-
![[Buch Cover]](../covers/esa3.s.gif)
- Weitere Informationen zu diesem Buch:
Inhaltsverzeichnis | Index | Probekapitel | Kolophon | Rezensionen |
- Weitere Informationen zu diesem Buch:
Third Edition August 2002
ISBN 978-0-596-00343-2
Weitere Informationen zu diesem Buch
Inhaltsverzeichnis |
Index |
Probekapitel |
Kolophon |
Rezensionen |
Index
[ Symbols ], [ A ], [ B ], [ C ], [ D ], [ E ], [ F ], [ G ], [ H ], [ I ], [ J ], [ K ], [ L ], [ M ], [ N ], [ O ], [ P ], [ Q ], [ R ], [ S ], [ T ], [ U ], [ V ], [ W ], [ X ], [ Y ], [ Z ]
Symbols[ Top ]
/ (root directory), 33
A[ Top ]
A records, DNS, 428, 431
a2ps command, 816
AAAA records, DNS, 429, 433
a(ll) access, 40
ac command, 1057
accelerators in SysMan (Tru64), 26
accept command, 833
access agents, mail, 522, 537-542
access control
cron, 100
CUPS, 876
DNS, 441
files, 353
HylaFAX, 806
inetd, 378
LPRng, 872
NetSaint, 511
Net-SNMP, 495-496
OpenLDAP, 323-325
PAM and, 308
Postfix, 589-592
printers, 824, 843
sendmail, 562
serial lines, 796
shutdown command (HP-UX and Linux), 171-172
system console, 796
TCP/IP services, 378
xinetd, 381
access control entry (ACE), 354, 357, 359
access control lists (see ACLs)
access, file, 36-37, 45
classes of, 37
types of, 36
access_db sendmail feature, 562
account level equivalence, 376
accounting
BSD vs. System V systems, 1049-1050
BSD-style, 1052-1058
crashes and, 1054
data file locations, 1050-1051
enabling, 1050
holidays, 1061
LPRng, 871, 1068
merging records from multiple hosts, 1065
printing, 871, 1051, 1066-1068
process, 1049-1056, 1058-1063, 1065
project-based (Solaris), 1063-1065
reports, 1062
Solaris extended, 1063-1065
system monitoring and, 409
System V-style, 1058-1063
utilities directories, 1050
accounts (see user accounts)
acctadm command (Solaris), 1064
acctcom command, 409, 411
accton command, 1053
ACK, 192
acledit command (AIX), 356
aclget command (AIX), 356
aclput command (AIX), 356
ACLs, 353-362
AIX, 354-357
DNS, 441
features, 353
FreeBSD, 359
HP-UX, 357
implementations of, 353
Linux, 359
POSIX, 359
Solaris, 359
Tru64, 359
active SCSI terminators, 642
adding user accounts, 257
address match lists, DNS, 441
address resolution protocol, 188
addressing, mail, 525
adduser command (FreeBSD), 260
adherence to routine, 401
adm user, 73
administrative groups, 235
administrative virtues, 78, 401, 886, 1001
complete list, 1070
AdminSuite (Solaris), 22
admintool (Solaris), 22
package management, 117
printer configuration, 846
serial lines, 794
Advanced Maryland Automated Network Disk Archive (see Amanda)
aging, password, 287-288
AIT tape, 718
AIX, 663
accounting, 1052, 1058
ACLs, 354-357
adding disks, 664
alog facility, 139
apply vs. commit, 119
boot log file, 139
boot scripts, 164
booting, 134
concurrent group set, 233, 355
DHCP, 209, 459
disabling services, 382
disk I/O, 1006-1007
Dynamic DNS updates, 460
error log file, 108
/etc/security directory, 242
filesystem types, 620
floppy disks, 900
kernel location, 129
logical volume manager, 663
mirrored volumes, 669
mkuser.sys script, 263
network interface name, 203
package management, 116, 119
password controls, 289-290
password history lists, 296
password triviality checks, 293
pre-expired passwords, 241
real group, 233
replacing failed disks, 667
resource limits, 250, 960
role-based access control, 368-370
routing, 455, 457
scheduler, 970, 972
secondary authentication programs, 344
security facilities, 339
sendmail and, 546
setpri system call, 965
SNMP, 498
software archives, 126
static routes, 217
striped volumes, 668
swap partitions, 630
syslog enhancements, 104
system parameters, tuning, 1047-1048
tape devices, 725
TCP/IP parameters, 1019
tuning tools, 950
user account attributes, 263
user account controls, 249
/usr/samples/kernel directory, 971
virtual memory manager, 987-988, 990
AIX commands
acledit, 356
aclget, 356
aclput, 356
backup, 731
chdev, 726, 1047
chgroup, 264
chgsys, 852
chps, 1000
chque, 856
chquedev, 856
chuser, 8, 254, 262, 289, 345
crfs, 666-667
dadmin, 461
dhcpsconf, 460
enq, 851
extendvg, 665
floppy disk, 690
group-related, 264
grpck, 392
installp, 116
ipreport, 484
iptrace, 484
logical volume manager, 665, 668
lsattr, 725, 1047
lsdev, 664, 856
lsfs, 668
lslpp, 116
lslv, 668
lsps, 896, 996
lspv, 668, 896
lssrc, 475
lsuser, 8, 290
lsvg, 663, 668
lsvirprt, 855
mirrorvg, 669
mkgroup, 264
mklv, 665, 669
mkps, 1000
mksysb, 760
mktcpip, 205
mkuser, 262-264
mkvg, 664
no, 1019
piomkpq, 855
pwdadm, 282
pwdck, 392
qadm, 851
qcan, 850
qchk, 849
qhld, 851
qmov, 850
RBAC-related, 370
restvg, 762
rmdev, 856
rmgroup, 264
rmps, 1001
rmque, 856
rmquedev, 856
rmuser, 264
savevg, 761
schedtune, 971, 987
setgroups, 233-234
smit, 17
smitty, 19
snap, 175
snmpinfo, 493
startsrc, 475
stopsrc, 475
user account related, 262
varyonvg, 664
vmtune, 989-990, 1006
wsm, 19
AIX configuration files
/etc/dhcpcd.ini, 209
/etc/dhcprs.cnf, 461
/etc/dhcpsd.cnf, 459
/etc/environment, 247
/etc/filesystems, 629, 698
/etc/netsvc.conf, 216
/etc/qconfig, 849, 852, 1066
/etc/security/environ, 245
/etc/security/group, 249
/etc/security/limits, 249-250, 960
/etc/security/login.cfg, 224, 249-250, 344
/etc/security/passwd, 226
/etc/security/roles, 368
/etc/security/user, 249, 289, 345
/etc/security/user.roles, 369
/etc/snmpd.conf, 498
/etc/swapspaces, 630, 998
/usr/lib/security/mkuser.default, 262
AIX spooling system, 848-857
adding printers, 857
backend program, 849
daemon, 848, 852
default queue, 849
devices, 851, 855
job priorities, 851
managing jobs, 849, 851
managing queues, 851
moving jobs between queues, 850
queues vs. devices, 851
remote printing, 857
starting and stopping, 852
virtual printers, 853
algorithms, routing, 453
aliases, 244
aliases, mail, 526, 545
Allen, Jeff, 517
Allman, Eric, 542, 561
allmasquerade sendmail feature, 551
Almesberger, Werner, 954
alog facility (AIX), 139
Alpha Linux, 136
booting, 1043
always_add_domain sendmail feature, 557
Amanda, 745-757
amanda.conf file, 754
backup strategy, 746, 748
client configuration, 751
components, 750
configuration files, 751, 754
daemons, 751
equations, 748, 750
Amanda
features, 745
holding disks, 754
incremental levels, 753
logging, 756
media and, 753
parameters, 746, 748, 750
reports, 756
restores, 757
server configuration, 752-754
tape drives and, 753
utilities, 751
amanda.conf configuration file, 754
anacron package (Red Hat Linux), 90
Angel Network Monitor package, 501-502
Anomy Sanitizer package, 609, 613
APR protocol, 188
archives, software, 126
area border routers, 454
armadillo, 8
arp command, 190
Asimov, Issac, 350
at command, 977
Atkins, E. Todd, 114
Atkinson, Randall, 341
Atomic Time PC Desktop Clock, 474
attention to detail, 401
attitudes, 3, 121, 292, 333, 521, 801
attributes, directory service, 315
auditing, 412-413
authentication, user
biometric devices, 340
dialup, 312
IMAP, 539
Kerberos, 307
one-time passwords, 342
OpenLDAP and, 319-322
PAM, 302
remote access and, 375
Samba, 705
secondary, 344
smart cards, 340
tokens, 340
authoritative name servers, DNS, 430
authoritative responses, DNS, 418
authoritative time, 469
authorizations
AIX, 368
Solaris, 370
auths command (Solaris), 373
automating tasks, 96, 885-942
benefits, 885
C, 919
cron, 90-100
Expect package, 911
interactive tools, 911
Perl package, 899
security monitoring, 399
system configuration, 921-931
user account creation, 275
automount daemon, 702
automounter, NFS, 701-702
autonomous systems, 453
awk command, 76
B[ Top ]
back doors, 331, 338, 353
background processes, 53
Backström, Karl, 463
backup command (AIX), 731
ACLs and, 357
backup group, 369
backups, 726-734
Amanda package, 745-757
commercial packages, 757
cpio and, 729
full, 711
incremental, 712, 729
by inode, 731
levels, 712, 733
log files, 113
media handling, 714-715
media types, 717-723
monitoring data and, 413
off-site, 715
open files and, 709
permanent, 716
planning, 707, 709-713
remote, 744
restoring from, 736, 741
schedule, 710
securing media, 337
security and, 339
storing, 714-715
system filesystems, 759-760
table of contents for, 742, 744
tar and, 727
types, 711-712
unattended, 713
verifying, 713
bacteria, 338
bad passwords, 277
balance, 3, 60, 292, 638
bare metal recovery, 759
base permissions (AIX), 354
bash, 244
initialization files, 241
invocation options, 244
batch command, 977
batch processes, 55
batch systems, 977-978
AIX, 857
Bellovin, Steven M., 374, 383
belt-and-suspenders firewall configuration, 385
Berkeley Internet Name Domain (see BIND)
biff command, 614
big endian, 741
BIND, 417, 420, 422
Version 8, 422
Version 9, 422, 429, 438-439, 445, 446
versions, 420-421, 430
binlogd daemon (Tru64), 110
biod daemon, 696
biometric devices, 340
BIOS, 128
BITNET, 334
blacklist_recipients sendmail feature, 562
blacklists, electronic mail, 562, 589-590
block special files, 47, 63
Boleyn, Erich, 1040
boot process, 127
customizing, 165
disabling parts of, 166
DNS and, 423
failures, 175
from CD-ROM, 134-137
manual, 133
messages, 138
multiuser mode, 130
network interface configuration, 204
networking and, 148
phases of, 128, 130, 137
scripts, 131
single-user mode, 131
starting daemons, 146
boot program, 128
boot scripts, 131, 140
adding to, 165
AIX, 164
BSD-style, 151
directories for, 155
disabling, 166
Linux, 164
modifying, 168
rc*, 155, 159
S and K files, 160
Solaris, 163
starting daemons in, 146
System V-style, 152, 159
Tru64, 164
boot0cfg command (FreeBSD), 1029
/boot directory (Linux), 70
/boot/grub/grub.conf configuration file (Linux), 1041
/boot/loader.conf configuration file (FreeBSD), 1029
boot.message configuration file (Linux), 1040
Borg designation, 315
bounds checking, 331
Bourne shell, 241
example scripts, 886-893, 897-898
Bourne-Again shell (see bash)
Braun, Rob, 380
breaches, security, 405
breakout box, 796
bridges, 201
broadcast addresses, 195
btcreate command (Tru64), 765
buffer cache, 987
buffer overflows, 331
bugs, 331, 373
bundles (HP-UX), 119
Burgess, Mark, 921
bzip2 package, 123
C[ Top ]
C programs, 919
C shell, 241
example scripts, 893-897
C2 security level, 227
cables, maximum length
network, 184
SCSI, 640
Cables to Go, 780
cache, DNS, 418
caching-only name servers, DNS, 419
caller ID, faxes and, 803
cancel command, 830, 833
canonical name records, DNS, 429
capabilities (Linux and FreeBSD), 367
capacity planning, backups, 710
cap_mkdb command (FreeBSD), 251
captive user accounts, 239
Carnegie Mellon University, 488, 539
carrier sense, 185
Carrier Sense Multiple Access/Collision Detection (CSMA/CD), 185
category 5 cables, 182
catman command, 76
cbw package, 363
cd command, 37
symbolic links and, 49
CDE (Common Desktop Environment), 245
CD-ROM, 692, 694
as backup media, 719
mounting, 692
cdslinvchk command (Tru64), 51
CERT, 374
cesium-133, 470
cfagent command, 923
cfdisk command (Linux), 648
Cfengine, 921-931
actions, 924-926
automating, 931
capabilities, 922
classes, 928-930
commands, 922
configuration files, 923, 930
daemons, 930-931
cfexecd daemon, 931
cfrun command, 931
chacl command (HP-UX), 358
chage command (Linux), 282, 289-290
character special files, 47, 63
chargefee command, 1059
chdev command (AIX), 726, 788, 1047
checksums, 397
Tripwire and, 399
Cheswick, William R., 383
chgroup command (AIX), 264
chgrp command, 35
chgsys command (AIX), 852
child process, 57
chmod command, 36, 39
ACLs and, 357, 359
chown command, 35
chpass command (FreeBSD), 254, 262, 282, 290
chps command (AIX), 1000
chque command (AIX), 856
chquedev command (AIX), 856
chroot command, 88
Postfix, 593
sendmail and, 567
chsh command, 238
chuser command (AIX), 8, 254, 262, 289, 345
roles, assigning with, 369
CIDR (Classless Inter-Domain Routing), 197
CIFS protocol, 703
cksum command, 397
classes, user account (FreeBSD), 250, 261
Classless Inter-Domain Routing (see CIDR)
clock drift, 470
clocks, accurate, 469
CNAME hack, DNS, 434
CNAME records, DNS, 429, 431
COAST project, 399
coaxial cable, 182
coffee, 1071
cold boot, 127
collision detection, 185
collision rates, network, 477
commands
a2ps, 816
ac, 1057
accept, 833
acctadm (Solaris), 1064
acctcom, 409, 411
accton, 1053
acledit (AIX), 356
aclget (AIX), 356
aclput (AIX), 356
adduser (FreeBSD), 260
Amanda, 751
arp, 190
at, 977
auths (Solaris), 373
awk, 76
backup (AIX), 731
batch, 977
biff, 614
boot scripts, 140
boot0cfg (FreeBSD), 1029
btcreate (Tru64), 765
cancel, 830
cap_mkdb (FreeBSD), 251
catman, 76
cd, 37, 49
cdslinvchk (Tru64), 51
cfagent, 923
cfdisk (Linux), 648
Cfengine, 922
cfrun, 931
chacl (HP-UX), 358
chage (Linux), 282, 289-290
chargefee, 1059
chdev (AIX), 726, 1047
chgroup (AIX), 264
chgrp, 35
chgsys (AIX), 852
chmod, 36, 39
chown, 35
chpass (FreeBSD), 254, 262, 282, 290
chps (AIX), 1000
chque (AIX), 856
chquedev (AIX), 856
chroot, 88
chsh, 238
chuser (AIX), 8, 254, 262, 289, 345
cksum, 397
configure, 121
confining to a directory, 88
cp, 86
cpio, 86, 729
crfs (AIX), 666-667
crontab, 94
crypt, 362
dadmin (AIX), 461
dd, 735
depmod (Linux), 1045
df, 617, 1008
dhclient, 210
dhcpconf (Tru64), 212
dhcpsconf (AIX), 460
dia (Tru64), 111
diff, 86
dig, 452
dircmp, 86
disable, 834
disklabel (FreeBSD), 645, 685
dispadmin (Solaris), 973, 975
dmesg, 107, 139
dnskeygen, 443
dnssec-keygen, 443
dsfmgr (Tru64), 896
du, 617, 1008
dump, 731
dxaccounts (Tru64), 273
dxkerneltuner (Tru64), 975, 1031
e2fsadmin (Linux), 682
echo, 89
edauth (Tru64), 290
edquota, 1014-1015
eeprom (Solaris), 133
eject, 694
enable, 834
enq (AIX), 851
enscript, 816
exportfs, 700
extendvg (AIX), 665
fax2ps, 803
faxaddmodem, 799
faxadduser, 806
faxadeluser, 806
faxalter, 803
faxcron, 800
faxinfo, 803
faxqclean, 800
faxrm, 802
faxsetup, 799
faxstat, 802
fbackup (HP-UX), 734
fdformat (Solaris), 690
fdisk (FreeBSD), 645
fdisk (Linux), 896
file, 53
files and, 59
find, 79
floppy disks, 690
format (Solaris), 653-654
frecover (HP-UX), 741, 744
free (Linux), 982
from, 615
fsck, 141, 398, 631-632, 634
fstat (FreeBSD), 626
fuser, 625
fverify (Tru64), 116
getacl (Tru64), 361
getdev (Solaris), 896
getent, 322
getfacl (Linux), 361
getfacl (Solaris), 361
gfontview, 883
gnoprm (Linux), 117
gpasswd (Linux), 260
gpg, 364-365
gq, 328
grep, 76
group, 231
groupadd, 259
groupmod, 259
growfs (FreeBSD), 647
grpck (AIX), 392
grub-install, 1042
gv, 817
hostname, 190
hoststat, 569
HylaFAX, 799-803, 806
id, 232
ifconfig, 184, 203-204
commands
insmod (Linux), 1045
installp (AIX), 116
ioscan (HP-UX), 896
iostat, 1001
ipreport (AIX), 484
iptrace (AIX), 484
kill, 962
killall, 962
kldstat (FreeBSD), 1029
kmtune (HP-UX), 991
kmupdate (HP-UX), 1031
kstat (Solaris), 993
ksysguard, 982
ksysv (Linux), 167
kuser, 270
lanscan (HP-UX), 184
last, 409-410
lastcomm, 409-411
LDAP, 318
ldapadd, 318
ldapsearch, 318
limit, 959
ln, 48
logger, 107
lp, 830
lpadmin, 831, 835
lpalt (HP-UX), 837
lpana (HP-UX), 845
lpc, 819-820
lpfence (HP-UX), 837
lpget (Solaris), 842
lpmove, 833
lpq, 818
lpr, 818
lprm, 818
lprsetup (Tru64), 828
lpset (Solaris), 842
lpstat, 830-831
lptcontrol (FreeBSD), 827
lptest, 817
lpusers (Solaris), 838
ls, 34, 49, 52
lsacl (HP-UX), 357
lsattr (AIX), 725, 1047
lsdev (AIX), 664, 856
lsfs (AIX), 668
lslpp (AIX), 116
lslv (AIX), 668
lsmod (Linux), 1044
lsof (FreeBSD), 625
lsps (AIX), 896, 996
lspv (AIX), 668, 896
lssrc (AIX), 475
lsusb (Linux), 810
lsuser (AIX), 8, 290
lsvg (AIX), 663, 668
lsvirprt (AIX), 855
lvcreate (HP-UX), 670
lvcreate (Linux), 682
lvdisplay (HP-UX), 672
lvlnboot (HP-UX), 671
m4, 550
mailstats, 569
make xconfig (Linux), 1035
MAKEDEV, 644
makemap, 556
make_recovery (HP-UX), 763
makewhat (Solaris), 76
makewhatis, 76
man, 74
md5sum (GNU), 398
mesg, 13
metadb (Solaris), 677
metainit (Solaris), 677
metaparam (Solaris), 678
metareplace (Solaris), 679
metattach (Solaris), 678
mirrorvg (AIX), 669
mkdir, 84
mke2fs (Linux), 682
mkfile (Solaris), 999
mkfs (Linux), 649-650
mkgroup (AIX), 264
mk_kernel (HP-UX), 1031
mklv (AIX), 665, 669
mknod, 643-644
mkps (AIX), 1000
mkraid (Linux), 683
mkreiserfs (Linux), 652
mkswap (Linux), 999
mksysb (AIX), 760
mktcpip (AIX), 205
mkuser (AIX), 262-264
mkvg (AIX), 664
modinfo (Linux), 1044
modinfo (Solaris), 1046
modprobe (Linux), 1045
mount, 624, 630, 698
mpage, 817
mt, 735
mtools, 690
ndc, 450
ndd, 1019
net use (Windows), 703
netstat, 217, 1017
nettl (HP-UX), 484
newaliases, 528
newfs (FreeBSD), 646
newfs (HP-UX), 671
newfs (Solaris), 655-656
newgrp, 231
newtask (Solaris), 1064
nfsstat, 1020
ngrep, 327
nmap, 382
no (AIX), 1019
npasswd, 294
nslookup, 451
ntop, 479
ntpd, 473
ntpdate, 473
ntpdc, 472
ntpq, 472
OpenLDAP, 318, 322
opiekey, 342
opiepasswd, 341
pac, 1066-1067
pagesize, 982
passwd, 240, 254, 282, 289-290
pax, 730
periodic (FreeBSD), 97
pgp, 364-365
ping, 220, 479
piomkpq (AIX), 855
pkg_add (FreeBSD), 116
pkgadd (Solaris), 116
pkgchk (Solaris), 116
pkg_delete (FreeBSD), 117
pkg_info (FreeBSD), 116
pkginfo (Solaris), 116
pkgrm (Solaris), 117
plod, 31
pmadm (Solaris), 791-792
pmbpage, 817
Postfix, 582
pr, 817
printconfig (Tru64), 827
printing, 818
priocntl (Solaris), 969, 975
profiles (Solaris), 372
projadd (Solaris), 1063
projdel (Solaris), 1063
projects (Solaris), 1064
projmod (Solaris), 1063
prpwd (HP-UX and Tru64), 228
prtconf (Solaris), 1046
ps, 952, 965
pstat (FreeBSD), 896, 996
pstree, 954
ptree (Solaris), 954
pump (Linux), 211
pvcreate (HP-UX), 670
pvcreate (Linux), 681
pvdisplay (HP-UX), 672
pwck, 392
pwdadm (AIX), 282
pwdck (AIX), 392
qadm (AIX), 851
qcan (AIX), 850
qchk (AIX), 849
qhld (AIX), 851
qmov (AIX), 850
quot, 1009
quotacheck, 146, 1015
quotaoff, 1015
quotaon, 1015
raidstart (Linux), 683
raidstop (Linux), 683
reboot, 171
redhat-config (Red Hat Linux), 23
redhat-config-users (Red Hat Linux), 271
reject, 833
renice, 968
repeating, 83
repquota, 1016
resize2fs (Linux), 651
resize_reiserfs (Linux), 653
restore, 738
restvg (AIX), 762
rmdev (AIX), 856
rmgroup (AIX), 264
rmmod (Linux), 1045
rmps (AIX), 1001
rmque (AIX), 856
rmquedev (AIX), 856
rmuser (AIX), 264
rmuser (FreeBSD), 262
rndc, 450
roles (Solaris), 372
route, 216
rpm (Linux), 116
rrdtool, 513
sa, 1054-1056
sacadm (Solaris), 790
sam (HP-UX), 20
sar, 1002
savecore, 144
commands
savecrash (HP-UX), 144
savevg (AIX), 761
schedtune (AIX), 971, 987
scp, 377
search path and, 59
sendfax, 801
setacl (Tru64), 361
setfacl (Linux), 361
setfacl (Solaris), 361
setgroups (AIX), 233-234
setld (Tru64), 116
sftp, 377
showmount, 700
shutdown, 170-171
siggen, 400
smbclient, 705
smbstatus, 704
smit (AIX), 17
smitty (AIX), 19
SMTP and ESMTP
snap (AIX), 175
snmpconf, 495
snmpget, 491
snmpinfo (AIX), 493
snmp_request (Tru64), 493
snmpset, 492
snmptranslate, 490
snmptrap, 492
snmpwalk, 492
snoop (Solaris), 483
ssh, 376
startsrc (AIX), 475
stopsrc (AIX), 475
stty, 773, 775
sttydefs (Solaris), 793
su, 6, 253
swap (Solaris), 896, 996, 1001
swapinfo (HP-UX), 896, 996
swapon, 145, 896, 996
swinstall (HP-UX), 116
swlist (HP-UX), 116
swremove (HP-UX), 116
sync, 172
sysconfig (Tru64), 896, 975, 1019, 1030
sysctl (FreeBSD), 896, 990, 1019, 1029
sysdef (HP-UX), 1033
sysdef (Solaris), 1046
sysinstall (FreeBSD), 25
sysman (Tru64), 26
system information, 896
system_prep (HP-UX), 896, 1031
tail, 89
tape related, 735
tar, 85, 727
tcpdump, 481
telinit, 154
testparm, 704
top, 956
traceroute, 480
tripwire, 400
tset, 772
tty, 769
tune2fs (Linux), 650
tunefs (FreeBSD), 646
tuning, 950
ucomm.sh, 1065
ufsdump (Solaris), 732
ulimit, 959
umask, 42
umount, 624, 630
upacct, 1065
usbdevs (FreeBSD), 809
usbmodules (Linux), 810
useradd, 257
userdel, 259
usermod, 254, 258, 282, 289
vacation, 545, 614
varyonvg (AIX), 664
vgcreate (HP-UX), 670
vgcreate (Linux), 682
vgdisplay (HP-UX), 672
vgextend (HP-UX), 670
vgscan (Linux), 681
vigr (Linux), 230
vinum (FreeBSD), 685-687
vipw, 145, 225
visudo, 12
vmstat, 966, 982, 984-985
vmtune (AIX), 989-990, 1006
vnconfig (FreeBSD), 999
vncserver, 30
vncviewer, 30
volcheck (Solaris), 690
wall, 13
wcomm.sh, 1065
who, 154
write, 12
wsm (AIX), 19
xargs, 83
xbiff, 614
xferfaxstats, 802
xjoin (Tru64), 468
xlock, 7
xprm (Linux), 117
xstm (HP-UX), 110
xwd, 817
yast2 (SuSE Linux), 24
yes, 919
Common Desktop Environment (CDE), 245
Common Internet File System (CIFS) protocol, 703
common sense, 168, 225, 398, 421, 987
Common Unix Printing System (see CUPS)
community names, SNMP, 488
Computer Emergency Response Team (CERT), 374
Computer Incident Advisory Capability (CIAC), 374
comsat service, 614
concurrent group set (AIX), 233
confCON_EXPENSIVE macro, 571
confDEF_USER_ID macro, 565
confHOST_STATUS_DIRECTORY macro, 569
configuration files
Amanda, 751
amanda.conf, 754
boot, 162
/boot/grub/grub.conf (Linux), 1041
/boot/loader.conf (FreeBSD), 1029
boot.message (Linux), 1040
crontab, 91
DHCP, 208, 458
DNS, 214-215, 423
/etc/adduser.conf (FreeBSD), 261
/etc/adduser.message (FreeBSD), 261
/etc/aliases, 526
/etc/binlog.conf (Tru64), 110
/etc/bootptab (HP-UX), 465
/etc/cron.allow and /etc/cron.deny, 100
/etc/cups/cupsd.conf, 876
/etc/default/dhcpagent (Solaris), 212
/etc/default/login (Solaris), 252
/etc/default/passwd (Solaris), 297
/etc/defaultrouter (Solaris), 219
/etc/default/su (Solaris), 8
/etc/default/sulogin (Solaris), 133
/etc/default/tar, 728
/etc/dfs/dfstab (Solaris), 700
/etc/dhclient (FreeBSD), 210
/etc/dhclient.conf (ISC DHCP), 210
/etc/dhcpcd.ini (AIX), 209
/etc/dhcpd.conf, 461
/etc/dhcprs.cnf (AIX), 461
/etc/dhcpsd.cnf (AIX), 459
/etc/dhcptab (HP-UX), 464
/etc/dialups, 343
/etc/d_passwd, 343
/etc/dumpdates, 732
/etc/environment (AIX), 247
/etc/exports, 698
/etc/filesystems (AIX), 629, 698
/etc/fstab, 626-628, 696-697, 706
/etc/gated.conf, 456
/etc/gateways, 455
/etc/gettydefs, 786
/etc/gettytab (FreeBSD), 784
/etc/group, 223, 229
/etc/gshadow (Linux), 223, 232
/etc/host.conf (FreeBSD), 215
/etc/hostname.* (Solaris), 206
/etc/hosts, 213
/etc/hosts.allow,deny, 378
/etc/hosts.equiv, 375
/etc/ifhp.conf, 871
/etc/inetd.conf, 378-379
/etc/inet/netmasks (Solaris), 204
/etc/inittab, 156
/etc/issue, 14, 307
/etc/join/client.pcy (Tru64), 212
/etc/join/dhcpcap (Tru64), 467
/etc/join/nets (Tru64), 467
/etc/join/server.pcy (Tru64), 467
/etc/login.access (FreeBSD), 250
/etc/login.conf (FreeBSD), 250, 294
/etc/login.defs (Linux), 252, 293, 296
/etc/logingroup (HP-UX), 233
/etc/logrotate (Linux), 114
/etc/lpd.conf, 867
/etc/lpd.perms, 867
/etc/mail/local-host-names, 550, 556
/etc/mail.rc, 533
/etc/manpath.config (Linux), 75
/etc/master.passwd (FreeBSD), 226-227, 289
/etc/modules.conf (Linux), 1045
/etc/motd, 14, 307
/etc/named.conf, 423
/etc/netsvc.conf (AIX), 216
/etc/newsyslog (FreeBSD), 113
/etc/nodename (Solaris), 206
/etc/nologin, 305
/etc/nsswitch, 215
/etc/ntp.conf, 471
/etc/ntp.keys, 472
/etc/openldap/ldap.conf, 322
/etc/openldap/slapd.conf, 316-317
configuration files
/etc/opieaccess, 342
/etc/pam.conf, 303
/etc/passwd, 223
/etc/printcap, 821-823, 1066
/etc/printers.conf (Solaris), 842
/etc/procmailrc, 601
/etc/project (Solaris), 1063
/etc/protocols, 189
/etc/qconfig (AIX), 849, 852, 1066
/etc/raidtab (Linux), 683
/etc/rc.conf (FreeBSD), 163
/etc/rc.config (SuSE Linux 7), 163
/etc/rc.config (Tru64), 133, 163
/etc/rc.config.d/netconf (HP-UX), 205
/etc/resolv.conf, 214
/etc/rmmount.conf (Solaris), 694
/etc/rmtab, 700
/etc/rndc.conf, 450
/etc/routes (Tru64), 219
/etc/saf/_sactab (Solaris), 789
/etc/sanitizer.cfg, 610
/etc/securetty, 309
/etc/security/auth_attr (Solaris), 370
/etc/security/environ (AIX), 245
/etc/security/exec_attr (Solaris), 372
/etc/security/group (AIX), 249
/etc/security/limits (AIX), 249-250, 960
/etc/security/login.cfg (AIX), 224, 249-250, 344
/etc/security/passwd (AIX), 226
/etc/security/prof_attr (Solaris), 370
/etc/security/roles (AIX), 368
/etc/security/user (AIX), 249, 289, 345
/etc/security/user.roles (AIX), 369
/etc/services, 189
/etc/shadow, 223, 225
/etc/shells, 224, 238, 529
/etc/shutdown.allow (HP-UX and Linux), 171-172
/etc/SnmpAgent.d/snmpd.conf (HP-UX), 497
/etc/snmp/conf (Solaris), 497
/etc/snmpd.conf (AIX), 498
/etc/snmpd.conf (Tru64), 499
/etc/ssh/sshd_config, 377
/etc/sudoers, 10
/etc/svc.conf (Tru64), 216
/etc/swapspaces (AIX), 630, 998
/etc/sysconfigtab (Tru64), 628
/etc/sysctl.conf (FreeBSD), 990
/etc/syslog.conf, 102
/etc/system (Solaris), 896, 1046
/etc/termcap, 769
/etc/tty (FreeBSD), 132
/etc/ttydefs (Solaris), 792
/etc/ttys, 796
/etc/ttys (FreeBSD), 782
/etc/usbd.conf (FreeBSD), 809
/etc/user_attr (Solaris), 372
/etc/vfstab (Solaris), 629, 696
/etc/vold.conf (Solaris), 693
/etc/xinetd, 380
filesystem, 626
Fontmap, 882
HylaFAX, 805-806
lilo.conf (Linux), 1037-1040
LPRng, 867-870
man command, 75-76
modifying, 5
name service switch, 215
Netsaint, 506
network interface, 205
NFS, 695
OpenLDAP, 314, 316-317, 322
PAM, 302-305, 312
Postfix, 583
printing, 816
queuedefs, 977
routing, 218-219
Samba, 703
sendmail, 546
sendmail.cf, 547
serial line, 782-788
smb.conf, 703
SNMP, 489
/stand/build/system (HP-UX), 1031
swatch package, 114
Tripwire, 400
/usr/lib/passwd/passwd.conf, 294
/usr/lib/security/mkuser.default (AIX), 262
/usr/local/share/snmp/snmpd.conf, 494
/usr/share/man/man.cf (Solaris), 75
/var/adm/pacct, 1058
/var/cfengine/inputs/cfagent.conf, 923
/var/dhcp/dhcptab (Solaris), 465
/var/spool/hylafax/etc/hosts.hfaxd, 806
XF86Config, 809-810
configure utility, 121
confMAX_DAEMON_CHILDREN macro, 570
confMAX_MESSAGE_SIZE macro, 571
confMIN_FREE_BLOCKS macro, 571
confMIN_QUEUE_AGE macro, 571
confPRIVACY_FLAGS macro, 566
confQUEUE_LA macro, 571
confREFUSE_LA macro, 571
confSAFE_FILE_ENV macro, 554
confSERVICE_SWITCH_FILE macro, 560
confTO_parameter macro, 571
CONNECTION_RATE_THROTTLE macro, 570
connectors
8-pin mini DIN, 780
50-pin Centronics, 640
50-pin micro, 640
68-pin, 640
DB-25, 640, 780
DB-9, 780
Ethernet, 182
mini-micro, 640
RJ-12, 780
RJ-45, 182, 780
SCSI III, 640
USB, 780, 807
consistency checking, filesystem, 631
console, 767
access control, 796
limiting access to, 337
CONT signal, 963
context switches, 964
context-dependent symbolic links (Tru64), 51
controller-drive-section identifiers, 64
convenience, 333
coolmail package, 614
Coordinated Universal Time (UTC), 470
Coppit, David, 615
COPS package, 401, 403
copy-on-write, 981
core files, limiting size of, 960
country code top-level domains, 416
cp command, 86
cpio command, 86, 729
restores, 736
CPU resources, 963-978
crack package, 299
cracking passwords, 291, 297-302
results, 301
crash dumps, 144, 175
crashes, handling, 174
creating user accounts, 257
creativity, 89
crfs command (AIX), 666-667
Cricket package, 517-519
components, 517
configuring, 518-519
output, 519
RRDtool and, 517
targets, 519
crises, handling, 4, 176
critical resources, 946
cron, 90-100, 977
access control, 100
BSD vs. System V, 91
configuring, 91
cron.allow and cron.deny files, 100
crontab file formats, 91
enabling, 91
enhancements (FreeBSD and Linux), 93
example crontab entries, 92
file locations, 90
log files, 91, 95
PID file, 91
security, 100
crontab command, 94
crypt command, 362
.cshrc files, 241
example, 244
CUPS, 874-878
access control, 876
architectture, 874
configuration file, 876
managing printers and queues, 875
customizing boot process, 165
cw file, sendmail, 550
cylinder groups, 618
cynics, 1052
Cyrus, 539, 552, 566
D[ Top ]
da Silva, James, 745
dadmin command (AIX), 461
daemons, 55
Amanda, 751
automount, 702
binlogd (Tru64), 110
biod, 696
cfexecd, 931
cfservd, 930
cron, 91
DHCP, 208, 458
dhcpd, 461
dhcrelay, 463
disabling, 381
DNS, 418
daemons
errdaemon (AIX), 108
faxgetty, 800
gated, 455
getty, 785
IMAP, 538
inetd, 377
init, 130
list of, 55
lockd, 695
lpd, 821
lpsched, 834
mgetty (Linux), 787
mountd, 696
named, 417, 422-451
netsaint, 503
network, 148-149, 189
NFS, 148, 695
nfsd, 696
nfsiod, 695
NTP, 472
PID files, 73
POP, 538
portmap, 695
Postfix, 580-581
qdaemon (AIX), 848
rmt, 744
routed, 454-455
rpc.lockd, 696
rpc.mountd, 695
rpc.nfsd, 695
rpc.statd, 696
sac (Solaris), 789
secure versions, 326
securing, 377
sendmail, 544, 546, 567
sftp-server, 377
slapd, 314, 326
smtpd, 524
smtpfwdd, 524
snmpd, 493
snmptrapd, 496
SRC and (AIX), 148
sshd, 376
started at boot time, 146
statd, 695
syslogd, 101
tcpd, 378
vold (Solaris), 690
xinetd, 380
Darmohray, Tina, 1069
Darrah, Byron C., 614
DAT tape, 717
data expiration period, DNS, 430
data incompatibilities, 741
database engines, 314
sendmail, 557
datagrams, 187
dd command, 735
DDS tape, 717
debug modes, 331
debugging (see troubleshooting)
default gateway, 216, 218
defaults
AIX user account, 250
class, user account (FreeBSD), 250
file mode, 42
filesystem types, 617, 620-621
gateway, 216, 218
local mailer program, sendmail, 552
login shell, 238
PAM, 306
password aging settings, 296
printer, 818, 831, 849
process priorities, 964
run level, 154
tape drive, 725
umask, 246
user account, 258
DeJong, Scott, 447
deleting pesky files, 87
delivery agents, mail, 522
demand paging, 981
denial-of-service attack, 332
depmod command (Linux), 1045
Deraison, Renaud, 405
Deri, Luca, 479
desktop initialization files, 245
detail, attention to, 401
detecting security problems, 391
/dev directory, 47, 68
device drivers, 61, 1024
device files, 47
devices, 61-67
CD-ROM, 692
detecting, 66
pseudo-terminal, 767
RAID, 661
SCSI, 639-640
serial, 776
system console, 767
tape drives, 723, 725
/devices directory (Solaris), 47
df command, 617, 1008
dhclient command, 210
DHCP, 206-212, 457-468
client configuration, 206-212
configuration files, 208, 458
daemons, 208, 458
Dynamic DNS updates, 438-440, 460, 463
enabling, 208, 459
exclusions, 458
Internet Software Consortium (ISC) version, 210
ISC, 461
leases, 207
leases files, 208, 459
relay servers, 458, 461
reservations, 458
scopes, 457
server configuration, 457-468
server executables, 458
subnets and, 458
dhcpconf command (Tru64), 212
dhcpd daemon, 461
dhcpsconf command (AIX), 460
dhcrelay daemon, 463
dia command (Tru64), 111
dial-out modems, special files for, 768
dialup networking, 182
dialup passwords, 343
PPP and, 344
dictionary attacks, 278, 293
diff command, 86
dig command, 452
digital linear tape (DLT), 718
digital signatures, 364
dircmp command, 86
direct inward dial (DID), 803
direct number identification service (DNIS), 803
directories, 47
administrative, 73
/boot (Linux), 70
boot script, 155, 160
comparing, 86
creating, 84
/dev, 47, 68
/devices (Solaris), 47
duplicating a tree, 85
/etc, 68
/etc/auth, 71
/etc/cron.* (Linux}, 100
/etc/default, 69
/etc/default (Solaris), 162-163
/etc/init.d, 68, 160
/etc/mail, 545
/etc/objrepos (AIX), 70
/etc/openldap, 314
/etc/openldap/schema, 316
/etc/pam.d, 302
/etc/periodic/security (FreeBSD), 339
/etc/postfix, 583
/etc/profile.d (Red Hat Linux), 247
/etc/rc.config.d (HP-UX), 163
/etc/rc*.d, 68, 155, 160
/etc/security (PAM), 303
/etc/security (AIX), 70, 242
/etc/skel, 242
/etc/sysconfig (Linux), 69, 163
/home, 70
home, 224, 241
kernel build, 1026
/kernel (Solaris), 70
/lib, 70
listing with echo, 89
log files, 73
/lost+found, 70
man pages, 72
/mnt, 70
/opt, 70
/proc, 70
/sbin, 68
/sbin/rc*.d, 155
schema, OpenLDAP, 316
setgid access and, 44
shared library, 70-71
source code, 73
spool, 524, 528
spooling, 73
/stand (FreeBSD), 70
sticky bit and, 44
/tcb, 71
terminfo, 769
/usr, 71
/usr/bin, 71
/usr/include, 71
/usr/lib, 71
/usr/lib/sendmail.d/bin, 553
/usr/lib/X11/fonts, 879
/usr/local, 71
/usr/lpp (AIX), 70
/usr/ports (FreeBSD), 73, 120
/usr/sbin, 68
/usr/share, 72
/usr/share/skel (FreeBSD), 242
/usr/skel (Tru64), 242
directories
/usr/src, 73
/usr/usb, 73
/var, 73
/var/adm, 73
/var/adm/crash (HP-UX), 144
/var/log, 73
/var/run, 73
/var/spool, 73
/var/spool/hylafax, 799
/var/spool/mqueue, 528
writable, security problems with, 350
X Window System, 71
directory services, 313, 315
directory tree, 33
disable command, 834
disabling messages, 13
disabling user accounts, 254
disk I/O
controllers, 1004
data placement and, 1005
disk striping, 1005
hardware and, 1003
I/O pacing, 1007
monitoring, 1001
multiple disks and, 1004
performance, 1001-1007
random access, 1003
read-ahead, 1006
sequential access, 1003
tuning, 1003-1007
disk mirroring, 661
disk partitions (see partitions)
disk quotas, 146, 1012-1016
on groups, 1016
hard vs. soft limits, 1013
reports, 1016
disk striping, 660
performance, 1005
disklabel command (FreeBSD), 645, 685
disks, 61
adding, 637-643
as backup media, 721
CD-ROM, 692
data placement and, 1004-1005
described, 635
floppy, 688
IDE vs. SCSI, 638
layouts, 636
logical volumes and, 657
magneto-optical, 719
managing space on, 112
managing usage levels, 1009-1016
parity, 662
SCSI, 64
slices, 645
syncing, 172
dismounting filesystems, 621-623
dispadmin command (Solaris), 973, 975
distance-vector routing algorithms, 453
distinguished name, 315
Distributed Queueing System (DQS), 978
distribution name servers, DNS, 419
DLT tape, 718
dmesg command, 107, 139
dnl, 548
DNS, 214-215, 414-452
A records, 428, 431
AAAA records, 429, 433
absolute hostnames, 429
ACLs, 441
address match lists, 441
authoritative name servers, 430
authoritative responses, 418
BIND, 417
cache, 418
caching-only name servers, 419
client configuration, 214
CNAME records, 429, 431, 434
common mistakes, 432-433
configuration files, 423
data expiration period, 430
directives, 429
distribution name servers, 419
DNSSEC, 445
domain name restrictions, 417
dynamic updates from DHCP, 438-440
enabling, 423
error messages, 448-449
forwarders, 419, 436
forward-only name servers, 419
$GENERATE directive, 435
glue records, 434
incremental zone transfers, 440-441
IPv6 addresses and, 429
logging, 426, 448-449
master name servers, 419, 424
MX records, 429
name server types, 418
name service switch file, 215
named daemon, 417
namespace, 415
negative query cache lifetime, 430
NS records, 428
performance, 1020
Postfix and, 585
primary name servers, 419
PTR records, 429, 432
recursive vs. nonrecursive queries, 418
refresh period, 430
resolver, 214-215
resource records, 428
retry interval, 430
reverse zone files, 432
root hints file, 427
secondary name servers, 419
secure, 443
security, 447
security futures, 445
sendmail and, 554
serial numbers, 430
server configuration, 422-451
slave name servers, 419, 425
SOA records, 428
split, 446
SRV records, 429, 431
stealth name servers, 419
stub name servers, 419
subdomains, 433-434
subnets and, 432
timeout period, 430
time-to-live value, 428
top-level domains, 415-416
troubleshooting, 451
$TTL directive, 429
updating slave servers, 437-438, 440-441
views, 446
zone files, 428
zone transfers, 437
zones, 418, 424
DNS Security Extensions (DNSSEC), 445
dnsbl sendmail feature, 562
dnskeygen command, 443
dnssec-keygen command, 443
documentation, 942
domain hierarchy, DNS, 415
DOMAIN macro, 549
domain name system (see DNS)
domain names, 417
DOS Master Boot Program (see MBR)
dsfmgr command (Tru64), 896
.dtprofile file, 245
du command, 617, 1008
dump command, 731-734
backup levels, 733
/etc/fstab and, 627
remote backups, 744
restores, 737
vendor versions, 731
DVDs
as backup media, 719
technologies for writing, 719-720
dxaccounts command (Tru64), 273
dxkerneltuner command (Tru64), 975, 1031
dynamic group membership, 231
dynamic host configuration protocol (see DHCP)
dynamic IP addressing, 206
dynamic routing, 453
dynamic updates, DHCP to DNS, 438-440, 463
dynamically allocated ports, 189
E[ Top ]
e2fsadmin command (Linux), 682
echo command, 89
edauth command (Tru64), 290
EDITOR environment variable, 225
edquota command, 1014-1015
educating users, 335, 346
eeprom command (Solaris), 133
EGID (effective group ID), 57, 351
8 mm tape, 717
80-20 rule, 1001
Einarsson, Bjarni, 609
eject command, 694
electronic mail, 521-615
access agents, 522, 537-542
address mapping, 556
addressing, 525
aliases, 526, 545
blacklists, 562
delivery agents, 522
delivery process, 523, 530, 581
discarding automatically, 603
encrypting, 364, 535
filtering, 599
forwarding, 529-530
IMAP, 537-539
mailings lists, 528
masquerading, 551, 585
message stores, 522
MX records and, 525-526
overview, 521
PAM and, 308
PGP and, 535-536
policies, 531
POP, 537-539
electronic mail
queue directory, 528
redirecting, 558
relaying, 555, 561
retrieval agents, 522
retrieving, 596
shells and, 529
signing, digital, 364
SMTP proxy, 524
sorting, 602
spam suppression, 560, 589, 599, 607-609
spool directories, 524
submission agents, 532
transport agents, 521, 542-596
user agents, 521, 532-537
vacations and, 614
virtual domains, 559, 587-588
Elkins, Michael, 534
elm package, 532
emacs (GNU), 87
embedding words, 279
enable command, 834
encapsulation, 188
encryption, 339, 362-366
CUPS, 876
DNS and, 443
electronic mail, 535
NTP, 472
pass phrases, 366
public key, 363
public key servers, 363
enhanced C shell (tcsh), 241, 244
Enigma machine, 362
enq command (AIX), 851
enscript command, 816
entries, directory service, 315
environment variables
FAXSERVER, 801
LPDEST, 831
PAM, setting with, 307
PATH, 349
PRINTER, 818
TERM, 769, 772
TERMCAP, 772
environmental factors, 337
ephemeral ports, 189
epm package, 116
erase character, 775
errdemon daemon (AIX), 108
ESMTP (see SMTP)
espionage, 333
/etc directory, 68
/etc/adduser.conf configuration file (FreeBSD), 261
/etc/adduser.message configuration file (FreeBSD), 261
/etc/aliases configuration file, 526
files referenced in, 528
mailing lists in, 528
/etc/auth directory, 71
/etc/binlog.conf configuration file (Tru64), 110
/etc/bootptab configuration file (HP-UX), 465
/etc/cron.* directories (Linux), 100
/etc/cron.allow, 100
/etc/cron.deny configuration files, 100
/etc/cups/cupsd.conf configuration file, 876
/etc/default directory, 69
Solaris, 162-163
/etc/default/dhcpagent configuration file (Solaris), 212
/etc/default/login configuration file (Solaris), 252
/etc/default/passwd configuration file (Solaris), 297
/etc/defaultrouter configuration file (Solaris), 219
/etc/default/su configuration file (Solaris), 8
/etc/default/sulogin configuration file (Solaris), 133
/etc/default/tar configuration file, 728
/etc/dfs/dfstab configuration file (Solaris), 700
/etc/dhclient.conf configuration file
FreeBSD, 210
ISC DHCP, 210
/etc/dhcpcd.ini configuration file (AIX), 209
/etc/dhcpd.conf configuration file, 461
/etc/dhcprs.cnf configuration file (AIX), 461
/etc/dhcpsd.cnf configuration file (AIX), 459
/etc/dhcptab configuration file (HP-UX), 464
/etc/dialups configuration file, 343
/etc/d_passwd configuration file, 343
/etc/dumpdates configuration file, 732
/etc/environment configuration file (AIX), 247
/etc/exports configuration file, 698
/etc/filesystems configuration file (AIX), 629
NFS entries, 698
quotas and, 1014
/etc/fstab configuration file, 626-628
NFS entries, 696-697
paging spaces in, 997
quotas and, 1013
SMB filesystem entries, 706
/etc/gated.conf configuration file, 456
/etc/gateways configuration file, 455
/etc/gettydefs configuration file, 786
/etc/gettytab configuration file (FreeBSD), 784
/etc/group configuration file, 223, 229
/etc/gshadow configuration file (Linux), 223, 232
/etc/host.conf configuration file (FreeBSD), 215
/etc/hostname.* configuration files (Solaris), 206
/etc/hosts configuration file, 213
Solaris version, 214
/etc/hosts.allow configuration files, 378
/etc/hosts.deny, 378
/etc/hosts.equiv configuration file, 375
/etc/ifhp.conf configuration file, 871
/etc/inetd.conf configuration file, 378-379
/etc/inet/netmasks configuration file (Solaris), 204
/etc/init.d directory, 68
/etc/inittab configuration file, 156
power failure entries, 175
serial line entries, 785
/etc/issue configuration file, 14, 307
/etc/join/client.pcy configuration file (Tru64), 212
/etc/join/dhcpcap configuration file (Tru64), 467
/etc/join/nets configuration file (Tru64), 467
/etc/join/server.pcy configuration file (Tru64), 467
/etc/login.access configuration file (FreeBSD), 250
/etc/login.conf configuration file (FreeBSD), 250, 294
/etc/login.defs configuration file (Linux), 252, 293, 296
/etc/logingroup configuration file (HP-UX), 233
/etc/logrotate.conf configuration file (Linux), 114
/etc/lpd.conf configuration file, 867
/etc/lpd.perms configuration file, 867, 872-874
/etc/mail directory, 545
/etc/mail/local-host-names configuration file, 550, 556
/etc/mail.rc configuration file, 533
/etc/manpath.config configuration file (Linux), 75
/etc/master.passwd configuration file (FreeBSD), 226-227, 289
/etc/modules.conf configuration file (Linux), 1045
/etc/motd configuration file, 14, 307
/etc/named.conf configuration file, 423
options list, 426-427
/etc/netsvc.conf configuration file (AIX), 216
/etc/newsyslog.conf configuration file (FreeBSD), 113
/etc/nodename configuration file (Solaris), 206
/etc/nologin configuration file, 305
/etc/nsswitch.conf configuration file, 215
OpenLDAP and, 321
/etc/ntp.conf configuration file, 471
/etc/ntp.keys configuration file, 472
/etc/objrepos directory (AIX), 70
/etc/openldap directory, 314
/etc/openldap/ldap.conf configuration file, 322
/etc/openldap/schema directory, 316
/etc/openldap/slapd.conf configuration file, 316-317
/etc/opieaccess configuration file, 342
/etc/pam.conf configuration file, 303
/etc/pam.d directory, 302
/etc/passwd configuration file, 223
/etc/periodic/security directory (FreeBSD), 339
/etc/postfix directory, 583
/etc/printcap configuration file, 821-823
accounting and, 1066
LPRng version, 867-870
/etc/printers.conf configuration file (Solaris), 842
/etc/procmailrc configuration file, 601
/etc/profile file, 246
example, 247
/etc/profile.d directory (Red Hat Linux), 247
/etc/project configuration file (Solaris), 1063
/etc/protocols configuration file, 189
/etc/qconfig configuration file (AIX), 849, 852, 854
accounting and, 1066
/etc/raidtab configuration file (Linux), 683
/etc/rc.conf configuration file (FreeBSD), 163
/etc/rc.config configuration file
SuSE Linux 7, 163
Tru64, 133, 163
/etc/rc.config.d directory (HP-UX), 163
/etc/rc.config.d/netconf configuration file (HP-UX), 205
/etc/rc*.d directories, 68
/etc/resolv.conf configuration file, 214
DNS performance and, 1020
/etc/rmmount.conf configuration file (Solaris), 694
/etc/rmtab configuration file, 700
/etc/rndc.conf configuration file, 450
/etc/routes configuration file (Tru64), 219
/etc/saf/_sactab configuration file (Solaris), 789
/etc/sanitizer.cfg configuration file, 610
/etc/securetty configuration file, 309
/etc/security directory
AIX, 70, 242
PAM, 303
/etc/security/auth_attr configuration file (Solaris), 370
/etc/security/environ configuration file (AIX), 245
/etc/security/exec_attr configuration file (Solaris), 372
/etc/security/group configuration file (AIX), 249
/etc/security/limits configuration file (AIX), 249-250, 960
/etc/security/login.cfg configuration file (AIX), 224, 249-250, 344
/etc/security/passwd configuration file (AIX), 226
/etc/security/prof_attr configuration file (Solaris), 370
/etc/security/roles configuration file (AIX), 368
/etc/security/user configuration file (AIX), 249, 289, 345
/etc/security/user.roles configuration file (AIX), 369
/etc/services configuration file, 189
/etc/shadow configuration file, 223, 225
/etc/shells configuration file, 224, 238
electronic mail and, 529
/etc/shutdown.allow configuration file (HP-UX and Linux), 171-172
/etc/skel directory, 242
/etc/SnmpAgent.d/snmpd.conf configuration file (HP-UX), 497
/etc/snmp/conf configuration file (Solaris), 497
/etc/snmpd.conf configuration file (AIX), 498
/etc/snmpd.conf configuration file (Tru64), 499
/etc/ssh/sshd_config configuration file, 377
/etc/sudoers configuration file, 10
/etc/svc.conf configuration file (Tru64), 216
/etc/swapspaces configuration file (AIX), 630, 998
/etc/sysconfig directory (Linux), 163
/etc/sysconfigtab configuration file (Tru64), 628
/etc/sysctl.conf configuration file (FreeBSD), 990
/etc/syslog.conf configuration file, 102
cron and, 95
/etc/system configuration file (Solaris), 896, 1046
/etc/termcap configuration file, 769
/etc/ttydefs configuration file (Solaris), 792
/etc/ttys configuration file (FreeBSD), 132, 782, 796
/etc/usbd.conf configuration file (FreeBSD), 809
/etc/user_attr configuration file (Solaris), 372
/etc/vfstab configuration file (Solaris), 629
NFS entries, 696
paging spaces in, 997
/etc/vold.conf configuration file (Solaris), 693
/etc/xinetd configuration file, 380
Ethernet, 182, 185
cable connectors, 182
media characteristics, 183
ethics, 383, 532
EUID (effective user ID), 56, 351
event auditing, 412-413
exclusions, DHCP, 458
exec, fork and, 57
Expect, 911-919
examples, 474
experimenter effect, 950
expiration of user accounts, 289
exportfs command, 700
exporting filesystems, 698, 703
EXPOSED_USER macro, 551
ext3 filesystem (Linux), 649
extended permissions (AIX), 354
extendvg command (AIX), 665
extents, 658
F[ Top ]
facilities (syslog), 102
fake shutdowns, 172
Farmer, Dan, 374, 401, 403
Fast File System (FFS), 618
soft updates, 619-620
fastpaths in SMIT (AIX), 19
fax2ps command, 803
faxaddmodem command, 799
faxadduser command, 806
faxalter command, 803
faxcron command, 800
faxdeluser command, 806
faxes (see HylaFAX)
faxgetty daemon, 800
faxinfo command, 803
faxqclean command, 800
faxrm command, 802
FAXSERVER environment variable, 801
faxsetup command, 799
faxstat command, 802
fbackup command (HP-UX), 734
fdformat command (Solaris), 690
fdisk command
DOS, 1043
FreeBSD, 645
Linux, 896
FEATURE macros, 549
access_db, 562
allmasquerade, 551
always_add_domain, 557
blacklist_recipients, 562
dnsbl, 562
generics_entire_domain, 557
genericstable, 556
ldap_routing, 557
local_lmtp, 553
masquerade_envelope, 551
msp, 568
nocanonify, 554
nullclient, 555
redirect, 558
relay_entire_domain, 554
smrsh, 553
summary table, 576-578
use_cw_file, 550
virtusertable, 559
fetchmail package, 596-598
authentication, 597
configuration file, 598
configuring, 597
security, 597
syslog and, 597
.fetchmailrc configuration file, 598
fiber optic cable, 182-183
FIFOs, 52
file command, 53
file locking bit, 43
files, 33-53
access, 37
accounting, 1050, 1058
backing up, 113
boot scripts, 131
checksums, computing, 397
commands, relation to, 59
core, 960
deleting unusual, 87
DHCP leases, 208
font, 879
group, 223
group owner, 33
identifying types, 52
include, 71
inodes, 46
links, 48
locating, 79
log, 73, 112, 1011
modes, 36-37, 42-43
monitoring log, 114
named pipes, 52
open, 625
ownership, 33
paging, 998
password, 223, 234
PostScript, 817
protection, 36, 39, 348
rotating log, 114
shadow password, 223
skeleton initialization, 242
sockets, 51
special, 47, 65
static routes, 218-219
symbolic links, 48
systemwide login initialization, 246
types, 52
user account initialization, 241
user owner, 33
(see also configuration files)
filesystem paging, 998
filesystems, 141
administering, 616
backing up system, 759-760
backups of, 731
filesystems
configuration file, 626
default types, 620-621
expanding, 647, 651, 653, 678
exporting, 698, 703
ext3 (Linux), 649
fragmentation of, 1005
history, 617-619
inodes, 46
integrity, 172, 631-632, 634
journaled, 619
managing space in, 112
managing usage levels, 1009-1016
memory data cache, 987
monitoring, 394
mounting, 70
mounting and dismounting, 621-623
mounting remote, 696-697
NFS options, 697
open files and, 625
options, 627, 697
partitions and, 61
preparing during boot, 141
/proc, 956-958
quotas, 146, 1012-1016
rebuilding, 656
Reiser (Linux), 652
remote, 694
root, 33, 68
Samba and, 705
sharing, 694
SMB, 705
types, 617
filters, printing, 824
find command, 79
locating wasted disk space with, 1011
setuid/setgid files, locating, 396
firewalls, 383-386
configurations, 385
packet filtering and, 385
firmware, 128
password, 133
fixit floppy (FreeBSD), 762
flexibility, 78
floppy disks, 688-691
DOS format, 689
special files, 688
flow control, 777
Fontmap configuration file, 882
fonts
adding, 881
attributes, 880
displaying, 883
families, 878
managing, 878-884
overview of, 878
printing support, 882
types, 879
forced password changes, 282
forced perfect termination, 642
foreground processes, 53
fork and exec, 57
formail utility, 605
format command (Solaris), 653-654
.forward files, 529
procmail and, 600
protection requirements, 530
forwarders, DNS, 419, 436
forwarding, mail, 529
to files, 530
to programs, 530
shells and, 530
forward-only name servers, DNS, 419
foundry, 880
4 mm digital audio tape (DAT), 717
frames, 187
frecover command (HP-UX), 741, 744
free command (Linux), 982
FreeBSD
accounting, 1052
ACLs, 359
adding disks, 644
boot loader, 1029
booting, 134
buffer cache, 991
classes, 250, 261
cron enhancements, 93
DHCP, 210, 461
Dynamic DNS updates, 463
/etc/periodic/security directory, 339
filesystem types, 620
fixit floppy, 762
floppy disk, 690
kernel, building, 1026-1028
kernel location, 129
kernel parameters, tuning, 990, 1028
LDAP support, 314
logical volume manager, 684
LPD spooling system, 827
memory, as data cache, 991
mirrored volumes, 686
modules, kernel, 1029
network interface names, 203
newsyslog facility, 113
NTP, 473
package management, 116
PAM modules, 311
password controls, 289-290
password triviality checking, 294
periodic package, 90, 97
plexes, 684
ports, 120
RAID 5 volumes, 687
routing, 455
security facilities, 339
single-user mode password, 132
slices, 645
smbfs filesystem, 705
software archives, 126
source code directory, 73
static routes, 218
striped volumes, 686
subdisks, 684
syslog enhancements, 104
TCP/IP parameters, 1019
tuning tools, 950
USB devices, 808, 810
user account controls, 250
user-private groups, 231
/usr/share/skel directory, 242
Vinum Volume Manager, 684
virtual memory manager, 990-991
FreeBSD commands
adduser, 260
boot0cfg, 1029
cap_mkdb, 251
chpass, 254, 262, 282, 290
disklabel, 645, 685
fdisk, 645
from, 615
fstat, 626
growfs, 647
kldstat, 1029
lptcontrol, 827
lsof, 625
newfs, 646
pkg_add, 116
pkg_delete, 117
pkg_info, 116
pstat, 896, 996
rmuser, 262
sysctl, 896, 990, 1019, 1029
sysinstall, 25
tunefs, 646
usbdevs, 809
user account, 260-262
vinum, 685-687
vnconfig, 999
FreeBSD configuration files
/boot/loader.conf, 1029
/etc/adduser.conf, 261
/etc/adduser.message, 261
/etc/dhclient, 210
/etc/gettytab, 784
/etc/host.conf, 215
/etc/login.access, 250
/etc/login.conf, 250, 294
/etc/master.passwd, 226-227, 289
/etc/newsyslog.conf, 113
/etc/rc.conf, 163
/etc/sysctl.conf, 990
/etc/tty, 132
/etc/ttys, 782
/etc/usbd.conf, 809
network interface, 205
from command, 615
fsck command, 141, 631-632, 634
/etc/fstab and, 627
security uses, 398
fsdb utility, 398
fstat command (FreeBSD), 626
full backups, 711
funniest UNIX book I've read, 1023
fuser command, 625
fverify command (Tru64), 116
G[ Top ]
g(roup) access, 38, 44
games, 334
Ganger, Gregory, 619
Gant, Brandon, 516
gated daemon, 455
gateways, 182, 216, 218
gcc compiler, 124
GECOS password file field, 224
passwords and, 292
Gélinas, Jacques, 22
$GENERATE directive, DNS, 435
generic top-level domains, 415
GENERICS_DOMAIN_FILE macro, 556
generics_entire_domain sendmail feature, 557
genericstable sendmail feature, 556
getacl command (Tru64), 361
getdev command (Solaris), 896
getent command, 322
getfacl command
Linux, 361
Solaris, 361
getty daemons, 785
faxgetty, 800
mgetty (Linux), 787
gfontview command, 883
Ghostscript facility, 882
font naming requirements, 883
Fontmap configuration file, 882
GID, 222, 224, 229
0, 8, 235
effective, 57, 351
real, 57
gimp graphics editing package, 817
glue records, DNS, 434
gnopm command (Linux), 117
GNU emacs, 87
GnuPG (Gnu Privacy Guard), 363, 366
good passwords, 277, 279
gpasswd command (Linux), 260
gpg command, 364-365
gq command, 328
Grand Unified Bootloader (see grub boot loader)
Greenwich Mean Time (GMT), 470
grep command, 76
grepmail package, 615
groff package (GNU), 942
group ID (see GID)
group sets, 233
ACLs and (AIX), 355
groupadd command, 259
groupmod command, 259
groups, 222
administrators, 232, 249, 260
defining, 229
disk quotas for, 1016
dynamic membership, 231
effective use, 236
/etc/group file, 223
file ownership and, 34
GID 0, 8
maximum per user, 230
members of, 230, 233
names, 229
passwords, 229
primary, 231
shadow file (Linux), 223, 232
standard, 235
system, 235
user-private, 230-231
wheel, 8
groups command, 231
growfs command (FreeBSD), 647
grpck command (AIX), 392
grub boot loader, 133, 136
FreeBSD, 1041
Linux, 1040-1042
Windows 2000, 1041
grub-install command, 1042
GUI administration tools, 15
Guttman, Uri, 932
gv command, 817
H[ Top ]
habits, 4, 333, 401, 813
hackers, 330
handling crises, 4
handling security breaches, 405
handshaking, 778
hard links, 48
hardening, 387-391
SuSE Linux, 339
hardware
boot problems and, 176
error messages, 107, 110
incompatibilities, 178
network adapters, 182
hardware error messages, 110
having fun, 1023
help, 74
hierarchical directory structure, 33
history lists, password, 295
home directories, 224, 241
ownership, 248
PAM, creating with, 308
permissions on, 350
removing, 255, 259
sharing with Samba, 704
/home directory, 70
Hoover, Clyde, 294
horrors, 807
host level equivalence, 376
hostname command, 190
hostnames, 193
absolute (DNS), 429
aliases, 214
DNS aliases, 429
file specified in, 205
hoststat command, 569
HP-UX
accounting, 1058
ACLs, 357
booting, 135
buffer cache, 992
bundles, 119
DHCP, 211, 464
dialup passwords, 343
Dynamic DNS updates, 465
/etc/rc.config.d directory, 163
filesystem types, 620
hardware error messages, 110
Ignite-UX package, 763
kernel, building, 1031-1033
kernel location, 129
kernel parameters, tuning, 991
memory, as data cache, 992
mirrored volumes, 672
network interface name, 203
package management, 116, 119
PAM modules, 311
password controls, 289-290
password history lists, 296
printing features, 845
products, 119
protected password database, 227
routing, 455, 457
security facilities, 339
serial lines, 797
shutdown access control, 171
SNMP, 496
software archives, 126
static routes, 218
striped volumes, 672
subproducts, 119
system volume group (vg00), 669
TCP/IP parameters, 1019
tuning tools, 950
USB devices, 807
user account controls, 253
user account exclusion file, 267
/var/adm/crash directory, 144
virtual memory manager, 991-992
HP-UX commands
chacl, 358
fbackup, 734
floppy disk, 689
frecover, 741, 744
from, 615
ioscan, 896
kmtune, 991
kmupdate, 1031
lanscan, 184
logical volume manager, 670-672
lpalt, 837
lpana, 845
lpfence, 837
lsacl, 357
lvcreate, 670
lvdisplay, 672
lvlnboot, 671
make_recovery, 763
mk_kernel, 1031
nettl, 484
newfs, 671
prpwd, 228
pvcreate, 670
pvdisplay, 672
sam, 20
savecrash, 144
swapinfo, 896, 996
swinstall, 116
swlist, 116
swremove, 116
sysdef, 1033
system_prep, 896, 1031
vgcreate, 670
vgdisplay, 672
vgextend, 670
xstm, 110
HP-UX configuration files
/etc/bootptab, 465
/etc/dhcptab, 464
/etc/logingroup, 233
/etc/rc.config.d/netconf, 205
/etc/shutdown.allow, 171
/etc/SnmpAgent.d/snmpd.conf, 497
/stand/build/system, 1031
hubs, 200
.hushlogin file, 252
HylaFAX, 799-807
access control, 806
commands, 799-803, 806
configuration files, 805-806
enabling, 800
faxgetty, 800
managing faxes, 802
routing faxes to recipients, 803
sendmail and, 552
spool directories, 799
hysteria, 176
I[ Top ]
IBM, Thomas J. Watson Research Center, 579
ICMP messages, 480
id command, 232
IDE disks, 639
identifying file types, 52
ifconfig command, 184, 203-204
boot-time arguments for, 205
Solaris versions, 204
ifhp filter, 871
IMAP, 537-539
Cyrus, 539
daemons, 538
securing, 542
user agents and, 541
user authentication, 539
inactivation, of user accounts, 289
in-addr.arpa domain, 418
include files, 71
acct.h, 1051
DNS, 427
/etc/aliases, 528
signal.h, 962
incremental backups, 712
inetd daemon, 148, 377
disabling subdaemons, 381
ingenuity, 78
init daemon
inittab configuration file, 156
signalling, 153
zombie process cleanup, 963
init process, 130, 140
initialization files
customizing systemwide, 247
desktop, 245
examples, 242
login, 242
skeleton, 242
systemwide, 246
user account, 241
X Windows, 245
inodes, 46
backups by, 731
monitoring, 397
unreferenced, 632
input bounds checking, 331
insmod command (Linux), 1045
installp command (AIX), 116
INT signal, 963
integrity checking, filesystem, 631
interacting with users, 4
interactive processes, 53
interfaces (network), common names for, 148
interleaving, 279
International Atomic Time (TAI), 470
Internet
NTP servers, 470
passwords and, 285
software archives, 126
Internet Assigned Numbers Authority (IANA), 488
Internet Message Access Protocol (see IMAP)
Internet Printing Protocol (IPP), 874
Internet protocol (IP), 188
Internet Software Consortium (ISC)
DHCP, 210, 461
DNS, 420
interprocess communication, 52
intruders, 413
investigating security problems, 406-413
ioscan command (HP-UX), 896
iostat command, 1001
IP addresses, 193
assigning with DHCP, 206
IPv6 format, 198, 429
mappings to hostnames, DNS, 428
multicast, 194
reserved ranges of, 195
IP spoofing, 373, 384
ipcalc.pl script, 198
IPL (initial program load), 127
ipreport command (AIX), 484
iptrace command (AIX), 484
IPv6 host addresses, 198
J[ Top ]
Jacobson, Van, 480-481
jail package (FreeBSD), 89
jails, chroot, 88
Jaz drives, 720
jitter, 469
job control, 53
john package, 297
John the Ripper (see john package)
journaled filesystems, 619
Journaling versus Soft Updates, 619
jove editor, 125
jukeboxes, 721
K[ Top ]
K files, 160
kcmdhcpd package, 463
KDE
ksysv command, 167
memory usage utility, 982
system administration tools, 26
user manager, 270
keeping, 374
Kerberos, 345-348
OpenLDAP and, 326
overview, 345
PAM and, 307
tickets, 348
time synchronization and, 469
kernel
build directories, 1026
building, 1024-1047
configuring, 1024-1047
functions of, 1024
listing parameters, 896
locations, 129
modularized, 1024
modules, 1024, 1029, 1036, 1044-1046
names of, 129
/kernel directory (Solaris), 70
key rings, 365
keyboard shifting, 280
keys, encryption
DNS, 443
public/private pairs, 363
kill command, 962
KILL signal, 963
killall command, 962
Kipling, 176
kldstat command (FreeBSD), 1029
Klingon, 278
kludges, 282, 907
Kmoch, David, 511
kmtune command (HP-UX), 991
kmupdate command (HP-UX), 1031
Knaff, Alain, 690
knowing what normal is, 391, 946
Kolstad, Rob, 1069
Kona coffee, 1071
Korn shell, 241, 244
.kshrc file, 241
kstat command (Solaris), 993
ksysguard command, 982
ksysv command (Linux), 167
kuser command, 270
L[ Top ]
Lamm, Holger, 536
LAN (local area network), 180
lanscan command (HP-UX), 184
last command, 409-410
lastcomm command, 409-411
layers, networking, 186
laziness, 886
LDAP, 313-328
attributes, 315
daemons, 314
data interchange format, 315
distinguished name, 315
email-related attributes, 558
entries, 315
LDIF, 315, 317
objectClass attribute, 315
Postfix and, 588
records, 315
schemas, 316
searching, 318
sendmail and, 557
terminology, 314-315
(see also OpenLDAP)
LDAP data interchange format (see LDIF)
ldapadd command, 318
LDAPMAP macro, 557
LDAP_ROUTE_DOMAIN macro, 557
ldap_routing sendmail feature, 557
ldapsearch command, 318
LDIF, 315, 317
leap seconds, 470
leases (DHCP), 207
files listing current, 208, 459
LeFebvre, William, 956
Leffler, Sam, 799
Leres, Craig, 481
/lib directory, 70
Libes, Don, 911
libpam_unix module (HP-UX), 312
libpam_updbe module (HP-UX), 312
libraries, media, 721
Lightweight Directory Access Protocol (see LDAP)
lilo boot loader (Linux), 136, 1036-1040
password, 133
Windows 2000 partitions and, 1038
lilo.conf configuration file (Linux), 1037-1040
limit command, 959
lines of defense, 336
links, 48
context-dependent symbolic (Tru64), 50
link-state routing algorithms, 453
Linux
accounting, 1052
ACLs, 359
adding disks, 647
Alpha, 1043
Alpha Linux, 136
boot floppy, 764
boot scripts, 164
booting, 136
buffer cache, 992
cron enhancements, 93
desktop selection, 245-246
DHCP, 211, 461
disk I/O, 1006
disk striping, 683
Dynamic DNS updates, 463
/etc/sysconfig directory, 163
filesystem types, 620
group administrators, 260
kernel, building, 1033-1036
kernel location, 129
kernel parameters, tuning, 992
LDAP support, 314
lilo boot loader, 136, 1036-1040
logical volume manager, 680
logrotate package, 114
LPD spooling system, 829
MD5 passwords, 311
memory, as data cache, 992
mirroring, 683
modules, kernel, 1036, 1044-1045
multiple mounts, 623
network interface name, 203
NFS, 700
package management, 116
PAM modules, 306-311
password controls, 289-290
password triviality checking, 293
RAID facility, 683
rescue disk, 764
routing, 455
sendmail and, 547
shutdown access control, 172
single-user mode password, 133
smbfs filesystem, 705
software archives, 126
source code directory, 73
static routes, 218
sulogin utility, 133
syslinux, booting with, 1042
syslog enhancements, 104
TCP/IP parameters, 1019
tuning tools, 950
USB devices, 810-811
user account controls, 252
user-private groups, 230
virtual memory manager, 992-993
Linux commands
cfdisk, 648
chage, 282, 289-290
depmod, 1045
e2fsadmin, 682
fdisk, 896
floppy disk, 690
free, 982
getfacl, 361
gnorpm, 117
gpasswd, 260
insmod, 1045
ksysv, 167
logical volume manager, 681
lsmod, 1044
lsusb, 810
lvcreate, 682
make xconfig, 1035
mke2fs, 682
mkfs, 649-650
mkraid, 683
mkreiserfs, 652
mkswap, 999
modinfo, 1044
modprobe, 1045
pump, 211
pvcreate, 681
raidstart, 683
raidstop, 683
resize2fs, 651
resize_reiserfs, 653
rmmod, 1045
rpm, 116
setfacl, 361
shutdown, 172-173
tune2fs, 650
usbmodules, 810
vgcreate, 682
vgscan, 681
vigr, 230
xrpm, 117
yast2 (SuSE), 24
Linux configuration files
/boot/grub/grub.conf, 1041
boot.message, 1040
DHCP, 211
/etc/exports, 700
/etc/gshadow, 223, 232
/etc/login.defs, 252, 293, 296
/etc/logrotate, 114
/etc/manpath.config, 75
/etc/modules.conf, 1045
/etc/raidtab, 683
/etc/rc.config (SuSE 7), 163
/etc/shutdown.allow, 172
lilo.conf, 1037-1040
mgetty, 787
network interface, 205
static routes, 218
Linuxconf, 22
Postfix and, 593
user account management, 267
LISA, 813, 1023, 1070
listen port monitor (Solaris), 789
little endian, 741
ln command, 48
load averages, 951
load balancing, 55
local area network (LAN), 180
local_lmtp sendmail feature, 553
LOCAL_MAILER macros, 553
LOCAL_RELAY macro, 556
lockd daemon, 695
locking user accounts, 254
logger command, 107
logging
Amanda, 756
backing up log files, 113
boot process, 139
cron, 91, 95
directory, log, 73
disk usage and, 1011
DNS, 426, 448-449
errors, 108
fetchmail, 597
firewalls and, 385
logins, most recent, 307
managing files, 112
monitoring log files, 114
Postfix, 595
procmail, 613
rotating files, 112-114
sendmail, 546, 571-572
su command, 104, 409
sudo package, 12
system message file, 101
TCP Wrappers and, 379
logical volume managers (see LVM)
logical volumes, 657
.login files, 241
example, 243
login controls, 248
login initialization files, 242
login shells, 224, 238
allowed list of, 224, 238
restricted, 239
logins
allowed hosts (OpenLDAP and PAM), 323
allowed locations, 248, 250, 309
allowed times, 248, 253, 309-310
.logout files, 241
logrotate package (Linux), 114
loopback interface, 185, 203
/lost+found directory, 70
low-level formatting, disk, 637
lp command, 830
lpadmin command, 831, 835-838, 840, 843-844
lpalt command (HP-UX), 837, 845
lpana command (HP-UX), 845
lpc command, 819-820
LPRng, 865
lpd daemon, 821
LPD spooling system, 818-829
access control, 824
adding printers, 826-827
configuring queues, 821
daemon, 821
filters, 824
managing jobs, 818-819
managing queues, 819-820
remote printing, 826
spool directories, 824
user commands, 818
variations of, 827
LPDEST environment variable, 831
lpfence command (HP-UX), 837
lpget command (Solaris), 842
lpmove command, 833
lpq command, 818
lpr command, 818
lprm command, 818
LPRng, 864-874
access control, 872
accounting, 1068
LPRng
classes, printer, 866
configuration files, 867-870
converting to, 865
filters, 870
global settings, 871
lpc enhancements, 865
lpr enhancements, 864
printer pools, 870
priorities, 866
user commands, 864
lprsetup command (Tru64), 828
lpsched daemon, 834
lpset command (Solaris), 842
lpstat command, 830-831
lptcontrol command (FreeBSD), 827
lptest command, 817
lpusers command (Solaris), 838
ls command, 34, 49, 52
lsacl command (HP-UX), 357
lsattr command (AIX), 725, 1047
lsdev command (AIX), 664, 856
lsfs command (AIX), 668
lslpp command (AIX), 116
lslv command (AIX), 668
lsmod command (Linux), 1044
lsof command (FreeBSD), 625
lsps command (AIX), 896, 996
lspv command (AIX), 668, 896
lssrc command (AIX), 475
lsusb command (Linux), 810
lsuser command (AIX), 8, 290
lsvg command (AIX), 663, 668
lsvirprt command (AIX), 855
LUSER_RELAY macro, 561
lvcreate command (HP-UX), 670
lvcreate command (Linux), 682
read-ahead and, 1006
lvdisplay command (HP-UX), 672
lvlnboot command (HP-UX), 671
LVM, 657-688
mirroring, 661
RAID and, 661
striped volumes, 660
terminology, 659
M[ Top ]
m4 command, 550
m4 macro facility, 106, 547-548
dnl, 548
MAC address, 184
determining, 184
Macintosh, 780
macros, sendmail
confCON_EXPENSIVE, 571
confDEF_USER_ID, 565
confHOST_STATUS_DIRECTORY, 569
confMAX_DAEMON_CHILDREN, 570
confMAX_MESSAGE_SIZE, 571
confMIN_FREE_BLOCKS, 571
confMIN_QUEUE_AGE, 571
confPRIVACY_FLAGS, 566
confQUEUE_LA, 571
confREFUSE_LA, 571
confSAFE_FILE_ENV, 554
confSERVICE_SWITCH_FILE, 560
confTO_parameter, 571
CONNECTION_RATE_THROTTLE, 570
define, 549
DOMAIN, 549
EXPOSED_USER, 551
FEATURE, 549
GENERICS_DOMAIN_FILE, 556
LDAPMAP, 557
LDAP_ROUTE_DOMAIN, 557
LOCAL_MAILER, 553
LOCAL_RELAY, 556
LUSER_RELAY, 561
MAILER, 549, 551
mailer_MAILER_MAX, 571
MAIL_HUB, 556
MASQUERADE_AS, 551
MASQUERADE_EXCEPTION, 551
MODIFY_MAILER_FLAGS, 554
OSTYPE, 549
QUEUE_DIR, 570
RELAY_DOMAIN, 561
RELAY_DOMAIN_FILE, 561
relaying, 555
SMART_HOST, 555
summary table, 576-578
undefine, 549
VIRTUSER_DOMAIN_FILE, 559
(see also FEATURE macros)
magnetic tape, 717
magneto-optical disks, 719
Mail Abuse Prevention System (MAPS), 562
mail exchange (MX) records, DNS, 429, 525-526
wildcards in, 433
mail hub configuration, 550, 555
mail (see electronic mail)
mail submission agents, 532
MAILER macro, 549
MAILER_* macros, 551
mailer_MAILER_MAX macro, 571
MAIL_HUB macro, 556
mailing lists, 528
security alert, 374
mail.local program, sendmail, 553
mailstats command, 569
maintenance mode, 131
maintenance, sendmail, 569
major numbers, for special files, 61
make xconfig command (Linux), 1035
MAKEDEV command, 644
makemap command, 556
make_recovery command (HP-UX), 763
makewhat command (Solaris), 76
makewhatis command, 76
Mammoth-2 tape, 718
man command, 74
configuration files, 75-76
section search order, 75
man pages
directory tree, 72
example source for, 942
index, creating, 76
printing, 944
sections, 72
writing, 942-944
Management Information Bases (see MIBs)
managing packages, 115-121
Manilow, Barry, 280
MASQUERADE_AS macro, 551
masquerade_envelope sendmail feature, 551
MASQUERADE_EXCEPTION macro, 551
masquerading, mail
Postfix, 585
sendmail, 551
master name servers, DNS, 419
configuring, 424
master password file (FreeBSD), 227
Matzigkeit, Gordon, 1040
maximum transmission unit (MTU), 188
MBR, restoring DOS, 1043
McCanne, Steven, 481
McDonald, Dan, 341
McGough, Nancy, 614
McKusick, Marshall Kirk, 619
MD5 passwords, 311
md5sum command (GNU), 398
Media Access Control (MAC) address, 184
media for backups, 717-723
capacities of, 722
comparing types, 722
cost, 722
lifetimes, 721-722
security of, 337
media libraries, 721
memory resources
data cache use, 987
determining amount of, 982
managing, 978, 987-995
page size, 982
recognizing shortages, 985-986
menu-based administration tools, 15
mesg command, 13
message of the day, 14
message stores, mail, 522
messages
boot, 138-139
disabling, 13, 252
hardware error, 107, 110
login, 14
pre-login, 14
suppressing, 252
system, 101
messages (network data unit), 187
metadata, 46, 70, 141, 619
update performance in file systems, 619
metadb command (Solaris), 677
metainit command (Solaris), 677
metaparam command (Solaris), 678
metareplace command (Solaris), 679
metattach command (Solaris), 678
Metz, Craig, 341
mgetty daemon (Linux), 787
mh package, 533
MIBs, 486
enterprise numbers, 488, 490
files, 489
MIB II, 486
RMON, 488
searching, 490
mice, USB, 808
migrate_passwd.pl script (OpenLDAP), 321
Mills, David L., 469
minimal routing, 453
minimum privilege, 352
minor numbers, for special files, 61
mirrored volumes, 661
mirrorvg command (AIX), 669
misspelling, 279
mistakes, common, 432-433
mkdir command, 84
mke2fs command (Linux), 682
mkfile command (Solaris), 999
mkfs command (Linux), 649-650
mkgroup command (AIX), 264
mk_kernel command (HP-UX), 1031
mklv command (AIX), 665, 669
mknod command, 643-644
mkpsmkps command (AIX), 1000
mkraid command (Linux), 683
mkreiserfs command (Linux), 652
mksmbpasswd.sh script (Samba), 705
mkswap command (Linux), 999
mksysb command (AIX), 760
mktcpip command (AIX), 205
mkuser command (AIX), 262-264
mkvg command (AIX), 664
/mnt directory, 70
modes, file, 36-37
default, 42
numeric, 42
octal, 42, 44
special purpose, 43
modifying configuration files, 5
modifying user accounts, 258
MODIFY_MAILER_FLAGS macro, 554
modinfo command
Linux, 1044
Solaris, 1046
modprobe command (Linux), 1045
modules, kernel, 1024
FreeBSD, 1029
Linux, 1036, 1044-1045
Solaris, 1046
modutils package (Linux), 1044
monitoring
accounting system and, 409
automating, 399
checksums, 397
CPU resources, 966-968
disk I/O, 1001
disk space usage, 1008-1009
filesystem, 394
graphs, 513-516
historical data, 512
inodes, 397
log files, 114
memory resources, 981-986
modification times, 397
network, 476-520
network performance, 1017
password file, 391-392, 394
Postfix, 594-595
processes, 951-963
restrospective data, 512
security, 391-413
sendmail, 568-570
setuid/setgid files, 396
vulnerability scanning, 401-405
Moore, James, 518
mount command, 624, 630, 698
mountd daemon, 696
mounting filesystems, 621-623
automatic, 630
remote, 696-697
mpage command, 817
msp sendmail feature, 568
mt command, 735
mtools package, 690
MTU (maximum transmission unit), 188
multicast addresses, 194
multiple access, 186
Multi-Router Traffic Grapher (MRTG), 512
multiuser mode, 130
mutt package, 532, 534
POP and IMAP with, 540
MVS, 32
MX records (see mail exchange records)
N[ Top ]
naivete, 334, 346
name resolution, 212
name server (NS) records, DNS, 428
name servers, DNS, 418
caching-only, 419
distribution, 419
forwarders, 419, 436
forward-only, 419
master, 419
primary, 419
secondary, 419
slave, 419, 437
stealth, 419
stub, 419
name service switch file, 215
named daemon, 417, 422-451
controlling, 450
securing, 447
named pipes, 52
NAT (network address translation), 195
National Health Service (Scotland), 416
ndc command, 450
ndd command, 1019
negative query cache lifetime, DNS, 430
Nessus package, 405
net use command (Windows 2000), 703
NetSaint package, 503-511
access control, 511
alerts, 511
components, 505
configuration files, 506
configuring, 506-511
daemon, 503
prerequisites, 503
services, 509
status maps utility, 511
Net-SNMP package, 488
access control, 495-496
client utilities, 490
configuration files, 494
trap daemon, 496
netstat command, 217, 1017
nettl command (HP-UX), 484
network address translation (NAT), 195
network addresses, reserved, 195
Network File System (see NFS)
Network Information Service (NIS), 328
Network Management Station (NMS), 485
network segment, 184
Network Time Protocol (see NTP)
network-based attacks, 373
networking
acknowledgments, 192
adapters, 184
backups and, 744
boot activities for, 148
collision rates, 477
configuring new hosts, 202
connectionless communication, 188
connectivity testing, 219, 480
daemons, 189
data unit names, 187
fragmentation, 188
hardware, 200
interface configuration, 205
interface names, 148, 203
layers, 186
management tools, 500
maximum cable lengths, 184
media, 182
monitoring, 327, 476-520
OSI reference model, 186
performance, 1017-1023
physical media, 182
ports, 189
protocols, 186
scripting with Stem, 932-942
security issues, 373-386
services, 189
sockets, 189
subnetting, 196
TCP/IP parameters, 1018-1019
testing, 219
time synchronization, 469
topologies, 185
traffic, 477-478
troubleshooting, 219
trust, 374
newaliases command, 528
newfs command (FreeBSD), 646
newfs command (HP-UX), 671
newfs command (Solaris), 655-656
newgrp command, 231
Linux version, 232
news media, 405
newsyslog package, 113
newtask command (Solaris), 1064
NFS, 695-702
automounter, 701-702
configuration files, 695
daemons, 148, 695
exporting filesystems, 698
hung processes and, 963
mount options, 697
mounting remote filesystems, 696-697
performance, 1020-1023
security issues, 699
TCP vs. UDP, 1022
Version 2 vs. 3, 1022
nfsd daemon, 696
nfsiod daemon, 695
nfsstat command, 1020
ngrep command, 327
nice numbers, 56, 964-965, 968, 970
Niemi, David, 690
NIS (Network Information Service), 328
Nixon, D. J., 1065
nmap package, 382
NMS (Network Management Station), 485
no command (AIX), 1019
nobody account, 235
nocanonify sendmail feature, 554
normal, recognizing, 391
npasswd command, 294-295
nroff text formatting system, 942, 944
directives, 944
nslookup command, 451
nss_ldap module, 321
ntop package, 479
NTP, 469-475
authentication, 472
clients, 471
concepts, 469
configuring, 471-473
daemon, 472
enabling, 472
huff 'n' puff filter, 471
Internet server, 470
reference clocks, 472
servers, 469, 472-473
ntpd command, 473
ntpdate command, 473
ntpdc command, 472
ntpq command, 472
Nugent, Tony, 605
nullclient sendmail feature, 555
null-modem cables, 777
numeric file modes, 42, 44
NVRAM, 128
O[ Top ]
o(ther) access, 38
Object Data Manager (AIX), 67
octal, conversion to, 42
ODM (AIX), 67
Oetiker, Tobi, 512
offsite backup storage, 715
Okuji Yoshinori, 1040
Old Admirals, 280
one-time passwords (OTP), 341-343
Open Relay Behaviour-Modification System (ORBS), 562
open relays, 561
Open Shortest Path First (OSPF) protocol, 454
Open Systems Interconnection (OSI) Reference Model, 186
OpenBSD team, 376
OpenLDAP, 314-328
access control, 323-325
configuration files, 314, 322
configuring, 317
conversion tools, 320
/etc/nsswitch file, 321
installing, 316
Kerberos and, 326
migration scripts, 321
name service switch file, 321
PAM and, 321
password file, converting, 320
prerequisites, 316
SASL and, 326
schema directory, 316
searching, 318
securing, 326
SSL and, 326
TLS and, 326
user accounts, converting, 320
user authentication via, 319-322
OpenSSH, 376
OPIE package, 341-343
configuration files, 342
PAM module, 342
opiekey command, 342
opiepasswd command, 341
/opt directory, 70
optimizating performance (see performance)
OSTYPE macro, 549
OTP (one-time passwords), 341-343
outline fonts, 879
ownership of files, 33
P[ Top ]
pac command, 1066-1067
packages, 463
Amanda, 745
anacron (Red Hat Linux), 90
Angel Network Monitor, 501
Anomy Sanitizer, 609
building from source code, 121-125
bzip2, 123
cbw, 363
Cfengine, 921
coolmail, 614
COPS, 401
crack, 299
Cricket, 517-519
elm, 532
epm, 116
Expect, 911
fetchmail, 596-598
grepmail, 615
grub, 136
HylaFAX, 799
install locations, 70-71, 73, 120
Internet archives, 126
ISC DHCP, 210
jail (FreeBSD), 89
john, 297
Linuxconf, 22
logrotate (Linux), 114
management utilities, 115
mh, 533
modutils (Linux), 1044
mtools, 690
mutt, 532, 534
NetSaint, 503-511
Net-SNMP, 488
newsyslog, 113
nmap, 382
npasswd, 294
ntop, 479
OpenLDAP, 314
OPIE, 341-343
periodic (FreeBSD), 90, 97
Perl, 899
pgp4pine, 536
pine, 534
plod, 31
Postfix, 579-596
procmail, mail filtering, 599
replacing vendor versions, 421
RRDtool, 512-516
RRGrapher, 516
Saint, 403
saintmap, 511
Samba, 703
sendmail, 542-578
Stem, 932-942
sudo, 9
swatch, 114
syslinux (Linux), 1042
system administration tools, 15
Tripwire, 399
ttmkfdir, 884
upacct, 1065
USB (Linux), 810
VNC, 29
packet filtering, 384-385
packets, 187
collecting, 484
maximum segment size, 1018
monitoring, 327
sniffers, 481-484
PADL software, 320
Paganini, Marco, 501
page faults, 979
pagesize command, 982
paging, 979-980
demand, 981
spaces, 145
undesirable, 980, 985
paging spaces, 995-1001
activating, 997-998
amount needed, 995-996
configuration files, entries for, 997-998
creating, 998
files, 998
listing, 896, 996
managing, 995-1001
page files, 995
priorities (Linux and HP-UX), 1000
removing, 1000-1001
PAM, 248, 302-313
account entries, 302
auth entries, 302
components, 302
configuration files, 302, 312
defaults, 306
entry types, 302
environment variables, setting, 307
/etc/pam.conf, 303
/etc/pam.d directory, 302
/etc/security directory, 303
examples, 303, 305
Kerberos and, 307
Linux modules, 306-311
MD5 passwords in, 311
modules, 302, 304, 306
OpenLDAP and, 321-322
optional keyword, 303
other service, 306
outcome keywords, 303
password entries, 302
required keyword, 303
requisite keyword, 303
resource limits, 307
services, 302-303
session entries, 302
sufficient keyword, 303
pam_access module, 306
pam_cleartext_pass_ok module (FreeBSD), 312
pam_cracklib module, 307, 309-310
pam_deny module, 306
pam_dial_auth module (Solaris), 312
pam_env module, 307
pam_issue module, 307
pam_krb4 module, 307
pam_krb5 module, 307
pam_lastlog module, 307
pam_ldap module, 321-322
pam_limits module, 307
pam_listfile module, 308
pam_mail module, 308
pam_mkhomedir module, 308
pam_motd module, 307
pam_nologin module, 305, 308
pam_opie module, 342
pam_permit module, 306
pam_projects module (Solaris), 312
pam_pwcheck module, 307
pam_pwdb module, 306
pam_rhosts_auth module, 305, 309
pam_roles module (Solaris), 312, 373
pam_rootok module, 304, 309
pam_securetty module, 305, 309
pam_time module, 309-310
pam_unix module, 304-306, 311
pam_warn module, 306
pam_wheel module, 304, 309
paperwork, 942
parallel ports, 816
paranoia, 330, 398
parent process, 57
parity disks, 662
partitions, 634-637
disk, 61
DOS, 691
layouts and, 635
logical volumes and, 657
security and, 388
slices, 645
special files for, 63
swap, 63, 628
pass phrases, 366
passive SCSI terminators, 642
passwd command, 240, 254, 282, 289-290
password file, 223
converting to OpenLDAP, 320
disabling user accounts via, 254
monitoring, 391-392, 394
ownership, 393
permissions, 393
security of, 234
passwords
administering, 277-302
aging defaults, 296
aging settings, 287-288
algorithm-based selection, 283
assigned, 277
assigning, 240
bad, 291
boot loader, 133
changing, 7
checking for weaknesses, 291
controls, 287
cracking, 280, 291, 297-302
dialup, 343
disabling user accounts via, 254
effective, 277
firmware, 133
forced changes, 282
group, 229
history lists, 295
Internet, 285
large numbers of, managing, 282
lifetimes, 248, 287-288
maximum lengths, 241
MD5, 311
npasswd command, 294-295
one-time, 341-343
policies, 334
pre-expired (AIX), 241
protecting, 234
random, 277
remote access and, 375
required change times, 281
restrictions, 287
root, 7, 281, 283
security issues, 338
selecting, 283
selecting good, 277, 279
shadow file, 223, 225, 288
single-user mode, 132
SNMP community names, 488
testing, 297-302
triviality checking, 291, 297-302
web, 285
PATH environment variable, 246, 349
Pathologically Eclectic Rubbish Lister (see Perl)
patience, 886
Patt, Yale, 619
pax command, 730
restores, 736
Payne, Jonathan, 125
Perchine, Denis, 270
performance
commands, 950
CPU, 963-978
disk I/O, 1001-1007
disk striping and, 1005
DNS, 1020
managing memory, 978-995
managing processes, 963-978
memory, 978-995
monitoring processes, 951-963
network, 1017-1023
NFS, 1020-1023
overview, 946
paging spaces, 995-1001
Postfix, 594-595
RAID and, 663
resource control mechanisms, 947
sendmail, 570-571
striped volumes and, 660
thrashing, 980
tuning process, 947-951
periodic package (FreeBSD), 90, 97
periodic program execution, 90
Perl, 899-910
documenting scripts, 942
graphical interfaces with, 909
POD, 942
reports with, 908
slogan, 901
Perl/Tk, 909-910
permissions, file (see protection, file)
persistence, 1001
PGP, 363, 366
electronic mail and, 535-536
pgp command, 364-365
pgp4pine package, 536
philosophy of system administration, 4
physical security, 336
physical volumes, 657
PID (process ID), 56
pine package, 534
IMAP and POP with, 541
ping command, 220, 479
ping of death, 480
piomkpq command (AIX), 855
pipes, named, 52
pkg_add command (FreeBSD), 116
pkgadd command (Solaris), 116
pkgchk command (Solaris), 116
pkg_delete command (FreeBSD), 117
pkg_info command (FreeBSD), 116
pkginfo command (Solaris), 116
pkgrm command (Solaris), 117
.plan files, 331
platters, disk, 635
plod package, 31
Plonka, Dave, 516
plotters, 814
pluggable authentication modules (see PAM)
pmadm command (Solaris), 791-792
pmbpage command, 817
policies
backup, 707
electronic mail, 531
security, 334
Pomeranz, Hal, 31
POP, 537-539
daemons, 538
user agents and, 541
pornography, 334
port monitors (Solaris), 789
port scanning, 382
Portable Batch System, 978
portmap daemon, 695
ports, assignments to services, 189-190
ports collection (FreeBSD), 120
POSIX ACLs, 359
Post Office Protocol (see POP)
Postfix, 579-596
access control, 589-592
address mapping, 586
blacklists, 589-590
canonical map, 586
client configuration, 584
commands, 582
components, 580-581
configuring, 583
daemons, 580-581
debugging, 595
delivery process, 581
DNS lookups and, 585
enabling, 581
goals, 579
installing, 582
LDAP and, 588
Linuxconf and, 593
local delivery agent, 585
logging, 595
mail hub configuration, 584
monitoring, 594-595
performance, 594-595
queues, 580
relaying, 585
relocated map, 587
security, 592-594
spam suppression, 589-590
SuSE Linux Version 7 and, 584
syslog and, 582
troubleshooting, 595
version, 579
virtual map, 587
PostScript
converting to, 816
previewing files, 817
printing, 817
Powell, Patrick, 864, 871
power failures, 175
pr command, 817
Practical Extraction and Report Language (see Perl)
precautions, system script modification, 168
preening filesystems, 143
pre-login message, 14
Pretty Good Privacy (see PGP)
primary group, 231
primary name server, DNS, 419
printconfig command (Tru64), 827
PRINTER environment variable, 818
printers
access control, 824
adding, 826-827, 842, 857
default, 818, 831, 849
device classes, 836
interfaces, 836, 839
serial, 816
sharing with Windows 2000, 861
special files for, 816
starting and stopping, 820
testing, 817
USB, 808-809
virtual (AIX), 853
printing
accounting, 1051, 1066-1068
AIX (see AIX spooling system)
BSD style (see LPD spooling system)
configuration files, 816
enabling, 816
filters, 824
fonts and, 882
ifhp filter, 871
managing jobs, 818-819, 832, 849, 851
managing queues, 819-820, 833-834
remote, 816, 826, 840, 857
starting and stopping, 820
subsystem components, 815
System V style (see System V spooling system)
troubleshooting, 858-860
user utilities, 817, 830
(see also CUPS; LPRng)
priocntl command (Solaris), 969, 975
priorities
paging spaces (Linux and HP-UX), 1000
process, 964-965, 968, 970
priority-based round-robin scheduling, 963
problems, detecting security, 391
problems (see troubleshooting)
/proc filesystem, 70, 956-958
Linux, 896, 957, 992
process accounting, 1049-1056, 1058-1063, 1065
system monitoring and, 409
process ID (PID), 56
files containing, 73
processes, 53-60
attributes of, 56
batch, 55
creation, 58
daemons, 55
foreground vs. background, 53
fork and exec, 57
getty, 785
idle, 958
init, 130
interactive, 53
killing, 962
life cycle, 57
managing, 963-978
monitoring, 951-963
network, 148
NFS hung, 963
nice numbers, 56, 964-965, 968, 970
paging, 979-980
parent, 57
priorities, 56, 964-965, 968, 970
/proc filesystem, 70
resource limits, 959, 961
run queues, 964
scheduling, 963-964, 970-977
server, 55
setuid/setgid access and, 58
signaling, 962
started at boot time, 146
types, 53
zombie, 963
procmail
avoiding loops, 605
configuring, 601
debugging, 613
discarding mail, 603
formail utility, 605
logging, 613
pipes and, 604
recipes, 601-602
security scanning, 609, 613
sendmail and, 552
sorting mail with, 602
spam suppression, 607-609
troubleshooting, 613
products (HP-UX), 119
professionalism, 1069
.profile files, 241
example, 243
profiles, authorizations and (Solaris), 370, 372
profiles command (Solaris), 372
projadd command (Solaris), 1063
projdel command (Solaris), 1063
.project files, 331
projects command (Solaris), 1064
projects (Solaris), 1063
PAM and, 312
projmod command (Solaris), 1063
promiscuous relaying, 561
protected password database (HP-UX and Tru64), 227, 255, 289
protection, file, 36, 39, 348
protocols
ARP, 188
CIFS, 703
ICMP, 480
IMAP, 537-539
IP, 188
IPP, 874
networking, 186
NTP, 469
OSPF, 454
POP, 537-539
RIP, 454
routing, 453
SMTP, 524
SNMP, 484
SSH, 377
stacks, 186
statistics per, 478
TCP, 186, 188
UDP, 186, 188
prpwd command (HP-UX and Tru64), 228
prtconf command (Solaris), 1046
prudence, 421
ps command, 952, 965
pseudo users, 222
pseudo-terminal devices, 767
pstat command (FreeBSD), 896, 996
pstree command, 954
PTR records, DNS, 429, 432
ptree command (Solaris), 954
public key encryption, 363
public key servers, 363
pump command (Linux), 211
Purdue University, 399
pvcreate command
HP-UX, 670
Linux, 681
pvdisplay command (HP-UX), 672
pwck command, 392
pwdadm command (AIX), 282
pwdck command (AIX), 392
Q[ Top ]
qadm command (AIX), 851
qcan command (AIX), 850
qchk command (AIX), 849
qdaemon daemon (AIX), 848, 852
qhld command (AIX), 851
QIC tape, 717
qmov command (AIX), 850
quantum, 964
queuedefs configuration file, 977
QUEUE_DIR macro, 570
queues
HylaFAX, 799
Postfix, 580
printing, 821, 837, 849
process run, 964
QUIT signal, 963
quot command, 1009
quotacheck command, 146, 1015
quotaoff command, 1015
quotaon command, 1015
quotas, 146, 1012-1016
quotation marks, sendmail and, 548
R[ Top ]
rabbits, 338
r(ead) access, 36
RAID, 661
levels, 661
performance characteristics of, 663
RAID 0, 661
RAID 0+1, 662
RAID 1, 661
RAID 10, 662
RAID 3, 661
RAID 5, 661-662
RAID1+0, 662
raidstart command (Linux), 683
raidstop command (Linux), 683
Rand, Dave, 512
random passwords, 277
Raymond, Eric, 596
RBAC (role-based access control), 366-373
rc*.d boot script directories, 160
RCS (revision control system), 422
reachability information, routing, 453
real group (AIX), 233
Realtime Blackhole List, 562
reboot command, 171
rebooting the system, 171
recognizing normal, 946
records, directory service, 315
recursive queries, DNS, 418
Red Hat Linux
anacron package, 90
/etc/profile.d directory, 247
routing, 455
system administration tools, 23
user manager tool, 271
.wmstyle file, 245
redhat-config commands (Red Hat Linux), 23
redhat-config-users command (Red Hat Linux), 271
redirect sendmail feature, 558
reference clocks, NTP, 472
refresh period, DNS, 430
Reiser filesystem (Linux), 652
Reiser, Hans, 652
reject command, 833
RELAY macros, 555
relay servers, DHCP, 458
RELAY_DOMAIN macro, 561
RELAY_DOMAIN_FILE macro, 561
relay_entire_domain sendmail feature, 554
relaying, mail, 561
remote access, 375
remote printing, 826, 840, 857
Samba, 860
with Windows 2000, 860
remote system administration
AIX, 20
HP-UX, 21
Solaris, 22
removing user accounts, 255-256
renice command, 968
repeaters, 201
repquota command, 1016
rescue disk (Linux), 764
reservations, DHCP, 458
resize2fs command (Linux), 651
resize_reiserfs command (Linux), 653
resolver, 214, 417
configuration files, 215
resource limits, 248, 959, 961
PAM, 307
soft vs. hard, 959
resource management
control mechanisms, 947
CPU, 963-978
disk, 1009-1016
disk space, 112
memory, 978-995
resource records, DNS, 428
responsibilities, 1
restore command, 738-739, 741
interactive mode, 740
remote restores, 744
restores, 736, 741
remote, 744
restricted shells, 239, 553
restvg command (AIX), 762
retensioning tapes, 723
retiring user accounts, 255
retrieval agents, mail, 522
retrieving, mail, 596
retry interval, DNS, 430
reverse lookup zones, 418
reverse zone files, 432
reversibility, 4
revision control systems, 422
RG-11 coax, 183
RG-58 coax, 183
RGID (real group ID), 57
.rhosts files, 375
RIP (Routing Information Protocol), 454
RJ-45 connector, 182
rlogin command (PAM configuration file), 305
rmdev command (AIX), 856
rmgroup command (AIX), 264
rmmod command (Linux), 1045
rmps command (AIX), 1001
rmque command (AIX), 856
rmquedev command (AIX), 856
rmt daemon, 744
rmuser command
AIX, 264
FreeBSD, 262
rndc command, 450
role-based access control (RBAC), 366-373
AIX, 368-370
Solaris, 370, 372-373
roles
AIX, 369
Solaris, 312, 370
roles command (Solaris), 372
root, 6, 235
history, command, 409
login location restrictions, 309
password, 7, 283
role-based access control and, 366
running one command as, 9
security and, 338
selective access to, 10
setuid to, 352
subdividing privileges of, 366
root directory (/), 33
root domain, 415
root hints file, DNS, 427
root volume group (rootvg), 663
rotating log files, 112-113
route command, 216
variations, 216-217
routed daemon, 454-455
enabling, 455
routers, 201
area border, 454
routine, adherence to, 401
routing
algorithms, 453
configuration files, 218-219
configuring, 454-457
dynamic, 216, 453
interior vs. exterior protocols, 453
minimal, 453
reachability information, 453
static, 216, 453
tables, 217, 479
types, 453
Routing Information Protocol (RIP), 454
RPC daemons, 148
rpc.lockd daemon, 696
rpc.mountd daemon, 695
rpc.nfsd daemon, 695
rpc.statd daemon, 696
rpm command (Linux), 116
rrdtool command, 513
RRDtool package, 512-516
Cricket and, 517
databases, 512
graphs, 513-516
round-robin archive data, 513
RRGrapher package, 516
RS-232 cables, 776
RS-232 standard, 776-777, 779-780
RUID (real user ID), 56
run levels, 153
changing, 154-155
default, 154
S[ Top ]
s access, 43-44
S files, 160
sa command, 1054-1056
sac daemon (Solaris), 789
sacadm command (Solaris), 790
SAGE, 1069
Saint package, 403-404
saintmap package, 511
Salmi, Timo, 609
sam command (HP-UX), 20
SAM (HP-UX), 20
DHCP, 465
kernel building with, 1031-1033
package management, 117
printing, 846
serial ports, 769
user account management, 266
Samba, 703-706
authentication, 705
configuration files, 703
daemons, 148
home directories and, 704
printcap files and, 861
printing with, 860-863
security, 705
shares, 704
sandboxing, 88
sendmail, 565
sanitizer.pl script, 610
sar command, 1002
SASL
OpenLDAP and, 326
sendmail and, 566
Satan, 403
save text mode, 43
savecore command, 144
savecrash command (HP-UX), 144
savevg command (AIX), 761
/sbin directory, 68
scanning, port, 382
schedtune command (AIX), 971-972, 987
scheduled command execution, 90
scheduler, 963-964, 970-977
AIX, 970, 972
Solaris, 972-973, 975
Tru64, 975-976
scheduling priorities, 56
schemas
LDAP, 316
user authentication, 319
SNMP MIBs, 486
scopes, DHCP, 457
Scotland, 416
scp command, 377
screen captures, 817
scripts
boot, 131, 140, 146
debugging, 898-899
examples, 886-898
Expect, 911-919
ipcalc.pl, 198
migrate_passwd.pl (OpenLDAP), 321
mkuser.sys (AIX), 263
Perl, 899-910
power failure, 175
precautions before modifying, 168
testing, 898-899
tricks in, 897-898
writing hints, 898
writing secure, 169
SCSI devices
controller changes and, 643
daisy chain, 642
differential, 639-640
maximum cable lengths, 640
terminators, 642
versions, 640
wide, 640
SCSI disks, 64, 639
search paths, 59, 349
second, definition of, 470
secondary authentication programs (AIX), 344
secondary group memberships, 230
secondary name servers, DNS, 419
secure DNS, 443
secure shell, 376
Security Administrator's Integrated Network Tool (see Saint)
security facilities, 339
security group, 368
security issues
backup media, 337
backups, 413
boot-related, 145
checksums, 397
chroot, 88
common problem types, 331
convenience, 333
cron, 100
dialup access, 343
disk partitions, 388
DNS, 447
electronic mail, 528, 567, 609, 613
encryption, 362
encryption keys, 366
file access, 34, 348, 394
fsck, running, 398
group writable directories, 350
groups and, 34, 236
handling breaches, 405
hardening systems, 387-391
important files and directories, 394
inetd daemon, 378
investigating problems, 406-413
lines of defense, 336
media coverage of, 405
network, 373-386
NFS, 699
ongoing monitoring, 391-413
password file, 234, 338, 391
password quality, 277, 291
physical security, 336
Postfix, 592-594
removing user accounts, 256
Samba, 705
sandboxing, 88
SANS Top 20, 404
search paths, 349
sendmail, 565, 567
services, TCP/IP, 378
setuid/gid access, 56, 351-353
shell escapes, 11, 240, 352
single-user mode password, 132
smart cards, 340
SNMP, 499
system shutdown, 171-172
systemwide initialization files, 247
terminal lines, 784
user education, 335
vulnerability scanning, 401-405
world writable directories, 350
writing scripts and, 169
security mailing lists, 374
security policies, 334
segments, network, 184, 200, 478
segments (network data unit), 187
maximum size, 1018
Seltzer, Margo I., 619
sendfax command, 801
sendmail, 542-578
access control, 562
address mapping, 556
address translation mode, 574
addressing options, 556
blacklists and, 562
Build script, 550
client configuration, 548, 555
components, 544
configuration files, 546
configuring, 547-571
cw file, 550
daemon, 544, 546, 567
database engines, 557
debugging, 574-575
default user, 565
dnl, 548
DNS lookups and, 554
enabling, 544
/etc/mail/local-host-names file, 550
FEATUREs (see FEATURE macros)
LDAP and, 557
local mailers, 552
logging, 571-572
macros, 576-578
mail hub configuration, 550, 555
mailers, 552
mail.local program, 553
maintenance, 569
masquerading, 551
monitoring, 568-570
multiple queues, 570
null client, 555
performance, 570-571
PID file, 546
privacy options, 566
procmail and, 552
quotation marks, odd, 548
redirecting mail, 558
relaying, 561
SASL, 566
security, 565
services switch file, 560
smrsh program, 553
spam, suppressing, 560
split, 567
statistics, 569
submission agent, 567
syslog and, 546
timeouts, 571
troubleshooting, 571-576
versions, 543
virtual domains, 559
sendmail.cf configuration file, 547
building, 550
serial cables, 780
serial lines, 766-798
access control, 796
adding new devices, 776
configuration files, 782-788
configuring, 781
printers and, 816
root access to, 796
secure, 784
setting characteristics of, 773, 775
Solaris handling of, 789-794
special files for, 766-767
troubleshooting, 794
serial numbers, DNS, 430
Server Message Block (SMB) protocol, 703
server processes, 55
server selection (SRV) records, DNS, 431
servers (see daemons)
Service Access Facility (Solaris), 789-794
commands, 790
service advertisement (SRV) records, DNS, 429
services
network, 189
port number assignments, 189
services, PAM, 302
setacl command (Tru64), 361
setfacl command
Linux, 361
Solaris, 361
setgid access
monitoring files for, 396
programs, 58, 351-353
writing secure, 352
setgid bit, 43
setgroups command (AIX), 233-234
setld command (Tru64), 116
setuid access
monitoring files for, 396
nosuid filesystem option, 627
programs, 58, 351-353
writing secure, 352
setuid bit, 43
severity levels (syslog), 102
Seward, Julian, 123
sftp command, 377
sftp-server daemon, 377
shadow group file (Linux), 223, 232
shadow password file, 223, 225, 288
security of, 234
shared libraries, 70-71
Sharpe, Randall K., 614
shell escapes, 11, 240, 352
shells, 238
initialization files, 241
prejudices about, 886
restricted, 239, 553
secure, 376
showmount command, 700
shutdown command, 170
aborting pending, 173
BSD vs. System V syntax, 170
BSD-style, 171
Linux version, 172
System V-style, 170
side effects, unintended, 331, 349
siggen command, 400
signals, 963
CONT, 963
INT, 963
KILL, 963
numbers of, 962
QUIT, 963
STOP, 963
TERM, 962
signatures, digital, 364
Silicon Graphics, 799
silos, 721
Simple Authentication and Security Layer (SASL)
OpenLDAP and, 326
sendmail and, 566
Simple Mail Transport Protocol (see SMTP)
Simple Network Management Protocol (see SNMP)
single-user mode, 131
password protection of, 132
run level for, 153
skeleton initialization files, 242
S/Key package, 341
slapd daemon, 314
configuration file, 316-317
securing, 326
slave name servers, DNS, 419
configuring, 425
updates to, 437-438, 440-441
slices, 645
slow convergence, RIP, 454
smart cards, 340
SMART_HOST macro, 555
SMB protocol, 703
smbclient command, 705
smb.conf configuration file, 703
smbstatus command, 704
SMC (Sun Management Console), 22
user account management, 272
SMIT (AIX), 19
disabling services with, 382
fastpaths, 19
package management, 117
printing configuration, 849
queue configuration, 855
role-based access control, 370
user account management, 265
smit command (AIX), 17
Smith, Keith A., 619
smitty command (AIX), 19
smrsh program, sendmail, 553
procmail and, 554
smrsh sendmail feature, 553
SMTP
commands, 572
proxies, 524
retrieving mail using, 596
smtpd daemon, 524
smtpfwdd daemon, 524
snap command (AIX), 175
SNMP, 484-500
agents, 493
community names, 488
concepts, 484
configuration files, 489
enabling, 489-490
implementations, 489
MIB files, 489
namespace, 486
Net-SNMP, 488
network management station, 485
NMS, 485
operations, 489
security and, 499
traps, 489, 492
versions, 485
snmpconf command, 495
snmpd daemon, 493
snmpget command, 491
snmpinfo command (AIX), 493
snmp_request command (Tru64), 493
snmpset command, 492
snmptranslate command, 490
snmptrap command, 492
snmptrapd daemon, 496
snmpwalk command, 492
snoop command (Solaris), 483
social engineering, 346
sockets, 51
TCP/IP, 189
sofficer role (Solaris), 372
soft updates, 619-620
enabling, 646
software packages (see packages)
Solaris
accounting, 1058
ACLs, 359
adding disks, 653
AdminSuite, 22
admintool, 22
boot images, location of, 764
boot scripts, 163
booting, 137
buffer cache, 993
CD-ROMs on, 694
concatenated volumes, 677
DHCP, 212, 465
dialup passwords, 343
/etc/default directory, 162-163
extended accounting, 1063-1065
failed disk, replacing, 679
filesystem types, 620
kernel location, 129
kernel parameters, tuning, 993
LDAP support, 314
listen port monitor, 789
logical volume manager, 677
media handling facility, 694
memory, as data cache, 993
mirrored volumes, 678
modules, kernel, 1046
network files, DHCP, 466
network interface names, 203
NFS, 700
package management, 116
PAM modules, 311
password controls, 289-290
port monitors, 789
Print Manager, 847
printing features, 843
priority classes, 973
profiles, 370
projects, 312, 1063-1065
RAID 5 volumes, 679
role-based access control, 370, 372-373
roles, 312
routing, 455
scheduler, 972-973, 975
security facilities, 339
serial lines, 789-794
single-user mode password, 133
SMC, 22
SNMP, 497
soft partitions, 677
software archives, 126
static routes, 219
striped volumes, 678
syslog enhancements, 106
TCP/IP parameters, 1019
ttymon port monitor, 789
tuning tools, 950
USB devices, 813
user account controls, 252
user account management, 272
virtual memory manager, 993
Solaris commands
acctadm, 1064
auths, 373
dispadmin, 973, 975
eeprom, 133
fdformat, 690
floppy disk, 690
format, 653-654
from, 615
getdev, 896
getfacl, 361
kstat, 993
logical volume manager, 677-680
lpget, 842
lpset, 842
lpusers, 838
makewhat, 76
metadb, 677
metainit, 677
metaparam, 678
metareplace, 679
metattach, 678
mkfile, 999
modinfo, 1046
newfs, 655-656
newtask, 1064
pkgadd, 116
pkgchk, 116
pkginfo, 116
pkgrm, 117
pmadm, 791-792
priocntl, 969, 975
profiles, 372
projadd, 1063
Solaris commands
projdel, 1063
projects, 1064
projmod, 1063
prtconf, 1046
ptree, 954
roles, 372
sacadm, 790
SAF, 790
setfacl, 361
snoop, 483
sttydefs, 793
swap, 896, 996, 1001
sysdef, 1046
ufsdump, 732
volcheck, 690
Solaris configuration files
/etc/default/dhcpagent, 212
/etc/default/login, 252
/etc/default/passwd, 297
/etc/defaultrouter, 219
/etc/default/su, 8
/etc/default/sulogin, 133
/etc/dfs/dfstab, 700
/etc/hostname.*, 206
/etc/inet/hosts, 214
/etc/inet/netmasks, 204
/etc/nodename, 206
/etc/printers.conf, 842
/etc/project, 1063
/etc/rmmount.conf, 694
/etc/saf/_sactab, 789
/etc/security/auth_attr, 370
/etc/security/exec_attr, 372
/etc/security/prof_attr, 370
/etc/snmp/conf, 497
/etc/system, 896, 1046
/etc/ttydefs, 792
/etc/user_attr, 372
/etc/vfstab, 629, 696
/etc/vold.conf, 693
network interface, 205
/usr/share/man/man.cf, 75
/var/dhcp/dhcptab, 465
song lyrics, 280
Soules, Craig A. N., 619
source code, 73
building packages from, 121-125
Spafford, Gene, 399
spam, suppressing, 560, 599
Postfix, 589-590
procmail and, 607-609
special files, 47
block vs. character, 63
common names, 65
creating, 643
disk partitions, 63
floppy disks, 689
major and minor numbers, 61, 644
parallel ports, 816
printers, 816
serial lines, 766-767
tapes, 723-725
USB devices, 807
Spell My Name with an S, 350
split DNS, 446
spool directories, 816
electronic mail, 524, 528
HylaFAX, 799
location, 73
printing, 824
spooling (see printing)
SRC (AIX), 148
ssh command, 376
SSH protocol 2, 377
sshd daemon, 376
stackers, 721
stacks, protocol, 186
/stand/build/system configuration file (HP-UX), 1031
/stand directory (FreeBSD), 70
Star Trek, 279
start of authority (SOA) records, DNS, 428, 430
BIND 8 vs. 9, 430
serial numbers in, 430
startsrc command (AIX), 475
statd daemon, 695
static routes, 216
files defined in, 218-219
static routing, 453
stealth name servers, DNS, 419
Stein, Christopher A., 619
Stem, 932-942
Stewart, Al, 280
sticky bit, 43
Stokely, Celeste, 766
STOP signal, 963
stratum 1 servers, NTP, 469
streams, 187
striped volumes, 660
performance tips, 660
stty command, 773, 775
sttydefs command (Solaris), 793
stub name servers, DNS, 419
su command, 6, 9
log files, 104, 409
PAM configuration file, 303-304
testing user accounts with, 253
subdomains, DNS, 433-434
submission agents, mail, 532, 567
subnet masks, 196
subnets, 196
DHCP and, 458
subproducts (HP-UX), 119
sudo package, 9
configuration file, 10
sulogin utility (Linux), 133
Sun Management Console (SMC), 22
super daemon, TCP/IP, 377
supernets, 196
superuser (see root)
SuSE Linux
harden_suse command, 339
package management, 116
routing, 455
security facilities, 339
SuSEconfig, 24
WINDOWMANAGER environment variable, 246
YAST2, 24
SuSEconfig script, 24
swap command (Solaris), 896, 996, 1001
swap partitions, 63, 145, 628, 995
crash dumps saved to, 144, 175
managing, 995-1001
placement of, 638
(see also paging spaces)
swapinfo command (HP-UX), 896, 996
swapon command, 145, 896, 996, 998-999
swapping, 979
swatch package, 114
TCP Wrappers and, 379
swinstall command (HP-UX), 116
switches, 201
full-duplex, 478
selecting, 202
swlist command (HP-UX), 116
swremove command (HP-UX), 116
symbolic file modes, 42
symbolic links, 48
automounter confusion, 701
context-dependent (Tru64), 50
sync command, 172
Sys Admin magazine, 447, 813, 1023
sys group, 235
sysconfig command (Tru64), 896, 975, 1019, 1030
sysctl command (FreeBSD), 896, 990, 1019, 1029
sysdef command (HP-UX), 1033
sysdef command (Solaris), 1046
sysinstall command (FreeBSD), 25
syslinux package (Linux), 1042
syslog, 101-108
boot messages and, 139
components, 101
configuration file, 102
cron and, 95
daemon, 101
enabling, 101
enhancements, 104, 106-107
facilities, 102
fetchmail and, 597
logger utility, 107
PID file, 101
Postfix and, 582
sendmail and, 546
severity levels, 102
SNMP traps and, 493
TCP Wrappers and, 379
SysMan (Tru64), 26
package management, 117
system administration tools, 15
admintool (Solaris), 22
DHCP, 208, 460, 463, 465, 468
Gnome, 26
KDE, 26
kernel building, 1031-1033
Linuxconf (Linux), 22
package management, 115
password aging settings, 290
printer configuration, 827, 829, 846, 849, 855
Red Hat Linux, 23
SAM (HP-UX), 20
SMC (Solaris), 22
SMIT (AIX), 17
SNMP, 490
sysinstall (FreeBSD), 25
SysMan (Tru64), 26
user account management, 256-275
VNC, 29
vulnerability scanning, 401-405
WSM (AIX), 19
Ximian setup tools, 27
YAST2 (SuSE Linux), 24, 812
system calls, insecure, 353
system console, 767
access control, 796
limiting access to, 337
system group, 235
system hardening, 387-391
system initialization scripts, 131
system integrity checking, 399
system messages, 101
System Resource Controller (AIX), 148
network daemons and, 475
system shutdowns, 169
fake, 172
system user accounts, 235
System V filesystem, 617
System V spooling system, 829-847
access control (Solaris), 843
adding printers, 842
classes, 836
daemon, 834
destinations, 831
device classes, 831, 836
filters (Solaris), 844
forms (Solaris), 844
interfaces, 836
managing print jobs, 832
managing printers, 835-836
managing queues, 833-834, 836
modifying pending jobs (HP-UX), 845
moving jobs between queues, 833
queue priorities, 837
remote printing, 840, 842
starting and stopping, 834
user commands, 831
variations, 840, 842
system_prep command (HP-UX), 896, 1031
systemwide initialization files, 246
customizing, 247
T[ Top ]
T junction, 183
t (save text) access, 43
TAI (International Atomic Time), 470
tail command, 89
tapes, 717-718
accessing via network, 744
data grade, 717
data incompatibilities, 741
default drive, 725
disadvantages of, 718
retensioning, 723
rewinding, 735
skipping files on, 735
special files for, 723-725
utilities, 735
tar command, 85, 727-729
GNU version, 729
restores, 736
Solaris enhancements to, 728
Taylor, David, 532
TCP Wrappers, 378, 381
tcpd daemon, 378-379
/tcb directory, 71
tcpdump command, 481
TCP/IP
layers, 186
maximum segment size (MSS), 1018
parameters, 1018-1019
sample conversation, 191
socket buffer size, 1018
tcsh, 244
initialization files, 241
telinit command, 154
temporary mount point (/mnt), 70
TERM environment variable, 769, 772
TERM signal, 962
termcap, 770
TERMCAP environment variable, 772
terminal type, setting, 242
terminals, 769
initializing, 772
resetting, 775
troubleshooting, 794
terminators
coaxial cable, 183
SCSI, 642
terminfo, 770-771
directories, 769
testparm command, 704
thankless job, 1052
theft, 337
There's more than one way to do it, 901
Thinnet cable, 183
thrashing, 980
threats, 332
tickets, Kerberos, 348
time, authoritative, 469
time bombs, 338
time series data, 512
time slice, 964
time synchronization, 469
time tracking, 31
timeout period, DNS, 430
time-to-live value, DNS, 428
TLDs (top-level domains), 415-416
TLS
OpenLDAP and, 326
sendmail and, 566
tokens, 340
top command, 956
variations of, 956
top-level domains, 415-416
topologies, network, 185
traceroute command, 480
traffic, network, 477-478
transaction logs, filesystem, 619
transitive trust, 376
transmission control protocol (TCP), 188
(see also TCP/IP)
transmitting station identifier (fax), 803
transport agents, mail, 521, 542-596
trap doors, 338
traps, SNMP, 489, 492
syslog and, 493
tripwire command, 400
Tripwire package, 399-401
configuration file, 400
reports, 400
triviality checking, password, 291, 297-302
PAM, 307, 309-310
Troan, Eric, 114
troff text formatting system, 944
trojan horses, 338
troubleshooting
booting problems, 175
crashes, 174
DNS, 451
file access, 45
hardware problems, 176
networking, 219
Postfix, 595
printing, 858-860
procmail, 613
scripts, 898-899
sendmail, 571-576
serial lines, 794
software builds, 121
terminals, 794
Tru64
ACLs, 359, 362
adding disks, 672
AdvFS filesystem, 672
boot scripts, 164
booting, 137
buffer cache, 994
DHCP, 212, 467
disk group, 674
disk striping, 674
/etc/rc.config configuration file, 133
filesets, 673
filesystem types, 620
hardware error messages, 110
kernel, building, 1026-1028
kernel location, 129
kernel parameters, tuning, 975, 994, 1030-1031
Logical Storage Manager, 674-676
logical volume manager, 672
LPD spooling system, 827
memory, as data cache, 994
mirrored volumes, 676
network interface names, 203
NFS and, 700
package management, 116
password controls, 289-290
password history lists, 296
password triviality checks, 293
plex, 674
protected password database, 227
RAID 5 volumes, 676
routing, 455, 457
scheduler, 975-976
security facilities, 339
serial lines, 797
single-user mode password, 133
SNMP, 499
software archives, 126
static routes, 219
striped volumes, 676
subdisk, 674
swap partitions, 628
syslog enhancements, 107
TCP/IP parameters, 1019
tuning tools, 950
USB devices, 807
user account controls, 253
/usr/skel directory, 242
virtual memory manager, 994
Tru64 commands
btcreate, 765
cdslinvchk, 51
dhcpconf, 212
dia, 111
dsfmgr, 896
dxaccounts, 273
dxkerneltuner, 975, 1031
edauth, 290
fverify, 116
getacl, 361
Tru64 commands
logical storage manager, 675-677
lprsetup, 828
printconfig, 827
prpwd, 228
setacl, 361
setld, 116
snmp_request, 493
swapon, 896
sysconfig, 896, 975, 1019, 1030
sysman, 26
xjoin, 468
Tru64 configuration files
/etc/binlog.conf, 110
/etc/join/client.pcy, 212
/etc/join/dhcpcap, 467
/etc/join/nets, 467
/etc/join/server.pcy, 467
/etc/netsvc.conf, 216
/etc/rc.config, 163
/etc/routes, 219
/etc/snmpd.conf, 499
/etc/sysconfigtab, 628
network interface, 205
TrueType fonts, 879, 884
trust, network, 374
security issues with, 376
trusted computing base, 71, 227
integrity checking commands, 399
TrustedBSD project, 359, 367
tset command, 772
Tsirigotis, Panos, 380
$TTL directive, DNS, 429
ttmkfdir package, 884
tty command, 769
ttymon port monitor (Solaris), 789
tune2fs command (Linux), 650
tunefs command (FreeBSD), 646
tuning process, 947-951
caveats, 950
commands, 950
iterative nature, 950
temptations in, 951
tutelary deity, 55
tw.config configuration file, 400
twisted pair cable, 182
Type 1 fonts, 879
font files, 879
typical tasks, 1, 32, 521, 616
U[ Top ]
u(ser) access, 38, 44
U.C. Davis, 488
UCE (see spam, suppressing)
ucomm.sh command, 1065
UDP (User Datagram Protocol), 188
UFS filesystem, 618
ufsdump command (Solaris), 732
UID, 222-223
0, 235
assigning, 237
effective, 56, 351
real, 56
retired accounts, 255
ulimit command, 959
umask, 246
umask command, 42
umount command, 624, 630
unintended side effects, 331, 349
uninterruptable power supply (UPS), 175
Universal Serial Bus (see USB devices)
University of Delaware, 469
University of Maryland, 745
University of Michigan, 314
University of Washington, 534, 539
Unix domain sockets, 51
Unix filesystem layout, 68
UNIX Hater's Handbook, 1023
unsolicited commercial email (see spam)
unusual capitalization, 279
upacct command, 1065
upacct package, 1065
UPS (uninterruptable power supply), 175
USB cables, 807
connectors, 780
USB devices, 807-813
special files for, 807
support for, 807
usbdevs command (FreeBSD), 809
usbmodules command (Linux), 810
usbutils package (Linux), 810
usbview package (Linux), 810
use_cw_file sendmail feature, 550
USENIX, 1070
user accounts
adding, 237, 257
attributes, 223, 248-253
automatic inactivation, 289
captive, 239
classes (FreeBSD), 250
controls, 248-253, 309
converting to OpenLDAP, 320
default attributes, 258
definition, 222
disabling, 254
dynamic group membership, 231
expiration dates, 289
GECOS field, 224
group memberships, 230
groups and, 222
home directories, 224, 241, 248, 308
initialization files, 241-242
locking, 254
login shells, 224, 238
maximum groups, 230
modifying, 258
nobody, 235
password file, 223
passwords, 240, 248, 277-302
primary group, 231
projects (Solaris), 1063
removing, 255-256, 259
resource limits, 248, 307
retiring, 255
root, 10
security issues, 338
standard, 235
system, 235
testing, 253
tools for managing, 256-275
user-private groups, 230-231
user agents, mail, 521, 532-537
IMAP and, 541
POP and, 541
user authentication (see authentication)
User Datagram Protocol (UDP), 188
useradd command, 257-258
userdel command, 259
usermod command, 254, 258, 282, 289
usernames, 222-223
user-private groups, 230-231
users
backups and, 731
communicating with, 12, 176
educating, 335, 346
electronic mail issues, 531
interacting with, 4
security awareness, 334-335
special requests, 830
when they leave, 281
/usr/bin directory, 71
/usr directory, 71
/usr/include directory, 71
/usr/lib directory, 71
/usr/lib/passwd/passwd.conf configuration file, 294
/usr/lib/security/mkuser.default configuration file (AIX), 262
/usr/lib/sendmail.d/bin directory, 553
/usr/lib/X11/fonts directory, 879
/usr/local directory, 71
/usr/local/share/snmp/snmpd.conf configuration file, 494
/usr/lpp directory (AIX), 70
/usr/ports directory (FreeBSD), 120
/usr/sbin directory, 68
/usr/share directory, 72
/usr/share/man/man.cf configuration file (Solaris), 75
/usr/share/skel directory (FreeBSD), 242
/usr/skel directory (Tru64), 242
/usr/src directory, 73
/usr/ucb directory, 73
UTC (Coordinated Universal Time), 470
utmp accounting file, 1052
UUCP, 552, 581
V[ Top ]
vacation command, 545, 614
van den Berg, Stephen, 599
vandalism, 332, 337
/var directory, 73
/var/adm/crash directory (HP-UX), 144
/var/adm directory, 73
/var/adm/pacct configuration file, 1058
/var/cfengine/inputs/cfagent.conf configuration file, 923
/var/dhcp/dhcptab configuration file (Solaris), 465
/var/log directory, 73
/var/log/lastlog file, 307
/var/run directory, 73
/var/spool directory, 73
/var/spool/hylafax directory, 799
/var/spool/hylafax/etc/FaxDispatch configuration script, 804
/var/spool/hylafax/etc/hosts.hfaxd configuration file, 806
/var/spool/mqueue directory, 528
varyonvg command (AIX), 664
Venema, Wietse, 374, 579
verifying, 141
verifying backups, 713
vgcreate command (HP-UX), 670
vgcreate command (Linux), 682
vgdisplay command (HP-UX), 672
vgextend command (HP-UX), 670
vgscan command (Linux), 681
views, DNS, 446
vigr command (Linux), 230
vinum command (FreeBSD), 685-687
vipw command, 145, 225
virtual domains, mail
Postfix, 587-588
sendmail, 559
virtual memory, 979-980
virtual memory manager, 987-995
AIX, 987-988, 990
FreeBSD, 990-991
HP-UX, 991-992
Linux, 992-993
Solaris, 993
Tru64, 994
virtues, 78, 401, 886, 1001
list of, 1070
VIRTUSER_DOMAIN_FILE macro, 559
virtusertable sendmail feature, 559
viruses, 338
electronic mail, 609, 613
visudo command, 12
Vixie, Paul, 93, 562
VMailer (see Postfix)
VMS, 32
search command, 901
vmstat command, 966, 982, 984-985
vmtune command (AIX), 989-990, 1006
VNC package, 29
vnconfig command (FreeBSD), 999
vncserver command, 30
vncviewer command, 30
volcheck command (Solaris), 690
vold daemon (Solaris), 690, 694
volume groups, 657
vulnerability scanning, 401-405
W[ Top ]
w(rite) access, 36-37
wall command, 13
Wall, Larry, 899
WAN (wide area network), 180
wander, 469
War Games, 330
warm boot, 127
wcomm.sh command, 1065
well-known ports, 189
wgrep utility, 901
wheel group, 8, 235
who command, 154
wide area network (WAN), 180
WINDOWMANAGER environment variable (SuSE Linux), 246
Windows 2000, 431
fixmbr recovery console command, 1043
grub and, 1041
lilo and, 1038
net use command, 703
restoring the MBR, 1043
sharing filesystems with, 703
sharing printers with, 860-863
.wm_style file (Red Hat Linux), 245
World Wide Web, passwords and, 285
worms, 338
write command, 12
WSM (AIX), 19
wsm command (AIX), 19
wtmp accounting file, 1052
X[ Top ]
X Window System, 71
adding fonts to, 881
font management, 878
font path, 881
initialization files, 245
TrueType fonts and, 884
USB mice, 809-810
x (execute) access, 36
xargs command, 83
xbiff command, 614
XF86Config configuration file, 809-810, 881
xferfaxstats command, 802
xfs font server, 882
xfsft font server, 884
Ximian setup tools, 27
xinetd daemon, 380-381
TCP Wrappers and, 381
.xinitrc file, 245-246
xjoin command (Tru64), 468
xlock command, 7
xrpm command (Linux), 117
xstm command (HP-UX), 110
xwd command, 817
xyzzy, 278
X access, 41
Y[ Top ]
yast2 command (SuSE Linux), 24
package management, 117
Yeats, William Butler, 55
yes command, 919
Ylönen,Tatu, 376
Z[ Top ]
Zimmerman, Phil, 363
Zip drives, 640
as backup devices, 720
USB, 808
zombie processes, 963
zone files, DNS, 428
reverse, 432
serial numbers, 430
subnets and, 432
zone transfers, DNS, 437
incremental, 440-441
zones, DNS, 418
defining, 424
Zurück zu Essential System Administration
