Building Secure Servers with Linux by Michael D. Bauer The unconfirmed error reports are from readers. They have not yet been approved or disproved by the author or editor and represent solely the opinion of the reader. Here's a key to the markup: [page-number]: serious technical mistake {page-number}: minor technical mistake : important language/formatting problem (page-number): language change or minor formatting problem ?page-number?: reader question or request for clarification This page was updated April 09, 2003. UNCONFIRMED errors and comments from readers: (120) example 4.4; In the prompt, bauer@homebox should be mbauer@homebox (123) 3rd paragraph; scp command should have an additional ':', otherwise it will just make a local copy of the file. It should be: scp -i /etc/script_dsa_id /var/log/messages/* scriptboy@archive.g33kz.org: {124} 3rd last sentence; Setting the DISPLAY variable to your.client.IP.address:0 will NOT work, unless you open up your X for that particular machine (xhost + machinename). SSH will listen on a certain display number and forward the X events to your own X server, but SSH will never use display 0. (145) 3rd paragraph; /etc/server should be /etc/services (146) 5th paragraph; -d srsync should be -d ssync {234} point 6 in list (top of page); postfix /etc/aliases should be postalias /etc/aliases [248] 8th row of table; Static content directories should have mode 570. Otherwise user apache (the owner) won't have read+execute directory access and won't be able to retrieve any content. (272) before "Limiti delle risorse"; #Elimina Indexes dalle opzioni correnti: Options Indexes should be: #Elimina Indexes dalle opzioni correnti: Options -Indexes (340) last paragraph; Text says: "As noted at the end of 'Compiling and installing Syslog-ng from Source Code' ...", but the thing that is noted is not in there, instead in table 10.-8. (346) 2nd paragraph; /var/log/Sun, /var/log/Mon should be /var/log/messages.Sun, /var/log/messages.Mon (358) 5th paragraph; reference to example 10.27 should be 10.28, 10.28 should be 10.29 (389) 2nd paragraph; In the discussion of snort, the author refers to the payload of a packet. In particular, a http GET request. The snort output of the fourth packet in example 11- 10 does not include its payload data so this request cannot be seen.