|
DataMuseum.dkPresents historical artifacts from the history of: DKUUG/EUUG Conference tapes |
This is an automatic "excavation" of a thematic subset of
See our Wiki for more about DKUUG/EUUG Conference tapes Excavated with: AutoArchaeologist - Free & Open Source Software. |
top - metrics - downloadIndex: T p
Length: 274262 (0x42f56)
Types: TextFile
Names: »paper.ps«
└─⟦4f9d7c866⟧ Bits:30007245 EUUGD6: Sikkerheds distributionen
└─⟦eed360c96⟧ »./papers/SRI-report/sri-report.troff.tar.Z«
└─⟦9ae75bfbd⟧ Bits:30007242 EUUGD3: Starter Kit
└─⟦eed360c96⟧ »EurOpenD3/security-doc.tar.Z«
└─⟦53b1903f6⟧
└─⟦this⟧ »security-doc/paper.ps«
%!PS-Adobe-1.0
%%Creator: intrepid.itstd.sri.com:davy (David Curry, System Programmer, EJ305, x2508)
%%Title: stdin (ditroff)
%%CreationDate: Wed May 2 08:41:22 1990
%%EndComments
% Start of psdit.pro -- prolog for ditroff translator
% Copyright (c) 1985,1987 Adobe Systems Incorporated. All Rights Reserved.
% GOVERNMENT END USERS: See Notice file in TranScript library directory
% -- probably /usr/lib/ps/Notice
% RCS: $Header: psdit.pro,v 2.2 87/11/17 16:40:42 byron Rel $
/$DITroff 140 dict def $DITroff begin
/fontnum 1 def /fontsize 10 def /fontheight 10 def /fontslant 0 def
/xi {0 72 11 mul translate 72 resolution div dup neg scale 0 0 moveto
/fontnum 1 def /fontsize 10 def /fontheight 10 def /fontslant 0 def F
/pagesave save def}def
/PB{save /psv exch def currentpoint translate
resolution 72 div dup neg scale 0 0 moveto}def
/PE{psv restore}def
/m1 matrix def /m2 matrix def /m3 matrix def /oldmat matrix def
/tan{dup sin exch cos div}bind def
/point{resolution 72 div mul}bind def
/dround {transform round exch round exch itransform}bind def
/xT{/devname exch def}def
/xr{/mh exch def /my exch def /resolution exch def}def
/xp{}def
/xs{docsave restore end}def
/xt{}def
/xf{/fontname exch def /slotno exch def fontnames slotno get fontname eq not
{fonts slotno fontname findfont put fontnames slotno fontname put}if}def
/xH{/fontheight exch def F}bind def
/xS{/fontslant exch def F}bind def
/s{/fontsize exch def /fontheight fontsize def F}bind def
/f{/fontnum exch def F}bind def
/F{fontheight 0 le {/fontheight fontsize def}if
fonts fontnum get fontsize point 0 0 fontheight point neg 0 0 m1 astore
fontslant 0 ne{1 0 fontslant tan 1 0 0 m2 astore m3 concatmatrix}if
makefont setfont .04 fontsize point mul 0 dround pop setlinewidth}bind def
/X{exch currentpoint exch pop moveto show}bind def
/N{3 1 roll moveto show}bind def
/Y{exch currentpoint pop exch moveto show}bind def
/S /show load def
/ditpush{}def/ditpop{}def
/AX{3 -1 roll currentpoint exch pop moveto 0 exch ashow}bind def
/AN{4 2 roll moveto 0 exch ashow}bind def
/AY{3 -1 roll currentpoint pop exch moveto 0 exch ashow}bind def
/AS{0 exch ashow}bind def
/MX{currentpoint exch pop moveto}bind def
/MY{currentpoint pop exch moveto}bind def
/MXY /moveto load def
/cb{pop}def % action on unknown char -- nothing for now
/n{}def/w{}def
/p{pop showpage pagesave restore /pagesave save def}def
/abspoint{currentpoint exch pop add exch currentpoint pop add exch}def
/dstroke{currentpoint stroke moveto}bind def
/Dl{2 copy gsave rlineto stroke grestore rmoveto}bind def
/arcellipse{oldmat currentmatrix pop
currentpoint translate 1 diamv diamh div scale /rad diamh 2 div def
rad 0 rad -180 180 arc oldmat setmatrix}def
/Dc{gsave dup /diamv exch def /diamh exch def arcellipse dstroke
grestore diamh 0 rmoveto}def
/De{gsave /diamv exch def /diamh exch def arcellipse dstroke
grestore diamh 0 rmoveto}def
/Da{currentpoint /by exch def /bx exch def /fy exch def /fx exch def
/cy exch def /cx exch def /rad cx cx mul cy cy mul add sqrt def
/ang1 cy neg cx neg atan def /ang2 fy fx atan def cx bx add cy by add
2 copy rad ang1 ang2 arcn stroke exch fx add exch fy add moveto}def
/Barray 200 array def % 200 values in a wiggle
/D~{mark}def
/D~~{counttomark Barray exch 0 exch getinterval astore /Bcontrol exch def pop
/Blen Bcontrol length def Blen 4 ge Blen 2 mod 0 eq and
{Bcontrol 0 get Bcontrol 1 get abspoint /Ycont exch def /Xcont exch def
Bcontrol 0 2 copy get 2 mul put Bcontrol 1 2 copy get 2 mul put
Bcontrol Blen 2 sub 2 copy get 2 mul put
Bcontrol Blen 1 sub 2 copy get 2 mul put
/Ybi /Xbi currentpoint 3 1 roll def def 0 2 Blen 4 sub
{/i exch def
Bcontrol i get 3 div Bcontrol i 1 add get 3 div
Bcontrol i get 3 mul Bcontrol i 2 add get add 6 div
Bcontrol i 1 add get 3 mul Bcontrol i 3 add get add 6 div
/Xbi Xcont Bcontrol i 2 add get 2 div add def
/Ybi Ycont Bcontrol i 3 add get 2 div add def
/Xcont Xcont Bcontrol i 2 add get add def
/Ycont Ycont Bcontrol i 3 add get add def
Xbi currentpoint pop sub Ybi currentpoint exch pop sub rcurveto
}for dstroke}if}def
end
/ditstart{$DITroff begin
/nfonts 60 def % NFONTS makedev/ditroff dependent!
/fonts[nfonts{0}repeat]def
/fontnames[nfonts{()}repeat]def
/docsave save def
}def
% character outcalls
/oc {/pswid exch def /cc exch def /name exch def
/ditwid pswid fontsize mul resolution mul 72000 div def
/ditsiz fontsize resolution mul 72 div def
ocprocs name known{ocprocs name get exec}{name cb}
ifelse}def
/fractm [.65 0 0 .6 0 0] def
/fraction
{/fden exch def /fnum exch def gsave /cf currentfont def
cf fractm makefont setfont 0 .3 dm 2 copy neg rmoveto
fnum show rmoveto currentfont cf setfont(\244)show setfont fden show
grestore ditwid 0 rmoveto} def
/oce {grestore ditwid 0 rmoveto}def
/dm {ditsiz mul}def
/ocprocs 50 dict def ocprocs begin
(14){(1)(4)fraction}def
(12){(1)(2)fraction}def
(34){(3)(4)fraction}def
(13){(1)(3)fraction}def
(23){(2)(3)fraction}def
(18){(1)(8)fraction}def
(38){(3)(8)fraction}def
(58){(5)(8)fraction}def
(78){(7)(8)fraction}def
(sr){gsave .05 dm .16 dm rmoveto(\326)show oce}def
(is){gsave 0 .15 dm rmoveto(\362)show oce}def
(->){gsave 0 .02 dm rmoveto(\256)show oce}def
(<-){gsave 0 .02 dm rmoveto(\254)show oce}def
(==){gsave 0 .05 dm rmoveto(\272)show oce}def
end
% DIThacks fonts for some special chars
50 dict dup begin
/FontType 3 def
/FontName /DIThacks def
/FontMatrix [.001 0.0 0.0 .001 0.0 0.0] def
/FontBBox [-220 -280 900 900] def% a lie but ...
/Encoding 256 array def
0 1 255{Encoding exch /.notdef put}for
Encoding
dup 8#040/space put %space
dup 8#110/rc put %right ceil
dup 8#111/lt put %left top curl
dup 8#112/bv put %bold vert
dup 8#113/lk put %left mid curl
dup 8#114/lb put %left bot curl
dup 8#115/rt put %right top curl
dup 8#116/rk put %right mid curl
dup 8#117/rb put %right bot curl
dup 8#120/rf put %right floor
dup 8#121/lf put %left floor
dup 8#122/lc put %left ceil
dup 8#140/sq put %square
dup 8#141/bx put %box
dup 8#142/ci put %circle
dup 8#143/br put %box rule
dup 8#144/rn put %root extender
dup 8#145/vr put %vertical rule
dup 8#146/ob put %outline bullet
dup 8#147/bu put %bullet
dup 8#150/ru put %rule
dup 8#151/ul put %underline
pop
/DITfd 100 dict def
/BuildChar{0 begin
/cc exch def /fd exch def
/charname fd /Encoding get cc get def
/charwid fd /Metrics get charname get def
/charproc fd /CharProcs get charname get def
charwid 0 fd /FontBBox get aload pop setcachedevice
40 setlinewidth
newpath 0 0 moveto gsave charproc grestore
end}def
/BuildChar load 0 DITfd put
%/UniqueID 5 def
/CharProcs 50 dict def
CharProcs begin
/space{}def
/.notdef{}def
/ru{500 0 rls}def
/rn{0 750 moveto 500 0 rls}def
/vr{20 800 moveto 0 -770 rls}def
/bv{20 800 moveto 0 -1000 rls}def
/br{20 770 moveto 0 -1040 rls}def
/ul{0 -250 moveto 500 0 rls}def
/ob{200 250 rmoveto currentpoint newpath 200 0 360 arc closepath stroke}def
/bu{200 250 rmoveto currentpoint newpath 200 0 360 arc closepath fill}def
/sq{80 0 rmoveto currentpoint dround newpath moveto
640 0 rlineto 0 640 rlineto -640 0 rlineto closepath stroke}def
/bx{80 0 rmoveto currentpoint dround newpath moveto
640 0 rlineto 0 640 rlineto -640 0 rlineto closepath fill}def
/ci{355 333 rmoveto currentpoint newpath 333 0 360 arc
50 setlinewidth stroke}def
/lt{20 -200 moveto 0 550 rlineto currx 800 2cx s4 add exch s4 a4p stroke}def
/lb{20 800 moveto 0 -550 rlineto currx -200 2cx s4 add exch s4 a4p stroke}def
/rt{20 -200 moveto 0 550 rlineto currx 800 2cx s4 sub exch s4 a4p stroke}def
/rb{20 800 moveto 0 -500 rlineto currx -200 2cx s4 sub exch s4 a4p stroke}def
/lk{20 800 moveto 20 300 -280 300 s4 arcto pop pop 1000 sub
currentpoint stroke moveto
20 300 4 2 roll s4 a4p 20 -200 lineto stroke}def
/rk{20 800 moveto 20 300 320 300 s4 arcto pop pop 1000 sub
currentpoint stroke moveto
20 300 4 2 roll s4 a4p 20 -200 lineto stroke}def
/lf{20 800 moveto 0 -1000 rlineto s4 0 rls}def
/rf{20 800 moveto 0 -1000 rlineto s4 neg 0 rls}def
/lc{20 -200 moveto 0 1000 rlineto s4 0 rls}def
/rc{20 -200 moveto 0 1000 rlineto s4 neg 0 rls}def
end
/Metrics 50 dict def Metrics begin
/.notdef 0 def
/space 500 def
/ru 500 def
/br 0 def
/lt 250 def
/lb 250 def
/rt 250 def
/rb 250 def
/lk 250 def
/rk 250 def
/rc 250 def
/lc 250 def
/rf 250 def
/lf 250 def
/bv 250 def
/ob 350 def
/bu 350 def
/ci 750 def
/bx 750 def
/sq 750 def
/rn 500 def
/ul 500 def
/vr 0 def
end
DITfd begin
/s2 500 def /s4 250 def /s3 333 def
/a4p{arcto pop pop pop pop}def
/2cx{2 copy exch}def
/rls{rlineto stroke}def
/currx{currentpoint pop}def
/dround{transform round exch round exch itransform} def
end
end
/DIThacks exch definefont pop
ditstart
(psc)xT
576 1 1 xr
1(Times-Roman)xf 1 f
2(Times-Italic)xf 2 f
3(Times-Bold)xf 3 f
4(Times-BoldItalic)xf 4 f
5(Helvetica)xf 5 f
6(Helvetica-Bold)xf 6 f
7(Courier)xf 7 f
8(Courier-Bold)xf 8 f
9(Symbol)xf 9 f
10(DIThacks)xf 10 f
10 s
1 f
xi
%%EndProlog
%%Page: 1 1
10 s 0 xH 0 xS 1 f
8 s
6 f
18 s
1152 1248(IM)N
(PR)S
(O)S
1624(VIN)X
1864(G)X
2016(TH)X
2208(E)X
2344(SEC)X
2640(U)X
2744(R)X
2848(ITY)X
3112(O)X
3224(F)X
3352(YO)X
3560(U)X
3664(R)X
1152 1432(U)N
1256(N)X
1360(IX)X
1536(SYSTEM)X
5 f
10 s
1152 1696(David)N
1378(A.)X
1475(Curry,)X
1715(Systems)X
2043(Programmer)X
1152 1784(Information)N
1572(and)X
1726(Telecommunications)X
2479(Sciences)X
2824(and)X
2978(Technology)X
3411(Division)X
1152 1960(ITSTD-721-FR-90-21)N
1152 4120(Approved:)N
1152 4296(Paul)N
1333(K.)X
1430(Hyder,)X
1687(Manager)X
1152 4384(Computer)N
1524(Facility)X
1152 4560(Boyd)N
1355(C.)X
1457(Fair,)X
1639(General)X
1944(Manager)X
1152 4648(Division)N
1454(Operations)X
1865(Section)X
1152 4824(Michael)N
1449(S.)X
1546(Frankel,)X
1856(Vice)X
2033(President)X
1152 4912(Information)N
1572(and)X
1726(Telecommunications)X
2479(Sciences)X
2824(and)X
2978(Technology)X
3411(Division)X
3744 520(Final)N
3939(Report)X
10 f
4200(g)X
5 f
4250(April)X
4432(1990)X
6 f
12 s
576 5848(SRI)N
763(International)X
5 f
8 s
1376(333)X
1502(Ravenswood)X
1892(Avenue)X
10 f
2129(g)X
5 f
2169(Menlo)X
2362(Park,)X
2530(CA)X
2637 0.4028(94025-3493)AX
10 f
3000(g)X
5 f
3040(\(415\))X
3208(326-6200)X
10 f
3499(g)X
5 f
3539(FAX:)X
3700(\(415\))X
3868(326-5512)X
10 f
4159(g)X
5 f
4199(Telex:)X
4392(334486)X
1 p
%%Page: 1 2
8 s 0 xH 0 xS 5 f
18 s
2140 752(SEC)N
2436(TIO)X
2676(N)X
2820(1)X
1968 928(IN)N
(TR)S
2304(O)X
2416(D)X
2520(U)X
2624(C)X
2728(TIO)X
2968(N)X
6 f
14 s
576 1277(1.1)N
824(UNIX)X
1122(SECURITY)X
1 f
12 s
920 1473(The)N
11 s
1110(UNIX)X
12 s
1370(operating)X
1776(system,)X
2109(although)X
2488(now)X
2695(in)X
2812(widespread)X
3293(use)X
3464(in)X
3582(environments)X
4149(con-)X
720 1585(cerned)N
1004(about)X
1245(security,)X
1601(was)X
1777(not)X
1927(really)X
2174(designed)X
2543(with)X
2741(security)X
3073(in)X
3175(mind)X
3400([Ritc75].)X
3796(This)X
3994(does)X
4197(not)X
720 1697(mean)N
959(that)X
11 s
1132(UNIX)X
12 s
1380(does)X
1586(not)X
1739(provide)X
2063(any)X
2233(security)X
2569(mechanisms;)X
3103(indeed,)X
3415(several)X
3719(very)X
3921(good)X
4144(ones)X
720 1809(are)N
864(available.)X
1287(However,)X
1689(most)X
1901(``out)X
2113(of)X
2218(the)X
2361(box'')X
2594(installation)X
3048(procedures)X
3495(from)X
3707(companies)X
4144(such)X
720 1921(as)N
843(Sun)X
1035(Microsystems)X
1617(still)X
1805(install)X
2084(the)X
2245(operating)X
2653(system)X
2964(in)X
3083(much)X
3341(the)X
3503(same)X
3745(way)X
3949(as)X
4073(it)X
4171(was)X
720 2033(installed)N
1071(15)X
1191(years)X
1418(ago:)X
1632(with)X
1827(little)X
2029(or)X
2133(no)X
2253(security)X
2582(enabled.)X
920 2173(The)N
1095(reasons)X
1408(for)X
1545(this)X
1710(state)X
1913(of)X
2019(affairs)X
2291(are)X
2435(largely)X
2729(historical.)X
11 s
3158(UNIX)X
12 s
3402(was)X
3577(originally)X
3978(designed)X
720 2285(by)N
847(programmers)X
1390(for)X
1532(use)X
1690(by)X
1816(other)X
2044(programmers.)X
2635(The)X
2815(environment)X
3332(in)X
3437(which)X
3702(it)X
3786(was)X
3965(used)X
4171(was)X
720 2397(one)N
888(of)X
997(open)X
1213(cooperation,)X
1721(not)X
1873(one)X
2042(of)X
2152(privacy.)X
2519(Programmers)X
3067(typically)X
3435(collaborated)X
3942(with)X
4143(each)X
720 2509(other)N
948(on)X
1074(projects,)X
1433(and)X
1602(hence)X
1857(preferred)X
2240(to)X
2345(be)X
2466(able)X
2657(to)X
2762(share)X
2995(their)X
3202(\256les)X
3392(with)X
3593(each)X
3799(other)X
4026(without)X
720 2621(having)N
1010(to)X
1113(climb)X
1361(over)X
1560(security)X
1893(hurdles.)X
2252(Because)X
2601(the)X
2747(\256rst)X
2924(sites)X
3123(outside)X
3430(of)X
3539(Bell)X
3729(Laboratories)X
4245(to)X
720 2733(install)N
11 s
986(UNIX)X
12 s
1236(were)X
1455(university)X
1872(research)X
2225(laboratories,)X
2736(where)X
3003(a)X
3078(similar)X
3378(environment)X
3896(existed,)X
4224(no)X
720 2845(real)N
889(need)X
1095(for)X
1231(greater)X
1523(security)X
1852(was)X
2025(seen)X
2220(until)X
2421(some)X
2648(time)X
2844(later.)X
920 2985(In)N
1040(the)X
1198(early)X
1431(1980s,)X
1724(many)X
1978(universities)X
2462(began)X
2732(to)X
2847(move)X
3101(their)X
11 s
3316(UNIX)X
12 s
3574(systems)X
3918(out)X
4081(of)X
4202(the)X
720 3097(research)N
1067(laboratories)X
1548(and)X
1713(into)X
1889(the)X
2033(computer)X
2423(centers,)X
2746(allowing)X
3108(\(or)X
3245(forcing\))X
3580(the)X
3723(user)X
3908(population)X
720 3209(as)N
835(a)X
913(whole)X
1183(to)X
1293(use)X
1456(this)X
1630(new)X
1825(and)X
1999(wonderful)X
2429(system.)X
2779(Many)X
3038(businesses)X
3478(and)X
3653(government)X
4149(sites)X
720 3321(began)N
989(to)X
1103(install)X
11 s
1376(UNIX)X
12 s
1633(systems)X
1976(as)X
2094(well,)X
2322(particularly)X
2805(as)X
2923(desktop)X
3260(workstations)X
3789(became)X
4122(more)X
720 3433(powerful)N
1098(and)X
1269(affordable.)X
1745(Thus,)X
1993(the)X
11 s
2141(UNIX)X
12 s
2391(operating)X
2787(system)X
3086(is)X
3182(no)X
3310(longer)X
3588(being)X
3834(used)X
4042(only)X
4245(in)X
720 3545(environments)N
1271(where)X
1533(open)X
1747(collaboration)X
2283(is)X
2373(the)X
2517(goal.)X
2757(Universities)X
3248(require)X
3547(their)X
3750(students)X
4091(to)X
4192(use)X
720 3657(the)N
868(system)X
1165(for)X
1307(class)X
1524(assignments,)X
2049(yet)X
2198(they)X
2395(do)X
2522(not)X
2676(want)X
2894(the)X
3043(students)X
3389(to)X
3495(be)X
3617(able)X
3809(to)X
3915(copy)X
4133(from)X
720 3769(each)N
932(other.)X
1213(Businesses)X
1669(use)X
1832(their)X
11 s
2042(UNIX)X
12 s
2295(systems)X
2634(for)X
2781(con\256dential)X
3271(tasks)X
3498(such)X
3709(as)X
3823(bookkeeping)X
720 3881(and)N
893(payroll.)X
1248(And)X
1447(the)X
1599(government)X
2093(uses)X
11 s
2290(UNIX)X
12 s
2542(systems)X
2880(for)X
3026(various)X
3343(unclassi\256ed)X
3831(yet)X
3983(sensitive)X
720 3993(purposes.)N
920 4133(To)N
1058(complicate)X
1513(matters,)X
1852(new)X
2043(features)X
2379(have)X
2592(been)X
2805(added)X
3066(to)X
11 s
3170(UNIX)X
12 s
3419(over)X
3622(the)X
3772(years,)X
4031(making)X
720 4245(security)N
1050(even)X
1257(more)X
1479(dif\256cult)X
1808(to)X
1907(control.)X
2252(Perhaps)X
2580(the)X
2722(most)X
2933(problematic)X
3418(features)X
3747(are)X
3889(those)X
4116(relat-)X
720 4357(ing)N
870(to)X
972(networking:)X
1489(remote)X
1785(login,)X
2035(remote)X
2331(command)X
2739(execution,)X
3166(network)X
3509(\256le)X
3660(systems,)X
4016(diskless)X
720 4469(workstations,)N
1262(and)X
1428(electronic)X
1836(mail.)X
2083(All)X
2233(of)X
2339(these)X
2563(features)X
2894(have)X
3102(increased)X
3492(the)X
3636(utility)X
3893(and)X
4058(usabil-)X
720 4581(ity)N
856(of)X
11 s
968(UNIX)X
12 s
1220(by)X
1350(untold)X
1630(amounts.)X
2038(However,)X
2448(these)X
2680(same)X
2912(features,)X
3275(along)X
3523(with)X
3729(the)X
3882(widespread)X
720 4693(connection)N
1175(of)X
11 s
1285(UNIX)X
12 s
1535(systems)X
1871(to)X
1978(the)X
2128(Internet)X
2460(and)X
2630(other)X
2859(networks,)X
3266(have)X
3479(opened)X
3788(up)X
3915(many)X
4160(new)X
720 4805(areas)N
942(of)X
1046(vulnerability)X
1563(to)X
1662(unauthorized)X
2189(abuse)X
2432(of)X
2536(the)X
2678(system.)X
10 s
10 f
576 5456(h)N
592(hhhhhhhhhhhhhh)X
9 s
1 f
576 5552(UNIX)N
10 s
776(is)X
849(a)X
905(registered)X
1242(trademark)X
1588(of)X
9 s
1673(AT&T)X
10 s
(.)S
9 s
1925(VAX)X
10 s
2101(is)X
2174(a)X
2230(trademark)X
2576(of)X
2663(Digital)X
2905(Equipment)X
3276(Corporation.)X
3723(Sun-3)X
3934(and)X
9 s
4068(NFS)X
10 s
4221(are)X
576 5648(trademarks)N
953(of)X
1040(Sun)X
1184(Microsystems.)X
1693(Annex)X
1927(is)X
2000(a)X
2056(trademark)X
2402(of)X
2489(Xylogics,)X
2818(Inc.)X
6 f
12 s
2421 6016(1)N
2 p
%%Page: 2 3
12 s 0 xH 0 xS 6 f
14 s
576 832(1.2)N
824(THE)X
1078(INTERNET)X
1667(W)X
1773(ORM)X
1 f
12 s
920 1028(On)N
1069(the)X
1220(evening)X
1558(of)X
1671(November)X
2110(2,)X
2215(1988,)X
2464(a)X
2540(self-replicating)X
3157(program,)X
3540(called)X
3804(a)X
2 f
3880(worm)X
1 f
4114(,)X
4171(was)X
720 1140(released)N
1064(on)X
1188(the)X
1334(Internet)X
1662([Seel88,)X
2008(Spaf88,)X
2332(Eich89].)X
2713(Overnight,)X
3155(this)X
3322(program)X
3676(had)X
3843(copied)X
4127(itself)X
720 1252(from)N
940(machine)X
1300(to)X
1409(machine,)X
1794(causing)X
2122(the)X
2274(machines)X
2672(it)X
2760(infected)X
3105(to)X
3214(labor)X
3446(under)X
3699(huge)X
3920(loads,)X
4181(and)X
720 1364(denying)N
1069(service)X
1381(to)X
1495(the)X
1652(users)X
1888(of)X
2006(those)X
2247(machines.)X
2697(Although)X
3098(the)X
3254(program)X
3618(only)X
3827(infected)X
4176(two)X
720 1476(types)N
954(of)X
1065(computers,*)X
1569(it)X
1655(spread)X
1938(quickly,)X
2283(as)X
2395(did)X
2550(the)X
2700(concern,)X
3061(confusion,)X
3496(and)X
3667(sometimes)X
4111(panic)X
720 1588(of)N
828(system)X
1123(administrators)X
1702(whose)X
1975(machines)X
2367(were)X
2582(affected.)X
2969(While)X
3233(many)X
3475(system)X
3769(administrators)X
720 1700(were)N
933(aware)X
1189(that)X
1360(something)X
1787(like)X
1958(this)X
2123(could)X
2363 0.2604(theoretically)AX
2872(happen)X
9 f
3176(-)X
1 f
3255(the)X
3399(security)X
3731(holes)X
3961(exploited)X
720 1812(by)N
845(the)X
992(worm)X
1245(were)X
1461(well)X
1656(known)X
9 f
1946(-)X
1 f
2028(the)X
2175(scope)X
2423(of)X
2531(the)X
2677(worm's)X
2998(break-ins)X
3384(came)X
3616(as)X
3724(a)X
3795(great)X
4016(surprise)X
720 1924(to)N
819(most)X
1030(people.)X
920 2064(The)N
1109(worm)X
1372(itself)X
1604(did)X
1766(not)X
1928(destroy)X
2250(any)X
2429(\256les,)X
2653(steal)X
2870(any)X
3049(information)X
3544(\(other)X
3814(than)X
4020(account)X
720 2176(passwords\),)N
1204(intercept)X
1571(private)X
1868(mail,)X
2093(or)X
2202(plant)X
2424(other)X
2650(destructive)X
3101(software)X
3460([Seel88].)X
3862(However,)X
4266(it)X
720 2288(did)N
868(manage)X
1193(to)X
1293(severely)X
1639(disrupt)X
1931(the)X
2074(operation)X
2463(of)X
2568(the)X
2712(network.)X
3101(Several)X
3416(sites,)X
3637(including)X
4027(parts)X
4240(of)X
11 s
720 2400(MIT)N
12 s
881(,)X
11 s
938(NASA)X
12 s
1176('s)X
1280(Ames)X
1539(Research)X
1927(Center)X
2219(and)X
2393(Goddard)X
2764(Space)X
3029(Flight)X
3294(Center,)X
3610(the)X
3763(Jet)X
3904(Propulsion)X
720 2512(Laboratory,)N
1215(and)X
1398(the)X
1560(U.)X
1697(S.)X
1818(Army)X
2086(Ballistic)X
2452(Research)X
2849(Laboratory,)X
3345(disconnected)X
3892(themselves)X
720 2624(from)N
959(the)X
1129(Internet)X
1481(to)X
1608(avoid)X
1874 0.2083(recontamination.)AX
2601(In)X
2733(addition,)X
3125(the)X
3295(Defense)X
3662(Communications)X
720 2736(Agency)N
1053(ordered)X
1381(the)X
1533(connections)X
2027(between)X
2383(the)X
11 s
2534(MILNET)X
12 s
2901(and)X
11 s
3073(ARPANET)X
12 s
3513(shut)X
3708(down,)X
3980(and)X
4154(kept)X
720 2848(them)N
952(down)X
1204(for)X
1355(nearly)X
1635(24)X
1770(hours)X
2022([Eich89,)X
2390(Elme88].)X
2809(Ironically,)X
3247(this)X
3425(was)X
3613(perhaps)X
3951(the)X
4107(worst)X
720 2960(thing)N
965(to)X
1087(do,)X
1254(since)X
1499(the)X
1664(\256rst)X
1860(\256xes)X
2088(to)X
2210(combat)X
2541(the)X
2706(worm)X
2978(were)X
3213(distributed)X
3673(via)X
3839(the)X
4005(network)X
720 3072([Eich89].)N
920 3212(This)N
1123(incident)X
1466(was)X
1647(perhaps)X
1978(the)X
2128(most)X
2347(widely)X
2641(described)X
3042(computer)X
3438(security)X
3776(problem)X
4130(ever.)X
720 3324(The)N
896(worm)X
1146(was)X
1321(covered)X
1651(in)X
1751(many)X
1990(newspapers)X
2463(and)X
2627(magazines)X
3059(around)X
3351(the)X
3494(country)X
3813(including)X
4202(the)X
2 f
720 3436(New)N
920(York)X
1130(Times)X
1 f
1375(,)X
2 f
1428(Wall)X
1639(Street)X
1893(Journal)X
1 f
2208(,)X
2 f
2261(Time)X
1 f
2498(and)X
2666(most)X
2883(computer-oriented)X
3625(technical)X
4004(publica-)X
720 3548(tions,)N
977(as)X
1103(well)X
1315(as)X
1441(on)X
1583(all)X
1726(three)X
1965(major)X
2236(television)X
2657(networks,)X
3079(the)X
3243(Cable)X
3513(News)X
3776(Network,)X
4181(and)X
720 3660(National)N
1087(Public)X
1368(Radio.)X
1681(In)X
1797(January)X
2132(1990,)X
2384(a)X
2463(United)X
2761(States)X
3027(District)X
3352(Court)X
3607(jury)X
3798(found)X
4058(Robert)X
720 3772(Tappan)N
1039(Morris,)X
1354(the)X
1502(author)X
1778(of)X
1888(the)X
2036(worm,)X
2313(guilty)X
2567(of)X
2676(charges)X
2999(brought)X
3327(against)X
3629(him)X
3808(under)X
4056(a)X
4128(1986)X
720 3884(federal)N
1012(computer)X
1400(fraud)X
1627(and)X
1790(abuse)X
2033(law.)X
2244(Morris)X
2529(faces)X
2751(up)X
2871(to)X
2970(\256ve)X
3138(years)X
3365(in)X
3464(prison)X
3728(and)X
3892(a)X
3960($250,000)X
720 3996(\256ne)N
888([Schu90].)X
1312(Sentencing)X
1764(is)X
1852(scheduled)X
2261(for)X
2397(May)X
2597(4,)X
2693(1990.)X
6 f
14 s
576 4345(1.3)N
824(SPIES)X
1182(AND)X
1456(ESPIONAGE)X
1 f
12 s
920 4541(In)N
1026(August)X
1329(1986,)X
1571(the)X
1716(Lawrence)X
2123(Berkeley)X
2498(Laboratory,)X
2977(an)X
3095(unclassi\256ed)X
3576(research)X
3924(laboratory)X
720 4653(at)N
838(the)X
1004(University)X
1458(of)X
1586(California)X
2024(at)X
2141(Berkeley,)X
2560(was)X
2756(attacked)X
3125(by)X
3268(an)X
3406(unauthorized)X
3956(computer)X
720 4765(intruder)N
1059([Stol88,)X
1400(Stol89].)X
1765(Instead)X
2077(of)X
2191(immediately)X
2708(closing)X
3020(the)X
3173(holes)X
3411(the)X
3564(intruder)X
3904(was)X
4088(using,)X
720 4877(the)N
882(system)X
1193(administrator,)X
1775(Clifford)X
2129(Stoll,)X
2379(elected)X
2697(to)X
2815(watch)X
3088(the)X
3249(intruder)X
3597(and)X
3779(document)X
4202(the)X
720 4989(weaknesses)N
1202(he)X
1327(exploited.)X
1768(Over)X
1994(the)X
2146(next)X
2346(10)X
2476(months,)X
2817(Stoll)X
3034(watched)X
3390(the)X
3543(intruder)X
3883(attack)X
4149(over)X
720 5101(400)N
901(computers)X
1339(around)X
1643(the)X
1798(world,)X
2083(and)X
2259(successfully)X
2766(enter)X
2996(about)X
3247(30.)X
3428(The)X
3615(computers)X
4053(broken)X
720 5213(into)N
894(were)X
1105(located)X
1408(at)X
1502(universities,)X
1994(military)X
2324(bases,)X
2580(and)X
2743(defense)X
3061(contractors)X
3513([Stol88].)X
10 s
10 f
576 5309(h)N
592(hhhhhhhhhhhhhh)X
1 f
656 5419(*)N
736(Sun-3)X
949(systems)X
1224(from)X
1402(Sun)X
1548(Microsystems)X
2019(and)X
9 s
2155(VAX)X
10 s
2333(systems)X
2608(from)X
2787(Digital)X
3032(Equipment)X
3406(Corp.,)X
3629(both)X
3794(running)X
4066(variants)X
576 5515(of)N
663(4.)X
2 f
(x)S
1 f
9 s
777(BSD)X
935(UNIX)X
10 s
1135(from)X
1311(the)X
1429(University)X
1787(of)X
1874(California)X
2219(at)X
2297(Berkeley.)X
6 f
12 s
2421 6016(2)N
3 p
%%Page: 3 4
12 s 0 xH 0 xS 6 f
1 f
920 832(Unlike)N
1220(many)X
1472(intruders)X
1852(seen)X
2061(on)X
2195(the)X
2351(Internet,)X
2713(who)X
2916(typically)X
3292(enter)X
3523(systems)X
3865(and)X
4043(browse)X
720 944(around)N
1014(to)X
1116(see)X
1266(what)X
1480(they)X
1673(can,)X
1857(this)X
2022(intruder)X
2353(was)X
2528(looking)X
2848(for)X
2986(something)X
3413(speci\256c.)X
3781(Files)X
3994(and)X
4159(data)X
720 1056(dealing)N
1035(with)X
1237(the)X
1386(Strategic)X
1761(Defense)X
2108(Initiative,)X
2513(the)X
2663(space)X
2909(shuttle,)X
3222(and)X
3393(other)X
3623(military)X
3961(topics)X
4223(all)X
720 1168(seemed)N
1040(to)X
1146(be)X
1268(of)X
1379(special)X
1677(interest.)X
2039(Although)X
2432(it)X
2516(is)X
2610(unlikely)X
2956(that)X
3131(the)X
3279(intruder)X
3614(would)X
3884(have)X
4096(found)X
720 1280(any)N
888(truly)X
1099(classi\256ed)X
1486(information)X
1970(\(the)X
2149(Internet)X
2478(is)X
2571(an)X
2691(unclassi\256ed)X
3174(network\),)X
3574(it)X
3657(was)X
3836(highly)X
4112(prob-)X
720 1392(able)N
905(that)X
1074(he)X
1189(could)X
1427(\256nd)X
1600(a)X
1667(wealth)X
1948(of)X
2052(sensitive)X
2413(material)X
2754([Stol88].)X
920 1532(After)N
1151(a)X
1222(year)X
1416(of)X
1524(tracking)X
1868(the)X
2014(intruder)X
2347(\(eventually)X
2809(involving)X
3206(the)X
11 s
3350(FBI)X
12 s
3487(,)X
11 s
3537(CIA)X
12 s
3688(,)X
3740(National)X
4101(Secu-)X
720 1644(rity)N
890(Agency,)X
1249(Air)X
1413(Force)X
1667(Intelligence,)X
2182(and)X
2356(authorities)X
2798(in)X
2908(West)X
3141(Germany\),)X
3590(\256ve)X
3769(men)X
3970(in)X
4080(Hann-)X
720 1756(over,)N
947(West)X
1177(Germany)X
1567(were)X
1786(arrested.)X
2172(In)X
2285(March)X
2569(1989,)X
2818(the)X
2969(\256ve)X
3146(were)X
3366(charged)X
3704(with)X
3908(espionage:)X
720 1868(they)N
919(had)X
1091(been)X
1306(selling)X
1596(the)X
1746(material)X
2095(they)X
2293(found)X
2549(during)X
2832(their)X
3041(exploits)X
3378(to)X
3485(the)X
11 s
3633(KGB)X
12 s
3818(.)X
3898(One)X
4090(of)X
4202(the)X
720 1980(men,)N
940(Karl)X
1141(Koch)X
1379(\(``Hagbard''\),)X
1956(was)X
2135(later)X
2337(found)X
2591(burned)X
2888(to)X
2993(death)X
3233(in)X
3339(an)X
3461(isolated)X
3792(forest)X
4042(outside)X
720 2092(Hannover.)N
1186(No)X
1342(suicide)X
1654(note)X
1859(was)X
2047(found)X
2310([Stol89].)X
2712(In)X
2831(February)X
3217(1990,)X
3472(three)X
3704(of)X
3822(the)X
3978(intruders)X
720 2204(\(Markus)N
1082(Hess,)X
1329(Dirk)X
1542(Bresinsky,)X
1988(and)X
2165(Peter)X
2401(Carl\))X
2637(were)X
2862(convicted)X
3275(of)X
3393(espionage)X
3816(in)X
3929(a)X
4010(German)X
720 2316(court)N
950(and)X
1120(sentenced)X
1531(to)X
1637(prison)X
1908(terms,)X
2177(\256nes,)X
2413(and)X
2583(the)X
2732(loss)X
2912(of)X
3023(their)X
3231(rights)X
3481(to)X
3587(participate)X
4026(in)X
4132(elec-)X
720 2428(tions)N
931([Risk90].)X
1339(The)X
1513(last)X
1671(of)X
1775(the)X
1917(intruders,)X
2307(Hans)X
2528(Hu)X
2598 2371(.)N
2617(.)X
2645 2428(bner)N
2840(\(``Pengo''\),)X
3320(still)X
3489(faces)X
3711(trial)X
3891(in)X
3990(Berlin.)X
6 f
14 s
576 2777(1.4)N
824(OTHER)X
1246(BREAK-INS)X
1 f
12 s
920 2973(Numerous)N
1351(other)X
1580(computer)X
1975(security)X
2311(problems)X
2700(have)X
2913(occurred)X
3281(in)X
3387(recent)X
3655(years,)X
3914(with)X
4117(vary-)X
720 3085(ing)N
886(levels)X
1154(of)X
1277(publicity.)X
1711(Some)X
1973(of)X
2096(the)X
2257(more)X
2498(widely)X
2803(known)X
3107(incidents)X
3498(include)X
3824(break-ins)X
4224(on)X
11 s
720 3197(NASA)N
12 s
958('s)X
11 s
1062(SPAN)X
12 s
1323(network)X
1675([McLe87],)X
2126(the)X
11 s
2279(IBM)X
12 s
2482(``Christmas)X
2974(Virus'')X
3289([Risk87],)X
3687(a)X
3768(virus)X
3998(at)X
4106(Mitre)X
720 3309(Corp.)N
973(that)X
1155(caused)X
1454(the)X
11 s
1607(MILNET)X
12 s
1976(to)X
2087(be)X
2214(temporarily)X
2700(isolated)X
3036(from)X
3259(other)X
3493(networks)X
3881([Risk88],)X
4277(a)X
720 3421(worm)N
984(that)X
1169(penetrated)X
11 s
1609(DECNET)X
12 s
1996(networks)X
2388([Risk89a],)X
2831(break-ins)X
3229(on)X
3365(U.)X
3499(S.)X
3617(banking)X
3968(networks)X
720 3533([Risk89b],)N
1157(and)X
1324(a)X
1395(multitude)X
1793(of)X
1901(viruses,)X
2225(worms,)X
2538(and)X
2705(trojan)X
2958(horses)X
3231(affecting)X
3602(personal)X
3956(computer)X
720 3645(users.)N
6 f
14 s
576 3994(1.5)N
824(SECURITY)X
1419(IS)X
1555(IMPORTANT)X
1 f
12 s
920 4190(As)N
1070(the)X
1232(previous)X
1607(stories)X
1902(demonstrate,)X
2441(computer)X
2849(security)X
3198(is)X
3307(an)X
3443(important)X
3863(topic.)X
4149(This)X
720 4302(document)N
1134(describes)X
1526(the)X
1678(security)X
2017(features)X
2356(provided)X
2732(by)X
2862(the)X
11 s
3011(UNIX)X
12 s
3262(operating)X
3659(system,)X
3983(and)X
4155(how)X
720 4414(they)N
923(should)X
1216(be)X
1344(used.)X
1606(The)X
1794(discussion)X
2232(centers)X
2543(around)X
2848(version)X
3169(4.)X
2 f
(x)S
1 f
3322(of)X
3440(Sun)X
11 s
3589(OS)X
12 s
3701(,)X
3763(the)X
3919(version)X
4240(of)X
11 s
720 4526(UNIX)N
12 s
967(sold)X
1156(by)X
1281(Sun)X
1459(Microsystems.)X
2075(Most)X
2301(of)X
2410(the)X
2557(information)X
3041(presented)X
3438(applies)X
3739(equally)X
4051(well)X
4245(to)X
720 4638(other)N
11 s
961(UNIX)X
12 s
1224(systems.)X
1621(Although)X
2029(there)X
2267(is)X
2376(no)X
2518(way)X
2724(to)X
2845(make)X
3100(a)X
3189(computer)X
3599(completely)X
4074(secure)X
720 4750(against)N
1028(unauthorized)X
1566(use)X
1728(\(other)X
1992(than)X
2192(to)X
2301(lock)X
2501(it)X
2589(in)X
2698(a)X
2775(room)X
3012(and)X
3185(turn)X
3374(it)X
3462(off\),)X
3664(by)X
3794(following)X
4202(the)X
720 4862(instructions)N
1193(in)X
1292(this)X
1455(document)X
1859(you)X
2027(can)X
2185(make)X
2418(your)X
2618(system)X
2909(impregnable)X
3416(to)X
3516(the)X
3659(``casual'')X
4053(system)X
720 4974(cracker,*)N
1100(and)X
1263(make)X
1496(it)X
1574(more)X
1796(dif\256cult)X
2125(for)X
2261(the)X
2403(sophisticated)X
2930(cracker)X
3238(to)X
3337(penetrate.)X
10 s
10 f
576 5070(h)N
592(hhhhhhhhhhhhhh)X
1 f
656 5180(*)N
736(The)X
889(term)X
1064 0.3375(``hacker,'')AX
1435(as)X
1530(applied)X
1794(to)X
1885(computer)X
2217(users,)X
2431(originally)X
2771(had)X
2916(an)X
3021(honorable)X
3371(connotation:)X
3820(``a)X
3939(person)X
4182(who)X
576 5276(enjoys)N
809(learning)X
1096(the)X
1218(details)X
1451(of)X
1542(programming)X
2002(systems)X
2279(and)X
2419(how)X
2581(to)X
2667(stretch)X
2904(their)X
3074(capabilities)X
3462(-)X
3512(as)X
3602(opposed)X
3892(to)X
3977(most)X
4155(users)X
576 5372(of)N
671(computers,)X
1053(who)X
1219(prefer)X
1440(to)X
1530(learn)X
1719(only)X
1890(the)X
2017(minimum)X
2356(amount)X
2625(necessary'')X
3021([Stee88].)X
3362(Unfortunately,)X
3861(the)X
3988(media)X
4213(has)X
576 5468(distorted)N
879(this)X
1017(de\256nition)X
1346(and)X
1485(given)X
1686(it)X
1753(a)X
1812(dishonorable)X
2249(meaning.)X
2588(In)X
2678 0.4062(deference)AX
3015(to)X
3100(the)X
3221(true)X
3369(hackers,)X
3658(we)X
3775(will)X
3922(use)X
4052(the)X
4173(term)X
576 5564 0.4250(``cracker'')AN
942(throughout)X
1313(this)X
1448(document.)X
6 f
12 s
2421 6016(3)N
4 p
%%Page: 4 5
12 s 0 xH 0 xS 6 f
1 f
6 f
2421 6016(4)N
5 p
%%Page: 5 6
12 s 0 xH 0 xS 6 f
1 f
5 f
18 s
2140 896(SEC)N
2436(TIO)X
2676(N)X
2820(2)X
1724 1072(IM)N
(PR)S
(O)S
2196(VIN)X
2436(G)X
2588(SEC)X
2884(U)X
2988(R)X
3092(ITY)X
1 f
11 s
920 1268(UNIX)N
12 s
1171(system)X
1472(security)X
1811(can)X
1979(be)X
2104(divided)X
2427(into)X
2611(three)X
2838(main)X
3065(areas)X
3297(of)X
3411(concern.)X
3798(Two)X
4008(of)X
4122(these)X
720 1380(areas,)N
967(account)X
1292(security)X
1622(and)X
1785(network)X
2124(security,)X
2477(are)X
2619(primarily)X
3002(concerned)X
3422(with)X
3617(keeping)X
3946(unauthor-)X
720 1492(ized)N
917(users)X
1150(from)X
1373(gaining)X
1698(access)X
1980(to)X
2091(the)X
2245(system.)X
2596(The)X
2782(third)X
3000(area,)X
3221(\256le)X
3380(system)X
3683(security,)X
4048(is)X
4149(con-)X
720 1604(cerned)N
1017(with)X
1227(preventing)X
1678(unauthorized)X
2220(access,)X
2529(either)X
2788(by)X
2923(legitimate)X
3349(users)X
3585(or)X
3704(crackers,)X
4088(to)X
4202(the)X
720 1716(data)N
912(stored)X
1178(in)X
1284(the)X
1433(system.)X
1779(This)X
1981(section)X
2286(describes)X
2676(the)X
11 s
2824(UNIX)X
12 s
3074(security)X
3411(tools)X
3630(provided)X
4004(to)X
4111(make)X
720 1828(each)N
921(of)X
1025(these)X
1247(areas)X
1469(as)X
1573(secure)X
1843(as)X
1947(possible.)X
6 f
14 s
576 2177(2.1)N
824(ACCOUNT)X
1415(SECURITY)X
1 f
12 s
920 2373(One)N
1105(of)X
1210(the)X
1353(easiest)X
1635(ways)X
1858(for)X
1996(a)X
2065(cracker)X
2375(to)X
2476(get)X
2620(into)X
2796(a)X
2865(system)X
3158(is)X
3248(by)X
3370(breaking)X
3733(into)X
3909(someone's)X
720 2485(account.)N
1095(This)X
1292(is)X
1382(usually)X
1686(easy)X
1883(to)X
1984(do,)X
2130(since)X
2354(many)X
2594(systems)X
2924(have)X
3132(old)X
3281(accounts)X
3644(whose)X
3915(users)X
4138(have)X
720 2597(left)N
901(the)X
1071(organization,)X
1630(accounts)X
2020(with)X
2244(easy-to-guess)X
2820(passwords,)X
3296(and)X
3488(so)X
3626(on.)X
3823(This)X
4047(section)X
720 2709(describes)N
1102(methods)X
1452(that)X
1621(can)X
1779(be)X
1894(used)X
2094(to)X
2193(avoid)X
2431(these)X
2653(problems.)X
6 f
14 s
576 3058(2.1.1)N
917(Passwords)X
1 f
12 s
920 3254(The)N
1096(password)X
1484(is)X
1574(the)X
1718(most)X
1931(vital)X
2129(part)X
2305(of)X
11 s
2409(UNIX)X
12 s
2654(account)X
2981(security.)X
3361(If)X
3452(a)X
3522(cracker)X
3833(can)X
3994(discover)X
720 3366(a)N
797(user's)X
1060(password,)X
1480(he)X
1604(can)X
1771(then)X
1970(log)X
2126(in)X
2234(to)X
2342(the)X
2493(system)X
2793(and)X
2965(operate)X
3282(with)X
3486(all)X
3616(the)X
3767(capabilities)X
4240(of)X
720 3478(that)N
889(user.)X
1121(If)X
1210(the)X
1353(password)X
1740(obtained)X
2097(is)X
2186(that)X
2356(of)X
2461(the)X
2604(super-user,)X
3053(the)X
3196(problem)X
3542(is)X
3631(more)X
3854(serious:)X
4202(the)X
720 3590(cracker)N
1029(will)X
1204(have)X
1411(read)X
1602(and)X
1766(write)X
1989(access)X
2260(to)X
2360(every)X
2599(\256le)X
2747(on)X
2868(the)X
3011(system.)X
3351(For)X
3509(this)X
3673(reason,)X
3973(choosing)X
720 3702(secure)N
990(passwords)X
1413(is)X
1501(extremely)X
1911(important.)X
920 3842(The)N
11 s
1096(UNIX)X
2 f
12 s
1342(passwd)X
1 f
1668(program)X
2022([Sun88a,)X
2394(379])X
2598(places)X
2867(very)X
3066(few)X
3238(restrictions)X
3694(on)X
3818(what)X
4034(may)X
4229(be)X
720 3954(used)N
934(as)X
1052(a)X
1133(password.)X
1581(Generally,)X
2023(it)X
2115(requires)X
2463(that)X
2645(passwords)X
3081(contain)X
3402(\256ve)X
3583(or)X
3700(more)X
3935(lowercase)X
720 4066(letters,)N
1008(or)X
1117(four)X
1306(characters)X
1726(if)X
1814(a)X
1886(nonalphabetic)X
2456(or)X
2565(uppercase)X
2979(letter)X
3207(is)X
3300(included.)X
3709(However,)X
4114(if)X
4202(the)X
720 4178(user)N
910(``insists'')X
1308(that)X
1483(a)X
1555(shorter)X
1851(password)X
2242(be)X
2362(used)X
2567(\(by)X
2724(entering)X
3069(it)X
3152(three)X
3374(times\),)X
3668(the)X
3815(program)X
4170(will)X
720 4290(allow)N
960(it.)X
1088(No)X
1231(checks)X
1519(for)X
1657(obviously)X
2062(insecure)X
2409(passwords)X
2835(\(see)X
3017(below\))X
3311(are)X
3456(performed.)X
3932(Thus,)X
4175(it)X
4256(is)X
720 4402(incumbent)N
1158(upon)X
1381(the)X
1530(system)X
1828(administrator)X
2373(to)X
2479(ensure)X
2761(that)X
2937(the)X
3086(passwords)X
3516(in)X
3621(use)X
3779(on)X
3905(the)X
4053(system)X
720 4514(are)N
862(secure.)X
920 4654(In)N
1039([Morr78],)X
1459(the)X
1616(authors)X
1939(describe)X
2300(experiments)X
2811(conducted)X
3247(to)X
3362(determine)X
3788(typical)X
4091(users')X
720 4766(habits)N
987(in)X
1099(the)X
1254(choice)X
1543(of)X
1660(passwords.)X
2144(In)X
2261(a)X
2341(collection)X
2759(of)X
2876(3,289)X
3129(passwords,)X
3589(16%)X
3802(of)X
3919(them)X
4149(con-)X
720 4878(tained)N
1006(three)X
1249(characters)X
1690(or)X
1820(less,)X
2038(and)X
2227(an)X
2368(astonishing)X
2856(86%)X
3082(were)X
3319(what)X
3556(could)X
3820(generally)X
4229(be)X
720 4990(described)N
1116(as)X
1223(insecure.)X
1619(Additional)X
2058(experiments)X
2556(in)X
2658([Gram84])X
3064(show)X
3293(that)X
3465(by)X
3588(trying)X
3844(three)X
4063(simple)X
720 5102(guesses)N
1054(on)X
1191(each)X
1409(account)X
9 f
1750(-)X
1 f
1844(the)X
2003(login)X
2242(name,)X
2516(the)X
2675(login)X
2914(name)X
3164(in)X
3280(reverse,)X
3623(and)X
3803(the)X
3963(two)X
4149(con-)X
720 5214(catenated)N
1111(together)X
9 f
1453(-)X
1 f
1532(a)X
1601(cracker)X
1911(can)X
2070(expect)X
2347(to)X
2447(obtain)X
2713(access)X
2984(to)X
3084(between)X
3430(8)X
3503(and)X
3667(30)X
3788(percent)X
4097(of)X
4202(the)X
720 5326(accounts)N
1084(on)X
1207(a)X
1277(typical)X
1567(system.)X
1909(A)X
2005(second)X
2299(experiment)X
2761(showed)X
3082(that)X
3255(by)X
3379(trying)X
3637(the)X
3783(20)X
3907(most)X
4122(com-)X
720 5438(mon)N
926(female)X
1224(\256rst)X
1408(names,)X
1712(followed)X
2088(by)X
2218(a)X
2295(single)X
2559(digit)X
2770(\(a)X
2879(total)X
3085(of)X
3199(200)X
3377(passwords\),)X
3866(at)X
3970(least)X
4181(one)X
720 5550(password)N
1115(was)X
1297(valid)X
1523(on)X
1653(each)X
1864(of)X
1978(several)X
2285(dozen)X
2549(machines)X
2947(surveyed.)X
3376(Further)X
3693 0.2232(experimentation)AX
720 5662(by)N
857(the)X
1015(author)X
1301(has)X
1469(found)X
1733(that)X
1918(by)X
2054(trying)X
2324(variations)X
2744(on)X
2880(the)X
3038(login)X
3276(name,)X
3549(user's)X
3818(\256rst)X
4007(and)X
4186(last)X
6 f
2421 6016(5)N
6 p
%%Page: 6 7
12 s 0 xH 0 xS 6 f
1 f
720 832(names,)N
1019(and)X
1187(a)X
1259(list)X
1406(of)X
1515(nearly)X
1785(1800)X
2006(common)X
2372(\256rst)X
2550(names,)X
2849(up)X
2974(to)X
3078(50)X
3227(percent)X
3540(of)X
3649(the)X
3796(passwords)X
4224(on)X
720 944(any)N
883(given)X
1121(system)X
1412(can)X
1570(be)X
1685(cracked)X
2009(in)X
2108(a)X
2175(matter)X
2446(of)X
2550(two)X
2718(or)X
2822(three)X
3039(days.)X
5 f
14 s
576 1293(2.1.1.1)N
1010(Selecting)X
1500(Passwords)X
1 f
12 s
920 1489(The)N
1097(object)X
1360(when)X
1595(choosing)X
1969(a)X
2039(password)X
2428(is)X
2519(to)X
2621(make)X
2857(it)X
2938(as)X
3045(dif\256cult)X
3377(as)X
3484(possible)X
3826(for)X
3965(a)X
4036(cracker)X
720 1601(to)N
829(make)X
1072(educated)X
1449(guesses)X
1775(about)X
2022(what)X
2242(you've)X
2542(chosen.)X
2890(This)X
3094(leaves)X
3368(him)X
3551(no)X
3680(alternative)X
4121(but)X
4277(a)X
720 1713(brute-force)N
1182(search,)X
1486(trying)X
1751(every)X
2000(possible)X
2350(combination)X
2867(of)X
2982(letters,)X
3277(numbers,)X
3667(and)X
3841(punctuation.)X
720 1825(A)N
817(search)X
1091(of)X
1199(this)X
1366(sort,)X
1562(even)X
1772(conducted)X
2196(on)X
2320(a)X
2391(machine)X
2746(that)X
2919(could)X
3161(try)X
3296(one)X
3463(million)X
3770(passwords)X
4197(per)X
720 1937(second)N
1026(\(most)X
1284(machines)X
1687(can)X
1860(try)X
2006(less)X
2189(than)X
2394(one)X
2572(hundred)X
2926(per)X
3088(second\),)X
3450(would)X
3729(require,)X
4066(on)X
4202(the)X
720 2049(average,)N
1073(over)X
1273(one)X
1441(hundred)X
1785(years)X
2017(to)X
2121(complete.)X
2552(With)X
2774(this)X
2942(as)X
3051(our)X
3208(goal,)X
3427(and)X
3595(by)X
3719(using)X
3955(the)X
4101(infor-)X
720 2161(mation)N
1012(in)X
1111(the)X
1253(preceding)X
1657(text,)X
1850(a)X
1917(set)X
2048(of)X
2152(guidelines)X
2572(for)X
2708(password)X
3094(selection)X
3461(can)X
3619(be)X
3734(constructed:)X
10 f
920 2301(g)N
3 f
1120(Don't)X
1 f
1378(use)X
1530(your)X
1730(login)X
1952(name)X
2185(in)X
2284(any)X
2447(form)X
2658(\(as-is,)X
2914(reversed,)X
3288 0.2841(capitalized,)AX
3755(doubled,)X
4113(etc.\).)X
10 f
920 2441(g)N
3 f
1120(Don't)X
1 f
1378(use)X
1530(your)X
1730(\256rst)X
1903(or)X
2007(last)X
2165(name)X
2398(in)X
2497(any)X
2660(form.)X
10 f
920 2581(g)N
3 f
1120(Don't)X
1 f
1378(use)X
1530(your)X
1730(spouse's)X
2084(or)X
2188(child's)X
2474(name.)X
10 f
920 2721(g)N
3 f
1120(Don't)X
1 f
1378(use)X
1531(other)X
1754(information)X
2234(easily)X
2484(obtained)X
2841(about)X
3080(you.)X
3297(This)X
3493(includes)X
3839(license)X
4132(plate)X
1120 2833(numbers,)N
1507(telephone)X
1914(numbers,)X
2301(social)X
2558(security)X
2895(numbers,)X
3282(the)X
3431(brand)X
3681(of)X
3792(your)X
3999(automo-)X
1120 2945(bile,)N
1313(the)X
1455(name)X
1688(of)X
1792(the)X
1934(street)X
2167(you)X
2335(live)X
2504(on,)X
2648(etc.)X
10 f
920 3085(g)N
3 f
1120(Don't)X
1 f
1402(use)X
1578(a)X
1669(password)X
2079(of)X
2207(all)X
2352(digits,)X
2639(or)X
2768(all)X
2914(the)X
3081(same)X
3328(letter.)X
3624(This)X
3844(signi\256cantly)X
1120 3197(decreases)N
1513(the)X
1655(search)X
1925(time)X
2121(for)X
2257(a)X
2324(cracker.)X
10 f
920 3337(g)N
3 f
1120(Don't)X
1 f
1381(use)X
1536(a)X
1606(word)X
1831(contained)X
2234(in)X
2337(\(English)X
2691(or)X
2799(foreign)X
3105(language\))X
3513(dictionaries,)X
4015(spelling)X
1120 3449(lists,)N
1323(or)X
1427(other)X
1649(lists)X
1828(of)X
1932(words.)X
10 f
920 3589(g)N
3 f
1120(Don't)X
1 f
1378(use)X
1530(a)X
1597(password)X
1983(shorter)X
2274(than)X
2464(six)X
2600(characters.)X
10 f
920 3729(g)N
3 f
1120(Do)X
1 f
1261(use)X
1413(a)X
1480(password)X
1866(with)X
2061(mixed-case)X
2524(alphabetics.)X
10 f
920 3869(g)N
3 f
1120(Do)X
1 f
1261(use)X
1413(a)X
1480(password)X
1866(with)X
2061(nonalphabetic)X
2626(characters,)X
3065(e.g.,)X
3252(digits)X
3490(or)X
3594(punctuation.)X
10 f
920 4009(g)N
3 f
1120(Do)X
1 f
1261(use)X
1413(a)X
1480(password)X
1866(that)X
2035(is)X
2123(easy)X
2318(to)X
2417(remember,)X
2856(so)X
2965(you)X
3133(don't)X
3360(have)X
3566(to)X
3665(write)X
3887(it)X
3965(down.)X
10 f
920 4149(g)N
3 f
1120(Do)X
1 f
1269(use)X
1429(a)X
1504(password)X
1898(that)X
2075(you)X
2251(can)X
2417(type)X
2615(quickly,)X
2961(without)X
3288(having)X
3583(to)X
3691(look)X
3895(at)X
3998(the)X
4149(key-)X
1120 4261(board.)N
1415(This)X
1613(makes)X
1886(it)X
1967(harder)X
2240(for)X
2379(someone)X
2748(to)X
2850(steal)X
3054(your)X
3257(password)X
3646(by)X
3769(watching)X
4149(over)X
1120 4373(your)N
1320(shoulder.)X
920 4513(Although)N
1328(this)X
1512(list)X
1675(may)X
1886(seem)X
2129(to)X
2249(restrict)X
2562(passwords)X
3006(to)X
3126(an)X
3263(extreme,)X
3644(there)X
3883(are)X
4047(several)X
720 4625(methods)N
1075(for)X
1216(choosing)X
1592(secure,)X
1890(easy-to-remember)X
2619(passwords)X
3046(that)X
3219(obey)X
3434(the)X
3580(above)X
3838(rules.)X
4101(Some)X
720 4737(of)N
824(these)X
1046(include)X
1354(the)X
1496(following:)X
10 f
920 4877(g)N
1 f
1120(Choose)X
1440(a)X
1516(line)X
1694(or)X
1807(two)X
1984(from)X
2204(a)X
2280(song)X
2494(or)X
2607(poem,)X
2878(and)X
3050(use)X
3211(the)X
3362(\256rst)X
3544(letter)X
3776(of)X
3889(each)X
4099(word.)X
1120 4989(For)N
1304(example,)X
1706(``In)X
1901(Xanadu)X
2251(did)X
2425(Kubla)X
2711(Kahn)X
2970(a)X
3064(stately)X
3367(pleasure)X
3739(dome)X
4004(decree'')X
1120 5101(becomes)N
1481(``IXdKKaspdd.'')X
10 f
920 5241(g)N
1 f
1120(Alternate)X
1513(between)X
1868(one)X
2041(consonant)X
2465(and)X
2638(one)X
2811(or)X
2926(two)X
3105(vowels,)X
3436(up)X
3567(to)X
3677(eight)X
3905(characters.)X
1120 5353(This)N
1337(provides)X
1714(nonsense)X
2112(words)X
2392(that)X
2583(are)X
2747(usually)X
3070(pronounceable,)X
3706(and)X
3890(thus)X
4095(easily)X
1120 5465(remembered.)N
1674(Examples)X
2078(include)X
2386(``routboo,'')X
2861(``quadpop,'')X
3368(and)X
3531(so)X
3640(on.)X
10 f
920 5605(g)N
1 f
1120(Choose)X
1438(two)X
1612(short)X
1834(words)X
2098(and)X
2267(concatenate)X
2753(them)X
2976(together)X
3322(with)X
3524(a)X
3598(punctation)X
4036(charac-)X
1120 5717(ter)N
1246(between)X
1591(them.)X
1856(For)X
2013(example:)X
2391(``dog;rain,'')X
2888(``book+mug,'')X
3481(``kid?goat.'')X
6 f
2421 6016(6)N
7 p
%%Page: 7 8
12 s 0 xH 0 xS 6 f
1 f
920 832(The)N
1103(importance)X
1570(of)X
1684(obeying)X
2028(these)X
2260(password)X
2656(selection)X
3033(rules)X
3254(cannot)X
3545(be)X
3670(overemphasized.)X
720 944(The)N
896(Internet)X
1222(worm,)X
1496(as)X
1602(part)X
1778(of)X
1884(its)X
2001(strategy)X
2332(for)X
2470(breaking)X
2832(into)X
3007(new)X
3192(machines,)X
3605(attempted)X
4011(to)X
4111(crack)X
720 1056(user)N
907(passwords.)X
1381(First,)X
1608(the)X
1753(worm)X
2004(tried)X
2208(simple)X
2492(choices)X
2808(such)X
3011(as)X
3118(the)X
3263(login)X
3488(name,)X
3748(user's)X
4004(\256rst)X
4181(and)X
720 1168(last)N
887(names,)X
1190(and)X
1361(so)X
1478(on.)X
1654(Next,)X
1897(the)X
2047(worm)X
2303(tried)X
2512(each)X
2721(word)X
2950(present)X
3260(in)X
3367(an)X
3490(internal)X
3817(dictionary)X
4240(of)X
720 1280(432)N
898(words)X
1166(\(presumably)X
1682(Morris)X
1978(considered)X
2430(these)X
2663(words)X
2932(to)X
3042(be)X
3168(``good'')X
3523(words)X
3792(to)X
3902(try\).)X
4124(If)X
4223(all)X
720 1392(else)N
899(failed,)X
1172(the)X
1319(worm)X
1572(tried)X
1777(going)X
2024(through)X
2351(the)X
2497(system)X
2792(dictionary,)X
2 f
3235(/usr/dict/words)X
1 f
3833(,)X
3885(trying)X
4143(each)X
720 1504(word)N
951([Spaf88].)X
1369(The)X
1553(password)X
1949(selection)X
2326(rules)X
2548(above)X
2813(successfully)X
3318(guard)X
3572(against)X
3880(all)X
4012(three)X
4240(of)X
720 1616(these)N
942(strategies.)X
5 f
14 s
576 1965(2.1.1.2)N
1010(Password)X
1532(Policies)X
1 f
12 s
920 2161(Although)N
1309(asking)X
1586(users)X
1809(to)X
1910(select)X
2156(secure)X
2428(passwords)X
2853(will)X
3029(help)X
3221(improve)X
3568(security,)X
3923(by)X
4046(itself)X
4266(it)X
720 2273(is)N
809(not)X
957(enough.)X
1313(It)X
1397(is)X
1486(also)X
1666(important)X
2065(to)X
2164(form)X
2375(a)X
2442(set)X
2573(of)X
2677(password)X
3063(policies)X
3387(that)X
3556(all)X
3677(users)X
3898(must)X
4109(obey,)X
720 2385(in)N
819(order)X
1046(to)X
1145(keep)X
1351(the)X
1493(passwords)X
1916(secure.)X
920 2525(First)N
1124(and)X
1291(foremost,)X
1685(it)X
1767(is)X
1859(important)X
2262(to)X
2365(impress)X
2692(on)X
2816(users)X
3042(the)X
3189(need)X
3400(to)X
3504(keep)X
3715(their)X
3921(passwords)X
720 2637(in)N
832(their)X
1046(minds)X
1317(only.)X
1572(Passwords)X
2012(should)X
2304(never)X
2554(be)X
2681(written)X
2990(down)X
3239(on)X
3371(desk)X
3583(blotters,)X
3932(calendars,)X
720 2749(and)N
899(the)X
1057(like.)X
1290(Further,)X
1637(storing)X
1944(passwords)X
2383(in)X
2498(\256les)X
2698(on)X
2834(the)X
2992(computer)X
3396(must)X
3623(be)X
3755(prohibited.)X
4240(In)X
720 2861(either)N
967(case,)X
1184(by)X
1307(writing)X
1612(the)X
1757(password)X
2145(down)X
2384(on)X
2506(a)X
2575(piece)X
2805(of)X
2911(paper)X
3151(or)X
3257(storing)X
3550(it)X
3630(in)X
3731(a)X
3800(\256le,)X
3973(the)X
4117(secu-)X
720 2973(rity)N
887(of)X
1000(the)X
1151(user's)X
1414(account)X
1748(is)X
1846(totally)X
2127(dependent)X
2557(on)X
2687(the)X
2839(security)X
3178(of)X
3292(the)X
3444(paper)X
3692(or)X
3806(\256le,)X
3987(which)X
4256(is)X
720 3085(usually)N
1022(less)X
1190(than)X
1380(the)X
1522(security)X
1851(offered)X
2153(by)X
2273(the)X
2415(password)X
2801(encryption)X
3237(software.)X
920 3225(A)N
1020(second)X
1318(important)X
1724(policy)X
1996(is)X
2091(that)X
2267(users)X
2496(must)X
2715(never)X
2961(give)X
3159(out)X
3314(their)X
3523(passwords)X
3954(to)X
4061(others.)X
720 3337(Many)N
970(times,)X
1229(a)X
1298(user)X
1484(feels)X
1692(that)X
1862(it)X
1941(is)X
2030(easier)X
2280(to)X
2380(give)X
2571(someone)X
2938(else)X
3113(his)X
3250(password)X
3637(in)X
3737(order)X
3965(to)X
4065(copy)X
4277(a)X
720 3449(\256le,)N
895(rather)X
1149(than)X
1344(to)X
1448(set)X
1584(up)X
1709(the)X
1856(permissions)X
2344(on)X
2469(the)X
2616(\256le)X
2768(so)X
2882(that)X
3056(it)X
3139(can)X
3302(be)X
3422(copied.)X
3756(Unfortunately,)X
720 3561(by)N
842(giving)X
1114(out)X
1263(the)X
1407(password)X
1795(to)X
1896(another)X
2211(person,)X
2517(the)X
2661(user)X
2846(is)X
2935(placing)X
3244(his)X
3381(trust)X
3577(in)X
3677(this)X
3841(other)X
4064(person)X
720 3673(not)N
867(to)X
966(distribute)X
1354(the)X
1496(password)X
1882(further,)X
2192(write)X
2414(it)X
2492(down,)X
2753(and)X
2916(so)X
3025(on.)X
920 3813(Finally,)N
1241(it)X
1320(is)X
1409(important)X
1809(to)X
1909(establish)X
2271(a)X
2339(policy)X
2605(that)X
2775(users)X
2997(must)X
3209(change)X
3507(their)X
3709(passwords)X
4133(from)X
720 3925(time)N
919(to)X
1021(time,)X
1244(say)X
1398(twice)X
1633(a)X
1702(year.)X
1942(This)X
2139(is)X
2229(dif\256cult)X
2560(to)X
2661(enforce)X
2976(on)X
11 s
3096(UNIX)X
12 s
3314(,)X
3364(since)X
3588(in)X
3689(most)X
3902(implemen-)X
720 4037(tations,)N
1034(a)X
1111(password-expiration)X
1930(scheme)X
2253(is)X
2351(not)X
2508(available.)X
2939(However,)X
3349(there)X
3576(are)X
3728(ways)X
3959(to)X
4068(imple-)X
720 4149(ment)N
953(this)X
1132(policy,)X
1436(either)X
1695(by)X
1830(using)X
2077(third-party)X
2528(software)X
2898(or)X
3017(by)X
3152(sending)X
3490(a)X
3572(memo)X
3852(to)X
3966(the)X
4123(users)X
720 4261(requesting)N
1145(that)X
1314(they)X
1504(change)X
1801(their)X
2002(passwords.)X
920 4401(This)N
1120(set)X
1256(of)X
1365(policies)X
1694(should)X
1979(be)X
2099(printed)X
2401(and)X
2569(distributed)X
3010(to)X
3114(all)X
3241(current)X
3544(users)X
3771(of)X
3881(the)X
4029(system.)X
720 4513(It)N
805(should)X
1087(also)X
1268(be)X
1385(given)X
1625(to)X
1726(all)X
1849(new)X
2035(users)X
2258(when)X
2492(they)X
2684(receive)X
2989(their)X
3191(accounts.)X
3601(The)X
3776(policy)X
4042(usually)X
720 4625(carries)N
1001(more)X
1223(weight)X
1509(if)X
1592(you)X
1760(can)X
1918(get)X
2060(it)X
2138(signed)X
2414(by)X
2535(the)X
2678(most)X
2890(``impressive'')X
3460(person)X
3741(in)X
3841(your)X
4042(organi-)X
720 4737(zation)N
980(\(e.g.,)X
1199(the)X
1341(president)X
1718(of)X
1822(the)X
1964(company\).)X
5 f
14 s
576 5086(2.1.1.3)N
1010(Checking)X
1507(Password)X
2029(Security)X
1 f
12 s
920 5282(The)N
1104(procedures)X
1560(and)X
1733(policies)X
2067(described)X
2470(in)X
2579(the)X
2731(previous)X
3096(sections,)X
3464(when)X
3707(properly)X
4068(imple-)X
720 5394(mented,)N
1060(will)X
1241(greatly)X
1540(reduce)X
1828(the)X
1977(chances)X
2313(of)X
2424(a)X
2498(cracker)X
2813(breaking)X
3181(into)X
3362(your)X
3569(system)X
3867(via)X
4016(a)X
4090(stolen)X
720 5506(account.)N
1112(However,)X
1532(as)X
1656(with)X
1871(all)X
2012(security)X
2361(measures,)X
2787(you)X
2975(as)X
3099(the)X
3262(system)X
3574(administrator)X
4133(must)X
720 5618(periodically)N
1212(check)X
1468(to)X
1574(be)X
1696(sure)X
1887(that)X
2063(the)X
2212(policies)X
2543(and)X
2713(procedures)X
3166(are)X
3315(being)X
3560(adhered)X
3896(to.)X
4050(One)X
4240(of)X
6 f
2421 6016(7)N
8 p
%%Page: 8 9
12 s 0 xH 0 xS 6 f
1 f
720 832(the)N
872(unfortunate)X
1350(truisms)X
1667(of)X
1781(password)X
2177(security)X
2516(is)X
2615(that,)X
2819(``left)X
3047(to)X
3157(their)X
3369(own)X
3569(ways,)X
3825(some)X
4063(people)X
720 944(will)N
894(still)X
1063(use)X
1215(cute)X
1400(doggie)X
1686(names)X
1956(as)X
2060(passwords'')X
2547([Gram84].)X
920 1084(The)N
1117(best)X
1319(way)X
1527(to)X
1650(check)X
1923(the)X
2089(security)X
2442(of)X
2570(the)X
2736(passwords)X
3183(on)X
3327(your)X
3551(system)X
3866(is)X
3978(to)X
4101(use)X
4277(a)X
720 1196(password-cracking)N
1476(program)X
1832(much)X
2076(like)X
2251(a)X
2323(real)X
2497(cracker)X
2810(would)X
3079(use.)X
3284(If)X
3377(you)X
3550(succeed)X
3884(in)X
3988(cracking)X
720 1308(any)N
899(passwords,)X
1362(those)X
1605(passwords)X
2044(should)X
2340(be)X
2471(changed)X
2832(immediately.)X
3403(There)X
3668(are)X
3826(a)X
3910(few)X
4095(freely)X
720 1420(available)N
1100(password)X
1493(cracking)X
1855(programs)X
2248(distributed)X
2690(via)X
2838(various)X
3151(source)X
3432(archive)X
3746(sites;)X
3974(these)X
4202(are)X
720 1532(described)N
1118(in)X
1222(more)X
1449(detail)X
1693(in)X
1797(Section)X
2116(4.)X
2242(A)X
2341(fairly)X
2580(extensive)X
2974(cracking)X
3336(program)X
3692(is)X
3786(also)X
3971(available)X
720 1644(from)N
943(the)X
1097(author.)X
1427(Alternatively,)X
1996(you)X
2176(can)X
2346(write)X
2580(your)X
2791(own)X
2991(cracking)X
3358(program,)X
3743(and)X
3917(tailor)X
4156(it)X
4245(to)X
720 1756(your)N
920(own)X
1109(site.)X
1315(For)X
1472(a)X
1539(list)X
1681(of)X
1785(things)X
2044(to)X
2143(check)X
2392(for,)X
2552(see)X
2699(the)X
2841(list)X
2983(of)X
3087(guidelines)X
3507(above.)X
6 f
14 s
576 2105(2.1.2)N
917(Expiration)X
1494(Dates)X
1 f
12 s
920 2301(Many)N
1175(sites,)X
1402(particularly)X
1879(those)X
2114(with)X
2317(a)X
2392(large)X
2617(number)X
2943(of)X
3055(users,)X
3308(typically)X
3678(have)X
3892(several)X
4197(old)X
720 2413(accounts)N
1088(lying)X
1316(around)X
1613(whose)X
1888(owners)X
2195(have)X
2407(since)X
2635(left)X
2794(the)X
2942(organization.)X
3502(These)X
3762(accounts)X
4129(are)X
4277(a)X
720 2525(major)N
990(security)X
1340(hole:)X
1602(not)X
1770(only)X
1986(can)X
2165(they)X
2376(be)X
2512(broken)X
2824(into)X
3019(if)X
3124(the)X
3288(password)X
3696(is)X
3806(insecure,)X
4197(but)X
720 2637(because)N
1049(nobody)X
1361(is)X
1449(using)X
1681(the)X
1823(account)X
2147(anymore,)X
2532(it)X
2610(is)X
2698(unlikely)X
3038(that)X
3207(a)X
3274(break-in)X
3619(will)X
3793(be)X
3908(noticed.)X
920 2777(The)N
1099(simplest)X
1449(way)X
1638(to)X
1742(prevent)X
2060(unused)X
2361(accounts)X
2727(from)X
2943(accumulating)X
3493(is)X
3587(to)X
3692(place)X
3926(an)X
4047(expira-)X
720 2889(tion)N
900(date)X
1091(on)X
1217(every)X
1461(account.)X
1839(These)X
2099(expiration)X
2520(dates)X
2748(should)X
3034(be)X
3155(near)X
3351(enough)X
3664(in)X
3769(the)X
3916(future)X
4175(that)X
720 3001(old)N
872(accounts)X
1238(will)X
1418(be)X
1539(deleted)X
1848(in)X
1953(a)X
2026(timely)X
2303(manner,)X
2646(yet)X
2794(far)X
2931(enough)X
3244(apart)X
3467(that)X
3642(the)X
3790(users)X
4017(will)X
4197(not)X
720 3113(become)N
1048(annoyed.)X
1450(A)X
1547(good)X
1767(\256gure)X
2019(is)X
2110(usually)X
2415(one)X
2581(year)X
2774(from)X
2988(the)X
3133(date)X
3321(the)X
3466(account)X
3793(was)X
3969(installed.)X
720 3225(This)N
922(tends)X
1156(to)X
1262(spread)X
1544(the)X
1693(expirations)X
2152(out)X
2306(over)X
2508(the)X
2657(year,)X
2879(rather)X
3136(than)X
3334(clustering)X
3746(them)X
3971(all)X
4100(at)X
4202(the)X
720 3337(beginning)N
1138(or)X
1251(end.)X
1471(The)X
1654(expiration)X
2078(date)X
2272(can)X
2439(easily)X
2697(be)X
2821(stored)X
3089(in)X
3197(the)X
3348(password)X
3742(\256le)X
3897(\(in)X
4036(the)X
4186(full)X
720 3449(name)N
962(\256eld\).)X
1246(A)X
1348(simple)X
1638(shell)X
1853(script)X
2100(can)X
2267(be)X
2391(used)X
2600(to)X
2708(periodically)X
3202(check)X
3460(that)X
3638(all)X
3768(accounts)X
4138(have)X
720 3561(expiration)N
1135(dates,)X
1381(and)X
1544(that)X
1713(none)X
1924(of)X
2028(the)X
2170(dates)X
2392(has)X
2544(passed.)X
920 3701(On)N
1061(the)X
1203(\256rst)X
1376(day)X
1540(of)X
1645(each)X
1847(month,)X
2142(any)X
2306(user)X
2491(whose)X
2761(account)X
3086(has)X
3239(expired)X
3553(should)X
3834(be)X
3950(contacted)X
720 3813(to)N
824(be)X
944(sure)X
1133(he)X
1252(is)X
1344(still)X
1517(employed)X
1925(by)X
2049(the)X
2195(organization,)X
2729(and)X
2896(that)X
3069(he)X
3188(is)X
3280(actively)X
3614(using)X
3850(the)X
3996(account.)X
720 3925(Any)N
925(user)X
1125(who)X
1330(cannot)X
1627(be)X
1758(contacted,)X
2192(or)X
2312(who)X
2517(has)X
2685(not)X
2848(used)X
3064(his)X
3216(account)X
3556(recently,)X
3932(should)X
4229(be)X
720 4037(deleted)N
1025(from)X
1238(the)X
1382(system.)X
1723(If)X
1812(a)X
1880(user)X
2065(is)X
2154(unavailable)X
2624(for)X
2761(some)X
2989(reason)X
3265(\(e.g.,)X
3485(on)X
3606(vacation\))X
3990(and)X
4154(can-)X
720 4149(not)N
871(be)X
990(contacted,)X
1413(his)X
1554(account)X
1883(should)X
2168(be)X
2288(disabled)X
2638(by)X
2763(replacing)X
3151(the)X
3298(encrypted)X
3707(password)X
4098(in)X
4202(the)X
720 4261(password)N
1115(\256le)X
1271(entry)X
1502(with)X
1706(an)X
1830(asterisk)X
2157(\(*\).)X
2350(This)X
2554(makes)X
2833(it)X
2920(impossible)X
3370(to)X
3477(log)X
3632(in)X
3739(to)X
3846(the)X
3996(account,)X
720 4373(yet)N
862(leaves)X
1127(the)X
1269(account)X
1593(available)X
1966(to)X
2065(be)X
2180(re-enabled)X
2611(on)X
2731(the)X
2873(user's)X
3126(return.)X
6 f
14 s
576 4722(2.1.3)N
917(Guest)X
1265(Accounts)X
1 f
12 s
920 4918(Guest)N
1177(accounts)X
1547(present)X
1858(still)X
2036(another)X
2358(security)X
2696(hole.)X
2943(By)X
3089(their)X
3300(nature,)X
3599(these)X
3831(accounts)X
4202(are)X
720 5030(rarely)N
975(used,)X
1205(and)X
1374(are)X
1522(always)X
1819(used)X
2025(by)X
2150(people)X
2436(who)X
2630(should)X
2915(only)X
3115(have)X
3326(access)X
3601(to)X
3705(the)X
3852(machine)X
4208(for)X
720 5142(the)N
865(short)X
1084(period)X
1357(of)X
1464(time)X
1663(they)X
1856(are)X
2001(guests.)X
2316(The)X
2493(most)X
2707(secure)X
2981(way)X
3169(to)X
3272(handle)X
3557(guest)X
3788(accounts)X
4153(is)X
4245(to)X
720 5254(install)N
986(them)X
1209(on)X
1335(an)X
1456(as-needed)X
1871(basis,)X
2117(and)X
2286(delete)X
2547(them)X
2770(as)X
2880(soon)X
3091(as)X
3200(the)X
3347(people)X
3633(using)X
3870(them)X
4092(leave.)X
720 5366(Guest)N
975(accounts)X
1343(should)X
1630(never)X
1875(be)X
1997(given)X
2242(simple)X
2530(passwords)X
2960(such)X
3167(as)X
3278(``guest'')X
3640(or)X
3751(``visitor,'')X
4181(and)X
720 5478(should)N
1000(never)X
1238(be)X
1353(allowed)X
1682(to)X
1781(remain)X
2073(in)X
2172(the)X
2314(password)X
2700(\256le)X
2847(when)X
3079(they)X
3269(are)X
3411(not)X
3558(being)X
3796(used.)X
6 f
2421 6016(8)N
9 p
%%Page: 9 10
12 s 0 xH 0 xS 6 f
14 s
576 832(2.1.4)N
917(Accounts)X
1457(W)X
1563(ithout)X
1905(Passwords)X
1 f
12 s
920 1028(Some)N
1166(sites)X
1364(have)X
1574(installed)X
1929(accounts)X
2294(with)X
2493(names)X
2767(such)X
2971(as)X
3079(``who,'')X
3424(``date,'')X
3765(``lpq,'')X
4068(and)X
4235(so)X
720 1140(on)N
853(that)X
1034(execute)X
1365(simple)X
1658(commands.)X
2159(These)X
2425(accounts)X
2798(are)X
2952(intended)X
3320(to)X
3431(allow)X
3681(users)X
3914(to)X
4025(execute)X
720 1252(these)N
946(commands)X
1392(without)X
1715(having)X
2006(to)X
2110(log)X
2262(in)X
2366(to)X
2470(the)X
2617(machine.)X
3021(Typically)X
3420(these)X
3647(accounts)X
4013(have)X
4224(no)X
720 1364(password)N
1113(associated)X
1540(with)X
1742(them,)X
1990(and)X
2160(can)X
2324(thus)X
2514(be)X
2635(used)X
2841(by)X
2967(anyone.)X
3323(Many)X
3577(of)X
3687(the)X
3835(accounts)X
4202(are)X
720 1476(given)N
958(a)X
1025(user)X
1209(id)X
1308(of)X
1412(zero,)X
1626(so)X
1735(that)X
1904(they)X
2094(execute)X
2413(with)X
2608(super-user)X
3032(permissions.)X
920 1616(The)N
1095(problem)X
1441(with)X
1637(these)X
1861(accounts)X
2224(is)X
2314(that)X
2485(they)X
2677(open)X
2890(potential)X
3254(security)X
3585(holes.)X
3862(By)X
4000(not)X
4149(hav-)X
720 1728(ing)N
884(passwords)X
1324(on)X
1460(them,)X
1717(and)X
1896(by)X
2032(having)X
2334(super-user)X
2774(permissions,)X
3297(these)X
3535(accounts)X
3912(practically)X
720 1840(invite)N
964(crackers)X
1309(to)X
1408(try)X
1539(to)X
1638(penetrate)X
2016(them.)X
2281(Usually,)X
2629(if)X
2713(the)X
2856(cracker)X
3165(can)X
3324(gain)X
3515(access)X
3786(to)X
3886(the)X
4029(system,)X
720 1952(penetrating)N
1180(these)X
1404(accounts)X
1767(is)X
1857(simple,)X
2164(because)X
2494(each)X
2696(account)X
3021(executes)X
3378(a)X
3446(different)X
3803(command.)X
4256(If)X
720 2064(the)N
864(cracker)X
1174(can)X
1335(replace)X
1641(any)X
1807(one)X
1973(of)X
2080(these)X
2305(commands)X
2749(with)X
2947(one)X
3113(of)X
3220(his)X
3359(own,)X
3575(he)X
3693(can)X
3854(then)X
4047(use)X
4202(the)X
720 2176(unprotected)N
1199(account)X
1523(to)X
1622(execute)X
1941(his)X
2077(program)X
2427(with)X
2622(super-user)X
3046(permissions.)X
920 2316(Simply)N
1222(put,)X
1393(accounts)X
1754(without)X
2072(passwords)X
2495(should)X
2775(not)X
2922(be)X
3037(allowed)X
3366(on)X
3486(any)X
11 s
3647(UNIX)X
12 s
3889(system.)X
6 f
14 s
576 2665(2.1.5)N
917(Group)X
1283(Accounts)X
1823(and)X
2052(Groups)X
1 f
12 s
920 2861(Group)N
1192(accounts)X
1557(have)X
1767(become)X
2095(popular)X
2417(at)X
2515(many)X
2757(sites,)X
2980(but)X
3131(are)X
3277(actually)X
3611(a)X
3682(break-in)X
4031(waiting)X
720 2973(to)N
822(happen.)X
1175(A)X
1270(group)X
1520(account)X
1846(is)X
1936(a)X
2005(single)X
2261(account)X
2587(shared)X
2864(by)X
2986(several)X
3285(people,)X
3592(e.g.,)X
3781(by)X
3903(all)X
4026(the)X
4170(col-)X
720 3085(laborators)N
1134(on)X
1259(a)X
1332(project.)X
1678(As)X
1814(mentioned)X
2251(in)X
2356(the)X
2504(section)X
2807(on)X
2933(password)X
3325(security,)X
3684(users)X
3911(should)X
4197(not)X
720 3197(share)N
948(passwords)X
9 f
1372(-)X
1 f
1450(the)X
1593(group)X
1842(account)X
2167(concept)X
2492(directly)X
2812(violates)X
3136(this)X
3299(policy.)X
3612(The)X
3786(proper)X
4061(way)X
4245(to)X
720 3309(allow)N
963(users)X
1189(to)X
1293(share)X
1525(information,)X
2033(rather)X
2287(than)X
2482(giving)X
2757(them)X
2979(a)X
3051(group)X
3304(account)X
3633(to)X
3737(use,)X
3918(is)X
4011(to)X
4116(place)X
720 3421(these)N
951(users)X
1181(into)X
1364(a)X
1440(group.)X
1745(This)X
1949(is)X
2046(done)X
2266(by)X
2395(editing)X
2696(the)X
2846(group)X
3102(\256le,)X
2 f
3281(/etc/group)X
1 f
3725([Sun88a,)X
4101(1390;)X
720 3533(Sun88b,)N
1078(66],)X
1272(and)X
1453(creating)X
1806(a)X
1891(new)X
2093(group)X
2359(with)X
2572(the)X
2732(users)X
2971(who)X
3178(wish)X
3401(to)X
3518(collaborate)X
3989(listed)X
4240(as)X
720 3645(members.)N
920 3785(A)N
1013(line)X
1182(in)X
1281(the)X
1423(group)X
1671(\256le)X
1818(looks)X
2050(like)X
7 f
1008 3945 0.3830(groupname:password:groupid:user1,user2,user3,...)AN
1 f
720 4105(The)N
2 f
901(groupname)X
1 f
1386(is)X
1482(the)X
1632(name)X
1873(assigned)X
2236(to)X
2343(the)X
2493(group,)X
2773(much)X
3019(like)X
3196(a)X
3271(login)X
3501(name.)X
3790(It)X
3881(may)X
4079(be)X
4202(the)X
720 4217(same)N
947(as)X
1056(someone's)X
1496(login)X
1723(name,)X
1985(or)X
2093(different.)X
2501(The)X
2679(maximum)X
3098(length)X
3367(of)X
3475(a)X
3546(group)X
3798(name)X
4035(is)X
4127(eight)X
720 4329(characters.)N
1187(The)X
1365(password)X
1755(\256eld)X
1954(is)X
2046(unused)X
2346(in)X
11 s
2448(BSD)X
12 s
2619(-derived)X
2969(versions)X
3318(of)X
11 s
3425(UNIX)X
12 s
3643(,)X
3696(and)X
3864(should)X
4149(con-)X
720 4441(tain)N
915(an)X
1056(asterisk)X
1400(\(*\).)X
1609(The)X
2 f
1808(groupid)X
1 f
2177(is)X
2290(a)X
2382(number)X
2725(from)X
2961(0)X
3058(to)X
3182(65535)X
3471(inclusive.)X
3916(Generally,)X
720 4553(numbers)N
1100(below)X
1384(10)X
1529(are)X
1696(reserved)X
2071(for)X
2232(special)X
2549(purposes,)X
2963(but)X
3135(you)X
3328(may)X
3543(choose)X
3859(any)X
4048(unused)X
720 4665(number.)N
1091(The)X
1270(last)X
1432(\256eld)X
1631(is)X
1723(a)X
1794(comma-separated)X
2502(\(no)X
2658(spaces\))X
2969(list)X
3115(of)X
3223(the)X
3369(login)X
3595(names)X
3869(of)X
3977(the)X
4123(users)X
720 4777(in)N
819(the)X
961(group.)X
1257(If)X
1345(no)X
1465(login)X
1687(names)X
1957(are)X
2099(listed,)X
2357(then)X
2548(the)X
2691(group)X
2940(has)X
3093(no)X
3214(members.)X
3640(To)X
3772(create)X
4028(a)X
4096(group)X
720 4889(called)N
976(``hackers'')X
1422(with)X
1617(Huey,)X
1873(Duey,)X
2129(and)X
2292(Louie)X
2541(as)X
2645(members,)X
3046(you)X
3214(would)X
3478(add)X
3641(a)X
3708(line)X
3877(such)X
4077(as)X
4181(this)X
720 5001(to)N
819(the)X
961(group)X
1209(\256le:)X
7 f
1008 5161 0.3884(hackers:*:100:huey,duey,louie)AN
1 f
920 5349(After)N
1157(the)X
1309(group)X
1568(has)X
1731(been)X
1948(created,)X
2286(the)X
2439(\256les)X
2634(and)X
2808(directories)X
3250(the)X
3403(members)X
3791(wish)X
4007(to)X
4117(share)X
720 5461(can)N
884(then)X
1080(be)X
1201(changed)X
1552(so)X
1666(that)X
1840(they)X
2035(are)X
2182(owned)X
2467(by)X
2592(this)X
2760(group,)X
3037(and)X
3205(the)X
3352(group)X
3605(permission)X
4056(bits)X
4224(on)X
720 5573(the)N
865(\256les)X
1052(and)X
1218(directories)X
1652(can)X
1813(be)X
1931(set)X
2066(to)X
2169(allow)X
2411(sharing.)X
2770(Each)X
2991(user)X
3179(retains)X
3464(his)X
3604(own)X
3797(account,)X
4149(with)X
720 5685(his)N
856(own)X
1045(password,)X
1455(thus)X
1639(protecting)X
2054(the)X
2196(security)X
2525(of)X
2629(the)X
2771(system.)X
6 f
2421 6016(9)N
10 p
%%Page: 10 11
12 s 0 xH 0 xS 6 f
1 f
920 832(For)N
1086(example,)X
1470(to)X
1578(change)X
1884(Huey's)X
2194(``programs'')X
2718(directory)X
3099(to)X
3207(be)X
3331(owned)X
3620(by)X
3750(the)X
3902(new)X
4096(group)X
720 944(and)N
900(properly)X
1267(set)X
1415(up)X
1552(the)X
1711(permissions)X
2210(so)X
2335(that)X
2520(all)X
2657(members)X
3050(of)X
3170(the)X
3328(group)X
3592(may)X
3798(access)X
4084(it,)X
4202(the)X
2 f
720 1056(chgrp)N
1 f
984(and)X
2 f
1147(chmod)X
1 f
1443(commands)X
1884(would)X
2148(be)X
2263(used)X
2463(as)X
2567(follows)X
2879([Sun88a,)X
3247(63-66]:)X
7 f
1008 1216(#)N
8 f
1124(chgrp)X
1472(hackers)X
1936 0.4038(\304huey/programs)AX
7 f
1008 1328(#)N
8 f
1124(chmod)X
1472(-R)X
1646(g+rw)X
1936 0.4038(\304huey/programs)AX
6 f
14 s
576 1725(2.1.6)N
917(Yellow)X
1301(Pages)X
1 f
12 s
920 1921(The)N
1097(Sun)X
1273(Yellow)X
1583(Pages)X
1834(system)X
2128([Sun88b,)X
2504(349-374])X
2883(allows)X
3161(many)X
3402(hosts)X
3626(to)X
3728(share)X
3958(password)X
720 2033(\256les,)N
937(group)X
1194(\256les,)X
1411(and)X
1583(other)X
1814(\256les)X
2007(via)X
2158(the)X
2308(network,)X
2679(while)X
2925(the)X
3075(\256les)X
3267(are)X
3417(stored)X
3684(on)X
3812(only)X
4015(a)X
4090(single)X
720 2145(host.)N
952(Unfortunately,)X
1540(Yellow)X
1847(Pages)X
2095(also)X
2274(contains)X
2619(a)X
2686(few)X
2854(potential)X
3216(security)X
3545(holes.)X
920 2285(The)N
1109(principal)X
1491(way)X
1690(Yellow)X
2012(Pages)X
2275(works)X
2548(is)X
2652(to)X
2767(have)X
2989(a)X
3072(special)X
3380(line)X
3565(in)X
3680(the)X
3838(password)X
4240(or)X
720 2397(group)N
968(\256le)X
1115(that)X
1284(begins)X
1559(with)X
1754(a)X
1821(``+''.)X
2075(In)X
2179(the)X
2321(password)X
2707(\256le,)X
2878(this)X
3041(line)X
3210(looks)X
3442(like)X
7 f
1008 2557 0.4219(+::0:0:::)AN
1 f
720 2717(and)N
883(in)X
982(the)X
1124(group)X
1372(\256le,)X
1543(it)X
1621(looks)X
1853(like)X
7 f
1008 2877(+:)N
1 f
720 3037(These)N
975(lines)X
1182(should)X
1463(only)X
1659(be)X
1775(present)X
2078(in)X
2178(the)X
2321(\256les)X
2506(stored)X
2766(on)X
2887(Yellow)X
3195(Pages)X
3444(client)X
3684(machines.)X
4122(They)X
720 3149(should)N
1006(not)X
1159(be)X
1280(present)X
1588(in)X
1693(the)X
1841(\256les)X
2031(on)X
2157(the)X
2305(Yellow)X
2618(Pages)X
2872(master)X
3158(machine\(s\).)X
3663(When)X
3922(a)X
3994(program)X
720 3261(reads)N
955(the)X
1105(password)X
1499(or)X
1611(group)X
1867(\256le)X
2022(and)X
2193(encounters)X
2642(one)X
2813(of)X
2925(these)X
3155(lines,)X
3393(it)X
3479(goes)X
3687(through)X
4019(the)X
4170(net-)X
720 3373(work)N
944(and)X
1110(requests)X
1452(the)X
1596(information)X
2077(it)X
2157(wants)X
2407(from)X
2620(the)X
2764(Yellow)X
3073(Pages)X
3323(server)X
3584(instead)X
3883(of)X
3989(trying)X
4245(to)X
720 3485(\256nd)N
900(it)X
985(in)X
1091(the)X
1240(local)X
1459(\256le.)X
1661(In)X
1772(this)X
1942(way,)X
2157(the)X
2306(data)X
2498(does)X
2705(not)X
2859(have)X
3072(to)X
3178(be)X
3301(maintained)X
3762(on)X
3890(every)X
4136(host.)X
720 3597(Since)N
969(the)X
1122(master)X
1414(machine)X
1776(already)X
2095(has)X
2258(all)X
2390(the)X
2543(information,)X
3057(there)X
3285(is)X
3384(no)X
3515(need)X
3732(for)X
3879(this)X
4052(special)X
720 3709(line)N
889(to)X
988(be)X
1103(present)X
1405(there.)X
920 3849(Generally)N
1333(speaking,)X
1732(the)X
1883(Yellow)X
2199(Pages)X
2456(service)X
2762(itself)X
2989(is)X
3087(reasonably)X
3538(secure.)X
3866(There)X
4125(are)X
4277(a)X
720 3961(few)N
899(openings)X
1281(that)X
1461(a)X
1539(sophisticated)X
2076(\(and)X
2281(dedicated\))X
2717(cracker)X
3035(could)X
3283(exploit,)X
3609(but)X
3766(Sun)X
3949(is)X
4047(rapidly)X
720 4073(closing)N
1027(these.)X
1302(The)X
1481(biggest)X
1788(problem)X
2138(with)X
2338(Yellow)X
2650(Pages)X
2903(is)X
2996(the)X
3143(``+'')X
3354(line)X
3528(in)X
3633(the)X
3781(password)X
4173(\256le.)X
720 4185(If)N
814(the)X
962(``+'')X
1174(is)X
1268(deleted)X
1576(from)X
1792(the)X
1939(front)X
2155(of)X
2264(the)X
2411(line,)X
2609(then)X
2804(this)X
2972(line)X
3146(loses)X
3367(its)X
3487(special)X
3784(Yellow)X
4096(Pages)X
720 4297(meaning.)N
1136(It)X
1231(instead)X
1540(becomes)X
1913(a)X
1992(regular)X
2301(password)X
2699(\256le)X
2858(line)X
3039(for)X
3187(an)X
3314(account)X
3650(with)X
3857(a)X
3936(null)X
4122(login)X
720 4409(name,)N
986(no)X
1115(password,)X
1534(and)X
1706(user)X
1899(id)X
2007(zero)X
2206(\(super-user\).)X
2751(Thus,)X
3000(if)X
3092(a)X
3168(careless)X
3506(system)X
3806(administrator)X
720 4521 0.2841(accidentally)AN
1211(deletes)X
1503(the)X
1645(``+''.)X
1899(the)X
2041(whole)X
2300(system)X
2591(is)X
2679(wide)X
2890(open)X
3101(to)X
3200(any)X
3363(attack.*)X
920 4661(Yellow)N
1239(Pages)X
1499(is)X
1599(too)X
1758(useful)X
2029(a)X
2108(service)X
2417(to)X
2528(suggest)X
2852(turning)X
3166(it)X
3256(off,)X
3428(although)X
3802(turning)X
4117(it)X
4208(off)X
720 4773(would)N
995(make)X
1239(your)X
1450(system)X
1752(more)X
1985(secure.)X
2314(Instead,)X
2651(it)X
2740(is)X
2839(recommended)X
3420(that)X
3599(you)X
3777(read)X
3977(carefully)X
720 4885(the)N
865(information)X
1347(in)X
1449(the)X
1594(Sun)X
1771(manuals)X
2120(in)X
2223(order)X
2454(to)X
2557(be)X
2676(fully)X
2886(aware)X
3144(of)X
3252(Yellow)X
3563(Pages')X
3847(abilities)X
4181(and)X
720 4997(its)N
835(limitations.)X
10 s
10 f
576 5298(h)N
592(hhhhhhhhhhhhhh)X
1 f
656 5408(*)N
736(Actually,)X
1054(a)X
1112(line)X
1254(like)X
1396(this)X
1533(without)X
1799(a)X
1857(``+'')X
2032(is)X
2107(dangerous)X
2459(in)X
2543(any)X
2682(password)X
3008(\256le,)X
3153(regardless)X
3502(of)X
3592(whether)X
3874(Yellow)X
4133(Pages)X
576 5504(is)N
649(in)X
731(use.)X
6 f
12 s
2395 6016(10)N
11 p
%%Page: 11 12
12 s 0 xH 0 xS 6 f
14 s
576 832(2.2)N
824(NETW)X
1153(ORK)X
1433(SECURITY)X
1 f
12 s
920 1028(As)N
1050(trends)X
1309(toward)X
1600(internetworking)X
2239(continue,)X
2620(most)X
2832(sites)X
3028(will,)X
3227(if)X
3311(they)X
3502(haven't)X
3816(already,)X
4149(con-)X
720 1140(nect)N
911(themselves)X
1369(to)X
1474(one)X
1643(of)X
1753(the)X
1901(numerous)X
2310(regional)X
2656(networks)X
3038(springing)X
3431(up)X
3557(around)X
3854(the)X
4002(country.)X
720 1252(Most)N
964(of)X
1091(these)X
1336(regional)X
1699(networks)X
2098(are)X
2263(also)X
2465(interconnected,)X
3104(forming)X
3462(the)X
3628(Internet)X
3976([Hind83,)X
720 1364(Quar86].)N
1113(This)X
1309(means)X
1579(that)X
1748(the)X
1890(users)X
2111(of)X
2215(your)X
2415(machine)X
2766(can)X
2924(access)X
3194(other)X
3416(hosts)X
3637(and)X
3800(communicate)X
720 1476(with)N
925(other)X
1157(users)X
1388(around)X
1689(the)X
1841(world.)X
2147(Unfortunately,)X
2745(it)X
2833(also)X
3023(means)X
3304(that)X
3484(other)X
3717(hosts)X
3949(and)X
4123(users)X
720 1588(from)N
931(around)X
1222(the)X
1364(world)X
1612(can)X
1770(access)X
2040(your)X
2240(machine,)X
2615(and)X
2778(attempt)X
3092(to)X
3191(break)X
3429(into)X
3603(it.)X
920 1728(Before)N
1216(internetworking)X
1865(became)X
2194(commonplace,)X
2793(protecting)X
3218(a)X
3295(system)X
3596(from)X
3817(unauthorized)X
720 1840(access)N
998(simply)X
1292(meant)X
1560(locking)X
1881(the)X
2031(machine)X
2390(in)X
2497(a)X
2572(room)X
2807(by)X
2935(itself.)X
3208(Now)X
3426(that)X
3603(machines)X
3999(are)X
4149(con-)X
720 1952(nected)N
1008(by)X
1140(networks,)X
1552(however,)X
1943(security)X
2285(is)X
2386(much)X
2637(more)X
2872(complex.)X
3289(This)X
3497(section)X
3807(describes)X
4202(the)X
720 2064(tools)N
931(and)X
1094(methods)X
1444(available)X
1817(to)X
1916(make)X
2149(your)X
11 s
2347(UNIX)X
12 s
2589(networks)X
2965(as)X
3069(secure)X
3339(as)X
3443(possible.)X
6 f
14 s
576 2413(2.2.1)N
917(Trusted)X
1358(Hosts)X
1 f
12 s
920 2609(One)N
1127(of)X
1255(the)X
1421(most)X
1656(convenient)X
2127(features)X
2480(of)X
2608(the)X
2774(Berkeley)X
3170(\(and)X
3389(Sun\))X
11 s
3616(UNIX)X
12 s
3882(networking)X
720 2721(software)N
1087(is)X
1187(the)X
1340(concept)X
1675(of)X
1790(``trusted'')X
2215(hosts.)X
2495(The)X
2680(software)X
3046(allows)X
3332(the)X
3485(speci\256cation)X
4007(of)X
4122(other)X
720 2833(hosts)N
943(\(and)X
1140(possibly)X
1486(users\))X
1741(who)X
1932(are)X
2076(to)X
2177(be)X
2294(considered)X
2737(trusted)X
9 f
3025(-)X
1 f
3104(remote)X
3399(logins)X
3661(and)X
3827(remote)X
4122(com-)X
720 2945(mand)N
973(executions)X
1424(from)X
1650(these)X
1887(hosts)X
2123(will)X
2312(be)X
2442(permitted)X
2851(without)X
3184(requiring)X
3576(the)X
3733(user)X
3932(to)X
4046(enter)X
4277(a)X
720 3057(password.)N
1161(This)X
1363(is)X
1458(very)X
1660(convenient,)X
2138(because)X
2474(users)X
2702(do)X
2829(not)X
2984(have)X
3198(to)X
3305(type)X
3503(their)X
3712(password)X
4106(every)X
720 3169(time)N
921(they)X
1116(use)X
1273(the)X
1419(network.)X
1810(Unfortunately,)X
2402(for)X
2542(the)X
2688(same)X
2914(reason,)X
3217(the)X
3363(concept)X
3691(of)X
3799(a)X
3870(trusted)X
4160(host)X
720 3281(is)N
808(also)X
987(extremely)X
1397(insecure.)X
920 3421(The)N
1115(Internet)X
1460(worm)X
1729(made)X
1983(extensive)X
2392(use)X
2565(of)X
2690(the)X
2853(trusted)X
3160(host)X
3365(concept)X
3710(to)X
3830(spread)X
4127(itself)X
720 3533(throughout)N
1177(the)X
1329(network)X
1678([Seel88].)X
2086(Many)X
2344(sites)X
2549(that)X
2728(had)X
2901(already)X
3219(disallowed)X
3670(trusted)X
3966(hosts)X
4197(did)X
720 3645(fairly)N
964(well)X
1165(against)X
1473(the)X
1626(worm)X
1885(compared)X
2300(with)X
2507(those)X
2746(sites)X
2953(that)X
3134(did)X
3293(allow)X
3543(trusted)X
3841(hosts.)X
4122(Even)X
720 3757(though)N
1016(it)X
1099(is)X
1192(a)X
1263(security)X
1596(hole,)X
1814(there)X
2035(are)X
2181(some)X
2412(valid)X
2633(uses)X
2826(for)X
2966(the)X
3112(trusted)X
3402(host)X
3590(concept.)X
3966(This)X
4165(sec-)X
720 3869(tion)N
896(describes)X
1280(how)X
1471(to)X
1573(properly)X
1926(implement)X
2366(the)X
2511(trusted)X
2800(hosts)X
3024(facility)X
3325(while)X
3566(preserving)X
3999(as)X
4106(much)X
720 3981(security)N
1049(as)X
1153(possible.)X
5 f
14 s
576 4330(2.2.1.1)N
1010(The)X
1233(hosts.equiv)X
1829(File)X
1 f
12 s
920 4526(The)N
1109(\256le)X
2 f
1271(/etc/hosts.equiv)X
1 f
1923([Sun88a,)X
2306(1397])X
2569(can)X
2743(be)X
2874(used)X
3090(by)X
3226(the)X
3384(system)X
3691(administrator)X
4245(to)X
720 4638(indicate)N
1066(trusted)X
1368(hosts.)X
1653(Each)X
1886(trusted)X
2188(host)X
2388(is)X
2492(listed)X
2741(in)X
2856(the)X
3014(\256le,)X
3201(one)X
3380(host)X
3580(per)X
3743(line.)X
3975(If)X
4078(a)X
4160(user)X
720 4750(attempts)N
1072(to)X
1172(log)X
1320(in)X
1420(\(using)X
2 f
1685(rlogin)X
1 f
1936(\))X
1993(or)X
2098(execute)X
2418(a)X
2486(command)X
2891(\(using)X
2 f
3156(rsh)X
1 f
3294(\))X
3351(remotely)X
3719(from)X
3931(one)X
4096(of)X
4202(the)X
720 4862(systems)N
1051(listed)X
1287(in)X
2 f
1389(hosts.equiv)X
1 f
1835(,)X
1886(and)X
2052(that)X
2224(user)X
2411(has)X
2565(an)X
2682(account)X
3008(on)X
3130(the)X
3274(local)X
3488(system)X
3781(with)X
3978(the)X
4122(same)X
720 4974(login)N
942(name,)X
1199(access)X
1469(is)X
1557(permitted)X
1951(without)X
2269(requiring)X
2646(a)X
2713(password.)X
920 5114(Provided)N
1297(adequate)X
1670(care)X
1861(is)X
1955(taken)X
2194(to)X
2299(allow)X
2543(only)X
2744(local)X
2962(hosts)X
3189(in)X
3294(the)X
2 f
3442(hosts.equiv)X
1 f
3918(\256le,)X
4096(a)X
4170(rea-)X
720 5226(sonable)N
1056(compromise)X
1574(between)X
1937(security)X
2284(and)X
2465(convenience)X
2989(can)X
3165(be)X
3297(achieved.)X
3729(Nonlocal)X
4123(hosts)X
720 5338(\(including)N
1148(hosts)X
1377(at)X
1479(remote)X
1779(sites)X
1982(of)X
2094(the)X
2244(same)X
2474(organization\))X
3020(should)X
3309(never)X
3556(be)X
3680(trusted.)X
4023(Also,)X
4261(if)X
720 5450(there)N
942(are)X
1089(any)X
1257(machines)X
1649(at)X
1747(your)X
1951(organization)X
2461(that)X
2634(are)X
2780(installed)X
3135(in)X
3238(``public'')X
3635(areas)X
3861(\(e.g.,)X
4084(termi-)X
720 5562(nal)N
862(rooms\))X
1158(as)X
1262(opposed)X
1606(to)X
1705(private)X
1997(of\256ces,)X
2301(you)X
2469(should)X
2749(not)X
2896(trust)X
3091(these)X
3313(hosts.)X
6 f
2395 6016(11)N
12 p
%%Page: 12 13
12 s 0 xH 0 xS 6 f
1 f
920 832(On)N
1069(Sun)X
1250(systems,)X
2 f
1611(hosts.equiv)X
1 f
2090(is)X
2187(controlled)X
2611(with)X
2815(the)X
2966(Yellow)X
3282(Pages)X
3539(software.)X
3951(As)X
4090(distri-)X
720 944(buted,)N
982(the)X
1124(default)X
2 f
1416(hosts.equiv)X
1 f
1886(\256le)X
2033(distributed)X
2469(by)X
2589(Sun)X
2762(contains)X
3107(a)X
3174(single)X
3428(line:)X
7 f
1008 1104(+)N
1 f
720 1264(This)N
922(indicates)X
1296(that)X
2 f
1473(every)X
1714(known)X
1997(host)X
1 f
2205(\(i.e.,)X
2411(the)X
2561(complete)X
2947(contents)X
3300(of)X
3412(the)X
3562(host)X
3754(\256le\))X
3941(should)X
4229(be)X
720 1376(considered)N
1164(a)X
1234(trusted)X
1523(host.)X
1757(This)X
1954(is)X
2044(totally)X
2317(incorrect)X
2686(and)X
2851(a)X
2920(major)X
3171(security)X
3502(hole,)X
3718(since)X
3942(hosts)X
4165(out-)X
720 1488(side)N
922(the)X
1087(local)X
1322(organization)X
1851(should)X
2154(never)X
2415(be)X
2553(trusted.)X
2910(A)X
3026(correctly)X
3416(con\256gured)X
2 f
3874(hosts.equiv)X
1 f
720 1600(should)N
1008(never)X
1254(list)X
1404(any)X
1574(``wildcard'')X
2070(hosts)X
2298(\(such)X
2537(as)X
2648(the)X
2797(``+''\);)X
3069(only)X
3271(speci\256c)X
3596(host)X
3787(names)X
4064(should)X
720 1712(be)N
844(used.)X
1101(When)X
1364(installing)X
1756(a)X
1832(new)X
2025(system)X
2325(from)X
2545(Sun)X
2727(distribution)X
3204(tapes,)X
3459(you)X
3636(should)X
3926(be)X
4051(sure)X
4245(to)X
720 1824(either)N
972(replace)X
1283(the)X
1433(Sun)X
1613(default)X
2 f
1912(hosts.equiv)X
1 f
2389(with)X
2591(a)X
2665(correctly)X
3039(con\256gured)X
3481(one,)X
3675(or)X
3786(delete)X
4048(the)X
4197(\256le)X
720 1936(altogether.)N
5 f
14 s
576 2285(2.2.1.2)N
1010(The)X
1233(.rhosts)X
1600(File)X
1 f
12 s
920 2481(The)N
2 f
1098(.rhosts)X
1 f
1400(\256le)X
1551([Sun88a,)X
1923(1397])X
2175(is)X
2267(similar)X
2563(in)X
2666(concept)X
2994(and)X
3161(format)X
3447(to)X
3551(the)X
2 f
3698(hosts.equiv)X
1 f
4173(\256le,)X
720 2593(but)N
870(allows)X
1148(trusted)X
1437(access)X
1710(only)X
1908(to)X
2010(speci\256c)X
2331(host-user)X
2710(combinations,)X
3280(rather)X
3532(than)X
3724(to)X
3825(hosts)X
4048(in)X
4149(gen-)X
720 2705(eral.*)N
998(Each)X
1228(user)X
1425(may)X
1628(create)X
1896(a)X
2 f
1976(.rhosts)X
1 f
2287(\256le)X
2447(in)X
2559(his)X
2709(home)X
2961(directory,)X
3371(and)X
3548(allow)X
3800(access)X
4084(to)X
4197(her)X
720 2817(account)N
1070(without)X
1414(a)X
1507(password.)X
1967(Most)X
2214(people)X
2521(use)X
2699(this)X
2888(mechanism)X
3376(to)X
3500(allow)X
3763(trusted)X
4074(access)X
720 2929(between)N
1074(accounts)X
1444(they)X
1643(have)X
1858(on)X
1987(systems)X
2324(owned)X
2614(by)X
2744(different)X
3110(organizations)X
3663(who)X
3862(do)X
3992(not)X
4149(trust)X
720 3041(each)N
927(other's)X
1224(hosts)X
1451(in)X
2 f
1556(hosts.equiv.)X
1 f
2055(Unfortunately,)X
2648(this)X
2816(\256le)X
2968(presents)X
3312(a)X
3384(major)X
3638(security)X
3972(problem:)X
720 3153(While)N
2 f
994(hosts.equiv)X
1 f
1478(is)X
1580(under)X
1837(the)X
1993(system)X
2298(administrator's)X
2919(control)X
3230(and)X
3407(can)X
3579(be)X
3708(managed)X
4095(effec-)X
720 3265(tively,)N
997(any)X
1169(user)X
1362(may)X
1561(create)X
1825(a)X
2 f
1901(.rhosts)X
1 f
2208(\256le)X
2364(granting)X
2718(access)X
2997(to)X
3105(whomever)X
3543(he)X
3666(chooses,)X
4026(without)X
720 3377(the)N
862(system)X
1153(administrator's)X
1760(knowledge.)X
920 3517(The)N
1097(only)X
1295(secure)X
1568(way)X
1755(to)X
1857(manage)X
2 f
2184(.rhosts)X
1 f
2485(\256les)X
2672(is)X
2763(to)X
2865(completely)X
3321(disallow)X
3675(them)X
3896(on)X
4020(the)X
4166(sys-)X
720 3629(tem.)N
949(The)X
1135(system)X
1438(administrator)X
1988(should)X
2280(check)X
2540(the)X
2693(system)X
2995(often)X
3228(for)X
3375(violations)X
3790(of)X
3905(this)X
4079(policy)X
720 3741(\(see)N
899(Section)X
1212(3.3.1.4\).)X
1580(One)X
1764(possible)X
2103(exception)X
2502(to)X
2601(this)X
2764(rule)X
2938(is)X
3027(the)X
3170(``root'')X
3478(account;)X
3830(a)X
2 f
3898(.rhosts)X
1 f
4197(\256le)X
720 3853(may)N
910(be)X
1025(necessary)X
1423(to)X
1522(allow)X
1760(network)X
2099(backups)X
2438(and)X
2601(the)X
2743(like)X
2912(to)X
3011(be)X
3126(completed.)X
6 f
14 s
576 4202(2.2.2)N
917(Secure)X
1320(Term)X
1594(inals)X
1 f
12 s
920 4398(Under)N
1200(newer)X
1475(versions)X
1835(of)X
11 s
1953(UNIX)X
12 s
2171(,)X
2235(the)X
2393(concept)X
2733(of)X
2853(a)X
2936(``secure'')X
3351(terminal)X
3714(has)X
3883(been)X
4106(intro-)X
720 4510(duced.)N
1033(Simply)X
1346(put,)X
1528(the)X
1681(super-user)X
2116(\(``root''\))X
2498(may)X
2699(not)X
2857(log)X
3015(in)X
3125(on)X
3256(a)X
3334(nonsecure)X
3758(terminal,)X
4138(even)X
720 4622(with)N
927(a)X
1006(password.)X
1452(\(Authorized)X
1953(users)X
2187(may)X
2390(still)X
2572(use)X
2737(the)X
2 f
2892(su)X
1 f
3030(command)X
3447(to)X
3559(become)X
3896(super-user,)X
720 4734(however.\))N
1168(The)X
1355(\256le)X
2 f
1515(/etc/ttytab)X
1 f
1955([Sun88a,)X
2336(1478])X
2597(is)X
2697(used)X
2909(to)X
3020(control)X
3329(which)X
3600(terminals)X
3995(are)X
4149(con-)X
720 4846(sidered)N
1022(secure.\262)X
1388(A)X
1481(short)X
1697(excerpt)X
2005(from)X
2216(this)X
2379(\256le)X
2526(is)X
2614(shown)X
2888(below.)X
10 s
10 f
576 5284(h)N
592(hhhhhhhhhhhhhh)X
1 f
656 5394(*)N
736(Actually,)X
2 f
1052(hosts.equiv)X
1 f
1443(may)X
1601(be)X
1697(used)X
1864(to)X
1946(specify)X
2198(host-user)X
2512(combinations)X
2963(as)X
3050(well,)X
3228(but)X
3350(this)X
3485(is)X
3558(rarely)X
3766(done.)X
656 5504(\262)N
736(Under)X
957(non-Sun)X
1248(versions)X
1535(of)X
1622(Berkeley)X
9 s
1930(UNIX)X
10 s
(,)S
2150(this)X
2285(\256le)X
2407(is)X
2480(called)X
2 f
2692(/etc/ttys)X
1 f
2954(.)X
6 f
12 s
2395 6016(12)N
13 p
%%Page: 13 14
12 s 0 xH 0 xS 6 f
1 f
7 f
1008 880(console)N
1530 0.4018("/usr/etc/getty)AX
2458 0.4219(std.9600")AX
3096(sun)X
3618(off)X
3850(secure)X
1008 992(ttya)N
1530 0.4018("/usr/etc/getty)AX
2458 0.4219(std.9600")AX
3096(unknown)X
3618(off)X
3850(secure)X
1008 1104(ttyb)N
1530 0.4018("/usr/etc/getty)AX
2458 0.4219(std.9600")AX
3096(unknown)X
3618(off)X
3850(secure)X
1008 1216(ttyp0)N
1530(none)X
3096(network)X
3618(off)X
3850(secure)X
1008 1328(ttyp1)N
1530(none)X
3096(network)X
3618(off)X
3850(secure)X
1008 1440(ttyp2)N
1530(none)X
3096(network)X
3618(off)X
3850(secure)X
1 f
720 1600(The)N
913(keyword)X
1292(``secure'')X
1709(at)X
1822(the)X
1983(end)X
2165(of)X
2288(each)X
2508(line)X
2696(indicates)X
3082(that)X
3270(the)X
3431(terminal)X
3796(is)X
3903(considered)X
720 1712(secure.)N
1048(To)X
1189(remove)X
1512(this)X
1685(designation,)X
2186(simply)X
2481(edit)X
2659(the)X
2810(\256le)X
2966(and)X
3138(delete)X
3402(the)X
3553(``secure'')X
3960(keyword.)X
720 1824(After)N
947(saving)X
1222(the)X
1364(\256le,)X
1535(type)X
1725(the)X
1867(command)X
2271(\(as)X
2407(super-user\):)X
7 f
1008 1984(#)N
8 f
1124(kill)X
1414(-HUP)X
1704(1)X
1 f
720 2144(This)N
915(tells)X
1100(the)X
2 f
1242(init)X
1 f
1411(process)X
1723(to)X
1822(reread)X
2087(the)X
2 f
2229(ttytab)X
1 f
2489(\256le.)X
920 2284(The)N
1104(Sun)X
1287(default)X
1589(con\256guration)X
2137(for)X
2 f
2284(ttytab)X
1 f
2555(is)X
2654(to)X
2764(consider)X
3125(all)X
3257(terminals)X
3651(secure,)X
3956(including)X
720 2396(``pseudo'')N
1149(terminals)X
1537(used)X
1742(by)X
1867(the)X
2014(remote)X
2310(login)X
2536(software.)X
2943(This)X
3142(means)X
3416(that)X
3589(``root'')X
3900(may)X
4094(log)X
4245(in)X
720 2508(remotely)N
1103(from)X
1330(any)X
1509(host)X
1709(on)X
1845(the)X
2003(network.)X
2406(A)X
2515(more)X
2753(secure)X
3039(con\256guration)X
3592(would)X
3873(consider)X
4240(as)X
720 2620(secure)N
1001(only)X
1207(directly)X
1537(connected)X
1963(terminals,)X
2381(or)X
2496(perhaps)X
2830(only)X
3036(the)X
3189(console)X
3518(device.)X
3852(This)X
4057(is)X
4155(how)X
720 2732(\256le)N
867(servers)X
1163(and)X
1326(other)X
1548(machines)X
1936(with)X
2131(disks)X
2352(should)X
2632(be)X
2747(set)X
2878(up.)X
920 2872(The)N
1105(most)X
1327(secure)X
1608(con\256guration)X
2156(is)X
2255(to)X
2365(remove)X
2689(the)X
2842(``secure'')X
3251(designation)X
3730(from)X
3952(all)X
4084(termi-)X
720 2984(nals,)N
933(including)X
1331(the)X
1483(console)X
1811(device.)X
2144(This)X
2348(requires)X
2691(that)X
2869(those)X
3105(users)X
3335(with)X
3539(super-user)X
3972(authority)X
720 3096(\256rst)N
910(log)X
1074(in)X
1190(as)X
1311(themselves,)X
1804(and)X
1984(then)X
2191(become)X
2532(the)X
2691(super-user)X
3132(via)X
3291(the)X
2 f
3451(su)X
1 f
3594(command.)X
4064(It)X
4165(also)X
720 3208(requires)N
1060(the)X
1208(``root'')X
1521(password)X
1913(to)X
2018(be)X
2139(entered)X
2452(when)X
2689(rebooting)X
3087(in)X
3191(single-user)X
3642(mode,)X
3909(in)X
4013(order)X
4245(to)X
720 3320(prevent)N
1050(users)X
1288(from)X
1517(rebooting)X
1928(their)X
2147(desktop)X
2488(workstations)X
3021(and)X
3202(obtaining)X
3608(super-user)X
4050(access.)X
720 3432(This)N
915(is)X
1003(how)X
1192(all)X
1313(diskless)X
1641(client)X
1880(machines)X
2268(should)X
2548(be)X
2663(set)X
2794(up.)X
6 f
14 s
576 3781(2.2.3)N
917(The)X
1146(Network)X
1619(File)X
1842(System)X
1 f
12 s
920 3977(The)N
1105(Network)X
1476(File)X
1661(System)X
1979(\()X
11 s
2011(NFS)X
12 s
2172(\))X
2239([Sun88d])X
2631(is)X
2730(designed)X
3107(to)X
3217(allow)X
3466(several)X
3774(hosts)X
4006(to)X
4117(share)X
720 4089(\256les)N
912(over)X
1115(the)X
1265(network.)X
1660(One)X
1852(of)X
1964(the)X
2114(most)X
2333(common)X
2702(uses)X
2899(of)X
11 s
3009(NFS)X
12 s
3202(is)X
3298(to)X
3404(allow)X
3649(diskless)X
3984(worksta-)X
720 4201(tions)N
934(to)X
1036(be)X
1154(installed)X
1508(in)X
1610(of\256ces,)X
1917(while)X
2158(keeping)X
2490(all)X
2614(disk)X
2801(storage)X
3106(in)X
3208(a)X
3278(central)X
3569(location.)X
3956(As)X
4090(distri-)X
720 4313(buted)N
960(by)X
1081(Sun,)X
11 s
1277(NFS)X
12 s
1463(has)X
1616(no)X
1737(security)X
2067(features)X
2397(enabled.)X
2770(This)X
2966(means)X
3237(that)X
3407(any)X
3571(host)X
3756(on)X
3877(the)X
4020(Internet)X
720 4425(may)N
910(access)X
1180(your)X
1380(\256les)X
1564(via)X
11 s
1704(NFS)X
12 s
1865(,)X
1913(regardless)X
2327(of)X
2431(whether)X
2765(you)X
2933(trust)X
3128(them)X
3345(or)X
3449(not.)X
920 4565(Fortunately,)N
1426(there)X
1657(are)X
1813(several)X
2124(easy)X
2333(ways)X
2568(to)X
2681(make)X
11 s
2926(NFS)X
12 s
3126(more)X
3363(secure.)X
3696(The)X
3885(more)X
4122(com-)X
720 4677(monly)N
997(used)X
1204(methods)X
1561(are)X
1710(described)X
2110(in)X
2216(this)X
2386(section,)X
2714(and)X
2884(these)X
3113(can)X
3278(be)X
3400(used)X
3607(to)X
3713(make)X
3953(your)X
4160(\256les)X
720 4789(quite)N
946(secure)X
1226(from)X
1447(unauthorized)X
1984(access)X
2264(via)X
11 s
2414(NFS)X
12 s
2575(.)X
2657(Secure)X
11 s
2951(NFS)X
12 s
3112(,)X
3170(introduced)X
3616(in)X
3725(Sun)X
11 s
3874(OS)X
12 s
4020(Release)X
720 4901(4.0,)N
892(takes)X
1117(security)X
1449(one)X
1615(step)X
1797(further,)X
2110(using)X
2345(public-key)X
2784(encryption)X
3223(techniques)X
3662(to)X
3764(ensure)X
4042(author-)X
720 5013(ized)N
905(access.)X
1223(Discussion)X
1668(of)X
1772(secure)X
11 s
2040(NFS)X
12 s
2225(is)X
2313(deferred)X
2658(until)X
2859(Section)X
3172(4.)X
5 f
14 s
576 5362(2.2.3.1)N
1010(The)X
1233(exports)X
1631(File)X
1 f
12 s
920 5558(The)N
1098(\256le)X
2 f
1250(/etc/exports)X
1 f
1745([Sun88a,)X
2118(1377])X
2371(is)X
2464(perhaps)X
2792(one)X
2960(of)X
3069(the)X
3216(most)X
3432(important)X
3836(parts)X
4052(of)X
11 s
4159(NFS)X
12 s
720 5670(con\256guration.)N
1312(This)X
1514(\256le)X
1668(lists)X
1854(which)X
2120(\256le)X
2274(systems)X
2609(are)X
2758(exported)X
3126(\(made)X
3398(available)X
3777(for)X
3919(mounting\))X
6 f
2395 6016(13)N
14 p
%%Page: 14 15
12 s 0 xH 0 xS 6 f
1 f
720 832(to)N
825(other)X
1053(systems.)X
1435(A)X
1534(typical)X
2 f
1827(exports)X
1 f
2157(\256le)X
2311(as)X
2422(installed)X
2780(by)X
2907(the)X
3056(Sun)X
3236(installation)X
3696(procedure)X
4112(looks)X
720 944(something)N
1145(like)X
1314(this:)X
7 f
1008 1104(/usr)N
1008 1216(/home)N
1008 1328 0.4018(/var/spool/mail)AN
1008 1440(#)N
1008 1552 0.3947(/export/root/client1)AN
2400 0.3889(-access=client1,root=client1)AX
1008 1664 0.3947(/export/swap/client1)AN
2400 0.3889(-access=client1,root=client1)AX
1008 1776(#)N
1008 1888 0.3947(/export/root/client2)AN
2400 0.3889(-access=client2,root=client2)AX
1008 2000 0.3947(/export/swap/client2)AN
2400 0.3889(-access=client2,root=client2)AX
1 f
720 2160(The)N
2 f
902(root=)X
1 f
1175(keyword)X
1543(speci\256es)X
1906(the)X
2056(list)X
2206(of)X
2318(hosts)X
2547(that)X
2724(are)X
2874(allowed)X
3211(to)X
3318(have)X
3533(super-user)X
3966(access)X
4245(to)X
720 2272(the)N
875(\256les)X
1072(in)X
1184(the)X
1339(named)X
1633(\256le)X
1793(system.)X
2145(This)X
2353(keyword)X
2726(is)X
2827(discussed)X
3232(in)X
3344(detail)X
3596(in)X
3707(Section)X
4032(2.2.3.3.)X
720 2384(The)N
2 f
907(access=)X
1 f
1276(keyword)X
1649(speci\256es)X
2017(the)X
2172(list)X
2327(of)X
2444(hosts)X
2678(\(separated)X
3111(by)X
3244(colons\))X
3564(that)X
3746(are)X
3902(allowed)X
4245(to)X
720 2496(mount)N
994(the)X
1140(named)X
1425(\256le)X
1576(system.)X
1919(If)X
2011(no)X
2 f
2135(access=)X
1 f
2494(keyword)X
2857(is)X
2948(speci\256ed)X
3317(for)X
3456(a)X
3526(\256le)X
3676(system,)X
3994(any)X
4160(host)X
720 2608(anywhere)N
1118(on)X
1238(the)X
1380(network)X
1719(may)X
1909(mount)X
2179(that)X
2348(\256le)X
2495(system)X
2786(via)X
11 s
2926(NFS)X
12 s
3087(.)X
920 2748(Obviously,)N
1377(this)X
1550(presents)X
1899(a)X
1976(major)X
2235(security)X
2574(problem,)X
2953(since)X
3185(anyone)X
3497(who)X
3696(can)X
3864(mount)X
4144(your)X
720 2860(\256le)N
878(systems)X
1217(via)X
11 s
1367(NFS)X
12 s
1562(can)X
1730(then)X
1930(peruse)X
2215(them)X
2442(at)X
2546(her)X
2703(leisure.)X
3042(Thus,)X
3292(it)X
3380(is)X
3478(important)X
3887(that)X
4066(all)X
4197(\256le)X
720 2972(systems)N
1048(listed)X
1281(in)X
2 f
1380(exports)X
1 f
1703(have)X
1909(an)X
2 f
2024(access=)X
1 f
2380(keyword)X
2740(associated)X
3160(with)X
3355(them.)X
3620(If)X
3708(you)X
3876(have)X
4082(only)X
4277(a)X
720 3084(few)N
888(hosts)X
1109(which)X
1368(must)X
1579(mount)X
1849(a)X
1916(\256le)X
2063(system,)X
2378(you)X
2546(can)X
2704(list)X
2846(them)X
3063(individually)X
3553(in)X
3652(the)X
3794(\256le:)X
7 f
1008 3244(/usr)N
1472 0.3854(-access=host1:host2:host3:host4:host5)AX
1 f
720 3404(However,)N
1138(because)X
1485(the)X
1645(maximum)X
2078(number)X
2414(of)X
2536(hosts)X
2775(that)X
2962(can)X
3139(be)X
3273(listed)X
3525(this)X
3707(way)X
3910(is)X
4017(ten,)X
4202(the)X
2 f
720 3516(access=)N
1 f
1083(keyword)X
1450(will)X
1631(also)X
1817(allow)X
2062(netgroups)X
2472(to)X
2578(be)X
2700(speci\256ed.)X
3120(Netgroups)X
3550(are)X
3698(described)X
4097(in)X
4202(the)X
720 3628(next)N
910(section.)X
920 3768(After)N
1147(making)X
1460(any)X
1623(changes)X
1957(to)X
2056(the)X
2 f
2198(exports)X
1 f
2521(\256le,)X
2692(you)X
2860(should)X
3140(run)X
3292(the)X
3434(command)X
7 f
1008 3928(#)N
8 f
1124(exportfs)X
1646(-a)X
1 f
720 4088(in)N
819(order)X
1046(to)X
1145(make)X
1378(the)X
1520(changes)X
1854(take)X
2039(effect.)X
5 f
14 s
576 4437(2.2.3.2)N
1010(The)X
1233(netgroup)X
1705(File)X
1 f
12 s
920 4633(The)N
1110(\256le)X
2 f
1273(/etc/netgroup)X
1 f
1843([Sun88a,)X
2227(1407])X
2491(is)X
2595(used)X
2811(to)X
2926(de\256ne)X
3201(netgroups.)X
3668(This)X
3880(\256le)X
4044(is)X
4149(con-)X
720 4745(trolled)N
1016(by)X
1156(Yellow)X
1483(Pages,)X
1775(and)X
1958(must)X
2189(be)X
2324(rebuilt)X
2620(in)X
2739(the)X
2901(Yellow)X
3228(Pages)X
3496(maps)X
3742(whenever)X
4159(it)X
4256(is)X
720 4857(modi\256ed.)N
1134(Consider)X
1505(the)X
1647(following)X
2045(sample)X
2 f
2342(netgroup)X
1 f
2729(\256le:)X
6 f
2395 6016(14)N
15 p
%%Page: 15 16
12 s 0 xH 0 xS 6 f
1 f
7 f
1008 880(A_Group)N
1762 0.4125(\(servera,,\))AX
2458 0.4091(\(clienta1,,\))AX
3212 0.4091(\(clienta2,,\))AX
1008 1104(B_Group)N
1762 0.4125(\(serverb,,\))AX
2458 0.4091(\(clientb1,,\))AX
3212 0.4091(\(clientb2,,\))AX
1008 1328 0.4167(AdminStaff)AN
1762 0.4000(\(clienta1,mary,\))AX
2748 0.4000(\(clientb3,joan,\))AX
1008 1552(AllSuns)N
1762(A_Group)X
2226(B_Group)X
1 f
720 1712(This)N
921(\256le)X
1074(de\256nes)X
1376(four)X
1566(netgroups,)X
1999(called)X
2 f
2260(A_Group)X
1 f
2633(,)X
2 f
2687(B_Group)X
1 f
3060(,)X
2 f
3114(AdminStaff)X
1 f
3558(,)X
3612(and)X
2 f
3781(AllSuns)X
1 f
4091(.)X
4170(The)X
2 f
720 1824(AllSuns)N
1 f
1063(netgroup)X
1438(is)X
1535(actually)X
1874(a)X
1950(``super)X
2255(group'')X
2576(containing)X
3016(all)X
3146(the)X
3297(members)X
3683(of)X
3796(the)X
2 f
3947(A_Group)X
1 f
720 1936(and)N
2 f
883(B_Group)X
1 f
1280(netgroups.)X
920 2076(Each)N
1144(member)X
1491(of)X
1602(a)X
1676(netgroup)X
2050(is)X
2146(de\256ned)X
2461(as)X
2573(a)X
2648(triple:)X
2911(\(host,)X
3159(user,)X
3375(domain\).)X
3776(Typically,)X
4202(the)X
2 f
720 2188(domain)N
1 f
1057(\256eld)X
1261(is)X
1358(never)X
1605(used,)X
1838(and)X
2010(is)X
2107(simply)X
2402(left)X
2564(blank.)X
2859(If)X
2956(either)X
3209(the)X
2 f
3359(host)X
1 f
3567(or)X
2 f
3679(user)X
1 f
3892(\256eld)X
4095(is)X
4191(left)X
720 2300(blank,)N
984(then)X
1176(any)X
1341(host)X
1527(or)X
1633(user)X
1819(is)X
1909(considered)X
2352(to)X
2453(match.)X
2763(Thus)X
2981(the)X
3125(triple)X
3355(\(host,,\))X
3653(matches)X
3995(any)X
4160(user)X
720 2412(on)N
840(the)X
982(named)X
1263(host,)X
1471(while)X
1709(the)X
1851(triple)X
2079(\(,user,\))X
2375(matches)X
2715(the)X
2857(named)X
3138(user)X
3322(on)X
3442(any)X
3605(host.)X
920 2552(Netgroups)N
1355(are)X
1508(useful)X
1778(when)X
2021(restricting)X
2447(access)X
2728(to)X
11 s
2836(NFS)X
12 s
3032(\256le)X
3190(systems)X
3530(via)X
3684(the)X
2 f
3838(exports)X
1 f
4173(\256le.)X
720 2664(For)N
877(example,)X
1252(consider)X
1602(this)X
1765(modi\256ed)X
2131(version)X
2438(of)X
2542(the)X
2684(\256le)X
2831(from)X
3042(the)X
3184(previous)X
3539(section:)X
7 f
1008 2824(/usr)N
2400 0.4018(-access=A_Group)AX
1008 2936(/home)N
2400 0.3920(-access=A_Group:B_Group)AX
1008 3048 0.4018(/var/spool/mail)AN
2400 0.4018(-access=AllSuns)AX
1008 3160(#)N
1008 3272 0.3947(/export/root/client1)AN
2400 0.3889(-access=client1,root=client1)AX
1008 3384 0.3947(/export/swap/client1)AN
2400 0.3889(-access=client1,root=client1)AX
1008 3496(#)N
1008 3608 0.3947(/export/root/client2)AN
2400 0.3889(-access=client2,root=client2)AX
1008 3720 0.3947(/export/swap/client2)AN
2400 0.3889(-access=client2,root=client2)AX
1 f
720 3880(The)N
2 f
899(/usr)X
1 f
1093(\256le)X
1245(system)X
1542(may)X
1738(now)X
1933(only)X
2134(be)X
2255(mounted)X
2622(by)X
2748(the)X
2896(hosts)X
3123(in)X
3228(the)X
2 f
3376(A_Group)X
1 f
3779(netgroup,)X
4175(that)X
720 3992(is,)N
2 f
841(servera)X
1 f
1145(,)X
2 f
1202(clienta1)X
1 f
1529(,)X
1586(and)X
2 f
1758(clienta2)X
1 f
2085(.)X
2166(Any)X
2363(other)X
2593(host)X
2785(that)X
2962(tries)X
3160(to)X
3267(mount)X
3545(this)X
3716(\256le)X
3871(system)X
4170(will)X
720 4104(receive)N
1035(an)X
1162(``access)X
1508(denied'')X
1865(error.)X
2136(The)X
2 f
2322(/home)X
1 f
2609(\256le)X
2768(system)X
3071(may)X
3274(be)X
3402(mounted)X
3776(by)X
3909(any)X
4085(of)X
4202(the)X
720 4216(hosts)N
946(in)X
1050(either)X
1299(the)X
2 f
1446(A_Group)X
1 f
1848(or)X
2 f
1957(B_Group)X
1 f
2359(netgroups.)X
2815(The)X
2 f
2994(/var/spool/mail)X
1 f
3627(\256le)X
3778(system)X
4073(is)X
4165(also)X
720 4328(restricted)N
1103(to)X
1202(these)X
1424(hosts,)X
1669(but)X
1816(in)X
1915(this)X
2078(example)X
2429(we)X
2565(used)X
2765(the)X
2907(``super)X
3203(group'')X
3515(called)X
2 f
3770(AllSuns)X
1 f
4080(.)X
920 4468(Generally,)N
1353(the)X
1500(best)X
1684(way)X
1873(to)X
1978(con\256gure)X
2371(the)X
2 f
2519(netgroup)X
1 f
2912(\256le)X
3065(is)X
3159(to)X
3264(make)X
3503(a)X
3576(single)X
3836(netgroup)X
4208(for)X
720 4580(each)N
928(\256le)X
1082(server)X
1348(and)X
1518(its)X
1640(clients,)X
1947(and)X
2117(then)X
2314(to)X
2420(make)X
2660(other)X
2889(super)X
3128(groups,)X
3444(such)X
3651(as)X
2 f
3761(AllSuns)X
1 f
4071(.)X
4149(This)X
720 4692(allows)N
999(you)X
1171(the)X
1317(\257exibility)X
1720(to)X
1823(specify)X
2130(the)X
2277(smallest)X
2622(possible)X
2966(group)X
3219(of)X
3328(hosts)X
3554(for)X
3695(each)X
3901(\256le)X
4053(system)X
720 4804(in)N
2 f
819(/etc/exports)X
1 f
1285(.)X
920 4944(Netgroups)N
1353(can)X
1520(also)X
1708(be)X
1832(used)X
2041(in)X
2150(the)X
2302(password)X
2698(\256le)X
2855(to)X
2964(allow)X
3212(access)X
3492(to)X
3601(a)X
3678(given)X
3926(host)X
4120(to)X
4229(be)X
720 5056(restricted)N
1110(to)X
1216(the)X
1365(members)X
1748(of)X
1858(that)X
2033(group,)X
2311(and)X
2480(they)X
2676(can)X
2840(be)X
2961(used)X
3167(in)X
3272(the)X
2 f
3420(hosts.equiv)X
1 f
3896(\256le)X
4049(to)X
4154(cen-)X
720 5168(tralize)N
991(maintenance)X
1509(of)X
1619(the)X
1767(list)X
1915(of)X
2025(trusted)X
2317(hosts.)X
2592(The)X
2772(procedures)X
3224(for)X
3366(doing)X
3615(this)X
3784(are)X
3932(de\256ned)X
4245(in)X
720 5280(more)N
942(detail)X
1181(in)X
1280(the)X
1422(Sun)X
1595(manual.)X
6 f
2395 6016(15)N
16 p
%%Page: 16 17
12 s 0 xH 0 xS 6 f
14 s
5 f
576 832(2.2.3.3)N
1010(Restricting)X
1570(Super-User)X
2174(Access)X
1 f
12 s
920 1028(Normally,)N
11 s
1341(NFS)X
12 s
1532(translates)X
1926(the)X
2074(super-user)X
2505(id)X
2611(to)X
2717(a)X
2791(special)X
3090(id)X
3196(called)X
3458(``nobody'')X
3905(in)X
4011(order)X
4245(to)X
720 1140(prevent)N
1050(a)X
1134(user)X
1335(with)X
1547(``root'')X
1871(on)X
2008(a)X
2092(remote)X
2401(workstation)X
2896(from)X
3123(accessing)X
3532(other)X
3770(people's)X
4136(\256les.)X
720 1252(This)N
915(is)X
1004(good)X
1221(for)X
1358(security,)X
1712(but)X
1860(sometimes)X
2297(a)X
2365(nuisance)X
2727(for)X
2864(system)X
3156(administration,)X
3762(since)X
3985(you)X
4154(can-)X
720 1364(not)N
867(make)X
1100(changes)X
1434(to)X
1533(\256les)X
1717(as)X
1821(``root'')X
2128(through)X
11 s
2449(NFS)X
12 s
2610(.)X
920 1504(The)N
2 f
1104(exports)X
1 f
1437(\256le)X
1594(also)X
1783(allows)X
2068(you)X
2246(to)X
2355(grant)X
2587(super-user)X
3022(access)X
3303(to)X
3413(certain)X
3711(\256le)X
3869(systems)X
4208(for)X
720 1616(certain)N
1012(hosts)X
1238(by)X
1363(using)X
1600(the)X
2 f
1747(root=)X
1 f
2017(keyword.)X
2430(Following)X
2854(this)X
3021(keyword)X
3385(a)X
3456(colon-separated)X
4094(list)X
4240(of)X
720 1728(up)N
853(to)X
965(ten)X
1120(hosts)X
1354(may)X
1557(be)X
1685(speci\256ed;)X
2091(these)X
2326(hosts)X
2561(will)X
2749(be)X
2878(allowed)X
3221(to)X
3334(access)X
3618(the)X
3774(\256le)X
3935(system)X
4240(as)X
720 1840(``root'')N
1032(without)X
1355(having)X
1646(the)X
1792(user)X
1980(id)X
2083(converted)X
2491(to)X
2594(``nobody.'')X
3086(Netgroups)X
3514(may)X
3708(not)X
3859(be)X
3978(speci\256ed)X
720 1952(to)N
819(the)X
2 f
961(root=)X
1 f
1226(keyword.)X
920 2092(Granting)N
1303(``root'')X
1627(access)X
1914(to)X
2030(a)X
2114(host)X
2315(should)X
2612(not)X
2776(be)X
2908(done)X
3136(lightly.)X
3477(If)X
3582(a)X
3666(host)X
3867(has)X
4037(``root'')X
720 2204(access)N
995(to)X
1099(a)X
1171(\256le)X
1323(system,)X
1643(then)X
1838(the)X
1985(super-user)X
2414(on)X
2539(that)X
2713(host)X
2902(will)X
3081(have)X
3292(complete)X
3674(access)X
3948(to)X
4051(the)X
4197(\256le)X
720 2316(system,)N
1047(just)X
1222(as)X
1338(if)X
1433(you)X
1613(had)X
1788(given)X
2038(him)X
2225(the)X
2380(``root'')X
2700(password)X
3099(on)X
3232(the)X
3387(server.)X
3707(Untrusted)X
4123(hosts)X
720 2428(should)N
1000(never)X
1238(be)X
1353(given)X
1591(``root'')X
1898(access)X
2168(to)X
11 s
2265(NFS)X
12 s
2450(\256le)X
2597(systems.)X
6 f
14 s
576 2777(2.2.4)N
917(FTP)X
1 f
12 s
920 2973(The)N
1103(File)X
1286(Transfer)X
1645(Protocol,)X
2028(implemented)X
2565(by)X
2694(the)X
2 f
2845(ftp)X
1 f
2996(and)X
2 f
3169(ftpd)X
1 f
3369(programs)X
3766([Sun88a,)X
4144(195-)X
720 3085(201,)N
915(1632-1634],)X
1413(allows)X
1690(users)X
1913(to)X
2014(connect)X
2340(to)X
2441(remote)X
2735(systems)X
3065(and)X
3230(transfer)X
3550(\256les)X
3736(back)X
3944(and)X
4109(forth.)X
720 3197(Unfortunately,)N
1315(older)X
1544(versions)X
1895(of)X
2006(these)X
2235(programs)X
2630(also)X
2817(had)X
2988(several)X
3293(bugs)X
3506(in)X
3613(them)X
3838(that)X
4015(allowed)X
720 3309(crackers)N
1070(to)X
1174(break)X
1417(into)X
1596(a)X
1668(system.)X
2012(These)X
2271(bugs)X
2481(have)X
2691(been)X
2901(\256xed)X
3121(by)X
3245(Berkeley,)X
3645(and)X
3812(new)X
4000(versions)X
720 3421(are)N
873(available.)X
1305(If)X
1404(your)X
2 f
1615(ftpd)X
1 f
1781(*)X
1864(was)X
2048(obtained)X
2415(before)X
2696(December)X
3128(1988,)X
3380(you)X
3560(should)X
3852(get)X
4006(a)X
4085(newer)X
720 3533(version)N
1027(\(see)X
1206(Section)X
1519(4\).)X
920 3673(One)N
1111(of)X
1222(the)X
1371(more)X
1600(useful)X
1866(features)X
2202(of)X
11 s
2311(FTP)X
12 s
2494(is)X
2589(the)X
2738(``anonymous'')X
3341(login.)X
3619(This)X
3822(special)X
4122(login)X
720 3785(allows)N
1000(users)X
1226(who)X
1420(do)X
1545(not)X
1697(have)X
1908(an)X
2028(account)X
2357(on)X
2481(your)X
2685(machine)X
3040(to)X
3143(have)X
3353(restricted)X
3740(access)X
4014(in)X
4117(order)X
720 3897(to)N
823(transfer)X
1145(\256les)X
1333(from)X
1548(a)X
1619(speci\256c)X
1941(directory.)X
2365(This)X
2564(is)X
2656(useful)X
2919(if)X
3006(you)X
3178(wish)X
3388(to)X
3492(distribute)X
3885(software)X
4245(to)X
720 4009(the)N
872(public)X
1147(at)X
1251(large)X
1478(without)X
1806(giving)X
2086(each)X
2297(person)X
2587(who)X
2786(wants)X
3043(the)X
3194(software)X
3558(an)X
3682(account)X
4015(on)X
4144(your)X
720 4121(machine.)N
1123(In)X
1231(order)X
1462(to)X
1565(securely)X
1914(set)X
2049(up)X
2173(anonymous)X
11 s
2642(FTP)X
12 s
2822(you)X
2994(should)X
3278(follow)X
3557(the)X
3703(speci\256c)X
4026(instruc-)X
720 4233(tions)N
931(below:)X
920 4373(1.)N
1120(Create)X
1401(an)X
1521(account)X
1850(called)X
2110(``ftp.'')X
2422(Disable)X
2745(the)X
2892(account)X
3221(by)X
3346(placing)X
3659(an)X
3779(asterisk)X
4103(\(*\))X
4245(in)X
1120 4485(the)N
1267(password)X
1658(\256eld.)X
1906(Give)X
2122(the)X
2269(account)X
2597(a)X
2668(special)X
2964(home)X
3206(directory,)X
3606(such)X
3810(as)X
2 f
3918(/usr/ftp)X
1 f
4240(or)X
2 f
1120 4597(/usr/spool/ftp)N
1 f
1649(.)X
920 4737(2.)N
1120(Make)X
1363(the)X
1505(home)X
1743(directory)X
2115(owned)X
2395(by)X
2515(``ftp'')X
2774(and)X
2937(unwritable)X
3373(by)X
3493(anyone:)X
7 f
1408 4897(#)N
8 f
1524(chown)X
1872(ftp)X
2104(\304ftp)X
7 f
1408 5009(#)N
8 f
1524(chmod)X
1872(555)X
2104(\304ftp)X
1 f
920 5197(3.)N
1120(Make)X
1372(the)X
1523(directory)X
2 f
1905(\304ftp/bin)X
1 f
2205(,)X
2263(owned)X
2553(by)X
2683(the)X
2835(super-user)X
3269(and)X
3442(unwritable)X
3888(by)X
4018(anyone.)X
1120 5309(Place)N
1353(a)X
1420(copy)X
1631(of)X
1735(the)X
2 f
1877(ls)X
1 f
1981(program)X
2331(in)X
2430(this)X
2593(directory:)X
10 s
10 f
576 5405(h)N
592(hhhhhhhhhhhhhh)X
1 f
656 5515(*)N
736(On)X
854(Sun)X
998(systems,)X
2 f
1291(ftpd)X
1 f
1448(is)X
1521(stored)X
1737(in)X
1819(the)X
1937(\256le)X
2 f
2059(/usr/etc/in.ftpd)X
1 f
2540(.)X
2600(On)X
2718(most)X
2893(other)X
3078(systems,)X
3371(it)X
3435(is)X
3508(called)X
2 f
3720(/etc/ftpd)X
1 f
3995(.)X
6 f
12 s
2395 6016(16)N
17 p
%%Page: 17 18
12 s 0 xH 0 xS 6 f
1 f
7 f
1408 880(#)N
8 f
1524(mkdir)X
1872(\304ftp/bin)X
7 f
1408 992(#)N
8 f
1524(chown)X
1872(root)X
2162(\304ftp/bin)X
7 f
1408 1104(#)N
8 f
1524(chmod)X
1872(555)X
2104(\304ftp/bin)X
7 f
1408 1216(#)N
8 f
1524(cp)X
1698(-p)X
1872(/bin/ls)X
2336(\304ftp/bin)X
7 f
1408 1328(#)N
8 f
1524(chmod)X
1872(111)X
2104 0.4125(\304ftp/bin/ls)AX
1 f
920 1516(4.)N
1120(Make)X
1373(the)X
1525(directory)X
2 f
1907(\304ftp/etc)X
1 f
2197(,)X
2256(owned)X
2547(by)X
2678(the)X
2831(super-user)X
3266(and)X
3440(unwritable)X
3887(by)X
4018(anyone.)X
1120 1628(Place)N
1365(copies)X
1647(of)X
1763(the)X
1916(password)X
2313(and)X
2487(group)X
2746(\256les)X
2941(in)X
3051(this)X
3225(directory,)X
3632(with)X
3838(all)X
3970(the)X
4123(pass-)X
1120 1740(word)N
1347(\256elds)X
1585(changed)X
1936(to)X
2041(asterisks)X
2402(\(*\).)X
2592(You)X
2787(may)X
2983(wish)X
3194(to)X
3299(delete)X
3560(all)X
3688(but)X
3842(a)X
3916(few)X
4091(of)X
4202(the)X
1120 1852(accounts)N
1499(and)X
1680(groups)X
1983(from)X
2212(these)X
2451(\256les;)X
2679(the)X
2838(only)X
3050(account)X
3391(that)X
3577(must)X
3805(be)X
3937(present)X
4256(is)X
1120 1964(``ftp.'')N
7 f
1408 2124(#)N
8 f
1524(mkdir)X
1872(\304ftp/etc)X
7 f
1408 2236(#)N
8 f
1524(chown)X
1872(root)X
2162(\304ftp/etc)X
7 f
1408 2348(#)N
8 f
1524(chmod)X
1872(555)X
2104(\304ftp/etc)X
7 f
1408 2460(#)N
8 f
1524(cp)X
1698(-p)X
1872 0.4125(/etc/passwd)AX
2568 0.4167(/etc/group)AX
3206(\304ftp/etc)X
7 f
1408 2572(#)N
8 f
1524(chmod)X
1872(444)X
2104 0.4018(\304ftp/etc/passwd)AX
3032 0.4038(\304ftp/etc/group)AX
1 f
920 2760(5.)N
1120(Make)X
1363(the)X
1506(directory)X
2 f
1879(\304ftp/pub)X
1 f
2200(,)X
2249(owned)X
2530(by)X
2651(``ftp'')X
2911(and)X
3075(world-writable.)X
3720(Users)X
3963(may)X
4154(then)X
1120 2872(place)N
1348(\256les)X
1532(that)X
1701(are)X
1843(to)X
1942(be)X
2057(accessible)X
2472(via)X
2614(anonymous)X
11 s
3079(FTP)X
12 s
3255(in)X
3354(this)X
3517(directory:)X
7 f
1408 3032(#)N
8 f
1524(mkdir)X
1872(\304ftp/pub)X
7 f
1408 3144(#)N
8 f
1524(chown)X
1872(ftp)X
2104(\304ftp/pub)X
7 f
1408 3256(#)N
8 f
1524(chmod)X
1872(777)X
2104(\304ftp/pub)X
1 f
920 3444(Because)N
1275(the)X
1427(anonymous)X
11 s
1902(FTP)X
12 s
2088(feature)X
2390(allows)X
2675(anyone)X
2987(to)X
3096(access)X
3376(your)X
3586(system)X
3887(\(albeit)X
4168(in)X
4277(a)X
720 3556(very)N
925(limited)X
1233(way\),)X
1483(it)X
1571(should)X
1861(not)X
2018(be)X
2143(made)X
2386(available)X
2769(on)X
2899(every)X
3147(host)X
3341(on)X
3471(the)X
3622(network.)X
4018(Instead,)X
720 3668(you)N
896(should)X
1184(choose)X
1483(one)X
1654(machine)X
2013(\(preferably)X
2474(a)X
2550(server)X
2818(or)X
2931(standalone)X
3376(host\))X
3601(on)X
3730(which)X
3998(to)X
4106(allow)X
720 3780(this)N
885(service.)X
1232(This)X
1429(makes)X
1701(monitoring)X
2155(for)X
2293(security)X
2624(violations)X
3029(much)X
3268(easier.)X
3566(If)X
3655(you)X
3824(allow)X
4063(people)X
720 3892(to)N
826(transfer)X
1151(\256les)X
1342(to)X
1448(your)X
1655(machine)X
2013(\(using)X
2284(the)X
2433(world-writable)X
2 f
3037(pub)X
1 f
3229(directory,)X
3633(described)X
4034(above\),)X
720 4004(you)N
895(should)X
1182(check)X
1438(often)X
1667(the)X
1816(contents)X
2168(of)X
2279(the)X
2428(directories)X
2866(into)X
3047(which)X
3313(they)X
3510(are)X
3658(allowed)X
3993(to)X
4098(write.)X
720 4116(Any)N
909(suspicious)X
1333(\256les)X
1517(you)X
1685(\256nd)X
1858(should)X
2138(be)X
2253(deleted.)X
5 f
14 s
576 4465(2.2.4.1)N
1010(Trivial)X
1340(FTP)X
1 f
12 s
920 4661(The)N
1104(Trivial)X
1401(File)X
1585(Transfer)X
1945(Protocol,)X
11 s
2327(TFTP)X
12 s
2533(,)X
2591(is)X
2689(used)X
2899(on)X
3029(Sun)X
3212(workstations)X
3737(\(and)X
3943(others\))X
4245(to)X
720 4773(allow)N
960(diskless)X
1290(hosts)X
1513(to)X
1614(boot)X
1811(from)X
2024(the)X
2168(network.)X
2557(Basically,)X
11 s
2964(TFTP)X
12 s
3195(is)X
3284(a)X
3352(stripped-down)X
3932(version)X
4240(of)X
11 s
720 4885(FTP)N
12 s
9 f
897(-)X
1 f
975(there)X
1193(is)X
1282(no)X
1403(user)X
1588 0.2188(authentication,)AX
2184(and)X
2348(the)X
2492(connection)X
2941(is)X
3031(based)X
3276(on)X
3398(the)X
3542(User)X
3749(Datagram)X
4155(Pro-)X
720 4997(tocol)N
957(instead)X
1274(of)X
1398(the)X
1560(Transmission)X
2122(Control)X
2460(Protocol.)X
2878(Because)X
3243(they)X
3452(are)X
3613(so)X
3741(stripped-down,)X
720 5109(many)N
958(implementations)X
1625(of)X
11 s
1727(TFTP)X
12 s
1958(have)X
2165(security)X
2495(holes.)X
2771(You)X
2961(should)X
3242(check)X
3492(your)X
3693(hosts)X
3915(by)X
4036(execut-)X
720 5221(ing)N
867(the)X
1009(command)X
1413(sequence)X
1790(shown)X
2064(below.)X
6 f
2395 6016(17)N
18 p
%%Page: 18 19
12 s 0 xH 0 xS 6 f
1 f
7 f
1008 880(%)N
8 f
1124(tftp)X
7 f
1008 992(tftp>)N
8 f
1356(connect)X
2 f
1820(yourhost)X
7 f
1008 1104(tftp>)N
8 f
1356(get)X
1588 0.4219(/etc/motd)AX
2168(tmp)X
7 f
1008 1216(Error)N
1356(code)X
1646(1:)X
1820(File)X
2110(not)X
2342(found)X
1008 1328(tftp>)N
8 f
1356(quit)X
7 f
1008 1440(%)N
1 f
720 1600(If)N
817(your)X
1026(version)X
1342(does)X
1551(not)X
1707(respond)X
2044(with)X
2248(``)X
2 f
2312(File)X
2501(not)X
2657(found)X
1 f
2876(,'')X
2998(and)X
3171(instead)X
3478(transfers)X
3843(the)X
3995(\256le,)X
4176(you)X
720 1712(should)N
1012(replace)X
1327(your)X
1539(version)X
1858(of)X
2 f
1975(tftpd)X
1 f
2168(*)X
2253(with)X
2461(a)X
2541(newer)X
2813(one.)X
3037(In)X
3154(particular,)X
3585(versions)X
3942(of)X
4059(Sun)X
11 s
4208(OS)X
12 s
720 1824(prior)N
931(to)X
1030(release)X
1322(4.0)X
1466(are)X
1608(known)X
1893(to)X
1992(have)X
2198(this)X
2361(problem.)X
6 f
14 s
576 2173(2.2.5)N
917(Mail)X
1 f
12 s
920 2369(Electronic)N
1342(mail)X
1539(is)X
1628(one)X
1792(of)X
1897(the)X
2040(main)X
2258(reasons)X
2572(for)X
2710(connecting)X
3159(to)X
3260(outside)X
3564(networks.)X
3990(On)X
4133(most)X
720 2481(versions)N
1079(of)X
1197(Berkeley-derived)X
11 s
1902(UNIX)X
12 s
2158(systems,)X
2524(including)X
2926(those)X
3167(from)X
3392(Sun,)X
3603(the)X
2 f
3759(sendmail)X
1 f
4160(pro-)X
720 2593(gram)N
953([Sun88a,)X
1332(1758-1760;)X
1810(Sun88b,)X
2162(441-488])X
2549(is)X
2649(used)X
2861(to)X
2972(enable)X
3260(the)X
3414(receipt)X
3713(and)X
3888(delivery)X
4240(of)X
720 2705(mail.)N
978(As)X
1122(with)X
1331(the)X
11 s
1485(FTP)X
12 s
1675(software,)X
2068(older)X
2303(versions)X
2660(of)X
2 f
2777(sendmail)X
1 f
3177(have)X
3396(several)X
3706(bugs)X
3924(that)X
4106(allow)X
720 2817(security)N
1063(violations.)X
1529(One)X
1727(of)X
1845(these)X
2081(bugs)X
2300(was)X
2487(used)X
2701(with)X
2910(great)X
3141(success)X
3467(by)X
3601(the)X
3757(Internet)X
4096(worm)X
720 2929([Seel88,)N
1064(Spaf88].)X
1442(The)X
1618(current)X
1916(version)X
2224(of)X
2 f
2329(sendmail)X
1 f
2717(from)X
2929(Berkeley)X
3302(is)X
3391(version)X
3699(5.61,)X
3916(of)X
4021(January)X
720 3041(1989.)N
984(Sun)X
1157(is,)X
1269(as)X
1373(of)X
1477(this)X
1640(writing,)X
1966(still)X
2135(shipping)X
2490(version)X
2798(5.59,)X
3015(which)X
3275(has)X
3428(a)X
3496(known)X
3782(security)X
4112(prob-)X
720 3153(lem.)N
946(They)X
1177(have,)X
1416(however,)X
1804(made)X
2046(a)X
2122(\256xed)X
2346(version)X
2661(available.)X
3090(Section)X
3411(4)X
3491(details)X
3775(how)X
3972(to)X
4079(obtain)X
720 3265(these)N
942(newer)X
1201(versions.)X
920 3405(Generally,)N
1356(with)X
1559(the)X
1709(exception)X
2116(of)X
2228(the)X
2378(security)X
2715(holes)X
2950(mentioned)X
3390(above,)X
2 f
3677(sendmail)X
1 f
4073(is)X
4170(rea-)X
720 3517(sonably)N
1045(secure)X
1317(when)X
1551(installed)X
1904(by)X
2026(most)X
2238(vendors')X
2599(installation)X
3053(procedures.)X
3548(There)X
3798(are,)X
3965(however,)X
720 3629(a)N
787(few)X
955(precautions)X
1423(that)X
1592(should)X
1872(be)X
1987(taken)X
2220(to)X
2319(ensure)X
2594(secure)X
2864(operation:)X
920 3769(1.)N
1120(Remove)X
1465(the)X
1607(``decode'')X
2032(alias)X
2233(from)X
2444(the)X
2586(aliases)X
2867(\256le)X
3014(\()X
2 f
3046(/etc/aliases)X
1 f
3504(or)X
2 f
3608(/usr/lib/aliases)X
1 f
4180(\).)X
920 3909(2.)N
1120(If)X
1209(you)X
1378(create)X
1634(aliases)X
1916(that)X
2086(allow)X
2325(messages)X
2713(to)X
2813(be)X
2929(sent)X
3109(to)X
3209(programs,)X
3621(be)X
3738(absolutely)X
4160(sure)X
1120 4021(that)N
1294(there)X
1516(is)X
1609(no)X
1734(way)X
1923(to)X
2027(obtain)X
2297(a)X
2368(shell)X
2578(or)X
2686(send)X
2890(commands)X
3335(to)X
3438(a)X
3509(shell)X
3719(from)X
3934(these)X
4160(pro-)X
1120 4133(grams.)N
920 4273(3.)N
1120(Make)X
1410(sure)X
1641(the)X
1830(``wizard'')X
2291(password)X
2724(is)X
2859(disabled)X
3251(in)X
3398(the)X
3588(con\256guration)X
4173(\256le,)X
2 f
1120 4385(sendmail.cf)N
1 f
1577(.)X
1653(\(Unless)X
1974(you)X
2146(modify)X
2452(the)X
2598(distributed)X
3038(con\256guration)X
3579(\256les,)X
3791(this)X
3957(shouldn't)X
1120 4497(be)N
1235(a)X
1302(problem.\))X
920 4637(4.)N
1120(Make)X
1371(sure)X
1563(your)X
2 f
1771(sendmail)X
1 f
2166(does)X
2374(not)X
2529(support)X
2850(the)X
3001(``debug'')X
3397(command.)X
3858(This)X
4062(can)X
4229(be)X
1120 4749(done)N
1331(with)X
1526(the)X
1668(following)X
2066(commands:)X
10 s
10 f
576 5394(h)N
592(hhhhhhhhhhhhhh)X
1 f
656 5504(*)N
736(On)X
854(Sun)X
998(systems,)X
2 f
1291(tftpd)X
1 f
1470(is)X
1543(stored)X
1759(in)X
1841(the)X
1959(\256le)X
2 f
2081(/usr/etc/in.tftpd)X
1 f
2584(.)X
2644(On)X
2762(most)X
2937(other)X
3122(systems,)X
3415(it)X
3479(is)X
3552(called)X
2 f
3764(/etc/tftpd)X
1 f
4061(.)X
6 f
12 s
2395 6016(18)N
19 p
%%Page: 19 20
12 s 0 xH 0 xS 6 f
1 f
7 f
1120 880(%)N
8 f
1236(telnet)X
1642 0.4219(localhost)AX
2222(25)X
7 f
1120 992(220)N
1352(yourhost)X
1874(Sendmail)X
2396(5.61)X
2686(ready)X
3034(at)X
3208(9)X
3324(Mar)X
3556(90)X
3730(10:57:36)X
4252(PST)X
8 f
1120 1104(debug)N
7 f
1120 1216(500)N
1352(Command)X
1816 0.4091(unrecognized)AX
8 f
1120 1328(quit)N
7 f
1120 1440(%)N
1 f
1120 1628(If)N
1211(your)X
2 f
1414(sendmail)X
1 f
1804(responds)X
2172(to)X
2274(the)X
2419(``debug'')X
2809(command)X
3216(with)X
3414(``)X
2 f
3478(200)X
3649(Debug)X
3932(set)X
1 f
4039(,'')X
4154(then)X
1120 1740(you)N
1296(are)X
1446(vulnerable)X
1885(to)X
1992(attack)X
2255(and)X
2425(should)X
2712(replace)X
3022(your)X
2 f
3229(sendmail)X
1 f
3623(with)X
3825(a)X
3899(newer)X
4165(ver-)X
1120 1852(sion.)N
720 1992(By)N
856(following)X
1254(the)X
1396(procedures)X
1842(above,)X
2120(you)X
2288(can)X
2446(be)X
2561(sure)X
2745(that)X
2914(your)X
3114(mail)X
3310(system)X
3601(is)X
3689(secure.)X
6 f
14 s
576 2341(2.2.6)N
917(Finger)X
1 f
12 s
920 2537(The)N
1094(``\256nger'')X
1470(service,)X
1791(provided)X
2157(by)X
2277(the)X
2 f
2419(\256nger)X
1 f
2683(program)X
3033([Sun88a,)X
3401(186-187],)X
3801(allows)X
4076(you)X
4245(to)X
720 2649(obtain)N
987(information)X
1468(about)X
1708(a)X
1777(user)X
1963(such)X
2165(as)X
2271(her)X
2420(full)X
2580(name,)X
2839(home)X
3079(directory,)X
3477(last)X
3637(login)X
3860(time,)X
4081(and)X
4245(in)X
720 2761(some)N
948(cases)X
1176(when)X
1410(she)X
1564(last)X
1724(received)X
2077(mail)X
2275(and/or)X
2547(read)X
2739(her)X
2888(mail.)X
3134(The)X
2 f
3310(\256ngerd)X
1 f
3624(program)X
3976([Sun88a,)X
720 2873(1625])N
968(allows)X
1243(users)X
1464(on)X
1584(remote)X
1876(hosts)X
2097(to)X
2196(obtain)X
2461(this)X
2624(information.)X
920 3013(A)N
1038(bug)X
1231(in)X
2 f
1355(\256ngerd)X
1 f
1692(was)X
1890(also)X
2094(exercised)X
2507(with)X
2727(success)X
3064(by)X
3210(the)X
3378(Internet)X
3728(worm)X
4002([Seel88,)X
720 3125(Spaf88].)N
1102(If)X
1196(your)X
1402(version)X
1715(of)X
2 f
1825(\256ngerd)X
1 f
2113(*)X
2191(is)X
2286(older)X
2515(than)X
2712(November)X
3149(5,)X
3252(1988,)X
3499(it)X
3584(should)X
3871(be)X
3993(replaced)X
720 3237(with)N
924(a)X
1000(newer)X
1268(version.)X
1632(New)X
1846(versions)X
2199(are)X
2350(available)X
2732(from)X
2952(several)X
3258(of)X
3371(the)X
3522(sources)X
3843(described)X
4245(in)X
720 3349(Section)N
1033(4.)X
6 f
14 s
576 3698(2.2.7)N
917(Modem)X
(s)S
1402(and)X
1631(Term)X
1905(inal)X
2128(Servers)X
1 f
12 s
920 3894(Modems)N
1308(and)X
1499(terminal)X
1873(servers)X
2197(\(terminal)X
2604(switches,)X
3012(Annex)X
3321(boxes,)X
3622(etc.\))X
3844(present)X
4175(still)X
720 4006(another)N
1067(potential)X
1463(security)X
1826(problem.)X
2253(The)X
2461(main)X
2712(problem)X
3091(with)X
3320(these)X
3576(devices)X
3923(is)X
4044(one)X
4240(of)X
720 4118(con\256guration)N
9 f
1275(-)X
1 f
1370(miscon\256gured)X
1962(hardware)X
2362(can)X
2538(allow)X
2795(security)X
3143(breaches.)X
3571(Explaining)X
4037(how)X
4245(to)X
720 4230(con\256gure)N
1113(every)X
1357(brand)X
1606(of)X
1716(modem)X
2035(and)X
2204(terminal)X
2556(server)X
2821(would)X
3091(require)X
3394(volumes.)X
3797(However,)X
4202(the)X
720 4342(following)N
1125(items)X
1365(should)X
1652(be)X
1774(checked)X
2121(for)X
2264(on)X
2391(any)X
2561(modems)X
2918(or)X
3029(terminal)X
3382(servers)X
3685(installed)X
4043(at)X
4144(your)X
720 4454(site:)N
920 4594(1.)N
1120(If)X
1209(a)X
1277(user)X
1462(dialed)X
1723(up)X
1844(to)X
1944(a)X
2013(modem)X
2328(hangs)X
2578(up)X
2700(the)X
2844(phone,)X
3129(the)X
3273(system)X
3566(should)X
3848(log)X
3997(him)X
4173(out.)X
1120 4706(If)N
1218(it)X
1306(doesn't,)X
1647(check)X
1906(the)X
2058(hardware)X
2450(connections)X
2944(and)X
3117(the)X
3269(kernel)X
3543(con\256guration)X
4089(of)X
4202(the)X
1120 4818(serial)N
1353(ports.)X
920 4958(2.)N
1120(If)X
1217(a)X
1293(user)X
1486(logs)X
1679(off,)X
1848(the)X
1999(system)X
2299(should)X
2588(force)X
2819(the)X
2971(modem)X
3294(to)X
3403(hang)X
3624(up.)X
3802(Again,)X
4095(check)X
1120 5070(the)N
1262(hardware)X
1644(connections)X
2128(if)X
2211(this)X
2374(doesn't)X
2681(work.)X
920 5210(3.)N
1120(If)X
1209(the)X
1352(connection)X
1800(from)X
2012(a)X
2080(terminal)X
2427(server)X
2687(to)X
2787(the)X
2930(system)X
3222(is)X
3311(broken,)X
3627(the)X
3771(system)X
4064(should)X
1120 5322(log)N
1267(the)X
1409(user)X
1593(off.)X
10 s
10 f
576 5418(h)N
592(hhhhhhhhhhhhhh)X
1 f
656 5528(*)N
736(On)X
854(Sun)X
998(systems,)X
2 f
1291(\256ngerd)X
1 f
1551(is)X
1624(stored)X
1840(in)X
2 f
1922(/usr/etc/in.\256ngerd)X
1 f
2506(.)X
2566(On)X
2684(most)X
2859(other)X
3044(systems,)X
3337(it)X
3401(is)X
3474(called)X
2 f
3686(/etc/\256ngerd)X
1 f
4064(.)X
6 f
12 s
2395 6016(19)N
20 p
%%Page: 20 21
12 s 0 xH 0 xS 6 f
1 f
920 832(4.)N
1120(If)X
1211(the)X
1356(terminal)X
1705(server)X
1967(is)X
2058(connected)X
2476(to)X
2578(modems,)X
2955(and)X
3121(the)X
3266(user)X
3453(hangs)X
3704(up,)X
3852(the)X
3998(terminal)X
1120 944(server)N
1379(should)X
1659(inform)X
1945(the)X
2087(system)X
2378(that)X
2547(the)X
2689(user)X
2873(has)X
3025(hung)X
3241(up.)X
920 1084(Most)N
1142(modem)X
1456(and)X
1620(terminal)X
1967(server)X
2227(manuals)X
2573(cover)X
2812(in)X
2912(detail)X
3152(how)X
3343(to)X
3444(properly)X
3796(connect)X
4122(these)X
720 1196(devices)N
1034(to)X
1134(your)X
1335(system.)X
1675(In)X
1780(particular)X
2175(you)X
2344(should)X
2625(pay)X
2789(close)X
3012(attention)X
3375(to)X
3475(the)X
3618(``Carrier)X
3980(Detect,'')X
720 1308(``Clear)N
1017(to)X
1116(Send,'')X
1420(and)X
1583(``Request)X
1981(to)X
2080(Send'')X
2360(connections.)X
6 f
14 s
576 1657(2.2.8)N
917(Firewalls)X
1 f
12 s
920 1853(One)N
1107(of)X
1214(the)X
1359(newer)X
1621(ideas)X
1846(in)X
1948(network)X
2290(security)X
2622(is)X
2714(that)X
2887(of)X
2995(a)X
2 f
3066(\256rewall)X
1 f
3376(.)X
3452(Basically,)X
3863(a)X
3934(\256rewall)X
4256(is)X
720 1965(a)N
795(special)X
1095(host)X
1287(that)X
1464(sits)X
1623(between)X
1975(your)X
2182(outside-world)X
2747(network)X
3093(connection\(s\))X
3648(and)X
3818(your)X
4025(internal)X
720 2077(network\(s\).)N
1221(This)X
1429(host)X
1626(does)X
1839(not)X
1999(send)X
2212(out)X
2373(routing)X
2689(information)X
3182(about)X
3434(your)X
3648(internal)X
3981(network,)X
720 2189(and)N
883(thus)X
1067(the)X
1209(internal)X
1528(network)X
1867(is)X
1955(``invisible'')X
2439(from)X
2650(the)X
2792(outside.)X
3142(In)X
3246(order)X
3473(to)X
3572(con\256gure)X
3959(a)X
4026(\256rewall)X
720 2301(machine,)N
1095(the)X
1237(following)X
1635(considerations)X
2215(need)X
2421(to)X
2520(be)X
2635(taken:)X
920 2441(1.)N
1120(The)X
1301(\256rewall)X
1626(does)X
1833(not)X
1987(advertise)X
2366(routes.)X
2680(This)X
2882(means)X
3159(that)X
3336(users)X
3565(on)X
3693(the)X
3843(internal)X
4170(net-)X
1120 2553(work)N
1342(must)X
1554(log)X
1701(in)X
1800(to)X
1899(the)X
2041(\256rewall)X
2359(in)X
2458(order)X
2685(to)X
2784(access)X
3054(hosts)X
3275(on)X
3395(remote)X
3687(networks.)X
4111(Like-)X
1120 2665(wise,)N
1351(in)X
1457(order)X
1691(to)X
1797(log)X
1951(in)X
2057(to)X
2163(a)X
2238(host)X
2430(on)X
2558(the)X
2708(internal)X
3035(network)X
3382(from)X
3601(the)X
3751(outside,)X
4085(a)X
4160(user)X
1120 2777(must)N
1331(\256rst)X
1504(log)X
1651(in)X
1750(to)X
1849(the)X
1991(\256rewall)X
2309(machine.)X
2708(This)X
2903(is)X
2991(inconvenient,)X
3537(but)X
3684(more)X
3906(secure.)X
920 2917(2.)N
1120(All)X
1268(electronic)X
1674(mail)X
1871(sent)X
2051(by)X
2172(your)X
2373(users)X
2595(must)X
2807(be)X
2923(forwarded)X
3343(to)X
3444(the)X
3588(\256rewall)X
3908(machine)X
4261(if)X
1120 3029(it)N
1208(is)X
1306(to)X
1415(be)X
1540(delivered)X
1933(outside)X
2245(your)X
2455(internal)X
2784(network.)X
3181(The)X
3364(\256rewall)X
3691(must)X
3911(receive)X
4223(all)X
1120 3141(incoming)N
1520(electronic)X
1937(mail,)X
2169(and)X
2344(then)X
2546(redistribute)X
3022(it.)X
3161(This)X
3369(can)X
3540(be)X
3668(done)X
3892(either)X
4149(with)X
1120 3253(aliases)N
1401(for)X
1537(each)X
1738(user)X
1922(or)X
2026(by)X
2146(using)X
2378(name)X
2611(server)X
11 s
2868(MX)X
12 s
3033(records.)X
920 3393(3.)N
1120(The)X
1300(\256rewall)X
1624(machine)X
1981(should)X
2267(not)X
2420(mount)X
2697(any)X
2867(\256le)X
3021(systems)X
3356(via)X
11 s
3503(NFS)X
12 s
3664(,)X
3719(or)X
3830(make)X
4070(any)X
4240(of)X
1120 3505(its)N
1235(\256le)X
1382(systems)X
1710(available)X
2083(to)X
2182(be)X
2297(mounted.)X
920 3645(4.)N
1120(Password)X
1511(security)X
1840(on)X
1960(the)X
2102(\256rewall)X
2420(must)X
2631(be)X
2746(rigidly)X
3027(enforced.)X
920 3785(5.)N
1120(The)X
1308(\256rewall)X
1640(host)X
1838(should)X
2132(not)X
2293(trust)X
2502(any)X
2679(other)X
2915(hosts)X
3151(regardless)X
3580(of)X
3699(where)X
3973(they)X
4178(are.)X
1120 3897(Furthermore,)N
1649(the)X
1791(\256rewall)X
2109(should)X
2389(not)X
2536(be)X
2651(trusted)X
2937(by)X
3057(any)X
3220(other)X
3442(host.)X
920 4037(6.)N
1120(Anonymous)X
11 s
1611(FTP)X
12 s
1787(and)X
1951(other)X
2174(similar)X
2467(services)X
2802(should)X
3083(only)X
3279(be)X
3395(provided)X
3762(by)X
3883(the)X
4026(\256rewall)X
1120 4149(host,)N
1328(if)X
1411(they)X
1601(are)X
1743(provided)X
2109(at)X
2203(all.)X
920 4289(The)N
1104(purpose)X
1442(of)X
1556(the)X
1708(\256rewall)X
2036(is)X
2134(to)X
2243(prevent)X
2566(crackers)X
2922(from)X
3144(accessing)X
3548(other)X
3781(hosts)X
4013(on)X
4144(your)X
720 4401(network.)N
1112(This)X
1312(means,)X
1611(in)X
1715(general,)X
2051(that)X
2224(you)X
2396(must)X
2611(maintain)X
2977(strict)X
3198(and)X
3365(rigidly)X
3650(enforced)X
4015(security)X
720 4513(on)N
844(the)X
990(\256rewall,)X
1336(but)X
1487(the)X
1633(other)X
1859(hosts)X
2084(are)X
2230(less)X
2402(vulnerable,)X
2861(and)X
3028(hence)X
3281(security)X
3615(may)X
3810(be)X
3930(somewhat)X
720 4625(lax.)N
914(But)X
1081(it)X
1163(is)X
1254(important)X
1656(to)X
1758(remember)X
2176(that)X
2348(the)X
2493(\256rewall)X
2814(is)X
2905(not)X
3055(a)X
3125(complete)X
3506(cure)X
3699(against)X
3999(crackers)X
9 f
720 4737(-)N
1 f
797(if)X
880(a)X
947(cracker)X
1255(can)X
1413(break)X
1651(into)X
1825(the)X
1967(\256rewall)X
2285(machine,)X
2661(he)X
2777(can)X
2936(then)X
3127(try)X
3259(to)X
3359(break)X
3598(into)X
3773(any)X
3937(other)X
4160(host)X
720 4849(on)N
840(your)X
1040(network.)X
6 f
14 s
576 5198(2.3)N
824(FILE)X
1096(SYSTEM)X
1585(SECURITY)X
1 f
12 s
920 5394(The)N
1097(last)X
1258(defense)X
1579(against)X
1879(system)X
2174(crackers)X
2523(are)X
2669(the)X
2815(permissions)X
3302(offered)X
3608(by)X
3732(the)X
3878(\256le)X
4029(system.)X
720 5506(Each)N
939(\256le)X
1088(or)X
1194(directory)X
1568(has)X
1722(three)X
1941(sets)X
2111(of)X
2217(permission)X
2665(bits)X
2830(associated)X
3252(with)X
3449(it:)X
3580(one)X
3745(set)X
3878(for)X
4016(the)X
4160(user)X
720 5618(who)N
909(owns)X
1135(the)X
1277(\256le,)X
1448(one)X
1611(set)X
1742(for)X
1879(the)X
2022(users)X
2244(in)X
2344(the)X
2487(group)X
2736(with)X
2932(which)X
3192(the)X
3335(\256le)X
3483(is)X
3572(associated,)X
4017(and)X
4181(one)X
6 f
2395 6016(20)N
21 p
%%Page: 21 22
12 s 0 xH 0 xS 6 f
1 f
720 832(set)N
859(for)X
1003(all)X
1132(other)X
1362(users)X
1590(\(the)X
1771(``world'')X
2154(permissions\).)X
2724(Each)X
2948(set)X
3086(contains)X
3438(three)X
3662(identical)X
4026(permis-)X
720 944(sion)N
904(bits,)X
1091(which)X
1350(control)X
1647(the)X
1789(following:)X
2 f
920 1084(read)N
1 f
1353(If)X
1457(set,)X
1628(the)X
1786(\256le)X
1949(or)X
2069(directory)X
2457(may)X
2663(be)X
2794(read.)X
3049(In)X
3170(the)X
3329(case)X
3536(of)X
3657(a)X
3741(directory,)X
4154(read)X
1353 1196(access)N
1626(allows)X
1904(a)X
1974(user)X
2161(to)X
2263(see)X
2413(the)X
2558(contents)X
2906(of)X
3013(a)X
3083(directory)X
3458(\(the)X
3635(names)X
3908(of)X
4015(the)X
4160(\256les)X
1353 1308(contained)N
1752(therein\),)X
2100(but)X
2247(not)X
2394(to)X
2493(access)X
2763(them.)X
2 f
920 1448(write)N
1 f
1353(If)X
1444(set,)X
1602(the)X
1747(\256le)X
1897(or)X
2004(directory)X
2379(may)X
2572(be)X
2690(written)X
2990(\(modi\256ed\).)X
3471(In)X
3578(the)X
3723(case)X
3916(of)X
4024(a)X
4095(direc-)X
1353 1560(tory,)N
1562(write)X
1790(permission)X
2242(implies)X
2556(the)X
2704(ability)X
2981(to)X
3086(create,)X
3371(delete,)X
3655(and)X
3823(rename)X
4136(\256les.)X
1353 1672(Note)N
1566(that)X
1738(the)X
1883(ability)X
2157(to)X
2259(remove)X
2575(a)X
2645(\256le)X
2795(is)X
2 f
2886(not)X
1 f
3052(controlled)X
3470(by)X
3593(the)X
3738(permissions)X
4224(on)X
1353 1784(the)N
1495(\256le,)X
1666(but)X
1813(rather)X
2062(the)X
2204(permissions)X
2687(on)X
2807(the)X
2949(directory)X
3321(containing)X
3752(the)X
3894(\256le.)X
2 f
920 1924(execute)N
1 f
1353(If)X
1457(set,)X
1628(the)X
1786(\256le)X
1949(or)X
2069(directory)X
2457(may)X
2663(be)X
2795(executed)X
3179(\(searched\).)X
3669(In)X
3790(the)X
3949(case)X
4156(of)X
4277(a)X
1353 2036(directory,)N
1755(execute)X
2080(permission)X
2532(implies)X
2846(the)X
2994(ability)X
3271(to)X
3376(access)X
3652(\256les)X
3841(contained)X
4245(in)X
1353 2148(that)N
1522(directory.)X
920 2288(In)N
1027(addition,)X
1394(a)X
1465(fourth)X
1728(permission)X
2178(bit)X
2308(is)X
2400(available)X
2777(in)X
2880(each)X
3085(set)X
3220(of)X
3328(permissions.)X
3863(This)X
4062(bit)X
4192(has)X
720 2400(a)N
787(different)X
1143(meaning)X
1499(in)X
1598(each)X
1799(set)X
1930(of)X
2034(permission)X
2480(bits:)X
2 f
920 2540(setuid)N
1 f
1288(If)X
1391(set)X
1537(in)X
1651(the)X
1808(owner)X
2087(permissions,)X
2609(this)X
2787(bit)X
2928(controls)X
3278(the)X
3436(``set)X
3647(user)X
3847(id'')X
4026(\(setuid\))X
1288 2652(status)N
1539(of)X
1650(a)X
1724(\256le.)X
1926(Setuid)X
2203(status)X
2453(means)X
2730(that)X
2906(when)X
3145(a)X
3219(program)X
3576(is)X
3671(executed,)X
4069(it)X
4154(exe-)X
1288 2764(cutes)N
1515(with)X
1715(the)X
1863(permissions)X
2352(of)X
2462(the)X
2610(user)X
2800(owning)X
3118(the)X
3266(program,)X
3646(in)X
3751(addition)X
4097(to)X
4202(the)X
1288 2876(permissions)N
1791(of)X
1915(the)X
2077(user)X
2281(executing)X
2700(the)X
2862(program.)X
3280(For)X
3456(example,)X
2 f
3850(sendmail)X
1 f
4256(is)X
1288 2988(setuid)N
1547(``root,'')X
1883(allowing)X
2249(it)X
2332(to)X
2436(write)X
2663(\256les)X
2852(in)X
2957(the)X
3105(mail)X
3307(queue)X
3567(area,)X
3782(which)X
4047(normal)X
1288 3100(users)N
1509(are)X
1651(not)X
1798(allowed)X
2127(to)X
2226(do.)X
2394(This)X
2589(bit)X
2715(is)X
2803(meaningless)X
3303(on)X
3423(nonexecutable)X
4004(\256les.)X
2 f
920 3240(setgid)N
1 f
1288(If)X
1387(set)X
1529(in)X
1639(the)X
1792(group)X
2052(permissions,)X
2571(this)X
2746(bit)X
2884(controls)X
3230(the)X
3384(``set)X
3591(group)X
3851(id'')X
4026(\(setgid\))X
1288 3352(status)N
1534(of)X
1641(a)X
1711(\256le.)X
1909(This)X
2107(behaves)X
2444(in)X
2546(exactly)X
2852(the)X
2997(same)X
3222(way)X
3409(as)X
3516(the)X
3660(setuid)X
3916(bit,)X
4068(except)X
1288 3464(that)N
1490(the)X
1665(group)X
1946(id)X
2078(is)X
2199(affected)X
2567(instead.)X
2945(This)X
3174(bit)X
3334(is)X
3456(meaningless)X
3990(on)X
4144(non-)X
1288 3576(executable)N
1725(\256les)X
1909(\(but)X
2088(see)X
2235(below\).)X
2 f
920 3716(sticky)N
1 f
1288(If)X
1382(set)X
1519(in)X
1624(the)X
1772(world)X
2026(permissions,)X
2540(the)X
2689(``sticky'')X
3078(bit)X
3211(tells)X
3403(the)X
3552(operating)X
3947(system)X
4245(to)X
1288 3828(do)N
1410(special)X
1704(things)X
1964(with)X
2160(the)X
2303(text)X
2473(image)X
2734(of)X
2839(an)X
2955(executable)X
3393(\256le.)X
3589(It)X
3673(is)X
3762(mostly)X
4049(a)X
4117(hold-)X
1288 3940(over)N
1490(from)X
1708(older)X
1937(versions)X
2288(of)X
11 s
2397(UNIX)X
12 s
2615(,)X
2670(and)X
2840(has)X
2999(little)X
3208(if)X
3298(any)X
3468(use)X
3627(today.)X
3920(This)X
4122(bit)X
4256(is)X
1288 4052(also)N
1467(meaningless)X
1967(on)X
2087(nonexecutable)X
2668(\256les)X
2852(\(but)X
3031(see)X
3178(below\).)X
6 f
14 s
576 4401(2.3.1)N
917(Setuid)X
1289(Shell)X
1586(Scripts)X
1 f
12 s
776 4597(Shell)N
998(scripts)X
1273(that)X
1442(have)X
1648(the)X
1790(setuid)X
2044(or)X
2148(setgid)X
2402(bits)X
2565(set)X
2696(on)X
2816(them)X
3033(are)X
2 f
3176(not)X
1 f
3340(secure,)X
3635(regardless)X
4050(of)X
4155(how)X
576 4709(many)N
816(safeguards)X
1253(are)X
1397(taken)X
1632(when)X
1866(writing)X
2170(them.)X
2437(There)X
2688(are)X
2832(numerous)X
3237(software)X
3593(packages)X
3971(available)X
576 4821(that)N
745(claim)X
984(to)X
1083(make)X
1316(shell)X
1522(scripts)X
1797(secure,)X
2091(but)X
2238(every)X
2476(one)X
2639(released)X
2979(so)X
3089(far)X
3221(has)X
3374(not)X
3522(managed)X
3895(to)X
3995(solve)X
4223(all)X
576 4933(the)N
718(problems.)X
776 5073(Setuid)N
1046(and)X
1209(setgid)X
1463(shell)X
1669(scripts)X
1944(should)X
2224(never)X
2462(be)X
2577(allowed)X
2906(on)X
3026(any)X
11 s
3187(UNIX)X
12 s
3429(system.)X
6 f
2395 6016(21)N
22 p
%%Page: 22 23
12 s 0 xH 0 xS 6 f
14 s
576 832(2.3.2)N
917(The)X
1146(Sticky)X
1506(Bit)X
1687(on)X
1854(Directories)X
1 f
12 s
776 1028(Newer)N
1056(versions)X
1400(of)X
11 s
1502(UNIX)X
12 s
1744(have)X
1950(attached)X
2296(a)X
2363(new)X
2548(meaning)X
2905(to)X
3005(the)X
3148(sticky)X
3403(bit.)X
3578(When)X
3833(this)X
3997(bit)X
4124(is)X
4213(set)X
576 1140(on)N
704(a)X
779(directory,)X
1183(it)X
1269(means)X
1547(that)X
1724(users)X
1953(may)X
2150(not)X
2304(delete)X
2566(or)X
2677(rename)X
2992(other)X
3221(users')X
3481(\256les)X
3672(in)X
3778(this)X
3948(directory.)X
576 1252(This)N
778(is)X
873(typically)X
1242(useful)X
1508(for)X
1652(the)X
2 f
1802(/tmp)X
1 f
2021(directory.)X
2449(Normally,)X
2 f
2874(/tmp)X
1 f
3093(is)X
3189(world-writable,)X
3817(enabling)X
4181(any)X
576 1364(user)N
765(to)X
869(delete)X
1129(another)X
1447(user's)X
1705(\256les.)X
1942(By)X
2083(setting)X
2369(the)X
2515(sticky)X
2773(bit)X
2903(on)X
2 f
3027(/tmp)X
1 f
3214(,)X
3266(users)X
3491(may)X
3685(only)X
3884(delete)X
4143(their)X
576 1476(own)N
765(\256les)X
949(from)X
1160(this)X
1323(directory.)X
776 1616(To)N
907(set)X
1038(the)X
1180(sticky)X
1434(bit)X
1560(on)X
1680(a)X
1747(directory,)X
2143(use)X
2295(the)X
2437(command)X
7 f
864 1776(#)N
8 f
980(chmod)X
1328(o+t)X
2 f
1560(directory)X
6 f
14 s
576 2173(2.3.3)N
917(The)X
1146(Setgid)X
1518(Bit)X
1699(on)X
1866(Directories)X
1 f
12 s
776 2369(In)N
893(Sun)X
11 s
1042(OS)X
12 s
1191(4.0,)X
1372(the)X
1527(setgid)X
1794(bit)X
1933(was)X
2119(also)X
2311(given)X
2562(a)X
2642(new)X
2839(meaning.)X
3256(Two)X
3469(rules)X
3693(can)X
3865(be)X
3994(used)X
4208(for)X
576 2481(assigning)N
963(group)X
1211(ownership)X
1635(to)X
1734(a)X
1801(\256le)X
1948(in)X
2047(Sun)X
11 s
2196(OS)X
12 s
2308(:)X
776 2621(1.)N
976(The)X
1151(System)X
1459(V)X
1553(mechanism,)X
2041(which)X
2301(says)X
2492(that)X
2663(a)X
2732(user's)X
2987(primary)X
3318(group)X
3568(id)X
3669(\(the)X
3845(one)X
4010(listed)X
4245(in)X
976 2733(the)N
1118(password)X
1504(\256le\))X
1683(is)X
1771(assigned)X
2126(to)X
2225(any)X
2388(\256le)X
2535(he)X
2650(creates.)X
776 2873(2.)N
976(The)X
1150(Berkeley)X
1522(mechanism,)X
2009(which)X
2268(says)X
2457(that)X
2626(the)X
2768(group)X
3016(id)X
3115(of)X
3219(a)X
3286(\256le)X
3433(is)X
3521(set)X
3652(to)X
3751(the)X
3893(group)X
4141(id)X
4240(of)X
976 2985(the)N
1118(directory)X
1490(in)X
1589(which)X
1848(it)X
1926(is)X
2014(created.)X
776 3125(If)N
872(the)X
1023(setgid)X
1286(bit)X
1421(is)X
1518(set)X
1658(on)X
1787(a)X
1863(directory,)X
2268(the)X
2419(Berkeley)X
2800(mechanism)X
3272(is)X
3369(enabled.)X
3750(Otherwise,)X
4202(the)X
576 3237(System)N
893(V)X
996(mechanism)X
1468(is)X
1565(enabled.)X
1946(Normally,)X
2372(the)X
2523(Berkeley)X
2904(mechanism)X
3376(is)X
3473(used;)X
3709(this)X
3881(mechanism)X
576 3349(must)N
796(be)X
920(used)X
1129(if)X
1221(creating)X
1565(directories)X
2005(for)X
2150(use)X
2311(by)X
2440(more)X
2671(than)X
2870(one)X
3043(member)X
3393(of)X
3507(a)X
3584(group)X
3842(\(see)X
4031(Section)X
576 3461(2.1.5\).)N
776 3601(To)N
907(set)X
1038(the)X
1180(setgid)X
1434(bit)X
1560(on)X
1680(a)X
1747(directory,)X
2143(use)X
2295(the)X
2437(command)X
7 f
864 3761(#)N
8 f
980(chmod)X
1328(g+s)X
2 f
1560(directory)X
6 f
14 s
576 4158(2.3.4)N
917(The)X
1146(um)X
(ask)S
1531(Value)X
1 f
12 s
776 4354(When)N
1036(a)X
1109(\256le)X
1262(is)X
1356(created)X
1665(by)X
1791(a)X
1864(program,)X
2244(say)X
2403(a)X
2477(text)X
2653(editor)X
2909(or)X
3020(a)X
3094(compiler,)X
3492(it)X
3577(is)X
3672(typically)X
4041(created)X
576 4466(with)N
772(all)X
894(permissions)X
1378(enabled.)X
1751(Since)X
1990(this)X
2154(is)X
2243(rarely)X
2492(desirable)X
2864(\(you)X
3064(don't)X
3291(want)X
3502(other)X
3724(users)X
3945(to)X
4044(be)X
4159(able)X
576 4578(to)N
685(write)X
917(your)X
1127(\256les\),)X
1377(the)X
2 f
1529(umask)X
1 f
1825(value)X
2069(is)X
2168(used)X
2379(to)X
2489(modify)X
2802(the)X
2955(set)X
3097(of)X
3212(permissions)X
3706(a)X
3784(\256le)X
3942(is)X
4041(created)X
576 4690(with.)N
835(Simply)X
1153(put,)X
1340(while)X
1594(the)X
2 f
1752(chmod)X
1 f
2063(command)X
2482([Sun88a,)X
2865(65-66])X
3160(speci\256es)X
3530(what)X
3756(bits)X
3934(should)X
4229(be)X
576 4802(turned)N
2 f
846(on)X
1 f
958(,)X
1006(the)X
1148(umask)X
1423(value)X
1656(speci\256es)X
2011(what)X
2222(bits)X
2385(should)X
2665(be)X
2780(turned)X
2 f
3050(off)X
1 f
3168(.)X
776 4942(For)N
937(example,)X
1316(the)X
1462(default)X
1758(umask)X
2037(on)X
2161(most)X
2376(systems)X
2708(is)X
2801(022.)X
3022(This)X
3222(means)X
3497(that)X
3671(write)X
3898(permission)X
576 5054(for)N
714(the)X
858(group)X
1108(and)X
1273(world)X
1523(should)X
1805(be)X
1922(turned)X
2193(off)X
2330(whenever)X
2729(a)X
2797(\256le)X
2945(is)X
3034(created.)X
3386(If)X
3475(instead)X
3773(you)X
3942(wanted)X
4245(to)X
576 5166(turn)N
763(off)X
907(all)X
1036(group)X
1292(and)X
1463(world)X
1719(permission)X
2173(bits,)X
2368(such)X
2576(that)X
2753(any)X
2924(\256le)X
3080(you)X
3257(created)X
3569(would)X
3842(not)X
3998(be)X
4122(read-)X
576 5278(able,)N
785(writable,)X
1149(or)X
1253(executable)X
1690(by)X
1810(anyone)X
2112(except)X
2388(yourself,)X
2751(you)X
2919(would)X
3183(set)X
3314(your)X
3514(umask)X
3789(to)X
3888(077.)X
776 5418(The)N
967(umask)X
1259(value)X
1509(is)X
1614(speci\256ed)X
1998(in)X
2115(the)X
2 f
2275(.cshrc)X
1 f
2565(or)X
2 f
2687(.pro\256le)X
1 f
3020(\256les)X
3222(read)X
3430(by)X
3568(the)X
3728(shell)X
3952(using)X
4202(the)X
2 f
576 5530(umask)N
1 f
861(command)X
1265([Sun88a,)X
1633(108,)X
1825(459].)X
2073(The)X
2247(``root'')X
2554(account)X
2878(should)X
3158(have)X
3364(the)X
3506(line)X
6 f
2395 6016(22)N
23 p
%%Page: 23 24
12 s 0 xH 0 xS 6 f
1 f
7 f
864 880(umask)N
1212(022)X
1 f
576 1040(in)N
676(its)X
2 f
792(/.cshrc)X
1 f
1092(\256le,)X
1264(in)X
1364(order)X
1593(to)X
1694(prevent)X
2009(the)X
2153(accidental)X
2571(creation)X
2908(of)X
3014(world-writable)X
3612(\256les)X
3798(owned)X
4080(by)X
4202(the)X
576 1152(super-user.)N
6 f
14 s
576 1501(2.3.5)N
917(Encrypting)X
1531(Files)X
1 f
12 s
776 1697(The)N
950(standard)X
11 s
1299(UNIX)X
2 f
12 s
1542(crypt)X
1 f
1781(command)X
2186([Sun88a,)X
2555(95])X
2708(is)X
2797(not)X
2945(at)X
3040(all)X
3162(secure.)X
3481(Although)X
3869(it)X
3948(is)X
4037(reason-)X
576 1809(able)N
762(to)X
862(expect)X
1139(that)X
2 f
1309(crypt)X
1 f
1548(will)X
1723(keep)X
1930(the)X
2073(casual)X
2339(``browser'')X
2801(from)X
3012(reading)X
3325(a)X
3392(\256le,)X
3563(it)X
3641(will)X
3815(present)X
4117(noth-)X
576 1921(ing)N
734(more)X
967(than)X
1168(a)X
1246(minor)X
1511(inconvenience)X
2103(to)X
2213(a)X
2291(determined)X
2760(cracker.)X
2 f
3127(Crypt)X
1 f
3397(implements)X
3883(a)X
3962(one-rotor)X
576 2033(machine)N
944(along)X
1199(the)X
1358(lines)X
1581(of)X
1702(the)X
1861(German)X
2212(Enigma)X
2553(\(broken)X
2893(in)X
3008(World)X
3294(War)X
3500(II\).)X
3684(The)X
3874(methods)X
4240(of)X
576 2145(attack)N
831(on)X
951(such)X
1151(a)X
1218(machine)X
1569(are)X
1711(well)X
1901(known,)X
2210(and)X
2373(a)X
2440(suf\256ciently)X
2897(large)X
3114(\256le)X
3262(can)X
3421(usually)X
3724(be)X
3840(decrypted)X
4245(in)X
576 2257(a)N
648(few)X
821(hours)X
1063(even)X
1274(without)X
1597(knowledge)X
2048(of)X
2156(what)X
2371(the)X
2517(\256le)X
2668(contains)X
3017([Reed84].)X
3451(In)X
3559(fact,)X
3756(publicly)X
4100(avail-)X
576 2369(able)N
762(packages)X
1140(of)X
1245(programs)X
1633(designed)X
2001(to)X
2102(``break'')X
2470(\256les)X
2656(encrypted)X
3062(with)X
2 f
3259(crypt)X
1 f
3499(have)X
3707(been)X
3915(around)X
4208(for)X
576 2481(several)N
873(years.)X
776 2621(There)N
1039(are)X
1196(software)X
1566(implementations)X
2248(of)X
2367(another)X
2695(algorithm,)X
3133(the)X
3290(Data)X
3511(Encryption)X
3978(Standard)X
576 2733(\()N
11 s
608(DES)X
12 s
774(\),)X
861(available)X
1241(on)X
1368(some)X
1602(systems.)X
1985(Although)X
2379(this)X
2549(algorithm)X
2955(is)X
3050(much)X
3295(more)X
3524(secure)X
3801(than)X
2 f
3998(crypt)X
1 f
4212(,)X
4266(it)X
576 2845(has)N
740(never)X
990(been)X
1209(proven)X
1513(that)X
1695(it)X
1786(is)X
1887(totally)X
2171(secure,)X
2478(and)X
2654(many)X
2905(doubts)X
3198(about)X
3449(its)X
3577(security)X
3919(have)X
4138(been)X
576 2957(raised)N
830(in)X
929(recent)X
1189(years.)X
776 3097(Perhaps)N
1114(the)X
1266(best)X
1455(thing)X
1687(to)X
1796(say)X
1958(about)X
2206(encrypting)X
2653(\256les)X
2848(on)X
2979(a)X
3057(computer)X
3456(system)X
3758(is)X
3857(this:)X
4082(if)X
4176(you)X
576 3209(think)N
799(you)X
968(have)X
1175(a)X
1243(\256le)X
1391(whose)X
1661(contents)X
2007(are)X
2150(important)X
2550(enough)X
2858(to)X
2958(encrypt,)X
3296(then)X
3486(that)X
3655(\256le)X
3802(should)X
4082(not)X
4229(be)X
576 3321(stored)N
836(on)X
957(the)X
1100(computer)X
1489(in)X
1589(the)X
1732(\256rst)X
1906(place.)X
2183(This)X
2380(is)X
2470(especially)X
2882(true)X
3058(of)X
3164(systems)X
3494(with)X
3691(limited)X
3991(security,)X
576 3433(such)N
776(as)X
11 s
878(UNIX)X
12 s
1120(systems)X
1448(and)X
1611(personal)X
1961(computers.)X
776 3573(It)N
874(is)X
977(important)X
1391(to)X
1505(note)X
1710(that)X
11 s
1893(UNIX)X
12 s
2151(passwords)X
2590(are)X
2 f
2748(not)X
1 f
2927(encrypted)X
3347(with)X
3558(the)X
2 f
3716(crypt)X
1 f
3970(program.)X
576 3685(Instead,)N
910(they)X
1108(are)X
1258(encrypted)X
1670(with)X
1873(a)X
1948(modi\256ed)X
2322(version)X
2637(of)X
2749(the)X
11 s
2896(DES)X
12 s
3093(that)X
3269(generates)X
3664(one-way)X
4026(encryp-)X
576 3797(tions)N
790(\(that)X
994(is,)X
1109(the)X
1254(password)X
1643(cannot)X
1927(be)X
2045(decrypted\).)X
2532(When)X
2789(you)X
2960(log)X
3110(in,)X
3236(the)X
3381(system)X
3676(does)X
3880(not)X
4031(decrypt)X
576 3909(your)N
782(password.)X
1221(Instead,)X
1552(it)X
1635(encrypts)X
1990(your)X
2195(attempted)X
2605(password,)X
3020(and)X
3188(if)X
3276(this)X
3444(comes)X
3719(out)X
3871(to)X
3975(the)X
4122(same)X
576 4021(result)N
814(as)X
918(encrypting)X
1354(your)X
1554(real)X
1723(password,)X
2133(you)X
2301(are)X
2443(allowed)X
2772(to)X
2871(log)X
3018(in.)X
6 f
14 s
576 4370(2.3.6)N
917(Devices)X
1 f
12 s
776 4566(The)N
963(security)X
1306(of)X
1424(devices)X
1751(is)X
1853(an)X
1982(important)X
2395(issue)X
2625(in)X
11 s
2736(UNIX)X
12 s
2954(.)X
3040(Device)X
3351(\256les)X
3549(\(usually)X
3897(residing)X
4245(in)X
2 f
576 4678(/dev)N
1 f
753(\))X
813(are)X
959(used)X
1163(by)X
1287(various)X
1598(programs)X
1989(to)X
2092(access)X
2366(the)X
2512(data)X
2701(on)X
2825(the)X
2971(disk)X
3159(drives)X
3422(or)X
3530(in)X
3633(memory.)X
4030(If)X
4122(these)X
576 4790(device)N
856(\256les)X
1044(are)X
1190(not)X
1341(properly)X
1695(protected,)X
2106(your)X
2310(system)X
2605(is)X
2697(wide)X
2912(open)X
3128(to)X
3232(a)X
3304(cracker.)X
3665(The)X
3844(entire)X
4093(list)X
4240(of)X
576 4902(devices)N
895(is)X
989(too)X
1142(long)X
1343(to)X
1448(go)X
1574(into)X
1754(here,)X
1974(since)X
2202(it)X
2286(varies)X
2546(widely)X
2837(from)X
3053(system)X
3349(to)X
3453(system.)X
3797(However,)X
4202(the)X
576 5014(following)N
974(guidelines)X
1394(apply)X
1632(to)X
1731(all)X
1852(systems:)X
776 5154(1.)N
976(The)X
1173(\256les)X
2 f
1380(/dev/kmem)X
1 f
1808(,)X
2 f
1880(/dev/mem)X
1 f
2265(,)X
2337(and)X
2 f
2524(/dev/drum)X
1 f
2978(should)X
3282(never)X
3544(be)X
3683(readable)X
4058(by)X
4202(the)X
976 5266(world.)N
1274(If)X
1364(your)X
1565(system)X
1857(supports)X
2207(the)X
2350(notion)X
2621(of)X
2726(the)X
2869(``kmem'')X
3263(group)X
3512(\(most)X
3756(newer)X
4016(systems)X
976 5378(do\))N
1135(and)X
1305(utilities)X
1626(such)X
1833(as)X
2 f
1944(ps)X
1 f
2076(are)X
2225(setgid)X
2486(``kmem,'')X
2910(then)X
3107(these)X
3336(\256les)X
3527(should)X
3814(be)X
3936(owned)X
4224(by)X
976 5490(user)N
1168(``root'')X
1483(and)X
1654(group)X
1910(``kmem,'')X
2335(and)X
2506(should)X
2794(be)X
2917(mode)X
3163(640.)X
3387(If)X
3483(your)X
3691(system)X
3990(does)X
4197(not)X
976 5602(support)N
1295(the)X
1444(notion)X
1721(of)X
1832(the)X
1981(``kmem'')X
2381(group,)X
2660(and)X
2830(utilities)X
3151(such)X
3358(as)X
2 f
3469(ps)X
1 f
3601(are)X
3751(setuid)X
4013(``root,'')X
976 5714(then)N
1166(these)X
1388(\256les)X
1572(should)X
1852(be)X
1967(owned)X
2247(by)X
2367(user)X
2551(``root'')X
2858(and)X
3021(mode)X
3259(600.)X
6 f
2395 6016(23)N
24 p
%%Page: 24 25
12 s 0 xH 0 xS 6 f
1 f
776 832(2.)N
976(The)X
1175(disk)X
1384(devices,)X
1746(such)X
1971(as)X
2 f
2100(/dev/sd0a)X
1 f
2485(,)X
2 f
2558(/dev/rxy1b)X
1 f
2981(,)X
3054(etc.,)X
3264(should)X
3569(be)X
3709(owned)X
4014(by)X
4160(user)X
976 944(``root'')N
1284(and)X
1448(group)X
1697(``operator,'')X
2195(and)X
2359(should)X
2640(be)X
2756(mode)X
2994(640.)X
3210(Note)X
3421(that)X
3590(each)X
3791(disk)X
3975(has)X
4127(eight)X
976 1056(partitions)N
1374(and)X
1547(two)X
1725(device)X
2011(\256les)X
2205(for)X
2351(each)X
2562(partition.)X
2971(Thus,)X
3221(the)X
3373(disk)X
3567(``sd0'')X
3863(would)X
4138(have)X
976 1168(the)N
1118(following)X
1516(device)X
1792(\256les)X
1976(associated)X
2396(with)X
2591(it)X
2669(in)X
2 f
2768(/dev)X
1 f
2945(:)X
1264 1328(sd0a)N
1560(sd0e)X
1856(rsd0a)X
2184(rsd0e)X
1264 1440(sd0b)N
1565(sd0f)X
1850(rsd0b)X
2183(rsd0f)X
1264 1552(sd0c)N
1560(sd0g)X
1861(rsd0c)X
2189(rsd0g)X
1264 1664(sd0d)N
1565(sd0h)X
1866(rsd0d)X
2199(rsd0h)X
776 1852(3.)N
976(With)X
1204(very)X
1410(few)X
1590(exceptions,)X
2062(all)X
2195(other)X
2429(devices)X
2754(should)X
3046(be)X
3173(owned)X
3465(by)X
3597(user)X
3793(``root.'')X
4160(One)X
976 1964(exception)N
1378(is)X
1469(terminals,)X
1879(which)X
2140(are)X
2284(changed)X
2631(to)X
2732(be)X
2849(owned)X
3131(by)X
3253(the)X
3397(user)X
3583(currently)X
3957(logged)X
4245(in)X
976 2076(on)N
1115(them.)X
1399(When)X
1672(the)X
1833(user)X
2036(logs)X
2239(out,)X
2429(the)X
2590(ownership)X
3034(of)X
3158(the)X
3320(terminal)X
3686(is)X
3794 0.2812(automatically)AX
976 2188(changed)N
1321(back)X
1527(to)X
1626(``root.'')X
6 f
14 s
576 2537(2.4)N
824(SECURITY)X
1419(IS)X
1555(YOUR)X
1909 -0.3413(RESPONSIBILITY)AX
1 f
12 s
776 2733(This)N
989(section)X
1304(has)X
1474(detailed)X
1822(numerous)X
2243(tools)X
2472(for)X
2627(improving)X
3071(security)X
3419(provided)X
3804(by)X
3943(the)X
11 s
4102(UNIX)X
12 s
576 2845(operating)N
973(system.)X
1321(The)X
1504(most)X
1724(important)X
2132(thing)X
2362(to)X
2469(note)X
2667(about)X
2913(these)X
3143(tools)X
3362(is)X
3458(that)X
3635(although)X
4004(they)X
4202(are)X
576 2957(available,)N
982(they)X
1181(are)X
1332(typically)X
1703(not)X
1859(put)X
2015(to)X
2123(use)X
2284(in)X
2392(most)X
2612(installations.)X
3159(Therefore,)X
3597(it)X
3685(is)X
3783(incumbent)X
4224(on)X
576 3069(you,)N
769(the)X
912(system)X
1204(administrator,)X
1767(to)X
1866(take)X
2051(the)X
2193(time)X
2389(and)X
2552(make)X
2785(the)X
2927(effort)X
3165(to)X
3264(enable)X
3540(these)X
3762(tools,)X
3997(and)X
4160(thus)X
576 3181(to)N
675(protect)X
967(your)X
1167(system)X
1458(from)X
1669(unauthorized)X
2196(access.)X
6 f
2395 6016(24)N
25 p
%%Page: 25 26
12 s 0 xH 0 xS 6 f
1 f
5 f
18 s
2068 896(SEC)N
2364(TIO)X
2604(N)X
2748(3)X
1596 1072(M)N
1716(O)X
1828(N)X
1932(ITO)X
2172(R)X
2276(IN)X
(G)S
2572(SEC)X
2868(U)X
2972(R)X
3076(ITY)X
1 f
12 s
776 1268(One)N
966(of)X
1076(the)X
1224(most)X
1441(important)X
1846(tasks)X
2068(in)X
2173(keeping)X
2508(any)X
2678(computer)X
3073(system)X
3371(secure)X
3648(is)X
3743(monitoring)X
4202(the)X
576 1380(security)N
916(of)X
1031(the)X
1184(system.)X
1534(This)X
1740(involves)X
2101(examining)X
2543(system)X
2845(log)X
3003(\256les)X
3197(for)X
3343(unauthorized)X
3880(accesses)X
4240(of)X
576 1492(the)N
721(system,)X
1039(as)X
1146(well)X
1339(as)X
1446(monitoring)X
1902(the)X
2048(system)X
2343(itself)X
2564(for)X
2704(security)X
3037(holes.)X
3316(This)X
3515(section)X
3816(describes)X
4202(the)X
576 1604(procedures)N
1026(for)X
1166(doing)X
1413(this.)X
1627(An)X
1771(additional)X
2184(part)X
2361(of)X
2468(monitoring)X
2923(security)X
3255(involves)X
3608(keeping)X
3940(abreast)X
4240(of)X
576 1716(security)N
905(problems)X
1287(found)X
1535(by)X
1655(others;)X
1941(this)X
2104(is)X
2192(described)X
2585(in)X
2684(Section)X
2997(5.)X
6 f
14 s
576 2065(3.1)N
824(ACCOUNT)X
1415(SECURITY)X
1 f
12 s
776 2261(Account)N
1134(security)X
1471(should)X
1759(be)X
1882(monitored)X
2310(periodically)X
2803(in)X
2910(order)X
3145(to)X
3252(check)X
3509(for)X
3653(two)X
3829(things:)X
4123(users)X
576 2373(logged)N
876(in)X
989(when)X
1235(they)X
1439(``shouldn't'')X
1968(be)X
2097(\(e.g.,)X
2330(late)X
2508(at)X
2616(night,)X
2875(when)X
3120(they're)X
3430(on)X
3563(vacation,)X
3951(etc.\),)X
4181(and)X
576 2485(users)N
831(executing)X
1264(commands)X
1739(they)X
1963(wouldn't)X
2368(normally)X
2774(be)X
2923(expected)X
3325(to)X
3459(use.)X
3694(The)X
3903(commands)X
576 2597(described)N
969(in)X
1068(this)X
1231(section)X
1528(can)X
1686(be)X
1801(used)X
2001(to)X
2100(obtain)X
2365(this)X
2528(information)X
3007(from)X
3218(the)X
3360(system.)X
6 f
14 s
576 2946(3.1.1)N
917(The)X
1146(lastlog)X
1537(File)X
1 f
12 s
776 3142(The)N
957(\256le)X
2 f
1111(/usr/adm/lastlog)X
1 f
1789([Sun88a,)X
2165(1485])X
2421(records)X
2736(the)X
2886(most)X
3105(recent)X
3373(login)X
3603(time)X
3807(for)X
3951(each)X
4160(user)X
576 3254(of)N
680(the)X
822(system.)X
1161(The)X
1335(message)X
1685(printed)X
1982(each)X
2183(time)X
2379(you)X
2547(log)X
2694(in,)X
2817(e.g.,)X
7 f
864 3414(Last)N
1154(login:)X
1560(Sat)X
1792(Mar)X
2024(10)X
2198(10:50:48)X
2720(from)X
3010 0.4000(spam.itstd.sri.c)AX
1 f
576 3574(uses)N
772(the)X
921(time)X
1124(stored)X
1390(in)X
1496(the)X
2 f
1645(lastlog)X
1 f
1954(\256le.)X
2156(Additionally,)X
2699(the)X
2849(last)X
3015(login)X
3245(time)X
3449(reported)X
3802(by)X
3930(the)X
2 f
4080(\256nger)X
1 f
576 3686(command)N
984(uses)X
1176(this)X
1342(time.)X
1589(Users)X
1834(should)X
2117(be)X
2235(told)X
2412(to)X
2514(carefully)X
2884(examine)X
3238(this)X
3404(time)X
3603(whenever)X
4004(they)X
4197(log)X
576 3798(in,)N
705(and)X
874(to)X
979(report)X
1239(unusual)X
1568(login)X
1796(times)X
2035(to)X
2140(the)X
2288(system)X
2585(administrator.)X
3177(This)X
3378(is)X
3472(an)X
3593(easy)X
3794(way)X
3984(to)X
4089(detect)X
576 3910(account)N
900(break-ins,)X
1306(since)X
1528(each)X
1729(user)X
1913(should)X
2193(remember)X
2608(the)X
2750(last)X
2908(time)X
3104(she)X
3256(logged)X
3542(into)X
3716(the)X
3858(system.)X
6 f
14 s
576 4259(3.1.2)N
917(The)X
1146(utm)X
1352(p)X
1451(and)X
1680(wtm)X
1905(p)X
2004(Files)X
1 f
12 s
776 4455(The)N
950(\256le)X
2 f
1097(/etc/utmp)X
1 f
1496([Sun88a,)X
1864(1485])X
2112(is)X
2200(used)X
2401(to)X
2501(record)X
2772(who)X
2962(is)X
3051(currently)X
3424(logged)X
3711(into)X
3886(the)X
4029(system.)X
576 4567(This)N
771(\256le)X
918(can)X
1076(be)X
1191(displayed)X
1584(using)X
1816(the)X
2 f
1958(who)X
1 f
2158(command)X
2562([Sun88a,)X
2930(597]:)X
7 f
864 4727(%)N
8 f
980(who)X
7 f
864 4839(hendra)N
1386(tty0c)X
1850(Mar)X
2082(13)X
2256(12:31)X
864 4951(heidari)N
1386(tty14)X
1850(Mar)X
2082(13)X
2256(13:54)X
864 5063(welgem)N
1386(tty36)X
1850(Mar)X
2082(13)X
2256(12:15)X
864 5175(reagin)N
1386(ttyp0)X
1850(Mar)X
2082(13)X
2256(08:54)X
2720 0.3971(\(aaifs.itstd.sri.\))AX
864 5287(ghg)N
1386(ttyp1)X
1850(Mar)X
2140(9)X
2256(07:03)X
2720 0.3984(\(hydra.riacs.edu\))AX
864 5399(compion)N
1386(ttyp2)X
1850(Mar)X
2140(1)X
2256(03:01)X
2720 0.3971(\(ei.ecn.purdue.ed\))AX
1 f
576 5559(For)N
742(each)X
952(user,)X
1169(the)X
1320(login)X
1551(name,)X
1817(terminal)X
2172(being)X
2420(used,)X
2654(login)X
2886(time,)X
3116(and)X
3289(remote)X
3591(host)X
3785(\(if)X
3910(the)X
4062(user)X
4256(is)X
576 5671(logged)N
862(in)X
961(via)X
1103(the)X
1245(network\))X
1616(are)X
1758(displayed.)X
6 f
2395 6016(25)N
26 p
%%Page: 26 27
12 s 0 xH 0 xS 6 f
1 f
776 832(The)N
955(\256le)X
2 f
1107(/usr/adm/wtmp)X
1 f
1728([Sun88a,)X
2101(1485])X
2355(records)X
2668(each)X
2875(login)X
3103(and)X
3272(logout)X
3548(time)X
3750(for)X
3892(every)X
4136(user.)X
576 944(This)N
771(\256le)X
918(can)X
1076(also)X
1255(be)X
1370(displayed)X
1763(using)X
1995(the)X
2 f
2137(who)X
1 f
2337(command:)X
7 f
864 1104(%)N
8 f
980(who)X
1212 0.4062(/usr/adm/wtmp)AX
7 f
864 1216(davy)N
1386(ttyp4)X
1908(Jan)X
2198(7)X
2314(12:42)X
2662 0.3971(\(annex01.riacs.ed\))AX
1386 1328(ttyp4)N
1908(Jan)X
2198(7)X
2314(15:33)X
864 1440(davy)N
1386(ttyp4)X
1908(Jan)X
2198(7)X
2314(15:33)X
2662 0.3971(\(annex01.riacs.ed\))AX
1386 1552(ttyp4)N
1908(Jan)X
2198(7)X
2314(15:35)X
864 1664(hyder)N
1386(ttyp3)X
1908(Jan)X
2198(8)X
2314(09:07)X
2662 0.3971(\(triceratops.itst\))AX
1386 1776(ttyp3)N
1908(Jan)X
2198(8)X
2314(11:43)X
1 f
576 1936(A)N
670(line)X
840(that)X
1010(contains)X
1356(a)X
1424(login)X
1647(name)X
1881(indicates)X
2249(the)X
2392(time)X
2589(the)X
2732(user)X
2917(logged)X
3204(in;)X
3331(a)X
3399(line)X
3569(with)X
3765(no)X
3887(login)X
4111(name)X
576 2048(indicates)N
955(the)X
1109(time)X
1317(that)X
1498(the)X
1652(terminal)X
2010(was)X
2195(logged)X
2493(off.)X
2689(Unfortunately,)X
3289(the)X
3443(output)X
3725(from)X
3948(this)X
4122(com-)X
576 2160(mand)N
821(is)X
916(rarely)X
1172(as)X
1283(simple)X
1571(as)X
1682(in)X
1788(the)X
1937(example)X
2295(above;)X
2583(if)X
2673(several)X
2977(users)X
3205(log)X
3359(in)X
3465(at)X
3566(once,)X
3803(the)X
3952(login)X
4181(and)X
576 2272(logout)N
846(times)X
1079(are)X
1221(all)X
1342(mixed)X
1607(together)X
1947(and)X
2110(must)X
2321(be)X
2436(matched)X
2787(up)X
2907(by)X
3027(hand)X
3238(using)X
3470(the)X
3612(terminal)X
3958(name.)X
776 2412(The)N
2 f
959(wtmp)X
1 f
1216(\256le)X
1372(may)X
1571(also)X
1759(be)X
1883(examined)X
2291(using)X
2532(the)X
2 f
2683(last)X
1 f
2871(command)X
3284([Sun88a,)X
3661(248].)X
3918(This)X
4122(com-)X
576 2524(mand)N
822(sorts)X
1035(out)X
1190(the)X
1340(entries)X
1629(in)X
1736(the)X
1885(\256le,)X
2063(matching)X
2453(up)X
2580(login)X
2809(and)X
2979(logout)X
3256(times.)X
3544(With)X
3768(no)X
3895(arguments,)X
2 f
576 2636(last)N
1 f
756(displays)X
1096(all)X
1219(information)X
1700(in)X
1801(the)X
1945(\256le.)X
2142(By)X
2280(giving)X
2552(the)X
2696(name)X
2931(of)X
3037(a)X
3106(user)X
3292(or)X
3398(terminal,)X
3770(the)X
3914(output)X
4186(can)X
576 2748(be)N
698(restricted)X
1088(to)X
1194(the)X
1343(information)X
1829(about)X
2074(the)X
2223(user)X
2414(or)X
2525(terminal)X
2878(in)X
2984(question.)X
3389(Sample)X
3709(output)X
3985(from)X
4202(the)X
2 f
576 2860(last)N
1 f
755(command)X
1159(is)X
1247(shown)X
1521(below.)X
7 f
10 s
864 3004(%)N
8 f
960(last)X
7 f
864 3100(davy)N
1344(ttyp3)X
1680(intrepid.itstd.s)X
2496(Tue)X
2688(Mar)X
2880(13)X
3024(10:55)X
3312(-)X
3408(10:56)X
3696(\(00:00\))X
864 3196(hyder)N
1344(ttyp3)X
1680(clyde.itstd.sri.)X
2496(Mon)X
2688(Mar)X
2880(12)X
3024(15:31)X
3312(-)X
3408(15:36)X
3696(\(00:04\))X
864 3292(reboot)N
1344(\304)X
2496(Mon)X
2688(Mar)X
2880(12)X
3024(15:16)X
864 3388(shutdown)N
1344(\304)X
2496(Mon)X
2688(Mar)X
2880(12)X
3024(15:16)X
864 3484(arms)N
1344(ttyp3)X
1680(clyde0.itstd.sri)X
2496(Mon)X
2688(Mar)X
2880(12)X
3024(15:08)X
3312(-)X
3408(15:12)X
3696(\(00:04\))X
864 3580(hyder)N
1344(ttyp3)X
1680(spam.itstd.sri.c)X
2496(Sun)X
2688(Mar)X
2880(11)X
3024(21:08)X
3312(-)X
3408(21:13)X
3696(\(00:04\))X
864 3676(reboot)N
1344(\304)X
2496(Sat)X
2688(Mar)X
2880(10)X
3024(20:05)X
864 3772(davy)N
1344(ftp)X
1680(hydra.riacs.edu)X
2496(Sat)X
2688(Mar)X
2880(10)X
3024(13:23)X
3312(-)X
3408(13:30)X
3696(\(00:07\))X
1 f
12 s
576 3932(For)N
740(each)X
948(login)X
1177(session,)X
1509(the)X
1658(user)X
1849(name,)X
2113(terminal)X
2466(used,)X
2697(remote)X
2996(host)X
3187(\(if)X
3309(the)X
3459(user)X
3651(logged)X
3945(in)X
4052(via)X
4202(the)X
576 4044(network\),)N
975(login)X
1201(and)X
1368(logout)X
1642(times,)X
1903(and)X
2070(session)X
2375(duration)X
2724(are)X
2870(shown.)X
3196(Additionally,)X
3735(the)X
3880(times)X
4116(of)X
4223(all)X
576 4156(system)N
886(shutdowns)X
1339(and)X
1521(reboots)X
1847(\(generated)X
2297(by)X
2436(the)X
2 f
2597(shutdown)X
1 f
3024(and)X
2 f
3206(reboot)X
1 f
3516(commands)X
3976([Sun88a,)X
576 4268(1727,)N
817(1765]\))X
1098(are)X
1240(recorded.)X
1649(Unfortunately,)X
2237(system)X
2528(crashes)X
2835(are)X
2977(not)X
3124(recorded.)X
3533(In)X
3637(newer)X
3896(versions)X
4240(of)X
576 4380(the)N
730(operating)X
1130(system,)X
1457(pseudo)X
1765(logins)X
2036(such)X
2248(as)X
2364(those)X
2603(via)X
2757(the)X
2 f
2911(ftp)X
1 f
3065(command)X
3481(are)X
3636(also)X
3828(recorded;)X
4229(an)X
576 4492(example)N
927(of)X
1031(this)X
1194(is)X
1282(shown)X
1556(in)X
1655(the)X
1797(last)X
1955(line)X
2124(of)X
2228(the)X
2370(sample)X
2667(output,)X
2961(above.)X
6 f
14 s
576 4841(3.1.3)N
917(The)X
1146(acct)X
1401(File)X
1 f
12 s
776 5037(The)N
957(\256le)X
2 f
1111(/usr/adm/acct)X
1 f
1688([Sun88a,)X
2064(1344-1345])X
2544(records)X
2859(each)X
3068(execution)X
3475(of)X
3587(a)X
3662(command)X
4074(on)X
4202(the)X
576 5149(system,)N
901(who)X
1100(executed)X
1477(it,)X
1589(when,)X
1855(and)X
2028(how)X
2227(long)X
2432(it)X
2520(took.)X
2773(This)X
2978(information)X
3467(is)X
3565(logged)X
3861(each)X
4072(time)X
4277(a)X
576 5261(command)N
990(completes,)X
1439(but)X
1596(only)X
1801(if)X
1894(your)X
2104(kernel)X
2379(was)X
2562(compiled)X
2955(with)X
3160(the)X
11 s
3310(SYSACCT)X
12 s
3740(option)X
4020(enabled)X
576 5373(\(the)N
750(option)X
1020(is)X
1108(enabled)X
1432(in)X
1531(some)X
11 s
1756(GENERIC)X
12 s
2161(kernels,)X
2487(but)X
2634(is)X
2722(usually)X
3024(disabled)X
3369(by)X
3489(default\).)X
776 5513(The)N
2 f
951(acct)X
1 f
1153(\256le)X
1301(can)X
1460(be)X
1576(displayed)X
1970(using)X
2203(the)X
2 f
2346(lastcomm)X
1 f
2755(command)X
3160([Sun88a,)X
3529(249].)X
3778(With)X
3996(no)X
4117(argu-)X
576 5625(ments,)N
863(all)X
993(the)X
1144(information)X
1632(in)X
1740(the)X
1891(\256le)X
2047(is)X
2144(displayed.)X
2594(However,)X
3002(by)X
3130(giving)X
3408(a)X
3483(command)X
3895(name,)X
4160(user)X
6 f
2395 6016(26)N
27 p
%%Page: 27 28
12 s 0 xH 0 xS 6 f
1 f
576 832(name,)N
844(or)X
959(terminal)X
1316(name)X
1560(as)X
1675(an)X
1801(argument,)X
2224(the)X
2377(output)X
2658(can)X
2828(be)X
2955(restricted)X
3350(to)X
3461(information)X
3952(about)X
4202(the)X
576 944(given)N
814(command,)X
1242(user,)X
1450(or)X
1554(terminal.)X
1948(Sample)X
2261(output)X
2531(from)X
2 f
2742(lastcomm)X
1 f
3150(is)X
3238(shown)X
3512(below.)X
7 f
10 s
864 1088(%)N
8 f
960(lastcomm)X
7 f
864 1184(sh)N
1392(S)X
1680(root)X
2112(__)X
2640(0.67)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:45)X
864 1280(atrun)N
1680(root)X
2112(__)X
2640(0.23)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:45)X
864 1376(lpd)N
1440(F)X
1680(root)X
2112(__)X
2640(1.06)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:44)X
864 1472(lpr)N
1392(S)X
1680(burwell)X
2112(tty09)X
2640(1.23)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:44)X
864 1568(troff)N
1680(burwell)X
2112(tty09)X
2592(12.83)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:44)X
864 1664(eqn)N
1680(burwell)X
2112(tty09)X
2640(1.44)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:44)X
864 1760(df)N
1680(kindred)X
2112(ttyq7)X
2640(0.78)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:44)X
864 1856(ls)N
1680(kindred)X
2112(ttyq7)X
2640(0.28)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:44)X
864 1952(cat)N
1680(kindred)X
2112(ttyq7)X
2640(0.05)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:44)X
864 2048(stty)N
1680(kindred)X
2112(ttyq7)X
2640(0.05)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:44)X
864 2144(tbl)N
1680(burwell)X
2112(tty09)X
2640(1.08)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:44)X
864 2240(rlogin)N
1392(S)X
1680(jones)X
2112(ttyp3)X
2640(5.66)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:38)X
864 2336(rlogin)N
1440(F)X
1680(jones)X
2112(ttyp3)X
2640(2.53)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:41)X
864 2432(stty)N
1680(kindred)X
2112(ttyq7)X
2640(0.05)X
2880(secs)X
3120(Tue)X
3312(Mar)X
3504(13)X
3648(12:44)X
1 f
12 s
576 2592(The)N
752(\256rst)X
927(column)X
1242(indicates)X
1611(the)X
1755(name)X
1991(of)X
2098(the)X
2243(command.)X
2698(The)X
2875(next)X
3068(column)X
3384(displays)X
3726(certain)X
4016(\257ags)X
4224(on)X
576 2704(the)N
723(command:)X
1183(an)X
1303(``F'')X
1513(means)X
1788(the)X
1935(process)X
2252(spawned)X
2617(a)X
2689(child)X
2911(process,)X
3252(``S'')X
3461(means)X
3735(the)X
3881(process)X
4197(ran)X
576 2816(with)N
771(the)X
913(set-user-id)X
1343(bit)X
1469(set,)X
1624(``D'')X
1845(means)X
2115(the)X
2257(process)X
2569(exited)X
2829(with)X
3024(a)X
3091(core)X
3281(dump,)X
3548(and)X
3711(``X'')X
3932(means)X
4202(the)X
576 2928(process)N
894(was)X
1073(killed)X
1323(abnormally.)X
1840(The)X
2020(remaining)X
2440(columns)X
2795(show)X
3026(the)X
3173(name)X
3411(of)X
3520(the)X
3667(user)X
3856(who)X
4050(ran)X
4202(the)X
576 3040(program,)N
957(the)X
1106(terminal)X
1459(he)X
1581(ran)X
1735(it)X
1821(from)X
2040(\(if)X
2163(applicable\),)X
2648(the)X
2798(amount)X
3119(of)X
11 s
3229(CPU)X
12 s
3432(time)X
3636(used)X
3844(by)X
3972(the)X
4122(com-)X
576 3152(mand)N
814(\(in)X
945(seconds\),)X
1329(and)X
1492(the)X
1634(date)X
1819(and)X
1982(time)X
2178(the)X
2320(process)X
2632(started.)X
6 f
14 s
576 3501(3.2)N
824(NETW)X
1153(ORK)X
1433(SECURITY)X
1 f
12 s
776 3697(Monitoring)N
1238(network)X
1577(security)X
1906(is)X
1994(more)X
2216(dif\256cult,)X
2569(because)X
2899(there)X
3117(are)X
3260(so)X
3370(many)X
3609(ways)X
3831(for)X
3968(a)X
4036(cracker)X
576 3809(to)N
691(attempt)X
1021(to)X
1136(break)X
1390(in.)X
1553(However,)X
1969(there)X
2202(are)X
2360(some)X
2603(programs)X
3006(available)X
3395(to)X
3509(aid)X
3666(you)X
3849(in)X
3963(this)X
4141(task.)X
576 3921(These)N
830(are)X
972(described)X
1365(in)X
1464(this)X
1627(section.)X
6 f
14 s
576 4270(3.2.1)N
917(The)X
1146(syslog)X
1530(Facility)X
1 f
12 s
776 4466(The)N
2 f
955(syslog)X
1 f
1240(facility)X
1543([Sun88a,)X
1916(1773])X
2169(is)X
2262(a)X
2334(mechanism)X
2802(that)X
2977(enables)X
3296(any)X
3465(command)X
3875(to)X
3980(log)X
4133(error)X
576 4578(messages)N
969(and)X
1138(informational)X
1693(messages)X
2086(to)X
2191(the)X
2339(system)X
2636(console,)X
2984(as)X
3094(well)X
3289(as)X
3398(to)X
3502(a)X
3574(log)X
3726(\256le.)X
3926(Typically,)X
576 4690(error)N
793(messages)X
1186(are)X
1334(logged)X
1626(in)X
1732(the)X
1881(\256le)X
2 f
2035(/usr/adm/messages)X
1 f
2812(along)X
3057(with)X
3259(the)X
3408(date,)X
3624(time,)X
3851(name)X
4091(of)X
4202(the)X
576 4802(program)N
927(sending)X
1251(the)X
1394(message,)X
1769(and)X
1933(\(usually\))X
2300(the)X
2443(process)X
2756(id)X
2856(of)X
2961(the)X
3104(program.)X
3503(A)X
3597(sample)X
3895(segment)X
4240(of)X
576 4914(the)N
2 f
718(messages)X
1 f
1120(\256le)X
1267(is)X
1355(shown)X
1629(below.)X
6 f
2395 6016(27)N
28 p
%%Page: 28 29
12 s 0 xH 0 xS 6 f
1 f
7 f
10 s
864 864(Mar)N
1056(12)X
1200(14:53:37)X
1632(sparkyfs)X
2064(login:)X
2400(ROOT)X
2640(LOGIN)X
2928(ttyp3)X
3216(FROM)X
3456(setekfs.itstd.sr)X
864 960(Mar)N
1056(12)X
1200(15:18:08)X
1632(sparkyfs)X
2064(login:)X
2400(ROOT)X
2640(LOGIN)X
2928(ttyp3)X
3216(FROM)X
3456(setekfs.itstd.sr)X
864 1056(Mar)N
1056(12)X
1200(16:50:25)X
1632(sparkyfs)X
2064(login:)X
2400(ROOT)X
2640(LOGIN)X
2928(ttyp4)X
3216(FROM)X
3456(pongfs.itstd.sri)X
864 1152(Mar)N
1056(12)X
1200(16:52:20)X
1632(sparkyfs)X
2064(vmunix:)X
2448(sd2c:)X
2784(read)X
3024(failed,)X
3408(no)X
3552(retries)X
864 1248(Mar)N
1056(13)X
1200(06:01:18)X
1632(sparkyfs)X
2064(vmunix:)X
2448(/:)X
2592(file)X
2832(system)X
3168(full)X
864 1344(Mar)N
1056(13)X
1200(08:02:03)X
1632(sparkyfs)X
2064(login:)X
2400(ROOT)X
2640(LOGIN)X
2928(ttyp4)X
3216(FROM)X
3456(triceratops.itst)X
864 1440(Mar)N
1056(13)X
1200(08:28:52)X
1632(sparkyfs)X
2064(su:)X
2256(davy)X
2496(on)X
2640(/dev/ttyp3)X
864 1536(Mar)N
1056(13)X
1200(08:38:03)X
1632(sparkyfs)X
2064(login:)X
2400(ROOT)X
2640(LOGIN)X
2928(ttyp4)X
3216(FROM)X
3456(triceratops.itst)X
864 1632(Mar)N
1056(13)X
1200(10:56:54)X
1632(sparkyfs)X
2064(automount[154]:)X
2832(host)X
3072(aaifs)X
3360(not)X
3552(responding)X
864 1728(Mar)N
1056(13)X
1200(11:30:42)X
1632(sparkyfs)X
2064(login:)X
2400(REPEATED)X
2832(LOGIN)X
3120(FAILURES)X
3552(ON)X
3696(ttyp3)X
3984(FROM)X
1632 1824(intrepid.itstd.s,)N
2496(daemon)X
1 f
12 s
576 1984(Of)N
708(particular)X
1109(interest)X
1424(in)X
1530(this)X
1700(sample)X
2004(are)X
2153(the)X
2302(messages)X
2696(from)X
2915(the)X
2 f
3065(login)X
1 f
3311(and)X
2 f
3482(su)X
1 f
3615(programs.)X
4058(When-)X
576 2096(ever)N
775(someone)X
1150(logs)X
1343(in)X
1451(as)X
1564(``root,'')X
2 f
1904(login)X
1 f
2151(logs)X
2344(this)X
2516(information.)X
3052(Generally,)X
3489(logging)X
3816(in)X
3924(as)X
4037(``root'')X
576 2208(directly,)N
925(rather)X
1181(than)X
1378(using)X
1617(the)X
2 f
1766(su)X
1 f
1898(command,)X
2333(should)X
2620(be)X
2742(discouraged,)X
3262(as)X
3373(it)X
3458(is)X
3553(hard)X
3755(to)X
3861(track)X
4085(which)X
576 2320(person)N
858(is)X
948(actually)X
1280(using)X
1514(the)X
1658(account.)X
2032(Once)X
2261(this)X
2426(ability)X
2699(has)X
2853(been)X
3061(disabled,)X
3432(as)X
3537(described)X
3931(in)X
4031(Section)X
576 2432(2.2.2,)N
821(detecting)X
1205(a)X
1278(security)X
1613(violation)X
1986(becomes)X
2353(a)X
2426(simple)X
2713(matter)X
2990(of)X
3100(searching)X
3499(the)X
2 f
3647(messages)X
1 f
4055(\256le)X
4208(for)X
576 2544(lines)N
782(of)X
886(this)X
1049(type.)X
2 f
776 2684(Login)N
1 f
1045(also)X
1229(logs)X
1418(any)X
1586(case)X
1782(of)X
1892(someone)X
2264(repeatedly)X
2696(trying)X
2956(to)X
3061(log)X
3214(in)X
3319(to)X
3424(an)X
3545(account)X
3875(and)X
4044(failing.)X
576 2796(After)N
811(three)X
1036(attempts,)X
2 f
1419(login)X
1 f
1665(will)X
1847(refuse)X
2114(to)X
2221(let)X
2350(the)X
2500(person)X
2788(try)X
2927(anymore.)X
3344(Searching)X
3761(for)X
3904(these)X
4133(mes-)X
576 2908(sages)N
808(in)X
907(the)X
2 f
1049(messages)X
1 f
1451(\256le)X
1598(can)X
1756(alert)X
1952(you)X
2120(to)X
2219(a)X
2286(cracker)X
2594(attempting)X
3031(to)X
3130(guess)X
3367(someone's)X
3802(password.)X
776 3048(Finally,)N
1104(when)X
1343(someone)X
1716(uses)X
1912(the)X
2 f
2061(su)X
1 f
2194(command,)X
2630(either)X
2882(to)X
2989(become)X
3321(``root'')X
3636(or)X
3748(someone)X
4146(else,)X
2 f
576 3160(su)N
1 f
708(logs)X
898(the)X
1046(success)X
1364(or)X
1474(failure)X
1756(of)X
1866(this)X
2035(operation.)X
2477(These)X
2737(messages)X
3130(can)X
3294(be)X
3415(used)X
3621(to)X
3726(check)X
3981(for)X
4123(users)X
576 3272(sharing)N
885(their)X
1088(passwords,)X
1537(as)X
1643(well)X
1835(as)X
1942(for)X
2081(a)X
2151(cracker)X
2462(who)X
2654(has)X
2809(penetrated)X
3238(one)X
3404(account)X
3731(and)X
3897(is)X
3988(trying)X
4245(to)X
576 3384(penetrate)N
954(others.)X
6 f
14 s
576 3733(3.2.2)N
917(The)X
1146(showm)X
1531(ount)X
1804(Com)X
2053(m)X
2153(and)X
1 f
12 s
776 3929(The)N
2 f
953(showmount)X
1 f
1433(command)X
1840([Sun88a,)X
2212(1764])X
2464(can)X
2626(be)X
2745(used)X
2949(on)X
3073(an)X
11 s
3190(NFS)X
12 s
3379(\256le)X
3530(server)X
3793(to)X
3896(display)X
4202(the)X
576 4041(names)N
850(of)X
958(all)X
1083(hosts)X
1308(that)X
1480(currently)X
1855(have)X
2064(something)X
2492(mounted)X
2856(from)X
3070(the)X
3215(server.)X
3525(With)X
3745(no)X
3868(options,)X
4202(the)X
576 4153(program)N
931(simply)X
1222(displays)X
1566(a)X
1638(list)X
1785(of)X
1894(all)X
2020(the)X
2167(hosts.)X
2441(With)X
2663(the)X
2 f
2810(-a)X
1 f
2935(and)X
2 f
3104(-d)X
1 f
3230(options,)X
3567(the)X
3715(output)X
3991(is)X
4085(some-)X
576 4265(what)N
790(more)X
1015(useful.)X
1325(The)X
1502(\256rst)X
1678(option,)X
2 f
1975(-a)X
1 f
2071(,)X
2122(causes)X
2 f
2400(showmount)X
1 f
2880(to)X
2982(list)X
3127(all)X
3251(the)X
3396(host)X
3583(and)X
3748(directory)X
4122(com-)X
576 4377(binations.)N
1001(For)X
1158(example,)X
7 f
864 4537 0.3875(bronto.itstd.sri.com:/usr/share)AN
864 4649 0.3860(bronto.itstd.sri.com:/usr/local.new)AN
864 4761 0.3860(bronto.itstd.sri.com:/usr/share/lib)AN
864 4873 0.3857(bronto.itstd.sri.com:/var/spool/mail)AN
864 4985 0.3871(cascades.itstd.sri.com:/sparky/a)AN
864 5097 0.3871(clyde.itstd.sri.com:/laser_dumps)AN
864 5209 0.3894(cm1.itstd.sri.com:/sparky/a)AN
864 5321 0.3884(coco0.itstd.sri.com:/sparky/a)AN
1 f
576 5481(There)N
840(will)X
1029(be)X
1159(one)X
1337(line)X
1521(of)X
1640(output)X
1925(for)X
2076(each)X
2292(directory)X
2679(mounted)X
3056(by)X
3192(a)X
3275(host.)X
3523(With)X
3756(the)X
2 f
3914(-d)X
1 f
4050(option,)X
2 f
576 5593(showmount)N
1 f
1053(displays)X
1392(a)X
1459(list)X
1601(of)X
1705(all)X
1826(directories)X
2257(that)X
2426(are)X
2568(presently)X
2945(mounted)X
3306(by)X
3426(some)X
3653(host.)X
6 f
2395 6016(28)N
29 p
%%Page: 29 30
12 s 0 xH 0 xS 6 f
1 f
776 832(The)N
955(output)X
1230(from)X
2 f
1446(showmount)X
1 f
1928(should)X
2213(be)X
2333(checked)X
2678(for)X
2820(two)X
2994(things.)X
3307(First,)X
3537(only)X
3738(machines)X
4132(local)X
576 944(to)N
685(your)X
895(organization)X
1411(should)X
1701(appear)X
1992(there.)X
2267(If)X
2365(you)X
2543(have)X
2759(set)X
2900(up)X
3030(proper)X
3315(netgroups)X
3728(as)X
3842(described)X
4245(in)X
576 1056(Section)N
910(2.2.3,)X
1171(this)X
1355(should)X
1656(not)X
1824(be)X
1960(a)X
2048(problem.)X
2462(Second,)X
2814(only)X
3030(``normal'')X
3476(directories)X
3928(should)X
4229(be)X
576 1168(mounted.)N
994(If)X
1091(you)X
1268(\256nd)X
1449(unusual)X
1780(directories)X
2219(being)X
2465(mounted,)X
2858(you)X
3034(should)X
3322(\256nd)X
3503(out)X
3658(who)X
3855(is)X
3951(mounting)X
576 1280(them)N
799(and)X
968(why)X
9 f
1163(-)X
1 f
1246(although)X
1613(it)X
1697(is)X
1791(probably)X
2163(innocent,)X
2549(it)X
2633(may)X
2829(indicate)X
3165(someone)X
3537(trying)X
3798(to)X
3904(get)X
4053(around)X
576 1392(your)N
776(security)X
1105(mechanisms.)X
6 f
14 s
576 1741(3.3)N
824(FILE)X
1096(SYSTEM)X
1585(SECURITY)X
1 f
12 s
776 1937(Checking)N
1171(for)X
1309(security)X
1640(holes)X
1869(in)X
1970(the)X
2114(\256le)X
2263(system)X
2556(is)X
2646(another)X
2961(important)X
3363(part)X
3540(of)X
3647(making)X
3963(your)X
4166(sys-)X
576 2049(tem)N
754(secure.)X
1081(Primarily,)X
1502(you)X
1679(need)X
1894(to)X
2002(check)X
2260(for)X
2404(\256les)X
2596(that)X
2773(can)X
2939(be)X
3062(modi\256ed)X
3436(by)X
3564(unauthorized)X
4099(users,)X
576 2161(\256les)N
774(that)X
957(can)X
1129(inadvertently)X
1676(grant)X
1912(users)X
2147(too)X
2308(many)X
2560(permissions,)X
3081(and)X
3258(\256les)X
3456(that)X
3639(can)X
3811(inadvertently)X
576 2273(grant)N
806(access)X
1084(to)X
1191(crackers.)X
1591(It)X
1681(is)X
1776(also)X
1962(important)X
2368(to)X
2474(be)X
2596(able)X
2788(to)X
2894(detect)X
3156(unauthorized)X
3690(modi\256cations)X
4245(to)X
576 2385(the)N
718(\256le)X
865(system,)X
1180(and)X
1343(to)X
1442(recover)X
1755(from)X
1966(these)X
2188(modi\256cations)X
2736(when)X
2968(they)X
3158(are)X
3300(made.)X
6 f
14 s
576 2734(3.3.1)N
917(The)X
1146(\256nd)X
1381(Com)X
1630(m)X
1730(and)X
1 f
12 s
776 2930(The)N
2 f
953(\256nd)X
1 f
1140(command)X
1547([Sun88a,)X
1918(183-185])X
2297(is)X
2388(a)X
2458(general-purpose)X
3106(command)X
3514(for)X
3654(searching)X
4051(the)X
4197(\256le)X
576 3042(system.)N
935(Using)X
1208(various)X
1535(arguments,)X
2004(complex)X
2380(matching)X
2783(patterns)X
3132(based)X
3394(on)X
3533(a)X
3619(\256le's)X
3854(name,)X
4130(type,)X
576 3154(mode,)N
851(owner,)X
1152(modi\256cation)X
1676(time,)X
1910(and)X
2087(other)X
2323(characteristics,)X
2937(can)X
3109(be)X
3238(constructed.)X
3768(The)X
3956(names)X
4240(of)X
576 3266(\256les)N
767(that)X
943(are)X
1092(found)X
1347(using)X
1586(these)X
1815(patterns)X
2151(can)X
2316(then)X
2513(be)X
2635(printed)X
2939(out,)X
3117(or)X
3228(given)X
3473(as)X
3584(arguments)X
4016(to)X
4122(other)X
11 s
576 3378(UNIX)N
12 s
818(commands.)X
1307(The)X
1481(general)X
1789(format)X
2070(of)X
2174(a)X
2 f
2241(\256nd)X
1 f
2425(command)X
2829(is)X
7 f
864 3538(%)N
8 f
980(find)X
2 f
1270(directories)X
1745(options)X
1 f
576 3698(where)N
2 f
848(directories)X
1 f
1318(is)X
1419(a)X
1499(list)X
1654(of)X
1771(directory)X
2156(names)X
2440(to)X
2553(search)X
2837(\(e.g.,)X
2 f
3070(/usr)X
1 f
3235(\),)X
3329(and)X
2 f
3506(options)X
1 f
3843(contains)X
4202(the)X
576 3810(options)N
892(to)X
1000(control)X
1305(what)X
1524(is)X
1620(being)X
1866(searched)X
2235(for.)X
2427(In)X
2539(general,)X
2879(for)X
3023(the)X
3173(examples)X
3569(in)X
3676(this)X
3847(section,)X
4176(you)X
576 3922(will)N
754(always)X
1049(want)X
1264(to)X
1367(search)X
1641(from)X
1856(the)X
2002(root)X
2185(of)X
2293(the)X
2439(\256le)X
2590(system)X
2885(\()X
2 f
2917(/)X
1 f
2944(\),)X
3028(in)X
3132(order)X
3364(to)X
3468(\256nd)X
3646(all)X
3772(\256les)X
3961(matching)X
576 4034(the)N
718(patterns)X
1047(presented.)X
776 4174(This)N
982(section)X
1290(describes)X
1683(how)X
1883(to)X
1993(use)X
2 f
2156(\256nd)X
1 f
2352(to)X
2463(search)X
2745(for)X
2893(four)X
3089(possible)X
3440(security)X
3781(problems)X
4175(that)X
576 4286(were)N
787(described)X
1180(in)X
1279(Section)X
1592(2.)X
5 f
14 s
576 4635(3.3.1.1)N
1010(Finding)X
1407(Setuid)X
1754(and)X
1971(Setgid)X
2318(Files)X
1 f
12 s
776 4831(It)N
878(is)X
985(important)X
1403(to)X
1521(check)X
1789(the)X
1950(system)X
2260(often)X
2501(for)X
2656(unauthorized)X
3202(setuid)X
3476(and)X
3659(setgid)X
3933(programs.)X
576 4943(Because)N
929(these)X
1159(programs)X
1554(grant)X
1784(special)X
2084(privileges)X
2496(to)X
2603(the)X
2753(user)X
2945(who)X
3142(is)X
3238(executing)X
3645(them,)X
3894(it)X
3979(is)X
4074(neces-)X
576 5055(sary)N
780(to)X
899(ensure)X
1194(that)X
1383(insecure)X
1748(programs)X
2155(are)X
2317(not)X
2484(installed.)X
2903(Setuid)X
3193(``root'')X
3520(programs)X
3928(should)X
4229(be)X
576 5167(closely)N
884(guarded)X
9 f
1229(-)X
1 f
1317(a)X
1395(favorite)X
1730(trick)X
1942(of)X
2057(many)X
2306(crackers)X
2662(is)X
2761(to)X
2871(break)X
3120(into)X
3305(``root'')X
3623(once,)X
3864(and)X
4038(leave)X
4277(a)X
576 5279(setuid)N
834(program)X
1188(hidden)X
1478(somewhere)X
1944(that)X
2117(will)X
2295(enable)X
2575(them)X
2796(to)X
2899(regain)X
3168(super-user)X
3597(powers)X
3903(even)X
4114(if)X
4202(the)X
576 5391(original)N
900(hole)X
1090(is)X
1178(plugged.)X
776 5531(The)N
950(command)X
1354(to)X
1453(search)X
1723(for)X
1859(setuid)X
2113(and)X
2276(setgid)X
2530(\256les)X
2714(is)X
6 f
2395 6016(29)N
30 p
%%Page: 30 31
12 s 0 xH 0 xS 6 f
1 f
7 f
864 880(#)N
8 f
980(find)X
1270(/)X
1386(-type)X
1734(f)X
1850(-a)X
2024(\\\()X
2198(-perm)X
2546(-4000)X
2894(-o)X
3068(-perm)X
3416(-2000)X
3764(\\\))X
3938(-print)X
1 f
576 1040(The)N
750(options)X
1057(to)X
1156(this)X
1319(command)X
1723(have)X
1929(the)X
2071(following)X
2469(meanings:)X
7 f
776 1180(/)N
1 f
976(The)X
1158(name)X
1399(of)X
1511(the)X
1661(directory)X
2041(to)X
2148(be)X
2271(searched.)X
2689(In)X
2802(this)X
2974(case,)X
3197(we)X
3342(want)X
3562(to)X
3670(search)X
3949(the)X
4100(entire)X
976 1292(\256le)N
1123(system,)X
1438(so)X
1547(we)X
1683(specify)X
2 f
1985(/)X
1 f
2028(.)X
2100(You)X
2289(might)X
2538(instead)X
2835(restrict)X
3127(the)X
3269(search)X
3539(to)X
2 f
3638(/usr)X
1 f
3827(or)X
2 f
3931(/home)X
1 f
4182(.)X
7 f
776 1432(-type)N
1124(f)X
1 f
976 1544(Only)N
1205(examine)X
1569(\256les)X
1766(whose)X
2048(type)X
2251(is)X
2352(``f,'')X
2574(regular)X
2885(\256le.)X
3094(Other)X
3351(options)X
3672(include)X
3994(``d'')X
4208(for)X
976 1656(directory,)N
1394(``l'')X
1595(for)X
1753(symbolic)X
2152(link,)X
2372(``c'')X
2589(for)X
2746 0.2344(character-special)AX
3445(devices,)X
3803(and)X
3987(``b'')X
4208(for)X
976 1768(block-special)N
1514(devices.)X
7 f
776 1908(-a)N
1 f
976(This)X
1188(speci\256es)X
1560(``and.'')X
1916(Thus,)X
2173(we)X
2326(want)X
2554(to)X
2670(know)X
2924(about)X
3180(\256les)X
3382(whose)X
3669(type)X
3877(is)X
3983(``regular)X
976 2020(\256le,'')N
2 f
1211(and)X
1 f
1395(whose)X
1664(permissions)X
2147(bits)X
2310(match)X
2570(the)X
2712(other)X
2934(part)X
3108(of)X
3212(this)X
3375(expression.)X
7 f
776 2160(\\\()N
950(-perm)X
1298(-4000)X
1646(-o)X
1820(-perm)X
2168(-2000)X
2516(\\\))X
1 f
976 2272(The)N
1154(parentheses)X
1631(in)X
1734(this)X
1902(part)X
2081(of)X
2190(the)X
2337(command)X
2746(are)X
2893(used)X
3098(for)X
3239(grouping.)X
3663(Thus,)X
3908(everything)X
976 2384(in)N
1077(this)X
1242(part)X
1418(of)X
1524(the)X
1667(command)X
2072(matches)X
2413(a)X
2481(single)X
2736(pattern,)X
3053(and)X
3217(is)X
3306(treated)X
3594(as)X
3699(the)X
3842(other)X
4065(half)X
4240(of)X
976 2496(the)N
1118(``and'')X
1409(clause)X
1674(described)X
2067(above.)X
7 f
976 2636(-perm)N
1324(-4000)X
1 f
1176 2748(This)N
1377(speci\256es)X
1738(a)X
1811(match)X
2077(if)X
2166(the)X
2314(``4000'')X
2665(bit)X
2798(\(speci\256ed)X
3203(as)X
3314(an)X
3436(octal)X
3655(number\))X
4012(is)X
4107(set)X
4245(in)X
1176 2860(the)N
1318(\256le's)X
1534(permission)X
1980(modes.)X
2303(This)X
2498(is)X
2586(the)X
2728(set-user-id)X
3158(bit.)X
7 f
976 3000(-o)N
1 f
1176(This)X
1374(speci\256es)X
1732(``or.'')X
2015(Thus,)X
2258(we)X
2397(want)X
2611(to)X
2713(match)X
2976(if)X
3062(the)X
3207(\256le)X
3357(has)X
3512(the)X
3657(set-user-id)X
4090(bit)X
2 f
4219(or)X
1 f
1176 3112(the)N
1318(set-group-id)X
1812(bit)X
1938(set.)X
7 f
976 3252(-perm)N
1324(-2000)X
1 f
1176 3364(This)N
1377(speci\256es)X
1738(a)X
1811(match)X
2077(if)X
2166(the)X
2314(``2000'')X
2665(bit)X
2798(\(speci\256ed)X
3203(as)X
3314(an)X
3436(octal)X
3655(number\))X
4012(is)X
4107(set)X
4245(in)X
1176 3476(the)N
1318(\256le's)X
1534(permission)X
1980(modes.)X
2303(This)X
2498(is)X
2586(the)X
2728(set-group-id)X
3222(bit.)X
7 f
776 3616(-print)N
1 f
976 3728(This)N
1178(indicates)X
1552(that)X
1728(for)X
1871(any)X
2042(\256le)X
2197(that)X
2374(matches)X
2722(the)X
2872(speci\256ed)X
3246(expression)X
3689(\(is)X
3817(a)X
3892(regular)X
4197(\256le)X
2 f
976 3840(and)N
1 f
1160(has)X
1312(the)X
1454(setuid)X
2 f
1708(or)X
1 f
1833(setgid)X
2087(bits)X
2250(set)X
2381(in)X
2480(its)X
2595(permissions\),)X
3134(print)X
3340(its)X
3455(name)X
3688(on)X
3808(the)X
3950(screen.)X
776 3980(After)N
1012(executing)X
1420(this)X
1592(command)X
2005(\(depending)X
2471(on)X
2600(how)X
2798(much)X
3045(disk)X
3238(space)X
3485(you)X
3663(have,)X
3903(it)X
3991(can)X
4159(take)X
576 4092(anywhere)N
984(from)X
1205(15)X
1335(minutes)X
1674(to)X
1783(a)X
1860(couple)X
2151(of)X
2265(hours)X
2512(to)X
2621(complete\),)X
3065(you)X
3243(will)X
3427(have)X
3642(a)X
3718(list)X
3869(of)X
3982(\256les)X
4175(that)X
576 4204(have)N
792(setuid)X
1056(or)X
1170(setgid)X
1434(bits)X
1607(set)X
1748(on)X
1878(them.)X
2153(You)X
2352(should)X
2642(then)X
2842(examine)X
3203(each)X
3414(of)X
3528(these)X
3760(programs,)X
4181(and)X
576 4316(determine)N
988(whether)X
1324(they)X
1516(should)X
1798(actually)X
2130(have)X
2338(these)X
2561(permissions.)X
3093(You)X
3283(should)X
3564(be)X
3680(especially)X
4091(suspi-)X
576 4428(cious)N
803(of)X
907(programs)X
1294(that)X
1463(are)X
2 f
1605(not)X
1 f
1768(in)X
1867(one)X
2030(of)X
2134(the)X
2276(directories)X
2707(\(or)X
2843(a)X
2910(subdirectory\))X
3447(shown)X
3721(below.)X
864 4588(/bin)N
864 4700(/etc)N
864 4812(/usr/bin)N
864 4924(/usr/ucb)N
864 5036(/usr/etc)N
776 5224(One)N
963(\256le)X
1113(distributed)X
1552(with)X
1750(Sun)X
11 s
1899(OS)X
12 s
2011(,)X
2 f
2062(/usr/etc/restore)X
1 f
2666(,)X
2718(is)X
2810(distributed)X
3250(with)X
3449(the)X
3595(setuid)X
3853(bit)X
3983(set)X
4118(on)X
4242(it,)X
576 5336(and)N
743(should)X
1027(not)X
1178(be,)X
1321(because)X
1654(of)X
1761(a)X
1831(security)X
2163(hole.)X
2404(You)X
2596(should)X
2879(be)X
2997(sure)X
3184(to)X
3286(remove)X
3602(the)X
3747(setuid)X
4004(bit)X
4133(from)X
576 5448(this)N
739(program)X
1089(by)X
1209(executing)X
1608(the)X
1750(command)X
7 f
864 5608(#)N
8 f
980(chmod)X
1328(u-s)X
1560 0.4000(/usr/etc/restore)AX
6 f
2395 6016(30)N
31 p
%%Page: 31 32
12 s 0 xH 0 xS 6 f
1 f
5 f
14 s
576 832(3.3.1.2)N
1010(Finding)X
1407(W)X
1513(orld-W)X
1844(ritable)X
2180(Files)X
1 f
12 s
776 1028(World-writable)N
1411(\256les,)X
1636(particularly)X
2122(system)X
2430(\256les,)X
2656(can)X
2832(be)X
2965(a)X
3050(security)X
3397(hole)X
3605(if)X
3706(a)X
3791(cracker)X
4117(gains)X
576 1140(access)N
889(to)X
1030(your)X
1272(system)X
1605(and)X
1810(modi\256es)X
2207(them.)X
2514(Additionally,)X
3091(world-writable)X
3729(directories)X
4202(are)X
576 1252(dangerous,)N
1023(since)X
1249(they)X
1443(allow)X
1686(a)X
1758(cracker)X
2071(to)X
2175(add)X
2343(or)X
2452(delete)X
2712(\256les)X
2901(as)X
3010(he)X
3130(wishes.)X
3468(The)X
2 f
3647(\256nd)X
1 f
3836(command)X
4245(to)X
576 1364(\256nd)N
749(all)X
870(world-writable)X
1466(\256les)X
1650(is)X
7 f
864 1524(#)N
8 f
980(find)X
1270(/)X
1386(-perm)X
1734(-2)X
1908(-print)X
1 f
576 1684(In)N
693(this)X
869(case,)X
1096(we)X
1245(do)X
1378(not)X
1538(use)X
1703(the)X
2 f
9 f
1858(-)X
2 f
1911(type)X
1 f
2125(option)X
2408(to)X
2520(restrict)X
2826(the)X
2982(search,)X
3290(since)X
3526(we)X
3676(are)X
3832(interested)X
4245(in)X
576 1796(directories)N
1007(and)X
1170(devices)X
1483(as)X
1587(well)X
1777(as)X
1881(\256les.)X
2113(The)X
2 f
9 f
2287(-)X
2 f
2340(2)X
1 f
2428(speci\256es)X
2783(the)X
2925(world)X
3173(write)X
3395(bit)X
3521(\(in)X
3652(octal\).)X
776 1936(This)N
977(list)X
1125(of)X
1235(\256les)X
1425(will)X
1605(be)X
1726(fairly)X
1965(long,)X
2190(and)X
2359(will)X
2539(include)X
2853(some)X
3086(\256les)X
3277(that)X
2 f
3453(should)X
1 f
3756(be)X
3878(world)X
4133(writ-)X
576 2048(able.)N
816(You)X
1012(should)X
1299(not)X
1453(be)X
1575(concerned)X
2001(if)X
2090(terminal)X
2442(devices)X
2761(in)X
2 f
2866(/dev)X
1 f
3073(are)X
3221(world)X
3475(writable.)X
3869(You)X
4064(should)X
576 2160(also)N
762(not)X
916(be)X
1038(concerned)X
1465(about)X
1710(line)X
1886(printer)X
2174(error)X
2393(log)X
2548(\256les)X
2740(being)X
2986(world)X
3242(writable.)X
3638(Finally,)X
3967(symbolic)X
576 2272(links)N
793(may)X
989(be)X
1110(world)X
1364(writable)X
9 f
1710(-)X
1 f
1793(the)X
1941(permissions)X
2430(on)X
2556(a)X
2629(symbolic)X
3012(link,)X
3216(although)X
3583(they)X
3778(exist,)X
4013(have)X
4224(no)X
576 2384(meaning.)N
5 f
14 s
576 2733(3.3.1.3)N
1010(Finding)X
1407(Unowned)X
1910(Files)X
1 f
12 s
776 2929(Finding)N
1112(\256les)X
1309(that)X
1491(are)X
1646(owned)X
1939(by)X
2072(nonexistent)X
2554(users)X
2789(can)X
2961(often)X
3197(be)X
3326(a)X
3407(clue)X
3606(that)X
3789(a)X
3870(cracker)X
4192(has)X
576 3041(gained)N
862(access)X
1137(to)X
1241(your)X
1445(system.)X
1788(Even)X
2014(if)X
2101(this)X
2268(is)X
2360(not)X
2511(the)X
2657(case,)X
2875(searching)X
3272(for)X
3412(these)X
3638(\256les)X
3826(gives)X
4057(you)X
4229(an)X
576 3153(opportunity)N
1052(to)X
1154(clean)X
1385(up)X
1508(\256les)X
1695(that)X
1867(should)X
2150(have)X
2360(been)X
2570(deleted)X
2877(at)X
2975(the)X
3121(same)X
3347(time)X
3547(the)X
3693(user)X
3881(herself)X
4171(was)X
576 3265(deleted.)N
927(The)X
1101(command)X
1505(to)X
1604(\256nd)X
1777(unowned)X
2153(\256les)X
2337(is)X
7 f
864 3425(#)N
8 f
980(find)X
1270(/)X
1386(-nouser)X
1850(-print)X
1 f
576 3585(The)N
2 f
9 f
756(-)X
2 f
809(nouser)X
1 f
1116(option)X
1392(matches)X
1739(\256les)X
1930(that)X
2106(are)X
2255(owned)X
2542(by)X
2669(a)X
2743(user)X
2934(id)X
3040(not)X
3194(contained)X
3600(in)X
3706(the)X
2 f
3855(/etc/passwd)X
1 f
576 3697(database.)N
988(A)X
1089(similar)X
1388(option,)X
2 f
9 f
1689(-)X
2 f
1742(nogroup)X
1 f
2083(,)X
2138(matches)X
2485(\256les)X
2676(owned)X
2963(by)X
3090(nonexistent)X
3565(groups.)X
3905(To)X
4043(\256nd)X
4223(all)X
576 3809(\256les)N
760(owned)X
1040(by)X
1160(nonexistent)X
1628(users)X
2 f
1849(or)X
1 f
1974(groups,)X
2283(you)X
2451(would)X
2715(use)X
2867(the)X
2 f
9 f
3009(-)X
2 f
3062(o)X
1 f
3150(option)X
3420(as)X
3524(follows:)X
7 f
864 3969(#)N
8 f
980(find)X
1270(/)X
1386(-nouser)X
1850(-o)X
2024(-nogroup)X
2546(-print)X
5 f
14 s
576 4366(3.3.1.4)N
1010(Finding)X
1407(.rhosts)X
1774(Files)X
1 f
12 s
776 4562(As)N
919(mentioned)X
1363(in)X
1475(Section)X
1801(2.2.1.2,)X
2126(users)X
2360(should)X
2653(be)X
2781(prohibited)X
3214(from)X
3438(having)X
2 f
3737(.rhosts)X
1 f
4048(\256les)X
4245(in)X
576 4674(their)N
783(accounts.)X
1198(To)X
1335(search)X
1611(for)X
1753(this,)X
1946(it)X
2030(is)X
2124(only)X
2325(necessary)X
2729(to)X
2833(search)X
3108(the)X
3255(parts)X
3471(of)X
3580(the)X
3727(\256le)X
3879(system)X
4175(that)X
576 4786(contain)N
884(home)X
1122(directories)X
1553(\(i.e.,)X
1751(you)X
1919(can)X
2077(skip)X
2 f
2261(/)X
1 f
2328(and)X
2 f
2491(/usr)X
1 f
2656(\):)X
7 f
864 4946(#)N
8 f
980(find)X
1270(/home)X
1618(-name)X
1966(.rhosts)X
2430(-print)X
1 f
576 5106(The)N
2 f
9 f
762(-)X
2 f
815(name)X
1 f
1075(option)X
1358(indicates)X
1738(that)X
1920(the)X
2075(complete)X
2466(name)X
2712(of)X
2829(any)X
3005(\256le)X
3165(whose)X
3447(name)X
3693(matches)X
2 f
4046(.rhosts)X
1 f
576 5218(should)N
856(be)X
971(printed)X
1268(on)X
1388(the)X
1530(screen.)X
6 f
2395 6016(31)N
32 p
%%Page: 32 33
12 s 0 xH 0 xS 6 f
14 s
576 832(3.3.2)N
917(Checklists)X
1 f
12 s
776 1028(Checklists)N
1203(can)X
1363(be)X
1480(a)X
1549(useful)X
1810(tool)X
1986(for)X
2124(discovering)X
2599(unauthorized)X
3128(changes)X
3464(made)X
3699(to)X
3801(system)X
4095(direc-)X
576 1140(tories.)N
879(They)X
1118(aren't)X
1384(practical)X
1758(on)X
1895(\256le)X
2059(systems)X
2404(that)X
2590(contain)X
2914(users')X
3183(home)X
3437(directories)X
3884(since)X
4122(these)X
576 1252(change)N
881(all)X
1010(the)X
1160(time.)X
1412(A)X
1514(checklist)X
1890(is)X
1987(a)X
2063(listing)X
2337(of)X
2450(all)X
2580(the)X
2731(\256les)X
2924(contained)X
3332(in)X
3440(a)X
3516(group)X
3773(of)X
3886(directories:)X
576 1364(their)N
780(sizes,)X
1018(owners,)X
1346(modi\256cation)X
1860(dates,)X
2108(and)X
2273(so)X
2384(on.)X
2554(Periodically,)X
3070(this)X
3235(information)X
3716(is)X
3806(collected)X
4181(and)X
576 1476(compared)N
986(with)X
1187(the)X
1335(information)X
1820(in)X
1926(the)X
2075(master)X
2363(checklist.)X
2785(Files)X
3003(that)X
3179(do)X
3306(not)X
3460(match)X
3727(in)X
3833(all)X
3961(attributes)X
576 1588(can)N
734(be)X
849(suspected)X
1247(of)X
1351(having)X
1637(been)X
1843(changed.)X
776 1728(There)N
1039(are)X
1195(several)X
1506(utilities)X
1834(that)X
2017(implement)X
2468(checklists)X
2886(available)X
3273(from)X
3499(public)X
3779(software)X
4149(sites)X
576 1840(\(see)N
763(Section)X
1084(4\).)X
1244(However,)X
1652(a)X
1727(simple)X
2016(utility)X
2279(can)X
2445(be)X
2568(constructed)X
3044(using)X
3284(only)X
3487(the)X
3636(standard)X
11 s
3991(UNIX)X
2 f
12 s
4240(ls)X
1 f
576 1952(and)N
2 f
739(diff)X
1 f
908(commands.)X
776 2092(First,)N
1020(use)X
1192(the)X
2 f
1355(ls)X
1 f
1480(command)X
1905([Sun88a,)X
2294(285])X
2515(to)X
2635(generate)X
3007(a)X
3095(master)X
3397(list.)X
3608(This)X
3824(is)X
3933(best)X
4133(done)X
576 2204(immediately)N
1091(after)X
1300(installing)X
1691(the)X
1841(operating)X
2237(system,)X
2560(but)X
2715(can)X
2881(be)X
3004(done)X
3222(at)X
3323(any)X
3493(time)X
3696(provided)X
4069(you're)X
576 2316(con\256dent)N
958(about)X
1196(the)X
1338(correctness)X
1795(of)X
1899(the)X
2041(\256les)X
2225(on)X
2345(the)X
2487(disk.)X
2719(A)X
2812(sample)X
3109(command)X
3513(is)X
3601(shown)X
3875(below.)X
7 f
864 2476(#)N
8 f
980(ls)X
1154(-aslgR)X
1560(/bin)X
1850(/etc)X
2140(/usr)X
2430(>)X
2546 0.4018(MasterChecklist)AX
1 f
576 2636(The)N
757(\256le)X
2 f
911(MasterChecklist)X
1 f
1589(now)X
1785(contains)X
2137(a)X
2212(complete)X
2598(list)X
2748(of)X
2860(all)X
2989(the)X
3139(\256les)X
3331(in)X
3438(these)X
3668(directories.)X
4155(You)X
576 2748(will)N
755(probably)X
1125(want)X
1340(to)X
1443(edit)X
1616(it)X
1698(and)X
1865(delete)X
2124(the)X
2270(lines)X
2480(for)X
2620(\256les)X
2808(you)X
2980(know)X
3221(will)X
3399(be)X
3518(changing)X
3899(often)X
4125(\(e.g.,)X
2 f
576 2860(/etc/utmp)N
1 f
951(,)X
2 f
1006(/usr/adm/acct)X
1 f
1551(\).)X
1662(The)X
2 f
1843(MasterChecklist)X
1 f
2521(\256le)X
2675(should)X
2963(be)X
3086(stored)X
3353(somewhere)X
3823(safe)X
4010(where)X
4277(a)X
576 2972(cracker)N
888(is)X
980(unlikely)X
1324(to)X
1426(\256nd)X
1602(it)X
1683(\(since)X
1940(he)X
2058(could)X
2299(otherwise)X
2700(just)X
2866(change)X
3166(the)X
3311(data)X
3499(in)X
3601(it\):)X
3741(either)X
3988(on)X
4111(a)X
4181(dif-)X
576 3084(ferent)N
825(computer)X
1213(system,)X
1528(or)X
1632(on)X
1752(magnetic)X
2130(tape.)X
776 3224(To)N
912(search)X
1187(for)X
1328(changes)X
1667(in)X
1771(the)X
1918(\256le)X
2070(system,)X
2390(run)X
2547(the)X
2694(above)X
2 f
2953(ls)X
1 f
3063(command)X
3473(again,)X
3736(saving)X
4017(the)X
4165(out-)X
576 3336(put)N
731(in)X
838(some)X
1073(other)X
1303(\256le,)X
1482(say)X
2 f
1642(CurrentList)X
1 f
2106(.)X
2186(Now)X
2404(use)X
2564(the)X
2 f
2713(diff)X
1 f
2889(command)X
3300([Sun88a,)X
3675(150])X
3882(to)X
3988(compare)X
576 3448(the)N
718(two)X
886(\256les:)X
7 f
864 3608(#)N
8 f
980(diff)X
1270 0.4018(MasterChecklist)AX
2198 0.4125(CurrentList)AX
1 f
576 3768(Lines)N
818(that)X
991(are)X
1137(only)X
1336(in)X
1439(the)X
1585(master)X
1870(checklist)X
2241(will)X
2419(be)X
2538(printed)X
2840(preceded)X
3217(by)X
3342(a)X
3414(``<,'')X
3649(and)X
3817(lines)X
4028(that)X
4202(are)X
576 3880(only)N
778(in)X
884(the)X
1033(current)X
1337(list)X
1486(will)X
1667(be)X
1789(preceded)X
2167(by)X
2293(a)X
2366(``>.'')X
2626(If)X
2720(there)X
2943(is)X
3037(one)X
3206(line)X
3381(for)X
3523(a)X
3596(\256le,)X
3773(preceded)X
4151(by)X
4277(a)X
576 3992(``<,'')N
809(this)X
975(means)X
1248(that)X
1420(the)X
1565(\256le)X
1715(has)X
1870(been)X
2079(deleted)X
2385(since)X
2610(the)X
2755(master)X
3040(checklist)X
3411(was)X
3588(created.)X
3943(If)X
4035(there)X
4256(is)X
576 4104(one)N
743(line)X
916(for)X
1056(a)X
1127(\256le,)X
1302(preceded)X
1678(by)X
1802(a)X
1873(``>,'')X
2107(this)X
2274(means)X
2548(that)X
2721(the)X
2867(\256le)X
3018(has)X
3174(been)X
3384(created)X
3691(since)X
3917(the)X
4063(master)X
576 4216(checklist)N
945(was)X
1120(created.)X
1473(If)X
1563(there)X
1782(are)X
1926(two)X
2096(lines)X
2304(for)X
2442(a)X
2511(single)X
2767(\256le,)X
2940(one)X
3105(preceded)X
3479(by)X
3602(``<'')X
3811(and)X
3977(the)X
4122(other)X
576 4328(by)N
701(``>,'')X
936(this)X
1104(indicates)X
1476(that)X
1650(some)X
1882(attribute)X
2233(of)X
2341(the)X
2487(\256le)X
2638(has)X
2794(changed)X
3143(since)X
3369(the)X
3515(master)X
3800(checklist)X
4171(was)X
576 4440(created.)N
776 4580(By)N
923(carefully)X
1302(constructing)X
1814(the)X
1968(master)X
2261(checklist,)X
2664(and)X
2839(by)X
2971(remembering)X
3521(to)X
3632(update)X
3925(it)X
4015(periodi-)X
576 4692(cally)N
797(\(you)X
1006(can)X
1173(replace)X
1485(it)X
1571(with)X
1774(a)X
1849(copy)X
2068(of)X
2 f
2180(CurrentList)X
1 f
2644(,)X
2700(once)X
2914(you're)X
3197(sure)X
3389(the)X
3539(differences)X
3999(between)X
576 4804(the)N
738(lists)X
937(are)X
1099(harmless\),)X
1541(you)X
1730(can)X
1909(easily)X
2179(monitor)X
2529(your)X
2750(system)X
3062(for)X
3219(unauthorized)X
3767(changes.)X
4170(The)X
576 4916(software)N
939(packages)X
1324(available)X
1705(from)X
1924(the)X
2073(public)X
2345(software)X
2707(distribution)X
3182(sites)X
3384(implement)X
3828(basically)X
4202(the)X
576 5028(same)N
800(scheme)X
1115(as)X
1221(the)X
1365(one)X
1530(here,)X
1746(but)X
1895(offer)X
2109(many)X
2350(more)X
2575(options)X
2885(for)X
3024(controlling)X
3474(what)X
3688(is)X
3779(examined)X
4181(and)X
576 5140(reported.)N
6 f
2395 6016(32)N
33 p
%%Page: 33 34
12 s 0 xH 0 xS 6 f
14 s
576 832(3.3.3)N
917(Backups)X
1 f
12 s
776 1028(It)N
859(is)X
947(impossible)X
1388(to)X
1487(overemphasize)X
2089(the)X
2231(need)X
2437(for)X
2573(a)X
2640(good)X
2857(backup)X
3160(strategy.)X
3538(File)X
3713(system)X
4005(backups)X
576 1140(not)N
726(only)X
923(protect)X
1217(you)X
1387(in)X
1488(the)X
1632(even)X
1840(of)X
1946(hardware)X
2330(failure)X
2608(or)X
2714(accidental)X
3132(deletions,)X
3530(but)X
3679(they)X
3871(also)X
4052(protect)X
576 1252(you)N
744(against)X
1041(unauthorized)X
1568(\256le)X
1715(system)X
2006(changes)X
2340(made)X
2573(by)X
2693(a)X
2760(cracker.)X
776 1392(A)N
874(good)X
1095(backup)X
1402(strategy)X
1736(will)X
1915(dump)X
2163(the)X
2310(entire)X
2559(system)X
2855(at)X
2954(level)X
3171(zero)X
3366(\(a)X
3470(``full'')X
3762(dump\))X
4043(at)X
4143(least)X
576 1504(once)N
798(a)X
881(month.)X
1215(Partial)X
1507(\(or)X
1659 0.2083(``incremental''\))AX
2314(dumps)X
2609(should)X
2904(be)X
3034(done)X
3260(at)X
3369(least)X
3585(twice)X
3833(a)X
3915(week,)X
4181(and)X
576 1616(ideally)N
870(they)X
1067(should)X
1354(be)X
1476(done)X
1694(daily.)X
1967(The)X
2 f
2149(dump)X
1 f
2410(command)X
2822([Sun88a,)X
3198(1612-1614])X
3678(is)X
3774(recommended)X
576 1728(over)N
778(other)X
1007(programs)X
1401(such)X
1608(as)X
2 f
1719(tar)X
1 f
1878(and)X
2 f
2048(cpio)X
1 f
2230(.)X
2309(This)X
2511(is)X
2606(because)X
2942(only)X
2 f
3144(dump)X
1 f
3404(is)X
3499(capable)X
3825(of)X
3936(creating)X
4277(a)X
576 1840(backup)N
884(that)X
1059(can)X
1223(be)X
1344(used)X
1550(to)X
1655(restore)X
1947(a)X
2020(disk)X
2210(to)X
2315(the)X
2463(exact)X
2698(state)X
2906(it)X
2991(was)X
3171(in)X
3277(when)X
3516(it)X
3601(was)X
3781(dumped.)X
4170(The)X
576 1952(other)N
811(programs)X
1211(do)X
1344(not)X
1503(take)X
1700(into)X
1886(account)X
2222(\256les)X
2418(deleted)X
2733(or)X
2849(renamed)X
3217(between)X
3574(dumps,)X
3890(and)X
4065(do)X
4197(not)X
576 2064(handle)N
857(some)X
1084(specialized)X
1537(database)X
1893(\256les)X
2077(properly.)X
6 f
14 s
576 2413(3.4)N
824(KNOW)X
1210(YOUR)X
1564(SYSTEM)X
1 f
12 s
776 2609(Aside)N
1026(from)X
1239(running)X
1564(large)X
1783(monitoring)X
2237(programs)X
2626(such)X
2828(as)X
2934(those)X
3164(described)X
3560(in)X
3662(the)X
3807(previous)X
4165(sec-)X
576 2721(tions,)N
819(simple)X
1108(everyday)X
11 s
1491(UNIX)X
12 s
1741(commands)X
2190(can)X
2355(also)X
2541(be)X
2663(useful)X
2929(for)X
3072(spotting)X
3413(security)X
3749(violations.)X
4208(By)X
576 2833(running)N
899(these)X
1121(commands)X
1562(often,)X
1808(whenever)X
2206(you)X
2374(have)X
2580(a)X
2647(free)X
2821(minute)X
3113(\(for)X
3281(example,)X
3656(while)X
3894(waiting)X
4208(for)X
576 2945(someone)N
947(to)X
1051(answer)X
1352(the)X
1499(phone\),)X
1819(you)X
1992(will)X
2171(become)X
2500(used)X
2705(to)X
2809(seeing)X
3084(a)X
3156(speci\256c)X
3479(pattern)X
3776(of)X
3885(output.)X
4208(By)X
576 3057(being)N
814(familiar)X
1144(with)X
1339(the)X
1481(processes)X
1874(normally)X
2247(running)X
2571(on)X
2692(your)X
2893(system,)X
3209(the)X
3352(times)X
3586(different)X
3943(users)X
4165(typ-)X
576 3169(ically)N
815(log)X
962(in,)X
1085(and)X
1248(so)X
1357(on,)X
1501(you)X
1669(can)X
1827(easily)X
2076(detect)X
2331(when)X
2563(something)X
2988(is)X
3076(out)X
3223(of)X
3327(the)X
3469(ordinary.)X
6 f
14 s
576 3518(3.4.1)N
917(The)X
1146(ps)X
1307(Com)X
1556(m)X
1656(and)X
1 f
12 s
776 3714(The)N
2 f
958(ps)X
1 f
1091(command)X
1503([Sun88a,)X
1879(399-402])X
2263(displays)X
2610(a)X
2685(list)X
2835(of)X
2947(the)X
3097(processes)X
3497(running)X
3828(on)X
3957(your)X
4166(sys-)X
576 3826(tem.)N
2 f
803(Ps)X
1 f
949(has)X
1111(numerous)X
1524(options,)X
1865(too)X
2022(many)X
2270(to)X
2379(list)X
2531(here.)X
2779(Generally,)X
3217(however,)X
3606(for)X
3752(the)X
3903(purpose)X
4240(of)X
576 3938(monitoring,)N
1055(the)X
1200(option)X
1473(string)X
2 f
9 f
1719(-)X
2 f
1772(alxww)X
1 f
2061(is)X
2152(the)X
2298(most)X
2513(useful.*)X
2872(On)X
3017(a)X
3088(Sun)X
3265(system)X
3560(running)X
3887(Sun)X
11 s
4036(OS)X
12 s
4176(4.0,)X
576 4050(you)N
744(should)X
1024(expect)X
1300(to)X
1399(see)X
1546(at)X
1640(least)X
1841(the)X
1983(following:)X
2 f
776 4190(swapper,)N
1149(pagedaemon)X
1 f
976 4302(System)N
1283(programs)X
1670(that)X
1839(help)X
2029(the)X
2171(virtual)X
2447(memory)X
2792(system.)X
2 f
776 4442(/sbin/init)N
1 f
976 4554(The)N
2 f
1151(init)X
1 f
1321(process,)X
1658(which)X
1919(is)X
2009(responsible)X
2473(for)X
2611(numerous)X
3016(tasks,)X
3258(including)X
3648(bringing)X
4000(up)X
4122(login)X
976 4666(processes)N
1368(on)X
1488(terminals.)X
2 f
776 4806(portmap,)N
1149(ypbind,)X
1459(ypserv)X
1 f
976 4918(Parts)N
1192(of)X
1296(the)X
1438(Yellow)X
1745(Pages)X
1993(system.)X
2 f
776 5058(biod,)N
995(nfsd,)X
1203(rpc.mountd,)X
1691(rpc.quotad,)X
2158(rpc.lockd)X
1 f
976 5170(Parts)N
1196(of)X
1304(the)X
1450(Network)X
1814(File)X
1992(System)X
2303(\()X
11 s
2335(NFS)X
12 s
2496(\).)X
2604(If)X
2696(the)X
2842(system)X
3138(you)X
3311(are)X
3458(looking)X
3781(at)X
3880(is)X
3973(not)X
4125(a)X
4197(\256le)X
976 5282(server,)N
1259(the)X
2 f
1401(nfsd)X
1 f
1601(processes)X
1993(probably)X
2359(won't)X
2607(exist.)X
10 s
10 f
576 5394(h)N
592(hhhhhhhhhhhhhh)X
1 f
656 5504(*)N
736(This)X
898(is)X
971(true)X
1116(for)X
1230(Berkeley-based)X
1750(systems.)X
2063(On)X
2181(System)X
2436(V)X
2514(systems,)X
2807(the)X
2925(option)X
3149(string)X
2 f
9 f
3351(-)X
2 f
3395(elf)X
1 f
3508(should)X
3741(be)X
3837(used)X
4004(instead.)X
6 f
12 s
2395 6016(33)N
34 p
%%Page: 34 35
12 s 0 xH 0 xS 6 f
1 f
2 f
776 832(rarpd,)N
1042(rpc.bootparamd)X
1 f
976 944(Part)N
1155(of)X
1259(the)X
1401(system)X
1692(that)X
1861(allows)X
2136(diskless)X
2464(clients)X
2740(to)X
2839(boot.)X
776 1084(Other)N
1023(commands)X
1468(you)X
1640(should)X
1924(expect)X
2204(to)X
2307(see)X
2458(are)X
2 f
2604(update)X
1 f
2910(\(\256le)X
3093(system)X
3388(updater\);)X
2 f
3764(getty)X
1 f
3997(\(one)X
4197(per)X
576 1196(terminal)N
924(and)X
1089(one)X
1254(for)X
1391(the)X
1534(console\);)X
2 f
1912(lpd)X
1 f
2076(\(line)X
2278(printer)X
2560(daemon\);)X
2 f
2949(inetd)X
1 f
3183(\(Internet)X
3540(daemon,)X
3894(for)X
4031(starting)X
576 1308(other)N
810(network)X
1161(servers\);)X
2 f
1528(sh)X
1 f
1665(and)X
2 f
1840(csh)X
1 f
2020(\(the)X
2206(Bourne)X
2525(shell)X
2743(and)X
2918(C)X
3018(shell,)X
3260(one)X
3435(or)X
3551(more)X
3786(per)X
3946(logged)X
4245(in)X
576 1420(user\).)N
847(In)X
958(addition,)X
1329(if)X
1419(there)X
1643(are)X
1792(users)X
2019(logged)X
2311(in,)X
2440(you'll)X
2700(probably)X
3072(see)X
3225(invocations)X
3699(of)X
3809(various)X
4122(com-)X
576 1532(pilers,)N
838(text)X
1007(editors,)X
1317(and)X
1480(word)X
1701(processing)X
2136(programs.)X
6 f
14 s
576 1881(3.4.2)N
917(The)X
1146(who)X
1400(and)X
1629(w)X
1747(Com)X
1996(m)X
2096(ands)X
1 f
12 s
776 2077(The)N
2 f
955(who)X
1 f
1160(command,)X
1593(as)X
1702(mentioned)X
2138(previously,)X
2597(displays)X
2942(the)X
3090(list)X
3238(of)X
3348(users)X
3575(currently)X
3953(logged)X
4245(in)X
576 2189(on)N
701(the)X
848(system.)X
1192(By)X
1333(running)X
1660(this)X
1827(periodically,)X
2340(you)X
2512(can)X
2674(learn)X
2895(at)X
2993(what)X
3208(times)X
3445(during)X
3724(the)X
3870(day)X
4037(various)X
576 2301(users)N
799(log)X
948(in.)X
1097(Then,)X
1345(when)X
1579(you)X
1749(see)X
1898(someone)X
2266(logged)X
2554(in)X
2655(at)X
2752(a)X
2822(different)X
3181(time,)X
3404(you)X
3575(can)X
3736(investigate)X
4181(and)X
576 2413(make)N
809(sure)X
993(that)X
1162(it's)X
1309(legitimate.)X
776 2553(The)N
2 f
962(w)X
1 f
1078(command)X
1494([Sun88a,)X
1874(588])X
2086(is)X
2186(somewhat)X
2612(of)X
2728(a)X
2807(cross)X
3040(between)X
2 f
3397(who)X
1 f
3609(and)X
2 f
3784(ps)X
1 f
3885(.)X
3969(Not)X
4149(only)X
576 2665(does)N
785(it)X
872(show)X
1107(a)X
1183(list)X
1334(of)X
1447(who)X
1645(is)X
1741(presently)X
2126(logged)X
2420(in,)X
2551(but)X
2706(it)X
2792(also)X
2979(displays)X
3326(how)X
3523(long)X
3726(they)X
3924(have)X
4138(been)X
576 2777(idle)N
745(\(gone)X
988(without)X
1306(typing)X
1576(anything\),)X
1993(and)X
2156(what)X
2367(command)X
2771(they)X
2961(are)X
3103(currently)X
3475(running.)X
6 f
14 s
576 3126(3.4.3)N
917(The)X
1146(ls)X
1270(Com)X
1519(m)X
1619(and)X
1 f
12 s
776 3322(Simple)N
1091(as)X
1213(its)X
1346(function)X
1709(is,)X
2 f
1839(ls)X
1 f
1962(is)X
2069(actually)X
2418(very)X
2632(useful)X
2910(for)X
3065(detecting)X
3462(\256le)X
3628(system)X
3938(problems.)X
576 3434(Periodically,)N
1119(you)X
1316(should)X
1625(use)X
2 f
1806(ls)X
1 f
1939(on)X
2088(the)X
2259(various)X
2595(system)X
2915(directories,)X
3399(checking)X
3799(for)X
3963(\256les)X
4175(that)X
576 3546(shouldn't)N
963(be)X
1078(there.)X
1343(Most)X
1564(of)X
1668(the)X
1810(time,)X
2030(these)X
2252(\256les)X
2436(will)X
2610(have)X
2816(just)X
2980(``landed'')X
3390(somewhere)X
3853(by)X
3974(accident.)X
576 3658(However,)N
985(by)X
1113(keeping)X
1450(a)X
1525(close)X
1755(watch)X
2017(on)X
2145(things,)X
2436(you)X
2612(will)X
2794(be)X
2917(able)X
3110(to)X
3217(detect)X
3480(a)X
3555(cracker)X
3871(long)X
4074(before)X
576 3770(you)N
744(might)X
993(have)X
1199(otherwise.)X
776 3910(When)N
1037(using)X
2 f
1276(ls)X
1 f
1387(to)X
1493(check)X
1749(for)X
1892(oddities,)X
2252(be)X
2374(sure)X
2565(to)X
2671(use)X
2830(the)X
2 f
9 f
2979(-)X
2 f
3032(a)X
1 f
3127(option,)X
3429(which)X
3696(lists)X
3883(\256les)X
4075(whose)X
576 4022(names)N
865(begin)X
1122(with)X
1336(a)X
1422(period)X
1711(\(.\).)X
1890(Be)X
2040(particularly)X
2528(alert)X
2743(for)X
2898(\256les)X
3101(or)X
3224(directories)X
3674(named)X
3974(``...'',)X
4240(or)X
576 4134(``..\(space\)'',)N
1081(which)X
1343(many)X
1584(crackers)X
1932(like)X
2104(to)X
2206(use.)X
2409(\(Of)X
2569(course,)X
2871(remember)X
3289(that)X
3461(``.'')X
3640(and)X
3806(``..'')X
4009(are)X
4155(sup-)X
576 4246(posed)N
824(to)X
923(be)X
1038(there.\))X
6 f
14 s
576 4595(3.5)N
824(KEEP)X
1158(YOUR)X
1512(EYES)X
1839(OPEN)X
1 f
12 s
776 4791(Monitoring)N
1249(for)X
1396(security)X
1736(breaches)X
2108(is)X
2207(every)X
2456(bit)X
2593(as)X
2708(important)X
3118(as)X
3233(preventing)X
3680(them)X
3908(in)X
4018(the)X
4171(\256rst)X
576 4903(place.)N
868(Because)X
1229(it's)X
1392(virtually)X
1759(impossible)X
2216(to)X
2330(make)X
2578(a)X
2660(system)X
2966(totally)X
3252(secure,)X
3561(there)X
3793(is)X
3896(always)X
4202(the)X
576 5015(chance,)N
894(no)X
1016(matter)X
1289(how)X
1480(small,)X
1739(that)X
1910(a)X
1979(cracker)X
2290(will)X
2467(be)X
2585(able)X
2773(to)X
2875(gain)X
3068(access.)X
3389(Only)X
3608(by)X
3731(monitoring)X
4186(can)X
576 5127(this)N
739(be)X
854(detected)X
1200(and)X
1363(remedied.)X
6 f
2395 6016(34)N
35 p
%%Page: 35 36
12 s 0 xH 0 xS 6 f
1 f
5 f
18 s
2068 896(SEC)N
2364(TIO)X
2604(N)X
2748(4)X
1052 1072(SO)N
1260(FTW)X
1572(AR)X
(E)S
1908(FO)X
2108(R)X
2252(IM)X
(PR)S
(O)S
2724(VIN)X
2964(G)X
3116(SEC)X
3412(U)X
3516(R)X
3620(ITY)X
1 f
12 s
776 1268(Because)N
1122(security)X
1452(is)X
1541(of)X
1646(great)X
1864(concern)X
2194(to)X
2294(many)X
2533(sites,)X
2753(a)X
2821(wealth)X
3103(of)X
3208(software)X
3564(has)X
3717(been)X
3924(developed)X
576 1380(for)N
732(improving)X
1177(the)X
1339(security)X
1688(of)X
11 s
1810(UNIX)X
12 s
2072(systems.)X
2468(Much)X
2736(of)X
2859(this)X
3041(software)X
3415(has)X
3586(been)X
3811(developed)X
4250(at)X
576 1492(universities)N
1065(and)X
1249(other)X
1492(public)X
1779(institutions,)X
2277(and)X
2462(is)X
2572(available)X
2967(free)X
3163(for)X
3321(the)X
3485(asking.)X
3830(This)X
4047(section)X
576 1604(describes)N
959(how)X
1149(this)X
1313(software)X
1669(can)X
1828(be)X
1943(obtained,)X
2323(and)X
2486(mentions)X
2863(some)X
3090(of)X
3194(the)X
3336(more)X
3558(important)X
3957(programs)X
576 1716(available.)N
6 f
14 s
576 2065(4.1)N
824(OBTAINING)X
1483(FIXES)X
1835(AND)X
2109(NEW)X
2401(VERSIONS)X
1 f
12 s
776 2261(Several)N
1094(sites)X
1294(on)X
1419(the)X
1566(Internet)X
1895(maintain)X
2262(large)X
2485(repositories)X
2964(of)X
3074(public-domain)X
3666(and)X
3835(freely)X
4090(distri-)X
576 2373(butable)N
894(software,)X
1282(and)X
1454(make)X
1696(this)X
1868(material)X
2218(available)X
2600(for)X
2745(anonymous)X
11 s
3219(FTP)X
12 s
3371(.)X
3452(This)X
3656(section)X
3962(describes)X
576 2485(some)N
803(of)X
907(the)X
1049(larger)X
1298(repositories.)X
6 f
14 s
576 2834(4.1.1)N
917(Sun)X
1158(Fixes)X
1474(on)X
1641(UUNET)X
1 f
12 s
776 3030(Sun)N
967(Microsystems)X
1548(has)X
1718(contracted)X
2162(with)X
11 s
2373(UUNET)X
12 s
2712(Communications)X
3412(Services,)X
3804(Inc.)X
3993(to)X
4111(make)X
576 3142(\256xes)N
797(for)X
949(bugs)X
1169(in)X
1283(Sun)X
1471(software)X
1841(available)X
2229(via)X
2386(anonymous)X
11 s
2866(FTP)X
12 s
3018(.)X
3105(You)X
3309(can)X
3482(access)X
3767(these)X
4004(\256xes)X
4224(by)X
576 3254(using)N
815(the)X
2 f
965(ftp)X
1 f
1115(command)X
1527([Sun88a,)X
1903(195-201])X
2287(to)X
2394(connect)X
2726(to)X
2833(the)X
2983(host)X
2 f
3175(ftp.uu.net)X
1 f
3555(.)X
3635(Then)X
3865(change)X
4170(into)X
576 3366(the)N
723(directory)X
2 f
1100(sun-\256xes)X
1 f
1452(,)X
1505(and)X
1673(obtain)X
1943(a)X
2015(directory)X
2392(listing,)X
2686(as)X
2794(shown)X
3072(in)X
3175(the)X
3321(example)X
3676(on)X
3800(the)X
3946(following)X
576 3478(page.)N
6 f
2395 6016(35)N
36 p
%%Page: 36 37
12 s 0 xH 0 xS 6 f
1 f
7 f
10 s
576 864(%)N
8 f
672(ftp)X
864(ftp.uu.net)X
7 f
576 960(Connected)N
1056(to)X
1200(uunet.UU.NET.)X
576 1056(220)N
768(uunet)X
1056(FTP)X
1248(server)X
1584(\(Version)X
2016(5.93)X
2256(Tue)X
2448(Mar)X
2640(20)X
2784(11:01:52)X
3216(EST)X
3408(1990\))X
3696(ready.)X
576 1152(Name)N
816(\(ftp.uu.net:davy\):)X
8 f
1728(anonymous)X
7 f
576 1248(331)N
768(Guest)X
1056(login)X
1344(ok,)X
1536(send)X
1776(ident)X
2064(as)X
2208(password.)X
576 1344(Password:)N
2 f
1728(enter)X
1913(your)X
2080(mail)X
2242(address)X
2511(yourname@yourhost)X
3206(here)X
7 f
576 1440(230)N
768(Guest)X
1056(login)X
1344(ok,)X
1536(access)X
1872(restrictions)X
2496(apply.)X
576 1536(ftp>)N
8 f
816(cd)X
960(sun-fixes)X
7 f
576 1632(250)N
768(CWD)X
960(command)X
1344(successful.)X
576 1728(ftp>)N
8 f
816(dir)X
7 f
576 1824(200)N
768(PORT)X
1008(command)X
1392(successful.)X
576 1920(150)N
768(Opening)X
1152(ASCII)X
1440(mode)X
1680(data)X
1920(connection)X
2448(for)X
2640(/bin/ls.)X
576 2016(total)N
864(2258)X
576 2112(-rw-r--r--)N
1152(1)X
1248(38)X
1680(22)X
2304(4558)X
2544(Aug)X
2736(31)X
2928(1989)X
3168(README)X
576 2208(-rw-r--r--)N
1152(1)X
1248(38)X
1680(22)X
2208(484687)X
2544(Dec)X
2736(14)X
2928(1988)X
3168(ddn.tar.Z)X
576 2304(-rw-r--r--)N
1152(1)X
1248(38)X
1680(22)X
2208(140124)X
2544(Jan)X
2736(13)X
2928(1989)X
3168(gated.sun3.Z)X
576 2400(-rwxr-xr-x)N
1152(1)X
1248(38)X
1680(22)X
2256(22646)X
2544(Dec)X
2736(14)X
2928(1988)X
3168(in.ftpd.sun3.Z)X
576 2496(.....)N
576 2592(.....)N
576 2688(-rw-r--r--)N
1152(1)X
1248(38)X
1680(22)X
2256(72119)X
2544(Aug)X
2736(31)X
2928(1989)X
3168(sendmail.sun3.Z)X
576 2784(-rwxr-xr-x)N
1152(1)X
1248(38)X
1680(22)X
2256(99147)X
2544(Aug)X
2736(31)X
2928(1989)X
3168(sendmail.sun4.Z)X
576 2880(-rw-r--r--)N
1152(1)X
1248(38)X
1680(22)X
2304(3673)X
2544(Jul)X
2736(11)X
2928(1989)X
3168(wall.sun3.Z)X
576 2976(-rw-r--r--)N
1152(1)X
1248(38)X
1680(22)X
2304(4099)X
2544(Jul)X
2736(11)X
2928(1989)X
3168(wall.sun4.Z)X
576 3072(-rwxr-xr-x)N
1152(1)X
1248(38)X
1680(22)X
2304(7955)X
2544(Jan)X
2736(18)X
2928(1989)X
3168(ypbind.sun3.Z)X
576 3168(-rwxr-xr-x)N
1152(1)X
1248(38)X
1680(22)X
2304(9237)X
2544(Jan)X
2736(18)X
2928(1989)X
3168(ypbind.sun4.Z)X
576 3264(226)N
768(Transfer)X
1200(complete.)X
576 3360(1694)N
816(bytes)X
1104(received)X
1536(in)X
1680(0.39)X
1920(seconds)X
2304(\(4.2)X
2544(Kbytes/s\))X
576 3456(ftp>)N
8 f
816(quit)X
7 f
576 3552(221)N
768(Goodbye.)X
576 3648(%)N
1 f
12 s
576 3808(The)N
758(\256le)X
2 f
913(README)X
1 f
1346(contains)X
1699(a)X
1774(brief)X
1988(description)X
2448(of)X
2560(what)X
2779(each)X
2988(\256le)X
3143(in)X
3250(this)X
3422(directory)X
3803(contains,)X
4181(and)X
576 3920(what)N
787(is)X
875(required)X
1220(to)X
1319(install)X
1579(the)X
1721(\256x.)X
6 f
14 s
576 4269(4.1.2)N
917(Berkeley)X
1414(Fixes)X
1 f
12 s
776 4465(The)N
961(University)X
1402(of)X
1518(California)X
1945(at)X
2051(Berkeley)X
2435(also)X
2626(makes)X
2908(\256xes)X
3125(available)X
3510(via)X
3664(anonymous)X
11 s
4141(FTP)X
12 s
4293(;)X
576 4577(these)N
808(\256xes)X
1023(pertain)X
1325(primarily)X
1718(to)X
1827(the)X
1979(current)X
2286(release)X
2588(of)X
11 s
2700(BSD)X
2903(UNIX)X
12 s
3155(\(currently)X
3568(release)X
3869(4.3\).)X
4102(How-)X
576 4689(ever,)N
795(even)X
1006(if)X
1094(you)X
1267(are)X
1414(not)X
1566(running)X
1894(their)X
2101(software,)X
2486(these)X
2714(\256xes)X
2925(are)X
3073(still)X
3248(important,)X
3677(since)X
3905(many)X
4149(ven-)X
576 4801(dors)N
765(\(Sun,)X
11 s
992(DEC)X
12 s
(,)S
1216(Sequent)X
1550(,)X
1598(etc.\))X
1791(base)X
1986(their)X
2187(software)X
2542(on)X
2662(the)X
2804(Berkeley)X
3176(releases.)X
776 4941(The)N
951(Berkeley)X
1324(\256xes)X
1530(are)X
1673(available)X
2047(for)X
2184(anonymous)X
11 s
2650(FTP)X
12 s
2827(from)X
3039(the)X
3183(host)X
2 f
3369(ucbarpa.berkeley.edu)X
1 f
4245(in)X
576 5053(the)N
718(directory)X
2 f
1090(4.3/ucb-\256xes)X
1 f
1595(.)X
1667(The)X
1841(\256le)X
2 f
1988(INDEX)X
1 f
2311(in)X
2410(this)X
2573(directory)X
2945(describes)X
3327(what)X
3538(each)X
3739(\256le)X
3886(contains.)X
776 5193(Berkeley)N
1151(also)X
1333(distributes)X
1761(new)X
1948(versions)X
2295(of)X
2 f
2402(sendmail)X
1 f
2792(and)X
2 f
2958(named)X
1 f
3257([Sun88a,)X
3628(1758-1760,)X
4096(1691-)X
576 5305(1692])N
827(from)X
1041(this)X
1207(machine.)X
1609(New)X
1817(versions)X
2164(of)X
2271(these)X
2496(commands)X
2940(are)X
3085(stored)X
3347(in)X
3449(the)X
2 f
3594(4.3)X
1 f
3757(directory,)X
4155(usu-)X
576 5417(ally)N
745(in)X
844(the)X
986(\256les)X
2 f
1170(sendmail.tar.Z)X
1 f
1770(and)X
2 f
1933(bind.tar.Z)X
1 f
2333(,)X
2381(respectively.)X
6 f
2395 6016(36)N
37 p
%%Page: 37 38
12 s 0 xH 0 xS 6 f
14 s
576 832(4.1.3)N
917(Sim)X
1122(tel-20)X
1446(and)X
1675(UUNET)X
1 f
12 s
776 1028(The)N
959(two)X
1137(largest)X
1428(general-purpose)X
2082(software)X
2447(repositories)X
2930(on)X
3060(the)X
3212(Internet)X
3546(are)X
3698(the)X
3850(hosts)X
2 f
4081(wsmr-)X
576 1140(simtel20.army.mil)N
1 f
1310(and)X
2 f
1473(ftp.uu.net)X
1 f
1853(.)X
2 f
776 1280(wsmr-simtel20.army.mil)N
1 f
1751(is)X
1841(a)X
11 s
1908(TOPS)X
12 s
2123(-20)X
2277(machine)X
2630(operated)X
2988(by)X
3111(the)X
3256(U.)X
3376(S.)X
3480(Army)X
3731(at)X
3828(White)X
4091(Sands)X
576 1392(Missile)N
898(Range,)X
1207(New)X
1427(Mexico.)X
1808(The)X
1997(directory)X
2 f
2384(pd2:<unix-c>)X
1 f
2986(contains)X
3346(a)X
3428(large)X
3659(amount)X
3986(of)X
11 s
4102(UNIX)X
12 s
576 1504(software,)N
973(primarily)X
1374(taken)X
1625(from)X
1854(the)X
2 f
2014(comp.sources)X
1 f
2597(newsgroups.)X
3146(The)X
3339(\256le)X
2 f
3505(000-master-index.txt)X
1 f
576 1616(contains)N
927(a)X
999(master)X
1285(list)X
1432(and)X
1600(description)X
2057(of)X
2166(each)X
2372(piece)X
2605(of)X
2714(software)X
3074(available)X
3452(in)X
3556(the)X
3703(repository.)X
4170(The)X
576 1728(\256le)N
2 f
754(000-intro-unix-sw.txt)X
1 f
1640(contains)X
2016(information)X
2526(on)X
2677(the)X
2850(mailing)X
3200(list)X
3373(used)X
3604(to)X
3735(announce)X
4160(new)X
576 1840(software,)N
955(and)X
1118(describes)X
1500(the)X
1642(procedures)X
2088(used)X
2288(for)X
2424(transferring)X
2897(\256les)X
3081(from)X
3292(the)X
3434(archive)X
3742(with)X
11 s
3935(FTP)X
12 s
4087(.)X
2 f
776 1980(ftp.uu.net)N
1 f
1184(is)X
1276(operated)X
1636(by)X
11 s
1758(UUNET)X
12 s
2083(Communications)X
2769(Services,)X
3147(Inc.)X
3322(in)X
3425(Falls)X
3640(Church,)X
3975(Virginia.)X
576 2092(This)N
782(company)X
1170(sells)X
1376(Internet)X
1711(and)X
11 s
1883(USENET)X
12 s
2255(access)X
2535(to)X
2644(sites)X
2849(all)X
2980(over)X
3185(the)X
3337(country)X
3665(\(and)X
3870(internation-)X
576 2204(ally\).)N
828(The)X
1005(software)X
1363(posted)X
1641(to)X
1743(the)X
1889(following)X
11 s
2289(USENET)X
12 s
2654(source)X
2933(newsgroups)X
3419(is)X
3511(stored)X
3774(here,)X
3992(in)X
4095(direc-)X
576 2316(tories)N
814(of)X
918(the)X
1060(same)X
1282(name:)X
864 2476(comp.sources.games)N
864 2588(comp.sources.misc)N
864 2700(comp.sources.sun)N
864 2812(comp.sources.unix)N
864 2924(comp.sources.x)N
576 3084(Numerous)N
1012(other)X
1246(distributions,)X
1788(such)X
2001(as)X
2118(all)X
2252(the)X
2407(freely)X
2669(distributable)X
3188(Berkeley)X
11 s
3571(UNIX)X
12 s
3826(source)X
4114(code,)X
576 3196(Internet)N
900(Request)X
1234(for)X
1370(Comments)X
1811(\()X
11 s
1843(RFC)X
12 s
2010(s\),)X
2127(and)X
2290(so)X
2399(on)X
2519(are)X
2661(also)X
2840(stored)X
3099(on)X
3219(this)X
3382(machine.)X
6 f
14 s
576 3545(4.1.4)N
917(Vendors)X
1 f
12 s
776 3741(Many)N
1042(vendors)X
1388(make)X
1639(\256xes)X
1863(for)X
2018(bugs)X
2242(in)X
2360(their)X
2580(software)X
2954(available)X
3346 0.2500(electronically,)AX
3939(either)X
4202(via)X
576 3853(mailing)N
896(lists)X
1076(or)X
1181(via)X
1324(anonymous)X
11 s
1790(FTP)X
12 s
1942(.)X
2015(You)X
2204(should)X
2484(contact)X
2787(your)X
2987(vendor)X
3278(to)X
3377(\256nd)X
3550(out)X
3697(if)X
3780(they)X
3970(offer)X
4181(this)X
576 3965(service,)N
923(and)X
1112(if)X
1221(so,)X
1380(how)X
1595(to)X
1720(access)X
2016(it.)X
2168(Some)X
2437(vendors)X
2792(that)X
2988(offer)X
3226(these)X
3475(services)X
3836(include)X
4171(Sun)X
576 4077(Microsystems)N
1154(\(see)X
1348(above\),)X
1672(Digital)X
1978(Equipment)X
2439(Corp.,)X
2717(the)X
2873(University)X
3317(of)X
3435(California)X
3864(at)X
3972(Berkeley)X
576 4189(\(see)N
755(above\),)X
1065(and)X
1228(Apple)X
1487(Computer.)X
6 f
14 s
576 4538(4.2)N
824(THE)X
1078(NPASSW)X
1568(D)X
1680(COMMAND)X
1 f
12 s
776 4734(The)N
2 f
955(npasswd)X
1 f
1330(command,)X
1763(developed)X
2188(by)X
2313(Clyde)X
2572(Hoover)X
2889(at)X
2988(the)X
3135(University)X
3570(of)X
3680(Texas)X
3940(at)X
4040(Austin,)X
576 4846(is)N
669(intended)X
1030(to)X
1134(be)X
1254(a)X
1326(replacement)X
1827(for)X
1968(the)X
2114(standard)X
11 s
2466(UNIX)X
2 f
12 s
2712(passwd)X
1 f
3038(command)X
3446([Sun88a,)X
3818(379],)X
4046(as)X
4154(well)X
576 4958(as)N
700(the)X
862(Sun)X
2 f
1055(yppasswd)X
1 f
1488(command)X
1912([Sun88a,)X
2300(611].)X
2 f
2568(npasswd)X
1 f
2958(makes)X
3248(passwords)X
3691(more)X
3933(secure)X
4224(by)X
576 5070(refusing)N
919(to)X
1022(allow)X
1264(users)X
1489(to)X
1592(select)X
1840(insecure)X
2189(passwords.)X
2664(The)X
2842(following)X
3243(capabilities)X
3710(are)X
3855(provided)X
4224(by)X
2 f
576 5182(npasswd)N
1 f
922(:)X
10 f
776 5322(g)N
1 f
976(Con\256gurable)X
1502(minimum)X
1901(password)X
2287(length)X
10 f
776 5462(g)N
1 f
976(Con\256gurable)X
1502(to)X
1601(force)X
1823(users)X
2044(to)X
2143(use)X
2295(mixed)X
2560(case)X
2750(or)X
2854(digits)X
3092(and)X
3255(punctuation)X
10 f
776 5602(g)N
1 f
976(Checking)X
1369(for)X
1505(``simple'')X
1914(passwords)X
2337(such)X
2537(as)X
2641(a)X
2708(repeated)X
3059(letter)X
6 f
2395 6016(37)N
38 p
%%Page: 38 39
12 s 0 xH 0 xS 6 f
1 f
10 f
776 832(g)N
1 f
976(Checking)X
1369(against)X
1666(the)X
1808(host)X
1992(name)X
2225(and)X
2388(other)X
2610(host-speci\256c)X
3120(information)X
10 f
776 972(g)N
1 f
976(Checking)X
1369(against)X
1666(the)X
1808(login)X
2030(name,)X
2287(\256rst)X
2460(and)X
2623(last)X
2781(names,)X
3075(and)X
3238(so)X
3347(on)X
10 f
776 1112(g)N
1 f
976(Checking)X
1369(for)X
1505(words)X
1763(in)X
1862(various)X
2169(dictionaries,)X
2667(including)X
3055(the)X
3197(system)X
3488(dictionary.)X
776 1252(The)N
2 f
971(npasswd)X
1 f
1362(distribution)X
1851(is)X
1960(available)X
2355(for)X
2513(anonymous)X
11 s
3000(FTP)X
12 s
3198(from)X
2 f
3431(emx.utexas.edu)X
1 f
4081(in)X
4202(the)X
576 1364(directory)N
2 f
948(pub/npasswd)X
1 f
1465(.)X
6 f
14 s
576 1713(4.3)N
824(THE)X
1078(COPS)X
1425(PACKAGE)X
1 f
12 s
776 2021(COPS)N
1043(is)X
1135(a)X
1207(security)X
1541(tool)X
1720(for)X
1861(system)X
2157(administrators)X
2737(that)X
2911(checks)X
3202(for)X
3343(numerous)X
3751(common)X
4117(secu-)X
576 2133(rity)N
737(problems)X
1122(on)X
11 s
1243(UNIX)X
12 s
1488(systems,)X
1843(including)X
2234(many)X
2475(of)X
2582(the)X
2727(things)X
2989(described)X
3384(in)X
3485(this)X
3650(document.)X
11 s
4100(COPS)X
12 s
576 2245(is)N
665(a)X
733(collection)X
1139(of)X
1244(shell)X
1451(scripts)X
1727(and)X
1891(C)X
1980(programs)X
2368(that)X
2538(can)X
2697(easily)X
2947(be)X
3063(run)X
3216(on)X
3338(almost)X
3621(any)X
11 s
3784(UNIX)X
12 s
4028(variant.)X
576 2357(Among)N
889(other)X
1112(things,)X
1395(it)X
1473(checks)X
1759(the)X
1901(following)X
2299(items)X
2532(and)X
2695(sends)X
2932(the)X
3074(results)X
3349(to)X
3448(the)X
3590(system)X
3881(administra-)X
576 2469(tor:)N
10 f
776 2609(g)N
1 f
976(Checks)X
2 f
1283(/dev/kmem)X
1 f
1735(and)X
1898(other)X
2120(devices)X
2433(for)X
2569(world)X
2817 0.1953(read/writability.)AX
10 f
776 2749(g)N
1 f
976(Checks)X
1283 0.2109(special/important)AX
1977(\256les)X
2161(and)X
2324(directories)X
2755(for)X
2891(``bad'')X
3182(modes)X
3457(\(world)X
3737(writable,)X
4101(etc.\).)X
10 f
776 2889(g)N
1 f
976(Checks)X
1283(for)X
1419(easily)X
1668(guessed)X
1996(passwords.)X
10 f
776 3029(g)N
1 f
976(Checks)X
1283(for)X
1419(duplicate)X
1797(user)X
1981(ids,)X
2141(invalid)X
2433(\256elds)X
2665(in)X
2764(the)X
2906(password)X
3292(\256le,)X
3463(etc.)X
10 f
776 3169(g)N
1 f
976(Checks)X
1283(for)X
1419(duplicate)X
1797(group)X
2045(ids,)X
2205(invalid)X
2497(\256elds)X
2729(in)X
2828(the)X
2970(group)X
3218(\256le,)X
3389(etc.)X
10 f
776 3309(g)N
1 f
976(Checks)X
1290(all)X
1418(users')X
1678(home)X
1923(directories)X
2361(and)X
2531(their)X
2 f
2739(.cshrc)X
1 f
2987(,)X
2 f
3042(.login)X
1 f
3280(,)X
2 f
3336(.pro\256le)X
1 f
3627(,)X
3683(and)X
2 f
3854(.rhosts)X
1 f
4160(\256les)X
976 3421(for)N
1112(security)X
1441(problems.)X
10 f
776 3561(g)N
1 f
976(Checks)X
1284(all)X
1406(commands)X
1848(in)X
1948(the)X
2 f
2091(/etc/rc)X
1 f
2379(\256les)X
2564([Sun88a,)X
2933(1724-1725])X
3407(and)X
2 f
3572(cron)X
1 f
3790(\256les)X
3976([Sun88a,)X
976 3673(1606-1607])N
1448(for)X
1584(world)X
1832(writability.)X
10 f
776 3813(g)N
1 f
976(Checks)X
1283(for)X
1419(bad)X
1582(``root'')X
1889(paths,)X
11 s
2138(NFS)X
12 s
2323(\256le)X
2470(system)X
2761(exported)X
3122(to)X
3221(the)X
3363(world,)X
3635(etc.)X
10 f
776 3953(g)N
1 f
976(Includes)X
1334(an)X
1457(expert)X
1730(system)X
2029(that)X
2206(checks)X
2500(to)X
2607(see)X
2763(if)X
2855(a)X
2931(given)X
3178(user)X
3371(\(usually)X
3714(``root''\))X
4062(can)X
4229(be)X
976 4065(compromised,)N
1548(given)X
1786(that)X
1955(certain)X
2242(rules)X
2453(are)X
2595(true.)X
10 f
776 4205(g)N
1 f
976(Checks)X
1283(for)X
2 f
1419(changes)X
1 f
1774(in)X
1873(the)X
2015(setuid)X
2269(status)X
2512(of)X
2616(programs)X
3003(on)X
3123(the)X
3265(system.)X
776 4345(The)N
11 s
951(COPS)X
12 s
1198(package)X
1541(is)X
1633(available)X
2010(from)X
2225(the)X
2 f
2371(comp.sources.unix)X
1 f
3130(archive)X
3442(on)X
2 f
3566(ftp.uu.net)X
1 f
3946(,)X
3998(and)X
4165(also)X
576 4457(from)N
787(the)X
929(repository)X
1343(on)X
2 f
1463(wsmr-simtel20.army.mil)X
1 f
2412(.)X
6 f
14 s
576 4806(4.4)N
824(SUN)X
1091(C2)X
1265(SECURITY)X
1860(FEATURES)X
1 f
12 s
776 5002(With)N
998(the)X
1145(release)X
1442(of)X
1551(Sun)X
11 s
1700(OS)X
12 s
1841(4.0,)X
2014(Sun)X
2192(has)X
2349(included)X
2711(security)X
3046(features)X
3381(that)X
3556(allow)X
3800(the)X
3948(system)X
4245(to)X
576 5114(operate)N
885(at)X
980(a)X
1048(higher)X
1319(level)X
1532(of)X
1637(security,)X
1991(patterned)X
2375(after)X
2577(the)X
2720(C2*)X
2905(classi\256cation.)X
3482(These)X
3738(features)X
4069(can)X
4229(be)X
576 5226(installed)N
948(as)X
1073(one)X
1257(of)X
1382(the)X
1544(options)X
1871(when)X
2123(installing)X
2526(the)X
2688(system)X
2999(from)X
3230(the)X
3392(distribution)X
3880(tapes.)X
4170(The)X
10 s
10 f
576 5322(h)N
592(hhhhhhhhhhhhhh)X
1 f
656 5432(*)N
736(C2)X
850(is)X
924(one)X
1061(of)X
1149(several)X
1398(security)X
1673(classi\256cations)X
2143(de\256ned)X
2400(by)X
2501(the)X
2620(National)X
2917(Computer)X
3258(Security)X
3546(Center,)X
3801(and)X
3938(is)X
4012(described)X
576 5528(in)N
658([NCSC85],)X
1040(the)X
1158(``orange)X
1451(book.'')X
6 f
12 s
2395 6016(38)N
39 p
%%Page: 39 40
12 s 0 xH 0 xS 6 f
1 f
576 832(security)N
905(features)X
1234(added)X
1488(by)X
1608(this)X
1771(option)X
2041(include)X
10 f
776 972(g)N
1 f
976(Audit)X
1236(trails)X
1471(that)X
1658(record)X
1946(all)X
2085(login)X
2325(and)X
2506(logout)X
2794(times,)X
3069(the)X
3229(execution)X
3646(of)X
3768(administrative)X
976 1084(commands,)N
1441(and)X
1604(the)X
1746(execution)X
2145(of)X
2249(privileged)X
2664(\(setuid\))X
2982(operations.)X
10 f
776 1224(g)N
1 f
976(A)X
1091(more)X
1335(secure)X
1627(password)X
2035(\256le)X
2205(mechanism)X
2691(\(``shadow)X
3127(password)X
3536(\256le''\))X
3802(that)X
3994(prevents)X
976 1336(crackers)N
1321(from)X
1532(obtaining)X
1920(a)X
1987(list)X
2129(of)X
2233(the)X
2375(encrypted)X
2779(passwords.)X
10 f
776 1476(g)N
11 s
1 f
976(DES)X
12 s
1166(encryption)X
1602(capability.)X
10 f
776 1616(g)N
1 f
976(A)X
1077(\(more\))X
1371(secure)X
11 s
1647(NFS)X
12 s
1840 0.2548(implementation)AX
2479(that)X
2657(uses)X
2855(public-key)X
3300(encryption)X
3745(to)X
3853 0.2841(authenticate)AX
976 1728(the)N
1128(users)X
1358(of)X
1471(the)X
1622(system)X
1922(and)X
2094(the)X
2245(hosts)X
2475(on)X
2604(the)X
2755(network,)X
3127(to)X
3235(be)X
3359(sure)X
3552(they)X
3751(really)X
4004(are)X
4155(who)X
976 1840(they)N
1166(claim)X
1405(to)X
1504(be.)X
576 1980(These)N
830(security)X
1159(features)X
1488(are)X
1630(described)X
2023(in)X
2122(detail)X
2361(in)X
2460([Sun88c].)X
6 f
14 s
576 2329(4.5)N
824(KERBEROS)X
1 f
12 s
776 2525(Kerberos)N
1156([Stei88])X
1494(is)X
1586(an)X
1705 0.2356(authentication)AX
2280(system)X
2575(developed)X
2999(by)X
3123(the)X
3269(Athena)X
3575(Project)X
3877(at)X
3976(the)X
4123(Mas-)X
576 2637(sachusetts)N
1006(Institute)X
1362(of)X
1482(Technology.)X
2030(Kerberos)X
2422(is)X
2526(a)X
2609(third-party)X
3060 0.2356(authentication)AX
3646(service,)X
3982(which)X
4256(is)X
576 2749(trusted)N
863(by)X
984(other)X
1207(network)X
1547(services.)X
1930(When)X
2185(a)X
2253(user)X
2438(logs)X
2623(in,)X
2747(Kerberos)X
3124(authenticates)X
3654(that)X
3825(user)X
4011(\(using)X
4277(a)X
576 2861(password\),)N
1020(and)X
1185(provides)X
1542(the)X
1686(user)X
1871(with)X
2067(a)X
2135(way)X
2320(to)X
2420(prove)X
2664(her)X
2812(identity)X
3132(to)X
3232(other)X
3455(servers)X
3752(and)X
3916(hosts)X
4138(scat-)X
576 2973(tered)N
793(around)X
1084(the)X
1226(network.)X
776 3113(This)N
972 0.2356(authentication)AX
1544(is)X
1633(then)X
1824(used)X
2025(by)X
2146(programs)X
2534(such)X
2735(as)X
2 f
2840(rlogin)X
1 f
3116([Sun88a,)X
3485(418-419])X
3862(to)X
3962(allow)X
4202(the)X
576 3225(user)N
763(to)X
865(log)X
1015(in)X
1117(to)X
1219(other)X
1444(hosts)X
1668(without)X
1989(a)X
2059(password)X
2448(\(in)X
2582(place)X
2813(of)X
2920(the)X
2 f
3065(.rhosts)X
1 f
3366(\256le\).)X
3596(The)X
3773 0.2356(authentication)AX
576 3337(is)N
667(also)X
849(used)X
1052(by)X
1175(the)X
1320(mail)X
1519(system)X
1813(in)X
1915(order)X
2145(to)X
2247(guarantee)X
2649(that)X
2821(mail)X
3020(is)X
3111(delivered)X
3497(to)X
3599(the)X
3744(correct)X
4040(person,)X
576 3449(as)N
688(well)X
886(as)X
998(to)X
1105(guarantee)X
1512(that)X
1689(the)X
1839(sender)X
2122(is)X
2218(who)X
2415(he)X
2538(claims)X
2822(to)X
2929(be.)X
11 s
3096(NFS)X
12 s
3289(has)X
3449(also)X
3636(been)X
3850(modi\256ed)X
4224(by)X
576 3561(M.I.T.)N
848(to)X
947(work)X
1168(with)X
1363(Kerberos,)X
1763(thereby)X
2076(making)X
2389(the)X
2531(system)X
2822(much)X
3060(more)X
3282(secure.)X
776 3701(The)N
951(overall)X
1244(effect)X
1490(of)X
1596(installing)X
1981(Kerberos)X
2359(and)X
2524(the)X
2668(numerous)X
3073(other)X
3297(programs)X
3686(that)X
3857(go)X
3979(with)X
4176(it)X
4256(is)X
576 3813(to)N
678(virtually)X
1032(eliminate)X
1419(the)X
1564(ability)X
1838(of)X
1945(users)X
2169(to)X
2271(``spoof'')X
2639(the)X
2784(system)X
3078(into)X
3255(believing)X
3641(they)X
3834(are)X
3978(someone)X
576 3925(else.)N
803(Unfortunately,)X
1396(installing)X
1784(Kerberos)X
2165(is)X
2259(very)X
2460(intrusive,)X
2851(requiring)X
3234(the)X
3382(modi\256cation)X
3899(or)X
4009(replace-)X
576 4037(ment)N
808(of)X
927(numerous)X
1345(standard)X
1710(programs.)X
2160(For)X
2332(this)X
2510(reason,)X
2824(a)X
2906(source)X
3196(license)X
3503(is)X
3606(usually)X
3922(necessary.)X
576 4149(There)N
829(are)X
975(plans)X
1206(to)X
1309(make)X
1546(Kerberos)X
1926(a)X
1998(part)X
2177(of)X
2286(4.4)X
11 s
(BSD)S
12 s
2577(,)X
2630(to)X
2734(be)X
2854(released)X
3199(by)X
3324(the)X
3471(University)X
3906(of)X
4015(Califor-)X
576 4261(nia)N
718(at)X
812(Berkeley)X
1184(sometime)X
1583(in)X
1682(1990.)X
6 f
2395 6016(39)N
40 p
%%Page: 40 41
12 s 0 xH 0 xS 6 f
1 f
6 f
2395 6016(40)N
41 p
%%Page: 41 42
12 s 0 xH 0 xS 6 f
1 f
5 f
18 s
2068 896(SEC)N
2364(TIO)X
2604(N)X
2748(5)X
1264 1072(KEEPIN)N
1792(G)X
1944(ABR)X
2240(EAST)X
2656(O)X
2768(F)X
2896(TH)X
3088(E)X
3224(BU)X
(G)S
3536(S)X
1 f
12 s
776 1268(One)N
969(of)X
1082(the)X
1233(hardest)X
1544(things)X
1812(about)X
2059(keeping)X
2397(a)X
2473(system)X
2774(secure)X
3054(is)X
3152(\256nding)X
3458(out)X
3615(about)X
3863(the)X
4015(security)X
576 1380(holes)N
813(before)X
1093(a)X
1170(cracker)X
1488(does.)X
1746(To)X
1887(combat)X
2205(this,)X
2402(there)X
2629(are)X
2781(several)X
3087(sources)X
3408(of)X
3521(information)X
4009(you)X
4186(can)X
576 1492(and)N
739(should)X
1019(make)X
1252(use)X
1404(of)X
1508(on)X
1628(a)X
1695(regular)X
1992(basis.)X
6 f
14 s
576 1841(5.1)N
824(THE)X
1078(COMPUTER)X
1749(EMERGENCY)X
2500 -0.4732(RESPONSE)AX
3150(TEAM)X
1 f
12 s
776 2037(The)N
958(Computer)X
1375(Emergency)X
1846(Response)X
2246(Team)X
2498(\()X
11 s
2530(CERT)X
12 s
2756(\))X
2820(was)X
3001(established)X
3462(in)X
3570(December)X
3999(1988)X
4224(by)X
576 2149(the)N
740(Defense)X
1101(Advanced)X
1537(Research)X
1936(Projects)X
2292(Agency)X
2637(to)X
2758(address)X
3092(computer)X
3502(security)X
3853(concerns)X
4240(of)X
576 2261(research)N
927(users)X
1154(of)X
1264(the)X
1412(Internet.)X
1790(It)X
1879(is)X
1973(operated)X
2336(by)X
2463(the)X
2612(Software)X
2990(Engineering)X
3492(Institute)X
3839(at)X
3940(Carnegie-)X
576 2373(Mellon)N
879(University.)X
1358(The)X
11 s
1531(CERT)X
12 s
1782(serves)X
2047(as)X
2152(a)X
2220(focal)X
2438(point)X
2661(for)X
2798(the)X
2941(reporting)X
3319(of)X
3424(security)X
3753(violations,)X
4181(and)X
576 2485(the)N
722(dissemination)X
1286(of)X
1395(security)X
1729(advisories)X
2148(to)X
2252(the)X
2399(Internet)X
2728(community.)X
3244(In)X
3353(addition,)X
3722(the)X
3869(team)X
4086(works)X
576 2597(with)N
771(vendors)X
1099(of)X
1203(various)X
1510(systems)X
1838(in)X
1937(order)X
2164(to)X
2263(coordinate)X
2694(the)X
2836(\256xes)X
3041(for)X
3177(security)X
3506(problems.)X
776 2737(The)N
11 s
981(CERT)X
12 s
1264(sends)X
1534(out)X
1714(security)X
2076(advisories)X
2523(to)X
2655(the)X
2 f
2830(cert-advisory)X
1 f
3417(mailing)X
3770(list)X
3946(whenever)X
576 2849(appropriate.)N
1095(They)X
1325(also)X
1511(operate)X
1826(a)X
1900(24-hour)X
2235(hotline)X
2534(that)X
2710(can)X
2875(be)X
2997(called)X
3259(to)X
3365(report)X
3626(security)X
3962(problems)X
576 2961(\(e.g.,)N
802(someone)X
1175(breaking)X
1543(into)X
1724(your)X
1932(system\),)X
2287(as)X
2399(well)X
2597(as)X
2709(to)X
2816(obtain)X
3089(current)X
3394(\(and)X
3597(accurate\))X
3983(informa-)X
576 3073(tion)N
750(about)X
988(rumored)X
1338(security)X
1667(problems.)X
776 3213(To)N
910(join)X
1087(the)X
2 f
1232(cert-advisory)X
1 f
1788(mailing)X
2110(list,)X
2280(send)X
2484(a)X
2555(message)X
2909(to)X
2 f
3012(cert@cert.sei.cmu.edu)X
1 f
3922(and)X
4089(ask)X
4245(to)X
576 3325(be)N
706(added)X
975(to)X
1089(the)X
1246(mailing)X
1580(list.)X
1785(Past)X
1984(advisories)X
2413(are)X
2570(available)X
2958(for)X
3109(anonymous)X
11 s
3589(FTP)X
12 s
3779(from)X
4004(the)X
4160(host)X
2 f
576 3437(cert.sei.cmu.edu)N
1 f
1220(.)X
1292(The)X
1466(24-hour)X
1794(hotline)X
2086(number)X
2404(is)X
2492(\(412\))X
2724(268-7090.)X
6 f
14 s
576 3786(5.2)N
824(DDN)X
1098(MANAGEMENT)X
1944(BULLETINS)X
1 f
12 s
776 3982(The)N
2 f
955(DDN)X
1186(Management)X
1717(Bulletin)X
1 f
2068(is)X
2161(distributed)X
2602 0.2692(electronically)AX
3157(by)X
3282(the)X
3429(Defense)X
3773(Data)X
3984(Network)X
576 4094(\()N
11 s
608(DDN)X
12 s
797(\))X
860(Network)X
1227(Information)X
1718(Center)X
2006(under)X
2256(contract)X
2598(to)X
2703(the)X
2851(Defense)X
3196(Communications)X
3884(Agency.)X
4261(It)X
576 4206(is)N
676(a)X
755(means)X
1037(of)X
1153(communicating)X
1789(of\256cial)X
2098(policy,)X
2400(procedures,)X
2883(and)X
3059(other)X
3294(information)X
3786(of)X
3903(concern)X
4245(to)X
576 4318(management)N
1093(personnel)X
1491(at)X
11 s
1583(DDN)X
12 s
1796(facilities.)X
776 4458(The)N
2 f
953(DDN)X
1182(Security)X
1526(Bulletin)X
1 f
1876(is)X
1968(distributed)X
2408 0.2692(electronically)AX
2962(by)X
3086(the)X
11 s
3230(DDN)X
3445(SCC)X
12 s
3640(\(Security)X
4021(Coordi-)X
576 4570(nation)N
851(Center\),)X
1198(also)X
1387(under)X
1640(contract)X
1985(to)X
11 s
2092(DCA)X
12 s
2277(,)X
2335(as)X
2449(a)X
2526(means)X
2806(of)X
2920(communicating)X
3553(information)X
4041(on)X
4170(net-)X
576 4682(work)N
803(and)X
972(host)X
1162(security)X
1497(exposures,)X
1935(\256xes,)X
2170(and)X
2339(concerns)X
2711(to)X
2816(security)X
3151(and)X
3321(management)X
3845(personnel)X
4250(at)X
11 s
576 4794(DDN)N
12 s
789(facilities.)X
776 4934(Anyone)N
1132(may)X
1350(join)X
1552(the)X
1722(mailing)X
2069(lists)X
2276(for)X
2440(these)X
2690(two)X
2886(bulletins)X
3270(by)X
3418(sending)X
3770(a)X
3866(message)X
4245(to)X
2 f
576 5046(nic@nic.ddn.mil)N
1 f
1255(and)X
1418(asking)X
1693(to)X
1792(be)X
1907(placed)X
2183(on)X
2303(the)X
2445(mailing)X
2764(lists.)X
6 f
2395 6016(41)N
42 p
%%Page: 42 43
12 s 0 xH 0 xS 6 f
14 s
576 832(5.3)N
824 -0.2292(SECURITY-RELATED)AX
1984(MAILING)X
2488(LISTS)X
1 f
12 s
776 1028(There)N
1050(are)X
1217(several)X
1539(other)X
1786(mailing)X
2131(lists)X
2336(operated)X
2718(on)X
2864(the)X
3032(Internet)X
3382(that)X
3577(pertain)X
3895(directly)X
4240(or)X
576 1140(indirectly)N
970(to)X
1069(various)X
1376(security)X
1705(issues.)X
2006(Some)X
2249(of)X
2353(the)X
2495(more)X
2717(useful)X
2976(ones)X
3176(are)X
3318(described)X
3711(below.)X
6 f
14 s
576 1489(5.3.1)N
917(Security)X
1 f
12 s
776 1685(The)N
11 s
953(UNIX)X
12 s
1201(Security)X
1552(mailing)X
1877(list)X
2025(exists)X
2274(to)X
2379(notify)X
2639(system)X
2936(administrators)X
3517(of)X
3627(security)X
3962(problems)X
2 f
576 1797(before)N
1 f
870(they)X
1068(become)X
1400(common)X
1769(knowledge,)X
2247(and)X
2418(to)X
2525(provide)X
2851(security)X
3187(enhancement)X
3727(information.)X
4261(It)X
576 1909(is)N
676(a)X
755(restricted-access)X
1428(list,)X
1606(open)X
1829(only)X
2036(to)X
2147(people)X
2440(who)X
2641(can)X
2811(be)X
2938(veri\256ed)X
3268(as)X
3385(being)X
3636(principal)X
4016(systems)X
576 2021(people)N
860(at)X
957(a)X
1027(site.)X
1236(Requests)X
1610(to)X
1712(join)X
1889(the)X
2034(list)X
2179(must)X
2393(be)X
2511(sent)X
2692(by)X
2814(either)X
3060(the)X
3204(site)X
3364(contact)X
3669(listed)X
3904(in)X
4005(the)X
4149(Net-)X
576 2133(work)N
797(Information)X
1281(Center's)X
11 s
1629(WHOIS)X
12 s
1940(database,)X
2320(or)X
2424(from)X
2635(the)X
2777(``root'')X
3084(account)X
3408(on)X
3528(one)X
3691(of)X
3795(the)X
3937(major)X
4186(site)X
576 2245(machines.)N
1033(You)X
1243(must)X
1475(include)X
1804(the)X
1967(destination)X
2435(address)X
2768(you)X
2956(want)X
3187(on)X
3327(the)X
3489(list,)X
3675(an)X
3810(indication)X
4240(of)X
576 2357(whether)N
918(you)X
1094(want)X
1313(to)X
1420(be)X
1543(on)X
1671(the)X
1821(mail)X
2025(re\257ector)X
2378(list)X
2528(or)X
2640(receive)X
2951(weekly)X
3261(digests,)X
3584(the)X
3734(electronic)X
4148(mail)X
576 2469(address)N
890(and)X
1055(voice)X
1290(telephone)X
1691(number)X
2011(of)X
2117(the)X
2261(site)X
2421(contact)X
2726(if)X
2811(it)X
2890(isn't)X
3086(you,)X
3279(and)X
3443(the)X
3586(name,)X
3844(address,)X
4181(and)X
576 2581(telephone)N
1019(number)X
1381(of)X
1529(your)X
1773(organization.)X
2371(This)X
2610(information)X
3133(should)X
3457(be)X
3616(sent)X
3839(to)X
2 f
3983(security-)X
576 2693(request@cpd.com)N
1 f
1286(.)X
6 f
14 s
576 3042(5.3.2)N
917(RISKS)X
1 f
12 s
776 3238(The)N
11 s
951(RISKS)X
12 s
1227(digest)X
1484(is)X
1575(a)X
1645(component)X
2100(of)X
2207(the)X
11 s
2350(ACM)X
12 s
2578(Committee)X
3035(on)X
3159(Computers)X
3609(and)X
3776(Public)X
4050(Policy,)X
576 3350(moderated)N
1017(by)X
1147(Peter)X
1379(G.)X
1506(Neumann.)X
1962(It)X
2055(is)X
2153(a)X
2230(discussion)X
2664(forum)X
2933(on)X
3063(risks)X
3278(to)X
3386(the)X
3537(public)X
3811(in)X
3919(computers)X
576 3462(and)N
751(related)X
1050(systems,)X
1414(and)X
1589(along)X
1839(with)X
2046(discussing)X
2482(computer)X
2882(security)X
3223(and)X
3398(privacy)X
3723(issues,)X
4012(has)X
4176(dis-)X
576 3574(cussed)N
864(such)X
1072(subjects)X
1414(as)X
1526(the)X
1676(Stark)X
1910(incident,)X
2276(the)X
2425(shooting)X
2787(down)X
3031(of)X
3142(the)X
3291(Iranian)X
3595(airliner)X
3905(in)X
4011(the)X
4160(Per-)X
576 3686(sian)N
756(Gulf)X
957(\(as)X
1094(it)X
1173(relates)X
1450(to)X
1550(the)X
1693(computerized)X
2243(weapons)X
2604(systems\),)X
2989(problems)X
3372(in)X
3472(air)X
3599(and)X
3764(railroad)X
4090(traf\256c)X
576 3798(control)N
885(systems,)X
1249(software)X
1616(engineering,)X
2131(and)X
2306(so)X
2427(on.)X
2607(To)X
2750(join)X
2935(the)X
3088(mailing)X
3418(list,)X
3595(send)X
3806(a)X
3884(message)X
4245(to)X
2 f
576 3910(risks-request@csl.sri.com)N
1 f
1592(.)X
1664(This)X
1859(list)X
2001(is)X
2089(also)X
2268(available)X
2641(in)X
2740(the)X
11 s
2880(USENET)X
12 s
3241(newsgroup)X
2 f
3686(comp.risks)X
1 f
4115(.)X
6 f
14 s
576 4259(5.3.3)N
917(TCP-IP)X
1 f
12 s
776 4455(The)N
11 s
955(TCP-IP)X
12 s
1255(list)X
1404(is)X
1499(intended)X
1862(to)X
1968(act)X
2112(as)X
2223(a)X
2297(discussion)X
2728(forum)X
2994(for)X
3138(developers)X
3587(and)X
3758(maintainers)X
4240(of)X
576 4567(implementations)N
1255(of)X
1371(the)X
11 s
1523(TCP/IP)X
12 s
1824(protocol)X
2181(suite.)X
2447(It)X
2542(also)X
2733(discusses)X
3126(network-related)X
3772(security)X
4112(prob-)X
576 4679(lems)N
794(when)X
1038(they)X
1240(involve)X
1565(programs)X
1964(providing)X
2374(network)X
2725(services,)X
3095(such)X
3307(as)X
2 f
3423(sendmail)X
1 f
3786(.)X
3871(To)X
4015(join)X
4202(the)X
11 s
576 4791(TCP-IP)N
12 s
887(list,)X
1071(send)X
1289(a)X
1374(message)X
1742(to)X
2 f
1858(tcp-ip-request@nic.ddn.mil)X
1 f
2935(.)X
3024(This)X
3236(list)X
3395(is)X
3500(also)X
3696(available)X
4086(in)X
4202(the)X
11 s
576 4903(USENET)N
12 s
937(newsgroup)X
2 f
1382(comp.protocols.tcp-ip)X
1 f
2242(.)X
6 f
14 s
576 5252(5.3.4)N
917(SUN-SPOTS,)X
1630(SUN-NETS,)X
2263(SUN-MANAGERS)X
1 f
12 s
776 5448(The)N
11 s
949(SUN-SPOTS)X
12 s
1417(,)X
11 s
1465(SUN-NETS)X
12 s
1889(,)X
1939(and)X
11 s
2102 -0.2955(SUN-MANAGERS)AX
12 s
2824(lists)X
3005(are)X
3149(all)X
3272(discussion)X
3698(groups)X
3985(for)X
4123(users)X
576 5560(and)N
753(administrators)X
1342(of)X
1460(systems)X
1802(supplied)X
2165(by)X
2298(Sun)X
2484(Microsystems.)X
11 s
3104(SUN-SPOTS)X
12 s
3609(is)X
3710(a)X
3790(fairly)X
4036(general)X
576 5672(list,)N
780(discussing)X
1243(everything)X
1718(from)X
1968(hardware)X
2389(con\256gurations)X
3002(to)X
3140(simple)X
11 s
3458(UNIX)X
12 s
3739(questions.)X
4213(To)X
6 f
2395 6016(42)N
43 p
%%Page: 43 44
12 s 0 xH 0 xS 6 f
1 f
576 832(subscribe,)N
1009(send)X
1231(a)X
1320(message)X
1692(to)X
2 f
1813(sun-spots-request@rice.edu)X
1 f
2907(.)X
3000(This)X
3216(list)X
3379(is)X
3488(also)X
3688(available)X
4082(in)X
4202(the)X
11 s
576 944(USENET)N
12 s
937(newsgroup)X
2 f
1382(comp.sys.sun)X
1 f
1904(.)X
11 s
776 1084(SUN-NETS)N
12 s
1226(is)X
1316(a)X
1385(discussion)X
1811(list)X
1955(for)X
2093(items)X
2328(pertaining)X
2745(to)X
2846(networking)X
3311(on)X
3434(Sun)X
3610(systems.)X
3989(Much)X
4240(of)X
576 1196(the)N
721(discussion)X
1148(is)X
1239(related)X
1529(to)X
11 s
1629(NFS)X
12 s
1790(,)X
1841(Yellow)X
2151(Pages,)X
2426(and)X
2592(name)X
2828(servers.)X
3175(To)X
3309(subscribe,)X
3723(send)X
3925(a)X
3994(message)X
576 1308(to)N
2 f
675(sun-nets-request@umiacs.umd.edu)X
1 f
2038(.)X
11 s
776 1448 -0.2955(SUN-MANAGERS)AN
12 s
1503(is)X
1598(a)X
1672(discussion)X
2103(list)X
2252(for)X
2396(Sun)X
2577(system)X
2876(administrators)X
3459(and)X
3630(covers)X
3913(all)X
4042(aspects)X
576 1560(of)N
752(Sun)X
997(system)X
1360(administration.)X
2061(To)X
2263(subscribe,)X
2745(send)X
3016(a)X
3154(message)X
3575(to)X
2 f
3745(sun-managers-)X
576 1672(request@eecs.nwu.edu)N
1 f
1476(.)X
6 f
14 s
576 2021(5.3.5)N
917(VIRUS-L)X
1 f
12 s
776 2217(The)N
11 s
958(VIRUS-L)X
12 s
1339(list)X
1492(is)X
1591(a)X
1669(forum)X
1939(for)X
2086(the)X
2239(discussion)X
2674(of)X
2789(computer)X
3188(virus)X
3415(experiences,)X
3929(protection)X
576 2329(software,)N
977(and)X
1162(related)X
1471(topics.)X
1795(The)X
1991(list)X
2155(is)X
2265(open)X
2498(to)X
2619(the)X
2783(public,)X
3093(and)X
3277(is)X
3386(implemented)X
3935(as)X
4060(a)X
4148(mail)X
576 2441(re\257ector,)N
950(not)X
1102(a)X
1174(digest.)X
1481(Most)X
1707(of)X
1816(the)X
1963(information)X
2447(is)X
2541(related)X
2834(to)X
2939(personal)X
3295(computers,)X
3750(although)X
4117(some)X
576 2553(of)N
680(it)X
758(may)X
948(be)X
1063(applicable)X
1484(to)X
1583(larger)X
1832(systems.)X
2208(To)X
2339(subscribe,)X
2750(send)X
2950(the)X
3092(line)X
7 f
864 2713(SUB)N
1096(VIRUS-L)X
2 f
1560(your)X
1760(full)X
1913(name)X
1 f
576 2873(to)N
675(the)X
817(address)X
2 f
1129 0.0970(listserv%lehiibm1.bitnet@mitvma.mit.edu)AX
1 f
2765(.)X
6 f
2395 6016(43)N
44 p
%%Page: 44 45
12 s 0 xH 0 xS 6 f
1 f
6 f
2395 6016(44)N
45 p
%%Page: 45 46
12 s 0 xH 0 xS 6 f
1 f
5 f
18 s
2068 896(SEC)N
2364(TIO)X
2604(N)X
2748(6)X
1648 1072(SU)N
(G)S
1960(G)X
2072(ESTED)X
2592(R)X
2696(EAD)X
2992(IN)X
(G)S
1 f
12 s
776 1268(This)N
979(section)X
1284(suggests)X
1641(some)X
1876(alternate)X
2241(sources)X
2561(of)X
2673(information)X
3160(pertaining)X
3584(to)X
3692(the)X
3843(security)X
4181(and)X
576 1380(administration)N
1157(of)X
1261(the)X
11 s
1401(UNIX)X
12 s
1643(operating)X
2031(system.)X
2 f
11 s
576 1604(UNIX)N
12 s
805(System)X
1096(Administration)X
1697(Handbook)X
1 f
576 1716(Evi)N
734(Nemeth,)X
1087(Garth)X
1330(Snyder,)X
1650(Scott)X
1872(Seebass)X
576 1828(Prentice)N
916(Hall,)X
1130(1989,)X
1370($26.95)X
864 1968(This)N
1067(is)X
1163(perhaps)X
1494(the)X
1644(best)X
1831(general-purpose)X
2483(book)X
2707(on)X
11 s
2833(UNIX)X
12 s
3083(system)X
3382(administration)X
3972(currently)X
864 2080(on)N
987(the)X
1132(market.)X
1475(It)X
1561(covers)X
1839(Berkeley)X
11 s
2212(UNIX)X
12 s
2430(,)X
2481(Sun)X
11 s
2630(OS)X
12 s
2742(,)X
2793(and)X
2959(System)X
3269(V.)X
3413(The)X
3590(26)X
3712(chapters)X
4059(and)X
4224(17)X
864 2192(appendices)N
1322(cover)X
1566(numerous)X
1975(topics,)X
2259(including)X
2653(booting)X
2977(and)X
3146(shutting)X
3487(down)X
3731(the)X
3880(system,)X
4202(the)X
864 2304(\256le)N
1012(system,)X
1328(con\256guring)X
1796(the)X
1939(kernel,)X
2229(adding)X
2516(a)X
2584(disk,)X
2793(the)X
2936(line)X
3106(printer)X
3388(spooling)X
3743(system,)X
4058(Berke-)X
864 2416(ley)N
1006(networking,)X
2 f
1492(sendmail)X
1 f
1855(,)X
1903(and)X
2 f
2066(uucp)X
1 f
2269(.)X
2341(Of)X
2466(particular)X
2860(interest)X
3168(are)X
3310(the)X
3452(chapters)X
3797(on)X
3917(running)X
4240(as)X
864 2528(the)N
1006(super-user,)X
1454(backups,)X
1817(and)X
1980(security.)X
2 f
11 s
576 2752(UNIX)N
12 s
805(Operating)X
1224(System)X
1515(Security)X
1 f
576 2864(F.)N
677(T.)X
784(Grammp)X
1150(and)X
1313(R.)X
1425(H.)X
1542(Morris)X
11 s
576 2976(AT&T)N
12 s
840(Bell)X
1025(Laboratories)X
1536(Technical)X
1941(Journal)X
576 3088(October)N
910(1984)X
864 3228(This)N
1064(is)X
1157(an)X
1277(excellent)X
1655(discussion)X
2084(of)X
2193(some)X
2425(of)X
2534(the)X
2681(more)X
2909(common)X
3276(security)X
3611(problems)X
3999(in)X
11 s
4102(UNIX)X
12 s
864 3340(and)N
1027(how)X
1216(to)X
1315(avoid)X
1553(them,)X
1794(written)X
2091(by)X
2211(two)X
2379(of)X
2483(Bell)X
2668(Labs')X
2911(most)X
3122(prominent)X
3542(security)X
3871(experts.)X
2 f
576 3564(Password)N
978(Security:)X
1350(A)X
1433(Case)X
1649(History)X
1 f
576 3676(Robert)N
862(Morris)X
1147(and)X
1310(Ken)X
1494(Thompson)X
576 3788(Communications)N
1258(of)X
1362(the)X
11 s
1502(ACM)X
12 s
576 3900(November)N
1006(1979)X
864 4040(An)N
1007(excellent)X
1382(discussion)X
1808(on)X
1930(the)X
2074(problem)X
2421(of)X
2527(password)X
2915(security,)X
3271(and)X
3437(some)X
3667(interesting)X
4101(infor-)X
864 4152(mation)N
1157(on)X
1278(how)X
1467(easy)X
1662(it)X
1740(is)X
1828(to)X
1927(crack)X
2160(passwords)X
2583(and)X
2746(why.)X
2983(This)X
3178(document)X
3582(is)X
3670(usually)X
3972(reprinted)X
864 4264(in)N
963(most)X
1174(vendors')X
11 s
1532(UNIX)X
12 s
1774(documentation.)X
2 f
576 4488(On)N
717(the)X
859(Security)X
1199(of)X
11 s
1296(UNIX)X
1 f
12 s
576 4600(Dennis)N
872(M.)X
1005(Ritchie)X
576 4712(May)N
776(1975)X
864 4852(A)N
972(discussion)X
1411(on)X
11 s
1544(UNIX)X
12 s
1802(security)X
2147(from)X
2374(one)X
2553(of)X
2673(the)X
2831(original)X
3171(creators)X
3516(of)X
3636(the)X
3794(system.)X
4149(This)X
864 4964(document)N
1268(is)X
1356(usually)X
1658(reprinted)X
2030(in)X
2129(most)X
2340(vendors')X
11 s
2698(UNIX)X
12 s
2940(documentation.)X
2 f
576 5188(The)N
744(Cuckoo's)X
1131(Egg)X
1 f
576 5300(Clifford)N
910(Stoll)X
576 5412(Doubleday,)N
1046(1989,)X
1286($19.95)X
864 5552(An)N
1012(excellent)X
1392(story)X
1616(of)X
1728(Stoll's)X
2011(experiences)X
2498(tracking)X
2846(down)X
3091(the)X
3241(German)X
3583(crackers)X
3936(who)X
4133(were)X
864 5664(breaking)N
1231(into)X
1411(his)X
1553(systems)X
1887(and)X
2055(selling)X
2341(the)X
2488(data)X
2678(they)X
2873(found)X
3126(to)X
3230(the)X
11 s
3375(KGB)X
12 s
3560(.)X
3637(Written)X
3961(at)X
4060(a)X
4132(level)X
6 f
2395 6016(45)N
46 p
%%Page: 46 47
12 s 0 xH 0 xS 6 f
1 f
864 832(that)N
1033(nontechnical)X
1550(users)X
1771(can)X
1929(easily)X
2178(understand.)X
2 f
576 1056(System)N
867(and)X
1035(Network)X
1385(Administration)X
1 f
576 1168(Sun)N
749(Microsystems)X
576 1280(May,)N
800(1988)X
864 1420(Part)N
1069(of)X
1199(the)X
1368(Sun)X
11 s
1517(OS)X
12 s
1680(documentation,)X
2328(this)X
2518(manual)X
2853(covers)X
3155(most)X
3393(aspects)X
3722(of)X
3853(Sun)X
4053(system)X
864 1532(administration,)N
1470(including)X
1859(security)X
2189(issues.)X
2491(A)X
2585(must)X
2797(for)X
2934(anyone)X
3237(operating)X
3626(a)X
3693(Sun)X
3866(system,)X
4181(and)X
864 1644(a)N
931(pretty)X
1180(good)X
1396(reference)X
1779(for)X
1915(other)X
11 s
2135(UNIX)X
12 s
2377(systems)X
2705(as)X
2809(well.)X
2 f
576 1868(Security)N
916(Problems)X
1308(in)X
1407(the)X
11 s
1547(TCP/IP)X
12 s
1841(Protocol)X
2202(Suite)X
1 f
576 1980(S.)N
677(M.)X
810(Bellovin)X
11 s
576 2092(ACM)N
12 s
800(Computer)X
1209(Communications)X
1891(Review)X
576 2204(April,)N
827(1989)X
864 2344(An)N
1012(interesting)X
1450(discussion)X
1881(of)X
1992(some)X
2226(of)X
2337(the)X
2487(security)X
2824(problems)X
3214(with)X
3417(the)X
3567(protocols)X
3957(in)X
4064(use)X
4224(on)X
864 2456(the)N
1009(Internet)X
1336(and)X
1502(elsewhere.)X
1962(Most)X
2186(of)X
2292(these)X
2516(problems)X
2900(are)X
3044(far)X
3177(beyond)X
3486(the)X
3630(capabilities)X
4096(of)X
4202(the)X
864 2568(average)N
1193(cracker,)X
1530(but)X
1682(it)X
1765(is)X
1858(still)X
2032(important)X
2436(to)X
2540(be)X
2660(aware)X
2919(of)X
3028(them.)X
3299(This)X
3500(article)X
3772(is)X
3866(technical)X
4245(in)X
864 2680(nature,)N
1153(and)X
1316(assumes)X
1660(familiarity)X
2092(with)X
2287(the)X
2429(protocols.)X
2 f
576 2904(A)N
659(Weakness)X
1062(in)X
1161(the)X
1303(4.2)X
11 s
(BSD)S
1606(UNIX)X
1833(TCP/IP)X
12 s
2127(Software)X
1 f
576 3016(Robert)N
862(T.)X
969(Morris)X
11 s
576 3128(AT&T)N
12 s
840(Bell)X
1025(Labs)X
1236(Computer)X
1645(Science)X
1969(Technical)X
2374(Report)X
2660(117)X
576 3240(February,)N
971(1985)X
864 3380(An)N
1017(interesting)X
1460(article)X
1738(from)X
1961(the)X
2115(author)X
2397(of)X
2513(the)X
2667(Internet)X
3003(worm,)X
3287(which)X
3558(describes)X
3952(a)X
4031(method)X
864 3492(that)N
1043(allows)X
1328(remote)X
1630(hosts)X
1861(to)X
1970(``spoof'')X
2345(a)X
2422(host)X
2616(into)X
2800(believing)X
3193(they)X
3393(are)X
3545(trusted.)X
3889(Again,)X
4181(this)X
864 3604(article)N
1130(is)X
1218(technical)X
1591(in)X
1690(nature,)X
1979(and)X
2142(assumes)X
2486(familiarity)X
2918(with)X
3113(the)X
3255(protocols.)X
2 f
576 3828(Computer)N
984(Viruses)X
1296(and)X
1464(Related)X
1783(Threats:)X
2132(A)X
2215(Management)X
2741(Guide)X
1 f
576 3940(John)N
781(P.)X
882(Wack)X
1131(and)X
1294(Lisa)X
1484(J.)X
1569(Carnahan)X
576 4052(National)N
932(Institute)X
1272(of)X
1376(Standards)X
1779(and)X
1942(Technology)X
576 4164(Special)N
884(Publication)X
1347(500-166)X
864 4304(This)N
1063(document)X
1471(provides)X
1830(a)X
1902(good)X
2123(introduction)X
2623(to)X
2727(viruses,)X
3052(worms,)X
3366(trojan)X
3620(horses,)X
3918(and)X
4086(so)X
4200(on,)X
864 4416(and)N
1031(explains)X
1380(how)X
1573(they)X
1767(work)X
1992(and)X
2159(how)X
2352(they)X
2546(are)X
2692(used)X
2895(to)X
2997(attack)X
3255(computer)X
3646(systems.)X
4025(Written)X
864 4528(for)N
1010(the)X
1162(nontechnical)X
1689(user,)X
1907(this)X
2080(is)X
2178(a)X
2255(good)X
2481(starting)X
2804(point)X
3036(for)X
3182(learning)X
3533(about)X
3782(these)X
4015(security)X
864 4640(problems.)N
1300(This)X
1501(document)X
1911(can)X
2075(be)X
2196(ordered)X
2520(for)X
2662($2.50)X
2908(from)X
3125(the)X
3272(U.)X
3394(S.)X
3500(Government)X
4010(Printing)X
864 4752(Of\256ce,)N
1152(document)X
1556(number)X
1874(003-003-02955-6.)X
6 f
2395 6016(46)N
47 p
%%Page: 47 48
12 s 0 xH 0 xS 6 f
1 f
5 f
18 s
2068 896(SEC)N
2364(TIO)X
2604(N)X
2748(7)X
1920 1072(C)N
2024(O)X
2136(N)X
2240(C)X
2344(LU)X
(SIO)S
2776(N)X
2880(S)X
1 f
12 s
776 1268(Computer)N
1190(security)X
1524(is)X
1617(playing)X
1935(an)X
2055(increasingly)X
2555(important)X
2960(role)X
3140(in)X
3245(our)X
3403(lives)X
3615(as)X
3725(more)X
3953(and)X
4122(more)X
576 1380(operations)N
1004(become)X
1331(computerized,)X
1907(and)X
2073(as)X
2180(computer)X
2571(networks)X
2949(become)X
3275(more)X
3499(widespread.)X
4011(In)X
4117(order)X
576 1492(to)N
675(protect)X
967(your)X
1167(systems)X
1495(from)X
1706(snooping)X
2082(and)X
2245(vandalism)X
2665(by)X
2785(unauthorized)X
3312(crackers,)X
3681(it)X
3759(is)X
3847(necessary)X
4245(to)X
576 1604(enable)N
852(the)X
994(numerous)X
1397(security)X
1726(features)X
2055(provided)X
2421(by)X
2541(the)X
11 s
2681(UNIX)X
12 s
2923(system.)X
776 1744(In)N
880(this)X
1043(document,)X
1471(we)X
1607(have)X
1813(covered)X
2142(the)X
2284(major)X
2533(areas)X
2755(that)X
2924(can)X
3082(be)X
3197(made)X
3430(more)X
3652(secure:)X
10 f
776 1884(g)N
1 f
976(Account)X
1326(security)X
10 f
776 2024(g)N
1 f
976(Network)X
1336(security)X
10 f
776 2164(g)N
1 f
976(File)X
1150(system)X
1441(security.)X
576 2304(Additionally,)N
1141(we)X
1307(have)X
1543(discussed)X
1965(how)X
2184(to)X
2313(monitor)X
2673(for)X
2840(security)X
3200(violations,)X
3659(where)X
3949(to)X
4079(obtain)X
576 2416(security-related)N
1202(software)X
1559(and)X
1724(bug)X
1894(\256xes,)X
2125(and)X
2290(numerous)X
2694(mailing)X
3014(lists)X
3194(for)X
3331(\256nding)X
3628(out)X
3776(about)X
4015(security)X
576 2528(problems)N
958(that)X
1127(have)X
1333(been)X
1539(discovered.)X
776 2668(Many)N
1024(crackers)X
1369(are)X
1511(not)X
1658(interested)X
2057(in)X
2156(breaking)X
2517(into)X
2691(speci\256c)X
3009(systems,)X
3361(but)X
3508(rather)X
3757(will)X
3931(break)X
4170(into)X
576 2780(any)N
743(system)X
1037(that)X
1209(is)X
1300(vulnerable)X
1734(to)X
1836(the)X
1981(attacks)X
2276(they)X
2469(know.)X
2757(Eliminating)X
3240(these)X
3465(well-known)X
3951(holes)X
4181(and)X
576 2892(monitoring)N
1029(the)X
1173(system)X
1466(for)X
1604(other)X
1828(security)X
2159(problems)X
2543(will)X
2719(usually)X
3023(serve)X
3252(as)X
3358(adequate)X
3727(defense)X
4047(against)X
576 3004(all)N
712(but)X
874(the)X
1031(most)X
1257(determined)X
1730(crackers.)X
2138(By)X
2289(using)X
2536(the)X
2693(procedures)X
3154(and)X
3332(sources)X
3659(described)X
4067(in)X
4181(this)X
576 3116(document,)N
1004(you)X
2 f
1172(can)X
1 f
1351(make)X
1584(your)X
1784(system)X
2075(more)X
2297(secure.)X
6 f
2395 6016(47)N
48 p
%%Page: 48 49
12 s 0 xH 0 xS 6 f
1 f
6 f
2395 6016(48)N
49 p
%%Page: 49 50
12 s 0 xH 0 xS 6 f
1 f
5 f
18 s
1956 832(R)N
2060(EFER)X
2444(EN)X
(C)S
2748(ES)X
1 f
12 s
576 1028([Eich89])N
1152(Eichin,)X
1477(Mark)X
1734(W.,)X
1922(and)X
2110(Jon)X
2293(A.)X
2436(Rochlis.)X
2 f
2828(With)X
3060(Microscope)X
3564(and)X
3758(Tweezers:)X
4213(An)X
1152 1140(Analysis)N
1524(of)X
1645(the)X
1809(Internet)X
2160(Virus)X
2414(of)X
2535(November)X
2976(1988)X
1 f
3184(.)X
3278(Massachusetts)X
3879(Institute)X
4240(of)X
1152 1252(Technology.)N
1684(February)X
2055(1989.)X
576 1392([Elme88])N
1152(Elmer-DeWitt,)X
1756(Philip.)X
2062(``)X
2154(`The)X
2364(Kid)X
2536(Put)X
2693(Us)X
2828(Out)X
3001(of)X
3110(Action.')X
3457('')X
2 f
3550(Time)X
1 f
3758(,)X
3811(132)X
3984(\(20\):)X
4200(76,)X
1152 1504(November)N
1582(14,)X
1726(1988.)X
576 1644([Gram84])N
1152(Grammp,)X
1553(F.)X
1665(T.,)X
1807(and)X
1981(R.)X
2104(H.)X
2232(Morris.)X
2576(``)X
11 s
2640(UNIX)X
12 s
2893(Operating)X
3313(System)X
3631(Security.'')X
2 f
11 s
4099(AT&T)X
12 s
1152 1756(Bell)N
1332(Laboratories)X
1857(Technical)X
2261(Journal)X
1 f
2576(,)X
2624(63)X
2744(\(8\):)X
2907(1649-1672,)X
3371(October)X
3705(1984.)X
576 1896([Hind83])N
1152(Hinden,)X
1490(R.,)X
1633(J.)X
1725(Haverty,)X
2091(and)X
2262(A.)X
2387(Sheltzer.)X
2783(``The)X
11 s
3027(DARPA)X
12 s
3356(Internet:)X
3715(Interconnecting)X
1152 2008(Heterogeneous)N
1755(Computer)X
2166(Networks)X
2564(with)X
2760(Gateways.'')X
2 f
11 s
3276(IEEE)X
12 s
3492(Computer)X
3901(Magazine)X
1 f
4296(,)X
1152 2120(16)N
1272(\(9\):)X
1435(33-48,)X
1707(September)X
2143(1983.)X
576 2260([McLe87])N
1152(McLellan,)X
1583(Vin.)X
1807(``)X
11 s
1871(NASA)X
12 s
2141(Hackers:)X
2515(There's)X
2842(More)X
3083(to)X
3191(the)X
3342(Story.'')X
2 f
3695(Digital)X
4001(Review)X
1 f
4296(,)X
1152 2372(November)N
1582(23,)X
1726(1987,)X
1966(p.)X
2062(80.)X
576 2512([Morr78])N
1152(Morris,)X
1484(Robert,)X
1817(and)X
2003(Ken)X
2210(Thompson.)X
2717(``Password)X
3196(Security:)X
3592(A)X
3709(Case)X
3944(History.'')X
2 f
1152 2624(Communications)N
1841(of)X
1954(the)X
11 s
2107(ACM)X
1 f
12 s
2309(,)X
2370(22)X
2503(\(11\):)X
2727(594-597,)X
3108(November)X
3551(1979.)X
3828(Reprinted)X
4245(in)X
2 f
11 s
1152 2736(UNIX)N
12 s
1382(System)X
1674(Manager's)X
2120(Manual)X
1 f
2435(,)X
2484(4.3)X
2629(Berkeley)X
3002(Software)X
3375(Distribution.)X
3914(University)X
1152 2848(of)N
1256(California,)X
1695(Berkeley.)X
2115(April)X
2342(1986.)X
576 2988([NCSC85])N
1152(National)X
1522(Computer)X
1945(Security)X
2304(Center.)X
2 f
2647(Department)X
3144(of)X
3257(Defense)X
3605(Trusted)X
3936(Computer)X
1152 3100(System)N
1446(Evaluation)X
1896(Criteria)X
1 f
2222(,)X
2273(Department)X
2755(of)X
2862(Defense)X
3204(Standard)X
11 s
3571(DOD)X
12 s
3786(5200.28-)X
11 s
4130(STD)X
12 s
4296(,)X
1152 3212(December,)N
1596(1985.)X
576 3352([Quar86])N
1152(Quarterman,)X
1661(J.)X
1747(S.,)X
1873(and)X
2037(J.)X
2123(C.)X
2237(Hoskins.)X
2625(``Notable)X
3020(Computer)X
3431(Networks.'')X
2 f
3942(Commun-)X
1152 3464(ications)N
1481(of)X
1580(the)X
11 s
1720(ACM)X
1 f
12 s
1922(,)X
1970(29)X
2090(\(10\):)X
2301(932-971,)X
2669(October)X
3003(1986.)X
576 3604([Reed84])N
1152(Reeds,)X
1444(J.)X
1539(A.,)X
1690(and)X
1863(P.)X
1974(J.)X
2069(Weinberger.)X
2606(``File)X
2854(Security)X
3209(and)X
3382(the)X
11 s
3532(UNIX)X
12 s
3784(System)X
4101(Crypt)X
1152 3716(Command.'')N
2 f
11 s
1713(AT&T)X
12 s
1982(Bell)X
2186(Laboratories)X
2735(Technical)X
3163(Journal)X
1 f
3478(,)X
3550(63)X
3694(\(8\):)X
3880(1673-1683,)X
1152 3828(October)N
1486(1984.)X
576 3968([Risk87])N
2 f
1152(Forum)X
1439(on)X
1561(Risks)X
1790(to)X
1891(the)X
2035(Public)X
2313(in)X
2414(Computers)X
2861(and)X
3032(Related)X
3354(Systems)X
1 f
3674(.)X
11 s
3745(ACM)X
12 s
3972(Commit-)X
1152 4080(tee)N
1309(on)X
1449(Computers)X
1915(and)X
2098(Public)X
2388(Policy,)X
2702(Peter)X
2944(G.)X
3081(Neumann,)X
3523(Moderator.)X
4020(Internet)X
1152 4192(mailing)N
1471(list.)X
1661(Issue)X
1882(5.73,)X
2098(December)X
2518(13,)X
2662(1987.)X
576 4332([Risk88])N
2 f
1152(Forum)X
1439(on)X
1561(Risks)X
1790(to)X
1891(the)X
2035(Public)X
2313(in)X
2414(Computers)X
2861(and)X
3032(Related)X
3354(Systems)X
1 f
3674(.)X
11 s
3745(ACM)X
12 s
3972(Commit-)X
1152 4444(tee)N
1309(on)X
1449(Computers)X
1915(and)X
2098(Public)X
2388(Policy,)X
2702(Peter)X
2944(G.)X
3081(Neumann,)X
3523(Moderator.)X
4020(Internet)X
1152 4556(mailing)N
1471(list.)X
1661(Issue)X
1882(7.85,)X
2098(December)X
2518(1,)X
2614(1988.)X
576 4696([Risk89a])N
2 f
1152(Forum)X
1439(on)X
1561(Risks)X
1790(to)X
1891(the)X
2035(Public)X
2313(in)X
2414(Computers)X
2861(and)X
3032(Related)X
3354(Systems)X
1 f
3674(.)X
11 s
3745(ACM)X
12 s
3972(Commit-)X
1152 4808(tee)N
1309(on)X
1449(Computers)X
1915(and)X
2098(Public)X
2388(Policy,)X
2702(Peter)X
2944(G.)X
3081(Neumann,)X
3523(Moderator.)X
4020(Internet)X
1152 4920(mailing)N
1471(list.)X
1661(Issue)X
1882(8.2,)X
2050(January)X
2373(4,)X
2469(1989.)X
576 5060([Risk89b])N
2 f
1152(Forum)X
1439(on)X
1561(Risks)X
1790(to)X
1891(the)X
2035(Public)X
2313(in)X
2414(Computers)X
2861(and)X
3032(Related)X
3354(Systems)X
1 f
3674(.)X
11 s
3745(ACM)X
12 s
3972(Commit-)X
1152 5172(tee)N
1309(on)X
1449(Computers)X
1915(and)X
2098(Public)X
2388(Policy,)X
2702(Peter)X
2944(G.)X
3081(Neumann,)X
3523(Moderator.)X
4020(Internet)X
1152 5284(mailing)N
1471(list.)X
1661(Issue)X
1882(8.9,)X
2050(January)X
2373(17,)X
2517(1989.)X
576 5424([Risk90])N
2 f
1152(Forum)X
1439(on)X
1561(Risks)X
1790(to)X
1891(the)X
2035(Public)X
2313(in)X
2414(Computers)X
2861(and)X
3032(Related)X
3354(Systems)X
1 f
3674(.)X
11 s
3745(ACM)X
12 s
3972(Commit-)X
1152 5536(tee)N
1309(on)X
1449(Computers)X
1915(and)X
2098(Public)X
2388(Policy,)X
2702(Peter)X
2944(G.)X
3081(Neumann,)X
3523(Moderator.)X
4020(Internet)X
1152 5648(mailing)N
1471(list.)X
1661(Issue)X
1882(9.69,)X
2098(February)X
2469(20,)X
2613(1990.)X
6 f
2395 6016(49)N
50 p
%%Page: 50 51
12 s 0 xH 0 xS 6 f
1 f
576 832([Ritc75])N
1152(Ritchie,)X
1484(Dennis)X
1785(M.)X
1947(``On)X
2157(the)X
2305(Security)X
2656(of)X
11 s
2764(UNIX)X
12 s
2982(.'')X
3124(May)X
3330(1975.)X
3600(Reprinted)X
4010(in)X
2 f
11 s
4115(UNIX)X
12 s
1152 944(System)N
1460(Manager's)X
1922(Manual)X
1 f
2237(,)X
2302(4.3)X
2463(Berkeley)X
2852(Software)X
3240(Distribution.)X
3794(University)X
4240(of)X
1152 1056(California,)N
1591(Berkeley.)X
2011(April)X
2238(1986.)X
576 1196([Schu90])N
1152(Schuman,)X
1558(Evan.)X
1828(``Bid)X
2055(to)X
2154(Unhook)X
2487(Worm.'')X
2 f
11 s
2869(UNIX)X
12 s
3098(Today!)X
1 f
3386(,)X
3434(February)X
3805(5,)X
3901(1990,)X
4141(p.)X
4237(1.)X
576 1336([Seel88])N
1152(Seeley,)X
1464(Donn.)X
2 f
1756(A)X
1846(Tour)X
2063(of)X
2169(the)X
2319(Worm)X
1 f
2569(.)X
2649(Department)X
3136(of)X
3248(Computer)X
3665(Science,)X
4021(Univer-)X
1152 1448(sity)N
1315(of)X
1419(Utah.)X
1678(December)X
2098(1988.)X
576 1588([Spaf88])N
1152(Spafford,)X
1563(Eugene)X
1903(H.)X
2 f
2071(The)X
2266(Internet)X
2622(Worm)X
2908(Program:)X
3338(An)X
3497(Analysis)X
1 f
3839(.)X
3939(Technical)X
1152 1700(Report)N
11 s
1473(CSD-TR)X
12 s
1786(-823.)X
2071(Department)X
2587(of)X
2728(Computer)X
3174(Science,)X
3558(Purdue)X
3890(University.)X
1152 1812(November)N
1582(1988.)X
576 1952([Stee88])N
1152(Steele,)X
1461(Guy)X
1675(L.)X
1807(Jr.,)X
1973(Donald)X
2305(R.)X
2442(Woods,)X
2788(Raphael)X
3154(A.)X
3297(Finkel,)X
3617(Mark)X
3875(R.)X
4013(Crispin,)X
1152 2064(Richard)N
1498(M.)X
1648(Stallman,)X
2056(and)X
2236(Geoffrey)X
2623(S.)X
2740(Goodfellow.)X
2 f
3287(The)X
3471(Hacker's)X
3863(Dictionary)X
1 f
4296(.)X
1152 2176(New)N
1357(York:)X
1605(Harper)X
1896(and)X
2059(Row,)X
2288(1988.)X
576 2316([Stei88])N
1152(Stein,)X
1420(Jennifer)X
1776(G.,)X
1939(Clifford)X
2295(Neuman,)X
2691(and)X
2876(Jeffrey)X
3189(L.)X
3318(Schiller.)X
3713(``Kerberos:)X
4203(An)X
1152 2428(Authentication)N
1789(Service)X
2142(for)X
2317(Open)X
2588(Network)X
2987(Systems.'')X
2 f
3482(USENIX)X
3876(Conference)X
1152 2540(Proceedings)N
1 f
1649(,)X
1697(Dallas,)X
1991(Texas,)X
2269(Winter)X
2561(1988,)X
2801(pp.)X
2945(203-211.)X
576 2680([Stol88])N
1152(Stoll,)X
1393(Clifford.)X
1786(``Stalking)X
2206(the)X
2359(Wily)X
2587(Hacker.'')X
2 f
3012(Communications)X
3699(of)X
3810(the)X
11 s
3962(ACM)X
1 f
12 s
4164(,)X
4224(31)X
1152 2792(\(5\):)N
1315(484-497,)X
1683(May)X
1883(1988.)X
576 2932([Stol89])N
1152(Stoll,)X
1382(Clifford.)X
2 f
1764(The)X
1932(Cuckoo's)X
2319(Egg)X
1 f
2490(.)X
2562(New)X
2767(York:)X
3015(Doubleday,)X
3485(1989.)X
576 3072([Sun88a])N
1152(Sun)X
1337(Microsystems.)X
2 f
1960(Sun)X
11 s
(OS)S
12 s
2247(Reference)X
2669(Manual)X
1 f
2984(,)X
3044(Part)X
3235(Number)X
3587(800-1751-10,)X
4144(May)X
1152 3184(1988.)N
576 3324([Sun88b])N
1152(Sun)X
1355(Microsystems.)X
2 f
1996(System)X
2317(and)X
2515(Network)X
2895(Administration)X
1 f
3488(,)X
3566(Part)X
3775(Number)X
4144(800-)X
1152 3436(1733-10,)N
1520(May)X
1720(1988.)X
576 3576([Sun88c])N
1152(Sun)X
1342(Microsystems.)X
2 f
1970(Security)X
2327(Features)X
2711(Guide)X
1 f
2962(,)X
3028(Part)X
3225(Number)X
3582(800-1735-10,)X
4144(May)X
1152 3688(1988.)N
576 3828([Sun88d])N
1152(Sun)X
1338(Microsystems.)X
1963(``Network)X
2401(File)X
2589(System:)X
2937(Version)X
3279(2)X
3365(Protocol)X
3729(Speci\256cation.'')X
2 f
1152 3940(Network)N
1502(Programming)X
1 f
2056(,)X
2104(Part)X
2283(Number)X
2622(800-1779-10,)X
3166(May)X
3366(1988,)X
3606(pp.)X
3750(165-185.)X
6 f
2395 6016(50)N
51 p
%%Page: 51 52
12 s 0 xH 0 xS 6 f
1 f
5 f
18 s
1148 832(APPEN)N
1636(D)X
1740(IX)X
1916(A)X
9 f
2052(-)X
5 f
2171(SEC)X
2467(U)X
2571(R)X
2675(ITY)X
2939(C)X
3043(H)X
3147(EC)X
(KLIST)S
1 f
12 s
776 1028(This)N
976(checklist)X
1348(summarizes)X
1837(the)X
1984(information)X
2468(presented)X
2866(in)X
2970(this)X
3138(paper,)X
3405(and)X
3573(can)X
3736(be)X
3856(used)X
4061(to)X
4165(ver-)X
576 1140(ify)N
707(that)X
876(you)X
1044(have)X
1250(implemented)X
1778(everything)X
2214(described.)X
3 f
576 1540(Account)N
941(Security)X
1 f
10 f
864 1652(`)N
1 f
1440(Password)X
1831(policy)X
2096(developed)X
2516(and)X
2679(distributed)X
3115(to)X
3214(all)X
3335(users)X
10 f
864 1764(`)N
1 f
1440(All)X
1587(passwords)X
2010(checked)X
2350(against)X
2647(obvious)X
2975(choices)X
10 f
864 1876(`)N
1 f
1440(Expiration)X
1871(dates)X
2093(on)X
2213(all)X
2334(accounts)X
10 f
864 1988(`)N
1 f
1440(No)X
1581(``idle'')X
1878(guest)X
2105(accounts)X
10 f
864 2100(`)N
1 f
1440(All)X
1587(accounts)X
1948(have)X
2154(passwords)X
2577(or)X
2681(``*'')X
2881(in)X
2980(the)X
3122(password)X
3508(\256eld)X
10 f
864 2212(`)N
1 f
1440(No)X
1581(group)X
1829(accounts)X
10 f
864 2324(`)N
1 f
1440(``+'')X
1646(lines)X
1852(in)X
2 f
1951(passwd)X
1 f
2257(and)X
2 f
2420(group)X
1 f
2673(checked)X
3013(if)X
3096(running)X
3419(Yellow)X
3726(Pages)X
3 f
576 2548(Network)N
957(Security)X
1 f
10 f
864 2660(`)N
2 f
1440(hosts.equiv)X
1 f
1894(contains)X
2239(only)X
2434(local)X
2646(hosts,)X
2891(and)X
3054(no)X
3174(``+'')X
10 f
864 2772(`)N
1 f
1440(No)X
2 f
1581(.rhosts)X
1 f
1863(\256les)X
2047(in)X
2146(users')X
2399(home)X
2637(directories)X
10 f
864 2884(`)N
1 f
1440(Only)X
1656(local)X
1868(hosts)X
2089(in)X
2188(``root'')X
2 f
2495(.rhosts)X
1 f
2777(\256le,)X
2948(if)X
3031(any)X
10 f
864 2996(`)N
1 f
1440(Only)X
1656(``console'')X
2102(labeled)X
2405(as)X
2509(``secure'')X
2907(in)X
2 f
3006(ttytab)X
1 f
3250(\(servers)X
3578(only\))X
10 f
864 3108(`)N
1 f
1440(No)X
1581(terminals)X
1964(labeled)X
2267(as)X
2371(``secure'')X
2769(in)X
2 f
2868(ttytab)X
1 f
3112(\(clients)X
3420(only\))X
10 f
864 3220(`)N
1 f
1440(No)X
11 s
1581(NFS)X
12 s
1766(\256le)X
1913(systems)X
2241(exported)X
2602(to)X
2701(the)X
2843(world)X
10 f
864 3332(`)N
2 f
1440(ftpd)X
1 f
1614(version)X
1921(later)X
2117(than)X
2307(December,)X
2751(1988)X
10 f
864 3444(`)N
1 f
1440(No)X
1581(``decode'')X
2006(alias)X
2207(in)X
2306(the)X
2448(aliases)X
2729(\256le)X
10 f
864 3556(`)N
1 f
1440(No)X
1581(``wizard'')X
1995(password)X
2381(in)X
2 f
2480(sendmail.cf)X
1 f
10 f
864 3668(`)N
1 f
1440(No)X
1581(``debug'')X
1968(command)X
2372(in)X
2 f
2471(sendmail)X
1 f
10 f
864 3780(`)N
2 f
1440(\256ngerd)X
1 f
1736(version)X
2043(later)X
2239(than)X
2429(November)X
2859(5,)X
2955(1988)X
10 f
864 3892(`)N
1 f
1440(Modems)X
1800(and)X
1963(terminal)X
2309(servers)X
2605(handle)X
2886(hangups)X
3230(correctly)X
3 f
576 4116(File)N
756(System)X
1073(Security)X
1 f
10 f
864 4228(`)N
1 f
1440(No)X
1581(setuid)X
1835(or)X
1939(setgid)X
2193(shell)X
2399(scripts)X
10 f
864 4340(`)N
1 f
1440(Check)X
1710(all)X
1831(``nonstandard'')X
2453(setuid)X
2707(and)X
2870(setgid)X
3124(programs)X
3511(for)X
3647(security)X
10 f
864 4452(`)N
1 f
1440(Setuid)X
1710(bit)X
1836(removed)X
2197(from)X
2 f
2408(/usr/etc/restore)X
1 f
10 f
864 4564(`)N
1 f
1440(Sticky)X
1710(bits)X
1873(set)X
2004(on)X
2124(world-writable)X
2720(directories)X
10 f
864 4676(`)N
1 f
1440(Proper)X
1720(umask)X
1995(value)X
2228(on)X
2348(``root'')X
2655(account)X
10 f
864 4788(`)N
1 f
1440(Proper)X
1720(modes)X
1995(on)X
2115(devices)X
2428(in)X
2 f
2527(/dev)X
3 f
576 5012(Backups)N
1 f
10 f
864 5124(`)N
1 f
1440(Level)X
1684(0)X
1756(dumps)X
2036(at)X
2130(least)X
2331(monthly)X
10 f
864 5236(`)N
1 f
1440(Incremental)X
1925(dumps)X
2205(at)X
2299(least)X
2500(bi-weekly)X
6 f
2395 6016(51)N
52 p
%%Page: 52 53
12 s 0 xH 0 xS 6 f
1 f
1796 832(This)N
1991(page)X
2197(intentionally)X
2709(left)X
2862(blank.)X
2125 944(Just)N
2298(throw)X
2546(it)X
2624(out.)X
6 f
2407 6016(lii)N
3 p
%%Page: 3 54
12 s 0 xH 0 xS 6 f
1 f
5 f
18 s
2052 832(C)N
2156(O)X
2268(N)X
2372(TEN)X
(TS)S
6 f
12 s
576 1232(1)N
924(INTRODUCTION)X
1665 0.3159(.............................................................................................)AX
4267(1)X
1 f
576 1344(1.1)N
11 s
924(UNIX)X
12 s
1166(Security................................................................................................................)X
4272(1)X
576 1456(1.2)N
924(The)X
1098(Internet)X
1422(Worm)X
1680(........................................................................................................)X
4272(2)X
576 1568(1.3)N
924(Spies)X
1156(and)X
1319(Espionage)X
1728(......................................................................................................)X
4272(2)X
576 1680(1.4)N
924(Other)X
1167(Break-Ins)X
1560(.............................................................................................................)X
4272(3)X
576 1792(1.5)N
924(Security)X
1269(is)X
1357(Important)X
1752(.....................................................................................................)X
4272(3)X
6 f
576 2016(2)N
924(IMPROVING)X
1501 0.3168(SECURITY.................................................................................)AX
4267(5)X
1 f
576 2128(2.1)N
924(Account)X
1274(Security)X
1608(...........................................................................................................)X
4272(5)X
576 2240(2.1.1)N
924(Passwords)X
1344(......................................................................................................................)X
4272(5)X
576 2352(2.1.1.1)N
924(Selecting)X
1307(Passwords)X
1728(......................................................................................................)X
4272(6)X
576 2464(2.1.1.2)N
924(Password)X
1315(Policies)X
1632(..........................................................................................................)X
4272(7)X
576 2576(2.1.1.3)N
924(Checking)X
1317(Password)X
1708(Security)X
2040(.........................................................................................)X
4272(7)X
576 2688(2.1.2)N
924(Expiration)X
1355(Dates)X
1584(............................................................................................................)X
4272(8)X
576 2800(2.1.3)N
924(Guest)X
1172(Accounts..............................................................................................................)X
4272(8)X
576 2912(2.1.4)N
924(Accounts)X
1311(Without)X
1651(Passwords)X
2064(........................................................................................)X
4272(9)X
576 3024(2.1.5)N
924(Group)X
1193(Accounts)X
1580(and)X
1743(Groups)X
2040(.........................................................................................)X
4272(9)X
576 3136(2.1.6)N
924(Yellow)X
1231(Pages)X
1464(.................................................................................................................)X
4224(10)X
576 3248(2.2)N
924(Network)X
1284 0.0356(Security...........................................................................................................)AX
4224(11)X
576 3360(2.2.1)N
924(Trusted)X
1242 0.0278(Hosts.................................................................................................................)AX
4224(11)X
576 3472(2.2.1.1)N
924(The)X
1098(hosts.equiv)X
1557(File)X
1728(......................................................................................................)X
4224(11)X
576 3584(2.2.1.2)N
924(The)X
1098(.rhosts)X
1375(File)X
1536(..............................................................................................................)X
4224(12)X
576 3696(2.2.2)N
924(Secure)X
1210(Terminals)X
1608(...........................................................................................................)X
4224(12)X
576 3808(2.2.3)N
924(The)X
1098(Network)X
1458(File)X
1632(System)X
1920(..............................................................................................)X
4224(13)X
576 3920(2.2.3.1)N
924(The)X
1098(exports)X
1405(File)X
1560(.............................................................................................................)X
4224(13)X
576 4032(2.2.3.2)N
924(The)X
1098(netgroup)X
1464(File)X
1632(..........................................................................................................)X
4224(14)X
576 4144(2.2.3.3)N
924(Restricting)X
1371(Super-User)X
1832(Access)X
2112(......................................................................................)X
4224(16)X
576 4256(2.2.4)N
11 s
924(FTP)X
12 s
1080(.................................................................................................................................)X
4224(16)X
576 4368(2.2.4.1)N
924(Trivial)X
11 s
1211(FTP)X
12 s
1368(.....................................................................................................................)X
4224(17)X
576 4480(2.2.5)N
924(Mail)X
1128(...............................................................................................................................)X
4224(18)X
576 4592(2.2.6)N
924(Finger.............................................................................................................................)X
4224(19)X
576 4704(2.2.7)N
924(Modems)X
1284(and)X
1447(Terminal)X
1825(Servers)X
2136(.....................................................................................)X
4224(19)X
576 4816(2.2.8)N
924(Firewalls)X
1296(........................................................................................................................)X
4224(20)X
576 4928(2.3)N
924(File)X
1098(System)X
1405 0.0281(Security......................................................................................................)AX
4224(20)X
576 5040(2.3.1)N
924(Setuid)X
1194(Shell)X
1416(Scripts)X
1704(.......................................................................................................)X
4224(21)X
576 5152(2.3.2)N
924(The)X
1098(Sticky)X
1368(Bit)X
1510(on)X
1630(Directories)X
2064(........................................................................................)X
4224(22)X
576 5264(2.3.3)N
924(The)X
1098(Setgid)X
1368(Bit)X
1510(on)X
1630(Directories)X
2064(........................................................................................)X
4224(22)X
576 5376(2.3.4)N
924(The)X
1098(umask)X
1373(Value)X
1608(...........................................................................................................)X
4224(22)X
576 5488(2.3.5)N
924(Encrypting)X
1376(Files)X
1584(............................................................................................................)X
4224(23)X
576 5600(2.3.6)N
924(Devices)X
1248(..........................................................................................................................)X
4224(23)X
576 5712(2.4)N
924(Security)X
1269(Is)X
1362(Your)X
1583(Responsibility)X
2160(....................................................................................)X
4224(24)X
6 f
2407 6016(iii)N
4 p
%%Page: 4 55
12 s 0 xH 0 xS 6 f
1 f
5 f
18 s
1672 957(C)N
1776(O)X
1888(N)X
1992(TEN)X
(TS)S
2504(\(continued\))X
6 f
12 s
576 1357(3)N
924(MONITORING)X
1576 0.2637(SECURITY.........................................................................25)AX
1 f
576 1469(3.1)N
924(Account)X
1274(Security)X
1608(.....................................................................................................25)X
576 1581(3.1.1)N
924(The)X
1098(lastlog)X
1379(File)X
1536(........................................................................................................25)X
576 1693(3.1.2)N
924(The)X
1098(utmp)X
1320(and)X
1483(wtmp)X
1726(Files)X
1920(........................................................................................25)X
576 1805(3.1.3)N
924(The)X
1098(acct)X
1278(File)X
1440(............................................................................................................26)X
576 1917(3.2)N
924(Network)X
1284 0.0369(Security.....................................................................................................27)AX
576 2029(3.2.1)N
924(The)X
1098(syslog)X
1367(Facility)X
1680(..................................................................................................27)X
576 2141(3.2.2)N
924(The)X
1098(showmount)X
1570(Command)X
1992(.....................................................................................28)X
576 2253(3.3)N
924(File)X
1098(System)X
1405 0.0292(Security................................................................................................29)AX
576 2365(3.3.1)N
924(The)X
1098(\256nd)X
1271(Command)X
1680(..................................................................................................29)X
576 2477(3.3.1.1)N
924(Finding)X
1247(Setuid)X
1517(and)X
1680(Setgid)X
1950(Files)X
2160(..............................................................................29)X
576 2589(3.3.1.2)N
924(Finding)X
1247(World-Writable)X
1887(Files)X
2088(.................................................................................31)X
576 2701(3.3.1.3)N
924(Finding)X
1247(Unowned)X
1644(Files)X
1848(...........................................................................................31)X
576 2813(3.3.1.4)N
924(Finding)X
1247(.rhosts)X
1524(Files)X
1728(................................................................................................31)X
576 2925(3.3.2)N
924(Checklists)X
1344(................................................................................................................32)X
576 3037(3.3.3)N
924(Backups)X
1272(...................................................................................................................33)X
576 3149(3.4)N
924(Know)X
1182(Your)X
1403(System)X
1704(.................................................................................................33)X
576 3261(3.4.1)N
924(The)X
1098(ps)X
1207(Command.....................................................................................................33)X
576 3373(3.4.2)N
924(The)X
1098(who)X
1287(and)X
1450(w)X
1543(Commands)X
1992(.....................................................................................34)X
576 3485(3.4.3)N
924(The)X
1098(ls)X
1186(Command)X
1608(.....................................................................................................34)X
576 3597(3.5)N
924(Keep)X
1151(Your)X
1372(Eyes)X
1583(Open)X
1800(.............................................................................................34)X
6 f
576 3821(4)N
924(SOFTWARE)X
1501(FOR)X
1731(IMPROVING)X
2308(SECURITY)X
2817 0.2894(.............................................35)AX
1 f
576 3933(4.1)N
924(Obtaining)X
1333(Fixes)X
1565(and)X
1728(New)X
1933(Versions)X
2280(.........................................................................35)X
576 4045(4.1.1)N
924(Sun)X
1097(Fixes)X
1329(on)X
11 s
1449(UUNET)X
12 s
1752(...............................................................................................35)X
576 4157(4.1.2)N
924(Berkeley)X
1296(Fixes)X
1512(.........................................................................................................36)X
576 4269(4.1.3)N
924(Simtel-20)X
1328(and)X
11 s
1491(UUNET)X
12 s
1800(.............................................................................................37)X
576 4381(4.1.4)N
924(Vendors)X
1272(...................................................................................................................37)X
576 4493(4.2)N
924(The)X
1098(npasswd)X
1452(Command)X
1872(..........................................................................................37)X
576 4605(4.3)N
924(The)X
11 s
1098(COPS)X
12 s
1342(Package)X
1680(..................................................................................................38)X
576 4717(4.4)N
924(Sun)X
1097(C2)X
1233(Security)X
1578(Features)X
1920(........................................................................................38)X
576 4829(4.5)N
924(Kerberos)X
1296(..................................................................................................................39)X
6 f
576 5053(5)N
924(KEEPING)X
1383(ABREAST)X
1873(OF)X
2034(THE)X
2253(BUGS)X
2547 0.2935(.......................................................41)AX
1 f
576 5165(5.1)N
924(The)X
1098(Computer)X
1507(Emergency)X
1970(Response)X
2362(Team)X
2592(............................................................41)X
576 5277(5.2)N
11 s
924(DDN)X
12 s
1137(Management)X
1664 0.0552(Bulletins....................................................................................41)AX
576 5389(5.3)N
924(Security-Related)X
1596(Mailing)X
1925(Lists................................................................................42)X
576 5501(5.3.1)N
924 0.0325(Security....................................................................................................................42)AX
576 5613(5.3.2)N
11 s
924(RISKS)X
12 s
1176(.......................................................................................................................42)X
576 5725(5.3.3)N
11 s
924(TCP-IP)X
12 s
1200(......................................................................................................................42)X
6 f
2408 6016(iv)N
5 p
%%Page: 5 56
12 s 0 xH 0 xS 6 f
1 f
5 f
18 s
1656 957(C)N
1760(O)X
1872(N)X
1976(TEN)X
(TS)S
2488(\(concluded\))X
1 f
12 s
576 1357(5.3.4)N
924(SUN-SPOTS,)X
1482(SUN-NETS,)X
1993(SUN-MANAGERS)X
2760(.....................................................42)X
576 1469(5.3.5)N
11 s
924(VIRUS-L)X
12 s
1272(...................................................................................................................43)X
6 f
576 1693(6)N
924(SUGGESTED)X
1554(READING)X
2007 0.2985(...........................................................................45)AX
576 1917(7)N
924(CONCLUSIONS)X
1656 0.3006(........................................................................................47)AX
576 2141(REFERENCES)N
1251 0.3023(.......................................................................................................49)AX
576 2365(APPENDIX)N
1093(A)X
1189(-)X
1248(SECURITY)X
1760(CHECKLIST)X
2331 0.2959(...............................................................51)AX
2421 6016(v)N
6 p
%%Page: 6 57
12 s 0 xH 0 xS 6 f
1 f
6 f
2408 6016(vi)N
57 p
%%Trailer
xt
xs