Index

Index
Prev

absolute pathnames, reading tapes

Reading Media from Other Systems

Access Control Lists

Access Control Lists (ACLs)

access control violations

File Permission Violations by Inside Users

accounting

process

System Accounting

system

System Accounting

acl

Access Control Lists (ACLs)

ls option

Access Control Lists (ACLs)

administration, system

documentation

IRIX Admin Manual Set

archiving audit data

Archiving Audit Data

attrinit command

Using attrinit to Clean Up Capability Corruption

audit

a file

Auditing a File
Access to Particular Files or Resources

a label

Auditing a Label Under Trusted IRIX/B

a user

Activity by Particular Inside Users
Auditing a Specific User

customizing

Customizing Auditing

data archiving

Archiving Audit Data

data removing

Removing Audit Data

event types

Auditable Events

guidelines

About Proper and Improper System Management

improper use

About Proper and Improper System Management

particularly interesting users

Activity by Particular Inside Users

sample record

About the Audit Data

sat_select

Auditable Actions

system data files modification

Modifications of System Data Files

system programs modification

Modifications of System Program Attributes

the audit trail

Manipulation of the Audit Trail

audit data

interpreting

About the Audit Data

understanding

About the Audit Data

auditing

cofiguration utilities

Customizing Auditing

customizing

Customizing Auditing

default environment

Default Auditing

enabling

Enabling Auditing

list of items to audit

Auditable Events

reading output

About the Audit Data

recovery

Saving and Retrieving Your Auditing Environment

saved files

Placing the Audit Files

saving

Saving and Retrieving Your Auditing Environment

auditing, description

Administering the System Audit Trail

auditing, satconfig utility

About satconfig

autochangers

Types of Backup Media

Backup

Saving Data with Backup

backup and restore

using xfsdump and xfsrestore

About xfsdump and xfsrestore

Backup and Restore window

System Backup Tools

backups

about

Planning a Backup Strategy

across a network

File Backup Across a Network

automatic

Automatic Backups with cron

available programs

IRIX Backup Tools

byte swapping

Reading Media from Other Systems

dd conversion options

Reading Media from Other Systems

error messages

Backup and Recovery Error Messages and Actions

errors

Troubleshooting Errors During Backup

estimate space with bru

Saving Data with Backup

how often

When to Back Up Data and What to Back Up

incremental

Incremental Backup Schedule

incremental with cpio

Performing Incremental Backups with cpio
Performing Incremental Backups with tar

incremental with dump

Performing Incremental Backups

incremental with tar

Performing Incremental Backups with tar
Performing Incremental Backups with cpio

making

General Backup Procedure

restored wrong one

Restoring the Correct Backup After the Wrong One

root filesystem

Root Filesystem Backup

storing

Storage of Backups

strategies for

Backup Strategies

unreadable

Troubleshooting Unreadable Backups

user filesystems

User Filesystem Backup

Capabilities

Least-Privilege Capabilities

Capabilities, default

Capabilities in This Release

capabilities, on files

File Capabilities

chacl command

Short ACL Text Form

changing passwords

Controlling Password Aging by Editing /etc/passwd
Controlling Password Aging by Editing /etc/passwd

cpio

about

IRIX Backup Tools

and System Manager

About cpio

capabilities

About cpio

making backups

Using cpio to Back Up Files by Modification Date

restoring files

Restoring cpio Archives
Restoring tar Archives

cumulative restores, xfsrestore

Performing Cumulative Restores with xfsrestore

customizing auditing

Customizing Auditing

data segments, xfsdump

Media Layout for xfsdump

dbedit utility

Modifications of System Data Files

dd

about

IRIX Backup Tools

capabilities

About dd

conversion options

Reading Media from Other Systems

default backup device

changing

Changing the Default Backup Device

/dev/tape

General Backup Procedure

disabling IP packet forwarding

Disabling Forwarding of IP Packets

disabling NFS

Disallowing NFS Access on the Firewall

disabling NIS

Disabling NIS (YP) on the Firewall

DNS configuration of internal network

Domain Name System (DNS) Security Guidelines

dual-homed host

hardware setup

Dual-Homed Host Firewall

software setup

Network Software Setup on a Dual-Homed Host

dump

about

IRIX Backup Tools

/etc/dumpdates

Backing Up a Filesystem with dump

incremental backups

Performing Incremental Backups

making backups

Backing Up a Filesystem with dump

vs. xfsdump

About xfsdump and xfsrestore

dump inventory, xfsdump

Media Layout for xfsdump

dump session, xfsdump

Media Layout for xfsdump

dump stream, xfsdump

Media Layout for xfsdump

educating users about security

Educating Users About the Firewall

error messages, backup and recovery

Backup and Recovery Error Messages and Actions

/etc/capability file

The /etc/capability File

/etc/dumpdates

Backing Up a Filesystem with dump

/etc/hosts.equiv file

Network Access Control Files

/etc/inetd.conf file

Local inetd Services

/etc/passwd file

Network Access Control Files

file audit

Auditing a File

File Capabilities

File Capabilities

firewall

monitoring security

Monitoring the Firewall

firewall

definition

About Firewalls

design philosophy

Firewall Design Philosophy

hardware configuration

Hardware Configuration for Firewalls

software configuration

IRIX Configuration for Security

firewalls

About Network Security and Firewalls

forwarding IP packets

Disabling Forwarding of IP Packets

FTP services

Limiting inetd Services

hardware configuration

firewall

Hardware Configuration for Firewalls

routers

Routers and Firewalls

host

dual-homed

Dual-Homed Host Firewall

screened

Screened Host Gateway

housekeeping directory

About the housekeeping and orphanage Directories

incremental dumps, xfsdump

About Incremental and Resumed Dumps

inetd daemon

Local inetd Services

inetd services

limiting

Limiting inetd Services

insider security violation

System Use and Abuse by Inside Users

interactive restore, xfsrestore

Performing Interactive Restores with xfsrestore

internal network configuration

Internal Network Security Configuration

Internet, definition

About the Internet

interrupted restores, xfsrestore

Interrupting xfsrestore

inventory, xfsdump

Media Layout for xfsdump
Examining xfsdump Archives

IP packet forwarding

Disabling Forwarding of IP Packets

IRIX administration

documentation

IRIX Admin Manual Set

jukeboxes

Types of Backup Media

label audit

Auditing a Label Under Trusted IRIX/B

locking logins

Controlling Password Aging by Editing /etc/passwd

log files

About Log Files on the Firewall

login

disable time

Setting a Time Period to Disable a Line (DISABLETIME)

locking

Controlling Password Aging by Editing /etc/passwd
Locking Unused Logins

maximum attempts

Restricting Login Attempts (MAXTRYS)

options

System Login Options

recording

Recording Login Attempts

restricting root

Restricting root Logins

special accounts

About Special Accounts

ls -d option

Using ls -D and chacl

mail

configuration of internal network

Mail Configuration Security Guidelines

spool isolation

Mail Spool Isolation

media

layout, xfsdump

Media Layout for xfsdump

object, xfsdump

Media Layout for xfsdump

storing

Storage of Backups

modification of system data files

Modifications of System Data Files

modifications of system programs

Modifications of System Program Attributes

monitoring the firewall

Monitoring the Firewall

ncheck command

Checking for Set-UIDs in the root Filesystem

network

access control

Network Access Control Files

backups

File Backup Across a Network

screened

Screened Host Gateway

security issues

Network Security Issues

NFS

limiting or disabling

Disallowing NFS Access on the Firewall

NIS

disabling

Disabling NIS (YP) on the Firewall

operating the system

general

System Accounting

orphanage directory

About the housekeeping and orphanage Directories

outside connections

Connections with Machines Outside the Local Network

outsider security violation

System Use and Abuse by Outside Users

password

aging

About Password Aging

changing

Controlling Password Aging by Editing /etc/passwd
Controlling Password Aging by Editing /etc/passwd

checking

Using pwck to Check the Password File

choosing

Guidelines for Devising Passwords

dialup

Establishing Second (Dialup) Passwords

forcing

Forcing a Password

PROM

About PROM Passwords

protection

Password Protection on the Firewall

password PROM

About PROM Passwords

passwords

administration

Password Administration

potential security violations

About Security Violations

process accounting

System Accounting

PROM passwords

clearing

Clearing the PROM Password Using nvram

setting

Setting the PROM Password from the Command Monitor

use of

About PROM Passwords

proxy servers

About Proxy Servers

pwck command

Using pwck to Check the Password File

Recover System

Recovering Data After System Corruption

recovery

after system corruption

Recovering Data After System Corruption

error messages

Backup and Recovery Error Messages and Actions

removing

audit data

Removing Audit Data

Restore

about

IRIX Backup Tools
IRIX Backup Tools

interactive mode

Recovering Individual Files with restore

restoring data

Restoring Data with Restore

restoring filesystems

Recovering a Filesystem with restore

restoring individual files

Recovering Individual Files with restore

vs. xfsrestore

About xfsdump and xfsrestore

restoring data

cpio

Restoring tar Archives
Restoring cpio Archives

restore

Recovering a Filesystem with restore
Restoring Data with Restore

tar

Restoring tar Archives
Restoring cpio Archives

restoring interrupted dumps, xfsrestore

Performing Cumulative Restores with xfsrestore

.rhosts file

Network Access Control Files

robotic media changers

Types of Backup Media

root privilege violation

Unexpected Use of Root Privilege by Inside Users

routers and firewalls

Routers and Firewalls

RPC services

limiting

Limiting rpc Services Access on the Firewall

SAT

customizing

Customizing Auditing

event types

Auditable Events

sample record

About the Audit Data

sat_select

Auditable Actions

understanding data

About the Audit Data

sat_interpret utility

About the Audit Data
About the Audit Data

sat_reduce utility

About the Audit Data

sat_select

Auditable Actions

sat_select utility

About sat_select

sat_summarize utility

About the Audit Data
About the Audit Data

satconfig utility

About satconfig

screened host

hardware setup

Screened Host Gateway

screened network

hardware setup

Screened Host Gateway

security

guidelines

Security Safeguards and Cautions

IRIX standard

Standard Security Features

LAN

Local Area Network Access

network

Network Security

process accounting

System Accounting

tightening for firewall

Tightening Security in IRIX

Trojan horse attack

Security Safeguards and Cautions

xhost command

Limiting Access with the xhost Command

security violation

insider

System Use and Abuse by Inside Users

security violation (auditing)

access control

File Permission Violations by Inside Users

outside connections

Connections with Machines Outside the Local Network

outsider

System Use and Abuse by Outside Users

potential

About Security Violations

root privilege

Unexpected Use of Root Privilege by Inside Users

unauthorized entry

Attempts at Unauthorized System Entry

unusual system usage

System Use at Unusual Hours or from Unusual Locations

sendmail

configuration

Sendmail Configuration and Mail Aliases

Set-GID

Checking for Set-UIDs in the root Filesystem

Set-UID

Checking for Set-UIDs in the root Filesystem

software

checking integrity

Checking Software Integrity on the Firewall

stream terminator, xfsdump

Media Layout for xfsdump

system access

Controlling Password Aging by Editing /etc/passwd
Controlling Password Aging by Editing /etc/passwd
Controlling Password Aging by Editing /etc/passwd

system accounting

System Accounting
System Accounting

system administration

documentation

IRIX Admin Manual Set

system backups

System Backup Tools

system data files

modification

Modifications of System Data Files

System Maintenance Menu

Recovering Data After System Corruption

system passwords

password

system

About PROM Passwords

system recovery

Recovering Data After System Corruption

tape device, default

General Backup Procedure

tapes

reusing

Guidelines for Tape Reuse

storing

Storage of Backups

testing

Testing for Bad Media

tapes, absolute pathnames

Reading Media from Other Systems

tapes, reusing with xfsdump

Reusing Tapes with xfsdump

tar

about

IRIX Backup Tools

capabilities

About tar

comparison key characters

Examining tar Archives

making backups

Using tar to Back Up Files by Modification Date

restoring files

Restoring tar Archives
Restoring cpio Archives

terminator, xfsdump

Media Layout for xfsdump

Trojan horse attack

Security Safeguards and Cautions

unauthorized entry

Attempts at Unauthorized System Entry

understanding the audit data

About the Audit Data

unusual system usage

System Use at Unusual Hours or from Unusual Locations

user accounts

forcing a password

Forcing a Password

user audit

Auditing a Specific User

users and security

Educating Users About the Firewall

violations

of access control security

File Permission Violations by Inside Users

of root privilege security

Unexpected Use of Root Privilege by Inside Users

of security by insiders

System Use and Abuse by Inside Users

of security by outsiders

System Use and Abuse by Outside Users

of security by unauthorized entry

Attempts at Unauthorized System Entry

of security by unusual system usage

System Use at Unusual Hours or from Unusual Locations

possible

About Security Violations

through outside connections

Connections with Machines Outside the Local Network

World Wide Web:and security

World Wide Web Security Issues

X server access

checking

Interactive Use of the xhost Command

controlling

X11 Network Access

xfsdump

dump inventory

Examining xfsdump Archives

incremental dumps

About Incremental and Resumed Dumps

media layout

Media Layout for xfsdump

network usage

Using xfsdump and xfsrestore to Copy Filesystems

resumed dumps

About Incremental and Resumed Dumps

reusing media

Reusing Tapes with xfsdump

specifying media

Specifying Local Media with xfsdump

STDOUT

Using xfsdump and xfsrestore to Copy Filesystems

using

Saving Data with xfsdump

xfsrestore

cumulative restores

Performing Cumulative Restores with xfsrestore

interactive restore

Performing Interactive Restores with xfsrestore

interrupted restores

Interrupting xfsrestore

network usage

Performing Network Restores with xfsrestore
Using xfsdump and xfsrestore to Copy Filesystems

restoring files

Restoring Individual Files with xfsrestore

restoring interrupted dumps

Performing Cumulative Restores with xfsrestore

session ID

Performing Simple Restores with xfsrestore

session label

Performing Simple Restores with xfsrestore

simple restores

Performing Simple Restores with xfsrestore

STDIN

Using xfsdump and xfsrestore to Copy Filesystems

using

About xfsrestore

xhost command

Limiting Access with the xhost Command

Prev	Table of Contents
Chapter 7. System Accounting