Practical Guide to Software Quality Management (Artech House Computing Library)

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] A (address) record

     cache poisoning and     creating multiple     direct delivery and     mail servers and

     MTAs and     MX record and     tinydns and-a option     newsyslog     syslogd 2nd 3rd accept action (ipfw)

access control

     administration and     loghosts and     minirsyslogd and

     syslogd and

     users and

access control lists [See ACLs]

access table (Postfix) accountability, security and

accounts     CVS repository and

     default denial mindset     FreeBSD and     locked out     logging to     operator

     security considerations 2nd 3rd

     shell

     toor

ACID (Analysis Console for Intrusion Databases)

acid_conf.php file

ACLs (access control lists)

     dangers of 2nd

     filesystem flags and 2nd

     FreeBSD and

     log files and

     POSIX 2nd

     TSIGs and 2nd 3rd

     zone transfers and

Active Directory (Microsoft Windows) add command (ipfw)

AddModule directive

address record [See A record]

address resolution protocol (arp) request 2nd

adduser command admincvs group 2ndadministration

     access control     additional resources 2nd     everyday security     of firewalls 2nd

     HIDS software     monitoring system health     multiple systems and     remote 2nd 3rd     security and     security vulnerability response     upgrading

administrators

     controlling access 2nd     false positives and     logging and

     mailing lists

     privileged access

     root passwords and 2nd

     su and sudo comparison advskew variable (CARP)

AES algorithm 2nd AFS (Andrew File System)

alert level (syslog)alerts     ACID and 2nd     false positives and     IDS and 2nd

     logcheck and

     Snort and 2nd

     swatch and

     Tripwire and

alerts file (Snort)

aliases

     arbitrary program restriction

     defining

     jail and

     mail delivery and 2nd

     mail forwarding via

     protecting

     sendmail and

all keyword (pfctl) Allman, Eric

allow action (ipfw)

allow-recursion option (BIND)

allow-transfer option (BIND)

AllowGroups option (sshd_config) AllowOveride None (mod_cgi) AllowUsers option (sshd_config)

Amanda (Advanced Maryland Network Disk Archiver) 2nd 3rd amavisd-new command 2nd 3rd amavisd.conf file ampersand (&) 2nd

Analysis Console for Intrusion Databases (ACID) Andrew File System (AFS) Anonymous Diffie-Hellman ciphers Anonymous FTPApache web servers     ACID and     additional resources

     best practices

     chroot and     configuring 2nd 3rd     encryption and

     FreeBSD and

     HTTP authentication

     installing

     jail and     ktrace command

     modules     overview

     popularity of     support files     support for     thttpd and 2nd     two-tiered architecture

     vulnerabilities

apachectl command

applications [See also software] [See also software]

     events and

     logging to

     loghosts and

     mailing lists

     security and 2nd 3rd

     worms and

     writing restrictions

arbitrary content filtering 2nd 3rd

arbitrary program execution

arch flag 2nd 3rd 4th

arp (address resolution protocol) request 2nd arp poisoning

ASCII characters

assessment, incident response and

asterisk (*) 2nd 3rd

asymmetric cryptography at command at sign (@) 2nd

@stake atrm commandattacks     ACID and 2nd

     buffer overflow and 2nd     chroot and     core dumps and     creating users with     DNS 2nd     DoS 2nd 3rd     false negatives and

     firewalls and 2nd 3rd 4th 5th

     fragmentation 2nd     HIDS and 2nd     .htaccess files and

     internal

     Internet connectivity and

     IPS and

     log analysis     log files and

     mail servers     minirsyslogd and

     MITM 2nd 3rd     multipurpose systems and     network versus local     NIDS and 2nd     operating system level

     PIDs and

     problems in software

     ProPolice stack protection and

     registration hijacking

     responding to

     scripted 2nd

     Sendmail and

     Snort and

     spoofing

     system availability and

     uchg flag and

     understanding impact of

     Unicode

     vulnerability discovery and     web servers and

     webmail servers and

auditing

     administrator access

     automated scripts     controlling open relays     defined 2nd

     HIDS and     log files and 2nd     logcheck and     loghosts and

     OpenBSD and     security and 2nd 3rd 4th     swatch and     syscall activity auth facility 2nd auth.info fileauthentication

     auto-logout and

     centralized     DHCP and     digest

     DNS and

     dynamic updates

     HTTP

     logging commands     mail access and

     mail servers and 2nd     MUAs and

     NFS and     NTP     passphrase     pfsync and     plaintext 2nd

     POP and

     Postfix and

     SASL and 2nd 3rd

     security considerations

     Sendmail and

     SMTP and 2nd

     ssh keys

     sshd and

     syslogd and

     two-factor 2nd 3rd

     UDP and

     vulnerabilities with

     webmail and

authoritative servers 2ndauthorized_keys file

     creating

     public key and 2nd

     risk mitigation

     system immutable flag and authpriv facility 2nd authwarnings value (PrivacyOptions)

automatic logout Autopsyavailability     of firewalls

     root volume and     security and 2ndAXFR (zone transfer)     authenticating     BIND versus djbdns     DNS-based risks     logging