Security Warrior by Cyrus Peikari, Anton Chuvakin The unconfirmed error reports are from readers. They have not yet been approved or disproved by the author or editor and represent solely the opinion of the reader. Here's a key to the markup: [page-number]: serious technical mistake {page-number}: minor technical mistake : important language/formatting problem (page-number): language change or minor formatting problem ?page-number?: reader question or request for clarification This page was updated July 16, 2004. UNCONFIRMED errors and comments from readers: pg 35 symbol table has B Uninitialized data (.bss) however, the printed example of output shows 0804a06c A __bss_start it would seem that Uninitialized data is signified by A rather than B [246] bottom(explanation of MAC times); ctime records when the properties of a file was changed. mtime records when a file was changed. For example, if you change a permission of a file, ctime changes. pg 261 "RIX" should be "AIX" pg 273 "www.openbsd.com" would more appropriately be "www.openbsd.org" pg 274 "X Windows does function..." should be "does not function..." (274) The middle of the page; Both "To locate all SUID binaries, ..." and "This produces a list of all SUID ..." say same thing. [277] The center of the page; As long as ~/.ssh2(or ~/.ssh) directory is owned by a user, the user can remove the file "authorization"(or "authorized_keys"). So although the user can not modify the file, he can remove the file and create a new file with the same name. It doesn't work for a skilled user. [279] Last line of "FTP"; /etc/ftpusers is used for listing users who are "not" allowed logins via FTP. (295) item 5; There is a space between directory name and file name in "~/.ssh/ authorized_keys". Delete the space. pg 319 "top 10" lists both say 2002 (first one listed should be 2003?) pg 377 "the part of the application visitble to the user..." should be "application visible to..." pg 382 "but how does we..." should be "how do we..." pg 416 "ngrep.courceforge.net" should be "sourceforge" pg 453 "RFC 918" should be "RFC 1918" pg 467 "Linux iptables, ipchains, FreeBSD, NetBSD, or ipf or OpenBSD's new pf code" Should be something more like: "iptables or ipchains on Linux, and ipfw, ipf, or the new pf on FreeBSD, NetBSD, and OpenBSD (each *BSD has at least one of the above)"