Security Warrior by Cyrus Peikari, Anton Chuvakin This errata page lists errors outstanding in the most recent printing. If you have technical questions or error reports, you can send them to booktech@oreilly.com. Please specify the printing date of your copy. This page was updated July 19, 2004. Here's a key to the markup: [page-number]: serious technical mistake {page-number}: minor technical mistake : important language/formatting problem (page-number): language change or minor formatting problem ?page-number?: reader question or request for clarification Confirmed errors: (27), line 2 Comment character (;) missing at beginning of line (27), 2nd code, 3rd line "with the following:" should be a standard paragraph instead of being part of the code. (76), last text para, 1st line "dt_tag" -> "d_tag" (see code above this para) {125}, Table 4-1 The bit values in the table are wrong (they don't match what the table is said to be about). (127), 1st code, 2nd line "BL if = equal" -> "BL if equal" (135), line 4 "registries" -> "registers" (139), line 6 "28 (hex) bits of memory" -> "28 (hex) bytes of memory" (141), line 11 "a message of just "R"" -> "a message of just "H"" {189} in figure 6-5 the field "identification" should be "Payload Length" {192} 4th line from top; The decimal value of (ox)40 is 64, not 62. (195), The field "ttl" in the 2nd code line (top of page) is not described in the list below the code. It should say: ttl The IP Time-to-live field. (196), 1st para of Fragroute section, line 2 "to its its author" -> "to its author" (214), code in lower half line with whois command is missing (or the line above the code should say "The following is an example output of ...") (215) 3rd line "In might seem" -> "It might seem" (216) 3rd line from bottom "list of search of engines" -> "list of search engines" {246}, 2nd para in section "Timestamps" "(change time, or ctime)" and "(modified time, or mtime)" are misplaced and need to be swaped. (Compare with the -- correct -- comments in the code at bottom of page.) {247} The bottom of the page; delete a space after the comma. "-o noatime, remount" should be "-o noatime,remount" and "-o ro, remount" should be "-o ro,remount". (252), 1st list entry "Telnet, shell on port" -> "Telnet, shell on high port" [262] 1st new paragraph of page, after the two chmod examples; The book says, ...thus, if the umask is set to 600, all new files are created with read and write rights... should be: ...thus, if the umask is set to 177, all new files are created with read and write rights... (274), mid of page "This produces a list of all SUID binaries ..." and the following line of code are redundant; they repeat the previous 2 paragraph and code lines. {275} 4th paragraph in "Login Security"; Official URL of Linux Documentation Project is changed from http://www.linuxdoc.org to http://www.tldp.org (319) The introducing sentences for the two lists refer both to the same year (2002). The first list should say 2003. (330), 1st line in section SMB Attack "Service Message Block" -> "Server Message Block" (333) 3rd paragraph line 3 "Adminstrative" -> "Administrative" (377), line 14 "visitble" -> "visible" (397), end of 5th line "segmen" -> "segment" (416), line 11-12 "http://ngrep.courceforge.net/" -> "http://ngrep.sourceforge.net/" (439) 1st paragraph line 3 The dot at the end of line should be removed (it's not the end of the sentence -- see next line). (441), bottom of page, list entry "1." There are two colons at end of line, one is redundant. (445), References The last entry is redundant (repeats the 4th entry). (447) 4th paragraph, 5th line from bottom One redundant "a" at end of line. (453) 1st paragraph line 4 "RFC 918" -> "RFC 1918" (456), 2nd-to-last line "oneof" -> "one of" (465), last section title "framwork" -> "framework" (475), list item 1 web address changed to http://sourceforge.net/projects/aide (494) figures 22-9 and 22-10 Wrong screenshots! 22-9 should show the IE tab of Evidence Eliminator (currently in figure 22-10), and 22-10 should show the NSN (Netscape) tab. (513), table A-9, last row "Preceding an address" -> "Preceding an address specifies indirection" (533) 2nd paragraph line 3 "European-managed" -> "European managed"