Errata

Print Print Icon

Submit your own errata for this product.


The errata list is a list of errors and their corrections that were found after the product was released. If the error was corrected in a later version or reprint the date of the correction will be displayed in the column titled "Corrected".

The following errata were submitted by our customers and approved as valid errors by the author or editor.

Color Key: Serious Technical Mistake Minor Technical Mistake Language or formatting error Typo Question



Version Location Description Submitted By Corrected
Printed Page 7
last paragraph, 2nd to last line

Errol Young
should be:
Eric Young

 Anonymous 
Printed Page 19
Just before 'Kerberos 5 prinicals' heading

service.hostanem@REALM
should be
service.hostname@REALM

 Anonymous 
Printed Page 24
5th paragraph

"Since the Needham and Schroeder protocol"
should read
"Since the Needham-Schroeder protocol"

to be consistent with the rest of this section (i.e. "Needham and Schroeder" is use
when mentioning the individuals, but "Needham-Schroeder" is used for referring to the
protocol itself.

The same error is present on page 25, paragraph 2, line 5, where "The Needham and
Schroeder protocol" should read "The Needham-Schroeder protocol".

 Anonymous 
Printed Page 25
last paragraph, line 2

The line as printed reads:

"...sends the authentication server a message containing the its own identity and the..."
The second word "the" should be omitted, so it reads
"...sends the authentication server a message containing its own identity and the..."

 Anonymous 
Printed Page 27
2nd paragraph of the locked box inset

identiacal
should be:
identical

Anonymous 
Printed Page 29
Caption on figure 3-5

'reply attack' should read 'replay attack'

 Anonymous 
Printed Page 67
last sentence on page

"since the Kerberos libraries will be smart enough to figure those
out on its own"
should be
"... on their own"

 Anonymous 
Printed Page 91
Top of page

Another tool that can be helpful is the Kerberized telnet daemon. It has rather
verbose output so that errors can be readily gleamed from the messages it prints when
connecting.

NOW READS:
'gleaned'

 Anonymous  Oct 2003
Printed Page 111
In Chapter 6, in the page 111 footnote,

the URL is broken:
http://theory.stanford.edu/~tjw/krbpass.html

NOW READS:
http://citeseer.nj.nec.com/418833.html

 Anonymous  Oct 2003
Printed Page 115
1st paragraph in the section entitled "Heimdal", 4th line

"in 30 day's time"
should read
"in 30 days' time"
(mis-placed apostrophe)

 Anonymous 
Printed Page 129
Paragraph entitled "Logon Auditing"

line 5: "severs" should be "servers"

 Anonymous 
Printed Page 138
6th line on page

"change to a client application does support Kerberos"
should read
"change to a client application that does support Kerberos"

 Anonymous 
Printed Page 142
lines 2-3 on page

"such as a PAM module to check if the potential users' shell,
located in /etc/shells"

should probably read

"such as a PAM module to check if the potential user's shell is
listed in /etc/shells"

 Anonymous 
Printed Page 142
line 15

password required /lib/security/pam_cracklib.so retry=3 type=
should be:
password required /lib/security/pam_cracklib.so retry=3

 Anonymous 
Printed Page 146
3rd paragraph

"Simple and Protected GSSAPI Protection Mechanism"
Should be
"Simple and Protected GSSAPI Negotiation Mechanism".

 Anonymous 
Printed Page 150
9th line from bottom

"om which" should be "of which"

 Anonymous 
Printed Page 150
4th line from bottom

"gleamed" should read "gleaned"

 Anonymous 
Printed Page 156
3rd paragraph, sentence

".. placed in a keytab that can be read by the OpenLDAP server, slurpd"
should be:
".. placed in a keytab that can be read by the OpenLDAP server, slapd"

 Anonymous 
Printed Page 179
3rd paragraph

It concerns the ktpass command example.

W2K.WEDGIE.ORG was choosen as the realm. wedgie.org is the domain.

the listen command is:

ktpass -out unixhost.keytab -princ host/unix.wedgie.org@WEDGIE.ORG

it should be:

ktpass -out unixhost.keytab -princ host/unix.wedgie.org@W2K.WEDGIE.ORG

 Anonymous 
Printed Page 213
3rd paragraph

"to carry out an attach on a smart card"
should be
"to carry out an attack on a smart card"

 Anonymous 
Printed Page 233
In Appendix A, on page 233,

the first item in the list under the text para was
"disallow-postdataed"

NOW READS:
"disallow-postdated"

 Anonymous  Oct 2003
Printed Page 253
index entry

Young, Errol, 7
should be:
Young, Eric, 7

 Anonymous