(you)i(must)g(use)f(NFS,)g(make)g
(sur)o(e)f(you)i(export)f(to)g(only)i(those)e(machines)h(that)f(you)h
(r)o(eally)596 994 y(need)21 b(to.)g(Never)g(export)h(your)g(entir)o(e)
e(r)o(oot)i(dir)o(ectory;)f(export)g(only)h(dir)o(ectories)f(you)h
(need)g(to)596 1085 y(export.)197 1150 y
SDict begin H.S end
197 1150 a 197
1150 a
SDict begin 11 H.A end
197 1150 a 197 1150 a
SDict begin [ /View [/XYZ H.V] /Dest (1016) cvn H.B /DEST pdfmark end
197 1150 a 596 1218 a Fl(See)94
b(the)i(NFS)f(HOWT)o(O)g(for)h(mor)o(e)f(information)h(on)g(NFS,)f
(available)f(at)596 1310 y
SDict begin H.S end
596 1310 a 596 1310 a
SDict begin 11 H.A end
596
1310 a 596 1310 a
SDict begin [ /View [/XYZ H.V] /Dest (1017) cvn H.B /DEST pdfmark end
596 1310 a Fl(http://metalab.unc.edu/mdw/HOWT)o
(O/NFS-HOWT)o(O.html)197 1374 y
SDict begin H.S end
197 1374 a 197 1374 a
SDict begin 11 H.A end
197 1374 a 197 1374 a
SDict begin [ /View [/XYZ H.V] /Dest (1018) cvn H.B /DEST pdfmark end
197 1374 a 596 1628 a Fi(NIS)27
b(\(Netw)n(ork)i(Inf)n(ormation)h(Ser)q(vice\))e(\(f)n(ormerl)n(y)i
(YP\).)2900 1628 y
SDict begin H.S end
2900 1628 a 2900 1628 a
SDict begin 13.31 H.A end
2900 1628
a 2900 1628 a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.46.2) cvn H.B /DEST pdfmark
end
2900 1628 a 197 1699 a
SDict begin H.S end
197 1699 a 197 1699
a
SDict begin 11 H.A end
197 1699 a 197 1699 a
SDict begin [ /View [/XYZ H.V] /Dest (1020) cvn H.B /DEST pdfmark end
197 1699 a 596 1769 a Fl(Network)f(Information)
h(service)f(\(formerly)g(YP\))h(is)f(a)g(means)h(of)f(distributing)h
(information)596 1860 y(to)d(a)h(gr)o(oup)f(of)g(machines.)h(The)g(NIS)
f(master)g(holds)h(the)g(information)g(tables)g(and)f(converts)596
1952 y(them)19 b(into)i(NIS)e(map)g(\002les.)g(These)h(maps)f(ar)o(e)f
(then)i(served)e(over)i(the)f(network,)h(allowing)g(NIS)596
2043 y(client)32 b(machines)i(to)f(get)f(login,)i(passwor)o(d,)d(home)j
(dir)o(ectory)e(and)g(shell)h(information)g(\(all)596
2134 y(the)28 b(information)i(in)f(a)f(standar)o(d)1732
2134 y
SDict begin H.S end
1732 2134 a 1732 2134 a
SDict begin 11 H.A end
1732 2134 a 1732 2134
a
SDict begin [ /View [/XYZ H.V] /Dest (1021) cvn H.B /DEST pdfmark end
1732 2134 a Fh(/etc/passwd)e Fl(\002le\).)j(This)g(allows)g(users)f
(to)h(change)g(their)596 2226 y(passwor)o(d)20 b(once)h(and)f(have)g
(it)h(take)g(ef)o(fect)e(on)i(all)g(the)f(machines)i(in)f(the)g(NIS)f
(domain.)197 2291 y
SDict begin H.S end
197 2291 a 197 2291 a
SDict begin 11 H.A end
197 2291 a
197 2291 a
SDict begin [ /View [/XYZ H.V] /Dest (1022) cvn H.B /DEST pdfmark end
197 2291 a 596 2359 a Fl(NIS)c(is)i(not)g(at)e(all)h(secur)o
(e.)f(It)h(was)h(never)e(meant)h(to)h(be.)f(It)g(was)g(meant)g(to)h(be)
e(handy)i(and)e(useful.)596 2450 y(Anyone)23 b(that)g(can)g(guess)g
(the)h(name)f(of)g(your)g(NIS)g(domain)g(\(anywher)o(e)f(on)i(the)f
(net\))g(can)g(get)596 2541 y(a)18 b(copy)i(of)f(your)h(passwd)f
(\002le,)g(and)g(use)h("crack")e(and)h("John)g(the)h(Ripper")f(against)
g(your)h(users')596 2633 y(passwor)o(ds.)28 b(Also,)h(it)g(is)h
(possible)f(to)h(spoof)f(NIS)f(and)h(do)g(all)g(sorts)h(of)f(nasty)g
(tricks.)g(If)f(you)596 2724 y(must)21 b(use)g(NIS,)f(make)g(sur)o(e)g
(you)i(ar)o(e)d(awar)o(e)g(of)i(the)g(dangers.)197 2789
y
SDict begin H.S end
197 2789 a 197 2789 a
SDict begin 11 H.A end
197 2789 a 197 2789 a
SDict begin [ /View [/XYZ H.V] /Dest (1023) cvn H.B /DEST pdfmark end
197 2789
a 596 2857 a Fl(Ther)o(e)133 b(is)i(a)f(much)h(mor)o(e)f(secur)o(e)g(r)
o(eplacement)f(for)h(NIS,)g(called)596 2948 y(NIS+.)147
b(Check)h(out)g(the)g(NIS)f(HOWT)o(O)h(for)g(mor)o(e)f(information:)596
3039 y
SDict begin H.S end
596 3039 a 596 3039 a
SDict begin 11 H.A end
596 3039 a 596 3039 a
SDict begin [ /View [/XYZ H.V] /Dest (1024) cvn H.B /DEST pdfmark end
596
3039 a Fl(http://metalab.unc.edu/mdw/HOWT)o(O/NIS-HOWT)o(O.html)197
3104 y
SDict begin H.S end
197 3104 a 197 3104 a
SDict begin 11 H.A end
197 3104 a 197 3104 a
SDict begin [ /View [/XYZ H.V] /Dest (1025) cvn H.B /DEST pdfmark end
197
3104 a 596 3357 a Fi(Fire)n(walls)1024 3357 y
SDict begin H.S end
1024 3357
a 1024 3357 a
SDict begin 13.31 H.A end
1024 3357 a 1024 3357 a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.47.2) cvn H.B /DEST pdfmark
end
1024 3357 a 197
3409 a
SDict begin H.S end
197 3409 a 197 3409 a
SDict begin 11 H.A end
197 3409 a 197 3409 a
SDict begin [ /View [/XYZ H.V] /Dest (1027) cvn H.B /DEST pdfmark end
197
3409 a 596 3499 a Fl(Fir)o(ewalls)17 b(ar)o(e)g(a)g(means)i(of)f(contr)
o(olling)h(what)f(information)h(is)g(allowed)e(into)i(and)f(out)h(of)f
(your)596 3590 y(local)23 b(network.)g(T)-7 b(ypically)23
b(the)g(\002r)o(ewall)g(host)h(is)f(connected)h(to)f(the)g(Internet)h
(and)e(your)i(local)596 3682 y(LAN,)18 b(and)h(the)h(only)g(access)f
(fr)o(om)g(your)h(LAN)f(to)h(the)g(Internet)f(is)h(thr)o(ough)g(the)g
(\002r)o(ewall.)e(This)596 3773 y(way)24 b(the)g(\002r)o(ewall)f(can)h
(contr)o(ol)g(what)h(passes)e(back)h(and)g(forth)g(fr)o(om)g(the)g
(Internet)g(and)g(your)596 3864 y(LAN.)197 3908 y
SDict begin H.S end
197
3908 a 197 3908 a
SDict begin 11 H.A end
197 3908 a 197 3908 a
SDict begin [ /View [/XYZ H.V] /Dest (1028) cvn H.B /DEST pdfmark end
197 3908 a 596
3997 a Fl(Ther)o(e)c(ar)o(e)h(a)g(number)h(of)f(types)h(of)g(\002r)o
(ewalls)f(and)g(methods)i(of)f(setting)g(them)g(up.)g(Linux)f(ma-)596
4088 y(chines)d(make)f(pr)o(etty)g(good)h(\002r)o(ewalls.)f(Fir)o
(ewall)g(code)g(can)g(be)h(built)f(right)i(into)f(2.0)e(and)h(higher)
596 4180 y(kernels.)26 b(The)g(user)o(-space)e(tools)1690
4180 y
SDict begin H.S end
1690 4180 a 1690 4180 a
SDict begin 11 H.A end
1690 4180 a 1690 4180
a
SDict begin [ /View [/XYZ H.V] /Dest (1029) cvn H.B /DEST pdfmark end
1690 4180 a Fh(ipfwadm)h Fl(for)h(2.0)f(kernels)h(and)2751
4180 y
SDict begin H.S end
2751 4180 a 2751 4180 a
SDict begin 11 H.A end
2751 4180 a 2751 4180
a
SDict begin [ /View [/XYZ H.V] /Dest (1030) cvn H.B /DEST pdfmark end
2751 4180 a Fh(ipchains)e Fl(for)i(2.2)f(kernels,)596
4271 y(allows)d(you)h(to)f(change,)g(on)g(the)g(\003y)-9
b(,)23 b(the)f(types)g(of)g(network)g(traf)o(\002c)f(you)h(allow)-8
b(.)23 b(Y)-8 b(ou)23 b(can)f(also)596 4362 y(log)f(particular)e(types)
i(of)g(network)g(traf)o(\002c.)197 4427 y
SDict begin H.S end
197 4427 a
197 4427 a
SDict begin 11 H.A end
197 4427 a 197 4427 a
SDict begin [ /View [/XYZ H.V] /Dest (1031) cvn H.B /DEST pdfmark end
197 4427 a 596 4495
a Fl(Fir)o(ewalls)40 b(ar)o(e)f(a)h(very)g(useful)g(and)g(important)h
(technique)h(in)f(securing)g(your)g(network.)596 4587
y(However)-6 b(,)53 b(never)h(think)h(that)f(because)f(you)h(have)g(a)g
(\002r)o(ewall,)f(you)h(don't)h(need)f(to)596 4678 y(secur)o(e)35
b(the)i(machines)g(behind)g(it.)g(This)g(is)g(a)f(fatal)g(mistake.)g
(Check)h(out)g(the)g(very)f(good)596 4769 y
SDict begin H.S end
596 4769
a 596 4769 a
SDict begin 11 H.A end
596 4769 a 596 4769 a
SDict begin [ /View [/XYZ H.V] /Dest (1032) cvn H.B /DEST pdfmark end
596 4769 a Fh(Firewall-HOWTO)29
b Fl(at)i(your)i(latest)e(metalab)g(ar)o(chive)g(for)h(mor)o(e)f
(information)i(on)f(\002r)o(ewalls)596 4861 y(and)20
b(Linux.)1014 4861 y
SDict begin H.S end
1014 4861 a 1014 4861 a
SDict begin 11 H.A end
1014 4861
a 1014 4861 a
SDict begin [ /View [/XYZ H.V] /Dest (1033) cvn H.B /DEST pdfmark end
1014 4861 a Fl(http://metalab.unc.edu/mdw/HOWT)o(O/Fir)o
(ewall-HOWT)o(O.html)197 4925 y
SDict begin H.S end
197 4925 a 197 4925 a
SDict begin 11 H.A end
197 4925 a 197 4925 a
SDict begin [ /View [/XYZ H.V] /Dest (1034) cvn H.B /DEST pdfmark end
197 4925 a 596 4993 a Fl(Mor)o(e)73
b(information)j(can)e(also)h(be)f(found)h(in)g(the)g(IP-Masquerade)d
(mini-howto:)596 5085 y
SDict begin H.S end
596 5085 a 596 5085 a
SDict begin 11 H.A end
596 5085
a 596 5085 a
SDict begin [ /View [/XYZ H.V] /Dest (1035) cvn H.B /DEST pdfmark end
596 5085 a Fl(http://metalab.unc.edu/mdw/HOWT)o
(O/mini/IP-Masquerade.html)197 5150 y
SDict begin H.S end
197 5150 a 197
5150 a
SDict begin 11 H.A end
197 5150 a 197 5150 a
SDict begin [ /View [/XYZ H.V] /Dest (1036) cvn H.B /DEST pdfmark end
197 5150 a 596 5218 a Fl(Mor)o(e)17
b(information)i(on)1377 5218 y
SDict begin H.S end
1377 5218 a 1377 5218
a
SDict begin 11 H.A end
1377 5218 a 1377 5218 a
SDict begin [ /View [/XYZ H.V] /Dest (1037) cvn H.B /DEST pdfmark end
1377 5218 a Fh(ipfwadm)e Fl(\(the)h(tool)i
(that)e(lets)h(you)g(change)f(settings)h(on)g(your)g(\002r)o(ewall,)596
5309 y(can)h(be)g(found)h(at)g(it's)g(home)g(page:)1758
5309 y
SDict begin H.S end
1758 5309 a 1758 5309 a
SDict begin 11 H.A end
1758 5309 a 1758 5309
a
SDict begin [ /View [/XYZ H.V] /Dest (1038) cvn H.B /DEST pdfmark end
1758 5309 a Fl(http://www)-8 b(.xos.nl/linux/ipfwadm/)p
Black 197 5585 a Fj(34)p Black eop end
%%Page: 35 35
TeXDict begin 35 34 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.35) cvn H.B /DEST pdfmark
end
197 -102
a Black 197 -201 a
SDict begin H.S end
197 -201 a 197 -201 a
SDict begin 11 H.A end
197 -201 a 197
-201 a
SDict begin [ /View [/XYZ H.V] /Dest (1082) cvn H.B /DEST pdfmark end
197 -201 a 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black 197 6 a
SDict begin H.S end
197 6 a 197 6 a
SDict begin 11 H.A end
197 6 a 197 6 a
SDict begin [ /View [/XYZ H.V] /Dest (1039) cvn H.B /DEST pdfmark end
197 6 a
596 89 a Fl(If)g(you)i(have)f(no)g(experience)f(with)i(\002r)o(ewalls,)
f(and)f(plan)h(to)h(set)f(up)g(one)h(for)e(mor)o(e)h(than)h(just)f(a)
596 180 y(simple)f(security)h(policy)-9 b(,)21 b(the)h(Fir)o(ewalls)f
(book)h(by)g(O'Reilly)g(and)f(Associates)h(or)f(other)h(online)596
272 y(\002r)o(ewall)i(document)i(is)g(mandatory)f(r)o(eading.)g(Check)g
(out)2547 272 y
SDict begin H.S end
2547 272 a 2547 272 a
SDict begin 11 H.A end
2547 272 a 2547
272 a
SDict begin [ /View [/XYZ H.V] /Dest (1040) cvn H.B /DEST pdfmark end
2547 272 a Fl(http://www)-8 b(.ora.com)27 b(for)e(mor)o(e)596
363 y(information.)g(The)f(National)h(Institute)g(of)g(Standar)o(ds)d
(and)j(T)-8 b(echnology)26 b(have)e(put)h(together)596
454 y(an)g(excellent)h(document)h(on)g(\002r)o(ewalls.)e(Although)i
(dated)e(1995,)f(it)i(is)h(still)g(quite)f(good.)h(Y)-8
b(ou)596 546 y(can)20 b(\002nd)h(it)g(at)1074 546 y
SDict begin H.S end
1074
546 a 1074 546 a
SDict begin 11 H.A end
1074 546 a 1074 546 a
SDict begin [ /View [/XYZ H.V] /Dest (1041) cvn H.B /DEST pdfmark end
1074 546 a Fl(http://csr)o
(c.nist.gov/nistpubs/800-10/main.html.)g(Also)g(of)g(inter)o(est:)197
611 y
SDict begin H.S end
197 611 a 197 611 a
SDict begin 11 H.A end
197 611 a 197 611 a
SDict begin [ /View [/XYZ H.V] /Dest (1042) cvn H.B /DEST pdfmark end
197 611
a 197 611 a
SDict begin H.S end
197 611 a 197 611 a
SDict begin 11 H.A end
197 611 a 197 611 a
SDict begin [ /View [/XYZ H.V] /Dest (1043) cvn H.B /DEST pdfmark end
197
611 a 197 652 a
SDict begin H.S end
197 652 a 197 652 a
SDict begin 11 H.A end
197 652 a 197 652
a
SDict begin [ /View [/XYZ H.V] /Dest (1044) cvn H.B /DEST pdfmark end
197 652 a Black 596 803 a Fg(\225)p Black 679 803 a
SDict begin H.S end
679 803 a 679 803 a
SDict begin 11 H.A end
679 803 a 679 803 a
SDict begin [ /View [/XYZ H.V] /Dest (1045) cvn H.B /DEST pdfmark end
679 803 a Fl(The)55
b(Fr)o(ee\002r)o(e)g(Pr)o(oject)h(--)f(a)g(list)i(of)f(fr)o
(eely-available)d(\002r)o(ewall)i(tools,)i(available)d(at)679
894 y
SDict begin H.S end
679 894 a 679 894 a
SDict begin 11 H.A end
679 894 a 679 894 a
SDict begin [ /View [/XYZ H.V] /Dest (1046) cvn H.B /DEST pdfmark end
679 894
a Fl(http://sites.inka.de/sites/lina/fr)o(ee\002r)o(e-l/index_en.html)
197 918 y
SDict begin H.S end
197 918 a 197 918 a
SDict begin 11 H.A end
197 918 a 197 918 a
SDict begin [ /View [/XYZ H.V] /Dest (1047) cvn H.B /DEST pdfmark end
197
918 a Black 596 1027 a Fg(\225)p Black 679 1027 a
SDict begin H.S end
679
1027 a 679 1027 a
SDict begin 11 H.A end
679 1027 a 679 1027 a
SDict begin [ /View [/XYZ H.V] /Dest (1048) cvn H.B /DEST pdfmark end
679 1027 a Fl(SunW)-8
b(orld)36 b(Fir)o(ewall)g(Design)h(--)f(written)h(by)f(the)h(authors)g
(of)f(the)h(O'Reilly)g(book,)g(this)679 1119 y(pr)o(ovides)j(a)g(r)o
(ough)h(intr)o(oduction)g(to)g(the)g(dif)o(fer)o(ent)d(\002r)o(ewall)j
(types.)f(It's)h(available)e(at)679 1210 y
SDict begin H.S end
679 1210 a
679 1210 a
SDict begin 11 H.A end
679 1210 a 679 1210 a
SDict begin [ /View [/XYZ H.V] /Dest (1049) cvn H.B /DEST pdfmark end
679 1210 a Fl(http://www)-8
b(.sunworld.com/swol-01-1996/swol-01-\002r)o(ewall.html)197
1233 y
SDict begin H.S end
197 1233 a 197 1233 a
SDict begin 11 H.A end
197 1233 a 197 1233 a
SDict begin [ /View [/XYZ H.V] /Dest (1050) cvn H.B /DEST pdfmark end
197
1233 a Black 596 1343 a Fg(\225)p Black 679 1343 a
SDict begin H.S end
679
1343 a 679 1343 a
SDict begin 11 H.A end
679 1343 a 679 1343 a
SDict begin [ /View [/XYZ H.V] /Dest (1051) cvn H.B /DEST pdfmark end
679 1343 a Fl(Mason)33
b(-)g(the)h(automated)f(\002r)o(ewall)g(builder)g(for)h(Linux.)f(This)h
(is)g(a)f(\002r)o(ewall)g(script)h(that)679 1434 y(learns)40
b(as)g(you)h(do)f(the)h(things)h(you)f(need)f(to)h(do)f(on)h(your)g
(network!)g(Mor)o(e)f(info)h(at:)679 1525 y
SDict begin H.S end
679 1525
a 679 1525 a
SDict begin 11 H.A end
679 1525 a 679 1525 a
SDict begin [ /View [/XYZ H.V] /Dest (1052) cvn H.B /DEST pdfmark end
679 1525 a Fl(http://www)-8
b(.pobox.com/~wstearns/mason/)197 1700 y
SDict begin H.S end
197 1700 a 197
1700 a
SDict begin 11 H.A end
197 1700 a 197 1700 a
SDict begin [ /View [/XYZ H.V] /Dest (1053) cvn H.B /DEST pdfmark end
197 1700 a 596 1976 a Fi(IP)27
b(Chains)h(-)h(Lin)o(ux)f(K)n(ernel)g(2.2.x)g(Fire)n(walling)2550
1976 y
SDict begin H.S end
2550 1976 a 2550 1976 a
SDict begin 13.31 H.A end
2550 1976 a 2550 1976
a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.48.2) cvn H.B /DEST pdfmark
end
2550 1976 a 197 2049 a
SDict begin H.S end
197 2049 a 197 2049 a
SDict begin 11 H.A end
197 2049
a 197 2049 a
SDict begin [ /View [/XYZ H.V] /Dest (1055) cvn H.B /DEST pdfmark end
197 2049 a 596 2118 a Fl(Linux)20 b(IP)h(Fir)o(ewalling)f
(Chains)h(is)g(an)f(update)g(to)g(the)h(2.0)e(Linux)i(\002r)o(ewalling)
f(code)g(for)h(the)f(2.2)596 2209 y(kernel.)g(It)h(has)g(many)g(mor)o
(e)f(featur)o(es)f(than)i(pr)o(evious)g(implementations,)g(including:)
197 2233 y
SDict begin H.S end
197 2233 a 197 2233 a
SDict begin 11 H.A end
197 2233 a 197 2233
a
SDict begin [ /View [/XYZ H.V] /Dest (1056) cvn H.B /DEST pdfmark end
197 2233 a 197 2274 a
SDict begin H.S end
197 2274 a 197 2274 a
SDict begin 11 H.A end
197 2274
a 197 2274 a
SDict begin [ /View [/XYZ H.V] /Dest (1057) cvn H.B /DEST pdfmark end
197 2274 a Black 596 2425 a Fg(\225)p Black
679 2425 a
SDict begin H.S end
679 2425 a 679 2425 a
SDict begin 11 H.A end
679 2425 a 679 2425
a
SDict begin [ /View [/XYZ H.V] /Dest (1058) cvn H.B /DEST pdfmark end
679 2425 a Fl(Mor)o(e)e(\003exible)i(packet)f(manipulations)197
2448 y
SDict begin H.S end
197 2448 a 197 2448 a
SDict begin 11 H.A end
197 2448 a 197 2448 a
SDict begin [ /View [/XYZ H.V] /Dest (1059) cvn H.B /DEST pdfmark end
197
2448 a Black 596 2558 a Fg(\225)p Black 679 2558 a
SDict begin H.S end
679
2558 a 679 2558 a
SDict begin 11 H.A end
679 2558 a 679 2558 a
SDict begin [ /View [/XYZ H.V] /Dest (1060) cvn H.B /DEST pdfmark end
679 2558 a Fl(Mor)o(e)f
(complex)i(accounting)197 2581 y
SDict begin H.S end
197 2581 a 197 2581
a
SDict begin 11 H.A end
197 2581 a 197 2581 a
SDict begin [ /View [/XYZ H.V] /Dest (1061) cvn H.B /DEST pdfmark end
197 2581 a Black 596 2691 a Fg(\225)p
Black 679 2691 a
SDict begin H.S end
679 2691 a 679 2691 a
SDict begin 11 H.A end
679 2691 a 679
2691 a
SDict begin [ /View [/XYZ H.V] /Dest (1062) cvn H.B /DEST pdfmark end
679 2691 a Fl(Simple)f(policy)h(changes)g(possible)h(atomically)
197 2714 y
SDict begin H.S end
197 2714 a 197 2714 a
SDict begin 11 H.A end
197 2714 a 197 2714
a
SDict begin [ /View [/XYZ H.V] /Dest (1063) cvn H.B /DEST pdfmark end
197 2714 a Black 596 2823 a Fg(\225)p Black 679 2823
a
SDict begin H.S end
679 2823 a 679 2823 a
SDict begin 11 H.A end
679 2823 a 679 2823 a
SDict begin [ /View [/XYZ H.V] /Dest (1064) cvn H.B /DEST pdfmark end
679 2823
a Fl(Fragments)f(can)f(be)g(explicitly)h(blocked,)g(denied,)f(etc.)197
2847 y
SDict begin H.S end
197 2847 a 197 2847 a
SDict begin 11 H.A end
197 2847 a 197 2847 a
SDict begin [ /View [/XYZ H.V] /Dest (1065) cvn H.B /DEST pdfmark end
197
2847 a Black 596 2956 a Fg(\225)p Black 679 2956 a
SDict begin H.S end
679
2956 a 679 2956 a
SDict begin 11 H.A end
679 2956 a 679 2956 a
SDict begin [ /View [/XYZ H.V] /Dest (1066) cvn H.B /DEST pdfmark end
679 2956 a Fl(Logs)h
(suspicious)h(packets.)197 2980 y
SDict begin H.S end
197 2980 a 197 2980
a
SDict begin 11 H.A end
197 2980 a 197 2980 a
SDict begin [ /View [/XYZ H.V] /Dest (1067) cvn H.B /DEST pdfmark end
197 2980 a Black 596 3089 a Fg(\225)p
Black 679 3089 a
SDict begin H.S end
679 3089 a 679 3089 a
SDict begin 11 H.A end
679 3089 a 679
3089 a
SDict begin [ /View [/XYZ H.V] /Dest (1068) cvn H.B /DEST pdfmark end
679 3089 a Fl(Can)e(handle)h(pr)o(otocols)g(other)g(than)g
(ICMP/TCP/UDP)-11 b(.)197 3154 y
SDict begin H.S end
197 3154 a 197 3154
a
SDict begin 11 H.A end
197 3154 a 197 3154 a
SDict begin [ /View [/XYZ H.V] /Dest (1069) cvn H.B /DEST pdfmark end
197 3154 a 596 3222 a Fl(If)25
b(you)h(ar)o(e)e(curr)o(ently)h(using)1574 3222 y
SDict begin H.S end
1574
3222 a 1574 3222 a
SDict begin 11 H.A end
1574 3222 a 1574 3222 a
SDict begin [ /View [/XYZ H.V] /Dest (1070) cvn H.B /DEST pdfmark end
1574 3222
a Fh(ipfwadm)f Fl(on)j(your)f(2.0)e(kernel,)h(ther)o(e)g(ar)o(e)f
(scripts)i(available)f(to)596 3313 y(convert)20 b(the)1029
3313 y
SDict begin H.S end
1029 3313 a 1029 3313 a
SDict begin 11 H.A end
1029 3313 a 1029 3313
a
SDict begin [ /View [/XYZ H.V] /Dest (1071) cvn H.B /DEST pdfmark end
1029 3313 a Fh(ipfwadm)g Fl(command)h(format)f(to)h(the)g(format)2520
3313 y
SDict begin H.S end
2520 3313 a 2520 3313 a
SDict begin 11 H.A end
2520 3313 a 2520 3313
a
SDict begin [ /View [/XYZ H.V] /Dest (1072) cvn H.B /DEST pdfmark end
2520 3313 a Fh(ipchains)e Fl(uses.)197 3367 y
SDict begin H.S end
197 3367
a 197 3367 a
SDict begin 11 H.A end
197 3367 a 197 3367 a
SDict begin [ /View [/XYZ H.V] /Dest (1073) cvn H.B /DEST pdfmark end
197 3367 a 596 3446
a Fl(Be)34 b(sur)o(e)g(to)h(r)o(ead)f(the)h(IP)g(Chains)g(HOWT)o(O)g
(for)g(further)f(information.)i(It)f(is)g(available)e(at)596
3537 y
SDict begin H.S end
596 3537 a 596 3537 a
SDict begin 11 H.A end
596 3537 a 596 3537 a
SDict begin [ /View [/XYZ H.V] /Dest (1074) cvn H.B /DEST pdfmark end
596
3537 a Fl(http://www)-8 b(.adelaide.net.au/~r)o
(ustcorp/ipfwchains/ipfwchains.html)197 3602 y
SDict begin H.S end
197 3602
a 197 3602 a
SDict begin 11 H.A end
197 3602 a 197 3602 a
SDict begin [ /View [/XYZ H.V] /Dest (1075) cvn H.B /DEST pdfmark end
197 3602 a 596 3856
a Fi(Net\002lter)28 b(-)g(Lin)o(ux)h(K)n(ernel)f(2.4.x)g(Fire)n
(walling)2472 3856 y
SDict begin H.S end
2472 3856 a 2472 3856 a
SDict begin 13.31 H.A end
2472 3856
a 2472 3856 a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.49.2) cvn H.B /DEST pdfmark
end
2472 3856 a 197 3928 a
SDict begin H.S end
197 3928 a 197 3928
a
SDict begin 11 H.A end
197 3928 a 197 3928 a
SDict begin [ /View [/XYZ H.V] /Dest (1077) cvn H.B /DEST pdfmark end
197 3928 a 596 3997 a Fl(In)i(yet)h(another)g
(set)g(of)f(advancements)g(to)h(the)g(kernel)g(IP)f(packet)g
(\002ltering)i(code,)e(net\002lter)596 4088 y(allows)22
b(users)g(to)h(set)f(up,)f(maintain,)i(and)e(inspect)i(the)f(packet)f
(\002ltering)i(r)o(ules)f(in)h(the)f(new)g(2.4)596 4180
y(kernel.)197 4223 y
SDict begin H.S end
197 4223 a 197 4223 a
SDict begin 11 H.A end
197 4223 a
197 4223 a
SDict begin [ /View [/XYZ H.V] /Dest (1078) cvn H.B /DEST pdfmark end
197 4223 a 596 4313 a Fl(The)f(net\002lter)i(subsystem)f(is)
h(a)e(complete)h(r)o(ewrite)f(of)h(pr)o(evious)g(packet)f(\002ltering)i
(implemen-)596 4404 y(tations)31 b(including)g(ipchains)g(and)f
(ipfwadm.)g(Net\002lter)g(pr)o(ovides)g(a)f(lar)o(ge)h(number)g(of)h
(im-)596 4495 y(pr)o(ovements,)d(and)g(it)h(has)f(now)i(become)e(an)h
(even)f(mor)o(e)h(matur)o(e)e(and)h(r)o(obust)h(solution)h(for)596
4587 y(pr)o(otecting)20 b(corporate)g(networks.)197 4651
y
SDict begin H.S end
197 4651 a 197 4651 a
SDict begin 11 H.A end
197 4651 a 197 4651 a
SDict begin [ /View [/XYZ H.V] /Dest (1079) cvn H.B /DEST pdfmark end
197 4651
a 197 4734 a
SDict begin H.S end
197 4734 a 197 4734 a
SDict begin 9.9 H.A end
197 4734 a 197 4734
a
SDict begin [ /View [/XYZ H.V] /Dest (1080) cvn H.B /DEST pdfmark end
197 4734 a 596 4793 a Fh(iptables)596 4968 y Fl(is)k(the)f
(command-line)i(interface)d(used)i(to)g(manipulate)f(the)h(\002r)o
(ewall)f(tables)g(within)i(the)f(ker)o(-)596 5059 y(nel.)197
5102 y
SDict begin H.S end
197 5102 a 197 5102 a
SDict begin 11 H.A end
197 5102 a 197 5102 a
SDict begin [ /View [/XYZ H.V] /Dest (1081) cvn H.B /DEST pdfmark end
197
5102 a 596 5192 a Fl(Net\002lter)44 b(pr)o(ovides)g(a)g(raw)g
(framework)h(for)f(manipulating)i(packets)e(as)g(they)h(traverse)596
5283 y(thr)o(ough)35 b(various)f(parts)h(of)f(the)h(kernel.)g(Part)f
(of)h(this)g(framework)f(includes)h(support)g(for)596
5374 y(masquerading,)25 b(standar)o(d)g(packet)g(\002ltering,)h(and)g
(now)h(mor)o(e)f(complete)g(network)h(addr)o(ess)p Black
3601 5585 a Fj(35)p Black eop end
%%Page: 36 36
TeXDict begin 36 35 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.36) cvn H.B /DEST pdfmark
end
197 -102
a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black
596 89 a Fl(translation.)37 b(It)f(even)h(includes)g(impr)o(oved)f
(support)h(for)g(load)f(balancing)h(r)o(equests)g(for)f(a)596
180 y(particular)19 b(service)h(among)i(a)e(gr)o(oup)g(of)h(servers)f
(behind)h(the)g(\002r)o(ewall.)596 313 y(The)f(stateful)h(inspection)h
(featur)o(es)d(ar)o(e)h(especially)g(powerful.)h(Stateful)f(inspection)
i(pr)o(ovides)596 405 y(the)f(ability)g(to)h(track)e(and)h(contr)o(ol)h
(the)f(\003ow)h(of)g(communication)g(passing)g(thr)o(ough)g(the)f
(\002lter)-6 b(.)596 496 y(The)18 b(ability)h(to)g(keep)g(track)f(of)h
(state)f(and)g(context)h(information)h(about)f(a)f(session)i(makes)f(r)
o(ules)596 587 y(simpler)i(and)f(tries)h(to)g(interpr)o(et)f(higher)o
(-level)g(pr)o(otocols.)197 652 y
SDict begin H.S end
197 652 a 197 652 a
SDict begin 11 H.A end
197 652 a 197 652 a
SDict begin [ /View [/XYZ H.V] /Dest (1083) cvn H.B /DEST pdfmark end
197 652 a 596 720 a Fl(Additionally)-9
b(,)27 b(small)g(modules)h(can)f(be)h(developed)e(to)i(perform)f
(additional)g(speci\002c)g(func-)596 811 y(tions,)33
b(such)g(as)f(passing)h(packets)f(to)h(pr)o(ograms)e(in)i(userspace)f
(for)g(pr)o(ocessing)h(then)g(r)o(ein-)596 903 y(jecting)c(back)f(into)
h(the)g(normal)g(packet)f(\003ow)-8 b(.)30 b(The)f(ability)f(to)h
(develop)g(these)f(pr)o(ograms)g(in)596 994 y(userspace)c(r)o(educes)g
(the)h(level)g(of)g(complexity)h(that)f(was)h(pr)o(eviously)f
(associated)g(with)h(hav-)596 1085 y(ing)21 b(to)g(make)g(changes)f
(dir)o(ectly)g(at)h(the)g(kernel)f(level.)197 1150 y
SDict begin H.S end
197 1150 a 197 1150 a
SDict begin 11 H.A end
197 1150 a 197 1150 a
SDict begin [ /View [/XYZ H.V] /Dest (1084) cvn H.B /DEST pdfmark end
197 1150
a 596 1218 a Fl(Other)g(IP)h(T)-8 b(ables)21 b(r)o(efer)o(ences)d
(include:)197 1261 y
SDict begin H.S end
197 1261 a 197 1261 a
SDict begin 11 H.A end
197 1261 a
197 1261 a
SDict begin [ /View [/XYZ H.V] /Dest (1085) cvn H.B /DEST pdfmark end
197 1261 a 197 1261 a
SDict begin H.S end
197 1261 a 197 1261
a
SDict begin 11 H.A end
197 1261 a 197 1261 a
SDict begin [ /View [/XYZ H.V] /Dest (1086) cvn H.B /DEST pdfmark end
197 1261 a 197 1303 a
SDict begin H.S end
197 1303
a 197 1303 a
SDict begin 11 H.A end
197 1303 a 197 1303 a
SDict begin [ /View [/XYZ H.V] /Dest (1087) cvn H.B /DEST pdfmark end
197 1303 a Black 596
1476 a Fg(\225)p Black 679 1476 a
SDict begin H.S end
679 1476 a 679 1476
a
SDict begin 11 H.A end
679 1476 a 679 1476 a
SDict begin [ /View [/XYZ H.V] /Dest (1088) cvn H.B /DEST pdfmark end
679 1476 a 679 1476 a
SDict begin H.S end
679 1476
a 679 1476 a
SDict begin 11 H.A end
679 1476 a 679 1476 a
SDict begin [ /View [/XYZ H.V] /Dest (1089) cvn H.B /DEST pdfmark end
679 1476 a 679 1476
a
SDict begin H.S end
679 1476 a 679 1476 a
SDict begin 11 H.A end
679 1476 a 679 1476 a
SDict begin [ /View [/XYZ H.V] /Dest (1090) cvn H.B /DEST pdfmark end
679 1476
a Fj(Oskar)25 b(Andr)o(easson)i(IP)e(T)-9 b(ables)27
b(T)-9 b(utorial)1932 1442 y Fa(80)2007 1476 y Fl(--)25
b(Oskar)h(Andr)o(easson)f(speaks)h(with)h(LinuxSecu-)679
1567 y(rity)-9 b(.com)19 b(about)g(his)h(compr)o(ehensive)f(IP)g(T)-8
b(ables)19 b(tutorial)g(and)g(how)h(this)g(document)f(can)g(be)679
1658 y(used)h(to)h(build)g(a)f(r)o(obust)h(\002r)o(ewall)f(for)g(your)i
(or)o(ganization.)197 1682 y
SDict begin H.S end
197 1682 a 197 1682 a
SDict begin 11 H.A end
197
1682 a 197 1682 a
SDict begin [ /View [/XYZ H.V] /Dest (1091) cvn H.B /DEST pdfmark end
197 1682 a Black 596 1791 a Fg(\225)p
Black 679 1791 a
SDict begin H.S end
679 1791 a 679 1791 a
SDict begin 11 H.A end
679 1791 a 679
1791 a
SDict begin [ /View [/XYZ H.V] /Dest (1092) cvn H.B /DEST pdfmark end
679 1791 a 679 1791 a
SDict begin H.S end
679 1791 a 679 1791 a
SDict begin 11 H.A end
679
1791 a 679 1791 a
SDict begin [ /View [/XYZ H.V] /Dest (1093) cvn H.B /DEST pdfmark end
679 1791 a 679 1791 a
SDict begin H.S end
679 1791 a 679
1791 a
SDict begin 11 H.A end
679 1791 a 679 1791 a
SDict begin [ /View [/XYZ H.V] /Dest (1094) cvn H.B /DEST pdfmark end
679 1791 a Fj(Hal)f(Bur)o(giss)g(Intr)o
(oduces)g(Linux)h(Security)g(Quick-Start)e(Guides)2669
1758 y Fa(81)2741 1791 y Fl(--)h(Hal)g(Bur)o(giss)h(has)g(written)679
1882 y(two)f(authoritative)f(guides)h(on)h(securing)f(Linux,)f
(including)i(managing)f(\002r)o(ewalling.)197 1906 y
SDict begin H.S end
197 1906 a 197 1906 a
SDict begin 11 H.A end
197 1906 a 197 1906 a
SDict begin [ /View [/XYZ H.V] /Dest (1095) cvn H.B /DEST pdfmark end
197 1906
a Black 596 2015 a Fg(\225)p Black 679 2015 a
SDict begin H.S end
679 2015
a 679 2015 a
SDict begin 11 H.A end
679 2015 a 679 2015 a
SDict begin [ /View [/XYZ H.V] /Dest (1096) cvn H.B /DEST pdfmark end
679 2015 a 679 2015
a
SDict begin H.S end
679 2015 a 679 2015 a
SDict begin 11 H.A end
679 2015 a 679 2015 a
SDict begin [ /View [/XYZ H.V] /Dest (1097) cvn H.B /DEST pdfmark end
679 2015
a 679 2015 a
SDict begin H.S end
679 2015 a 679 2015 a
SDict begin 11 H.A end
679 2015 a 679 2015
a
SDict begin [ /View [/XYZ H.V] /Dest (1098) cvn H.B /DEST pdfmark end
679 2015 a Fj(Net\002lter)f(Homepage)1335 1982 y Fa(82)1404
2015 y Fl(--)g(The)h(net\002lter/iptables)g(homepage.)197
2039 y
SDict begin H.S end
197 2039 a 197 2039 a
SDict begin 11 H.A end
197 2039 a 197 2039 a
SDict begin [ /View [/XYZ H.V] /Dest (1099) cvn H.B /DEST pdfmark end
197
2039 a Black 596 2148 a Fg(\225)p Black 679 2148 a
SDict begin H.S end
679
2148 a 679 2148 a
SDict begin 11 H.A end
679 2148 a 679 2148 a
SDict begin [ /View [/XYZ H.V] /Dest (1100) cvn H.B /DEST pdfmark end
679 2148 a 679
2148 a
SDict begin H.S end
679 2148 a 679 2148 a
SDict begin 11 H.A end
679 2148 a 679 2148 a
SDict begin [ /View [/XYZ H.V] /Dest (1101) cvn H.B /DEST pdfmark end
679
2148 a 679 2148 a
SDict begin H.S end
679 2148 a 679 2148 a
SDict begin 11 H.A end
679 2148 a 679
2148 a
SDict begin [ /View [/XYZ H.V] /Dest (1102) cvn H.B /DEST pdfmark end
679 2148 a Fj(Linux)h(Kernel)j(2.4)d(Fir)o(ewalling)g(Matur)o
(es:)i(net\002lter)2278 2115 y Fa(83)2350 2148 y Fl(--)f(This)g
(LinuxSecurity)-9 b(.com)23 b(article)f(de-)679 2239
y(scribes)e(the)h(basics)g(of)g(packet)f(\002ltering,)h(how)h(to)g(get)
e(started)g(using)i(iptables,)f(and)f(a)g(list)i(of)679
2331 y(the)e(new)i(featur)o(es)d(available)g(in)i(the)g(latest)g
(generation)g(of)f(\002r)o(ewalling)h(for)g(Linux.)197
2505 y
SDict begin H.S end
197 2505 a 197 2505 a
SDict begin 11 H.A end
197 2505 a 197 2505 a
SDict begin [ /View [/XYZ H.V] /Dest (1103) cvn H.B /DEST pdfmark end
197
2505 a 596 2782 a Fi(VPNs)27 b(-)h(Vir)r(tual)h(Priv)n(ate)f(Netw)n
(orks)2101 2782 y
SDict begin H.S end
2101 2782 a 2101 2782 a
SDict begin 13.31 H.A end
2101 2782 a
2101 2782 a
SDict begin [ /View [/XYZ H.V] /Dest (1.8.50.2) cvn H.B /DEST pdfmark
end
2101 2782 a 197 2833 a
SDict begin H.S end
197 2833 a 197 2833
a
SDict begin 11 H.A end
197 2833 a 197 2833 a
SDict begin [ /View [/XYZ H.V] /Dest (1105) cvn H.B /DEST pdfmark end
197 2833 a 596 2923 a Fl(VPN's)k(ar)o(e)e(a)i
(way)g(to)g(establish)g(a)g("virtual")f(network)h(on)h(top)f(of)g(some)
g(alr)o(eady-existing)596 3014 y(network.)21 b(This)i(virtual)e
(network)h(often)g(is)f(encrypted)g(and)g(passes)h(traf)o(\002c)e(only)
i(to)g(and)f(fr)o(om)596 3106 y(some)26 b(known)h(entities)f(that)g
(have)f(joined)h(the)g(network.)g(VPNs)g(ar)o(e)e(often)i(used)f(to)h
(connect)596 3197 y(someone)21 b(working)h(at)f(home)g(over)g(the)f
(public)h(Internet)g(to)g(an)g(internal)g(company)g(network.)197
3262 y
SDict begin H.S end
197 3262 a 197 3262 a
SDict begin 11 H.A end
197 3262 a 197 3262 a
SDict begin [ /View [/XYZ H.V] /Dest (1106) cvn H.B /DEST pdfmark end
197
3262 a 596 3330 a Fl(If)26 b(you)i(ar)o(e)d(r)o(unning)k(a)d(Linux)i
(masquerading)f(\002r)o(ewall)f(and)h(need)f(to)i(pass)e(MS)h(PPTP)g
(\(Mi-)596 3421 y(cr)o(osoft's)18 b(VPN)h(point-to-point)g(pr)o
(oduct\))f(packets,)f(ther)o(e)h(is)h(a)f(Linux)g(kernel)h(patch)f(out)
h(to)g(do)596 3513 y(just)i(that.)f(See:)1098 3513 y
SDict begin H.S end
1098 3513 a 1098 3513 a
SDict begin 11 H.A end
1098 3513 a 1098 3513 a
SDict begin [ /View [/XYZ H.V] /Dest (1107) cvn H.B /DEST pdfmark end
1098
3513 a Fl(ip-masq-vpn)1569 3479 y Fe(84)1619 3513 y Fl(.)197
3578 y
SDict begin H.S end
197 3578 a 197 3578 a
SDict begin 11 H.A end
197 3578 a 197 3578 a
SDict begin [ /View [/XYZ H.V] /Dest (1108) cvn H.B /DEST pdfmark end
197
3578 a 596 3645 a Fl(Ther)o(e)f(ar)o(e)h(several)g(Linux)g(VPN)h
(solutions)i(available:)2425 3645 y
SDict begin H.S end
2425 3645 a 2425
3645 a
SDict begin 11 H.A end
2425 3645 a 2425 3645 a
SDict begin [ /View [/XYZ H.V] /Dest (1109) cvn H.B /DEST pdfmark end
2425 3645 a 197 3689 a
SDict begin H.S end
197 3689 a 197 3689 a
SDict begin 11 H.A end
197 3689 a 197 3689 a
SDict begin [ /View [/XYZ H.V] /Dest (1110) cvn H.B /DEST pdfmark end
197 3689
a Black 596 3861 a Fg(\225)p Black 679 3861 a
SDict begin H.S end
679 3861
a 679 3861 a
SDict begin 11 H.A end
679 3861 a 679 3861 a
SDict begin [ /View [/XYZ H.V] /Dest (1111) cvn H.B /DEST pdfmark end
679 3861 a Fl(vpnd.)d(See)g(the)1196
3861 y
SDict begin H.S end
1196 3861 a 1196 3861 a
SDict begin 11 H.A end
1196 3861 a 1196 3861
a
SDict begin [ /View [/XYZ H.V] /Dest (1112) cvn H.B /DEST pdfmark end
1196 3861 a Fl(http://sunsite.dk/vpnd/.)197 3885 y
SDict begin H.S end
197 3885 a 197 3885 a
SDict begin 11 H.A end
197 3885 a 197 3885 a
SDict begin [ /View [/XYZ H.V] /Dest (1113) cvn H.B /DEST pdfmark end
197 3885
a Black 596 3994 a Fg(\225)p Black 679 3994 a
SDict begin H.S end
679 3994
a 679 3994 a
SDict begin 11 H.A end
679 3994 a 679 3994 a
SDict begin [ /View [/XYZ H.V] /Dest (1114) cvn H.B /DEST pdfmark end
679 3994 a Fl(Fr)o(ee)f(S/W)-8
b(an,)21 b(available)e(at)1597 3994 y
SDict begin H.S end
1597 3994 a 1597
3994 a
SDict begin 11 H.A end
1597 3994 a 1597 3994 a
SDict begin [ /View [/XYZ H.V] /Dest (1115) cvn H.B /DEST pdfmark end
1597 3994 a Fl(http://www)-8
b(.xs4all.nl/~fr)o(eeswan/)197 4018 y
SDict begin H.S end
197 4018 a 197
4018 a
SDict begin 11 H.A end
197 4018 a 197 4018 a
SDict begin [ /View [/XYZ H.V] /Dest (1116) cvn H.B /DEST pdfmark end
197 4018 a Black 596 4127
a Fg(\225)p Black 679 4127 a
SDict begin H.S end
679 4127 a 679 4127 a
SDict begin 11 H.A end
679
4127 a 679 4127 a
SDict begin [ /View [/XYZ H.V] /Dest (1117) cvn H.B /DEST pdfmark end
679 4127 a Fl(ssh)18 b(can)e(be)h(used)g(to)h(constr)
o(uct)g(a)f(VPN.)g(See)f(the)i(VPN)f(mini-howto)i(for)e(mor)o(e)g
(information.)197 4129 y
SDict begin H.S end
197 4129 a 197 4129 a
SDict begin 11 H.A end
197 4129
a 197 4129 a
SDict begin [ /View [/XYZ H.V] /Dest (1118) cvn H.B /DEST pdfmark end
197 4129 a Black 596 4260 a Fg(\225)p Black
679 4260 a
SDict begin H.S end
679 4260 a 679 4260 a
SDict begin 11 H.A end
679 4260 a 679 4260
a
SDict begin [ /View [/XYZ H.V] /Dest (1119) cvn H.B /DEST pdfmark end
679 4260 a Fl(vps)j(\(virtual)g(private)g(server\))g(at)1774
4260 y
SDict begin H.S end
1774 4260 a 1774 4260 a
SDict begin 11 H.A end
1774 4260 a 1774 4260
a
SDict begin [ /View [/XYZ H.V] /Dest (1120) cvn H.B /DEST pdfmark end
1774 4260 a Fl(http://www)-8 b(.str)o(ongcrypto.com.)197
4283 y
SDict begin H.S end
197 4283 a 197 4283 a
SDict begin 11 H.A end
197 4283 a 197 4283 a
SDict begin [ /View [/XYZ H.V] /Dest (1121) cvn H.B /DEST pdfmark end
197
4283 a Black 596 4393 a Fg(\225)p Black 679 4393 a
SDict begin H.S end
679
4393 a 679 4393 a
SDict begin 11 H.A end
679 4393 a 679 4393 a
SDict begin [ /View [/XYZ H.V] /Dest (1122) cvn H.B /DEST pdfmark end
679 4393 a Fl(yawipin)21
b(at)1092 4393 y
SDict begin H.S end
1092 4393 a 1092 4393 a
SDict begin 11 H.A end
1092 4393 a
1092 4393 a
SDict begin [ /View [/XYZ H.V] /Dest (1123) cvn H.B /DEST pdfmark end
1092 4393 a Fl(http://yavipin.sour)o(cefor)o(ge.net)197
4567 y
SDict begin H.S end
197 4567 a 197 4567 a
SDict begin 11 H.A end
197 4567 a 197 4567 a
SDict begin [ /View [/XYZ H.V] /Dest (1124) cvn H.B /DEST pdfmark end
197
4567 a 596 4658 a Fl(See)e(also)i(the)g(section)h(on)f(IPSEC)f(for)h
(pointers)g(and)f(mor)o(e)h(information.)197 4806 y
SDict begin H.S end
197
4806 a 197 4806 a
SDict begin 11 H.A end
197 4806 a 197 4806 a
SDict begin [ /View [/XYZ H.V] /Dest (secure-prep) cvn H.B /DEST pdfmark
end
197 4806 a 264
x Fn(Security)31 b(Preparation)f(\(bef)n(ore)g(y)m(ou)g(go)g(on-line\))
2503 5070 y
SDict begin H.S end
2503 5070 a 2503 5070 a
SDict begin 14.641 H.A end
2503 5070 a 2503
5070 a
SDict begin [ /View [/XYZ H.V] /Dest (1.9.1) cvn H.B /DEST pdfmark
end
2503 5070 a 197 5150 a
SDict begin H.S end
197 5150 a 197 5150 a
SDict begin 11 H.A end
197
5150 a 197 5150 a
SDict begin [ /View [/XYZ H.V] /Dest (1127) cvn H.B /DEST pdfmark end
197 5150 a 596 5217 a Fl(Ok,)20 b(so)g(you)h(have)f
(checked)f(over)h(your)g(system,)h(and)e(determined)h(it's)g(as)g
(secur)o(e)f(as)h(feasible,)596 5308 y(and)f(you'r)o(e)h(r)o(eady)f(to)
i(put)f(it)g(online.)i(Ther)o(e)d(ar)o(e)g(a)g(few)h(things)i(you)f
(should)g(now)g(do)f(in)h(or)o(der)p Black 197 5585 a
Fj(36)p Black eop end
%%Page: 37 37
TeXDict begin 37 36 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.37) cvn H.B /DEST pdfmark
end
197 -102
a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black 596 89 a Fl(to)h(pr)o(epar)o(e)e(for)j(an)f(intr)o(usion,)i(so)f
(you)g(can)g(quickly)g(disable)f(the)h(intr)o(uder)-6
b(,)22 b(and)g(get)h(back)f(up)596 180 y(and)e(r)o(unning.)197
204 y
SDict begin H.S end
197 204 a 197 204 a
SDict begin 11 H.A end
197 204 a 197 204 a
SDict begin [ /View [/XYZ H.V] /Dest (1128) cvn H.B /DEST pdfmark end
197 204
a 596 449 a Fi(Make)27 b(a)g(Full)i(Bac)n(kup)f(of)h(Y)-10
b(our)28 b(Mac)o(hine)2324 449 y
SDict begin H.S end
2324 449 a 2324 449
a
SDict begin 13.31 H.A end
2324 449 a 2324 449 a
SDict begin [ /View [/XYZ H.V] /Dest (1.9.51.2) cvn H.B /DEST pdfmark
end
2324 449 a 197 520 a
SDict begin H.S end
197 520
a 197 520 a
SDict begin 11 H.A end
197 520 a 197 520 a
SDict begin [ /View [/XYZ H.V] /Dest (1130) cvn H.B /DEST pdfmark end
197 520 a 596 591 a Fl(Discussion)20
b(of)e(backup)f(methods)i(and)f(storage)g(is)h(beyond)f(the)h(scope)f
(of)g(this)h(document,)g(but)596 682 y(her)o(e)g(ar)o(e)h(a)g(few)g
(wor)o(ds)h(r)o(elating)f(to)h(backups)g(and)f(security:)197
747 y
SDict begin H.S end
197 747 a 197 747 a
SDict begin 11 H.A end
197 747 a 197 747 a
SDict begin [ /View [/XYZ H.V] /Dest (1131) cvn H.B /DEST pdfmark end
197 747
a 596 815 a Fl(If)g(you)i(have)e(less)h(than)g(650mb)f(of)h(data)f(to)h
(stor)o(e)f(on)i(a)e(partition,)h(a)g(CD-R)g(copy)g(of)g(your)g(data)
596 906 y(is)e(a)g(good)h(way)g(to)g(go)g(\(as)f(it's)h(har)o(d)e(to)i
(tamper)f(with)h(later)-6 b(,)19 b(and)g(if)g(stor)o(ed)g(pr)o(operly)g
(can)g(last)g(a)596 998 y(long)i(time\),)f(you)h(will)g(of)g(course)f
(need)g(at)g(least)g(650MB)f(of)h(space)g(to)g(make)h(the)f(image.)g(T)
-8 b(apes)596 1089 y(and)31 b(other)h(r)o(e-writable)e(media)i(should)g
(be)g(write-pr)o(otected)e(as)i(soon)h(as)e(your)h(backup)g(is)596
1180 y(complete,)18 b(and)g(then)h(veri\002ed)f(to)g(pr)o(event)g
(tampering.)g(Make)g(sur)o(e)f(you)i(stor)o(e)g(your)f(backups)596
1272 y(in)30 b(a)f(secur)o(e)g(of)o(f-line)g(ar)o(ea.)e(A)j(good)g
(backup)f(will)i(ensur)o(e)e(that)g(you)i(have)e(a)g(known)i(good)596
1363 y(point)21 b(to)g(r)o(estor)o(e)f(your)h(system)g(fr)o(om.)197
1428 y
SDict begin H.S end
197 1428 a 197 1428 a
SDict begin 11 H.A end
197 1428 a 197 1428 a
SDict begin [ /View [/XYZ H.V] /Dest (1132) cvn H.B /DEST pdfmark end
197
1428 a 596 1681 a Fi(Choosing)29 b(a)e(Good)j(Bac)n(kup)d(Sc)o(hedule)
2294 1681 y
SDict begin H.S end
2294 1681 a 2294 1681 a
SDict begin 13.31 H.A end
2294 1681 a 2294
1681 a
SDict begin [ /View [/XYZ H.V] /Dest (1.9.52.2) cvn H.B /DEST pdfmark
end
2294 1681 a 197 1754 a
SDict begin H.S end
197 1754 a 197 1754 a
SDict begin 11 H.A end
197
1754 a 197 1754 a
SDict begin [ /View [/XYZ H.V] /Dest (1134) cvn H.B /DEST pdfmark end
197 1754 a 596 1823 a Fl(A)h(six-tape)g(cycle)g(is)h
(easy)g(to)g(maintain.)g(This)g(includes)g(four)g(tapes)f(for)g(during)
h(the)g(week,)596 1914 y(one)j(tape)e(for)i(even)f(Fridays,)g(and)g
(one)h(tape)f(for)g(odd)h(Fridays.)f(Perform)g(an)g(incr)o(emental)596
2005 y(backup)e(every)h(day)-9 b(,)29 b(and)h(a)g(full)g(backup)g(on)h
(the)f(appr)o(opriate)e(Friday)i(tape.)f(If)h(you)h(make)596
2097 y(some)24 b(particularly)f(important)i(changes)f(or)g(add)f(some)h
(important)h(data)d(to)j(your)f(system,)g(a)596 2188
y(full)c(backup)g(might)i(well)f(be)g(in)g(or)o(der)-6
b(.)197 2253 y
SDict begin H.S end
197 2253 a 197 2253 a
SDict begin 11 H.A end
197 2253 a 197 2253
a
SDict begin [ /View [/XYZ H.V] /Dest (1135) cvn H.B /DEST pdfmark end
197 2253 a 596 2506 a Fi(T)g(esting)29 b(y)m(our)g(bac)n(kups)1623
2506 y
SDict begin H.S end
1623 2506 a 1623 2506 a
SDict begin 13.31 H.A end
1623 2506 a 1623 2506
a
SDict begin [ /View [/XYZ H.V] /Dest (1.9.53.2) cvn H.B /DEST pdfmark
end
1623 2506 a 197 2578 a
SDict begin H.S end
197 2578 a 197 2578 a
SDict begin 11 H.A end
197 2578
a 197 2578 a
SDict begin [ /View [/XYZ H.V] /Dest (1137) cvn H.B /DEST pdfmark end
197 2578 a 596 2647 a Fl(Y)-8 b(ou)23 b(should)h(do)f
(periodic)f(tests)h(of)g(your)g(backups)f(to)h(make)g(sur)o(e)f(they)h
(ar)o(e)e(working)j(as)e(you)596 2739 y(might)j(expect)e(them)i(to.)f
(Restor)o(es)h(of)f(\002les)g(and)g(checking)h(against)f(the)h(r)o(eal)
e(data,)f(sizes)i(and)596 2830 y(listings)e(of)e(backups,)h(and)f(r)o
(eading)g(old)h(backups)f(should)h(be)g(done)g(on)g(a)f(r)o(egular)g
(basis.)197 2895 y
SDict begin H.S end
197 2895 a 197 2895 a
SDict begin 11 H.A end
197 2895 a 197
2895 a
SDict begin [ /View [/XYZ H.V] /Dest (1138) cvn H.B /DEST pdfmark end
197 2895 a 596 3148 a Fi(Bac)n(kup)27 b(Y)-10
b(our)29 b(RPM)e(or)i(Debian)e(File)h(Database)2621 3148
y
SDict begin H.S end
2621 3148 a 2621 3148 a
SDict begin 13.31 H.A end
2621 3148 a 2621 3148 a
SDict begin [ /View [/XYZ H.V] /Dest (1.9.54.2) cvn H.B /DEST pdfmark
end
2621
3148 a 197 3219 a
SDict begin H.S end
197 3219 a 197 3219 a
SDict begin 11 H.A end
197 3219 a 197
3219 a
SDict begin [ /View [/XYZ H.V] /Dest (1140) cvn H.B /DEST pdfmark end
197 3219 a 596 3290 a Fl(In)j(the)g(event)f(of)h(an)f(intr)o
(usion,)j(you)e(can)f(use)h(your)g(RPM)g(database)e(like)i(you)h(would)
f(use)596 3381 y
SDict begin H.S end
596 3381 a 596 3381 a
SDict begin 11 H.A end
596 3381 a 596
3381 a
SDict begin [ /View [/XYZ H.V] /Dest (1141) cvn H.B /DEST pdfmark end
596 3381 a Fh(tripwire)p Fl(,)22 b(but)i(only)i(if)e(you)g(can)g
(be)g(sur)o(e)g(it)g(too)h(hasn't)g(been)f(modi\002ed.)g(Y)-8
b(ou)26 b(should)f(copy)596 3472 y(the)j(RPM)g(database)f(to)i(a)f
(\003oppy)-9 b(,)28 b(and)g(keep)g(this)h(copy)g(of)o(f-line)e(at)h
(all)g(times.)h(The)f(Debian)596 3564 y(distribution)21
b(likely)h(has)e(something)j(similar)-6 b(.)197 3629
y
SDict begin H.S end
197 3629 a 197 3629 a
SDict begin 11 H.A end
197 3629 a 197 3629 a
SDict begin [ /View [/XYZ H.V] /Dest (1142) cvn H.B /DEST pdfmark end
197 3629
a 596 3697 a Fl(The)38 b(\002les)961 3697 y
SDict begin H.S end
961 3697
a 961 3697 a
SDict begin 11 H.A end
961 3697 a 961 3697 a
SDict begin [ /View [/XYZ H.V] /Dest (1143) cvn H.B /DEST pdfmark end
961 3697 a Fh
(/var/lib/rpm/fileindex.rpm)c Fl(and)2344 3697 y
SDict begin H.S end
2344
3697 a 2344 3697 a
SDict begin 11 H.A end
2344 3697 a 2344 3697 a
SDict begin [ /View [/XYZ H.V] /Dest (1144) cvn H.B /DEST pdfmark end
2344 3697
a Fh(/var/lib/rpm/packages.rpm)g Fl(most)596 3788 y(likely)27
b(won't)i(\002t)f(on)g(a)f(single)h(\003oppy)-9 b(.)27
b(But)h(if)f(compr)o(essed,)f(each)h(should)i(\002t)e(on)h(a)f
(seperate)596 3879 y(\003oppy)-9 b(.)197 3944 y
SDict begin H.S end
197 3944
a 197 3944 a
SDict begin 11 H.A end
197 3944 a 197 3944 a
SDict begin [ /View [/XYZ H.V] /Dest (1145) cvn H.B /DEST pdfmark end
197 3944 a 596 4012
a Fl(Now)h(,)21 b(when)g(your)g(system)h(is)f(compr)o(omised,)g(you)g
(can)f(use)h(the)g(command:)197 4077 y
SDict begin H.S end
197 4077 a 197
4077 a
SDict begin 11 H.A end
197 4077 a 197 4077 a
SDict begin [ /View [/XYZ H.V] /Dest (1146) cvn H.B /DEST pdfmark end
197 4077 a 197 4160 a
SDict begin H.S end
197
4160 a 197 4160 a
SDict begin 9.9 H.A end
197 4160 a 197 4160 a
SDict begin [ /View [/XYZ H.V] /Dest (1147) cvn H.B /DEST pdfmark end
197 4160 a 730
4219 a Fh(root#)89 b(rpm)44 b(-Va)596 4393 y Fl(to)32
b(verify)g(each)g(\002le)h(on)g(the)f(system.)h(See)f(the)2182
4393 y
SDict begin H.S end
2182 4393 a 2182 4393 a
SDict begin 11 H.A end
2182 4393 a 2182 4393
a
SDict begin [ /View [/XYZ H.V] /Dest (1148) cvn H.B /DEST pdfmark end
2182 4393 a Fh(rpm)g Fl(man)h(page,)e(as)h(ther)o(e)g(ar)o(e)f(a)h
(few)g(other)596 4484 y(options)23 b(that)e(can)h(be)f(included)h(to)g
(make)g(it)g(less)g(verbose.)f(Keep)h(in)g(mind)g(you)h(must)f(also)g
(be)596 4576 y(sur)o(e)e(your)h(RPM)g(binary)f(has)h(not)g(been)g
(compr)o(omised.)197 4641 y
SDict begin H.S end
197 4641 a 197 4641 a
SDict begin 11 H.A end
197
4641 a 197 4641 a
SDict begin [ /View [/XYZ H.V] /Dest (1149) cvn H.B /DEST pdfmark end
197 4641 a 596 4709 a Fl(This)c(means)g(that)g(every)
g(time)g(a)g(new)g(RPM)g(is)h(added)d(to)j(the)f(system,)h(the)f(RPM)g
(database)e(will)596 4800 y(need)20 b(to)h(be)f(r)o(ear)o(chived.)f(Y)
-8 b(ou)21 b(will)h(have)e(to)h(decide)f(the)h(advantages)e(versus)i
(drawbacks.)197 4865 y
SDict begin H.S end
197 4865 a 197 4865 a
SDict begin 11 H.A end
197 4865
a 197 4865 a
SDict begin [ /View [/XYZ H.V] /Dest (logs) cvn H.B /DEST pdfmark end
197 4865 a 596 5118 a Fi(K)n(eep)28 b(T)-8
b(rac)n(k)27 b(of)i(Y)-10 b(our)29 b(System)f(Accounting)i(Data)2707
5118 y
SDict begin H.S end
2707 5118 a 2707 5118 a
SDict begin 13.31 H.A end
2707 5118 a 2707 5118
a
SDict begin [ /View [/XYZ H.V] /Dest (1.9.55.2) cvn H.B /DEST pdfmark
end
2707 5118 a 197 5191 a
SDict begin H.S end
197 5191 a 197 5191 a
SDict begin 11 H.A end
197 5191
a 197 5191 a
SDict begin [ /View [/XYZ H.V] /Dest (1152) cvn H.B /DEST pdfmark end
197 5191 a 596 5259 a Fl(It)h(is)g(very)g(important)h
(that)f(the)g(information)h(that)f(comes)h(fr)o(om)2805
5259 y
SDict begin H.S end
2805 5259 a 2805 5259 a
SDict begin 11 H.A end
2805 5259 a 2805 5259
a
SDict begin [ /View [/XYZ H.V] /Dest (1153) cvn H.B /DEST pdfmark end
2805 5259 a Fh(syslog)f Fl(not)g(be)g(compr)o(o-)596
5351 y(mised.)19 b(Making)g(the)h(\002les)g(in)1559 5351
y
SDict begin H.S end
1559 5351 a 1559 5351 a
SDict begin 11 H.A end
1559 5351 a 1559 5351 a
SDict begin [ /View [/XYZ H.V] /Dest (1154) cvn H.B /DEST pdfmark end
1559
5351 a Fh(/var/log)e Fl(r)o(eadable)f(and)i(writable)g(by)h(only)g(a)f
(limited)h(number)596 5442 y(of)g(users)h(is)g(a)f(good)i(start.)p
Black 3601 5585 a Fj(37)p Black eop end
%%Page: 38 38
TeXDict begin 38 37 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.38) cvn H.B /DEST pdfmark
end
197 -102
a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black
197 6 a
SDict begin H.S end
197 6 a 197 6 a
SDict begin 11 H.A end
197 6 a 197 6 a
SDict begin [ /View [/XYZ H.V] /Dest (1155) cvn H.B /DEST pdfmark end
197 6 a 596 89
a Fl(Be)g(sur)o(e)h(to)g(keep)g(an)g(eye)g(on)h(what)g(gets)f(written)h
(ther)o(e,)e(especially)h(under)g(the)3219 89 y
SDict begin H.S end
3219
89 a 3219 89 a
SDict begin 11 H.A end
3219 89 a 3219 89 a
SDict begin [ /View [/XYZ H.V] /Dest (1156) cvn H.B /DEST pdfmark end
3219 89 a Fh(auth)g
Fl(facility)-9 b(.)596 180 y(Multiple)20 b(login)i(failur)o(es,)d(for)i
(example,)f(can)g(indicate)g(an)h(attempted)f(br)o(eak-in.)197
245 y
SDict begin H.S end
197 245 a 197 245 a
SDict begin 11 H.A end
197 245 a 197 245 a
SDict begin [ /View [/XYZ H.V] /Dest (1157) cvn H.B /DEST pdfmark end
197 245
a 596 313 a Fl(Wher)o(e)j(to)i(look)h(for)e(your)h(log)g(\002le)g(will)
g(depend)f(on)h(your)g(distribution.)g(In)g(a)f(Linux)g(system)596
405 y(that)d(conforms)g(to)h(the)f("Linux)g(Filesystem)h(Standar)o(d",)
c(such)k(as)f(Red)g(Hat,)f(you)i(will)f(want)h(to)596
496 y(look)f(in)870 496 y
SDict begin H.S end
870 496 a 870 496 a
SDict begin 11 H.A end
870 496
a 870 496 a
SDict begin [ /View [/XYZ H.V] /Dest (1158) cvn H.B /DEST pdfmark end
870 496 a Fh(/var/log)f Fl(and)g(check)1640
496 y
SDict begin H.S end
1640 496 a 1640 496 a
SDict begin 11 H.A end
1640 496 a 1640 496 a
SDict begin [ /View [/XYZ H.V] /Dest (1159) cvn H.B /DEST pdfmark end
1640
496 a Fh(messages)p Fl(,)2040 496 y
SDict begin H.S end
2040 496 a 2040 496
a
SDict begin 11 H.A end
2040 496 a 2040 496 a
SDict begin [ /View [/XYZ H.V] /Dest (1160) cvn H.B /DEST pdfmark end
2040 496 a Fh(mail.log)p Fl(,)f(and)i(others.)
197 551 y
SDict begin H.S end
197 551 a 197 551 a
SDict begin 11 H.A end
197 551 a 197 551 a
SDict begin [ /View [/XYZ H.V] /Dest (1161) cvn H.B /DEST pdfmark end
197
551 a 596 629 a Fl(Y)-8 b(ou)53 b(can)f(\002nd)h(out)g(wher)o(e)f(your)
h(distribution)g(is)g(logging)h(to)f(by)f(looking)j(at)d(your)596
720 y
SDict begin H.S end
596 720 a 596 720 a
SDict begin 11 H.A end
596 720 a 596 720 a
SDict begin [ /View [/XYZ H.V] /Dest (1162) cvn H.B /DEST pdfmark end
596 720
a Fh(/etc/syslog.conf)42 b Fl(\002le.)k(This)g(is)g(the)f(\002le)h
(that)g(tells)2554 720 y
SDict begin H.S end
2554 720 a 2554 720 a
SDict begin 11 H.A end
2554 720
a 2554 720 a
SDict begin [ /View [/XYZ H.V] /Dest (1163) cvn H.B /DEST pdfmark end
2554 720 a Fh(syslogd)e Fl(\(the)h(system)h(logging)596
811 y(daemon\))20 b(wher)o(e)g(to)h(log)h(various)e(messages.)197
876 y
SDict begin H.S end
197 876 a 197 876 a
SDict begin 11 H.A end
197 876 a 197 876 a
SDict begin [ /View [/XYZ H.V] /Dest (1164) cvn H.B /DEST pdfmark end
197 876
a 596 944 a Fl(Y)-8 b(ou)30 b(might)h(also)e(want)h(to)g(con\002gur)o
(e)f(your)h(log-r)o(otating)g(script)f(or)h(daemon)f(to)h(keep)f(logs)
596 1036 y(ar)o(ound)j(longer)i(so)h(you)f(have)f(time)h(to)g(examine)f
(them.)h(T)-8 b(ake)33 b(a)g(look)i(at)e(the)3280 1036
y
SDict begin H.S end
3280 1036 a 3280 1036 a
SDict begin 11 H.A end
3280 1036 a 3280 1036 a
SDict begin [ /View [/XYZ H.V] /Dest (1165) cvn H.B /DEST pdfmark end
3280
1036 a Fh(logrotate)596 1127 y Fl(package)c(on)i(r)o(ecent)e(Red)i(Hat)
f(distributions.)h(Other)f(distributions)i(likely)f(have)f(a)g(similar)
596 1218 y(pr)o(ocess.)197 1283 y
SDict begin H.S end
197 1283 a 197 1283
a
SDict begin 11 H.A end
197 1283 a 197 1283 a
SDict begin [ /View [/XYZ H.V] /Dest (1166) cvn H.B /DEST pdfmark end
197 1283 a 596 1351 a Fl(If)18
b(your)h(log)g(\002les)g(have)f(been)g(tamper)o(ed)f(with,)i(see)g(if)f
(you)h(can)f(determine)h(when)g(the)f(tamper)o(-)596
1442 y(ing)27 b(started,)f(and)g(what)h(sort)g(of)g(things)h(appear)o
(ed)c(to)j(be)g(tamper)o(ed)e(with.)j(Ar)o(e)d(ther)o(e)h(lar)o(ge)596
1534 y(periods)i(of)g(time)g(that)h(cannot)f(be)g(accounted)g(for?)g
(Checking)h(backup)e(tapes)h(\(if)g(you)g(have)596 1625
y(any\))20 b(for)g(untamper)o(ed)g(log)h(\002les)g(is)h(a)e(good)h
(idea.)197 1690 y
SDict begin H.S end
197 1690 a 197 1690 a
SDict begin 11 H.A end
197 1690 a 197
1690 a
SDict begin [ /View [/XYZ H.V] /Dest (1167) cvn H.B /DEST pdfmark end
197 1690 a 596 1758 a Fl(Intr)o(uders)d(typically)h(modify)g
(log)g(\002les)g(in)g(or)o(der)e(to)i(cover)g(their)f(tracks,)g(but)h
(they)g(should)g(still)596 1849 y(be)24 b(checked)f(for)i(strange)f
(happenings.)h(Y)-8 b(ou)25 b(may)f(notice)h(the)g(intr)o(uder)f
(attempting)h(to)g(gain)596 1940 y(entrance,)20 b(or)h(exploit)h(a)f
(pr)o(ogram)f(in)i(or)o(der)e(to)i(obtain)g(the)f(r)o(oot)g(account.)g
(Y)-8 b(ou)23 b(might)f(see)f(log)596 2032 y(entries)f(befor)o(e)g(the)
h(intr)o(uder)f(has)h(time)g(to)g(modify)h(them.)197
2097 y
SDict begin H.S end
197 2097 a 197 2097 a
SDict begin 11 H.A end
197 2097 a 197 2097 a
SDict begin [ /View [/XYZ H.V] /Dest (1168) cvn H.B /DEST pdfmark end
197
2097 a 596 2165 a Fl(Y)-8 b(ou)26 b(should)g(also)g(be)f(sur)o(e)g(to)h
(separate)e(the)2079 2165 y
SDict begin H.S end
2079 2165 a 2079 2165 a
SDict begin 11 H.A end
2079
2165 a 2079 2165 a
SDict begin [ /View [/XYZ H.V] /Dest (1169) cvn H.B /DEST pdfmark end
2079 2165 a Fh(auth)h Fl(facility)g(fr)o(om)g(other)
h(log)g(data,)e(including)596 2256 y(attempts)i(to)h(switch)g(users)f
(using)1758 2256 y
SDict begin H.S end
1758 2256 a 1758 2256 a
SDict begin 11 H.A end
1758 2256
a 1758 2256 a
SDict begin [ /View [/XYZ H.V] /Dest (1170) cvn H.B /DEST pdfmark end
1758 2256 a Fh(su)p Fl(,)g(login)i(attempts,)e(and)g
(other)g(user)h(accounting)g(infor)o(-)596 2347 y(mation.)197
2391 y
SDict begin H.S end
197 2391 a 197 2391 a
SDict begin 11 H.A end
197 2391 a 197 2391 a
SDict begin [ /View [/XYZ H.V] /Dest (1171) cvn H.B /DEST pdfmark end
197
2391 a 596 2480 a Fl(If)e(possible,)h(con\002gur)o(e)1396
2480 y
SDict begin H.S end
1396 2480 a 1396 2480 a
SDict begin 11 H.A end
1396 2480 a 1396 2480
a
SDict begin [ /View [/XYZ H.V] /Dest (1172) cvn H.B /DEST pdfmark end
1396 2480 a Fh(syslog)f Fl(to)h(send)f(a)g(copy)h(of)g(the)f(most)i
(important)f(data)e(to)i(a)f(secur)o(e)596 2571 y(system.)32
b(This)g(will)g(pr)o(event)f(an)g(intr)o(uder)h(fr)o(om)f(covering)h
(his)g(tracks)f(by)h(deleting)g(his)g(lo-)596 2663 y(gin/su/ftp/etc)21
b(attempts.)g(See)f(the)1822 2663 y
SDict begin H.S end
1822 2663 a 1822
2663 a
SDict begin 11 H.A end
1822 2663 a 1822 2663 a
SDict begin [ /View [/XYZ H.V] /Dest (1173) cvn H.B /DEST pdfmark end
1822 2663 a Fh(syslog.conf)e
Fl(man)j(page,)f(and)h(r)o(efer)e(to)i(the)3321 2663
y
SDict begin H.S end
3321 2663 a 3321 2663 a
SDict begin 11 H.A end
3321 2663 a 3321 2663 a
SDict begin [ /View [/XYZ H.V] /Dest (1174) cvn H.B /DEST pdfmark end
3321
2663 a Fh(@)f Fl(option.)197 2728 y
SDict begin H.S end
197 2728 a 197 2728
a
SDict begin 11 H.A end
197 2728 a 197 2728 a
SDict begin [ /View [/XYZ H.V] /Dest (1175) cvn H.B /DEST pdfmark end
197 2728 a 596 2796 a Fl(Ther)o(e)42
b(ar)o(e)g(several)g(mor)o(e)h(advanced)1941 2796 y
SDict begin H.S end
1941
2796 a 1941 2796 a
SDict begin 11 H.A end
1941 2796 a 1941 2796 a
SDict begin [ /View [/XYZ H.V] /Dest (1176) cvn H.B /DEST pdfmark end
1941 2796
a Fh(syslogd)f Fl(pr)o(ograms)g(out)i(ther)o(e.)e(T)-8
b(ake)43 b(a)g(look)h(at)596 2887 y
SDict begin H.S end
596 2887 a 596 2887
a
SDict begin 11 H.A end
596 2887 a 596 2887 a
SDict begin [ /View [/XYZ H.V] /Dest (1177) cvn H.B /DEST pdfmark end
596 2887 a Fl(http://www)-8 b(.cor)o
(e-sdi.com/ssyslog/)29 b(for)e(Secur)o(e)e(Syslog.)i(Secur)o(e)e
(Syslog)j(allows)f(you)h(to)596 2978 y(encrypt)20 b(your)h(syslog)h
(entries)f(and)f(make)h(sur)o(e)f(no)h(one)g(has)g(tamper)o(ed)e(with)j
(them.)197 3043 y
SDict begin H.S end
197 3043 a 197 3043 a
SDict begin 11 H.A end
197 3043 a 197
3043 a
SDict begin [ /View [/XYZ H.V] /Dest (1178) cvn H.B /DEST pdfmark end
197 3043 a 596 3111 a Fl(Another)919 3111 y
SDict begin H.S end
919
3111 a 919 3111 a
SDict begin 11 H.A end
919 3111 a 919 3111 a
SDict begin [ /View [/XYZ H.V] /Dest (1179) cvn H.B /DEST pdfmark end
919 3111 a Fh(syslogd)15
b Fl(with)j(mor)o(e)f(featur)o(es)e(is)2027 3111 y
SDict begin H.S end
2027
3111 a 2027 3111 a
SDict begin 11 H.A end
2027 3111 a 2027 3111 a
SDict begin [ /View [/XYZ H.V] /Dest (1180) cvn H.B /DEST pdfmark end
2027 3111
a Fl(syslog-ng)2380 3078 y Fe(90)2432 3111 y Fl(.)h(It)h(allows)h(you)f
(a)g(lot)g(mor)o(e)g(\003exibility)596 3202 y(in)k(your)g(logging)h
(and)e(also)h(can)g(has)g(your)g(r)o(emote)f(syslog)i(str)o(eams)e(to)h
(pr)o(event)f(tampering.)197 3267 y
SDict begin H.S end
197 3267 a 197 3267
a
SDict begin 11 H.A end
197 3267 a 197 3267 a
SDict begin [ /View [/XYZ H.V] /Dest (1181) cvn H.B /DEST pdfmark end
197 3267 a 596 3335 a Fl(Finally)-9
b(,)24 b(log)h(\002les)f(ar)o(e)f(much)i(less)f(useful)g(when)h(no)g
(one)g(is)f(r)o(eading)g(them.)g(T)-8 b(ake)24 b(some)h(time)596
3427 y(out)e(every)f(once)i(in)f(a)g(while)g(to)h(look)g(over)f(your)g
(log)h(\002les,)f(and)f(get)h(a)g(feeling)g(for)f(what)i(they)596
3518 y(look)d(like)g(on)h(a)e(normal)h(day)-9 b(.)20
b(Knowing)i(this)g(can)e(help)h(make)g(unusual)g(things)h(stand)e(out.)
197 3583 y
SDict begin H.S end
197 3583 a 197 3583 a
SDict begin 11 H.A end
197 3583 a 197 3583
a
SDict begin [ /View [/XYZ H.V] /Dest (1182) cvn H.B /DEST pdfmark end
197 3583 a 596 3836 a Fi(Appl)n(y)28 b(All)f(Ne)n(w)h(System)h
(Updates.)2100 3836 y
SDict begin H.S end
2100 3836 a 2100 3836 a
SDict begin 13.31 H.A end
2100 3836
a 2100 3836 a
SDict begin [ /View [/XYZ H.V] /Dest (1.9.56.2) cvn H.B /DEST pdfmark
end
2100 3836 a 197 3907 a
SDict begin H.S end
197 3907 a 197 3907
a
SDict begin 11 H.A end
197 3907 a 197 3907 a
SDict begin [ /View [/XYZ H.V] /Dest (1184) cvn H.B /DEST pdfmark end
197 3907 a 596 3978 a Fl(Most)e(Linux)h(users)f
(install)h(fr)o(om)f(a)g(CD-ROM.)g(Due)h(to)f(the)h(fast-paced)d(natur)
o(e)h(of)i(security)596 4069 y(\002xes,)22 b(new)h(\(\002xed\))f(pr)o
(ograms)h(ar)o(e)e(always)i(being)g(r)o(eleased.)e(Befor)o(e)g(you)j
(connect)f(your)g(ma-)596 4160 y(chine)j(to)g(the)h(network,)f(it's)h
(a)e(good)i(idea)e(to)i(check)f(with)h(your)f(distribution's)h(ftp)f
(site)g(and)596 4251 y(get)g(all)h(the)g(updated)e(packages)h(since)h
(you)g(r)o(eceived)e(your)i(distribution)h(CD-ROM.)e(Many)596
4343 y(times)21 b(these)g(packages)f(contain)h(important)g(security)g
(\002xes,)f(so)i(it's)f(a)f(good)i(idea)e(to)h(get)f(them)596
4434 y(installed.)197 4560 y
SDict begin H.S end
197 4560 a 197 4560 a
SDict begin 11 H.A end
197
4560 a 197 4560 a
SDict begin [ /View [/XYZ H.V] /Dest (after-breakin) cvn H.B /DEST
pdfmark end
197 4560 a 286 x Fn(What)31 b(T)-9
b(o)30 b(Do)g(During)e(and)j(After)f(a)h(Breakin)2232
4846 y
SDict begin H.S end
2232 4846 a 2232 4846 a
SDict begin 14.641 H.A end
2232 4846 a 2232 4846
a
SDict begin [ /View [/XYZ H.V] /Dest (1.10.1) cvn H.B /DEST pdfmark
end
2232 4846 a 197 4926 a
SDict begin H.S end
197 4926 a 197 4926 a
SDict begin 11 H.A end
197 4926
a 197 4926 a
SDict begin [ /View [/XYZ H.V] /Dest (1187) cvn H.B /DEST pdfmark end
197 4926 a 596 4993 a Fl(So)d(you)i(have)e(followed)h
(some)g(of)g(the)g(advice)f(her)o(e)g(\(or)g(elsewher)o(e\))g(and)h
(have)f(detected)f(a)596 5084 y(br)o(eak-in?)19 b(The)j(\002rst)f
(thing)i(to)f(do)f(is)h(to)f(r)o(emain)g(calm.)g(Hasty)g(actions)h(can)
f(cause)g(mor)o(e)g(harm)596 5175 y(than)f(the)h(attacker)f(would)h
(have.)197 5177 y
SDict begin H.S end
197 5177 a 197 5177 a
SDict begin 11 H.A end
197 5177 a 197
5177 a
SDict begin [ /View [/XYZ H.V] /Dest (1188) cvn H.B /DEST pdfmark end
197 5177 a Black 408 x Fj(38)p Black eop end
%%Page: 39 39
TeXDict begin 39 38 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.39) cvn H.B /DEST pdfmark
end
197 -102
a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black 596 89 a Fi(Security)28 b(Compr)n(omise)h(Underwa)n(y)-8
b(.)2158 89 y
SDict begin H.S end
2158 89 a 2158 89 a
SDict begin 13.31 H.A end
2158 89 a 2158 89 a
SDict begin [ /View [/XYZ H.V] /Dest (1.10.57.2) cvn H.B /DEST pdfmark
end
2158 89 a 197 160 a
SDict begin H.S end
197 160 a 197 160 a
SDict begin 11 H.A end
197 160 a 197
160 a
SDict begin [ /View [/XYZ H.V] /Dest (1190) cvn H.B /DEST pdfmark end
197 160 a 596 231 a Fl(Spotting)31 b(a)e(security)i(compr)o
(omise)g(under)f(way)g(can)g(be)h(a)f(tense)g(undertaking.)g(How)h(you)
596 322 y(r)o(eact)19 b(can)h(have)g(lar)o(ge)g(consequences.)197
387 y
SDict begin H.S end
197 387 a 197 387 a
SDict begin 11 H.A end
197 387 a 197 387 a
SDict begin [ /View [/XYZ H.V] /Dest (1191) cvn H.B /DEST pdfmark end
197 387
a 596 455 a Fl(If)g(the)g(compr)o(omise)h(you)g(ar)o(e)e(seeing)h(is)h
(a)f(physical)h(one,)f(odds)h(ar)o(e)d(you)j(have)f(spotted)h(some-)596
546 y(one)k(who)h(has)f(br)o(oken)f(into)i(your)f(home,)h(of)o(\002ce)e
(or)h(lab.)f(Y)-8 b(ou)26 b(should)g(notify)g(your)f(local)g(au-)596
637 y(thorities.)d(In)g(a)f(lab,)g(you)h(might)g(have)f(spotted)h
(someone)g(trying)h(to)f(open)g(a)f(case)f(or)i(r)o(eboot)f(a)596
729 y(machine.)e(Depending)i(on)f(your)h(authority)f(and)g(pr)o(ocedur)
o(es,)e(you)i(might)h(ask)f(them)g(to)h(stop,)596 820
y(or)f(contact)h(your)g(local)g(security)g(people.)197
885 y
SDict begin H.S end
197 885 a 197 885 a
SDict begin 11 H.A end
197 885 a 197 885 a
SDict begin [ /View [/XYZ H.V] /Dest (1192) cvn H.B /DEST pdfmark end
197 885
a 596 953 a Fl(If)j(you)h(have)g(detected)e(a)i(local)f(user)h(trying)h
(to)f(compr)o(omise)g(your)g(security)-9 b(,)25 b(the)g(\002rst)g
(thing)596 1044 y(to)e(do)g(is)g(con\002rm)h(they)f(ar)o(e)f(in)h(fact)
f(who)i(you)f(think)h(they)g(ar)o(e.)d(Check)i(the)g(site)g(they)g(ar)o
(e)f(log-)596 1136 y(ging)h(in)h(fr)o(om.)e(Is)i(it)f(the)g(site)g
(they)h(normally)g(log)f(in)h(fr)o(om?)e(No?)i(Then)f(use)g(a)g
(non-electr)o(onic)596 1227 y(means)e(of)h(getting)g(in)h(touch.)f(For)
g(instance,)f(call)h(them)g(on)g(the)g(phone)h(or)e(walk)h(over)g(to)g
(their)596 1318 y(of)o(\002ce/house)29 b(and)f(talk)h(to)g(them.)g(If)f
(they)h(agr)o(ee)f(that)g(they)h(ar)o(e)f(on,)h(you)g(can)g(ask)f(them)
i(to)596 1410 y(explain)25 b(what)h(they)g(wer)o(e)e(doing)j(or)f(tell)
f(them)i(to)f(cease)e(doing)j(it.)e(If)h(they)g(ar)o(e)e(not)i(on,)g
(and)596 1501 y(have)e(no)h(idea)f(what)i(you)f(ar)o(e)e(talking)j
(about,)e(odds)h(ar)o(e)f(this)h(incident)h(r)o(equir)o(es)d(further)i
(in-)596 1592 y(vestigation.)j(Look)g(into)h(such)f(incidents)h(,)e
(and)h(have)f(lots)i(of)f(information)h(befor)o(e)d(making)596
1684 y(any)20 b(accusations.)197 1748 y
SDict begin H.S end
197 1748 a 197
1748 a
SDict begin 11 H.A end
197 1748 a 197 1748 a
SDict begin [ /View [/XYZ H.V] /Dest (1193) cvn H.B /DEST pdfmark end
197 1748 a 596 1816 a Fl(If)j(you)i(have)e
(detected)g(a)g(network)i(compr)o(omise,)f(the)g(\002rst)g(thing)h(to)f
(do)g(\(if)g(you)g(ar)o(e)f(able\))g(is)596 1908 y(to)28
b(disconnect)g(your)h(network.)f(If)g(they)g(ar)o(e)e(connected)i(via)g
(modem,)g(unplug)g(the)g(modem)596 1999 y(cable;)17 b(if)i(they)g(ar)o
(e)e(connected)i(via)f(Ethernet,)h(unplug)g(the)g(Ethernet)f(cable.)g
(This)h(will)h(pr)o(event)596 2090 y(them)31 b(fr)o(om)f(doing)i(any)f
(further)f(damage,)g(and)g(they)i(will)f(pr)o(obably)f(see)h(it)g(as)g
(a)f(network)596 2182 y(pr)o(oblem)20 b(rather)g(than)h(detection.)197
2247 y
SDict begin H.S end
197 2247 a 197 2247 a
SDict begin 11 H.A end
197 2247 a 197 2247 a
SDict begin [ /View [/XYZ H.V] /Dest (1194) cvn H.B /DEST pdfmark end
197
2247 a 596 2314 a Fl(If)k(you)i(ar)o(e)d(unable)i(to)g(disconnect)g
(the)g(network)h(\(if)e(you)i(have)e(a)h(busy)g(site,)g(or)g(you)g(do)g
(not)596 2406 y(have)e(physical)i(contr)o(ol)f(of)g(your)h(machines\),)
f(the)g(next)g(best)g(step)h(is)f(to)h(use)f(something)i(like)596
2497 y
SDict begin H.S end
596 2497 a 596 2497 a
SDict begin 11 H.A end
596 2497 a 596 2497 a
SDict begin [ /View [/XYZ H.V] /Dest (1195) cvn H.B /DEST pdfmark end
596
2497 a Fh(tcp_wrappers)18 b Fl(or)1253 2497 y
SDict begin H.S end
1253 2497
a 1253 2497 a
SDict begin 11 H.A end
1253 2497 a 1253 2497 a
SDict begin [ /View [/XYZ H.V] /Dest (1196) cvn H.B /DEST pdfmark end
1253 2497 a Fh(ipfwadm)i
Fl(to)h(deny)g(access)f(fr)o(om)g(the)h(intr)o(uder)6
b('s)21 b(site.)197 2562 y
SDict begin H.S end
197 2562 a 197 2562 a
SDict begin 11 H.A end
197
2562 a 197 2562 a
SDict begin [ /View [/XYZ H.V] /Dest (1197) cvn H.B /DEST pdfmark end
197 2562 a 596 2630 a Fl(If)30 b(you)h(can't)g(deny)g
(all)f(people)h(fr)o(om)f(the)h(same)g(site)g(as)f(the)h(intr)o(uder)-6
b(,)31 b(locking)h(the)f(user)6 b('s)596 2721 y(account)22
b(will)h(have)e(to)i(do.)f(Note)h(that)f(locking)h(an)f(account)h(is)f
(not)h(an)f(easy)g(thing.)h(Y)-8 b(ou)23 b(have)596 2813
y(to)e(keep)f(in)h(mind)1196 2813 y
SDict begin H.S end
1196 2813 a 1196
2813 a
SDict begin 11 H.A end
1196 2813 a 1196 2813 a
SDict begin [ /View [/XYZ H.V] /Dest (1198) cvn H.B /DEST pdfmark end
1196 2813 a Fh(.rhosts)e
Fl(\002les,)i(FTP)g(access,)f(and)g(a)g(host)i(of)f(possible)g
(backdoors.)197 2878 y
SDict begin H.S end
197 2878 a 197 2878 a
SDict begin 11 H.A end
197 2878
a 197 2878 a
SDict begin [ /View [/XYZ H.V] /Dest (1199) cvn H.B /DEST pdfmark end
197 2878 a 596 2945 a Fl(After)c(you)i(have)f(done)h(one)g
(of)f(the)h(above)f(\(disconnected)h(the)f(network,)h(denied)f(access)g
(fr)o(om)596 3037 y(their)g(site,)h(and/or)g(disabled)e(their)i
(account\),)f(you)i(need)e(to)h(kill)g(all)g(their)g(user)f(pr)o
(ocesses)g(and)596 3128 y(log)j(them)g(of)o(f.)197 3193
y
SDict begin H.S end
197 3193 a 197 3193 a
SDict begin 11 H.A end
197 3193 a 197 3193 a
SDict begin [ /View [/XYZ H.V] /Dest (1200) cvn H.B /DEST pdfmark end
197 3193
a 596 3261 a Fl(Y)-8 b(ou)25 b(should)h(monitor)g(your)f(site)g(well)g
(for)f(the)h(next)g(few)f(minutes,)i(as)e(the)h(attacker)e(will)j(try)
596 3352 y(to)i(get)g(back)f(in.)i(Per)o(haps)e(using)i(a)e(dif)o(fer)o
(ent)f(account,)i(and/or)g(fr)o(om)g(a)f(dif)o(fer)o(ent)f(network)596
3444 y(addr)o(ess.)197 3487 y
SDict begin H.S end
197 3487 a 197 3487 a
SDict begin 11 H.A end
197
3487 a 197 3487 a
SDict begin [ /View [/XYZ H.V] /Dest (1201) cvn H.B /DEST pdfmark end
197 3487 a 596 3762 a Fi(Security)i(Compr)n(omise)h
(has)f(alread)n(y)g(happened)2712 3762 y
SDict begin H.S end
2712 3762 a
2712 3762 a
SDict begin 13.31 H.A end
2712 3762 a 2712 3762 a
SDict begin [ /View [/XYZ H.V] /Dest (1.10.58.2) cvn H.B /DEST pdfmark
end
2712 3762 a 197 3833
a
SDict begin H.S end
197 3833 a 197 3833 a
SDict begin 11 H.A end
197 3833 a 197 3833 a
SDict begin [ /View [/XYZ H.V] /Dest (1203) cvn H.B /DEST pdfmark end
197 3833
a 596 3903 a Fl(So)f(you)g(have)g(either)g(detected)f(a)h(compr)o
(omise)g(that)g(has)h(alr)o(eady)d(happened)h(or)i(you)f(have)596
3995 y(detected)f(it)i(and)g(locked)g(\(hopefully\))g(the)g(of)o
(fending)f(attacker)g(out)i(of)f(your)g(system.)g(Now)596
4086 y(what?)197 4086 y
SDict begin H.S end
197 4086 a 197 4086 a
SDict begin 11 H.A end
197 4086
a 197 4086 a
SDict begin [ /View [/XYZ H.V] /Dest (1204) cvn H.B /DEST pdfmark end
197 4086 a 596 4338 a Fm(Closing)d(the)g(Hole)1316
4338 y
SDict begin H.S end
1316 4338 a 1316 4338 a
SDict begin 12.1 H.A end
1316 4338 a 1316 4338
a
SDict begin [ /View [/XYZ H.V] /Dest (1.10.58.8.3) cvn H.B /DEST pdfmark
end
1316 4338 a 197 4404 a
SDict begin H.S end
197 4404 a 197 4404 a
SDict begin 11 H.A end
197 4404
a 197 4404 a
SDict begin [ /View [/XYZ H.V] /Dest (1206) cvn H.B /DEST pdfmark end
197 4404 a 596 4475 a Fl(If)g(you)i(ar)o(e)d(able)h(to)i
(determine)e(what)h(means)h(the)f(attacker)e(used)i(to)g(get)g(into)h
(your)f(system,)596 4566 y(you)g(should)g(try)g(to)g(close)g(that)f
(hole.)h(For)g(instance,)f(per)o(haps)g(you)h(see)f(several)g(FTP)h
(entries)596 4657 y(just)19 b(befor)o(e)f(the)h(user)g(logged)h(in.)f
(Disable)g(the)g(FTP)h(service)e(and)h(check)g(and)g(see)f(if)h(ther)o
(e)g(is)g(an)596 4749 y(updated)g(version,)i(or)g(if)f(any)h(of)g(the)g
(lists)g(know)h(of)f(a)f(\002x.)197 4814 y
SDict begin H.S end
197 4814 a
197 4814 a
SDict begin 11 H.A end
197 4814 a 197 4814 a
SDict begin [ /View [/XYZ H.V] /Dest (1207) cvn H.B /DEST pdfmark end
197 4814 a 596 4882
a Fl(Check)k(all)h(your)g(log)h(\002les,)f(and)f(make)h(a)f(visit)i(to)
f(your)g(security)g(lists)h(and)f(pages)f(and)g(see)h(if)596
4973 y(ther)o(e)e(ar)o(e)f(any)i(new)g(common)i(exploits)e(you)g(can)g
(\002x.)g(Y)-8 b(ou)25 b(can)e(\002nd)i(Caldera)d(security)i(\002xes)
596 5064 y(at)713 5064 y
SDict begin H.S end
713 5064 a 713 5064 a
SDict begin 11 H.A end
713 5064
a 713 5064 a
SDict begin [ /View [/XYZ H.V] /Dest (1208) cvn H.B /DEST pdfmark end
713 5064 a Fl(http://www)-8 b(.caldera.com/tech-r)o
(ef/security/.)47 b(Red)i(Hat)f(has)g(not)h(yet)g(separated)596
5156 y(their)c(security)g(\002xes)h(fr)o(om)f(bug)g(\002xes,)h(but)f
(their)g(distribution)i(errata)d(is)h(available)f(at)596
5247 y
SDict begin H.S end
596 5247 a 596 5247 a
SDict begin 11 H.A end
596 5247 a 596 5247 a
SDict begin [ /View [/XYZ H.V] /Dest (1209) cvn H.B /DEST pdfmark end
596
5247 a Fl(http://www)-8 b(.r)o(edhat.com/errata)197 5312
y
SDict begin H.S end
197 5312 a 197 5312 a
SDict begin 11 H.A end
197 5312 a 197 5312 a
SDict begin [ /View [/XYZ H.V] /Dest (1210) cvn H.B /DEST pdfmark end
197 5312
a 596 5380 a Fl(Debian)117 b(now)h(has)f(a)g(security)h(mailing)g(list)
g(and)e(web)i(page.)e(See:)596 5471 y
SDict begin H.S end
596 5471 a 596
5471 a
SDict begin 11 H.A end
596 5471 a 596 5471 a
SDict begin [ /View [/XYZ H.V] /Dest (1211) cvn H.B /DEST pdfmark end
596 5471 a Fl(http://www)-8
b(.debian.or)o(g/security/)21 b(for)g(mor)o(e)f(information.)p
Black 3601 5585 a Fj(39)p Black eop end
%%Page: 40 40
TeXDict begin 40 39 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.40) cvn H.B /DEST pdfmark
end
197 -102
a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black
197 6 a
SDict begin H.S end
197 6 a 197 6 a
SDict begin 11 H.A end
197 6 a 197 6 a
SDict begin [ /View [/XYZ H.V] /Dest (1212) cvn H.B /DEST pdfmark end
197 6 a 596 89
a Fl(It)30 b(is)g(very)g(likely)h(that)f(if)g(one)g(vendor)g(has)g(r)o
(eleased)f(a)g(security)i(update,)e(that)h(most)h(other)596
180 y(Linux)20 b(vendors)h(will)h(as)e(well.)197 224
y
SDict begin H.S end
197 224 a 197 224 a
SDict begin 11 H.A end
197 224 a 197 224 a
SDict begin [ /View [/XYZ H.V] /Dest (1213) cvn H.B /DEST pdfmark end
197 224 a 596
313 a Fl(Ther)o(e)e(is)j(now)f(a)g(Linux)g(security)f(auditing)h(pr)o
(oject.)g(They)g(ar)o(e)e(methodically)i(going)h(thr)o(ough)596
405 y(all)26 b(the)g(user)o(-space)e(utilities)j(and)f(looking)i(for)e
(possible)h(security)f(exploits)g(and)g(over\003ows.)596
496 y(Fr)o(om)20 b(their)h(announcement:)197 539 y
SDict begin H.S end
197
539 a 197 539 a
SDict begin 11 H.A end
197 539 a 197 539 a
SDict begin [ /View [/XYZ H.V] /Dest (1214) cvn H.B /DEST pdfmark end
197 539 a 197 539
a
SDict begin H.S end
197 539 a 197 539 a
SDict begin 11 H.A end
197 539 a 197 539 a
SDict begin [ /View [/XYZ H.V] /Dest (1215) cvn H.B /DEST pdfmark end
197 539 a 596
629 a Fl(\223"W)-8 b(e)23 b(ar)o(e)f(attempting)i(a)f(systematic)h
(audit)f(of)g(Linux)h(sour)o(ces)f(with)h(a)g(view)f(to)h(being)g(as)f
(se-)596 720 y(cur)o(e)e(as)g(OpenBSD.)h(W)-8 b(e)22
b(have)f(alr)o(eady)g(uncover)o(ed)g(\(and)g(\002xed\))g(some)i(pr)o
(oblems,)e(but)h(mor)o(e)596 811 y(help)d(is)i(welcome.)f(The)f(list)i
(is)f(unmoderated)f(and)g(also)h(a)g(useful)f(r)o(esour)o(ce)g(for)g
(general)g(secu-)596 903 y(rity)k(discussions.)h(The)e(list)i(addr)o
(ess)d(is:)i(security-audit@ferr)o(et.lmh.ox.ac.uk)d(T)-8
b(o)23 b(subscribe,)596 994 y(send)d(a)h(mail)f(to:)h
(security-audit-subscribe@ferr)o(et.lmh.ox.ac.uk"\224)197
1059 y
SDict begin H.S end
197 1059 a 197 1059 a
SDict begin 11 H.A end
197 1059 a 197 1059 a
SDict begin [ /View [/XYZ H.V] /Dest (1216) cvn H.B /DEST pdfmark end
197
1059 a 596 1127 a Fl(If)30 b(you)i(don't)f(lock)h(the)f(attacker)f
(out,)h(they)h(will)f(likely)h(be)f(back.)f(Not)i(just)f(back)g(on)h
(your)596 1218 y(machine,)16 b(but)h(back)f(somewher)o(e)h(on)g(your)g
(network.)g(If)f(they)h(wer)o(e)f(r)o(unning)i(a)e(packet)g(snif)o(fer)
-6 b(,)596 1310 y(odds)20 b(ar)o(e)g(good)h(they)g(have)f(access)g(to)i
(other)f(local)f(machines.)197 1374 y
SDict begin H.S end
197 1374 a 197
1374 a
SDict begin 11 H.A end
197 1374 a 197 1374 a
SDict begin [ /View [/XYZ H.V] /Dest (1217) cvn H.B /DEST pdfmark end
197 1374 a 596 1618 a Fm(Assessing)k(the)h
(Dama)o(g)q(e)1596 1618 y
SDict begin H.S end
1596 1618 a 1596 1618 a
SDict begin 12.1 H.A end
1596
1618 a 1596 1618 a
SDict begin [ /View [/XYZ H.V] /Dest (1.10.58.9.3) cvn H.B /DEST pdfmark
end
1596 1618 a 197 1683 a
SDict begin H.S end
197 1683 a
197 1683 a
SDict begin 11 H.A end
197 1683 a 197 1683 a
SDict begin [ /View [/XYZ H.V] /Dest (1219) cvn H.B /DEST pdfmark end
197 1683 a 596 1755
a Fl(The)c(\002rst)g(thing)i(is)e(to)h(assess)f(the)h(damage.)e(What)h
(has)g(been)g(compr)o(omised?)g(If)g(you)h(ar)o(e)e(r)o(un-)596
1846 y(ning)g(an)f(integrity)h(checker)e(like)1679 1846
y
SDict begin H.S end
1679 1846 a 1679 1846 a
SDict begin 11 H.A end
1679 1846 a 1679 1846 a
SDict begin [ /View [/XYZ H.V] /Dest (1220) cvn H.B /DEST pdfmark end
1679
1846 a Fh(Tripwire)p Fl(,)f(you)j(can)f(use)g(it)h(to)g(perform)e(an)h
(integrity)h(check;)596 1937 y(it)k(should)h(help)g(to)g(tell)f(you)h
(what)g(has)f(been)h(compr)o(omised.)f(If)g(not,)h(you)g(will)g(have)f
(to)h(look)596 2028 y(ar)o(ound)20 b(at)g(all)g(your)i(important)f
(data.)197 2093 y
SDict begin H.S end
197 2093 a 197 2093 a
SDict begin 11 H.A end
197 2093 a 197
2093 a
SDict begin [ /View [/XYZ H.V] /Dest (1221) cvn H.B /DEST pdfmark end
197 2093 a 596 2161 a Fl(Since)16 b(Linux)h(systems)g(ar)o(e)e
(getting)i(easier)f(and)g(easier)g(to)h(install,)g(you)g(might)h
(consider)f(saving)596 2253 y(your)22 b(con\002g)h(\002les,)f(wiping)g
(your)h(disk\(s\),)e(r)o(einstalling,)h(then)g(r)o(estoring)g(your)g
(user)g(\002les)g(and)596 2344 y(your)d(con\002g)i(\002les)e(fr)o(om)g
(backups.)g(This)h(will)g(ensur)o(e)f(that)h(you)g(have)f(a)f(new)-8
b(,)20 b(clean)f(system.)h(If)596 2435 y(you)g(have)f(to)h(r)o(estor)o
(e)f(\002les)h(fr)o(om)f(the)h(compr)o(omised)g(system,)g(be)g
(especially)f(cautious)h(of)g(any)596 2527 y(binaries)g(that)h(you)g(r)
o(estor)o(e,)e(as)i(they)g(may)g(be)f(T)-7 b(r)o(ojan)20
b(horses)h(placed)f(ther)o(e)g(by)h(the)g(intr)o(uder)-6
b(.)197 2592 y
SDict begin H.S end
197 2592 a 197 2592 a
SDict begin 11 H.A end
197 2592 a 197 2592
a
SDict begin [ /View [/XYZ H.V] /Dest (1222) cvn H.B /DEST pdfmark end
197 2592 a 596 2659 a Fl(Re-installation)22 b(should)g(be)e(consider)
o(ed)h(mandatory)g(upon)g(an)g(intr)o(uder)h(obtaining)g(r)o(oot)f(ac-)
596 2751 y(cess.)f(Additionally)-9 b(,)20 b(you'd)h(like)g(to)g(keep)f
(any)g(evidence)g(ther)o(e)g(is,)g(so)i(having)e(a)g(spar)o(e)g(disk)g
(in)596 2842 y(the)g(safe)g(may)h(make)g(sense.)197 2907
y
SDict begin H.S end
197 2907 a 197 2907 a
SDict begin 11 H.A end
197 2907 a 197 2907 a
SDict begin [ /View [/XYZ H.V] /Dest (1223) cvn H.B /DEST pdfmark end
197 2907
a 596 2975 a Fl(Then)16 b(you)h(have)e(to)i(worry)f(about)g(how)i(long)
f(ago)f(the)g(compr)o(omise)h(happened,)e(and)h(whether)596
3066 y(the)k(backups)h(hold)g(any)g(damaged)e(work.)i(Mor)o(e)f(on)h
(backups)g(later)-6 b(.)197 3131 y
SDict begin H.S end
197 3131 a 197 3131
a
SDict begin 11 H.A end
197 3131 a 197 3131 a
SDict begin [ /View [/XYZ H.V] /Dest (1224) cvn H.B /DEST pdfmark end
197 3131 a 596 3374 a Fm(Bac)n(kups,)24
b(Bac)n(kups,)h(Bac)n(kups!)1865 3374 y
SDict begin H.S end
1865 3374 a 1865
3374 a
SDict begin 12.1 H.A end
1865 3374 a 1865 3374 a
SDict begin [ /View [/XYZ H.V] /Dest (1.10.58.10.3) cvn H.B /DEST pdfmark
end
1865 3374 a 197 3439 a
SDict begin H.S end
197 3439 a 197 3439 a
SDict begin 11 H.A end
197 3439 a 197 3439 a
SDict begin [ /View [/XYZ H.V] /Dest (1226) cvn H.B /DEST pdfmark end
197 3439
a 596 3511 a Fl(Having)30 b(r)o(egular)g(backups)g(is)h(a)f(godsend)h
(for)g(security)g(matters.)f(If)g(your)h(system)h(is)f(com-)596
3603 y(pr)o(omised,)23 b(you)h(can)f(r)o(estor)o(e)g(the)h(data)e(you)j
(need)e(fr)o(om)g(backups.)g(Of)h(course,)g(some)g(data)f(is)596
3694 y(valuable)i(to)h(the)g(attacker)f(too,)i(and)e(they)i(will)g(not)
f(only)h(destr)o(oy)f(it,)g(they)g(will)h(steal)f(it)g(and)596
3785 y(have)20 b(their)h(own)g(copies;)g(but)g(at)f(least)h(you)g(will)
g(still)h(have)e(the)h(data.)197 3850 y
SDict begin H.S end
197 3850 a 197
3850 a
SDict begin 11 H.A end
197 3850 a 197 3850 a
SDict begin [ /View [/XYZ H.V] /Dest (1227) cvn H.B /DEST pdfmark end
197 3850 a 596 3918 a Fl(Y)-8
b(ou)26 b(should)f(check)g(several)f(backups)h(back)f(into)i(the)f
(past)g(befor)o(e)e(r)o(estoring)i(a)g(\002le)g(that)g(has)596
4009 y(been)c(tamper)o(ed)e(with.)j(The)g(intr)o(uder)f(could)h(have)f
(compr)o(omised)g(your)h(\002les)g(long)g(ago,)f(and)596
4101 y(you)g(could)g(have)f(made)g(many)h(successful)g(backups)f(of)h
(the)g(compr)o(omised)g(\002le!)197 4166 y
SDict begin H.S end
197 4166 a
197 4166 a
SDict begin 11 H.A end
197 4166 a 197 4166 a
SDict begin [ /View [/XYZ H.V] /Dest (1228) cvn H.B /DEST pdfmark end
197 4166 a 596 4234
a Fl(Of)g(course,)g(ther)o(e)f(ar)o(e)g(also)i(a)e(raft)h(of)g
(security)g(concerns)h(with)g(backups.)f(Make)f(sur)o(e)h(you)g(ar)o(e)
596 4325 y(storing)i(them)g(in)f(a)g(secur)o(e)g(place.)f(Know)i(who)h
(has)e(access)g(to)h(them.)f(\(If)g(an)g(attacker)f(can)h(get)596
4416 y(your)f(backups,)f(they)h(can)f(have)g(access)h(to)g(all)f(your)h
(data)f(without)i(you)f(ever)f(knowing)j(it.\))197 4481
y
SDict begin H.S end
197 4481 a 197 4481 a
SDict begin 11 H.A end
197 4481 a 197 4481 a
SDict begin [ /View [/XYZ H.V] /Dest (1229) cvn H.B /DEST pdfmark end
197 4481
a 596 4724 a Fm(T)-7 b(rac)n(king)23 b(Do)o(wn)i(the)g(Intruder)-5
b(.)1793 4724 y
SDict begin H.S end
1793 4724 a 1793 4724 a
SDict begin 12.1 H.A end
1793 4724 a 1793
4724 a
SDict begin [ /View [/XYZ H.V] /Dest (1.10.58.11.3) cvn H.B /DEST pdfmark
end
1793 4724 a 197 4790 a
SDict begin H.S end
197 4790 a 197 4790 a
SDict begin 11 H.A end
197
4790 a 197 4790 a
SDict begin [ /View [/XYZ H.V] /Dest (1231) cvn H.B /DEST pdfmark end
197 4790 a 596 4861 a Fl(Ok,)30 b(you)i(have)e
(locked)g(the)h(intr)o(uder)g(out,)g(and)f(r)o(ecover)o(ed)e(your)j
(system,)g(but)g(you'r)o(e)f(not)596 4953 y(quite)35
b(done)g(yet.)f(While)h(it)g(is)g(unlikely)h(that)f(most)g(intr)o
(uders)g(will)h(ever)e(be)g(caught,)g(you)596 5044 y(should)21
b(r)o(eport)f(the)h(attack.)197 5109 y
SDict begin H.S end
197 5109 a 197
5109 a
SDict begin 11 H.A end
197 5109 a 197 5109 a
SDict begin [ /View [/XYZ H.V] /Dest (1232) cvn H.B /DEST pdfmark end
197 5109 a 596 5177 a Fl(Y)-8
b(ou)35 b(should)g(r)o(eport)f(the)g(attack)g(to)h(the)f(admin)h
(contact)f(at)g(the)g(site)h(fr)o(om)f(which)h(the)g(at-)596
5268 y(tacker)20 b(attacked)g(your)i(system.)g(Y)-8 b(ou)23
b(can)e(look)i(up)e(this)i(contact)e(with)2917 5268 y
SDict begin H.S end
2917 5268 a 2917 5268 a
SDict begin 11 H.A end
2917 5268 a 2917 5268 a
SDict begin [ /View [/XYZ H.V] /Dest (1233) cvn H.B /DEST pdfmark end
2917
5268 a Fh(whois)f Fl(or)i(the)g(Internic)596 5359 y(database.)16
b(Y)-8 b(ou)19 b(might)g(send)f(them)g(an)g(email)g(with)h(all)f
(applicable)f(log)h(entries)g(and)g(dates)f(and)p Black
197 5585 a Fj(40)p Black eop end
%%Page: 41 41
TeXDict begin 41 40 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.41) cvn H.B /DEST pdfmark
end
197 -102
a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black 596 89 a Fl(times.)j(If)g(you)g(spotted)g(anything)i(else)d
(distinctive)i(about)f(your)g(intr)o(uder)-6 b(,)24 b(you)h(might)g
(men-)596 180 y(tion)g(that)f(too.)i(After)d(sending)i(the)g(email,)f
(you)h(should)h(\(if)e(you)h(ar)o(e)e(so)i(inclined\))g(follow)g(up)596
272 y(with)20 b(a)e(phone)i(call.)f(If)g(that)g(admin)g(in)h(turn)g
(spots)g(your)f(attacker)-6 b(,)18 b(they)i(might)g(be)f(able)f(to)i
(talk)596 363 y(to)h(the)g(admin)f(of)h(the)g(site)g(wher)o(e)f(they)h
(ar)o(e)e(coming)j(fr)o(om)f(and)f(so)h(on.)197 428 y
SDict begin H.S end
197 428 a 197 428 a
SDict begin 11 H.A end
197 428 a 197 428 a
SDict begin [ /View [/XYZ H.V] /Dest (1234) cvn H.B /DEST pdfmark end
197 428 a 596
496 a Fl(Good)j(crackers)e(often)i(use)f(many)h(intermediate)f
(systems,)h(some)g(\(or)f(many\))g(of)h(which)g(may)596
587 y(not)f(even)g(know)i(they)e(have)g(been)g(compr)o(omised.)g(T)-7
b(rying)24 b(to)f(track)g(a)g(cracker)f(back)g(to)i(their)596
679 y(home)k(system)h(can)e(be)h(dif)o(\002cult.)f(Being)h(polite)g(to)
g(the)g(admins)g(you)h(talk)e(to)i(can)e(go)i(a)e(long)596
770 y(way)20 b(to)h(getting)h(help)f(fr)o(om)f(them.)197
835 y
SDict begin H.S end
197 835 a 197 835 a
SDict begin 11 H.A end
197 835 a 197 835 a
SDict begin [ /View [/XYZ H.V] /Dest (1235) cvn H.B /DEST pdfmark end
197 835
a 596 903 a Fl(Y)-8 b(ou)24 b(should)g(also)f(notify)h(any)g(security)f
(or)o(ganizations)g(you)h(ar)o(e)e(a)h(part)f(of)h(\()3112
903 y
SDict begin H.S end
3112 903 a 3112 903 a
SDict begin 11 H.A end
3112 903 a 3112 903 a
SDict begin [ /View [/XYZ H.V] /Dest (1236) cvn H.B /DEST pdfmark end
3112
903 a Fl(CER)m(T)3325 869 y Fe(94)3398 903 y Fl(or)g(simi-)596
994 y(lar\),)c(as)i(well)g(as)f(your)h(Linux)g(system)h(vendor)-6
b(.)197 1225 y
SDict begin H.S end
197 1225 a 197 1225 a
SDict begin 11 H.A end
197 1225 a 197 1225
a
SDict begin [ /View [/XYZ H.V] /Dest (sources) cvn H.B /DEST pdfmark
end
197 1225 a 264 x Fn(Security)31 b(Sour)n(ces)1098 1489
y
SDict begin H.S end
1098 1489 a 1098 1489 a
SDict begin 14.641 H.A end
1098 1489 a 1098 1489 a
SDict begin [ /View [/XYZ H.V] /Dest (1.11.1) cvn H.B /DEST pdfmark
end
1098
1489 a 197 1567 a
SDict begin H.S end
197 1567 a 197 1567 a
SDict begin 11 H.A end
197 1567 a 197
1567 a
SDict begin [ /View [/XYZ H.V] /Dest (1239) cvn H.B /DEST pdfmark end
197 1567 a 596 1636 a Fl(Ther)o(e)15 b(ar)o(e)f(a)i(LOT)f(of)h
(good)h(sites)f(out)h(ther)o(e)e(for)h(Unix)f(security)h(in)h(general)e
(and)h(Linux)g(security)596 1727 y(speci\002cally)-9
b(.)23 b(It's)h(very)g(important)g(to)g(subscribe)g(to)g(one)g(\(or)g
(mor)o(e\))f(of)h(the)g(security)g(mailing)596 1818 y(lists)f(and)e
(keep)h(curr)o(ent)f(on)i(security)g(\002xes.)f(Most)g(of)g(these)g
(lists)h(ar)o(e)e(very)h(low)h(volume,)f(and)596 1910
y(very)e(informative.)197 1933 y
SDict begin H.S end
197 1933 a 197 1933
a
SDict begin 11 H.A end
197 1933 a 197 1933 a
SDict begin [ /View [/XYZ H.V] /Dest (linuxsecurity) cvn H.B /DEST
pdfmark end
197 1933 a 596 2179 a Fi(Lin)o(uxSecurity)-8
b(.com)29 b(Ref)o(erences)2054 2179 y
SDict begin H.S end
2054 2179 a 2054
2179 a
SDict begin 13.31 H.A end
2054 2179 a 2054 2179 a
SDict begin [ /View [/XYZ H.V] /Dest (1.11.59.2) cvn H.B /DEST pdfmark
end
2054 2179 a 197 2250 a
SDict begin H.S end
197 2250 a 197 2250 a
SDict begin 11 H.A end
197 2250 a 197 2250 a
SDict begin [ /View [/XYZ H.V] /Dest (1242) cvn H.B /DEST pdfmark end
197 2250
a 596 2320 a Fl(The)19 b(LinuxSecurity)-9 b(.com)20 b(web)g(site)g(has)
f(numer)o(ous)i(Linux)f(and)f(open)h(sour)o(ce)g(security)g(r)o(efer)o
(-)596 2411 y(ences)g(written)h(by)g(the)g(LinuxSecurity)f(staf)o(f)g
(and)g(people)h(collectively)g(ar)o(ound)f(the)h(world.)197
2476 y
SDict begin H.S end
197 2476 a 197 2476 a
SDict begin 11 H.A end
197 2476 a 197 2476 a
SDict begin [ /View [/XYZ H.V] /Dest (1243) cvn H.B /DEST pdfmark end
197
2476 a 197 2476 a
SDict begin H.S end
197 2476 a 197 2476 a
SDict begin 11 H.A end
197 2476 a 197
2476 a
SDict begin [ /View [/XYZ H.V] /Dest (1244) cvn H.B /DEST pdfmark end
197 2476 a 197 2518 a
SDict begin H.S end
197 2518 a 197 2518 a
SDict begin 11 H.A end
197
2518 a 197 2518 a
SDict begin [ /View [/XYZ H.V] /Dest (1245) cvn H.B /DEST pdfmark end
197 2518 a Black 596 2669 a Fg(\225)p
Black 679 2669 a
SDict begin H.S end
679 2669 a 679 2669 a
SDict begin 11 H.A end
679 2669 a 679
2669 a
SDict begin [ /View [/XYZ H.V] /Dest (1246) cvn H.B /DEST pdfmark end
679 2669 a 679 2669 a
SDict begin H.S end
679 2669 a 679 2669 a
SDict begin 11 H.A end
679
2669 a 679 2669 a
SDict begin [ /View [/XYZ H.V] /Dest (1247) cvn H.B /DEST pdfmark end
679 2669 a 679 2669 a
SDict begin H.S end
679 2669 a 679
2669 a
SDict begin 11 H.A end
679 2669 a 679 2669 a
SDict begin [ /View [/XYZ H.V] /Dest (1248) cvn H.B /DEST pdfmark end
679 2669 a Fj(Linux)32 b(Advisory)f(W)n
(atch)1472 2636 y Fa(95)1553 2669 y Fl(--)g(A)h(compr)o(ehensive)g
(newsletter)g(that)g(outlines)h(the)f(security)679 2760
y(vulnerabilities)23 b(that)h(have)f(been)h(announced)g(thr)o(oughout)g
(the)g(week.)g(It)g(includes)g(point-)679 2851 y(ers)c(to)h(updated)f
(packages)g(and)g(descriptions)h(of)g(each)f(vulnerability)-9
b(.)197 2875 y
SDict begin H.S end
197 2875 a 197 2875 a
SDict begin 11 H.A end
197 2875 a 197 2875
a
SDict begin [ /View [/XYZ H.V] /Dest (1249) cvn H.B /DEST pdfmark end
197 2875 a Black 596 2984 a Fg(\225)p Black 679 2984
a
SDict begin H.S end
679 2984 a 679 2984 a
SDict begin 11 H.A end
679 2984 a 679 2984 a
SDict begin [ /View [/XYZ H.V] /Dest (1250) cvn H.B /DEST pdfmark end
679 2984
a 679 2984 a
SDict begin H.S end
679 2984 a 679 2984 a
SDict begin 11 H.A end
679 2984 a 679 2984
a
SDict begin [ /View [/XYZ H.V] /Dest (1251) cvn H.B /DEST pdfmark end
679 2984 a 679 2984 a
SDict begin H.S end
679 2984 a 679 2984 a
SDict begin 11 H.A end
679 2984
a 679 2984 a
SDict begin [ /View [/XYZ H.V] /Dest (1252) cvn H.B /DEST pdfmark end
679 2984 a Fj(Linux)30 b(Security)g(W)n(eek)1402
2951 y Fa(96)1484 2984 y Fl(--)g(The)g(purpose)h(of)f(this)h(document)g
(is)g(to)g(pr)o(ovide)e(our)i(r)o(eaders)679 3076 y(with)21
b(a)f(quick)i(summary)f(of)g(each)f(week's)h(most)h(r)o(elevant)d
(Linux)i(security)g(headlines.)197 3099 y
SDict begin H.S end
197 3099 a
197 3099 a
SDict begin 11 H.A end
197 3099 a 197 3099 a
SDict begin [ /View [/XYZ H.V] /Dest (1253) cvn H.B /DEST pdfmark end
197 3099 a Black 596
3208 a Fg(\225)p Black 679 3208 a
SDict begin H.S end
679 3208 a 679 3208
a
SDict begin 11 H.A end
679 3208 a 679 3208 a
SDict begin [ /View [/XYZ H.V] /Dest (1254) cvn H.B /DEST pdfmark end
679 3208 a 679 3208 a
SDict begin H.S end
679 3208
a 679 3208 a
SDict begin 11 H.A end
679 3208 a 679 3208 a
SDict begin [ /View [/XYZ H.V] /Dest (1255) cvn H.B /DEST pdfmark end
679 3208 a 679 3208
a
SDict begin H.S end
679 3208 a 679 3208 a
SDict begin 11 H.A end
679 3208 a 679 3208 a
SDict begin [ /View [/XYZ H.V] /Dest (1256) cvn H.B /DEST pdfmark end
679 3208
a Fj(Linux)32 b(Security)g(Discussion)g(List)1760 3175
y Fa(97)1842 3208 y Fl(--)f(This)i(mailing)g(list)f(is)h(for)e(general)
h(security-r)o(elated)679 3300 y(questions)22 b(and)e(comments.)197
3323 y
SDict begin H.S end
197 3323 a 197 3323 a
SDict begin 11 H.A end
197 3323 a 197 3323 a
SDict begin [ /View [/XYZ H.V] /Dest (1257) cvn H.B /DEST pdfmark end
197
3323 a Black 596 3433 a Fg(\225)p Black 679 3433 a
SDict begin H.S end
679
3433 a 679 3433 a
SDict begin 11 H.A end
679 3433 a 679 3433 a
SDict begin [ /View [/XYZ H.V] /Dest (1258) cvn H.B /DEST pdfmark end
679 3433 a 679
3433 a
SDict begin H.S end
679 3433 a 679 3433 a
SDict begin 11 H.A end
679 3433 a 679 3433 a
SDict begin [ /View [/XYZ H.V] /Dest (1259) cvn H.B /DEST pdfmark end
679
3433 a 679 3433 a
SDict begin H.S end
679 3433 a 679 3433 a
SDict begin 11 H.A end
679 3433 a 679
3433 a
SDict begin [ /View [/XYZ H.V] /Dest (1260) cvn H.B /DEST pdfmark end
679 3433 a Fj(Linux)g(Security)h(Newsletters)1602
3399 y Fa(98)1673 3433 y Fl(--)f(Subscription)h(information)h(for)f
(all)f(newsletters.)197 3456 y
SDict begin H.S end
197 3456 a 197 3456 a
SDict begin 11 H.A end
197 3456 a 197 3456 a
SDict begin [ /View [/XYZ H.V] /Dest (1261) cvn H.B /DEST pdfmark end
197 3456 a Black 596 3565 a Fg(\225)p
Black 679 3565 a
SDict begin H.S end
679 3565 a 679 3565 a
SDict begin 11 H.A end
679 3565 a 679
3565 a
SDict begin [ /View [/XYZ H.V] /Dest (1262) cvn H.B /DEST pdfmark end
679 3565 a 679 3565 a
SDict begin H.S end
679 3565 a 679 3565 a
SDict begin 11 H.A end
679
3565 a 679 3565 a
SDict begin [ /View [/XYZ H.V] /Dest (1263) cvn H.B /DEST pdfmark end
679 3565 a 679 3565 a
SDict begin H.S end
679 3565 a 679
3565 a
SDict begin 11 H.A end
679 3565 a 679 3565 a
SDict begin [ /View [/XYZ H.V] /Dest (1264) cvn H.B /DEST pdfmark end
679 3565 a Fj(comp.os.linux.security)29
b(F)-9 b(AQ)1629 3532 y Fa(99)1710 3565 y Fl(--)31 b(Fr)o(equently)h
(Asked)f(Questions)i(with)f(answers)f(for)h(the)679 3657
y(comp.os.linux.security)21 b(newsgr)o(oup.)197 3680
y
SDict begin H.S end
197 3680 a 197 3680 a
SDict begin 11 H.A end
197 3680 a 197 3680 a
SDict begin [ /View [/XYZ H.V] /Dest (1265) cvn H.B /DEST pdfmark end
197 3680
a Black 596 3790 a Fg(\225)p Black 679 3790 a
SDict begin H.S end
679 3790
a 679 3790 a
SDict begin 11 H.A end
679 3790 a 679 3790 a
SDict begin [ /View [/XYZ H.V] /Dest (1266) cvn H.B /DEST pdfmark end
679 3790 a 679 3790
a
SDict begin H.S end
679 3790 a 679 3790 a
SDict begin 11 H.A end
679 3790 a 679 3790 a
SDict begin [ /View [/XYZ H.V] /Dest (1267) cvn H.B /DEST pdfmark end
679 3790
a 679 3790 a
SDict begin H.S end
679 3790 a 679 3790 a
SDict begin 11 H.A end
679 3790 a 679 3790
a
SDict begin [ /View [/XYZ H.V] /Dest (1268) cvn H.B /DEST pdfmark end
679 3790 a Fj(Linux)g(Security)g(Documentation)1731
3756 y Fa(100)1826 3790 y Fl(--)g(A)g(gr)o(eat)f(starting)h(point)h
(for)g(information)g(pertaining)679 3881 y(to)f(Linux)g(and)f(Open)h
(Sour)o(ce)f(security)-9 b(.)197 4055 y
SDict begin H.S end
197 4055 a 197
4055 a
SDict begin 11 H.A end
197 4055 a 197 4055 a
SDict begin [ /View [/XYZ H.V] /Dest (ftpsites) cvn H.B /DEST pdfmark
end
197 4055 a 596 4332 a Fi(FTP)28
b(Sites)1053 4332 y
SDict begin H.S end
1053 4332 a 1053 4332 a
SDict begin 13.31 H.A end
1053 4332
a 1053 4332 a
SDict begin [ /View [/XYZ H.V] /Dest (1.11.60.2) cvn H.B /DEST pdfmark
end
1053 4332 a 197 4383 a
SDict begin H.S end
197 4383 a 197 4383
a
SDict begin 11 H.A end
197 4383 a 197 4383 a
SDict begin [ /View [/XYZ H.V] /Dest (1271) cvn H.B /DEST pdfmark end
197 4383 a 596 4473 a Fl(CER)m(T)19
b(is)h(the)g(Computer)f(Emer)o(gency)g(Response)i(T)-8
b(eam.)19 b(They)h(often)g(send)f(out)h(alerts)f(of)h(cur)o(-)596
4565 y(r)o(ent)g(attacks)g(and)g(\002xes.)h(See)1554
4565 y
SDict begin H.S end
1554 4565 a 1554 4565 a
SDict begin 11 H.A end
1554 4565 a 1554 4565
a
SDict begin [ /View [/XYZ H.V] /Dest (1272) cvn H.B /DEST pdfmark end
1554 4565 a Fl(ftp://ftp.cert.or)o(g)e(for)h(mor)o(e)h(information.)
197 4630 y
SDict begin H.S end
197 4630 a 197 4630 a
SDict begin 11 H.A end
197 4630 a 197 4630
a
SDict begin [ /View [/XYZ H.V] /Dest (1273) cvn H.B /DEST pdfmark end
197 4630 a 596 4698 a Fl(ZEDZ)j(\(formerly)f(Replay\))g(\()1554
4698 y
SDict begin H.S end
1554 4698 a 1554 4698 a
SDict begin 11 H.A end
1554 4698 a 1554 4698
a
SDict begin [ /View [/XYZ H.V] /Dest (1274) cvn H.B /DEST pdfmark end
1554 4698 a Fl(http://www)-8 b(.zedz.net\))23 b(has)g(ar)o(chives)g
(of)g(many)h(security)g(pr)o(o-)596 4789 y(grams.)c(Since)g(they)i(ar)o
(e)d(outside)i(the)g(US,)f(they)h(don't)g(need)f(to)h(obey)g(US)f
(crypto)h(r)o(estrictions.)197 4854 y
SDict begin H.S end
197 4854 a 197
4854 a
SDict begin 11 H.A end
197 4854 a 197 4854 a
SDict begin [ /View [/XYZ H.V] /Dest (1275) cvn H.B /DEST pdfmark end
197 4854 a 596 4922 a Fl(Matt)e(Blaze)f
(is)i(the)g(author)g(of)g(CFS)g(and)f(a)h(gr)o(eat)e(security)i
(advocate.)f(Matt's)g(ar)o(chive)g(is)h(avail-)596 5013
y(able)g(at)857 5013 y
SDict begin H.S end
857 5013 a 857 5013 a
SDict begin 11 H.A end
857 5013
a 857 5013 a
SDict begin [ /View [/XYZ H.V] /Dest (1276) cvn H.B /DEST pdfmark end
857 5013 a Fl(ftp://ftp.r)o(esear)o(ch.att.com/pub/mab)197
5078 y
SDict begin H.S end
197 5078 a 197 5078 a
SDict begin 11 H.A end
197 5078 a 197 5078 a
SDict begin [ /View [/XYZ H.V] /Dest (1277) cvn H.B /DEST pdfmark end
197
5078 a 197 5078 a
SDict begin H.S end
197 5078 a 197 5078 a
SDict begin 11 H.A end
197 5078 a 197
5078 a
SDict begin [ /View [/XYZ H.V] /Dest (1278) cvn H.B /DEST pdfmark end
197 5078 a 596 5146 a Fh(tue.nl)f Fl(is)i(a)g(gr)o(eat)e
(security)i(FTP)g(site)g(in)g(the)g(Netherlands.)2589
5146 y
SDict begin H.S end
2589 5146 a 2589 5146 a
SDict begin 11 H.A end
2589 5146 a 2589 5146
a
SDict begin [ /View [/XYZ H.V] /Dest (1279) cvn H.B /DEST pdfmark end
2589 5146 a Fl(ftp.win.tue.nl)3087 5113 y Fe(104)197
5211 y
SDict begin H.S end
197 5211 a 197 5211 a
SDict begin 11 H.A end
197 5211 a 197 5211 a
SDict begin [ /View [/XYZ H.V] /Dest (websites) cvn H.B /DEST pdfmark
end
197
5211 a Black 3601 5585 a Fj(41)p Black eop end
%%Page: 42 42
TeXDict begin 42 41 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.42) cvn H.B /DEST pdfmark
end
197 -102
a Black -30 x Fj(Linux)21 b(Security)g(HOWT)o(O)p Black
596 89 a Fi(W)l(eb)28 b(Sites)1072 89 y
SDict begin H.S end
1072 89 a 1072
89 a
SDict begin 13.31 H.A end
1072 89 a 1072 89 a
SDict begin [ /View [/XYZ H.V] /Dest (1.11.61.2) cvn H.B /DEST pdfmark
end
1072 89 a 197 141 a
SDict begin H.S end
197 141
a 197 141 a
SDict begin 11 H.A end
197 141 a 197 141 a
SDict begin [ /View [/XYZ H.V] /Dest (1282) cvn H.B /DEST pdfmark end
197 141 a 197 141 a
SDict begin H.S end
197
141 a 197 141 a
SDict begin 11 H.A end
197 141 a 197 141 a
SDict begin [ /View [/XYZ H.V] /Dest (1283) cvn H.B /DEST pdfmark end
197 141 a 197 191
a
SDict begin H.S end
197 191 a 197 191 a
SDict begin 11 H.A end
197 191 a 197 191 a
SDict begin [ /View [/XYZ H.V] /Dest (1284) cvn H.B /DEST pdfmark end
197 191 a Black
596 381 a Fg(\225)p Black 679 381 a
SDict begin H.S end
679 381 a 679 381
a
SDict begin 11 H.A end
679 381 a 679 381 a
SDict begin [ /View [/XYZ H.V] /Dest (1285) cvn H.B /DEST pdfmark end
679 381 a Fl(The)20 b(Hacker)g(F)-6
b(AQ)21 b(is)g(a)f(F)-6 b(AQ)21 b(about)f(hackers:)2202
381 y
SDict begin H.S end
2202 381 a 2202 381 a
SDict begin 11 H.A end
2202 381 a 2202 381 a
SDict begin [ /View [/XYZ H.V] /Dest (1286) cvn H.B /DEST pdfmark end
2202
381 a Fl(The)g(Hacker)g(F)-6 b(AQ)2818 348 y Fe(105)197
397 y
SDict begin H.S end
197 397 a 197 397 a
SDict begin 11 H.A end
197 397 a 197 397 a
SDict begin [ /View [/XYZ H.V] /Dest (1287) cvn H.B /DEST pdfmark end
197 397
a Black 596 514 a Fg(\225)p Black 679 514 a
SDict begin H.S end
679 514 a
679 514 a
SDict begin 11 H.A end
679 514 a 679 514 a
SDict begin [ /View [/XYZ H.V] /Dest (1288) cvn H.B /DEST pdfmark end
679 514 a Fl(The)26 b(COAST)f(ar)o(chive)
g(has)h(a)g(lar)o(ge)f(number)h(of)g(Unix)g(security)g(pr)o(ograms)g
(and)f(informa-)679 605 y(tion:)865 605 y
SDict begin H.S end
865 605 a 865
605 a
SDict begin 11 H.A end
865 605 a 865 605 a
SDict begin [ /View [/XYZ H.V] /Dest (1289) cvn H.B /DEST pdfmark end
865 605 a Fl(COAST)1149 572
y Fe(106)197 607 y
SDict begin H.S end
197 607 a 197 607 a
SDict begin 11 H.A end
197 607 a 197
607 a
SDict begin [ /View [/XYZ H.V] /Dest (1290) cvn H.B /DEST pdfmark end
197 607 a Black 596 738 a Fg(\225)p Black 679 738
a
SDict begin H.S end
679 738 a 679 738 a
SDict begin 11 H.A end
679 738 a 679 738 a
SDict begin [ /View [/XYZ H.V] /Dest (1291) cvn H.B /DEST pdfmark end
679 738 a Fl(SuSe)19
b(Security)i(Page:)1417 738 y
SDict begin H.S end
1417 738 a 1417 738 a
SDict begin 11 H.A end
1417
738 a 1417 738 a
SDict begin [ /View [/XYZ H.V] /Dest (1292) cvn H.B /DEST pdfmark end
1417 738 a Fl(http://www)-8 b(.suse.de/security/)197
762 y
SDict begin H.S end
197 762 a 197 762 a
SDict begin 11 H.A end
197 762 a 197 762 a
SDict begin [ /View [/XYZ H.V] /Dest (1293) cvn H.B /DEST pdfmark end
197 762
a Black 596 871 a Fg(\225)p Black 679 871 a
SDict begin H.S end
679 871 a
679 871 a
SDict begin 11 H.A end
679 871 a 679 871 a
SDict begin [ /View [/XYZ H.V] /Dest (1294) cvn H.B /DEST pdfmark end
679 871 a Fl(Rootshell.com)27
b(is)g(a)e(gr)o(eat)g(site)h(for)g(seeing)g(what)g(exploits)g(ar)o(e)f
(curr)o(ently)g(being)h(used)g(by)679 962 y(crackers:)1022
962 y
SDict begin H.S end
1022 962 a 1022 962 a
SDict begin 11 H.A end
1022 962 a 1022 962 a
SDict begin [ /View [/XYZ H.V] /Dest (1295) cvn H.B /DEST pdfmark end
1022
962 a Fl(http://www)-8 b(.r)o(ootshell.com/)197 986 y
SDict begin H.S end
197 986 a 197 986 a
SDict begin 11 H.A end
197 986 a 197 986 a
SDict begin [ /View [/XYZ H.V] /Dest (1296) cvn H.B /DEST pdfmark end
197 986 a Black
596 1095 a Fg(\225)p Black 679 1095 a
SDict begin H.S end
679 1095 a 679
1095 a
SDict begin 11 H.A end
679 1095 a 679 1095 a
SDict begin [ /View [/XYZ H.V] /Dest (1297) cvn H.B /DEST pdfmark end
679 1095 a Fl(BUGTRAQ)20
b(puts)h(out)g(advisories)g(on)g(security)g(issues:)2525
1095 y
SDict begin H.S end
2525 1095 a 2525 1095 a
SDict begin 11 H.A end
2525 1095 a 2525 1095
a
SDict begin [ /View [/XYZ H.V] /Dest (1298) cvn H.B /DEST pdfmark end
2525 1095 a Fl(BUGTRAQ)g(ar)o(chives)3266 1062 y Fe(109)197
1119 y
SDict begin H.S end
197 1119 a 197 1119 a
SDict begin 11 H.A end
197 1119 a 197 1119 a
SDict begin [ /View [/XYZ H.V] /Dest (1299) cvn H.B /DEST pdfmark end
197
1119 a Black 596 1228 a Fg(\225)p Black 679 1228 a
SDict begin H.S end
679
1228 a 679 1228 a
SDict begin 11 H.A end
679 1228 a 679 1228 a
SDict begin [ /View [/XYZ H.V] /Dest (1300) cvn H.B /DEST pdfmark end
679 1228 a Fl(CER)m(T)-6
b(,)22 b(the)h(Computer)g(Emer)o(gency)f(Response)i(T)-8
b(eam,)23 b(puts)g(out)g(advisories)g(on)g(common)679
1319 y(attacks)d(on)h(Unix)g(platforms:)1668 1319 y
SDict begin H.S end
1668
1319 a 1668 1319 a
SDict begin 11 H.A end
1668 1319 a 1668 1319 a
SDict begin [ /View [/XYZ H.V] /Dest (1301) cvn H.B /DEST pdfmark end
1668 1319
a Fl(CER)m(T)g(home)2108 1286 y Fe(110)197 1343 y
SDict begin H.S end
197
1343 a 197 1343 a
SDict begin 11 H.A end
197 1343 a 197 1343 a
SDict begin [ /View [/XYZ H.V] /Dest (1302) cvn H.B /DEST pdfmark end
197 1343 a Black
596 1452 a Fg(\225)p Black 679 1452 a
SDict begin H.S end
679 1452 a 679
1452 a
SDict begin 11 H.A end
679 1452 a 679 1452 a
SDict begin [ /View [/XYZ H.V] /Dest (1303) cvn H.B /DEST pdfmark end
679 1452 a Fl(Dan)34 b(Farmer)f(is)i(the)f
(author)g(of)g(SA)-6 b(T)g(AN)33 b(and)h(many)g(other)g(security)h
(tools.)g(His)f(home)679 1544 y(site)f(has)g(some)h(inter)o(esting)g
(security)g(survey)f(information,)h(as)f(well)h(as)f(security)g(tools:)
679 1635 y
SDict begin H.S end
679 1635 a 679 1635 a
SDict begin 11 H.A end
679 1635 a 679 1635
a
SDict begin [ /View [/XYZ H.V] /Dest (1304) cvn H.B /DEST pdfmark end
679 1635 a Fl(http://www)-8 b(.tr)o(ouble.or)o(g)197
1658 y
SDict begin H.S end
197 1658 a 197 1658 a
SDict begin 11 H.A end
197 1658 a 197 1658 a
SDict begin [ /View [/XYZ H.V] /Dest (1305) cvn H.B /DEST pdfmark end
197
1658 a Black 596 1768 a Fg(\225)p Black 679 1768 a
SDict begin H.S end
679
1768 a 679 1768 a
SDict begin 11 H.A end
679 1768 a 679 1768 a
SDict begin [ /View [/XYZ H.V] /Dest (1306) cvn H.B /DEST pdfmark end
679 1768 a Fl(The)22
b(Linux)h(security)g(WWW)f(is)i(a)e(good)h(site)g(for)f(Linux)h
(security)g(information:)3334 1768 y
SDict begin H.S end
3334 1768 a 3334
1768 a
SDict begin 11 H.A end
3334 1768 a 3334 1768 a
SDict begin [ /View [/XYZ H.V] /Dest (1307) cvn H.B /DEST pdfmark end
3334 1768 a Fl(Linux)g(Se-)679
1859 y(curity)d(WWW)1165 1826 y Fe(112)197 1883 y
SDict begin H.S end
197
1883 a 197 1883 a
SDict begin 11 H.A end
197 1883 a 197 1883 a
SDict begin [ /View [/XYZ H.V] /Dest (1308) cvn H.B /DEST pdfmark end
197 1883 a Black
596 1992 a Fg(\225)p Black 679 1992 a
SDict begin H.S end
679 1992 a 679
1992 a
SDict begin 11 H.A end
679 1992 a 679 1992 a
SDict begin [ /View [/XYZ H.V] /Dest (1309) cvn H.B /DEST pdfmark end
679 1992 a Fl(In\002lsec)31
b(has)g(a)g(vulnerability)g(engine)g(that)g(can)g(tell)g(you)h(what)f
(vulnerabilities)g(af)o(fect)e(a)679 2083 y(speci\002c)20
b(platform:)1335 2083 y
SDict begin H.S end
1335 2083 a 1335 2083 a
SDict begin 11 H.A end
1335
2083 a 1335 2083 a
SDict begin [ /View [/XYZ H.V] /Dest (1310) cvn H.B /DEST pdfmark end
1335 2083 a Fl(http://www)-8 b
(.in\002lsec.com/vulnerabilities/)197 2107 y
SDict begin H.S end
197 2107
a 197 2107 a
SDict begin 11 H.A end
197 2107 a 197 2107 a
SDict begin [ /View [/XYZ H.V] /Dest (1311) cvn H.B /DEST pdfmark end
197 2107 a Black 596
2216 a Fg(\225)p Black 679 2216 a
SDict begin H.S end
679 2216 a 679 2216
a
SDict begin 11 H.A end
679 2216 a 679 2216 a
SDict begin [ /View [/XYZ H.V] /Dest (1312) cvn H.B /DEST pdfmark end
679 2216 a Fl(CIAC)102 b(sends)h(out)g
(periodic)g(security)g(bulletins)h(on)f(common)i(exploits:)679
2307 y
SDict begin H.S end
679 2307 a 679 2307 a
SDict begin 11 H.A end
679 2307 a 679 2307 a
SDict begin [ /View [/XYZ H.V] /Dest (1313) cvn H.B /DEST pdfmark end
679
2307 a Fl(http://ciac.llnl.gov/cgi-bin/index/bulletins)197
2331 y
SDict begin H.S end
197 2331 a 197 2331 a
SDict begin 11 H.A end
197 2331 a 197 2331 a
SDict begin [ /View [/XYZ H.V] /Dest (1314) cvn H.B /DEST pdfmark end
197
2331 a Black 596 2440 a Fg(\225)p Black 679 2440 a
SDict begin H.S end
679
2440 a 679 2440 a
SDict begin 11 H.A end
679 2440 a 679 2440 a
SDict begin [ /View [/XYZ H.V] /Dest (1315) cvn H.B /DEST pdfmark end
679 2440 a Fl(A)25
b(good)h(starting)g(point)g(for)f(Linux)h(Pluggable)f(Authentication)h
(modules)g(can)g(be)f(found)679 2532 y(at)768 2532 y
SDict begin H.S end
768 2532 a 768 2532 a
SDict begin 11 H.A end
768 2532 a 768 2532 a
SDict begin [ /View [/XYZ H.V] /Dest (1316) cvn H.B /DEST pdfmark end
768 2532
a Fl(http://www)-8 b(.kernel.or)o(g/pub/linux/libs/pam/.)197
2555 y
SDict begin H.S end
197 2555 a 197 2555 a
SDict begin 11 H.A end
197 2555 a 197 2555 a
SDict begin [ /View [/XYZ H.V] /Dest (1317) cvn H.B /DEST pdfmark end
197
2555 a Black 596 2664 a Fg(\225)p Black 679 2664 a
SDict begin H.S end
679
2664 a 679 2664 a
SDict begin 11 H.A end
679 2664 a 679 2664 a
SDict begin [ /View [/XYZ H.V] /Dest (1318) cvn H.B /DEST pdfmark end
679 2664 a Fl(The)22
b(Debian)g(pr)o(oject)g(has)g(a)g(web)g(page)g(for)g(their)g(security)g
(\002xes)h(and)e(information.)i(It)g(is)f(at)679 2756
y
SDict begin H.S end
679 2756 a 679 2756 a
SDict begin 11 H.A end
679 2756 a 679 2756 a
SDict begin [ /View [/XYZ H.V] /Dest (1319) cvn H.B /DEST pdfmark end
679 2756
a Fl(http://www)-8 b(.debian.com/security/.)197 2779
y
SDict begin H.S end
197 2779 a 197 2779 a
SDict begin 11 H.A end
197 2779 a 197 2779 a
SDict begin [ /View [/XYZ H.V] /Dest (1320) cvn H.B /DEST pdfmark end
197 2779
a Black 596 2889 a Fg(\225)p Black 679 2889 a
SDict begin H.S end
679 2889
a 679 2889 a
SDict begin 11 H.A end
679 2889 a 679 2889 a
SDict begin [ /View [/XYZ H.V] /Dest (1321) cvn H.B /DEST pdfmark end
679 2889 a Fl(WWW)27
b(Security)h(F)-6 b(AQ,)27 b(written)i(by)e(Lincoln)i(Stein,)f(is)g(a)f
(gr)o(eat)g(web)h(security)g(r)o(efer)o(ence.)679 2980
y(Find)21 b(it)g(at)1030 2980 y
SDict begin H.S end
1030 2980 a 1030 2980
a
SDict begin 11 H.A end
1030 2980 a 1030 2980 a
SDict begin [ /View [/XYZ H.V] /Dest (1322) cvn H.B /DEST pdfmark end
1030 2980 a Fl(http://www)-8
b(.w3.or)o(g/Security/Faq/www-security-faq.html)197 3154
y
SDict begin H.S end
197 3154 a 197 3154 a
SDict begin 11 H.A end
197 3154 a 197 3154 a
SDict begin [ /View [/XYZ H.V] /Dest (1323) cvn H.B /DEST pdfmark end
197 3154
a 596 3431 a Fi(Mailing)28 b(Lists)1204 3431 y
SDict begin H.S end
1204 3431
a 1204 3431 a
SDict begin 13.31 H.A end
1204 3431 a 1204 3431 a
SDict begin [ /View [/XYZ H.V] /Dest (1.11.62.2) cvn H.B /DEST pdfmark
end
1204 3431 a 197
3503 a
SDict begin H.S end
197 3503 a 197 3503 a
SDict begin 11 H.A end
197 3503 a 197 3503 a
SDict begin [ /View [/XYZ H.V] /Dest (1325) cvn H.B /DEST pdfmark end
197
3503 a 596 3572 a Fl(Bugtraq:)c(T)-8 b(o)26 b(subscribe)f(to)g
(bugtraq,)g(send)g(mail)h(to)f(listserv@netspace.or)o(g)f(containing)j
(the)596 3664 y(message)20 b(body)h(subscribe)g(bugtraq.)f(\(see)g
(links)i(above)e(for)h(ar)o(chives\).)197 3729 y
SDict begin H.S end
197
3729 a 197 3729 a
SDict begin 11 H.A end
197 3729 a 197 3729 a
SDict begin [ /View [/XYZ H.V] /Dest (1326) cvn H.B /DEST pdfmark end
197 3729 a 596
3797 a Fl(CIAC:)27 b(Send)h(e-mail)h(to)g(major)o(domo@tholia.llnl.gov)
-9 b(.)30 b(In)f(the)g(BODY)g(\(not)g(subject\))g(of)g(the)596
3888 y(message)20 b(put)h(\(either)f(or)h(both\):)g(subscribe)g
(ciac-bulletin)197 3953 y
SDict begin H.S end
197 3953 a 197 3953 a
SDict begin 11 H.A end
197 3953
a 197 3953 a
SDict begin [ /View [/XYZ H.V] /Dest (1327) cvn H.B /DEST pdfmark end
197 3953 a 596 4021 a Fl(Red)28 b(Hat)f(has)h(a)g(number)g
(of)g(mailing)h(lists,)f(the)h(most)g(important)f(of)g(which)h(is)f
(the)h(r)o(edhat-)596 4112 y(announce)19 b(list.)g(Y)-8
b(ou)19 b(can)g(r)o(ead)d(about)j(security)g(\(and)e(other\))i(\002xes)
g(as)f(soon)i(as)e(they)h(come)g(out.)596 4203 y(Send)26
b(email)i(to)g(r)o(edhat-announce-list-r)o(equest@r)o(edhat.com)d(with)
j(the)f(Subject)h(Subscribe)596 4295 y(See)739 4295 y
SDict begin H.S end
739 4295 a 739 4295 a
SDict begin 11 H.A end
739 4295 a 739 4295 a
SDict begin [ /View [/XYZ H.V] /Dest (1328) cvn H.B /DEST pdfmark end
739 4295
a Fl(https://listman.r)o(edhat.com/mailman/listinfo/)c(for)c(mor)o(e)h
(info)g(and)f(ar)o(chives.)197 4360 y
SDict begin H.S end
197 4360 a 197
4360 a
SDict begin 11 H.A end
197 4360 a 197 4360 a
SDict begin [ /View [/XYZ H.V] /Dest (1329) cvn H.B /DEST pdfmark end
197 4360 a 596 4427 a Fl(The)32
b(Debian)h(pr)o(oject)g(has)g(a)f(security)h(mailing)h(list)f(that)g
(covers)g(their)g(security)g(\002xes.)g(See)596 4519
y
SDict begin H.S end
596 4519 a 596 4519 a
SDict begin 11 H.A end
596 4519 a 596 4519 a
SDict begin [ /View [/XYZ H.V] /Dest (1330) cvn H.B /DEST pdfmark end
596 4519
a Fl(http://www)-8 b(.debian.com/security/)22 b(for)f(mor)o(e)f
(information.)197 4584 y
SDict begin H.S end
197 4584 a 197 4584 a
SDict begin 11 H.A end
197 4584
a 197 4584 a
SDict begin [ /View [/XYZ H.V] /Dest (1331) cvn H.B /DEST pdfmark end
197 4584 a 596 4837 a Fi(Books)27 b(-)i(Printed)g(Reading)
f(Material)2170 4837 y
SDict begin H.S end
2170 4837 a 2170 4837 a
SDict begin 13.31 H.A end
2170 4837
a 2170 4837 a
SDict begin [ /View [/XYZ H.V] /Dest (1.11.63.2) cvn H.B /DEST pdfmark
end
2170 4837 a 197 4909 a
SDict begin H.S end
197 4909 a 197 4909
a
SDict begin 11 H.A end
197 4909 a 197 4909 a
SDict begin [ /View [/XYZ H.V] /Dest (1333) cvn H.B /DEST pdfmark end
197 4909 a 596 4978 a Fl(Ther)o(e)18
b(ar)o(e)g(a)h(number)h(of)g(good)g(security)f(books)i(out)f(ther)o(e.)
e(This)i(section)h(lists)f(a)f(few)g(of)h(them.)596 5070
y(In)28 b(addition)g(to)h(the)g(security)f(speci\002c)g(books,)h
(security)g(is)f(cover)o(ed)f(in)i(a)f(number)g(of)h(other)596
5161 y(books)21 b(on)h(system)f(administration.)197 5226
y
SDict begin H.S end
197 5226 a 197 5226 a
SDict begin 11 H.A end
197 5226 a 197 5226 a
SDict begin [ /View [/XYZ H.V] /Dest (1334) cvn H.B /DEST pdfmark end
197 5226
a 197 5226 a
SDict begin H.S end
197 5226 a 197 5226 a
SDict begin 11 H.A end
197 5226 a 197 5226
a
SDict begin [ /View [/XYZ H.V] /Dest (1335) cvn H.B /DEST pdfmark end
197 5226 a 197 5267 a
SDict begin H.S end
197 5267 a 197 5267 a
SDict begin 11 H.A end
197 5267
a 197 5267 a
SDict begin [ /View [/XYZ H.V] /Dest (1336) cvn H.B /DEST pdfmark end
197 5267 a Black 318 x Fj(42)p Black eop
end
%%Page: 43 43
TeXDict begin 43 42 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.43) cvn H.B /DEST pdfmark
end
197 -102
a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black Black 596 89 a Fg(\225)p Black 679 89 a
SDict begin H.S end
679 89
a 679 89 a
SDict begin 11 H.A end
679 89 a 679 89 a
SDict begin [ /View [/XYZ H.V] /Dest (1337) cvn H.B /DEST pdfmark end
679 89 a Fl(Building)i(Internet)h(Fir)o
(ewalls)f(By)g(D.)g(Br)o(ent)g(Chapman)g(&)g(Elizabeth)f(D.)i(Zwicky)-9
b(,)24 b(1st)f(Edi-)679 180 y(tion)e(September)f(1995,)e(ISBN:)i
(1-56592-124-0)197 204 y
SDict begin H.S end
197 204 a 197 204 a
SDict begin 11 H.A end
197 204
a 197 204 a
SDict begin [ /View [/XYZ H.V] /Dest (1338) cvn H.B /DEST pdfmark end
197 204 a Black 596 313 a Fg(\225)p Black
679 313 a
SDict begin H.S end
679 313 a 679 313 a
SDict begin 11 H.A end
679 313 a 679 313 a
SDict begin [ /View [/XYZ H.V] /Dest (1339) cvn H.B /DEST pdfmark end
679
313 a Fl(Practical)e(UNIX)i(&)f(Internet)h(Security)-9
b(,)18 b(2nd)i(Edition)g(By)f(Simson)i(Gar\002nkel)f(&)f(Gene)h(Spaf-)
679 405 y(for)o(d,)f(2nd)h(Edition)i(April)e(1996,)f(ISBN:)g
(1-56592-148-8)197 428 y
SDict begin H.S end
197 428 a 197 428 a
SDict begin 11 H.A end
197 428
a 197 428 a
SDict begin [ /View [/XYZ H.V] /Dest (1340) cvn H.B /DEST pdfmark end
197 428 a Black 596 537 a Fg(\225)p Black
679 537 a
SDict begin H.S end
679 537 a 679 537 a
SDict begin 11 H.A end
679 537 a 679 537 a
SDict begin [ /View [/XYZ H.V] /Dest (1341) cvn H.B /DEST pdfmark end
679
537 a Fl(Computer)f(Security)g(Basics)g(By)g(Deborah)g(Russell)h(&)f
(G.T)-6 b(.)18 b(Gangemi,)h(Sr)-6 b(.,)17 b(1st)h(Edition)h(July)679
629 y(1991,)f(ISBN:)i(0-937175-71-4)197 643 y
SDict begin H.S end
197 643
a 197 643 a
SDict begin 11 H.A end
197 643 a 197 643 a
SDict begin [ /View [/XYZ H.V] /Dest (1342) cvn H.B /DEST pdfmark end
197 643 a Black 596 762
a Fg(\225)p Black 679 762 a
SDict begin H.S end
679 762 a 679 762 a
SDict begin 11 H.A end
679 762
a 679 762 a
SDict begin [ /View [/XYZ H.V] /Dest (1343) cvn H.B /DEST pdfmark end
679 762 a Fl(Linux)31 b(Network)h(Administrator)6
b('s)32 b(Guide)f(By)h(Olaf)f(Kir)o(ch,)g(1st)g(Edition)h(January)e
(1995,)679 853 y(ISBN:)19 b(1-56592-087-2)197 855 y
SDict begin H.S end
197
855 a 197 855 a
SDict begin 11 H.A end
197 855 a 197 855 a
SDict begin [ /View [/XYZ H.V] /Dest (1344) cvn H.B /DEST pdfmark end
197 855 a Black 596
986 a Fg(\225)p Black 679 986 a
SDict begin H.S end
679 986 a 679 986 a
SDict begin 11 H.A end
679
986 a 679 986 a
SDict begin [ /View [/XYZ H.V] /Dest (1345) cvn H.B /DEST pdfmark end
679 986 a Fl(PGP:)i(Pr)o(etty)g(Good)i(Privacy)e(By)g
(Simson)i(Gar\002nkel,)e(1st)h(Edition)g(December)f(1994,)e(ISBN:)679
1077 y(1-56592-098-8)197 1079 y
SDict begin H.S end
197 1079 a 197 1079 a
SDict begin 11 H.A end
197 1079 a 197 1079 a
SDict begin [ /View [/XYZ H.V] /Dest (1346) cvn H.B /DEST pdfmark end
197 1079 a Black 596 1210 a Fg(\225)p
Black 679 1210 a
SDict begin H.S end
679 1210 a 679 1210 a
SDict begin 11 H.A end
679 1210 a 679
1210 a
SDict begin [ /View [/XYZ H.V] /Dest (1347) cvn H.B /DEST pdfmark end
679 1210 a Fl(Computer)43 b(Crime)h(A)f(Crime\002ghter)6
b('s)45 b(Handbook)f(By)f(David)h(Icove,)f(Karl)h(Seger)e(&)679
1301 y(W)-5 b(illiam)33 b(V)-9 b(onStor)o(ch)33 b(\(Consulting)h
(Editor)f(Eugene)g(H.)f(Spaf)o(for)o(d\),)e(1st)i(Edition)i(August)679
1393 y(1995,)18 b(ISBN:)i(1-56592-086-4)197 1407 y
SDict begin H.S end
197
1407 a 197 1407 a
SDict begin 11 H.A end
197 1407 a 197 1407 a
SDict begin [ /View [/XYZ H.V] /Dest (1348) cvn H.B /DEST pdfmark end
197 1407 a Black
596 1525 a Fg(\225)p Black 679 1525 a
SDict begin H.S end
679 1525 a 679
1525 a
SDict begin 11 H.A end
679 1525 a 679 1525 a
SDict begin [ /View [/XYZ H.V] /Dest (1349) cvn H.B /DEST pdfmark end
679 1525 a Fl(Linux)g(Security)h(By)f
(John)i(S.)e(Flowers,)h(New)g(Riders;)f(ISBN:)g(0735700354,)c(Mar)o(ch)
j(1999)197 1549 y
SDict begin H.S end
197 1549 a 197 1549 a
SDict begin 11 H.A end
197 1549 a 197
1549 a
SDict begin [ /View [/XYZ H.V] /Dest (1350) cvn H.B /DEST pdfmark end
197 1549 a Black 596 1658 a Fg(\225)p Black 679
1658 a
SDict begin H.S end
679 1658 a 679 1658 a
SDict begin 11 H.A end
679 1658 a 679 1658 a
SDict begin [ /View [/XYZ H.V] /Dest (1351) cvn H.B /DEST pdfmark end
679
1658 a Fl(Maximum)h(Linux)g(Security)g(:)g(A)g(Hacker)6
b('s)20 b(Guide)g(to)h(Pr)o(otecting)g(Y)-8 b(our)21
b(Linux)f(Server)f(and)679 1750 y(Network,)h(Anonymous,)j(Paperback)c
(-)h(829)g(pages,)g(Sams;)g(ISBN:)f(0672313413,)d(July)21
b(1999)197 1773 y
SDict begin H.S end
197 1773 a 197 1773 a
SDict begin 11 H.A end
197 1773 a 197
1773 a
SDict begin [ /View [/XYZ H.V] /Dest (1352) cvn H.B /DEST pdfmark end
197 1773 a Black 596 1882 a Fg(\225)p Black 679
1882 a
SDict begin H.S end
679 1882 a 679 1882 a
SDict begin 11 H.A end
679 1882 a 679 1882 a
SDict begin [ /View [/XYZ H.V] /Dest (1353) cvn H.B /DEST pdfmark end
679
1882 a Fl(Intr)o(usion)28 b(Detection)f(By)g(T)-8 b(erry)26
b(Escamilla,)g(Paperback)f(-)i(416)e(pages)h(\(September)f(1998\),)679
1974 y(John)c(W)-5 b(iley)21 b(and)g(Sons;)g(ISBN:)e(0471290009)197
1997 y
SDict begin H.S end
197 1997 a 197 1997 a
SDict begin 11 H.A end
197 1997 a 197 1997 a
SDict begin [ /View [/XYZ H.V] /Dest (1354) cvn H.B /DEST pdfmark end
197
1997 a Black 596 2107 a Fg(\225)p Black 679 2107 a
SDict begin H.S end
679
2107 a 679 2107 a
SDict begin 11 H.A end
679 2107 a 679 2107 a
SDict begin [ /View [/XYZ H.V] /Dest (1355) cvn H.B /DEST pdfmark end
679 2107 a Fl(Fighting)k
(Computer)f(Crime,)g(Donn)h(Parker)-6 b(,)21 b(Paperback)g(-)h(526)e
(pages)i(\(September)e(1998\),)679 2198 y(John)h(W)-5
b(iley)21 b(and)g(Sons;)g(ISBN:)e(0471163783)197 2455
y
SDict begin H.S end
197 2455 a 197 2455 a
SDict begin 11 H.A end
197 2455 a 197 2455 a
SDict begin [ /View [/XYZ H.V] /Dest (1356) cvn H.B /DEST pdfmark end
197 2455
a 288 x Fn(Glossar)q(y)670 2743 y
SDict begin H.S end
670 2743 a 670 2743
a
SDict begin 14.641 H.A end
670 2743 a 670 2743 a
SDict begin [ /View [/XYZ H.V] /Dest (1.12.1) cvn H.B /DEST pdfmark
end
670 2743 a 197 2821 a
SDict begin H.S end
197 2821
a 197 2821 a
SDict begin 11 H.A end
197 2821 a 197 2821 a
SDict begin [ /View [/XYZ H.V] /Dest (1358) cvn H.B /DEST pdfmark end
197 2821 a 596 2889
a Fl(Included)24 b(below)h(ar)o(e)f(several)g(of)g(the)h(most)h(fr)o
(equently)f(used)f(terms)h(in)g(computer)g(security)-9
b(.)596 2981 y(A)22 b(compr)o(ehensive)i(dictionary)f(of)g(computer)g
(security)h(terms)f(is)h(available)e(in)h(the)3357 2981
y
SDict begin H.S end
3357 2981 a 3357 2981 a
SDict begin 11 H.A end
3357 2981 a 3357 2981 a
SDict begin [ /View [/XYZ H.V] /Dest (1359) cvn H.B /DEST pdfmark end
3357
2981 a Fl(LinuxSe-)596 3072 y(curity)-9 b(.com)20 b(Dictionary)1390
3039 y Fe(120)197 3137 y
SDict begin H.S end
197 3137 a 197 3137 a
SDict begin 11 H.A end
197 3137
a 197 3137 a
SDict begin [ /View [/XYZ H.V] /Dest (1360) cvn H.B /DEST pdfmark end
197 3137 a 197 3137 a
SDict begin H.S end
197 3137 a 197 3137
a
SDict begin 11 H.A end
197 3137 a 197 3137 a
SDict begin [ /View [/XYZ H.V] /Dest (1361) cvn H.B /DEST pdfmark end
197 3137 a 197 3178 a
SDict begin H.S end
197 3178
a 197 3178 a
SDict begin 11 H.A end
197 3178 a 197 3178 a
SDict begin [ /View [/XYZ H.V] /Dest (1362) cvn H.B /DEST pdfmark end
197 3178 a Black 596
3329 a Fg(\225)p Black 679 3329 a
SDict begin H.S end
679 3329 a 679 3329
a
SDict begin 11 H.A end
679 3329 a 679 3329 a
SDict begin [ /View [/XYZ H.V] /Dest (1363) cvn H.B /DEST pdfmark end
679 3329 a 679 3329 a
SDict begin H.S end
679 3329
a 679 3329 a
SDict begin 11 H.A end
679 3329 a 679 3329 a
SDict begin [ /View [/XYZ H.V] /Dest (1364) cvn H.B /DEST pdfmark end
679 3329 a Fj(authentication:)15
b Fl(The)i(pr)o(ocess)g(of)g(knowing)i(that)e(the)g(data)f(r)o(eceived)
f(is)j(the)f(same)g(as)g(the)g(data)679 3421 y(that)j(was)h(sent,)g
(and)f(that)h(the)g(claimed)f(sender)g(is)h(in)h(fact)e(the)g(actual)g
(sender)-6 b(.)197 3435 y
SDict begin H.S end
197 3435 a 197 3435 a
SDict begin 11 H.A end
197 3435
a 197 3435 a
SDict begin [ /View [/XYZ H.V] /Dest (1365) cvn H.B /DEST pdfmark end
197 3435 a Black 596 3554 a Fg(\225)p Black
679 3554 a
SDict begin H.S end
679 3554 a 679 3554 a
SDict begin 11 H.A end
679 3554 a 679 3554
a
SDict begin [ /View [/XYZ H.V] /Dest (1366) cvn H.B /DEST pdfmark end
679 3554 a 679 3554 a
SDict begin H.S end
679 3554 a 679 3554 a
SDict begin 11 H.A end
679 3554
a 679 3554 a
SDict begin [ /View [/XYZ H.V] /Dest (1367) cvn H.B /DEST pdfmark end
679 3554 a Fj(bastion)23 b(Host:)f Fl(A)h(computer)g
(system)h(that)g(must)f(be)g(highly)i(secur)o(ed)d(because)g(it)h(is)h
(vulner)o(-)679 3645 y(able)f(to)i(attack,)f(usually)g(because)g(it)h
(is)f(exposed)g(to)h(the)g(Internet)f(and)g(is)h(a)f(main)h(point)g(of)
679 3736 y(contact)30 b(for)h(users)g(of)f(internal)h(networks.)g(It)g
(gets)g(its)g(name)g(fr)o(om)f(the)h(highly)h(forti\002ed)679
3828 y(pr)o(ojects)25 b(on)h(the)g(outer)f(walls)h(of)f(medieval)g
(castles.)g(Bastions)h(overlook)g(critical)f(ar)o(eas)f(of)679
3919 y(defense,)31 b(usually)h(having)h(str)o(ong)f(walls,)g(r)o(oom)h
(for)f(extra)f(tr)o(oops,)h(and)f(the)i(occasional)679
4010 y(useful)20 b(tub)h(of)g(boiling)h(hot)f(oil)h(for)e(discouraging)
h(attackers.)197 4034 y
SDict begin H.S end
197 4034 a 197 4034 a
SDict begin 11 H.A end
197 4034
a 197 4034 a
SDict begin [ /View [/XYZ H.V] /Dest (1368) cvn H.B /DEST pdfmark end
197 4034 a Black 596 4143 a Fg(\225)p Black
679 4143 a
SDict begin H.S end
679 4143 a 679 4143 a
SDict begin 11 H.A end
679 4143 a 679 4143
a
SDict begin [ /View [/XYZ H.V] /Dest (1369) cvn H.B /DEST pdfmark end
679 4143 a 679 4143 a
SDict begin H.S end
679 4143 a 679 4143 a
SDict begin 11 H.A end
679 4143
a 679 4143 a
SDict begin [ /View [/XYZ H.V] /Dest (1370) cvn H.B /DEST pdfmark end
679 4143 a Fj(buffer)g(over\003ow:)e Fl(Common)i(coding)g
(style)f(is)g(to)g(never)f(allocate)g(lar)o(ge)g(enough)h(buf)o(fers,)e
(and)679 4234 y(to)30 b(not)h(check)f(for)g(over\003ows.)h(When)g(such)
f(buf)o(fers)f(over\003ow)-8 b(,)31 b(the)f(executing)h(pr)o(ogram)679
4326 y(\(daemon)e(or)g(set-uid)g(pr)o(ogram\))g(can)g(be)g(tricked)g
(in)h(doing)g(some)h(other)e(things.)i(Gener)o(-)679
4417 y(ally)22 b(this)i(works)g(by)f(overwriting)g(a)g(function's)h(r)o
(eturn)e(addr)o(ess)f(on)j(the)f(stack)g(to)g(point)h(to)679
4508 y(another)c(location.)197 4510 y
SDict begin H.S end
197 4510 a 197
4510 a
SDict begin 11 H.A end
197 4510 a 197 4510 a
SDict begin [ /View [/XYZ H.V] /Dest (1371) cvn H.B /DEST pdfmark end
197 4510 a Black 596 4641
a Fg(\225)p Black 679 4641 a
SDict begin H.S end
679 4641 a 679 4641 a
SDict begin 11 H.A end
679
4641 a 679 4641 a
SDict begin [ /View [/XYZ H.V] /Dest (1372) cvn H.B /DEST pdfmark end
679 4641 a 679 4641 a
SDict begin H.S end
679 4641 a 679
4641 a
SDict begin 11 H.A end
679 4641 a 679 4641 a
SDict begin [ /View [/XYZ H.V] /Dest (1373) cvn H.B /DEST pdfmark end
679 4641 a Fj(denial)e(of)g(service:)g
Fl(An)g(attack)f(that)h(consumes)h(the)g(r)o(esour)o(ces)e(on)h(your)h
(computer)f(for)g(things)679 4732 y(it)25 b(was)h(not)g(intended)f(to)h
(be)g(doing,)g(thus)g(pr)o(eventing)f(normal)h(use)g(of)f(your)h
(network)g(r)o(e-)679 4824 y(sour)o(ces)20 b(for)h(legitimate)f
(purposes.)197 4847 y
SDict begin H.S end
197 4847 a 197 4847 a
SDict begin 11 H.A end
197 4847
a 197 4847 a
SDict begin [ /View [/XYZ H.V] /Dest (1374) cvn H.B /DEST pdfmark end
197 4847 a Black 596 4957 a Fg(\225)p Black
679 4957 a
SDict begin H.S end
679 4957 a 679 4957 a
SDict begin 11 H.A end
679 4957 a 679 4957
a
SDict begin [ /View [/XYZ H.V] /Dest (1375) cvn H.B /DEST pdfmark end
679 4957 a 679 4957 a
SDict begin H.S end
679 4957 a 679 4957 a
SDict begin 11 H.A end
679 4957
a 679 4957 a
SDict begin [ /View [/XYZ H.V] /Dest (1376) cvn H.B /DEST pdfmark end
679 4957 a Fj(dual-homed)15 b(Host:)i Fl(A)h
(general-purpose)f(computer)h(system)g(that)g(has)g(at)f(least)h(two)g
(network)679 5048 y(interfaces.)197 5050 y
SDict begin H.S end
197 5050 a
197 5050 a
SDict begin 11 H.A end
197 5050 a 197 5050 a
SDict begin [ /View [/XYZ H.V] /Dest (1377) cvn H.B /DEST pdfmark end
197 5050 a Black 596
5181 a Fg(\225)p Black 679 5181 a
SDict begin H.S end
679 5181 a 679 5181
a
SDict begin 11 H.A end
679 5181 a 679 5181 a
SDict begin [ /View [/XYZ H.V] /Dest (1378) cvn H.B /DEST pdfmark end
679 5181 a 679 5181 a
SDict begin H.S end
679 5181
a 679 5181 a
SDict begin 11 H.A end
679 5181 a 679 5181 a
SDict begin [ /View [/XYZ H.V] /Dest (1379) cvn H.B /DEST pdfmark end
679 5181 a Fj(\002r)o(ewall:)d
Fl(A)h(component)i(or)e(set)h(of)f(components)i(that)e(r)o(estricts)g
(access)f(between)h(a)g(pr)o(otected)679 5272 y(network)21
b(and)f(the)h(Internet,)g(or)g(between)f(other)h(sets)g(of)g(networks.)
197 5286 y
SDict begin H.S end
197 5286 a 197 5286 a
SDict begin 11 H.A end
197 5286 a 197 5286
a
SDict begin [ /View [/XYZ H.V] /Dest (1380) cvn H.B /DEST pdfmark end
197 5286 a Black 596 5405 a Fg(\225)p Black 679 5405
a
SDict begin H.S end
679 5405 a 679 5405 a
SDict begin 11 H.A end
679 5405 a 679 5405 a
SDict begin [ /View [/XYZ H.V] /Dest (1381) cvn H.B /DEST pdfmark end
679 5405
a 679 5405 a
SDict begin H.S end
679 5405 a 679 5405 a
SDict begin 11 H.A end
679 5405 a 679 5405
a
SDict begin [ /View [/XYZ H.V] /Dest (1382) cvn H.B /DEST pdfmark end
679 5405 a Fj(host:)e Fl(A)i(computer)g(system)g(attached)f(to)h(a)f
(network.)197 5428 y
SDict begin H.S end
197 5428 a 197 5428 a
SDict begin 11 H.A end
197 5428 a
197 5428 a
SDict begin [ /View [/XYZ H.V] /Dest (1383) cvn H.B /DEST pdfmark end
197 5428 a Black 3601 5585 a Fj(43)p Black
eop end
%%Page: 44 44
TeXDict begin 44 43 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.44) cvn H.B /DEST pdfmark
end
197 -102
a Black 197 -201 a
SDict begin H.S end
197 -201 a 197 -201 a
SDict begin 11 H.A end
197 -201 a 197
-201 a
SDict begin [ /View [/XYZ H.V] /Dest (1422) cvn H.B /DEST pdfmark end
197 -201 a 69 x Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black Black 596 89 a Fg(\225)p Black 679 89 a
SDict begin H.S end
679 89
a 679 89 a
SDict begin 11 H.A end
679 89 a 679 89 a
SDict begin [ /View [/XYZ H.V] /Dest (1384) cvn H.B /DEST pdfmark end
679 89 a 679 89 a
SDict begin H.S end
679 89
a 679 89 a
SDict begin 11 H.A end
679 89 a 679 89 a
SDict begin [ /View [/XYZ H.V] /Dest (1385) cvn H.B /DEST pdfmark end
679 89 a Fj(IP)29 b(spoo\002ng:)f
Fl(IP)i(Spoo\002ng)h(is)f(a)g(complex)g(technical)g(attack)f(that)h(is)
g(made)f(up)h(of)g(several)679 180 y(components.)i(It)f(is)h(a)f
(security)h(exploit)f(that)g(works)i(by)e(tricking)h(computers)g(in)g
(a)e(tr)o(ust)679 272 y(r)o(elationship)23 b(into)h(thinking)g(that)g
(you)f(ar)o(e)f(someone)i(that)f(you)h(r)o(eally)e(ar)o(en't.)g(Ther)o
(e)g(is)h(an)679 363 y(extensive)16 b(paper)g(written)i(by)f(daemon9,)f
(r)o(oute,)g(and)h(in\002nity)h(in)g(the)f(V)-9 b(olume)18
b(Seven,)e(Issue)679 454 y(Forty-Eight)21 b(issue)g(of)g(Phrack)f
(Magazine.)197 478 y
SDict begin H.S end
197 478 a 197 478 a
SDict begin 11 H.A end
197 478 a 197
478 a
SDict begin [ /View [/XYZ H.V] /Dest (1386) cvn H.B /DEST pdfmark end
197 478 a Black 596 587 a Fg(\225)p Black 679 587
a
SDict begin H.S end
679 587 a 679 587 a
SDict begin 11 H.A end
679 587 a 679 587 a
SDict begin [ /View [/XYZ H.V] /Dest (1387) cvn H.B /DEST pdfmark end
679 587 a 679
587 a
SDict begin H.S end
679 587 a 679 587 a
SDict begin 11 H.A end
679 587 a 679 587 a
SDict begin [ /View [/XYZ H.V] /Dest (1388) cvn H.B /DEST pdfmark end
679 587
a Fj(non-r)o(epudiation:)25 b Fl(The)j(pr)o(operty)e(of)h(a)g(r)o
(eceiver)f(being)i(able)e(to)i(pr)o(ove)e(that)i(the)f(sender)g(of)679
679 y(some)c(data)e(did)h(in)i(fact)d(send)i(the)g(data)e(even)i
(though)h(the)e(sender)h(might)g(later)f(deny)h(ever)679
770 y(having)e(sent)g(it.)197 793 y
SDict begin H.S end
197 793 a 197 793
a
SDict begin 11 H.A end
197 793 a 197 793 a
SDict begin [ /View [/XYZ H.V] /Dest (1389) cvn H.B /DEST pdfmark end
197 793 a Black 596 903 a Fg(\225)p
Black 679 903 a
SDict begin H.S end
679 903 a 679 903 a
SDict begin 11 H.A end
679 903 a 679 903
a
SDict begin [ /View [/XYZ H.V] /Dest (1390) cvn H.B /DEST pdfmark end
679 903 a 679 903 a
SDict begin H.S end
679 903 a 679 903 a
SDict begin 11 H.A end
679 903 a 679
903 a
SDict begin [ /View [/XYZ H.V] /Dest (1391) cvn H.B /DEST pdfmark end
679 903 a Fj(packet:)e Fl(The)i(fundamental)f(unit)h(of)g
(communication)h(on)g(the)f(Internet.)197 926 y
SDict begin H.S end
197 926
a 197 926 a
SDict begin 11 H.A end
197 926 a 197 926 a
SDict begin [ /View [/XYZ H.V] /Dest (1392) cvn H.B /DEST pdfmark end
197 926 a Black 596 1036
a Fg(\225)p Black 679 1036 a
SDict begin H.S end
679 1036 a 679 1036 a
SDict begin 11 H.A end
679
1036 a 679 1036 a
SDict begin [ /View [/XYZ H.V] /Dest (1393) cvn H.B /DEST pdfmark end
679 1036 a 679 1036 a
SDict begin H.S end
679 1036 a 679
1036 a
SDict begin 11 H.A end
679 1036 a 679 1036 a
SDict begin [ /View [/XYZ H.V] /Dest (1394) cvn H.B /DEST pdfmark end
679 1036 a Fj(packet)k(\002ltering:)h
Fl(The)h(action)g(a)f(device)g(takes)g(to)h(selectively)g(contr)o(ol)g
(the)g(\003ow)g(of)g(data)f(to)679 1127 y(and)h(fr)o(om)h(a)g(network.)
g(Packet)g(\002lters)g(allow)h(or)f(block)h(packets,)e(usually)i(while)
g(r)o(outing)679 1218 y(them)19 b(fr)o(om)g(one)h(network)g(to)g
(another)f(\(most)h(often)f(fr)o(om)g(the)h(Internet)f(to)h(an)f
(internal)g(net-)679 1310 y(work,)h(and)g(vice-versa\).)e(T)-8
b(o)21 b(accomplish)g(packet)e(\002ltering,)i(you)g(set)f(up)g(r)o
(ules)h(that)f(specify)679 1401 y(what)26 b(types)h(of)f(packets)g
(\(those)h(to)g(or)g(fr)o(om)f(a)g(particular)f(IP)i(addr)o(ess)d(or)j
(port\))f(ar)o(e)f(to)i(be)679 1492 y(allowed)20 b(and)g(what)h(types)g
(ar)o(e)f(to)h(be)f(blocked.)197 1516 y
SDict begin H.S end
197 1516 a 197
1516 a
SDict begin 11 H.A end
197 1516 a 197 1516 a
SDict begin [ /View [/XYZ H.V] /Dest (1395) cvn H.B /DEST pdfmark end
197 1516 a Black 596 1625
a Fg(\225)p Black 679 1625 a
SDict begin H.S end
679 1625 a 679 1625 a
SDict begin 11 H.A end
679
1625 a 679 1625 a
SDict begin [ /View [/XYZ H.V] /Dest (1396) cvn H.B /DEST pdfmark end
679 1625 a 679 1625 a
SDict begin H.S end
679 1625 a 679
1625 a
SDict begin 11 H.A end
679 1625 a 679 1625 a
SDict begin [ /View [/XYZ H.V] /Dest (1397) cvn H.B /DEST pdfmark end
679 1625 a Fj(perimeter)j(network:)g
Fl(A)f(network)i(added)d(between)i(a)g(pr)o(otected)f(network)h(and)g
(an)g(external)679 1716 y(network,)g(in)h(or)o(der)f(to)h(pr)o(ovide)e
(an)i(additional)f(layer)g(of)g(security)-9 b(.)23 b(A)g(perimeter)g
(network)679 1808 y(is)e(sometimes)h(called)d(a)i(DMZ.)197
1810 y
SDict begin H.S end
197 1810 a 197 1810 a
SDict begin 11 H.A end
197 1810 a 197 1810 a
SDict begin [ /View [/XYZ H.V] /Dest (1398) cvn H.B /DEST pdfmark end
197
1810 a Black 596 1940 a Fg(\225)p Black 679 1940 a
SDict begin H.S end
679
1940 a 679 1940 a
SDict begin 11 H.A end
679 1940 a 679 1940 a
SDict begin [ /View [/XYZ H.V] /Dest (1399) cvn H.B /DEST pdfmark end
679 1940 a 679
1940 a
SDict begin H.S end
679 1940 a 679 1940 a
SDict begin 11 H.A end
679 1940 a 679 1940 a
SDict begin [ /View [/XYZ H.V] /Dest (1400) cvn H.B /DEST pdfmark end
679
1940 a Fj(pr)o(oxy)14 b(server:)i Fl(A)f(pr)o(ogram)h(that)f(deals)h
(with)g(external)f(servers)g(on)i(behalf)e(of)h(internal)g(clients.)679
2032 y(Pr)o(oxy)30 b(clients)h(talk)f(to)h(pr)o(oxy)f(servers,)f(which)
i(r)o(elay)f(appr)o(oved)e(client)j(r)o(equests)f(to)h(r)o(eal)679
2123 y(servers,)19 b(and)i(r)o(elay)e(answers)i(back)f(to)i(clients.)
197 2147 y
SDict begin H.S end
197 2147 a 197 2147 a
SDict begin 11 H.A end
197 2147 a 197 2147
a
SDict begin [ /View [/XYZ H.V] /Dest (1401) cvn H.B /DEST pdfmark end
197 2147 a Black 596 2256 a Fg(\225)p Black 679 2256
a
SDict begin H.S end
679 2256 a 679 2256 a
SDict begin 11 H.A end
679 2256 a 679 2256 a
SDict begin [ /View [/XYZ H.V] /Dest (1402) cvn H.B /DEST pdfmark end
679 2256
a 679 2256 a
SDict begin H.S end
679 2256 a 679 2256 a
SDict begin 11 H.A end
679 2256 a 679 2256
a
SDict begin [ /View [/XYZ H.V] /Dest (1403) cvn H.B /DEST pdfmark end
679 2256 a Fj(superuser:)g Fl(An)e(informal)h(name)g(for)1869
2256 y
SDict begin H.S end
1869 2256 a 1869 2256 a
SDict begin 11 H.A end
1869 2256 a 1869 2256
a
SDict begin [ /View [/XYZ H.V] /Dest (1404) cvn H.B /DEST pdfmark end
1869 2256 a Fh(root)p Fl(.)197 2430 y
SDict begin H.S end
197 2430 a 197
2430 a
SDict begin 11 H.A end
197 2430 a 197 2430 a
SDict begin [ /View [/XYZ H.V] /Dest (q-and-a) cvn H.B /DEST pdfmark
end
197 2430 a 288 x Fn(Frequentl)n(y)30
b(Asked)h(Questions)1694 2718 y
SDict begin H.S end
1694 2718 a 1694 2718
a
SDict begin 14.641 H.A end
1694 2718 a 1694 2718 a
SDict begin [ /View [/XYZ H.V] /Dest (1.13.1) cvn H.B /DEST pdfmark
end
1694 2718 a 197 2796 a
SDict begin H.S end
197
2796 a 197 2796 a
SDict begin 11 H.A end
197 2796 a 197 2796 a
SDict begin [ /View [/XYZ H.V] /Dest (1407) cvn H.B /DEST pdfmark end
197 2796 a 197
2796 a
SDict begin H.S end
197 2796 a 197 2796 a
SDict begin 11 H.A end
197 2796 a 197 2796 a
SDict begin [ /View [/XYZ H.V] /Dest (1408) cvn H.B /DEST pdfmark end
197
2796 a 197 2851 a
SDict begin H.S end
197 2851 a 197 2851 a
SDict begin 11 H.A end
197 2851 a 197
2851 a
SDict begin [ /View [/XYZ H.V] /Dest (1409) cvn H.B /DEST pdfmark end
197 2851 a Black 745 3030 a Fl(1.)p Black 828
3030 a
SDict begin H.S end
828 3030 a 828 3030 a
SDict begin 11 H.A end
828 3030 a 828 3030 a
SDict begin [ /View [/XYZ H.V] /Dest (1410) cvn H.B /DEST pdfmark end
828
3030 a Fl(Is)24 b(it)f(mor)o(e)g(secur)o(e)g(to)g(compile)h(driver)f
(support)g(dir)o(ectly)g(into)h(the)g(kernel,)f(instead)g(of)828
3122 y(making)e(it)g(a)g(module?)197 3186 y
SDict begin H.S end
197 3186
a 197 3186 a
SDict begin 11 H.A end
197 3186 a 197 3186 a
SDict begin [ /View [/XYZ H.V] /Dest (1411) cvn H.B /DEST pdfmark end
197 3186 a 828 3254
a Fl(Answer:)32 b(Some)h(people)f(think)i(it)e(is)h(better)f(to)h
(disable)f(the)h(ability)g(to)f(load)h(device)828 3346
y(drivers)26 b(using)i(modules,)f(because)g(an)f(intr)o(uder)h(could)g
(load)g(a)g(T)-7 b(r)o(ojan)26 b(module)h(or)g(a)828
3437 y(module)21 b(that)g(could)g(af)o(fect)d(system)k(security)-9
b(.)197 3502 y
SDict begin H.S end
197 3502 a 197 3502 a
SDict begin 11 H.A end
197 3502 a 197 3502
a
SDict begin [ /View [/XYZ H.V] /Dest (1412) cvn H.B /DEST pdfmark end
197 3502 a 828 3570 a Fl(However)j(,)21 b(in)i(or)o(der)d(to)j(load)e
(modules,)h(you)h(must)f(be)g(r)o(oot.)f(The)h(module)g(object)h
(\002les)828 3661 y(ar)o(e)18 b(also)i(only)h(writable)f(by)f(r)o(oot.)
h(This)g(means)g(the)g(intr)o(uder)g(would)g(need)g(r)o(oot)g(access)
828 3753 y(to)32 b(insert)g(a)g(module.)f(If)h(the)g(intr)o(uder)g
(gains)g(r)o(oot)g(access,)f(ther)o(e)g(ar)o(e)f(mor)o(e)h(serious)828
3844 y(things)22 b(to)f(worry)g(about)g(than)g(whether)g(he)g(will)g
(load)g(a)f(module.)197 3909 y
SDict begin H.S end
197 3909 a 197 3909 a
SDict begin 11 H.A end
197 3909 a 197 3909 a
SDict begin [ /View [/XYZ H.V] /Dest (1413) cvn H.B /DEST pdfmark end
197 3909 a 828 3977 a Fl(Modules)h(ar)o(e)f(for)h
(dynamically)h(loading)f(support)h(for)f(a)g(particular)f(device)h
(that)g(may)828 4068 y(be)e(infr)o(equently)g(used.)g(On)h(server)e
(machines,)i(or)f(\002r)o(ewalls)g(for)g(instance,)g(this)h(is)f(very)
828 4159 y(unlikely)h(to)g(happen.)f(For)h(this)g(r)o(eason,)f(it)g
(would)h(make)g(mor)o(e)f(sense)g(to)h(compile)g(sup-)828
4251 y(port)k(dir)o(ectly)f(into)i(the)f(kernel)f(for)h(machines)g
(acting)g(as)g(a)f(server)-6 b(.)23 b(Modules)g(ar)o(e)g(also)828
4342 y(slower)e(than)g(support)g(compiled)g(dir)o(ectly)f(in)h(the)g
(kernel.)637 4475 y
SDict begin H.S end
637 4475 a 637 4475 a
SDict begin 11 H.A end
637 4475 a
637 4475 a
SDict begin [ /View [/XYZ H.V] /Dest (1414) cvn H.B /DEST pdfmark end
637 4475 a Black 745 4608 a Fl(2.)p Black
828 4608 a
SDict begin H.S end
828 4608 a 828 4608 a
SDict begin 11 H.A end
828 4608 a 828 4608
a
SDict begin [ /View [/XYZ H.V] /Dest (1415) cvn H.B /DEST pdfmark end
828 4608 a Fl(Why)g(does)g(logging)h(in)f(as)g(r)o(oot)g(fr)o(om)f(a)
g(r)o(emote)h(machine)g(always)f(fail?)197 4673 y
SDict begin H.S end
197
4673 a 197 4673 a
SDict begin 11 H.A end
197 4673 a 197 4673 a
SDict begin [ /View [/XYZ H.V] /Dest (1416) cvn H.B /DEST pdfmark end
197 4673 a 828
4740 a Fl(Answer:)j(See)p 0 TeXcolorgray 1309 4740 a
SDict begin H.S end
1309 4740 a Fl(the)e(Section)g(called)f Fj(Root)g(Security)2429
4740 y
SDict begin 11 H.L end
2429 4740 a 2429 4740 a
SDict begin [ /Subtype /Link /Dest (root-security) cvn /H /I /Border
[0 0 0] /Color [1 0 0] H.B /ANN pdfmark end
2429 4740 a Black Fl(.)k(This)g(is)g
(done)g(intentionally)h(to)f(pr)o(e-)828 4832 y(vent)g(r)o(emote)g
(users)g(fr)o(om)g(attempting)g(to)h(connect)g(via)2682
4832 y
SDict begin H.S end
2682 4832 a 2682 4832 a
SDict begin 11 H.A end
2682 4832 a 2682 4832
a
SDict begin [ /View [/XYZ H.V] /Dest (1418) cvn H.B /DEST pdfmark end
2682 4832 a Fh(telnet)f Fl(to)g(your)h(machine)f(as)828
4923 y
SDict begin H.S end
828 4923 a 828 4923 a
SDict begin 11 H.A end
828 4923 a 828 4923 a
SDict begin [ /View [/XYZ H.V] /Dest (1419) cvn H.B /DEST pdfmark end
828
4923 a Fh(root)p Fl(,)18 b(which)i(is)g(a)f(serious)h(security)f
(vulnerability)-9 b(,)19 b(because)f(then)i(the)f(r)o(oot)h(passwor)o
(d)828 5014 y(would)i(be)f(transmitted,)g(in)h(clear)e(text,)h(acr)o
(oss)g(the)g(network.)h(Don't)g(for)o(get:)f(potential)828
5106 y(intr)o(uders)31 b(have)f(time)h(on)g(their)g(side,)f(and)g(can)g
(r)o(un)i(automated)e(pr)o(ograms)g(to)h(\002nd)828 5197
y(your)20 b(passwor)o(d.)e(Additionally)-9 b(,)20 b(this)g(is)g(done)f
(to)h(keep)f(a)g(clear)g(r)o(ecor)o(d)f(of)h(who)i(logged)828
5288 y(in,)g(not)g(just)h(r)o(oot.)637 5421 y
SDict begin H.S end
637 5421
a 637 5421 a
SDict begin 11 H.A end
637 5421 a 637 5421 a
SDict begin [ /View [/XYZ H.V] /Dest (1420) cvn H.B /DEST pdfmark end
637 5421 a Black 197
5585 a Fj(44)p Black eop end
%%Page: 45 45
TeXDict begin 45 44 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.45) cvn H.B /DEST pdfmark
end
197 -102
a Black 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black Black 745 89 a Fl(3.)p Black 828 89 a
SDict begin H.S end
828 89 a
828 89 a
SDict begin 11 H.A end
828 89 a 828 89 a
SDict begin [ /View [/XYZ H.V] /Dest (1421) cvn H.B /DEST pdfmark end
828 89 a Fl(How)g(do)g(I)g(enable)f(shadow)h
(passwor)o(ds)g(on)g(my)g(Linux)g(box?)828 222 y(Answer:)197
265 y
SDict begin H.S end
197 265 a 197 265 a
SDict begin 11 H.A end
197 265 a 197 265 a
SDict begin [ /View [/XYZ H.V] /Dest (1423) cvn H.B /DEST pdfmark end
197 265
a 828 355 a Fl(T)-8 b(o)30 b(enable)e(shadow)h(passwor)o(ds,)g(r)o(un)
2136 355 y
SDict begin H.S end
2136 355 a 2136 355 a
SDict begin 11 H.A end
2136 355 a 2136 355
a
SDict begin [ /View [/XYZ H.V] /Dest (1424) cvn H.B /DEST pdfmark end
2136 355 a Fh(pwconv)f Fl(as)h(r)o(oot,)f(and)2908
355 y
SDict begin H.S end
2908 355 a 2908 355 a
SDict begin 11 H.A end
2908 355 a 2908 355 a
SDict begin [ /View [/XYZ H.V] /Dest (1425) cvn H.B /DEST pdfmark end
2908
355 a Fh(/etc/shadow)f Fl(should)828 446 y(now)35 b(exist,)f(and)g(be)g
(used)g(by)g(applications.)h(If)f(you)g(ar)o(e)f(using)i(RH)g(4.2)e(or)
i(above,)828 537 y(the)26 b(P)-8 b(AM)26 b(modules)g(will)h
(automatically)f(adapt)f(to)h(the)g(change)g(fr)o(om)g(using)h(normal)
828 629 y
SDict begin H.S end
828 629 a 828 629 a
SDict begin 11 H.A end
828 629 a 828 629 a
SDict begin [ /View [/XYZ H.V] /Dest (1426) cvn H.B /DEST pdfmark end
828
629 a Fh(/etc/passwd)19 b Fl(to)i(shadow)g(passwor)o(ds)f(without)i
(any)f(other)g(change.)197 694 y
SDict begin H.S end
197 694 a 197 694 a
SDict begin 11 H.A end
197 694 a 197 694 a
SDict begin [ /View [/XYZ H.V] /Dest (1427) cvn H.B /DEST pdfmark end
197 694 a 828 762 a Fl(Some)26 b(backgr)o(ound:)e
(shadow)i(passwor)o(ds)g(is)g(a)f(mechanism)h(for)g(storing)g(your)g
(pass-)828 853 y(wor)o(d)20 b(in)h(a)e(\002le)i(other)f(than)h(the)f
(normal)2154 853 y
SDict begin H.S end
2154 853 a 2154 853 a
SDict begin 11 H.A end
2154 853 a 2154
853 a
SDict begin [ /View [/XYZ H.V] /Dest (1428) cvn H.B /DEST pdfmark end
2154 853 a Fh(/etc/passwd)f Fl(\002le.)h(This)h(has)f(several)f
(advan-)828 944 y(tages.)26 b(The)g(\002rst)g(one)h(is)f(that)g(the)h
(shadow)f(\002le,)2435 944 y
SDict begin H.S end
2435 944 a 2435 944 a
SDict begin 11 H.A end
2435
944 a 2435 944 a
SDict begin [ /View [/XYZ H.V] /Dest (1429) cvn H.B /DEST pdfmark end
2435 944 a Fh(/etc/shadow)p Fl(,)e(is)j(only)g(r)o
(eadable)d(by)828 1036 y(r)o(oot,)17 b(unlike)1264 1036
y
SDict begin H.S end
1264 1036 a 1264 1036 a
SDict begin 11 H.A end
1264 1036 a 1264 1036 a
SDict begin [ /View [/XYZ H.V] /Dest (1430) cvn H.B /DEST pdfmark end
1264
1036 a Fh(/etc/passwd)p Fl(,)e(which)j(must)g(r)o(emain)e(r)o(eadable)f
(by)i(everyone.)g(The)g(other)828 1127 y(advantage)e(is)h(that)g(as)g
(the)g(administrator)-6 b(,)16 b(you)h(can)f(enable)f(or)i(disable)e
(accounts)i(with-)828 1218 y(out)k(everyone)g(knowing)h(the)f(status)g
(of)g(other)g(users')g(accounts.)197 1283 y
SDict begin H.S end
197 1283
a 197 1283 a
SDict begin 11 H.A end
197 1283 a 197 1283 a
SDict begin [ /View [/XYZ H.V] /Dest (1431) cvn H.B /DEST pdfmark end
197 1283 a 828 1351
a Fl(The)985 1351 y
SDict begin H.S end
985 1351 a 985 1351 a
SDict begin 11 H.A end
985 1351 a
985 1351 a
SDict begin [ /View [/XYZ H.V] /Dest (1432) cvn H.B /DEST pdfmark end
985 1351 a Fh(/etc/passwd)c Fl(\002le)i(is)f(then)h(used)f
(to)h(stor)o(e)f(user)h(and)f(gr)o(oup)g(names,)g(used)g(by)h(pr)o(o-)
828 1442 y(grams)j(like)1235 1442 y
SDict begin H.S end
1235 1442 a 1235
1442 a
SDict begin 11 H.A end
1235 1442 a 1235 1442 a
SDict begin [ /View [/XYZ H.V] /Dest (1433) cvn H.B /DEST pdfmark end
1235 1442 a Fh(/bin/ls)f
Fl(to)i(map)f(the)g(user)g(ID)g(to)g(the)h(pr)o(oper)e(user)h(name)g
(in)g(a)g(dir)o(ectory)828 1534 y(listing.)197 1599 y
SDict begin H.S end
197 1599 a 197 1599 a
SDict begin 11 H.A end
197 1599 a 197 1599 a
SDict begin [ /View [/XYZ H.V] /Dest (1434) cvn H.B /DEST pdfmark end
197 1599
a 828 1667 a Fl(The)985 1667 y
SDict begin H.S end
985 1667 a 985 1667 a
SDict begin 11 H.A end
985 1667 a 985 1667 a
SDict begin [ /View [/XYZ H.V] /Dest (1435) cvn H.B /DEST pdfmark end
985 1667 a Fh(/etc/shadow)17 b
Fl(\002le)h(then)h(only)g(contains)g(the)g(user)f(name)g(and)g(his/her)
h(passwor)o(d,)828 1758 y(and)h(per)o(haps)g(accounting)h(information,)
h(like)f(when)g(the)g(account)g(expir)o(es,)e(etc.)197
1823 y
SDict begin H.S end
197 1823 a 197 1823 a
SDict begin 11 H.A end
197 1823 a 197 1823 a
SDict begin [ /View [/XYZ H.V] /Dest (1436) cvn H.B /DEST pdfmark end
197
1823 a 828 1891 a Fl(T)-8 b(o)30 b(enable)e(shadow)h(passwor)o(ds,)g(r)
o(un)2136 1891 y
SDict begin H.S end
2136 1891 a 2136 1891 a
SDict begin 11 H.A end
2136 1891 a
2136 1891 a
SDict begin [ /View [/XYZ H.V] /Dest (1437) cvn H.B /DEST pdfmark end
2136 1891 a Fh(pwconv)f Fl(as)h(r)o(oot,)f(and)2908
1891 y
SDict begin H.S end
2908 1891 a 2908 1891 a
SDict begin 11 H.A end
2908 1891 a 2908 1891
a
SDict begin [ /View [/XYZ H.V] /Dest (1438) cvn H.B /DEST pdfmark end
2908 1891 a Fh(/etc/shadow)f Fl(should)828 1982 y(now)e(exist,)g(and)
f(be)g(used)g(by)h(applications.)f(Since)g(you)h(ar)o(e)e(using)j(RH)f
(4.2)e(or)i(above,)828 2073 y(the)h(P)-8 b(AM)26 b(modules)g(will)h
(automatically)f(adapt)f(to)h(the)g(change)g(fr)o(om)g(using)h(normal)
828 2165 y
SDict begin H.S end
828 2165 a 828 2165 a
SDict begin 11 H.A end
828 2165 a 828 2165
a
SDict begin [ /View [/XYZ H.V] /Dest (1439) cvn H.B /DEST pdfmark end
828 2165 a Fh(/etc/passwd)19 b Fl(to)i(shadow)g(passwor)o(ds)f
(without)i(any)f(other)g(change.)197 2230 y
SDict begin H.S end
197 2230
a 197 2230 a
SDict begin 11 H.A end
197 2230 a 197 2230 a
SDict begin [ /View [/XYZ H.V] /Dest (1440) cvn H.B /DEST pdfmark end
197 2230 a 828 2297
a Fl(Since)26 b(you'r)o(e)h(inter)o(ested)f(in)h(securing)g(your)g
(passwor)o(ds,)f(per)o(haps)f(you)j(would)f(also)828
2389 y(be)j(inter)o(ested)g(in)h(generating)f(good)h(passwor)o(ds)f(to)
h(begin)g(with.)g(For)g(this)g(you)g(can)828 2480 y(use)25
b(the)1119 2480 y
SDict begin H.S end
1119 2480 a 1119 2480 a
SDict begin 11 H.A end
1119 2480 a
1119 2480 a
SDict begin [ /View [/XYZ H.V] /Dest (1441) cvn H.B /DEST pdfmark end
1119 2480 a Fh(pam_cracklib)e Fl(module,)i(which)i(is)e
(part)g(of)g(P)-8 b(AM.)25 b(It)g(r)o(uns)h(your)g(passwor)o(d)828
2571 y(against)j(the)g(Crack)e(libraries)i(to)g(help)g(you)g(decide)f
(if)g(it)h(is)g(too-easily)g(guessable)g(by)828 2663
y(passwor)o(d-cracking)20 b(pr)o(ograms.)637 2796 y
SDict begin H.S end
637
2796 a 637 2796 a
SDict begin 11 H.A end
637 2796 a 637 2796 a
SDict begin [ /View [/XYZ H.V] /Dest (1442) cvn H.B /DEST pdfmark end
637 2796 a Black
745 2928 a Fl(4.)p Black 828 2928 a
SDict begin H.S end
828 2928 a 828 2928
a
SDict begin 11 H.A end
828 2928 a 828 2928 a
SDict begin [ /View [/XYZ H.V] /Dest (1443) cvn H.B /DEST pdfmark end
828 2928 a Fl(How)h(can)g(I)g(enable)f(the)h
(Apache)e(SSL)h(extensions?)197 2993 y
SDict begin H.S end
197 2993 a 197
2993 a
SDict begin 11 H.A end
197 2993 a 197 2993 a
SDict begin [ /View [/XYZ H.V] /Dest (1444) cvn H.B /DEST pdfmark end
197 2993 a 828 3061 a Fl(Answer:)197
3105 y
SDict begin H.S end
197 3105 a 197 3105 a
SDict begin 11 H.A end
197 3105 a 197 3105 a
SDict begin [ /View [/XYZ H.V] /Dest (1445) cvn H.B /DEST pdfmark end
197
3105 a 197 3105 a
SDict begin H.S end
197 3105 a 197 3105 a
SDict begin 11 H.A end
197 3105 a 197
3105 a
SDict begin [ /View [/XYZ H.V] /Dest (1446) cvn H.B /DEST pdfmark end
197 3105 a 197 3146 a
SDict begin H.S end
197 3146 a 197 3146 a
SDict begin 11 H.A end
197
3146 a 197 3146 a
SDict begin [ /View [/XYZ H.V] /Dest (1447) cvn H.B /DEST pdfmark end
197 3146 a Black 977 3319 a Fl(a.)p
Black 1060 3319 a
SDict begin H.S end
1060 3319 a 1060 3319 a
SDict begin 11 H.A end
1060 3319 a
1060 3319 a
SDict begin [ /View [/XYZ H.V] /Dest (1448) cvn H.B /DEST pdfmark end
1060 3319 a Fl(Get)h(SSLeay)e(0.8.0)g(or)i(later)f(fr)o(om)
2168 3319 y
SDict begin H.S end
2168 3319 a 2168 3319 a
SDict begin 11 H.A end
2168 3319 a 2168
3319 a
SDict begin [ /View [/XYZ H.V] /Dest (1449) cvn H.B /DEST pdfmark end
2168 3319 a Fl(<65533>)2478 3285 y Fe(121)197
3342 y
SDict begin H.S end
197 3342 a 197 3342 a
SDict begin 11 H.A end
197 3342 a 197 3342 a
SDict begin [ /View [/XYZ H.V] /Dest (1450) cvn H.B /DEST pdfmark end
197
3342 a Black 973 3451 a Fl(b.)p Black 1060 3451 a
SDict begin H.S end
1060
3451 a 1060 3451 a
SDict begin 11 H.A end
1060 3451 a 1060 3451 a
SDict begin [ /View [/XYZ H.V] /Dest (1451) cvn H.B /DEST pdfmark end
1060 3451
a Fl(Build)h(and)f(test)h(and)g(install)g(it!)197 3453
y
SDict begin H.S end
197 3453 a 197 3453 a
SDict begin 11 H.A end
197 3453 a 197 3453 a
SDict begin [ /View [/XYZ H.V] /Dest (1452) cvn H.B /DEST pdfmark end
197 3453
a Black 982 3584 a Fl(c.)p Black 1060 3584 a
SDict begin H.S end
1060 3584
a 1060 3584 a
SDict begin 11 H.A end
1060 3584 a 1060 3584 a
SDict begin [ /View [/XYZ H.V] /Dest (1453) cvn H.B /DEST pdfmark end
1060 3584 a Fl(Get)g(Apache)f
(sour)o(ce)197 3608 y
SDict begin H.S end
197 3608 a 197 3608 a
SDict begin 11 H.A end
197 3608
a 197 3608 a
SDict begin [ /View [/XYZ H.V] /Dest (1454) cvn H.B /DEST pdfmark end
197 3608 a Black 968 3717 a Fl(d.)p Black
1060 3717 a
SDict begin H.S end
1060 3717 a 1060 3717 a
SDict begin 11 H.A end
1060 3717 a 1060
3717 a
SDict begin [ /View [/XYZ H.V] /Dest (1455) cvn H.B /DEST pdfmark end
1060 3717 a Fl(Get)h(Apache)f(SSLeay)f(extensions)j(fr)o(om)2404
3717 y
SDict begin H.S end
2404 3717 a 2404 3717 a
SDict begin 11 H.A end
2404 3717 a 2404 3717
a
SDict begin [ /View [/XYZ H.V] /Dest (1456) cvn H.B /DEST pdfmark end
2404 3717 a Fl(her)o(e)2564 3684 y Fe(122)197 3741
y
SDict begin H.S end
197 3741 a 197 3741 a
SDict begin 11 H.A end
197 3741 a 197 3741 a
SDict begin [ /View [/XYZ H.V] /Dest (1457) cvn H.B /DEST pdfmark end
197 3741
a Black 979 3850 a Fl(e.)p Black 1060 3850 a
SDict begin H.S end
1060 3850
a 1060 3850 a
SDict begin 11 H.A end
1060 3850 a 1060 3850 a
SDict begin [ /View [/XYZ H.V] /Dest (1458) cvn H.B /DEST pdfmark end
1060 3850 a Fl(Unpack)27
b(it)h(in)f(the)h(apache)e(sour)o(ce)h(dir)o(ectory)f(and)h(patch)g
(Apache)f(as)h(per)g(the)1060 3941 y(README.)197 3941
y
SDict begin H.S end
197 3941 a 197 3941 a
SDict begin 11 H.A end
197 3941 a 197 3941 a
SDict begin [ /View [/XYZ H.V] /Dest (1459) cvn H.B /DEST pdfmark end
197 3941
a Black 991 4074 a Fl(f.)p Black 1060 4074 a
SDict begin H.S end
1060 4074
a 1060 4074 a
SDict begin 11 H.A end
1060 4074 a 1060 4074 a
SDict begin [ /View [/XYZ H.V] /Dest (1460) cvn H.B /DEST pdfmark end
1060 4074 a Fl(Con\002gur)o(e)21
b(and)g(build)f(it.)197 4248 y
SDict begin H.S end
197 4248 a 197 4248 a
SDict begin 11 H.A end
197 4248 a 197 4248 a
SDict begin [ /View [/XYZ H.V] /Dest (1461) cvn H.B /DEST pdfmark end
197 4248 a 828 4340 a Fl(Y)-8 b(ou)33
b(might)h(also)e(try)1571 4340 y
SDict begin H.S end
1571 4340 a 1571 4340
a
SDict begin 11 H.A end
1571 4340 a 1571 4340 a
SDict begin [ /View [/XYZ H.V] /Dest (1462) cvn H.B /DEST pdfmark end
1571 4340 a Fl(ZEDZ)h(net)1944
4307 y Fe(123)2051 4340 y Fl(which)h(has)e(many)g(pr)o(e-built)g
(packages,)f(and)h(is)828 4431 y(located)20 b(outside)h(of)g(the)g
(United)f(States.)637 4564 y
SDict begin H.S end
637 4564 a 637 4564 a
SDict begin 11 H.A end
637
4564 a 637 4564 a
SDict begin [ /View [/XYZ H.V] /Dest (1463) cvn H.B /DEST pdfmark end
637 4564 a Black 745 4697 a Fl(5.)p
Black 828 4697 a
SDict begin H.S end
828 4697 a 828 4697 a
SDict begin 11 H.A end
828 4697 a 828
4697 a
SDict begin [ /View [/XYZ H.V] /Dest (1464) cvn H.B /DEST pdfmark end
828 4697 a Fl(How)h(can)g(I)g(manipulate)f(user)h(accounts,)f
(and)h(still)g(r)o(etain)f(security?)197 4762 y
SDict begin H.S end
197 4762
a 197 4762 a
SDict begin 11 H.A end
197 4762 a 197 4762 a
SDict begin [ /View [/XYZ H.V] /Dest (1465) cvn H.B /DEST pdfmark end
197 4762 a 828 4830
a Fl(Answer:)d(most)g(distributions)h(contain)g(a)e(gr)o(eat)g(number)h
(of)g(tools)h(to)f(change)g(the)g(pr)o(op-)828 4921 y(erties)j(of)h
(user)g(accounts.)197 4964 y
SDict begin H.S end
197 4964 a 197 4964 a
SDict begin 11 H.A end
197
4964 a 197 4964 a
SDict begin [ /View [/XYZ H.V] /Dest (1466) cvn H.B /DEST pdfmark end
197 4964 a 197 4964 a
SDict begin H.S end
197 4964 a 197
4964 a
SDict begin 11 H.A end
197 4964 a 197 4964 a
SDict begin [ /View [/XYZ H.V] /Dest (1467) cvn H.B /DEST pdfmark end
197 4964 a 197 5006 a
SDict begin H.S end
197
5006 a 197 5006 a
SDict begin 11 H.A end
197 5006 a 197 5006 a
SDict begin [ /View [/XYZ H.V] /Dest (1468) cvn H.B /DEST pdfmark end
197 5006 a Black
828 5178 a Fg(\225)p Black 911 5178 a
SDict begin H.S end
911 5178 a 911
5178 a
SDict begin 11 H.A end
911 5178 a 911 5178 a
SDict begin [ /View [/XYZ H.V] /Dest (1469) cvn H.B /DEST pdfmark end
911 5178 a Fl(The)1096 5178
y
SDict begin H.S end
1096 5178 a 1096 5178 a
SDict begin 11 H.A end
1096 5178 a 1096 5178 a
SDict begin [ /View [/XYZ H.V] /Dest (1470) cvn H.B /DEST pdfmark end
1096
5178 a Fh(pwconv)46 b Fl(and)1598 5178 y
SDict begin H.S end
1598 5178 a
1598 5178 a
SDict begin 11 H.A end
1598 5178 a 1598 5178 a
SDict begin [ /View [/XYZ H.V] /Dest (1471) cvn H.B /DEST pdfmark end
1598 5178 a Fh(unpwconv)f
Fl(pr)o(ograms)h(can)g(be)g(used)g(to)h(convert)f(between)911
5270 y(shadow)21 b(and)f(non-shadowed)i(passwor)o(ds.)197
5293 y
SDict begin H.S end
197 5293 a 197 5293 a
SDict begin 11 H.A end
197 5293 a 197 5293 a
SDict begin [ /View [/XYZ H.V] /Dest (1472) cvn H.B /DEST pdfmark end
197
5293 a Black 3601 5585 a Fj(45)p Black eop end
%%Page: 46 46
TeXDict begin 46 45 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.46) cvn H.B /DEST pdfmark
end
197 -102
a Black 197 -201 a
SDict begin H.S end
197 -201 a 197 -201 a
SDict begin 11 H.A end
197 -201 a 197
-201 a
SDict begin [ /View [/XYZ H.V] /Dest (1530) cvn H.B /DEST pdfmark end
197 -201 a 69 x Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black Black 828 89 a Fg(\225)p Black 911 89 a
SDict begin H.S end
911 89
a 911 89 a
SDict begin 11 H.A end
911 89 a 911 89 a
SDict begin [ /View [/XYZ H.V] /Dest (1473) cvn H.B /DEST pdfmark end
911 89 a Fl(The)1072 89
y
SDict begin H.S end
1072 89 a 1072 89 a
SDict begin 11 H.A end
1072 89 a 1072 89 a
SDict begin [ /View [/XYZ H.V] /Dest (1474) cvn H.B /DEST pdfmark end
1072 89 a Fh(pwck)h
Fl(and)1437 89 y
SDict begin H.S end
1437 89 a 1437 89 a
SDict begin 11 H.A end
1437 89 a 1437 89
a
SDict begin [ /View [/XYZ H.V] /Dest (1475) cvn H.B /DEST pdfmark end
1437 89 a Fh(grpck)g Fl(pr)o(ograms)g(can)g(be)g(used)h(to)f(verify)g
(pr)o(oper)g(or)o(ganization)g(of)911 180 y(the)1047
180 y
SDict begin H.S end
1047 180 a 1047 180 a
SDict begin 11 H.A end
1047 180 a 1047 180 a
SDict begin [ /View [/XYZ H.V] /Dest (1476) cvn H.B /DEST pdfmark end
1047
180 a Fh(passwd)e Fl(and)1498 180 y
SDict begin H.S end
1498 180 a 1498 180
a
SDict begin 11 H.A end
1498 180 a 1498 180 a
SDict begin [ /View [/XYZ H.V] /Dest (1477) cvn H.B /DEST pdfmark end
1498 180 a Fh(group)g Fl(\002les.)197
192 y
SDict begin H.S end
197 192 a 197 192 a
SDict begin 11 H.A end
197 192 a 197 192 a
SDict begin [ /View [/XYZ H.V] /Dest (1478) cvn H.B /DEST pdfmark end
197 192
a Black 828 313 a Fg(\225)p Black 911 313 a
SDict begin H.S end
911 313 a
911 313 a
SDict begin 11 H.A end
911 313 a 911 313 a
SDict begin [ /View [/XYZ H.V] /Dest (1479) cvn H.B /DEST pdfmark end
911 313 a Fl(The)1078 313
y
SDict begin H.S end
1078 313 a 1078 313 a
SDict begin 11 H.A end
1078 313 a 1078 313 a
SDict begin [ /View [/XYZ H.V] /Dest (1480) cvn H.B /DEST pdfmark end
1078 313
a Fh(useradd)p Fl(,)1441 313 y
SDict begin H.S end
1441 313 a 1441 313 a
SDict begin 11 H.A end
1441 313 a 1441 313 a
SDict begin [ /View [/XYZ H.V] /Dest (1481) cvn H.B /DEST pdfmark end
1441 313 a Fh(usermod)p Fl(,)27
b(and)1972 313 y
SDict begin H.S end
1972 313 a 1972 313 a
SDict begin 11 H.A end
1972 313 a 1972
313 a
SDict begin [ /View [/XYZ H.V] /Dest (1482) cvn H.B /DEST pdfmark end
1972 313 a Fh(userdel)g Fl(pr)o(ograms)h(can)g(be)f(used)h(to)h
(add,)e(delete)911 405 y(and)34 b(modify)i(user)e(accounts.)h(The)2132
405 y
SDict begin H.S end
2132 405 a 2132 405 a
SDict begin 11 H.A end
2132 405 a 2132 405 a
SDict begin [ /View [/XYZ H.V] /Dest (1483) cvn H.B /DEST pdfmark end
2132
405 a Fh(groupadd)p Fl(,)2546 405 y
SDict begin H.S end
2546 405 a 2546 405
a
SDict begin 11 H.A end
2546 405 a 2546 405 a
SDict begin [ /View [/XYZ H.V] /Dest (1484) cvn H.B /DEST pdfmark end
2546 405 a Fh(groupmod)p Fl(,)f(and)3136
405 y
SDict begin H.S end
3136 405 a 3136 405 a
SDict begin 11 H.A end
3136 405 a 3136 405 a
SDict begin [ /View [/XYZ H.V] /Dest (1485) cvn H.B /DEST pdfmark end
3136
405 a Fh(groupdel)g Fl(pr)o(o-)911 496 y(grams)21 b(will)g(do)g(the)g
(same)f(for)h(gr)o(oups.)197 519 y
SDict begin H.S end
197 519 a 197 519
a
SDict begin 11 H.A end
197 519 a 197 519 a
SDict begin [ /View [/XYZ H.V] /Dest (1486) cvn H.B /DEST pdfmark end
197 519 a Black 828 629 a Fg(\225)p
Black 911 629 a
SDict begin H.S end
911 629 a 911 629 a
SDict begin 11 H.A end
911 629 a 911 629
a
SDict begin [ /View [/XYZ H.V] /Dest (1487) cvn H.B /DEST pdfmark end
911 629 a Fl(Gr)o(oup)g(passwor)o(ds)f(can)g(be)h(cr)o(eated)e(using)
2352 629 y
SDict begin H.S end
2352 629 a 2352 629 a
SDict begin 11 H.A end
2352 629 a 2352 629
a
SDict begin [ /View [/XYZ H.V] /Dest (1488) cvn H.B /DEST pdfmark end
2352 629 a Fh(gpasswd)p Fl(.)197 803 y
SDict begin H.S end
197 803 a 197
803 a
SDict begin 11 H.A end
197 803 a 197 803 a
SDict begin [ /View [/XYZ H.V] /Dest (1489) cvn H.B /DEST pdfmark end
197 803 a 828 894 a Fl(All)26
b(these)h(pr)o(ograms)f(ar)o(e)f("shadow-awar)o(e")g(--)g(that)i(is,)f
(if)h(you)g(enable)f(shadow)h(they)828 986 y(will)21
b(use)1136 986 y
SDict begin H.S end
1136 986 a 1136 986 a
SDict begin 11 H.A end
1136 986 a 1136
986 a
SDict begin [ /View [/XYZ H.V] /Dest (1490) cvn H.B /DEST pdfmark end
1136 986 a Fh(/etc/shadow)e Fl(for)i(passwor)o(d)f(information,)h
(otherwise)h(they)f(won't.)197 1051 y
SDict begin H.S end
197 1051 a 197
1051 a
SDict begin 11 H.A end
197 1051 a 197 1051 a
SDict begin [ /View [/XYZ H.V] /Dest (1491) cvn H.B /DEST pdfmark end
197 1051 a 828 1119 a Fl(See)f(the)h(r)o
(espective)e(man)i(pages)f(for)h(further)f(information.)637
1251 y
SDict begin H.S end
637 1251 a 637 1251 a
SDict begin 11 H.A end
637 1251 a 637 1251 a
SDict begin [ /View [/XYZ H.V] /Dest (1492) cvn H.B /DEST pdfmark end
637
1251 a Black 745 1384 a Fl(6.)p Black 828 1384 a
SDict begin H.S end
828
1384 a 828 1384 a
SDict begin 11 H.A end
828 1384 a 828 1384 a
SDict begin [ /View [/XYZ H.V] /Dest (1493) cvn H.B /DEST pdfmark end
828 1384 a Fl(How)h(can)g(I)g
(passwor)o(d-pr)o(otect)e(speci\002c)h(HTML)g(documents)i(using)f
(Apache?)197 1449 y
SDict begin H.S end
197 1449 a 197 1449 a
SDict begin 11 H.A end
197 1449 a
197 1449 a
SDict begin [ /View [/XYZ H.V] /Dest (1494) cvn H.B /DEST pdfmark end
197 1449 a 828 1517 a Fl(I)g(bet)f(you)i(didn't)e(know)i
(about)1878 1517 y
SDict begin H.S end
1878 1517 a 1878 1517 a
SDict begin 11 H.A end
1878 1517
a 1878 1517 a
SDict begin [ /View [/XYZ H.V] /Dest (1495) cvn H.B /DEST pdfmark end
1878 1517 a Fl(http://www)-8 b(.apacheweek.or)o(g)2969
1484 y Fe(124)3043 1517 y Fl(,)21 b(did)f(you?)197 1582
y
SDict begin H.S end
197 1582 a 197 1582 a
SDict begin 11 H.A end
197 1582 a 197 1582 a
SDict begin [ /View [/XYZ H.V] /Dest (1496) cvn H.B /DEST pdfmark end
197 1582
a 828 1650 a Fl(Y)-8 b(ou)165 b(can)f(\002nd)h(information)g(on)g(user)
f(authentication)g(at)828 1741 y
SDict begin H.S end
828 1741 a 828 1741
a
SDict begin 11 H.A end
828 1741 a 828 1741 a
SDict begin [ /View [/XYZ H.V] /Dest (1497) cvn H.B /DEST pdfmark end
828 1741 a Fl(http://www)-8 b
(.apacheweek.com/featur)o(es/userauth)21 b(as)g(well)h(as)f(other)g
(web)h(server)828 1833 y(security)f(tips)g(fr)o(om)1496
1833 y
SDict begin H.S end
1496 1833 a 1496 1833 a
SDict begin 11 H.A end
1496 1833 a 1496 1833
a
SDict begin [ /View [/XYZ H.V] /Dest (1498) cvn H.B /DEST pdfmark end
1496 1833 a Fl(http://www)-8 b(.apache.or)o
(g/docs/misc/security_tips.html)197 2140 y
SDict begin H.S end
197 2140 a
197 2140 a
SDict begin 11 H.A end
197 2140 a 197 2140 a
SDict begin [ /View [/XYZ H.V] /Dest (conclusion) cvn H.B /DEST pdfmark
end
197 2140 a 287 x Fn(Conc)n(lusion)799
2427 y
SDict begin H.S end
799 2427 a 799 2427 a
SDict begin 14.641 H.A end
799 2427 a 799 2427 a
SDict begin [ /View [/XYZ H.V] /Dest (1.14.1) cvn H.B /DEST pdfmark
end
799
2427 a 197 2484 a
SDict begin H.S end
197 2484 a 197 2484 a
SDict begin 11 H.A end
197 2484 a 197
2484 a
SDict begin [ /View [/XYZ H.V] /Dest (1501) cvn H.B /DEST pdfmark end
197 2484 a 596 2574 a Fl(By)29 b(subscribing)i(to)f(the)g
(security)g(alert)f(mailing)i(lists,)f(and)f(keeping)h(curr)o(ent,)f
(you)h(can)g(do)596 2665 y(a)25 b(lot)h(towar)o(ds)f(securing)g(your)h
(machine.)g(If)f(you)h(pay)f(attention)h(to)g(your)g(log)g(\002les)g
(and)f(r)o(un)596 2757 y(something)d(like)1159 2757 y
SDict begin H.S end
1159 2757 a 1159 2757 a
SDict begin 11 H.A end
1159 2757 a 1159 2757 a
SDict begin [ /View [/XYZ H.V] /Dest (1502) cvn H.B /DEST pdfmark end
1159
2757 a Fh(tripwire)d Fl(r)o(egularly)-9 b(,)20 b(you)h(can)f(do)h(even)
g(mor)o(e.)197 2821 y
SDict begin H.S end
197 2821 a 197 2821 a
SDict begin 11 H.A end
197 2821
a 197 2821 a
SDict begin [ /View [/XYZ H.V] /Dest (1503) cvn H.B /DEST pdfmark end
197 2821 a 596 2889 a Fl(A)26 b(r)o(easonable)g(level)h
(of)h(computer)f(security)g(is)h(not)g(dif)o(\002cult)f(to)g(maintain)h
(on)g(a)e(home)i(ma-)596 2981 y(chine.)f(Mor)o(e)f(ef)o(fort)g(is)h(r)o
(equir)o(ed)f(on)h(business)h(machines,)f(but)h(Linux)f(can)f(indeed)h
(be)g(a)f(se-)596 3072 y(cur)o(e)18 b(platform.)g(Due)h(to)h(the)f
(natur)o(e)f(of)h(Linux)g(development,)g(security)g(\002xes)g(often)g
(come)g(out)596 3163 y(much)25 b(faster)f(than)h(they)g(do)g(on)h
(commer)o(cial)f(operating)g(systems,)g(making)h(Linux)f(an)g(ideal)596
3255 y(platform)20 b(when)h(security)g(is)g(a)g(r)o(equir)o(ement.)197
3320 y
SDict begin H.S end
197 3320 a 197 3320 a
SDict begin 11 H.A end
197 3320 a 197 3320 a
SDict begin [ /View [/XYZ H.V] /Dest (1504) cvn H.B /DEST pdfmark end
197
3320 a 264 x Fn(Ac)n(kno)n(wledgments)1170 3584 y
SDict begin H.S end
1170
3584 a 1170 3584 a
SDict begin 14.641 H.A end
1170 3584 a 1170 3584 a
SDict begin [ /View [/XYZ H.V] /Dest (1.15.1) cvn H.B /DEST pdfmark
end
1170 3584
a 197 3664 a
SDict begin H.S end
197 3664 a 197 3664 a
SDict begin 11 H.A end
197 3664 a 197 3664
a
SDict begin [ /View [/XYZ H.V] /Dest (1506) cvn H.B /DEST pdfmark end
197 3664 a 596 3730 a Fl(Information)f(her)o(e)f(is)h(collected)f(fr)
o(om)g(many)h(sour)o(ces.)f(Thanks)h(to)g(the)g(following)h(who)f
(either)596 3822 y(indir)o(ectly)g(or)h(dir)o(ectly)f(have)g
(contributed:)197 3887 y
SDict begin H.S end
197 3887 a 197 3887 a
SDict begin 11 H.A end
197 3887
a 197 3887 a
SDict begin [ /View [/XYZ H.V] /Dest (1507) cvn H.B /DEST pdfmark end
197 3887 a 197 3970 a
SDict begin H.S end
197 3970 a 197 3970
a
SDict begin 9.9 H.A end
197 3970 a 197 3970 a
SDict begin [ /View [/XYZ H.V] /Dest (1508) cvn H.B /DEST pdfmark end
197 3970 a 596 4028 a Fh(Rob)44
b(Riggs)197 4040 y
SDict begin H.S end
197 4040 a 197 4040 a
SDict begin 9.9 H.A end
197 4040 a 197
4040 a
SDict begin [ /View [/XYZ H.V] /Dest (1509) cvn H.B /DEST pdfmark end
197 4040 a 596 4111 a Fh(rob@DevilsThumb.com)1451
4081 y Ff(127)197 4326 y
SDict begin H.S end
197 4326 a 197 4326 a
SDict begin 11 H.A end
197 4326
a 197 4326 a
SDict begin [ /View [/XYZ H.V] /Dest (1510) cvn H.B /DEST pdfmark end
197 4326 a 596 4418 a Fl(S.)20 b(Cof)o(\002n)930
4418 y
SDict begin H.S end
930 4418 a 930 4418 a
SDict begin 11 H.A end
930 4418 a 930 4418 a
SDict begin [ /View [/XYZ H.V] /Dest (1511) cvn H.B /DEST pdfmark end
930
4418 a Fl(scof)o(\002n@netcom.com)1680 4385 y Fe(128)197
4461 y
SDict begin H.S end
197 4461 a 197 4461 a
SDict begin 11 H.A end
197 4461 a 197 4461 a
SDict begin [ /View [/XYZ H.V] /Dest (1512) cvn H.B /DEST pdfmark end
197
4461 a 596 4551 a Fl(V)-5 b(iktor)21 b(Przebinda)1243
4551 y
SDict begin H.S end
1243 4551 a 1243 4551 a
SDict begin 11 H.A end
1243 4551 a 1243 4551
a
SDict begin [ /View [/XYZ H.V] /Dest (1513) cvn H.B /DEST pdfmark end
1243 4551 a Fl(viktor@CR)m(YST)-6 b(AL.MA)g(TH.ou.edu)2455
4517 y Fe(129)197 4594 y
SDict begin H.S end
197 4594 a 197 4594 a
SDict begin 11 H.A end
197 4594
a 197 4594 a
SDict begin [ /View [/XYZ H.V] /Dest (1514) cvn H.B /DEST pdfmark end
197 4594 a 596 4683 a Fl(Roelof)21 b(Osinga)1135
4683 y
SDict begin H.S end
1135 4683 a 1135 4683 a
SDict begin 11 H.A end
1135 4683 a 1135 4683
a
SDict begin [ /View [/XYZ H.V] /Dest (1515) cvn H.B /DEST pdfmark end
1135 4683 a Fl(r)o(oelof@eboa.com)1760 4650 y Fe(130)197
4748 y
SDict begin H.S end
197 4748 a 197 4748 a
SDict begin 11 H.A end
197 4748 a 197 4748 a
SDict begin [ /View [/XYZ H.V] /Dest (1516) cvn H.B /DEST pdfmark end
197
4748 a 596 4816 a Fl(Kyle)g(Hasselbacher)1297 4816 y
SDict begin H.S end
1297 4816 a 1297 4816 a
SDict begin 11 H.A end
1297 4816 a 1297 4816 a
SDict begin [ /View [/XYZ H.V] /Dest (1517) cvn H.B /DEST pdfmark end
1297
4816 a Fl(kyle@car)o(efr)o(ee.quux.soltc.net)2341 4783
y Fe(131)197 4881 y
SDict begin H.S end
197 4881 a 197 4881 a
SDict begin 11 H.A end
197 4881 a
197 4881 a
SDict begin [ /View [/XYZ H.V] /Dest (1518) cvn H.B /DEST pdfmark end
197 4881 a 596 4949 a Fl(David)f(S.)g(Jackson)1231
4949 y
SDict begin H.S end
1231 4949 a 1231 4949 a
SDict begin 11 H.A end
1231 4949 a 1231 4949
a
SDict begin [ /View [/XYZ H.V] /Dest (1519) cvn H.B /DEST pdfmark end
1231 4949 a Fl(dsj@dsj.net)1639 4916 y Fe(132)197 5014
y
SDict begin H.S end
197 5014 a 197 5014 a
SDict begin 11 H.A end
197 5014 a 197 5014 a
SDict begin [ /View [/XYZ H.V] /Dest (1520) cvn H.B /DEST pdfmark end
197 5014
a 596 5082 a Fl(T)-8 b(odd)20 b(G.)h(Ruskell)1207 5082
y
SDict begin H.S end
1207 5082 a 1207 5082 a
SDict begin 11 H.A end
1207 5082 a 1207 5082 a
SDict begin [ /View [/XYZ H.V] /Dest (1521) cvn H.B /DEST pdfmark end
1207
5082 a Fl(r)o(uskell@boulder)-6 b(.nist.gov)2117 5049
y Fe(133)197 5147 y
SDict begin H.S end
197 5147 a 197 5147 a
SDict begin 11 H.A end
197 5147 a
197 5147 a
SDict begin [ /View [/XYZ H.V] /Dest (1522) cvn H.B /DEST pdfmark end
197 5147 a 596 5215 a Fl(Rogier)21 b(W)-8
b(olf)o(f)1079 5215 y
SDict begin H.S end
1079 5215 a 1079 5215 a
SDict begin 11 H.A end
1079 5215
a 1079 5215 a
SDict begin [ /View [/XYZ H.V] /Dest (1523) cvn H.B /DEST pdfmark end
1079 5215 a Fl(R.E.W)g(olf)o(f@BitW)j(izar)o(d.nl)1952
5182 y Fe(134)197 5280 y
SDict begin H.S end
197 5280 a 197 5280 a
SDict begin 11 H.A end
197 5280
a 197 5280 a
SDict begin [ /View [/XYZ H.V] /Dest (1524) cvn H.B /DEST pdfmark end
197 5280 a 596 5348 a Fl(Antonomasia)1111
5348 y
SDict begin H.S end
1111 5348 a 1111 5348 a
SDict begin 11 H.A end
1111 5348 a 1111 5348
a
SDict begin [ /View [/XYZ H.V] /Dest (1525) cvn H.B /DEST pdfmark end
1111 5348 a Fl(ant@notatla.demon.co.uk)2043 5314 y
Fe(135)197 5391 y
SDict begin H.S end
197 5391 a 197 5391 a
SDict begin 11 H.A end
197 5391 a 197
5391 a
SDict begin [ /View [/XYZ H.V] /Dest (1526) cvn H.B /DEST pdfmark end
197 5391 a 596 5480 a Fl(Nic)20 b(Bellamy)1067
5480 y
SDict begin H.S end
1067 5480 a 1067 5480 a
SDict begin 11 H.A end
1067 5480 a 1067 5480
a
SDict begin [ /View [/XYZ H.V] /Dest (1527) cvn H.B /DEST pdfmark end
1067 5480 a Fl(sky@wibble.net)1641 5447 y Fe(136)p
Black 197 5585 a Fj(46)p Black eop end
%%Page: 47 47
TeXDict begin 47 46 bop -600 -600 a
SDict begin /product where{pop product(Distiller)search{pop pop pop
version(.)search{exch pop exch pop(3011)eq{gsave newpath 0 0 moveto
closepath clip/Courier findfont 10 scalefont setfont 72 72 moveto(.)show
grestore}if}{pop}ifelse}{pop}ifelse}if end
-600 -600 a Black
0 TeXcolorgray 197 -102 a
SDict begin H.S end
197 -102 a 0 TeXcolorgray 0
TeXcolorgray 197 -102 a
SDict begin H.R end
197 -102 a 197 -102 a
SDict begin [ /View [/XYZ H.V] /Dest (page.47) cvn H.B /DEST pdfmark
end
197 -102
a Black 197 -201 a
SDict begin H.S end
197 -201 a 197 -201 a
SDict begin 11 H.A end
197 -201 a 197
-201 a
SDict begin [ /View [/XYZ H.V] /Dest (1610) cvn H.B /DEST pdfmark end
197 -201 a 2835 -132 a Fj(Linux)21 b(Security)g(HOWT)o(O)p
Black 197 6 a
SDict begin H.S end
197 6 a 197 6 a
SDict begin 11 H.A end
197 6 a 197 6 a
SDict begin [ /View [/XYZ H.V] /Dest (1528) cvn H.B /DEST pdfmark end
197 6 a
596 89 a Fl(Eric)f(Hanchr)o(ow)1172 89 y
SDict begin H.S end
1172 89 a 1172
89 a
SDict begin 11 H.A end
1172 89 a 1172 89 a
SDict begin [ /View [/XYZ H.V] /Dest (1529) cvn H.B /DEST pdfmark end
1172 89 a Fl(of)o(fby1@blar)o(g.net)1794
56 y Fe(137)596 222 y Fl(Robert)h(J.)f(Ber)o(gerrber)o(ger@ibd.com)1803
189 y Fe(138)197 287 y
SDict begin H.S end
197 287 a 197 287 a
SDict begin 11 H.A end
197 287 a
197 287 a
SDict begin [ /View [/XYZ H.V] /Dest (1532) cvn H.B /DEST pdfmark end
197 287 a 596 355 a Fl(Ulrich)g(Alpers)1114
355 y
SDict begin H.S end
1114 355 a 1114 355 a
SDict begin 11 H.A end
1114 355 a 1114 355 a
SDict begin [ /View [/XYZ H.V] /Dest (1533) cvn H.B /DEST pdfmark end
1114
355 a Fl(lur)o(chi@cdr)o(om.uni-stuttgart.de)2226 322
y Fe(139)197 420 y
SDict begin H.S end
197 420 a 197 420 a
SDict begin 11 H.A end
197 420 a 197
420 a
SDict begin [ /View [/XYZ H.V] /Dest (1534) cvn H.B /DEST pdfmark end
197 420 a 596 488 a Fl(David)g(Noha)1069 488 y
SDict begin H.S end
1069 488 a 1069 488 a
SDict begin 11 H.A end
1069 488 a 1069 488 a
SDict begin [ /View [/XYZ H.V] /Dest (1535) cvn H.B /DEST pdfmark end
1069 488
a Fl(dave@c-c-s.com)1652 454 y Fe(140)197 531 y
SDict begin H.S end
197 531
a 197 531 a
SDict begin 11 H.A end
197 531 a 197 531 a
SDict begin [ /View [/XYZ H.V] /Dest (1536) cvn H.B /DEST pdfmark end
197 531 a 596 620 a Fl(Pavel)g
(Epifanov)-9 b(.)1186 620 y
SDict begin H.S end
1186 620 a 1186 620 a
SDict begin 11 H.A end
1186
620 a 1186 620 a
SDict begin [ /View [/XYZ H.V] /Dest (1537) cvn H.B /DEST pdfmark end
1186 620 a Fl(epv@ibm.net)1664 587 y
Fe(141)197 685 y
SDict begin H.S end
197 685 a 197 685 a
SDict begin 11 H.A end
197 685 a 197 685
a
SDict begin [ /View [/XYZ H.V] /Dest (1538) cvn H.B /DEST pdfmark end
197 685 a 596 753 a Fl(Joe)20 b(Germuska.)1153 753
y
SDict begin H.S end
1153 753 a 1153 753 a
SDict begin 11 H.A end
1153 753 a 1153 753 a
SDict begin [ /View [/XYZ H.V] /Dest (1539) cvn H.B /DEST pdfmark end
1153 753
a Fl(joe@germuska.com)1860 720 y Fe(142)197 818 y
SDict begin H.S end
197
818 a 197 818 a
SDict begin 11 H.A end
197 818 a 197 818 a
SDict begin [ /View [/XYZ H.V] /Dest (1540) cvn H.B /DEST pdfmark end
197 818 a 596 886
a Fl(Franklin)h(S.)f(W)-8 b(err)o(en)1301 886 y
SDict begin H.S end
1301
886 a 1301 886 a
SDict begin 11 H.A end
1301 886 a 1301 886 a
SDict begin [ /View [/XYZ H.V] /Dest (1541) cvn H.B /DEST pdfmark end
1301 886 a Fl(fswerr)o
(en@bagpipes.net)2157 853 y Fe(143)197 951 y
SDict begin H.S end
197 951
a 197 951 a
SDict begin 11 H.A end
197 951 a 197 951 a
SDict begin [ /View [/XYZ H.V] /Dest (1542) cvn H.B /DEST pdfmark end
197 951 a 596 1019 a
Fl(Paul)20 b(Rusty)i(Russell)1302 1019 y
SDict begin H.S end
1302 1019 a
1302 1019 a
SDict begin 11 H.A end
1302 1019 a 1302 1019 a
SDict begin [ /View [/XYZ H.V] /Dest (1543) cvn H.B /DEST pdfmark end
1302 1019 a Fl(