FFFFoooorrrruuuummmm ooooffff IIIInnnncccciiiiddddeeeennnntttt RRRReeeessssppppoooonnnnsssseeee aaaannnndddd SSSSeeeeccccuuuurrrriiiittttyyyy TTTTeeeeaaaammmmssss 1111999999994444 SSSSeeeeccccuuuurrrriiiittttyyyy TTTToooooooollllssss aaaannnndddd TTTTeeeecccchhhhnnnniiiiqqqquuuueeeessss CCCCDDDD----RRRROOOOMMMM _J_u_l_y, _1_9_9_4 _I_n_t_r_o_d_u_c_t_i_o_n Welcome to the FIRST 1994 Security Tools and Techniques CD-ROM. On this disc, you will find over 275 megabytes of information related to com- puter and data security, including over one hundred papers on various topics, over fifty software packages for UNIX systems, numerous virus scanners and similar tools for PCs and Macs, complete collections of the advisories issued by many of the FIRST member teams, password cracking dictionaries, summaries of computer-related laws by state and country, electronic ``hacker'' magazines, and more. The information contained on the FIRST CD-ROM has been collected from anonymous FTP sites around the world. Indeed, that is the primary purpose of the disc: to collect in a single place the information and tools that are scattered about the Internet, so that you, the user, can have a single place from which to obtain them. _TTTT_HHHH_EEEE _MMMM_AAAA_TTTT_EEEE_RRRR_IIII_AAAA_LLLL _OOOO_NNNN _TTTT_HHHH_IIII_SSSS _CCCC_DDDD_----_RRRR_OOOO_MMMM _IIII_SSSS _PPPP_RRRR_OOOO_VVVV_IIII_DDDD_EEEE_DDDD _AAAA_SSSS_----_IIII_SSSS We (the Forum of Incident Response and Security Teams, the United States Government, Purdue University, and David A. Curry) disclaim all warranties with regard to the contents of this disc, including all implied warranties of merchantibility and fitness. In no event shall we be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, aris- ing out of or in connection with the use or performance of the contents of this disc. _UUUU_SSSS_EEEE _OOOO_FFFF _TTTT_HHHH_IIII_SSSS _MMMM_AAAA_TTTT_EEEE_RRRR_IIII_AAAA_LLLL _IIII_SSSS _AAAA_TTTT _YYYY_OOOO_UUUU_RRRR _OOOO_WWWW_NNNN _RRRR_IIII_SSSS_KKKK The material on this disc has been collected via the Internet from anonymous FTP sites all over the world. No effort has been made to verify that the software thus obtained is free from viruses, Trojan horses, or other forms of malicious pro- gramming. No effort has been made to verify that the software performs as its authors claim, or that it even compiles. Before making use of any of this software, we recommend that you examine the source code, if available, and be sure that you believe it to be free of malicious code. Likewise, we recommend that you scan binary programs for viruses before installing or executing them on your system. In short, treat this material with the same caution and care you would use if you had FTPed it yourself. July 4, 1994 - 2 - _D_i_s_k _F_o_r_m_a_t This CD-ROM is formatted according to the ISO-9660 standard, which is based on a _d_e _f_a_c_t_o industry standard format called ``High Sierra.'' The ISO-9660 format is very portable; nearly every system that supports CD-ROMs supports the ISO-9660 format in addition to any operating system specific formats the system offers. Most systems that support the ``High Sierra'' format (such as SunOS 4.1._x) will also support the ISO-9660 format. If you're not sure whether or not your system supports this format, the easiest way to find out is just to try it. Since the CD-ROM is a read-only media, you can't do any permanent damage. Unfortunately, to obtain the maximum portability between operating sys- tems, the designers of the ISO-9660 format had to impose rather serious constraints on the file and directory naming scheme that could be used. An ISO-9660 file system is very much like the one offered by MS-DOS: +o File and directory names may contain only upper-case letters, digits, and underscore characters. +o File names consist of a 0-8 character base name, a period (`.'), and a 0-3 character extension name. Either the base name or the extension name (but not both) may be missing. +o A version number, separated from the file name by a semi- colon (e.g., ``;1'') is required for all file names. +o Directory names consist of a 0-8 character base name, no period, and no extension name. +o A maximum of eight levels of directories are allowed, and only 510 files may appear in any directory. A path name (com- plete file name as specified from the top-level directory) is limited to a total length of 65 characters. +o No facilities are provided for file ownership, access permis- sions, links, and so forth. When you use an ISO-9660 format disc on most UNIX systems, the CD-ROM driver typically makes some silent modifications to the ISO-9660 names so that they follow UNIX conventions. For example, many systems map alphabetic characters to lower case, hide the version numbers, and some- times hide trailing periods. They typically give all files and direc- tories a permission mode of 0555 (r-xr-xr-x). In the table of contents on the following pages, all file and directory names are shown in lower case, and version numbers are not shown (all files have version number ``;1''). If your system displays upper case names and/or version numbers and does not map lower case letters into upper case or automatically append version numbers when needed, you will have to make these conversions yourself when accessing the disc. Within path names in the table of contents, the UNIX convention of using a slash (``/'') to separate path name components (e.g., /_o_n_e/_t_w_o/_t_h_r_e_e/_f_i_l_e._t_x_t) is used. If your system uses some other July 4, 1994 - 3 - convention, such as the backslash (``\'') of MS-DOS, you will have to make this conversion yourself as well. _F_i_l_e _N_a_m_e _E_x_t_e_n_s_i_o_n_s For each file on the disc, the file name extension is used to indicate the format of the file. The extensions in use on this edition of the disc are: _...._hhhh_qqqq_xxxx A BinHex'd file for the Macintosh. Use BinHex or StuffIt to debinhex the file. _...._pppp_ssss PostScript, the page description language from Adobe. You can send this to a laser printer that understands PostScript, such as any Apple LaserWriter, or most of the newer Hewlett-Packaer LaserJet printers. You can also preview it on the screen using a PostScript pre- viewer such as ghostscript. _...._ssss_eeee_aaaa A BinHex'd self-extracting Compact Pro archive for the Macintosh. Use Compact Pro, BinHex, or StuffIt to debinhex the files, then double click on the debinhexed files to extract the files from the compac- tor archives. _...._tttt_aaaa_rrrr A UNIX ``tar'' (tape archive) file. This file con- tains an archive of other files and directories. It can be extracted into the current directory on a UNIX system by using the command tar -xvf _ffff_iiii_llll_eeee_nnnn_aaaa_mmmm_eeee, or a table of contents of the archive can be listed by using the command tar -tvf _ffff_iiii_llll_eeee_nnnn_aaaa_mmmm_eeee. For PC and Macintosh users, some public-domain programs that can read UNIX ``tar'' archives have been supplied in the _aaaa_rrrr_cccc_hhhh_pppp_rrrr_oooo_gggg directory on the disc. _...._tttt_xxxx_tttt Plain ASCII text. May contain backspaces for under- lining or bold face, and may occasionally contain non-ASCII (but usually ISO Latin-1) symbols such as letters with diacritical marks. _...._zzzz_iiii_pppp A ``zip'' archive file. This file contains an archive of other files and directories, and is in a format that is commonly used on MS-DOS systems. It can be extracted into the current directory using the command unzip _ffff_iiii_llll_eeee_nnnn_aaaa_mmmm_eeee. For UNIX and Macintosh users, some public-domain programs that can read ``zip'' archives has been supplied in the _aaaa_rrrr_cccc_hhhh_pppp_rrrr_oooo_gggg directory on the disc. July 4, 1994 - 4 - _1. _T_h_e _T_o_p-_L_e_v_e_l _D_i_r_e_c_t_o_r_y At the top level of the CD-ROM directory tree, the collection of software, papers, and so forth has been subdivided into several categories. Each category is contained in its own directory; most of the categories have been further subdivided into subdirectories. The rest of this document provides a detailed listing of each file on the disc, and a brief description of its contents. At the top level, the following subdirectories are available: _aaaa_rrrr_cccc_hhhh_pppp_rrrr_oooo_gggg Software for various platforms to read the archive files stored on the rest of the disc. _eeee_tttt_hhhh_iiii_cccc_ssss A collection of ``ethics'' documents and computer usage policies, maintained by Dave Grisham of the University of New Mexico. _mmmm_aaaa_iiii_llll_llll_iiii_ssss_tttt Archives of various security-related mailing lists and electronically distributed journals and magazines. _pppp_aaaa_pppp_eeee_rrrr_ssss Research papers, journal articles, documentation, and other information on a wide variety of computer and data security-related topics. _pppp_aaaa_ssss_ssss_dddd_iiii_cccc_tttt A collection of password cracking dictionaries. _pppp_oooo_llll_iiii_cccc_iiii_eeee_ssss A collection of policies on vaious topics, maintained as part of the Computers and Academic Freedom archives of the Electronic Freedom Foundation. _ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee Public domain (or freely available) software tools that are releated to computer security or incident response. Some of these programs are directed at com- puter security, others have primary purposes doing other things, but can be useful in the security field as well. Where possible, source code is provided. In cases where binaries only are provided, use them at your own risk. _tttt_eeee_aaaa_mmmm_iiii_nnnn_ffff_oooo Information about and provided by the FIRST member teams. Includes advisories, articles, etc. _1._1. _////_aaaa_rrrr_cccc_hhhh_pppp_rrrr_oooo_gggg The _////_aaaa_rrrr_cccc_hhhh_pppp_rrrr_oooo_gggg directory contains software for various platforms to read the archive files stored on the rest of the disc. The files in this directory are: _dddd_oooo_ssss_tttt_aaaa_rrrr_...._zzzz_iiii_pppp An MS-DOS implementation of the tar _cccc_oooo_mmmm_mmmm_aaaa_nnnn_dddd_,,,, _ffff_oooo_rrrr _eeee_xxxx_tttt_rrrr_aaaa_cccc_tttt_iiii_nnnn_gggg _````_````_tttt_aaaa_rrrr_''''_'''' _ffff_oooo_rrrr_mmmm_aaaa_tttt _aaaa_rrrr_cccc_hhhh_iiii_vvvv_eeee _ffff_iiii_llll_eeee_ssss_.... _mmmm_aaaa_cccc_tttt_aaaa_rrrr_...._hhhh_qqqq_xxxx A Macintosh implementation of the tar _cccc_oooo_mmmm_mmmm_aaaa_nnnn_dddd_,,,, _ffff_oooo_rrrr _eeee_xxxx_tttt_rrrr_aaaa_cccc_tttt_iiii_nnnn_gggg _````_````_tttt_aaaa_rrrr_''''_'''' _ffff_oooo_rrrr_mmmm_aaaa_tttt _aaaa_rrrr_cccc_hhhh_iiii_vvvv_eeee _ffff_iiii_llll_eeee_ssss_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn July 4, 1994 - 5 - _4444_...._0000_bbbb_.... _mmmm_aaaa_cccc_uuuu_nnnn_zzzz_iiii_pppp_...._hhhh_qqqq_xxxx The Info-ZIP Macintosh implementation of the unzip _cccc_oooo_mmmm_mmmm_aaaa_nnnn_dddd_,,,, _ffff_oooo_rrrr _eeee_xxxx_tttt_rrrr_aaaa_cccc_tttt_iiii_nnnn_gggg _````_````_zzzz_iiii_pppp_''''_'''' _ffff_oooo_rrrr_mmmm_aaaa_tttt _aaaa_rrrr_cccc_hhhh_iiii_vvvv_eeee _ffff_iiii_llll_eeee_ssss_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _5555_...._1111_.... _uuuu_nnnn_xxxx_uuuu_nnnn_zzzz_iiii_pppp_...._tttt_aaaa_rrrr The Info-ZIP UNIX implementation of the unzip _cccc_oooo_mmmm_mmmm_aaaa_nnnn_dddd_,,,, _ffff_oooo_rrrr _eeee_xxxx_tttt_rrrr_aaaa_cccc_tttt_iiii_nnnn_gggg _````_````_zzzz_iiii_pppp_''''_'''' _ffff_oooo_rrrr_mmmm_aaaa_tttt _aaaa_rrrr_cccc_hhhh_iiii_vvvv_eeee _ffff_iiii_llll_eeee_ssss_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _5555_...._1111_.... _1._2. _////_eeee_tttt_hhhh_iiii_cccc_ssss The _////_eeee_tttt_hhhh_iiii_cccc_ssss directory contains a collection of ``ethics'' documents and computer usage policies, maintained by Dave Grisham of the University of New Mexico. _1._3. _////_mmmm_aaaa_iiii_llll_llll_iiii_ssss_tttt The _////_mmmm_aaaa_iiii_llll_llll_iiii_ssss_tttt directory contains the archives of various security- related mailing lists and electronically distributed journals and maga- zines. The subdirectories in this directory are: _bbbb_uuuu_gggg_tttt_rrrr_aaaa_qqqq The archives of the bugtraq@crimelab.com _ffff_uuuu_llll_llll_---- _dddd_iiii_ssss_cccc_llll_oooo_ssss_uuuu_rrrr_eeee _ssss_eeee_cccc_uuuu_rrrr_iiii_tttt_yyyy _hhhh_oooo_llll_eeee _mmmm_aaaa_iiii_llll_iiii_nnnn_gggg _llll_iiii_ssss_tttt_.... _cccc_uuuu_dddd The Computer Underground Digest electronic magazine. _ffff_iiii_rrrr_eeee_wwww_aaaa_llll_llll The archives of the firewalls@greatcircle.com _mmmm_aaaa_iiii_llll_iiii_nnnn_gggg _llll_iiii_ssss_tttt_.... _nnnn_iiii_aaaa The Network Information Access electronic magazine. _pppp_hhhh_rrrr_aaaa_cccc_kkkk The Phrack electronic magazine. _ssss_uuuu_rrrr_ffff_pppp_uuuu_nnnn_kkkk The SURFPUNK Technical Journal electronic magazine. _vvvv_iiii_rrrr_uuuu_ssss______llll The archives of the virus-l@lehigh.edu _mmmm_aaaa_iiii_llll_iiii_nnnn_gggg _llll_iiii_ssss_tttt_.... _1._4. _////_pppp_aaaa_pppp_eeee_rrrr_ssss The _////_pppp_aaaa_pppp_eeee_rrrr_ssss directory contains research papers, journal articles, docu- mentation, and other information on a wide variety of computer and data security-related topics. Within the _////_pppp_aaaa_pppp_eeee_rrrr_ssss directory, the following subdirectories are available: _aaaa_uuuu_tttt_hhhh_eeee_nnnn_tttt Documents related to authentication of users, communi- cations, and hosts. _cccc_rrrr_iiii_tttt_eeee_rrrr_iiii_aaaa Documents related to security evaluation criteria for computer systems and protocols. _cccc_rrrr_yyyy_pppp_tttt_oooo Documents related to cryptograhic protocols and methods. July 4, 1994 - 6 - _ffff_iiii_rrrr_eeee_wwww_aaaa_llll_llll Documents related to the construction and use of net- work firewalls. _gggg_eeee_nnnn_eeee_rrrr_aaaa_llll Documents that cover computer security in general and other miscellaneous topics. _llll_eeee_gggg_aaaa_llll Documents related to computer security, the law, and ethics. _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd Documents related to passwords. _pppp_rrrr_oooo_tttt_oooo_cccc_oooo_llll Documents related to the design of secure network pro- tocols, and to the security analysis of existing pro- tocols. _uuuu_nnnn_iiii_xxxx Documents related to the security of the UNIX operat- ing system. _vvvv_iiii_rrrr_uuuu_ssss Documents related to computer viruses, worms, etc. The Internet Worm papers are in this directory. _1._4._1. _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_aaaa_uuuu_tttt_hhhh_eeee_nnnn_tttt The _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_aaaa_uuuu_tttt_hhhh_eeee_nnnn_tttt directory contains documents related to authentica- tion of users, communications, and hosts. The files in this directory are: _kkkk_eeee_rrrr_bbbb_eeee_rrrr_oooo_ssss_...._pppp_ssss Steiner, Jennifer G., Clifford Neuman, Jeffrey I. Schiller. ``Kerberos: An Authentication Service for Open Network Systems.'' A description of the Kerberos authentication system. _kkkk_eeee_rrrr_bbbb_dddd_iiii_aaaa_llll_...._pppp_ssss Bryant, Bill. ``Designing an Authentication System: A Dialogue in Four Scenes.'' A ``play'' in which the characters end up designing an authentication system much like Kerberos. Provides an easy-to-understand description of why Kerberos is the way it is. _kkkk_eeee_rrrr_bbbb_llll_iiii_mmmm_...._pppp_ssss Bellovin, Steven M. and Michael Merritt. ``Limita- tions of the Kerberos Authentication System.'' A description of some limitations and weaknesses in the Kerberos authentication system. _kkkk_kkkk_nnnn_iiii_gggg_hhhh_tttt_...._pppp_ssss Molva, Refik, Gene Tsudik, Els Van Herreweghen, Stefano Zatti. ``KryptoKnight Authentication and Key Distribution System.'' An authentication and key dis- tribution system that provides facilities for secure communication in any type of network environment. _llll_oooo_nnnn_gggg_jjjj_oooo_bbbb_ssss_...._pppp_ssss Rubin, A. D. and P. Honeyman. ``Long Running Jobs in an Authenticated Environment.'' A system for running batch jobs in an environment in which users must have tokens or tickets to run. July 4, 1994 - 7 - _nnnn_tttt_nnnn_...._pppp_ssss Neuman, B. Clifford and Stuart G. Stubblebine. ``A Note on the Use of Timestamps as Nonces.'' A note on the use of timestamps in authentication protocols. _1._4._2. _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_cccc_rrrr_iiii_tttt_eeee_rrrr_iiii_aaaa The _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_cccc_rrrr_iiii_tttt_eeee_rrrr_iiii_aaaa directory contains documents related to security evaluation criteria for computer systems and protocols. The files in this directory are: _cccc_tttt_cccc_pppp_eeee_cccc_1111_...._pppp_ssss ``Canadian Trusted Computer Product Evaluation Cri- teria, Part 1.'' The Canadian ``Orange Book.'' _cccc_tttt_cccc_pppp_eeee_cccc_2222_...._pppp_ssss ``Canadian Trusted Computer Product Evaluation Cri- teria, Part 2.'' The Canadian ``Orange Book.'' _eeee_xxxx_eeee_gggg_uuuu_iiii_dddd_eeee_...._tttt_xxxx_tttt Helsing, Cheryl, Marianne Swanson, and Mary Anne Todd. ``Executive Guide to the Protection of Information Resources.'' A U.S. National Institute of Standards and Technology publication. _ffff_cccc_vvvv_oooo_llll_1111_...._pppp_ssss ``Federal Criteria for Information Technology Secu- rity, Volume 1.'' The new ``Orange Book.'' _ffff_cccc_vvvv_oooo_llll_2222_...._pppp_ssss ``Federal Criteria for Information Technology Secu- rity, Volume 2.'' The new ``Orange Book.'' _gggg_rrrr_eeee_eeee_nnnn_bbbb_kkkk_...._tttt_xxxx_tttt ``Green Book on the Security of Information Systems.'' A document that sets out the development of a con- sistent approach to Information Security in Europe, taking into account common interests with other coun- tries. _hhhh_aaaa_rrrr_mmmm_oooo_nnnn_yyyy_...._pppp_ssss ``Foundations for the Harmonization of Information Technology Security Standards.'' An analysis of the differences between the U.S., Canadian, and European Information Technology Security efforts, and discus- sions of how to make them more similar. _hhhh_oooo_rrrr_ssss_eeee_ssss_...._pppp_ssss Hambridge, Sally and Jeffrey C. Sedayao. ``Horses and Barn Doors: Evolution of Corporate Guidelines for Internet Usage.'' A description of how Intel Corp.'s Internet usage policies were developed. _iiii_nnnn_tttt_eeee_rrrr_nnnn_eeee_tttt_...._tttt_xxxx_tttt Pethia, R., S. Crocker, and B. Fraser. ``Guidelines for the Secure Operation of the Internet - RFC 1281.'' Provides a set of guidelines to aid in the secure operation of the Internet. _iiii_tttt_ssss_eeee_cccc_...._tttt_xxxx_tttt ``Information Technology Security Evaluation Cri- teria.'' The European ``Orange Book.'' _mmmm_gggg_tttt_gggg_uuuu_iiii_dddd_eeee_...._tttt_xxxx_tttt Helsing, Cheryl, Marianne Swanson, and Mary Anne Todd. ``Management Guide to the Protection of Information July 4, 1994 - 8 - Resources.'' A U.S. National Institute of Standards and Technology publication. _oooo_ssss_ssss Karila, Arto T. This subdirectory contains the PostScript files that make up ``Open Systems Security: An Architectural Framework.'' Thesis dissertation presenting an architecture for building secure open systems communication via untrusted global data net- works. _pppp_ssss_ffff_oooo_ssss_...._pppp_ssss Neuman, B. Clifford. ``Protection and Security Issues for Future Systems.'' An examination of the problems of protection and security as applied to future com- puter systems. _rrrr_eeee_llll_aaaa_tttt_eeee_...._pppp_ssss ``Relating Functionality Class and Security Sub- Profile Specifications.'' A discussion of various alternatives for associating functionality class and security sub-profiile specifications, such as those presented in the Federal Criteria (_ffff_cccc_vvvv_oooo_llll_1111_...._pppp_ssss and _ffff_cccc_vvvv_oooo_llll_2222_...._pppp_ssss). _tttt_cccc_ssss_eeee_cccc_...._tttt_xxxx_tttt ``Department of Defense Trusted Computer System Evaluation Criteria.'' The ``Orange Book.'' _1._4._3. _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_cccc_rrrr_yyyy_pppp_tttt_oooo The _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_cccc_rrrr_yyyy_pppp_tttt_oooo directory contains documents related to cryptographic protocols and methods. The files in this directory are: _aaaa_cccc_mmmm_cccc_rrrr_yyyy_pppp_tttt_...._pppp_ssss Landan, Susan, et al. ``Codes, Keys, and Conflicts: Issues in U.S. Crypto Policy.'' A report of a special panel of the ACM (Association for Computing Machinery) U.S. Public Policy Committee. _aaaa_eeee_kkkk_eeee_...._pppp_ssss Bellovin, Steven M. and Michael Merritt. ``Augmented Encrypted Key Exchange: A Password-Based Protocol Secure Against Dictionary Attacks and Password File Compromise.'' An extension of the protocol described in _nnnn_eeee_kkkk_eeee_...._pppp_ssss that removes the requirement that the host store passwords in cleartext. _cccc_ffff_ssss_...._pppp_ssss Blaze, Matt. ``A Cryptographic File System for Unix.'' A description of a UNIX file system implemen- tation that provides transparent encryption and decryption of files stored on the disk. _cccc_ffff_ssss_kkkk_eeee_yyyy_...._pppp_ssss Blaze, Matt. ``Key Management in an Encrypting File System.'' A description of how ``smart cards'' can be used to manage the keys used by the encryption file system described in _cccc_ffff_ssss_...._pppp_ssss. _dddd_eeee_ssss_...._pppp_ssss Feldmeier, David C. ``A High-Speed Software DES Implementation.'' Describes a high-speed software July 4, 1994 - 9 - implementation of the Data Encryption Standard. _dddd_eeee_ssss_bbbb_rrrr_eeee_aaaa_kkkk_...._pppp_ssss Wayner, Peter C. ``Using Content-Addressable Search Engines to Encrypt and Break DES.'' A very simple parallel architecture using a modifed version of content-addressable memory can be used to cheaply and efficiently encipher and decipher data with DES-like systems. Describes how to implement these systems, and also how to construct a large scale engine for exhaustively searching the keyspace of DES. _eeee_eeee_ssss_pppp_rrrr_oooo_tttt_oooo_...._pppp_ssss Blaze, Matt. ``Protocol Failure in the Escrowed Encryption Standard.'' A description of some protocol weaknesses in the Clinton administration's Escrowed Encryption Standard, also known as the Clipper Chip. _ffff_aaaa_iiii_llll_...._pppp_ssss Anderson, Ross. ``Why Cryptosystems Fail.'' A survey of the failure modes of retail banking systems, the second largest application of cryptography. _nnnn_eeee_kkkk_eeee_...._pppp_ssss Bellovin, Steven M. and Michael Merrit. ``Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks.'' A combination of public- and private-key cryptography that allows two parties shar- ing a common password to exchange confidential and authenticated information over an insecure network. The protocol is secure against active attack, and also against off-line ``dictionary'' attacks. _pppp_kkkk_cccc_ssss This subdirectory contains the complete family of Public-Key Cryptography Standards from RSA Labora- tories. They cover RSA encryption, Diffie-Hellman key agreement, password-based encryption, extended- certificate syntax, cryptographic message syntax, private-key information syntax, and certification request syntax, as well as selected attributes. The files in this subdirectory are: _eeee_xxxx_aaaa_mmmm_pppp_llll_eeee_ssss_...._pppp_ssss ``Some Examples of the PKCS Standards.'' _llll_aaaa_yyyy_mmmm_aaaa_nnnn_...._pppp_ssss ``A Layman's Guide to a Subset of ASN.1, BER, and DER.'' _oooo_vvvv_eeee_rrrr_vvvv_iiii_eeee_wwww_...._pppp_ssss ``An Overview of the PKCS Standards.'' _pppp_kkkk_cccc_ssss______1111_...._pppp_ssss ``RSA Encryption Standard.'' _pppp_kkkk_cccc_ssss______2222_...._pppp_ssss Deprecated. _pppp_kkkk_cccc_ssss______3333_...._pppp_ssss ``Diffie-Hellman Key-Agreement Stan- dard.'' _pppp_kkkk_cccc_ssss______4444_...._pppp_ssss Deprecated. July 4, 1994 - 10 - _pppp_kkkk_cccc_ssss______5555_...._pppp_ssss ``Password-Based Encryption Standard.'' _pppp_kkkk_cccc_ssss______6666_...._pppp_ssss ``Extended-Certificate Syntax Standard.'' _pppp_kkkk_cccc_ssss______7777_...._pppp_ssss ``Cryptographic Message Syntax Stan- dard.'' _pppp_kkkk_cccc_ssss______8888_...._pppp_ssss ``Private-Key Information Syntax Stan- dard.'' _pppp_kkkk_cccc_ssss______9999_...._pppp_ssss ``Selected Attribute Types.'' _pppp_kkkk_cccc_ssss______1111_0000_...._pppp_ssss ``Certifcation Request Syntax Standard.'' _pppp_rrrr_iiii_vvvv_kkkk_eeee_yyyy_...._pppp_ssss Davis, Don and Ralph Swick. ``Network Security via Private-Key Certificates.'' Some practical security protocols that use private-key encryption in the public-key style. _rrrr_ssss_aaaa_ffff_aaaa_qqqq_...._pppp_ssss Fahn, Paul. ``Answers to Frequently Asked Questions About Today's Cryptography.'' _ssss_cccc_ffff_aaaa_qqqq_...._tttt_xxxx_tttt Readers of _s_c_i._c_r_y_p_t. ``Cryptography FAQ.'' _ssss_kkkk_iiii_pppp_jjjj_aaaa_cccc_kkkk_...._tttt_xxxx_tttt Brickell, Ernest F., Dorothy E. Denning, Stephen T. Kent, David P. Maher, and Walter Tuchman. ``SKIPJACK Review: Interim Report: The SKIPJACK Algorithm.'' The report from the group of non-government cryptologists who reviewed the classified SKIPJACK encryption algo- rithm used in the Clinton administration's Clipper and Capstone chips. _ssss_wwww_iiii_pppp_eeee_...._pppp_ssss Ioannidis, John and Matt Blaze. ``The Architecture and Implementation of Network Layer Security Under Unix.'' A description of a network-layer security pro- tocol for the IP protocol suite that provides authen- tication, integrity, and confidentiality of IP datagrams. _vvvv_iiii_ssss_aaaa_...._pppp_ssss Estrin, Deborah, Gene Tsudik, and Jeffrey Mogul. ``Visa Protocols for Controlling Inter-Organizational Datagram Flow.'' A cryptographic method for authenti- cating and authorizing a flow of datagrams. _vvvv_iiii_ssss_aaaa_eeee_xxxx_tttt_...._pppp_ssss Estrin, Deborah, Gene Tsudik, and Jeffrey Mogul. ``Visa Protocols for Controlling Inter-Organizational Datagram Flow: Extended Description.'' A crypto- graphic method for authenticating and authorizing a flow of datagrams. _1._4._4. _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_ffff_iiii_rrrr_eeee_wwww_aaaa_llll_llll The _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_ffff_iiii_rrrr_eeee_wwww_aaaa_llll_llll directory contains documents related to the con- struction and use of network firewalls. The files in this directory July 4, 1994 - 11 - are: _cccc_ssss_llll_aaaa_tttt_eeee_rrrr_...._pppp_ssss Corbridge, Bruce, Robert Henig, and Charles Slater. ``Packet Filtering in an IP Router.'' A description of how the packet filtering facility in the Telebit NetBlazer was designed and developed. _dddd_eeee_cccc_...._pppp_ssss Ranum, Marcus J. ``A Network Firewall.'' A descrip- tion of Digital Equipment Corporation's network firewall between its corporate network and the Inter- net. _ffff_wwww_aaaa_llll_llll_ssss_...._pppp_ssss Ranum, Marcus J. ``Thinking About Firewalls.'' A description of some of the considerations and trade- offs in designing network firewalls. _gggg_aaaa_tttt_eeee_kkkk_eeee_eeee_pppp_...._pppp_ssss Schauer, Herve' and Christphe Wolfhugel. ``An Internet Gatekeeper.'' A description of how to construct an Internet firewall. _gggg_aaaa_tttt_eeee_wwww_aaaa_yyyy_...._pppp_ssss Cheswick, Bill. ``The Design of a Secure Internet Gateway.'' A description of the design of the firewall used by AT&T to protect their corporate net- work from the Internet. _iiii_ssss_oooo_cccc_9999_4444_...._pppp_ssss Avolio, Frederick M. and Marcus J. Ranum. ``A Network Perimeter With Secure External Access.'' A descrip- tion of the firewall in use at _w_h_i_t_e_h_o_u_s_e._g_o_v. _pppp_aaaa_cccc_kkkk_eeee_tttt_ssss_...._pppp_ssss Bellovin, Steven M. ``Packets Found on an Internet.'' A description of the types of packets, particularly the anomalous ones, that appeared at the AT&T firewall. _pppp_kkkk_tttt_ffff_iiii_llll_tttt_...._pppp_ssss Chapman, D. Brent. ``Network (In)Security Through IP Packet Filtering.'' A description of how to use the packet filtering features of commercial routers as a security tool. _ssss_cccc_rrrr_eeee_eeee_nnnn_...._pppp_ssss Mogul, Jeffrey C. ``Simple and Flexible Datagram Access Controls for Unix-based Gateways.'' A descrip- tion of the screend _pppp_aaaa_cccc_kkkk_eeee_tttt _ffff_iiii_llll_tttt_eeee_rrrr_iiii_nnnn_gggg _ssss_yyyy_ssss_tttt_eeee_mmmm_.... _tttt_cccc_pppp_wwww_rrrr_aaaa_pppp_...._pppp_ssss Venema, Wietse. ``TCP Wrapper: Network Monitoring, Access Control, and Booby Traps.'' A description of the author's tcpwrapper _ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_.... _tttt_oooo_oooo_llll_kkkk_iiii_tttt_...._pppp_ssss Ranum, Marcus J. and Frederick M. Avoilio. ``A Toolkit and Methods for Internet Firewalls.'' A description of the Trusted Information Systems Firewall Toolkit. _uuuu_nnnn_iiii_xxxx_nnnn_eeee_tttt_...._pppp_ssss Reinhardt, Robert B. ``An Architectural Overview of UNIX Network Security.'' A description of a number of July 4, 1994 - 12 - UNIX-related components of network security, particu- larly as they pertain to firewalls. _xxxx_tttt_hhhh_rrrr_uuuu_ffff_wwww_...._pppp_ssss Treese, G. Winfield and Alec Wolman. ``X Through the Firewall, and Other Application Relays.' A descrip- tion of how to create application-specifc relays to pass traffic through a network firewall. _1._4._5. _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_gggg_eeee_nnnn_eeee_rrrr_aaaa_llll The _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_gggg_eeee_nnnn_eeee_rrrr_aaaa_llll directory contains documents that cover computer security in general, and some other miscellaneous topics. The files in this directory are: _bbbb_eeee_rrrr_ffff_eeee_rrrr_dddd_...._pppp_ssss Cheswick, Bill. ``An Evening With Berferd: In Which a Cracker is Lured, Endured, and Studied.'' A descrip- tion of how the author kept an attacker ``on the line'' for several months in order to learn his methods. _cccc_eeee_rrrr_tttt_rrrr_eeee_ssss_pppp_...._pppp_ssss Pethia, Richard D. and Kenneth R. van Wyk. ``Computer Emergency Response - An International Problem.'' A call for international cooperation between computer emergency response teams, and suggested methods for achieving it. _cccc_oooo_mmmm_pppp_rrrr_oooo_...._tttt_xxxx_tttt Klaus, Christopher William. ``Compromise: What if Your Machines are Compromised by an Intruder.'' Suggestions for securing a system after it has already been compromised. _dddd_rrrr_aaaa_gggg_oooo_nnnn_ssss_...._pppp_ssss Bellovin, Steven M. ``There Be Dragons.'' A descrip- tion of the wide variety of attacks attempted on the AT&T Internet firewall. _eeee_ssss_tttt_cccc_ssss_iiii_rrrr_cccc_...._pppp_ssss Wack, John P. ``Establishing a Computer Security Incident Response Capability.'' Procedures and issues for establishing a computer security incident response team. _ffff_aaaa_qqqq_...._tttt_xxxx_tttt Muffett, Alec. ``Almost Everything You Wanted To Know About Security.'' _ffff_oooo_rrrr_eeee_nnnn_ssss_iiii_cccc_...._pppp_ssss Spafford, Eugene H. ``Software Forensics: Can We Track Code to its Authors?'' An idea that it may be possible to identify the authors of malicious software by the style and features of their programs. _ffff_tttt_pppp_ffff_aaaa_qqqq_...._tttt_xxxx_tttt Klaus, Christopher William. ``How to Set Up a Secure Anonymous FTP Site.'' Methods for numerous different operating systems. _ffff_uuuu_aaaa_tttt_...._pppp_ssss Baran, Fuat, Howard Kaye, and Margarita Suarez. ``Security Breaches: Five Recent Incidents at Columbia July 4, 1994 - 13 - University.'' A detailed account of five break-ins at Columbia University, and the steps taken to stop them. _hhhh_aaaa_cccc_kkkk_eeee_rrrr_...._tttt_xxxx_tttt Meyer, Gordon R. ``The Social Organization of the Computer Underground.'' The author's thesis for a master's degree in sociology. _hhhh_aaaa_nnnn_dddd_bbbb_oooo_oooo_kkkk_...._tttt_xxxx_tttt Holbrook, P. and J. Reynolds. ``Site Security Hand- book - RFC 1244.'' The product of the Site Security Policy Handbook Working Group of the Internet Engineering Task Force. _hhhh_oooo_llll_llll_aaaa_nnnn_dddd_...._pppp_ssss Van Doorn, Leendert. ``Computer Break-ins: A Case Study.'' A study of multiple break-in attempts at Vrije Universiteit in Amsterdam. _nnnn_eeee_tttt_cccc_aaaa_ssss_hhhh_1111_...._pppp_ssss Medvinsky, Gennady and B. Clifford Neuman. ``Elec- tronic Currency for the Internet.'' A framework for electronic currency for the Internet that provides a real-time electronic payment system. _nnnn_eeee_tttt_cccc_aaaa_ssss_hhhh_2222_...._pppp_ssss Medvinsky, Gennady and B. Clifford Neuman. ``NetCash: A Design for Practical Electronic Currency on the Internet.'' A framework for electronic currency for the Internet that provides a real-time electronic pay- ment system. _nnnn_iiii_ssss_tttt_...._tttt_xxxx_tttt Helsing, Cheryl, Marianne Swanson, and Mary Anne Todd. ``Computer User's Guide to the Protection of Informa- tion Resources.'' A report from the U.S. National Institute of Standards and Technology. _nnnn_iiii_ssss_tttt_bbbb_oooo_oooo_kkkk Roback, Edward and Barbara Guttman. ``An Introduction to Computer Security: The NIST Handbook.'' A publi- cation of the U.S. National Institute of Standards and Technology. This is a draft copy, included with per- mission. _pppp_aaaa_tttt_cccc_hhhh_eeee_ssss_...._tttt_xxxx_tttt Klaus, Christopher William. ``Security Patches FAQ for Your System: The Patch List.'' A list of security patches for most any operating system, and how to obtain them. _pppp_bbbb_aaaa_aaaa_...._pppp_ssss Neuman, B. Clifford. ``Proxy-Based Authorization and Accounting for Distributed Systems.'' A method to sup- port both authorization and accounting in a distri- buted environment. _pppp_nnnn_eeee_tttt_eeee_xxxx_tttt_...._pppp_ssss Bellovin, S. M. ``Pseudo-Network Drivers and Virtual Networks.'' A method for creating pseudo-networks, much like the pseudo-terminals in use on many UNIX systems. _pppp_rrrr_iiii_mmmm_eeee_rrrr_...._pppp_ssss Brand, Russell L. ``Coping with the Threat of July 4, 1994 - 14 - Computer Security Incidents: A Primer from Prevention through Recovery.'' A basic text for the author's one-day seminar on the practical aspects of computer security in an unclassified networked environment. _tttt_oooo_oooo_llll_ssss_...._pppp_ssss Polk, W. Timothy. ``Automated Tools for Testing Com- puter System Vulnerability.'' Discusses some of the automated tools for checking the security of a wide variety of systems. _vvvv_eeee_nnnn_dddd_oooo_rrrr_ssss_...._tttt_xxxx_tttt Klaus, Christopher William. ``Vendor Security Con- tacts: Reporting Vulnerabilities and Obtaining New Patches.'' Contact names, numbers, and addresses for most major operating systems. _1._4._6. _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_llll_eeee_gggg_aaaa_llll The _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_llll_eeee_gggg_aaaa_llll directory contains documents related to computer secu- rity, the law, and ethics. The files in this directory are: _bbbb_bbbb_ssss_llll_iiii_bbbb_eeee_llll_...._tttt_xxxx_tttt Kahn, John R. ``Defamation Liability of Computerized Bulletin Board Operators and Problems of Proof.'' A discussion of the libel and slander laws, and how they apply to bulletin board operators. _cccc_ffff_aaaa_...._tttt_xxxx_tttt Complete text of the Computer Fraud and Abuse Act of 1986, 18 U.S.C. 1030. _cccc_oooo_pppp_yyyy_rrrr_ffff_aaaa_qqqq_...._tttt_xxxx_tttt Carroll, Terry. ``Frequently Asked Questions About Copyright.'' _cccc_ssss_llll_aaaa_wwww_...._tttt_xxxx_tttt Morris, Gary S. ``Computer Security and the Law.'' A review of legal issues surrounding computer security, for the system administrator. _cccc_uuuu_bbbb_bbbb_yyyy_...._tttt_xxxx_tttt The complete text of the judge's decision in the Cubby v. CompuServe libel case, in which CompuServe was found not to be responsible for material posted on one of their bulletin boards. _eeee_cccc_pppp_aaaa_...._tttt_xxxx_tttt Complete text of the Electronic Communications Privacy Act of 1986, United States Public Law 99-508. _eeee_llll_aaaa_wwww_...._pppp_ssss Loundy, David J. ``E-Law: Legal Issues Affecting Com- puter Information Systems and System Operator Liabil- ity.'' First appeared in the Albany Law Journal of Science and Technology, Volume 3, Number 1. _eeee_tttt_hhhh_iiii_cccc_ssss_...._pppp_ssss Spafford, Eugene H. ``Are Computer Hacker Break-ins Ethical?'' Lists and refutes many of the reasons given to justify computer break-ins. _ffff_eeee_rrrr_pppp_aaaa_...._tttt_xxxx_tttt The complete text of the U.S. Family Educational Right to Privacy Act (the Buckley Amendment), 20 U.S.C. July 4, 1994 - 15 - 1232g. _ffff_rrrr_llll_aaaa_wwww_...._tttt_xxxx_tttt Information about the computer crime laws in France. _hhhh_aaaa_nnnn_ssss_eeee_nnnn_...._tttt_xxxx_tttt Hansen, Stephen E. ``Legal Issues, A Site Manager's Nightmare.'' Examines the legal ramifications of com- puter security laws on system administrators. _llll_iiii_bbbb_eeee_llll_...._tttt_xxxx_tttt Godwin, Mike. ``Internet Libel: Is the Provider Responsible?'' An examination of the Cubby v. Com- puserve case as it applies to Internet service provid- ers. _mmmm_aaaa_iiii_llll_pppp_rrrr_iiii_vvvv_...._tttt_xxxx_tttt Hernandez, Ruel T. ``Computer Electronic Mail and Privacy.'' A discussion of the Electronic Communica- tions Privacy Act as it applies to electronic mail. _mmmm_uuuu_ssss_iiii_nnnn_gggg_ssss_...._pppp_ssss Spafford, Eugene H. ``Some Musings on Ethics and Com- puter Break-Ins.'' A discussion of ethics and respon- sibility, particularly as they pertain to the Internet Worm of November, 1988. _pppp_rrrr_iiii_vvvv_aaaa_cccc_yyyy_...._pppp_ssss Complete text of the Privacy Act of 1974 and Amend- ments, 5 U.S.C. 552a. _ssss_iiii_mmmm_ssss_oooo_nnnn_...._pppp_ssss Garfinkel, Simson. ``An Introduction to Computer Security for Lawyers.'' A number of articles serving to introduce lawyers to the concepts behind computer security. _ssss_eeee_nnnn_tttt_eeee_nnnn_cccc_eeee_...._tttt_xxxx_tttt King, Jack. ``Revised Computer Crime Sentencing Guidelines.'' A description of the new federal sen- tencing guidelines that address the Computer Fraud and Abuse Act. _ssss_tttt_aaaa_tttt_eeee_llll_aaaa_wwww_...._tttt_xxxx_tttt Computer crime laws, listed by state. _1._4._7. _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd The _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd directory contains documents related to passwords. The files in this directory are: _dddd_oooo_dddd_pppp_wwww_mmmm_aaaa_nnnn_...._tttt_xxxx_tttt ``Department of Defense Password Management Guide- line.'' Enumerates a number of good password manage- ment practices. _ffff_iiii_pppp_ssss_1111_8888_1111_...._tttt_xxxx_tttt National Institute of Standards and Technology. ``Standard for Automated Password Generator.'' Federal Information Processing Standard No. 181. _kkkk_llll_eeee_iiii_nnnn_...._pppp_ssss Klein, Daniel V. ``Foiling the Cracker: A Survey of, and Improvements to, Password Security.'' Demon- strates the ease with which most passwords can be guessed by a motivated attacker. July 4, 1994 - 16 - _oooo_bbbb_ssss_eeee_rrrr_vvvv_eeee_...._pppp_ssss Spafford, Eugene H. ``Observing Reusable Password Choices.'' A method for observing password choices made by users, and how to protect it from being compromised. _oooo_pppp_uuuu_ssss_...._pppp_ssss Spafford, Eugene H. ``OPUS: Preventing Weak Password Choices.'' A system that uses Bloom filters to imple- ment a constant-time dictionary lookup, regardless of dictionary size, to check a user's password choice for ``goodness.'' _pppp_aaaa_ssss_ssss_bbbb_iiii_bbbb_...._pppp_ssss Spafford, Eugene H. and Stephen A. Weeber. ``User Authentication and Related Topics: An Annotated Bibliography.'' _pppp_wwww_ssss_tttt_uuuu_dddd_yyyy_...._pppp_ssss Morris, Robert and Ken Thompson. ``Password Security: A Case History.'' A description of the original UNIX password algorithm, and the reasons for replacing it with the current one. _pppp_wwww_tttt_eeee_nnnn_yyyy_rrrr_ssss_...._pppp_ssss Feldmeier, David C. and Philip R. Karn. ``UNIX Pass- word Security - Ten Years Later.'' A reexamination of the UNIX password algorithm after ten years of advances in software and hardware. _ssss_kkkk_eeee_yyyy_...._pppp_ssss Haller, Neil M. ``The S/Key One-Time Password Sys- tem.'' A freely available implementation of one-time passwords. _1._4._8. _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_pppp_rrrr_oooo_tttt_oooo_cccc_oooo_llll The _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_pppp_rrrr_oooo_tttt_oooo_cccc_oooo_llll directory contains documents related to the design of secure network protocols, and to the security analysis of existing protocols. The files in this directory are: _aaaa_ffff_ssss_...._pppp_ssss Honeyman, P., L. B. Huston, M. T. Stolarchuk. ``Highjacking AFS.'' A description of security weaknesses in the Andrew File System (AFS). _eeee_2222_eeee_...._pppp_ssss Estrin, Deborah and Gene Tsudik. ``An End-to-End Argument for Network Layer, Inter-Domain Access Con- trols.'' A method by which different administrative domains of an internetwork can interconnect without exposing their internal resources to unrestricted access. _iiii_dddd_eeee_nnnn_tttt_...._tttt_xxxx_tttt St. Johns, M. ``Identification Protocol - RFC 1413.'' A description of the Identification Protocol, a means to determine the identity of the user of a particular TCP connection. _iiii_pppp_eeee_xxxx_tttt_...._pppp_ssss Bellovin, S. M. ``Security Problems in the TCP/IP Protocol Suite.'' A description of several attacks on TCP/IP protocols including sequence number spoofing, July 4, 1994 - 17 - routing attacks, source address spoofing, and authen- tication attacks. _nnnn_iiii_ssss_...._pppp_ssss Hess, David K., David R. Safford, and Udo W. Pooch. ``A Unix Network Protocol Security Study: Network Information Service.'' A discussion of the security weaknesses in the Network Information Service (Yellow Pages) protocol from Sun Microsystems. _nnnn_tttt_pppp_...._pppp_ssss Bishop, Matt. ``A Security Analysis of the NTP Proto- col.'' A security analysis of the Network Time Proto- col (NTP). _oooo_aaaa_kkkk_9999_3333_...._pppp_ssss Stubblebine, Stuart G. and Virgil D. Gligar. ``Proto- col Design for Integrity Protection.'' A design method for message integrity protection. _pppp_eeee_mmmm_...._pppp_ssss Bishop, Matt. ``Privacy-Enhanced Electronic Mail.'' A description of the Internet Privacy-Enhanced Mail protocols. _tttt_cccc_pppp_...._pppp_ssss Morris, Robert T. ``A Weakness in the 4.2BSD TCP/IP Software.'' A description of a security weakness of the TCP/IP protocol suite as implemented in 4.2BSD UNIX. _tttt_iiii_mmmm_eeee_...._pppp_ssss Bishop, Matt. ``Security Analyses of Network Time Services.'' An analysis of the security requirements for a network time service. _tttt_rrrr_aaaa_nnnn_ssss_iiii_tttt_...._pppp_ssss Estrin, Deborah and Gene Tsudik. ``Secure Control of Transit Internetwork Traffic.'' Methods for control- ling traffic traversing a local network on its way from one remote network to another. _tttt_ssss_uuuu_dddd_iiii_kkkk Tsudik, Gene. This subdirectory contains the PostScript files that make up ``Access Control and Policy Enforcement in Internetworks.'' Methods of controlling access policy between different adminis- trative domains of an internetwork. _1._4._9. _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_uuuu_nnnn_iiii_xxxx The _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_uuuu_nnnn_iiii_xxxx directory contains documents related to the security of the UNIX operating system. The files in this directory are: _cccc_oooo_pppp_ssss_...._pppp_ssss Farmer, Daniel and Eugene H. Spafford. ``The COPS Security Checker System.'' A description of one of the most popular UNIX security scanners. _ffff_aaaa_rrrr_mmmm_eeee_rrrr_...._tttt_xxxx_tttt Farmer, Dan and Wietse Venema. ``Improving the Secu- rity of Your Site by Breaking Into It.'' Discussion of a number of commonly used attacks on UNIX systems, and how to check your systems for vulnerability to July 4, 1994 - 18 - them. _nnnn_iiii_dddd_eeee_ssss This subdirectory contains papers describing the Next-Generation Intrusion Detection Expert System (NIDES) from SRI International. This system monitors the C2 audit trails generated by Sun workstations in real-time and alerts the administrator to anomalous user behavior. The papers in this subdirectory are: _cccc_aaaa_nnnn_aaaa_dddd_aaaa_9999_3333_...._pppp_ssss Lunt, Teresa F. ``Detecting Intruders in Computer Systems.'' _rrrr_eeee_qqqq_tttt_ssss_9999_4444_...._pppp_ssss Lunt, Teresa F. and Debra Anderson. ``Software Requirements Specification: Next Generation Intrusion Detection Expert System.'' _ssss_aaaa_ffff_eeee_gggg_aaaa_rrrr_dddd_...._pppp_ssss Anderson, Debra, Teresa F. Lunt, Harold Javitz, Ann Tamaru, Alfonso Valdes. ``SAFEGUARD Final Report: Detecting Unusual Program Behavior Using the NIDES Statistical Component.'' _ssss_tttt_aaaa_tttt_rrrr_eeee_pppp_tttt_...._pppp_ssss Javitz, Harold S. and Alfonso Valdes. ``The NIDES Statistical Component: Description and Justification.'' _ssss_uuuu_rrrr_vvvv_eeee_yyyy_...._pppp_ssss Lunt, Teresa F. ``Automated Audit Trail Analysis and Intrusion Detection: A Sur- vey.'' _nnnn_oooo_rrrr_oooo_oooo_tttt_...._pppp_ssss Simmons, Steve. ``Life Without Root.'' A method for authorizing users to perform certain system adminis- tration tasks without giving them the super-user pass- word. _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd_...._pppp_ssss Belgers, Walter. ``UNIX Password Security.'' A dis- cussion of the importance of well-chosen passwords, and how passwords are cracked. _rrrr_iiii_tttt_cccc_hhhh_iiii_eeee_...._pppp_ssss Ritchie, Dennis M. ``On the Security of UNIX.'' The original UNIX security paper. _ssss_eeee_ssss_ssss_eeee_xxxx_tttt_...._pppp_ssss Bellovin, S. M. ``The `Session Tty' Manager.'' A method for controlling access to terminals by back- ground processes after the user has logged out. _ssss_rrrr_iiii_...._pppp_ssss Curry, David A. ``Improving the Security of Your UNIX System.'' A description of many of the security features of the average UNIX system, and how to use them. _tttt_oooo_oooo_llll_ssss_...._pppp_ssss Morrison, Geoff. ``UNIX Security Tools.'' An excel- lent summary of most of the public domain UNIX July 4, 1994 - 19 - security tools, and where to obtain them. Almost all of these tools are available on this CD-ROM. _tttt_rrrr_iiii_pppp_wwww_iiii_rrrr_eeee_...._pppp_ssss Kim, Gene H. and Eugene H. Spafford. ``The Design and Implementation of Tripwire: A File System Integrity Checker.'' Tripwire computes checksums of files on the system, and then scans later for any changes to those files. _tttt_wwww_eeee_xxxx_pppp_eeee_rrrr_...._pppp_ssss Kim, Gene H. and Eugene H. Spafford. ``Experiences With Tripwire: Using Integrity Checkers for Intrusion Detection.'' A description of how the Tripwire integrity checker (see _tttt_rrrr_iiii_pppp_wwww_iiii_rrrr_eeee_...._pppp_ssss) has performed in the field. _uuuu_nnnn_iiii_xxxx_ssss_eeee_cccc_...._pppp_ssss Bac'`ic', Eugen Mate. ``UNIX & Security.'' Describes many of the security features of the UNIX operating system, as well as features that could be added to result in an evaluatable system at Class C2. _uuuu_tttt_nnnn_eeee_tttt_...._pppp_ssss Spurgeon, Charles. ``UTnet Guide to UNIX System Secu- rity.'' A guide to UNIX security resources. _1._4._1_0. _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_vvvv_iiii_rrrr_uuuu_ssss The _////_pppp_aaaa_pppp_eeee_rrrr_ssss_////_vvvv_iiii_rrrr_uuuu_ssss directory contains documents related to computer viruses, worms, etc. The Internet Worm papers are in this directory. The files in this directory are: _aaaa_llll_iiii_ffff_eeee_...._pppp_ssss Spafford, Eugene H. ``Computer Viruses as Artificial Life.'' A consideration of computer viruses as artif- icial life - self-replicating organisms. _ffff_aaaa_qqqq_...._tttt_xxxx_tttt Readers of _V_I_R_U_S-_L and _c_o_m_p._v_i_r_u_s. ``Frequently Asked Questions on VIRUS-L/comp.virus.'' _ffff_eeee_dddd_eeee_llll_iiii_...._tttt_xxxx_tttt Fedeli, Alan. ``Organizing a Corporate Anti-Virus Effort.'' A description of how IBM Corp. has learned to cope with computer viruses and related threats. _gggg_aaaa_oooo_...._tttt_xxxx_tttt United States Government Accounting Office. ``Com- puter Security.'' The G.A.O.'s report on the Internet Worm of November, 1988, and on the then-current state of Internet vulnerabilities and prosecution of com- puter virus cases. _iiii_wwww_oooo_rrrr_mmmm_1111_...._pppp_ssss Spafford, Eugene H. ``The Internet Worm Program: An Analysis.'' A description of the algorithms used by the Internet Worm program of November 2, 1988. _iiii_wwww_oooo_rrrr_mmmm_2222_...._pppp_ssss Spafford, Eugene H. ``The Internet Worm Incident.'' A description of the events involved in the Internet Worm of November 2, 1988. July 4, 1994 - 20 - _mmmm_aaaa_llll_llll_oooo_gggg_iiii_cccc_...._pppp_ssss Bishop, Matt. ``An Overview of Computer Viruses in a Research Environment.'' An examination of computer viruses as malicious logic in a research and develop- ment environment and current techniques in controlling the threats of viruses and other malicious logic pro- grams. _mmmm_gggg_tttt_gggg_uuuu_iiii_dddd_eeee_...._pppp_ssss Wack, John P. and Lisa J. Carnahan. ``Computer Viruses and Related Threats: A Management Guide.'' Guidelines for preventing, deterring, containing, and recovering from attacks of viruses and related threats. A report from the U.S. National Institute of Standards and Technology. _mmmm_iiii_tttt_...._pppp_ssss Eichin, Mark W. and Jon A. Rochlis. ``With Microscope and Tweezers: An Analysis of the Internet Virus of November 1988.'' A detailed description of the events of the Internet Worm of November 2, 1988 from one of the teams of people who combatted it. _ssss_eeee_llll_gggg_uuuu_iiii_dddd_eeee_...._pppp_ssss Polk, W. T. and L. E. Bassham. ``A Guide to the Selection of Anti-Virus Tools and Techniques.'' Cri- teria for judging the functionality, practicality, and convenience of anti-virus tools. A report from the U.S. National Institute of Standards and Technology. _tttt_oooo_uuuu_rrrr_...._pppp_ssss Seeley, Donn. ``A Tour of the Worm.'' A tour of the Internet Worm of November 2, 1988. _1._5. _////_pppp_aaaa_ssss_ssss_dddd_iiii_cccc_tttt The _////_pppp_aaaa_ssss_ssss_dddd_iiii_cccc_tttt directory contains a collection of password cracking dic- tionaries in various languages. The directory is subdivided by language, with dictionaries from different sources in different files. _1._6. _////_pppp_oooo_llll_iiii_cccc_iiii_eeee_ssss The _////_pppp_oooo_llll_iiii_cccc_iiii_eeee_ssss directory contains a collection of policies on vaious topics, maintained as part of the Computers and Academic Freedom archives of the Electronic Freedom Foundation. _N_O_T_E: The files in this directory are stored in a single ``tar'' archive, because the archive creators used extremely long file names that are not easily reduced to the 8-character limit required by ISO-9660. This ``tar'' archive will have to be extracted on a UNIX sys- tem; MS-DOS will not handle the file names well at all. _1._7. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee directory contains public domain (or freely available) software tools that are related to computer security or incident response. Some of these programs are directed at computer security, others have primary purposes doing other things, but can be useful in the security field as well. Where possible, source code is provided. July 4, 1994 - 21 - In cases where binaries only are provided, use them at your own risk. Within the _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee directory, the following subdirectories are avail- able: _dddd_oooo_ssss Software for PCs running MS-DOS. _mmmm_aaaa_cccc Software for the Macintosh. _uuuu_nnnn_iiii_xxxx Software for various flavors of the UNIX operating system. _1._7._1. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_dddd_oooo_ssss The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_dddd_oooo_ssss directory contains software for PCs running MS-DOS. The subdirectories of this directory are: _nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk Programs for controlling access to a system via the network. _ssss_eeee_cccc_uuuu_rrrr_iiii_tttt_yyyy Programs for controlling PC security. _vvvv_iiii_rrrr_uuuu_ssss Anti-virus utilities. _1._7._1._1. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_dddd_oooo_ssss_////_nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_dddd_oooo_ssss_////_nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk directory contains programs for controlling access to a system via the network. The files in this subdirectory are: _kkkk_bbbb_rrrr_iiii_dddd_gggg_eeee_...._zzzz_iiii_pppp The KarlBridge _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee _bbbb_yyyy _DDDD_oooo_uuuu_gggg _KKKK_aaaa_rrrr_llll_.... _AAAA _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _tttt_hhhh_aaaa_tttt _rrrr_uuuu_nnnn_ssss _oooo_nnnn _aaaa _PPPP_CCCC _wwww_iiii_tttt_hhhh _tttt_wwww_oooo _EEEE_tttt_hhhh_eeee_rrrr_nnnn_eeee_tttt _bbbb_oooo_aaaa_rrrr_dddd_ssss_,,,, _tttt_uuuu_rrrr_nnnn_iiii_nnnn_gggg _tttt_hhhh_eeee _PPPP_CCCC _iiii_nnnn_tttt_oooo _aaaa _ssss_oooo_pppp_hhhh_iiii_ssss_tttt_iiii_cccc_aaaa_tttt_eeee_dddd_,,,, _hhhh_iiii_gggg_hhhh_----_llll_eeee_vvvv_eeee_llll_,,,, _pppp_aaaa_cccc_kkkk_eeee_tttt_----_ffff_iiii_llll_tttt_eeee_rrrr_iiii_nnnn_gggg _bbbb_rrrr_iiii_dddd_gggg_eeee_.... _IIII_tttt _cccc_aaaa_nnnn _ffff_iiii_llll_tttt_eeee_rrrr _pppp_aaaa_cccc_kkkk_eeee_tttt_ssss _bbbb_aaaa_ssss_eeee_dddd _oooo_nnnn _aaaa_nnnn_yyyy _ssss_pppp_eeee_cccc_iiii_ffff_iiii_eeee_dddd _pppp_rrrr_oooo_tttt_oooo_cccc_oooo_llll_,,,, _iiii_nnnn_cccc_llll_uuuu_dddd_iiii_nnnn_gggg _IIII_PPPP_,,,, _XXXX_NNNN_SSSS_,,,, _DDDD_EEEE_CCCC_NNNN_EEEE_TTTT_,,,, _LLLL_AAAA_TTTT_,,,, _IIII_PPPP_XXXX_,,,, _AAAA_pppp_pppp_llll_eeee_TTTT_aaaa_llll_kkkk_,,,, _eeee_tttt_cccc_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _2222_...._0000_.... _1._7._1._2. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_dddd_oooo_ssss_////_ssss_eeee_cccc_uuuu_rrrr_iiii_tttt_yyyy The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_dddd_oooo_ssss_////_ssss_eeee_cccc_uuuu_rrrr_iiii_tttt_yyyy directory contains programs for controlling PC security. The files in this directory are a mirror of the SimTel _////_mmmm_ssss_dddd_oooo_ssss_////_ssss_eeee_cccc_uuuu_rrrr_iiii_tttt_yyyy archive from oak.oakland.edu_.... _SSSS_eeee_eeee _tttt_hhhh_eeee _ffff_iiii_llll_eeee _0000_0000______iiii_nnnn_dddd_eeee_xxxx_...._tttt_xxxx_tttt _ffff_oooo_rrrr _aaaa _dddd_eeee_ssss_cccc_rrrr_iiii_pppp_tttt_iiii_oooo_nnnn _oooo_ffff _tttt_hhhh_eeee _ffff_iiii_llll_eeee_ssss _iiii_nnnn _tttt_hhhh_iiii_ssss _dddd_iiii_rrrr_eeee_cccc_tttt_oooo_rrrr_yyyy_.... _1._7._1._3. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_dddd_oooo_ssss_////_vvvv_iiii_rrrr_uuuu_ssss The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_dddd_oooo_ssss_////_vvvv_iiii_rrrr_uuuu_ssss directory contains anti-virus utilities. The files in this directory are a mirror of the SimTel _////_mmmm_ssss_dddd_oooo_ssss_////_vvvv_iiii_rrrr_uuuu_ssss archive from oak.oakland.edu_.... _SSSS_eeee_eeee _tttt_hhhh_eeee _ffff_iiii_llll_eeee _0000_0000______iiii_nnnn_dddd_eeee_xxxx_...._tttt_xxxx_tttt _ffff_oooo_rrrr _aaaa _dddd_eeee_ssss_cccc_rrrr_iiii_pppp_tttt_iiii_oooo_nnnn _oooo_ffff _tttt_hhhh_eeee _ffff_iiii_llll_eeee_ssss _iiii_nnnn _tttt_hhhh_iiii_ssss _dddd_iiii_rrrr_eeee_cccc_tttt_oooo_rrrr_yyyy_.... _1._7._2. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_mmmm_aaaa_cccc The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_mmmm_aaaa_cccc directory contains software for the Macintosh. The subdirectories of this directory are: July 4, 1994 - 22 - _vvvv_iiii_rrrr_uuuu_ssss Anti-virus utilities. _1._7._2._1. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_mmmm_aaaa_cccc_////_vvvv_iiii_rrrr_uuuu_ssss The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_mmmm_aaaa_cccc_////_vvvv_iiii_rrrr_uuuu_ssss directory contains anti-virus utilities. The files in this directory are: _dddd_iiii_ssss_iiii_nnnn_ffff_...._ssss_eeee_aaaa The Disinfectant virus scanner, preventer, and rem- over. Version 3.5. _gggg_aaaa_tttt_eeee_kkkk_eeee_eeee_pppp_...._hhhh_qqqq_xxxx The Gatekeeper virus preventer. Version 1.3. _ssss_aaaa_mmmm_pppp_llll_eeee_...._ssss_eeee_aaaa The public source code for the reusable human inter- face modules from Disinfectant. Version 2.4. _vvvv_iiii_rrrr_uuuu_ssss_dddd_eeee_tttt_...._hhhh_qqqq_xxxx The Virus Detective virus scanner. Version 5.05. _1._7._3. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx directory contains software for various flavors of the UNIX operating system. The subdirectories of this directory are: _aaaa_uuuu_tttt_hhhh_eeee_nnnn_tttt Programs for performing user and program authentica- tion. _dddd_iiii_gggg_ssss_iiii_gggg Programs for computing digital signatures (crypto- graphic checksums). _ffff_iiii_rrrr_eeee_wwww_aaaa_llll_llll Programs for constructing network firewalls. _nnnn_eeee_tttt_mmmm_oooo_nnnn Programs for monitoring network security. _nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk Programs for controlling access to a system via the network. _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd Programs pertaining to password security. _ssss_yyyy_ssss_mmmm_oooo_nnnn Programs for monitoring system security. _tttt_oooo_oooo_llll_ssss Programs that are not specifically designed for com- puter security uses, but are nevertheless useful to the security practitioner. _1._7._3._1. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_aaaa_uuuu_tttt_hhhh_eeee_nnnn_tttt The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_aaaa_uuuu_tttt_hhhh_eeee_nnnn_tttt directory contains software for performing user and program authentication. The files in this directory are: _kkkk_eeee_rrrr_bbbb_eeee_rrrr_oooo_ssss This subdirectory contains the sources and documenta- tion for the Kerberos package from the Massachusetts Institute of Technology. There are two subdirectories of this directory: _vvvv_4444 Version 4 Patchlevel 10. This is the July 4, 1994 - 23 - final release of Version 4; all future development efforts will be based on Ver- sion 5. Release date: 9 December 1992. _vvvv_5555 Version 5 Beta 4. This is the current release of Version 5; all current development efforts are based on this version. Release date: 15 June 1994. _llll_iiii_bbbb_iiii_dddd_eeee_nnnn_tttt_...._tttt_aaaa_rrrr The libident _llll_iiii_bbbb_rrrr_aaaa_rrrr_yyyy _bbbb_yyyy _PPPP_eeee_tttt_eeee_rrrr _EEEE_rrrr_iiii_kkkk_ssss_ssss_oooo_nnnn_.... _AAAA _llll_iiii_bbbb_rrrr_aaaa_rrrr_yyyy _oooo_ffff _ffff_uuuu_nnnn_cccc_tttt_iiii_oooo_nnnn_ssss _tttt_oooo _iiii_nnnn_tttt_eeee_rrrr_ffff_aaaa_cccc_eeee _wwww_iiii_tttt_hhhh _aaaa_nnnn _RRRR_FFFF_CCCC_1111_4444_1111_3333 _iiii_dddd_eeee_nnnn_tttt_iiii_ffff_iiii_cccc_aaaa_tttt_iiii_oooo_nnnn _ssss_eeee_rrrr_vvvv_eeee_rrrr_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _0000_...._1111_4444_.... _pppp_iiii_dddd_eeee_nnnn_tttt_dddd_...._tttt_aaaa_rrrr The pident _dddd_aaaa_eeee_mmmm_oooo_nnnn _bbbb_yyyy _PPPP_eeee_tttt_eeee_rrrr _EEEE_rrrr_iiii_kkkk_ssss_ssss_oooo_nnnn_.... _IIII_mmmm_pppp_llll_eeee_mmmm_eeee_nnnn_tttt_ssss _tttt_hhhh_eeee _RRRR_FFFF_CCCC_1111_4444_1111_3333 _iiii_dddd_eeee_nnnn_tttt_iiii_ffff_iiii_cccc_aaaa_tttt_iiii_oooo_nnnn _ssss_eeee_rrrr_vvvv_eeee_rrrr_,,,, _tttt_hhhh_aaaa_tttt _cccc_aaaa_nnnn _bbbb_eeee _uuuu_ssss_eeee_dddd _tttt_oooo _qqqq_uuuu_eeee_rrrr_yyyy _aaaa _rrrr_eeee_mmmm_oooo_tttt_eeee _hhhh_oooo_ssss_tttt _ffff_oooo_rrrr _tttt_hhhh_eeee _iiii_dddd_eeee_nnnn_tttt_iiii_ffff_iiii_cccc_aaaa_tttt_iiii_oooo_nnnn _oooo_ffff _tttt_hhhh_eeee _uuuu_ssss_eeee_rrrr _mmmm_aaaa_kkkk_iiii_nnnn_gggg _aaaa _TTTT_CCCC_PPPP _cccc_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_oooo_nnnn _rrrr_eeee_qqqq_uuuu_eeee_ssss_tttt_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _2222_...._2222_.... _ssss_kkkk_eeee_yyyy_...._tttt_aaaa_rrrr The S/Key one-time password system from Bellcore. Implements one-time passwords for UNIX systems. Includes one-time password generator programs for PCs and Macs. _1._7._3._2. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_dddd_iiii_gggg_ssss_iiii_gggg The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_dddd_iiii_gggg_ssss_iiii_gggg directory contains programs for computing digital signatures (cryptographic checksums). The files in this direc- tory are: _mmmm_dddd_2222_...._tttt_xxxx_tttt The source code and specification for the MD-2 message digest function. _mmmm_dddd_4444_...._tttt_xxxx_tttt The source code and specification for the MD-4 message digest function. _mmmm_dddd_5555_...._tttt_xxxx_tttt The source code and specification for the MD-5 message digest function. _ssss_nnnn_eeee_ffff_rrrr_uuuu_...._tttt_aaaa_rrrr The source code and documentation for the Snefru mes- sage digest function (Xerox Secure Hash Function). Version 2.5a. _1._7._3._3. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_ffff_iiii_rrrr_eeee_wwww_aaaa_llll_llll The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_ffff_iiii_rrrr_eeee_wwww_aaaa_llll_llll directory contains software for constructing network firewalls. The files in this directory are: _gggg_aaaa_uuuu_...._tttt_aaaa_rrrr The Gateway Access Utilities package from Sterling Software. Supports access to the Internet through a network firewall without requiring that users have accounts on the firewall host itself. These are modifed TELNET and FTP programs that work in a ``proxy'' fashion through the firewall. Version of 22 March 1993. July 4, 1994 - 24 - _ssss_oooo_cccc_kkkk_ssss_...._tttt_aaaa_rrrr The socks _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee_,,,, _bbbb_yyyy _DDDD_aaaa_vvvv_iiii_dddd _aaaa_nnnn_dddd _MMMM_iiii_cccc_hhhh_eeee_llll_llll_eeee _KKKK_oooo_bbbb_llll_aaaa_ssss_.... _AAAA_nnnn _IIII_nnnn_tttt_eeee_rrrr_nnnn_eeee_tttt _````_````_ssss_oooo_cccc_kkkk_eeee_tttt _ssss_eeee_rrrr_vvvv_eeee_rrrr_''''_'''' _cccc_oooo_nnnn_ssss_iiii_ssss_tttt_iiii_nnnn_gggg _oooo_ffff _aaaa _ssss_eeee_tttt _oooo_ffff _cccc_llll_iiii_eeee_nnnn_tttt _llll_iiii_bbbb_rrrr_aaaa_rrrr_yyyy _rrrr_oooo_uuuu_tttt_iiii_nnnn_eeee_ssss _aaaa_nnnn_dddd _aaaa _dddd_aaaa_eeee_mmmm_oooo_nnnn _tttt_hhhh_aaaa_tttt _iiii_nnnn_tttt_eeee_rrrr_aaaa_cccc_tttt _tttt_hhhh_rrrr_oooo_uuuu_gggg_hhhh _aaaa _ssss_iiii_mmmm_pppp_llll_eeee _pppp_rrrr_oooo_tttt_oooo_cccc_oooo_llll _tttt_oooo _pppp_rrrr_oooo_vvvv_iiii_dddd_eeee _cccc_oooo_nnnn_vvvv_eeee_nnnn_iiii_eeee_nnnn_tttt _aaaa_nnnn_dddd _ssss_eeee_cccc_uuuu_rrrr_eeee _nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk _cccc_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_vvvv_iiii_tttt_yyyy _tttt_hhhh_rrrr_oooo_uuuu_gggg_hhhh _aaaa _ffff_iiii_rrrr_eeee_wwww_aaaa_llll_llll _hhhh_oooo_ssss_tttt_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _3333_.... _ssss_cccc_kkkk_ssss_cccc_ssss_tttt_cccc_...._tttt_aaaa_rrrr The CSTC release of the socks _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee _((((_ssss_eeee_eeee _ssss_oooo_cccc_kkkk_ssss_...._tttt_aaaa_rrrr_))))_.... _TTTT_hhhh_iiii_ssss _vvvv_eeee_rrrr_ssss_iiii_oooo_nnnn _iiii_nnnn_cccc_llll_uuuu_dddd_eeee_ssss _ffff_uuuu_llll_llll _ssss_oooo_uuuu_rrrr_cccc_eeee _ffff_oooo_rrrr _tttt_hhhh_eeee _SSSS_OOOO_CCCC_KKKK_SSSS _ssss_eeee_rrrr_vvvv_eeee_rrrr _aaaa_nnnn_dddd _SSSS_OOOO_CCCC_KKKK_SSSS_----_iiii_ffff_iiii_eeee_dddd _cccc_llll_iiii_eeee_nnnn_tttt _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm_ssss _ffff_oooo_rrrr _ffff_iiii_nnnn_gggg_eeee_rrrr_,,,, _ffff_tttt_pppp_,,,, _tttt_eeee_llll_nnnn_eeee_tttt_,,,, _aaaa_nnnn_dddd _wwww_hhhh_oooo_iiii_ssss_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _4444_...._1111_.... _tttt_cccc_pppp_rrrr_...._tttt_aaaa_rrrr The tcpr _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee _bbbb_yyyy _PPPP_aaaa_uuuu_llll _ZZZZ_iiii_eeee_mmmm_bbbb_aaaa_.... _AAAA _ssss_eeee_tttt _oooo_ffff _PPPP_eeee_rrrr_llll _ssss_cccc_rrrr_iiii_pppp_tttt_ssss _tttt_hhhh_aaaa_tttt _eeee_nnnn_aaaa_bbbb_llll_eeee _tttt_hhhh_eeee _uuuu_ssss_eeee _oooo_ffff _FFFF_TTTT_PPPP _aaaa_nnnn_dddd _TTTT_EEEE_LLLL_NNNN_EEEE_TTTT _aaaa_cccc_rrrr_oooo_ssss_ssss _aaaa _ffff_iiii_rrrr_eeee_wwww_aaaa_llll_llll_.... _IIII_tttt _cccc_oooo_nnnn_ssss_iiii_ssss_tttt_ssss _oooo_ffff _aaaa_nnnn _iiii_nnnn_eeee_tttt_dddd-like server, a relay program, and a client that talks to the server. Version 1.1.5. _tttt_iiii_ssss_ffff_wwww_tttt_kkkk This subdirectory contains the Trusted Information Systems (TIS) Firewall Toolkit, a fairly complete set of programs and instructions for constructing network firewalls. The contents of this directory are: _aaaa_llll_pppp_hhhh_aaaa_...._tttt_aaaa_rrrr The latest ``prerelease'' version of the toolkit, for those who wish to experiment with or modify the version that is currently under development. It is con- sidered a stable release but may not con- tain up-to-date documentation or porting fixes. There are a number of portability fixes in this version that are not present in Version 1.2. _ffff_wwww_tttt_kkkk_dddd_oooo_cccc_...._tttt_aaaa_rrrr The toolkit documentation. Version 1.2. _ffff_wwww_tttt_kkkk_ssss_rrrr_cccc_...._tttt_aaaa_rrrr The toolkit source code. Version 1.2. _uuuu_dddd_pppp_rrrr_eeee_llll_aaaa_yyyy_...._tttt_aaaa_rrrr The udprelay _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee _bbbb_yyyy _TTTT_oooo_mmmm _FFFF_iiii_tttt_zzzz_gggg_eeee_rrrr_aaaa_llll_dddd_.... _AAAA _dddd_aaaa_eeee_mmmm_oooo_nnnn _pppp_rrrr_oooo_---- _cccc_eeee_ssss_ssss _tttt_hhhh_aaaa_tttt _rrrr_uuuu_nnnn_ssss _oooo_nnnn _aaaa _ffff_iiii_rrrr_eeee_wwww_aaaa_llll_llll _hhhh_oooo_ssss_tttt _aaaa_nnnn_dddd _ffff_oooo_rrrr_wwww_aaaa_rrrr_dddd_ssss _UUUU_DDDD_PPPP _pppp_aaaa_cccc_kkkk_eeee_tttt_ssss _iiii_nnnn_tttt_oooo _aaaa_nnnn_dddd _oooo_uuuu_tttt _oooo_ffff _tttt_hhhh_eeee _ffff_iiii_rrrr_eeee_wwww_aaaa_llll_llll_eeee_dddd _nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk_,,,, _aaaa_ssss _dddd_iiii_rrrr_eeee_cccc_tttt_eeee_dddd _bbbb_yyyy _aaaa _cccc_oooo_nnnn_ffff_iiii_gggg_uuuu_rrrr_aaaa_tttt_iiii_oooo_nnnn _ffff_iiii_llll_eeee_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _0000_...._2222_.... _xxxx_ffff_oooo_rrrr_wwww_aaaa_rrrr_dddd_...._tttt_aaaa_rrrr The xforward _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee _bbbb_yyyy _WWWW_iiii_nnnn _TTTT_rrrr_eeee_eeee_ssss_eeee_.... _UUUU_ssss_eeee_dddd _ffff_oooo_rrrr _rrrr_eeee_llll_aaaa_yyyy_iiii_nnnn_gggg _XXXX _WWWW_iiii_nnnn_dddd_oooo_wwww _SSSS_yyyy_ssss_tttt_eeee_mmmm _cccc_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_oooo_nnnn_ssss _aaaa_cccc_rrrr_oooo_ssss_ssss _nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk _ffff_iiii_rrrr_eeee_wwww_aaaa_llll_llll_ssss_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _1111_...._0000_.... _1._7._3._4. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_nnnn_eeee_tttt_mmmm_oooo_nnnn The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_nnnn_eeee_tttt_mmmm_oooo_nnnn directory contains programs for monitoring network security. The files in this directory are: _nnnn_eeee_tttt_mmmm_aaaa_nnnn This subdirectory contains the NETMAN package of net- work monitoring and visualization tools from Curtin University. The etherman _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _iiii_ssss _aaaa_nnnn _XXXX _WWWW_iiii_nnnn_dddd_oooo_wwww July 4, 1994 - 25 - _SSSS_yyyy_ssss_tttt_eeee_mmmm _tttt_oooo_oooo_llll _tttt_hhhh_aaaa_tttt _dddd_iiii_ssss_pppp_llll_aaaa_yyyy_ssss _aaaa _rrrr_eeee_pppp_rrrr_eeee_ssss_eeee_nnnn_tttt_aaaa_tttt_iiii_oooo_nnnn _oooo_ffff _rrrr_eeee_aaaa_llll_---- _tttt_iiii_mmmm_eeee _EEEE_tttt_hhhh_eeee_rrrr_nnnn_eeee_tttt _cccc_oooo_mmmm_mmmm_uuuu_nnnn_iiii_cccc_aaaa_tttt_iiii_oooo_nnnn_ssss_.... _TTTT_hhhh_eeee _iiii_nnnn_tttt_eeee_rrrr_mmmm_aaaa_nnnn program focuses on IP connectivity within a single segment. The packetman _tttt_oooo_oooo_llll _iiii_ssss _aaaa _rrrr_eeee_tttt_rrrr_oooo_ssss_pppp_eeee_cccc_tttt_iiii_vvvv_eeee _EEEE_tttt_hhhh_eeee_rrrr_nnnn_eeee_tttt _pppp_aaaa_cccc_kkkk_eeee_tttt _aaaa_nnnn_aaaa_llll_yyyy_zzzz_eeee_rrrr_.... _WWWW_iiii_tttt_hhhh_iiii_nnnn _tttt_hhhh_eeee _ssss_uuuu_bbbb_dddd_iiii_rrrr_eeee_cccc_tttt_oooo_rrrr_yyyy _aaaa_rrrr_eeee _bbbb_iiii_nnnn_aaaa_rrrr_iiii_eeee_ssss _ffff_oooo_rrrr _aaaa _nnnn_uuuu_mmmm_bbbb_eeee_rrrr _oooo_ffff _dddd_iiii_ffff_ffff_eeee_rrrr_eeee_nnnn_tttt _pppp_llll_aaaa_tttt_ffff_oooo_rrrr_mmmm_ssss_.... _SSSS_oooo_uuuu_rrrr_cccc_eeee _cccc_oooo_dddd_eeee _iiii_ssss _aaaa_vvvv_aaaa_iiii_llll_---- _aaaa_bbbb_llll_eeee _ffff_oooo_rrrr _$$$$_5555_0000_0000_...._0000_0000 _ffff_oooo_rrrr _uuuu_nnnn_iiii_vvvv_eeee_rrrr_ssss_iiii_tttt_iiii_eeee_ssss _aaaa_nnnn_dddd _$$$$_1111_,,,,_0000_0000_0000_...._0000_0000 _ffff_oooo_rrrr _cccc_oooo_mmmm_pppp_aaaa_nnnn_iiii_eeee_ssss _aaaa_nnnn_dddd _oooo_tttt_hhhh_eeee_rrrr _gggg_rrrr_oooo_uuuu_pppp_ssss_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _1111_...._1111_.... _nnnn_oooo_cccc_oooo_llll_...._tttt_aaaa_rrrr The NOCOL (Network Operations Center On-Line) package from JVNC-Net. Can monitor various network variables such as ICMP or RPC reachability, name servers, ether- net load, port reachability, host performance, SNMP traps, modem line usage, AppleTalk and Novell routes and services, BGP peers, etc. The software is exten- sible and new monitors can be added easily. Version 4.0beta (the beta release is very near formal release, and is recommended over the previous version). _tttt_cccc_pppp_wwww_hhhh_oooo_...._tttt_aaaa_rrrr The tcpwho _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _SSSS_cccc_oooo_tttt_tttt _CCCC_hhhh_aaaa_ssss_iiii_nnnn_.... _DDDD_iiii_ssss_pppp_llll_aaaa_yyyy_ssss _aaaa _llll_iiii_ssss_tttt _oooo_ffff _aaaa_llll_llll _TTTT_CCCC_PPPP _cccc_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_oooo_nnnn_ssss _aaaa_nnnn_dddd _tttt_hhhh_eeee _cccc_oooo_rrrr_rrrr_eeee_ssss_pppp_oooo_nnnn_dddd_iiii_nnnn_gggg _uuuu_ssss_eeee_rrrr _nnnn_aaaa_mmmm_eeee _aaaa_nnnn_dddd _pppp_rrrr_oooo_cccc_eeee_ssss_ssss _iiii_dddd_eeee_nnnn_tttt_iiii_ffff_iiii_eeee_rrrr _aaaa_ssss_ssss_oooo_cccc_iiii_aaaa_tttt_eeee_dddd _wwww_iiii_tttt_hhhh _eeee_aaaa_cccc_hhhh _cccc_oooo_nnnn_nnnn_eeee_cccc_---- _tttt_iiii_oooo_nnnn_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _1111_...._0000_.... _1._7._3._5. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk directory contains programs for controlling access to a system via the network. The files in this subdirectory are: _iiii_pppp_aaaa_cccc_llll_...._tttt_aaaa_rrrr The ipacl _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee _ffff_rrrr_oooo_mmmm _SSSS_iiii_eeee_mmmm_eeee_nnnn_ssss_.... _FFFF_oooo_rrrr_cccc_eeee_ssss _aaaa_llll_llll _TTTT_CCCC_PPPP _aaaa_nnnn_dddd _UUUU_DDDD_PPPP _pppp_aaaa_cccc_kkkk_eeee_tttt_ssss _tttt_oooo _pppp_aaaa_ssss_ssss _tttt_hhhh_rrrr_oooo_uuuu_gggg_hhhh _aaaa_nnnn _aaaa_cccc_cccc_eeee_ssss_ssss _cccc_oooo_nnnn_tttt_rrrr_oooo_llll _llll_iiii_ssss_tttt _ffff_aaaa_cccc_iiii_llll_iiii_tttt_yyyy_.... _TTTT_hhhh_eeee _cccc_oooo_nnnn_ffff_iiii_gggg_uuuu_rrrr_aaaa_tttt_iiii_oooo_nnnn _ffff_iiii_llll_eeee _aaaa_llll_llll_oooo_wwww_ssss _pppp_aaaa_cccc_kkkk_eeee_tttt_ssss _tttt_oooo _bbbb_eeee _aaaa_cccc_cccc_eeee_pppp_tttt_eeee_dddd_,,,, _rrrr_eeee_jjjj_eeee_cccc_tttt_eeee_dddd_,,,, _cccc_oooo_nnnn_dddd_iiii_tttt_iiii_oooo_nnnn_aaaa_llll_llll_yyyy _aaaa_cccc_cccc_eeee_pppp_tttt_eeee_dddd_,,,, _aaaa_nnnn_dddd _cccc_oooo_nnnn_dddd_iiii_---- _tttt_iiii_oooo_nnnn_aaaa_llll_llll_yyyy _rrrr_eeee_jjjj_eeee_cccc_tttt_eeee_dddd _bbbb_aaaa_ssss_eeee_dddd _oooo_nnnn _cccc_hhhh_aaaa_rrrr_aaaa_cccc_tttt_eeee_rrrr_iiii_ssss_tttt_iiii_cccc_ssss _ssss_uuuu_cccc_hhhh _aaaa_ssss _ssss_oooo_uuuu_rrrr_cccc_eeee _aaaa_dddd_dddd_rrrr_eeee_ssss_ssss_,,,, _dddd_eeee_ssss_tttt_iiii_nnnn_aaaa_tttt_iiii_oooo_nnnn _aaaa_dddd_dddd_rrrr_eeee_ssss_ssss_,,,, _ssss_oooo_uuuu_rrrr_cccc_eeee _pppp_oooo_rrrr_tttt _nnnn_uuuu_mmmm_bbbb_eeee_rrrr_,,,, _aaaa_nnnn_dddd _dddd_eeee_ssss_tttt_iiii_nnnn_aaaa_tttt_iiii_oooo_nnnn _pppp_oooo_rrrr_tttt _nnnn_uuuu_mmmm_bbbb_eeee_rrrr_.... _SSSS_hhhh_oooo_uuuu_llll_dddd _bbbb_eeee _pppp_oooo_rrrr_tttt_---- _aaaa_bbbb_llll_eeee _tttt_oooo _aaaa_nnnn_yyyy _ssss_yyyy_ssss_tttt_eeee_mmmm _tttt_hhhh_aaaa_tttt _uuuu_ssss_eeee_ssss _SSSS_yyyy_ssss_tttt_eeee_mmmm _VVVV _SSSS_TTTT_RRRR_EEEE_AAAA_MMMM_SSSS _ffff_oooo_rrrr _iiii_tttt_ssss _nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk _cccc_oooo_dddd_eeee_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _oooo_ffff _1111_3333 _JJJJ_aaaa_nnnn_uuuu_aaaa_rrrr_yyyy _1111_9999_9999_3333_.... _llll_dddd_aaaa_eeee_mmmm_oooo_nnnn_...._tttt_aaaa_rrrr The logdaemon _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee _bbbb_yyyy _WWWW_iiii_eeee_tttt_ssss_eeee _VVVV_eeee_nnnn_eeee_mmmm_aaaa_.... _PPPP_rrrr_oooo_vvvv_iiii_dddd_eeee_ssss _mmmm_oooo_dddd_iiii_ffff_iiii_eeee_dddd _vvvv_eeee_rrrr_ssss_iiii_oooo_nnnn_ssss _oooo_ffff _rrrr_ssss_hhhh_dddd, rlogind_,,,, _ffff_tttt_pppp_dddd, rexecd_,,,, _llll_oooo_gggg_iiii_nnnn, and telnetd _tttt_hhhh_aaaa_tttt _llll_oooo_gggg _ssss_iiii_gggg_nnnn_iiii_ffff_iiii_cccc_aaaa_nnnn_tttt_llll_yyyy _mmmm_oooo_rrrr_eeee _iiii_nnnn_ffff_oooo_rrrr_---- _mmmm_aaaa_tttt_iiii_oooo_nnnn _tttt_hhhh_aaaa_nnnn _tttt_hhhh_eeee _ssss_tttt_aaaa_nnnn_dddd_aaaa_rrrr_dddd _vvvv_eeee_nnnn_dddd_oooo_rrrr _vvvv_eeee_rrrr_ssss_iiii_oooo_nnnn_ssss_,,,, _eeee_nnnn_aaaa_bbbb_llll_iiii_nnnn_gggg _bbbb_eeee_tttt_tttt_eeee_rrrr _aaaa_uuuu_dddd_iiii_tttt_iiii_nnnn_gggg _oooo_ffff _pppp_rrrr_oooo_bbbb_llll_eeee_mmmm_ssss _vvvv_iiii_aaaa _tttt_hhhh_eeee _llll_oooo_gggg_ffff_iiii_llll_eeee_ssss_.... _AAAA_llll_ssss_oooo _iiii_nnnn_cccc_llll_uuuu_dddd_eeee_ssss _ssss_uuuu_pppp_pppp_oooo_rrrr_tttt _ffff_oooo_rrrr _tttt_hhhh_eeee _SSSS_////_KKKK_eeee_yyyy _oooo_nnnn_eeee_----_tttt_iiii_mmmm_eeee _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd _pppp_aaaa_cccc_kkkk_---- _aaaa_gggg_eeee_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _4444_...._2222_.... _pppp_oooo_rrrr_tttt_mmmm_aaaa_pppp_...._tttt_aaaa_rrrr The portmap _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _WWWW_iiii_eeee_tttt_ssss_eeee _VVVV_eeee_nnnn_eeee_mmmm_aaaa_.... _AAAA _rrrr_eeee_pppp_llll_aaaa_cccc_eeee_mmmm_eeee_nnnn_tttt _ffff_oooo_rrrr _tttt_hhhh_eeee _ssss_tttt_aaaa_nnnn_dddd_aaaa_rrrr_dddd _SSSS_uuuu_nnnn _pppp_oooo_rrrr_tttt_mmmm_aaaa_pppp program (portable to a number of vendors' systems) that attempts to close all known holes in portmap_.... _TTTT_hhhh_iiii_ssss _iiii_nnnn_cccc_llll_uuuu_dddd_eeee_ssss _pppp_rrrr_eeee_vvvv_eeee_nnnn_tttt_iiii_oooo_nnnn _oooo_ffff _NNNN_IIII_SSSS _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd _ffff_iiii_llll_eeee _tttt_hhhh_eeee_ffff_tttt_,,,, _pppp_rrrr_eeee_vvvv_eeee_nnnn_tttt_iiii_oooo_nnnn _oooo_ffff _uuuu_nnnn_aaaa_uuuu_tttt_hhhh_oooo_rrrr_iiii_zzzz_eeee_dddd _yyyy_pppp_ssss_eeee_tttt commands, and prevention of NFS file handle theft. Version 3. July 4, 1994 - 26 - _rrrr_pppp_cccc_bbbb_iiii_nnnn_dddd_...._tttt_aaaa_rrrr The rpcbind _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _WWWW_iiii_eeee_tttt_ssss_eeee _VVVV_eeee_nnnn_eeee_mmmm_aaaa_.... _AAAA _rrrr_eeee_pppp_llll_aaaa_cccc_eeee_mmmm_eeee_nnnn_tttt _ffff_oooo_rrrr _tttt_hhhh_eeee _SSSS_uuuu_nnnn _rrrr_pppp_cccc_bbbb_iiii_nnnn_dddd program that offers access control and copious logging. Allows host access control based on network addresses. Preliminary version. _ssss_cccc_rrrr_eeee_eeee_nnnn_dddd_...._tttt_aaaa_rrrr The screend _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee _bbbb_yyyy _JJJJ_eeee_ffff_ffff _MMMM_oooo_gggg_uuuu_llll_.... _PPPP_rrrr_oooo_vvvv_iiii_dddd_eeee_ssss _aaaa _dddd_aaaa_eeee_mmmm_oooo_nnnn _aaaa_nnnn_dddd _kkkk_eeee_rrrr_nnnn_eeee_llll _mmmm_oooo_dddd_iiii_ffff_iiii_cccc_aaaa_tttt_iiii_oooo_nnnn_ssss _tttt_oooo _aaaa_llll_llll_oooo_wwww _aaaa_llll_llll _pppp_aaaa_cccc_kkkk_eeee_tttt_ssss _tttt_oooo _bbbb_eeee _ffff_iiii_llll_tttt_eeee_rrrr_eeee_dddd _bbbb_aaaa_ssss_eeee_dddd _oooo_nnnn _ssss_oooo_uuuu_rrrr_cccc_eeee _aaaa_dddd_dddd_rrrr_eeee_ssss_ssss_,,,, _dddd_eeee_ssss_tttt_iiii_nnnn_aaaa_tttt_iiii_oooo_nnnn _aaaa_dddd_dddd_rrrr_eeee_ssss_ssss_,,,, _oooo_rrrr _aaaa_nnnn_yyyy _oooo_tttt_hhhh_eeee_rrrr _bbbb_yyyy_tttt_eeee _oooo_rrrr _ssss_eeee_tttt _oooo_ffff _bbbb_yyyy_tttt_eeee_ssss _iiii_nnnn _tttt_hhhh_eeee _pppp_aaaa_cccc_kkkk_eeee_tttt_.... _SSSS_hhhh_oooo_uuuu_llll_dddd _wwww_oooo_rrrr_kkkk _oooo_nnnn _mmmm_oooo_ssss_tttt _ssss_yyyy_ssss_tttt_eeee_mmmm_ssss _tttt_hhhh_aaaa_tttt _uuuu_ssss_eeee _BBBB_eeee_rrrr_kkkk_eeee_llll_eeee_yyyy_----_ssss_tttt_yyyy_llll_eeee _nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk_iiii_nnnn_gggg _iiii_nnnn _tttt_hhhh_eeee _kkkk_eeee_rrrr_nnnn_eeee_llll_,,,, _bbbb_uuuu_tttt _rrrr_eeee_qqqq_uuuu_iiii_rrrr_eeee_ssss _kkkk_eeee_rrrr_nnnn_eeee_llll _mmmm_oooo_dddd_iiii_ffff_iiii_---- _cccc_aaaa_tttt_iiii_oooo_nnnn_ssss _((((_iiii_...._eeee_...._,,,, _kkkk_eeee_rrrr_nnnn_eeee_llll _ssss_oooo_uuuu_rrrr_cccc_eeee _cccc_oooo_dddd_eeee_))))_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _oooo_ffff _2222_1111 _JJJJ_aaaa_nnnn_uuuu_aaaa_rrrr_yyyy _1111_9999_9999_3333_.... _ssss_eeee_cccc_llll_iiii_bbbb_...._tttt_aaaa_rrrr The securelib _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee _bbbb_yyyy _WWWW_iiii_llll_llll_iiii_aaaa_mmmm _LLLL_eeee_FFFF_eeee_bbbb_vvvv_rrrr_eeee_.... _PPPP_rrrr_oooo_vvvv_iiii_dddd_eeee_ssss _aaaa _rrrr_eeee_pppp_llll_aaaa_cccc_eeee_mmmm_eeee_nnnn_tttt _ssss_hhhh_aaaa_rrrr_eeee_dddd _llll_iiii_bbbb_rrrr_aaaa_rrrr_yyyy _ffff_oooo_rrrr _SSSS_uuuu_nnnn_OOOO_SSSS _4444_...._1111_...._x _ssss_yyyy_ssss_tttt_eeee_mmmm_ssss _tttt_hhhh_aaaa_tttt _oooo_ffff_ffff_eeee_rrrr_ssss _nnnn_eeee_wwww _vvvv_eeee_rrrr_ssss_iiii_oooo_nnnn_ssss _oooo_ffff _tttt_hhhh_eeee _aaaa_cccc_cccc_eeee_pppp_tttt, _r_e_c_v_f_r_o_m_,,,, _aaaa_nnnn_dddd _rrrr_eeee_cccc_vvvv_mmmm_ssss_gggg _n_e_t_w_o_r_k_i_n_g _s_y_s_t_e_m _c_a_l_l_s. _T_h_e_s_e _c_a_l_l_s _a_r_e _c_o_m_- _p_a_t_i_b_l_e _w_i_t_h _t_h_e _o_r_i_g_i_n_a_l_s, _e_x_c_e_p_t _t_h_a_t _t_h_e_y _c_h_e_c_k _t_h_e _a_d_d_r_e_s_s _o_f _t_h_e _m_a_c_h_i_n_e _i_n_i_t_i_a_t_i_n_g _t_h_e _c_o_n_n_e_c_t_i_o_n _t_o _m_a_k_e _s_u_r_e _i_t _i_s _a_l_l_o_w_e_d _t_o _c_o_n_n_e_c_t, _b_a_s_e_d _o_n _t_h_e _c_o_n_- _t_e_n_t_s _o_f _a _c_o_n_f_i_g_u_r_a_t_i_o_n _f_i_l_e. _T_h_e _a_d_v_a_n_t_a_g_e _o_f _t_h_i_s _a_p_p_r_o_a_c_h _i_s _t_h_a_t _i_t _c_a_n _b_e _i_n_s_t_a_l_l_e_d _w_i_t_h_o_u_t _r_e_c_o_m_p_i_l_- _i_n_g _a_n_y _s_o_f_t_w_a_r_e. _V_e_r_s_i_o_n _3. _tttt_cccc_pppp_wwww_rrrr_aaaa_pppp_...._tttt_aaaa_rrrr The tcp_wrapper _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee _bbbb_yyyy _WWWW_iiii_eeee_tttt_ssss_eeee _VVVV_eeee_nnnn_eeee_mmmm_aaaa_.... _FFFF_oooo_rrrr_mmmm_eeee_rrrr_llll_yyyy _cccc_aaaa_llll_llll_eeee_dddd _llll_oooo_gggg______tttt_cccc_pppp. Allows monitoring and control over who connects to a host's TFTP, EXEC, FTP, RSH, TELNET, RLOGIN, FINGER, and SYSTAT ports. Also includes a library so that other programs can be controlled and monitored in the same fashion. Version 6.3. _xxxx_iiii_nnnn_eeee_tttt_dddd_...._tttt_aaaa_rrrr The xinetd _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _PPPP_aaaa_nnnn_aaaa_gggg_iiii_oooo_tttt_iiii_ssss _TTTT_ssss_iiii_rrrr_iiii_gggg_oooo_tttt_iiii_ssss_.... _AAAA _rrrr_eeee_pppp_llll_aaaa_cccc_eeee_mmmm_eeee_nnnn_tttt _ffff_oooo_rrrr _tttt_hhhh_eeee _iiii_nnnn_eeee_tttt_dddd program that can be config- ured to perform access control based on host address or time of day, and to log significantly more informa- tion than most vendor versions. Version 2.0.6. _1._7._3._6. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd directory contains programs pertaining to password security. The files in this subdirectory are: _aaaa_nnnn_llll_pppp_aaaa_ssss_ssss_wwww_...._tttt_aaaa_rrrr The anlpasswd _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _((((_ffff_oooo_rrrr_mmmm_eeee_rrrr_llll_yyyy _pppp_eeee_rrrr_llll_----_pppp_aaaa_ssss_ssss_wwww_dddd_2222) from Argonne National Library. A proactive password checker that refuses to let users choose ``bad'' pass- words. Version 2.2. _cccc_rrrr_aaaa_cccc_kkkk_...._tttt_aaaa_rrrr The crack _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _AAAA_llll_eeee_cccc _MMMM_uuuu_ffff_ffff_eeee_tttt_tttt_.... _AAAA _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd_---- _cccc_rrrr_aaaa_cccc_kkkk_iiii_nnnn_gggg _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _wwww_iiii_tttt_hhhh _aaaa _cccc_oooo_nnnn_ffff_iiii_gggg_uuuu_rrrr_aaaa_tttt_iiii_oooo_nnnn _llll_aaaa_nnnn_gggg_uuuu_aaaa_gggg_eeee_,,,, _aaaa_llll_llll_oooo_wwww_---- _iiii_nnnn_gggg _tttt_hhhh_eeee _uuuu_ssss_eeee_rrrr _tttt_oooo _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _tttt_hhhh_eeee _tttt_yyyy_pppp_eeee_ssss _oooo_ffff _gggg_uuuu_eeee_ssss_ssss_eeee_ssss _uuuu_ssss_eeee_dddd_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _4444_...._1111_.... _cccc_rrrr_aaaa_cccc_kkkk_llll_iiii_bbbb_...._tttt_aaaa_rrrr The cracklib _dddd_iiii_ssss_tttt_rrrr_iiii_bbbb_uuuu_tttt_iiii_oooo_nnnn_,,,, _bbbb_yyyy _AAAA_llll_eeee_cccc _MMMM_uuuu_ffff_ffff_eeee_tttt_tttt_.... _AAAA _llll_iiii_bbbb_rrrr_aaaa_rrrr_yyyy July 4, 1994 - 27 - _oooo_ffff _ffff_uuuu_nnnn_cccc_tttt_iiii_oooo_nnnn_ssss _tttt_hhhh_aaaa_tttt _cccc_aaaa_nnnn _bbbb_eeee _cccc_aaaa_llll_llll_eeee_dddd _ffff_rrrr_oooo_mmmm _pppp_aaaa_ssss_ssss_wwww_dddd-like pro- grams to try to prevent users from choosing passwords that crack _wwww_oooo_uuuu_llll_dddd _bbbb_eeee _aaaa_bbbb_llll_eeee _tttt_oooo _gggg_uuuu_eeee_ssss_ssss_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _2222_...._5555_.... _nnnn_pppp_aaaa_ssss_ssss_wwww_dddd_...._tttt_aaaa_rrrr The npasswd _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _CCCC_llll_yyyy_dddd_eeee _HHHH_oooo_oooo_vvvv_eeee_rrrr_.... _AAAA _pppp_llll_uuuu_gggg_---- _cccc_oooo_mmmm_pppp_aaaa_tttt_iiii_bbbb_llll_eeee _rrrr_eeee_pppp_llll_aaaa_cccc_eeee_mmmm_eeee_nnnn_tttt _ffff_oooo_rrrr _pppp_aaaa_ssss_ssss_wwww_dddd that refuses to accept ``bad'' passwords. Includes support for System V Release 3 password aging and Sun's Network Informa- tion Service (NIS) (Yellow Pages). Version 1.2.4. _oooo_bbbb_vvvv_iiii_oooo_uuuu_ssss_...._tttt_aaaa_rrrr The obvious-pw _ffff_uuuu_nnnn_cccc_tttt_iiii_oooo_nnnn _bbbb_yyyy _JJJJ_oooo_hhhh_nnnn _NNNN_aaaa_gggg_llll_eeee_.... _TTTT_hhhh_iiii_ssss _ffff_uuuu_nnnn_cccc_tttt_iiii_oooo_nnnn _dddd_eeee_pppp_eeee_nnnn_dddd_ssss _uuuu_pppp_oooo_nnnn _aaaa _ssss_uuuu_bbbb_tttt_llll_eeee _pppp_rrrr_oooo_pppp_eeee_rrrr_tttt_yyyy _oooo_ffff _EEEE_nnnn_gggg_llll_iiii_ssss_hhhh_.... _LLLL_eeee_ssss_ssss _tttt_hhhh_aaaa_nnnn _oooo_nnnn_eeee_----_tttt_hhhh_iiii_rrrr_dddd _oooo_ffff _tttt_hhhh_eeee _pppp_oooo_ssss_ssss_iiii_bbbb_llll_eeee _````_````_tttt_rrrr_iiii_pppp_llll_eeee_ssss_,,,,_''''_'''' _ssss_eeee_qqqq_uuuu_eeee_nnnn_cccc_eeee_ssss _oooo_ffff _tttt_hhhh_rrrr_eeee_eeee _llll_eeee_tttt_tttt_eeee_rrrr_ssss_,,,, _aaaa_rrrr_eeee _uuuu_ssss_eeee_dddd _iiii_nnnn _EEEE_nnnn_gggg_llll_iiii_ssss_hhhh _wwww_oooo_rrrr_dddd_ssss_.... _TTTT_hhhh_iiii_ssss _pppp_rrrr_oooo_---- _pppp_eeee_rrrr_tttt_yyyy _mmmm_aaaa_kkkk_eeee_ssss _iiii_tttt _pppp_oooo_ssss_ssss_iiii_bbbb_llll_eeee _tttt_oooo _dddd_iiii_ssss_tttt_iiii_nnnn_gggg_uuuu_iiii_ssss_hhhh _rrrr_aaaa_nnnn_dddd_oooo_mmmm _llll_eeee_tttt_tttt_eeee_rrrr _ssss_tttt_rrrr_iiii_nnnn_gggg_ssss _ffff_rrrr_oooo_mmmm _ssss_tttt_rrrr_iiii_nnnn_gggg_ssss _tttt_hhhh_aaaa_tttt _llll_oooo_oooo_kkkk _llll_iiii_kkkk_eeee _EEEE_nnnn_gggg_llll_iiii_ssss_hhhh _wwww_oooo_rrrr_dddd_ssss_.... _TTTT_hhhh_eeee _iiii_dddd_eeee_aaaa _iiii_ssss _tttt_oooo _rrrr_eeee_jjjj_eeee_cccc_tttt _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd_ssss _tttt_hhhh_aaaa_tttt _````_````_llll_oooo_oooo_kkkk _llll_iiii_kkkk_eeee_''''_'''' _EEEE_nnnn_gggg_llll_iiii_ssss_hhhh _wwww_oooo_rrrr_dddd_ssss_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _oooo_ffff _1111_0000 _NNNN_oooo_vvvv_eeee_mmmm_bbbb_eeee_rrrr _1111_9999_8888_8888_.... _pppp_wwww_pppp_llll_uuuu_ssss_...._tttt_aaaa_rrrr The passwd+ _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _MMMM_aaaa_tttt_tttt _BBBB_iiii_ssss_hhhh_oooo_pppp_.... _AAAA _pppp_rrrr_oooo_aaaa_cccc_tttt_iiii_vvvv_eeee _pppp_aaaa_ssss_ssss_---- _wwww_oooo_rrrr_dddd _cccc_hhhh_eeee_cccc_kkkk_eeee_rrrr _tttt_hhhh_aaaa_tttt _iiii_ssss _dddd_rrrr_iiii_vvvv_eeee_nnnn _bbbb_yyyy _aaaa _cccc_oooo_nnnn_ffff_iiii_gggg_uuuu_rrrr_aaaa_tttt_iiii_oooo_nnnn _ffff_iiii_llll_eeee _tttt_oooo _dddd_eeee_tttt_eeee_rrrr_mmmm_iiii_nnnn_eeee _wwww_hhhh_aaaa_tttt _tttt_yyyy_pppp_eeee_ssss _oooo_ffff _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd_ssss _aaaa_rrrr_eeee _aaaa_nnnn_dddd _aaaa_rrrr_eeee _nnnn_oooo_tttt _aaaa_llll_llll_oooo_wwww_eeee_dddd_.... _TTTT_hhhh_eeee _cccc_oooo_nnnn_ffff_iiii_gggg_uuuu_rrrr_aaaa_tttt_iiii_oooo_nnnn _ffff_iiii_llll_eeee _aaaa_llll_llll_oooo_wwww_ssss _tttt_hhhh_eeee _uuuu_ssss_eeee _oooo_ffff _rrrr_eeee_gggg_uuuu_llll_aaaa_rrrr _eeee_xxxx_pppp_rrrr_eeee_ssss_ssss_iiii_oooo_nnnn_ssss_,,,, _tttt_hhhh_eeee _cccc_oooo_mmmm_pppp_aaaa_rrrr_iiii_ssss_oooo_nnnn _oooo_ffff _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd_ssss _aaaa_gggg_aaaa_iiii_nnnn_ssss_tttt _tttt_hhhh_eeee _cccc_oooo_nnnn_tttt_eeee_nnnn_tttt_ssss _oooo_ffff _ffff_iiii_llll_eeee_ssss _((((_eeee_...._gggg_...._,,,, _dddd_iiii_cccc_tttt_iiii_oooo_nnnn_aaaa_rrrr_iiii_eeee_ssss_))))_,,,, _aaaa_nnnn_dddd _tttt_hhhh_eeee _cccc_aaaa_llll_llll_iiii_nnnn_gggg _oooo_ffff _eeee_xxxx_tttt_eeee_rrrr_nnnn_aaaa_llll _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm_ssss _tttt_oooo _eeee_xxxx_aaaa_mmmm_iiii_nnnn_eeee _tttt_hhhh_eeee _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _oooo_ffff _1111 _DDDD_eeee_cccc_eeee_mmmm_bbbb_eeee_rrrr _1111_9999_9999_3333_.... _ssss_hhhh_aaaa_dddd_oooo_wwww_...._tttt_aaaa_rrrr The shadow _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _JJJJ_oooo_hhhh_nnnn _FFFF_.... _HHHH_aaaa_uuuu_gggg_hhhh_,,,, _IIII_IIII_.... _AAAA _rrrr_eeee_pppp_llll_aaaa_cccc_eeee_---- _mmmm_eeee_nnnn_tttt _ffff_oooo_rrrr _llll_oooo_gggg_iiii_nnnn and passwd _tttt_hhhh_aaaa_tttt _cccc_aaaa_nnnn _eeee_nnnn_aaaa_bbbb_llll_eeee _aaaa_nnnn_yyyy _ssss_yyyy_ssss_tttt_eeee_mmmm _tttt_oooo _uuuu_ssss_eeee _ssss_hhhh_aaaa_dddd_oooo_wwww _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd _ffff_iiii_llll_eeee_ssss_.... _IIII_nnnn_cccc_llll_uuuu_dddd_eeee_ssss _ssss_uuuu_pppp_pppp_oooo_rrrr_tttt _ffff_oooo_rrrr _ssss_hhhh_aaaa_dddd_oooo_wwww _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd _ffff_iiii_llll_eeee_ssss_,,,, _ssss_hhhh_aaaa_dddd_oooo_wwww _gggg_rrrr_oooo_uuuu_pppp _ffff_iiii_llll_eeee_ssss_,,,, _DDDD_BBBB_MMMM _pppp_aaaa_ssss_ssss_---- _wwww_oooo_rrrr_dddd _ffff_iiii_llll_eeee_ssss_,,,, _dddd_oooo_uuuu_bbbb_llll_eeee _llll_eeee_nnnn_gggg_tttt_hhhh _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd_ssss_,,,, _aaaa_nnnn_dddd _pppp_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd _aaaa_gggg_iiii_nnnn_gggg_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _3333_...._1111_...._4444_.... _1._7._3._7. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_ssss_yyyy_ssss_mmmm_oooo_nnnn The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_ssss_yyyy_ssss_mmmm_oooo_nnnn directory contains programs for monitoring system security. The files in this directory are: _bbbb_iiii_nnnn_aaaa_uuuu_dddd_iiii_tttt_...._tttt_aaaa_rrrr The RIACS Intelligent Auditing and Categorizing Sys- tem, from the Research Institute for Advanced Computer Science. A file system auditing program that compares current contents against previously-generated list- ings, and reports differences. Version 3.1.3. _cccc_oooo_pppp_ssss_...._tttt_aaaa_rrrr The Computer Oracle and Password System (COPS) package from Purdue University. Examines a system for a number of known weaknesses and alerts the system administrator to them; in some cases it can automati- cally correct these problems. Version 1.04. _cccc_pppp_mmmm_...._tttt_aaaa_rrrr The cpm program from Carnegie Mellon University. Checks a system for any network interfaces in July 4, 1994 - 28 - promiscuous mode; this may indicate that an attacker has broken in and started a packet snooping program. Version 1.0. _iiii_ffff_ssss_tttt_aaaa_tttt_uuuu_ssss_...._tttt_aaaa_rrrr The ifstatus _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _DDDD_aaaa_vvvv_eeee _CCCC_uuuu_rrrr_rrrr_yyyy_.... _CCCC_hhhh_eeee_cccc_kkkk_ssss _aaaa _ssss_yyyy_ssss_tttt_eeee_mmmm _ffff_oooo_rrrr _aaaa_nnnn_yyyy _nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk _iiii_nnnn_tttt_eeee_rrrr_ffff_aaaa_cccc_eeee_ssss _iiii_nnnn _pppp_rrrr_oooo_mmmm_iiii_ssss_cccc_uuuu_oooo_uuuu_ssss _mmmm_oooo_dddd_eeee_;;;; _tttt_hhhh_iiii_ssss _mmmm_aaaa_yyyy _iiii_nnnn_dddd_iiii_cccc_aaaa_tttt_eeee _tttt_hhhh_aaaa_tttt _aaaa_nnnn _aaaa_tttt_tttt_aaaa_cccc_kkkk_eeee_rrrr _hhhh_aaaa_ssss _bbbb_rrrr_oooo_kkkk_eeee_nnnn _iiii_nnnn _aaaa_nnnn_dddd _ssss_tttt_aaaa_rrrr_tttt_eeee_dddd _aaaa _pppp_aaaa_cccc_kkkk_eeee_tttt _ssss_nnnn_oooo_oooo_pppp_iiii_nnnn_gggg _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm_.... _DDDD_eeee_ssss_iiii_gggg_nnnn_eeee_dddd _tttt_oooo _bbbb_eeee _rrrr_uuuu_nnnn _oooo_uuuu_tttt _oooo_ffff _cccc_rrrr_oooo_nnnn. _iiii_ssss_ssss_...._tttt_aaaa_rrrr The iss _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _CCCC_hhhh_rrrr_iiii_ssss_tttt_oooo_pppp_hhhh_eeee_rrrr _KKKK_llll_aaaa_uuuu_ssss_.... _AAAA _mmmm_uuuu_llll_tttt_iiii_----_llll_eeee_vvvv_eeee_llll _ssss_eeee_cccc_uuuu_rrrr_iiii_tttt_yyyy _ssss_cccc_aaaa_nnnn_nnnn_eeee_rrrr _tttt_hhhh_aaaa_tttt _cccc_hhhh_eeee_cccc_kkkk_ssss _aaaa _UUUU_NNNN_IIII_XXXX _ssss_yyyy_ssss_tttt_eeee_mmmm _ffff_oooo_rrrr _aaaa _nnnn_uuuu_mmmm_bbbb_eeee_rrrr _oooo_ffff _kkkk_nnnn_oooo_wwww_nnnn _ssss_eeee_cccc_uuuu_rrrr_iiii_tttt_yyyy _hhhh_oooo_llll_eeee_ssss _ssss_uuuu_cccc_hhhh _aaaa_ssss _pppp_rrrr_oooo_bbbb_llll_eeee_mmmm_ssss _wwww_iiii_tttt_hhhh _ssss_eeee_nnnn_dddd_mmmm_aaaa_iiii_llll, improperly configured NFS file sharing, etc. Version 1.21. _ssss_eeee_cccc_uuuu_rrrr_eeee_...._tttt_aaaa_rrrr The programs and scripts from the appendix of _U_N_I_X _S_y_s_t_e_m _S_e_c_u_r_i_t_y by Patrick Wood and Steven Kochan. Version of 25 February 1989. _ssss_wwww_aaaa_tttt_cccc_hhhh_...._tttt_aaaa_rrrr The Swatch _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee _bbbb_yyyy _SSSS_tttt_eeee_pppp_hhhh_eeee_nnnn _HHHH_aaaa_nnnn_ssss_eeee_nnnn _aaaa_nnnn_dddd _TTTT_oooo_dddd_dddd _AAAA_tttt_kkkk_iiii_nnnn_ssss_.... _AAAA _ssss_yyyy_ssss_tttt_eeee_mmmm _ffff_oooo_rrrr _mmmm_oooo_nnnn_iiii_tttt_oooo_rrrr_iiii_nnnn_gggg _eeee_vvvv_eeee_nnnn_tttt_ssss _oooo_nnnn _aaaa _llll_aaaa_rrrr_gggg_eeee _nnnn_uuuu_mmmm_bbbb_eeee_rrrr _oooo_ffff _ssss_yyyy_ssss_tttt_eeee_mmmm_ssss_.... _MMMM_oooo_dddd_iiii_ffff_iiii_eeee_ssss _cccc_eeee_rrrr_tttt_aaaa_iiii_nnnn _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm_ssss _tttt_oooo _eeee_nnnn_hhhh_aaaa_nnnn_cccc_eeee _tttt_hhhh_eeee_iiii_rrrr _llll_oooo_gggg_gggg_iiii_nnnn_gggg _cccc_aaaa_pppp_aaaa_bbbb_iiii_llll_iiii_tttt_iiii_eeee_ssss_,,,, _aaaa_nnnn_dddd _ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee _tttt_oooo _tttt_hhhh_eeee_nnnn _mmmm_oooo_nnnn_iiii_tttt_oooo_rrrr _tttt_hhhh_eeee _ssss_yyyy_ssss_tttt_eeee_mmmm _llll_oooo_gggg_ssss _ffff_oooo_rrrr _````_````_iiii_mmmm_pppp_oooo_rrrr_tttt_aaaa_nnnn_tttt_''''_'''' _mmmm_eeee_ssss_ssss_aaaa_gggg_eeee_ssss_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _2222_...._1111_.... _tttt_aaaa_mmmm_uuuu This subdirectory contains the various TAMU security tools from Texas A&M University. The contents of this directory are: _cccc_hhhh_eeee_cccc_kkkk_...._tttt_xxxx_tttt A shell script for checking the integrity of the distribution. _dddd_rrrr_aaaa_wwww_bbbb_rrrr_iiii_dddd_...._tttt_aaaa_rrrr The drawbridge _bbbb_rrrr_iiii_dddd_gggg_iiii_nnnn_gggg _ffff_iiii_llll_tttt_eeee_rrrr_.... _IIII_tttt _uuuu_ssss_eeee_ssss _aaaa _PPPP_CCCC _wwww_iiii_tttt_hhhh _tttt_wwww_oooo _eeee_tttt_hhhh_eeee_rrrr_nnnn_eeee_tttt _cccc_aaaa_rrrr_dddd_ssss _tttt_oooo _pppp_eeee_rrrr_ffff_oooo_rrrr_mmmm _tttt_hhhh_eeee _ffff_iiii_llll_tttt_eeee_rrrr_iiii_nnnn_gggg_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _1111_...._1111_.... _nnnn_eeee_tttt_llll_oooo_gggg_...._tttt_aaaa_rrrr The netlog _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm_ssss_.... _TTTT_hhhh_eeee_ssss_eeee _cccc_oooo_nnnn_ssss_tttt_iiii_tttt_uuuu_tttt_eeee _aaaa _TTTT_CCCC_PPPP _aaaa_nnnn_dddd _UUUU_DDDD_PPPP _tttt_rrrr_aaaa_ffff_ffff_iiii_cccc _llll_oooo_gggg_gggg_iiii_nnnn_gggg _ssss_yyyy_ssss_tttt_eeee_mmmm_,,,, _uuuu_ssss_aaaa_bbbb_llll_eeee _ffff_oooo_rrrr _llll_oooo_cccc_aaaa_tttt_iiii_nnnn_gggg _ssss_uuuu_ssss_pppp_iiii_cccc_iiii_oooo_uuuu_ssss _nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk _tttt_rrrr_aaaa_ffff_ffff_iiii_cccc_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _1111_...._2222_.... _ssss_pppp_aaaa_rrrr_...._tttt_aaaa_rrrr The spar _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm_,,,, _ffff_oooo_rrrr _ssss_hhhh_oooo_wwww_iiii_nnnn_gggg _pppp_rrrr_oooo_cccc_eeee_ssss_ssss _aaaa_cccc_cccc_oooo_uuuu_nnnn_tttt_iiii_nnnn_gggg _rrrr_eeee_cccc_oooo_rrrr_dddd_ssss_.... _MMMM_uuuu_cccc_hhhh _mmmm_oooo_rrrr_eeee _ffff_llll_eeee_xxxx_iiii_bbbb_llll_eeee _aaaa_nnnn_dddd _pppp_oooo_wwww_eeee_rrrr_ffff_uuuu_llll _tttt_hhhh_aaaa_nnnn _tttt_hhhh_eeee _ssss_tttt_aaaa_nnnn_dddd_aaaa_rrrr_dddd _UUUU_NNNN_IIII_XXXX _uuuu_tttt_iiii_llll_---- _iiii_tttt_iiii_eeee_ssss _ssss_uuuu_cccc_hhhh _aaaa_ssss _llll_aaaa_ssss_tttt_cccc_oooo_mmmm_mmmm. Version 1.2. _ssss_rrrr_aaaa_...._tttt_aaaa_rrrr The sra _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm_,,,, _wwww_hhhh_iiii_cccc_hhhh _pppp_rrrr_oooo_vvvv_iiii_dddd_eeee_ssss _ssss_eeee_cccc_uuuu_rrrr_eeee _RRRR_PPPP_CCCC _aaaa_uuuu_tttt_hhhh_eeee_nnnn_tttt_iiii_cccc_aaaa_tttt_iiii_oooo_nnnn _ffff_oooo_rrrr _FFFF_TTTT_PPPP _aaaa_nnnn_dddd _TTTT_EEEE_LLLL_NNNN_EEEE_TTTT_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _1111_...._3333_.... _tttt_iiii_gggg_eeee_rrrr_...._tttt_aaaa_rrrr The tiger _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee _oooo_ffff _ssss_yyyy_ssss_tttt_eeee_mmmm _mmmm_oooo_nnnn_iiii_tttt_oooo_rrrr_iiii_nnnn_gggg _ssss_cccc_rrrr_iiii_pppp_tttt_ssss_.... _SSSS_iiii_mmmm_iiii_llll_aaaa_rrrr _tttt_oooo _CCCC_OOOO_PPPP_SSSS _iiii_nnnn _wwww_hhhh_aaaa_tttt _tttt_hhhh_eeee_yyyy _dddd_oooo_,,,, _bbbb_uuuu_tttt _ssss_iiii_gggg_nnnn_iiii_ffff_iiii_cccc_aaaa_nnnn_tttt_llll_yyyy _mmmm_oooo_rrrr_eeee _uuuu_pppp _tttt_oooo _dddd_aaaa_tttt_eeee_,,,, July 4, 1994 - 29 - _aaaa_nnnn_dddd _eeee_aaaa_ssss_iiii_eeee_rrrr _tttt_oooo _cccc_oooo_nnnn_ffff_iiii_gggg_uuuu_rrrr_eeee _aaaa_nnnn_dddd _uuuu_ssss_eeee_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _2222_...._2222_...._3333_.... _tttt_iiii_gggg_eeee_rrrr_ssss_iiii_gggg_...._tttt_aaaa_rrrr The digital signature databases for several operating system distributions, for use by the tiger _ffff_iiii_llll_eeee _iiii_nnnn_tttt_eeee_gggg_rrrr_iiii_tttt_yyyy _ssss_cccc_aaaa_nnnn_---- _nnnn_iiii_nnnn_gggg _ssss_cccc_rrrr_iiii_pppp_tttt_ssss_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _oooo_ffff _2222_3333 _DDDD_eeee_cccc_eeee_mmmm_bbbb_eeee_rrrr _1111_9999_9999_3333_.... _tttt_rrrr_iiii_pppp_wwww_iiii_rrrr_eeee_...._tttt_aaaa_rrrr The Tripwire package from Purdue University. Scans file systems and computes digital signatures for the files therein, then can be used later to check those files for any changes. Version 1.1. _wwww_aaaa_tttt_cccc_hhhh_eeee_rrrr_...._tttt_aaaa_rrrr The Watcher _pppp_aaaa_cccc_kkkk_aaaa_gggg_eeee _bbbb_yyyy _KKKK_eeee_nnnn_nnnn_eeee_tttt_hhhh _IIII_nnnn_gggg_hhhh_aaaa_mmmm_.... _AAAA _cccc_oooo_nnnn_ffff_iiii_gggg_uuuu_rrrr_aaaa_bbbb_llll_eeee _aaaa_nnnn_dddd _eeee_xxxx_tttt_eeee_nnnn_ssss_iiii_bbbb_llll_eeee _ssss_yyyy_ssss_tttt_eeee_mmmm _mmmm_oooo_nnnn_iiii_tttt_oooo_rrrr_iiii_nnnn_gggg _tttt_oooo_oooo_llll _tttt_hhhh_aaaa_tttt _iiii_ssss_ssss_uuuu_eeee_ssss _aaaa _nnnn_uuuu_mmmm_bbbb_eeee_rrrr _oooo_ffff _uuuu_ssss_eeee_rrrr_----_ssss_pppp_eeee_cccc_iiii_ffff_iiii_eeee_dddd _cccc_oooo_mmmm_mmmm_aaaa_nnnn_dddd_ssss_,,,, _pppp_aaaa_rrrr_ssss_eeee_ssss _tttt_hhhh_eeee _oooo_uuuu_tttt_pppp_uuuu_tttt_,,,, _cccc_hhhh_eeee_cccc_kkkk_ssss _ffff_oooo_rrrr _iiii_tttt_eeee_mmmm_ssss _oooo_ffff _ssss_iiii_gggg_nnnn_iiii_ffff_iiii_cccc_aaaa_nnnn_cccc_eeee_,,,, _aaaa_nnnn_dddd _rrrr_eeee_pppp_oooo_rrrr_tttt_ssss _tttt_hhhh_eeee_mmmm _tttt_oooo _tttt_hhhh_eeee _ssss_yyyy_ssss_tttt_eeee_mmmm _aaaa_dddd_mmmm_iiii_nnnn_iiii_ssss_tttt_rrrr_aaaa_tttt_oooo_rrrr_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _oooo_ffff _1111_5555 _JJJJ_uuuu_llll_yyyy _1111_9999_9999_1111_.... _1._7._3._8. _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_tttt_oooo_oooo_llll_ssss The _////_ssss_oooo_ffff_tttt_wwww_aaaa_rrrr_eeee_////_uuuu_nnnn_iiii_xxxx_////_tttt_oooo_oooo_llll_ssss directory contains programs that are not specifically designed for computer security uses, but are nevertheless useful to the security practitioner. The files in this directory are: _dddd_iiii_gggg_...._tttt_aaaa_rrrr The dig _uuuu_tttt_iiii_llll_iiii_tttt_yyyy _bbbb_yyyy _SSSS_tttt_eeee_vvvv_eeee _HHHH_oooo_tttt_zzzz _aaaa_nnnn_dddd _PPPP_aaaa_uuuu_llll _MMMM_oooo_cccc_kkkk_aaaa_pppp_eeee_tttt_rrrr_iiii_ssss_.... _TTTT_hhhh_iiii_ssss _iiii_ssss _aaaa _cccc_oooo_mmmm_mmmm_aaaa_nnnn_dddd_----_llll_iiii_nnnn_eeee _tttt_oooo_oooo_llll _ffff_oooo_rrrr _qqqq_uuuu_eeee_rrrr_yyyy_iiii_nnnn_gggg _DDDD_oooo_mmmm_aaaa_iiii_nnnn _NNNN_aaaa_mmmm_eeee _SSSS_yyyy_ssss_tttt_eeee_mmmm _ssss_eeee_rrrr_vvvv_eeee_rrrr_ssss_.... _IIII_tttt _iiii_ssss _mmmm_uuuu_cccc_hhhh _eeee_aaaa_ssss_iiii_eeee_rrrr _tttt_oooo _uuuu_ssss_eeee _tttt_hhhh_aaaa_nnnn _nnnn_ssss_llll_oooo_oooo_kkkk_uuuu_pppp, and is well-suited for use within shell scripts. Version 2.0. _ffff_rrrr_eeee_mmmm_oooo_nnnn_tttt_...._tttt_aaaa_rrrr The fremont _uuuu_tttt_iiii_llll_iiii_tttt_yyyy _ffff_rrrr_oooo_mmmm _tttt_hhhh_eeee _UUUU_nnnn_iiii_vvvv_eeee_rrrr_ssss_iiii_tttt_yyyy _oooo_ffff _CCCC_oooo_llll_oooo_rrrr_aaaa_dddd_oooo_.... _AAAA _rrrr_eeee_ssss_eeee_aaaa_rrrr_cccc_hhhh _pppp_rrrr_oooo_tttt_oooo_tttt_yyyy_pppp_eeee _ffff_oooo_rrrr _dddd_iiii_ssss_cccc_oooo_vvvv_eeee_rrrr_iiii_nnnn_gggg _kkkk_eeee_yyyy _nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk _cccc_hhhh_aaaa_rrrr_aaaa_cccc_tttt_eeee_rrrr_iiii_ssss_tttt_iiii_cccc_ssss _ssss_uuuu_cccc_hhhh _aaaa_ssss _hhhh_oooo_ssss_tttt_ssss_,,,, _gggg_aaaa_tttt_eeee_wwww_aaaa_yyyy_ssss_,,,, _aaaa_nnnn_dddd _tttt_oooo_pppp_oooo_llll_oooo_gggg_yyyy_.... _SSSS_tttt_oooo_rrrr_eeee_ssss _tttt_hhhh_iiii_ssss _iiii_nnnn_ffff_oooo_rrrr_mmmm_aaaa_tttt_iiii_oooo_nnnn _iiii_nnnn _aaaa _dddd_aaaa_tttt_aaaa_bbbb_aaaa_ssss_eeee_,,,, _aaaa_nnnn_dddd _cccc_aaaa_nnnn _tttt_hhhh_eeee_nnnn _nnnn_oooo_tttt_iiii_ffff_yyyy _tttt_hhhh_eeee _aaaa_dddd_mmmm_iiii_nnnn_iiii_ssss_tttt_rrrr_aaaa_tttt_oooo_rrrr _oooo_ffff _aaaa_nnnn_oooo_mmmm_aaaa_llll_iiii_eeee_ssss _dddd_eeee_tttt_eeee_cccc_tttt_eeee_dddd_.... _VVVV_eeee_rrrr_---- _ssss_iiii_oooo_nnnn _1111_...._0000_2222_.... _gggg_aaaa_tttt_eeee_dddd_...._tttt_aaaa_rrrr The gated _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _ffff_rrrr_oooo_mmmm _CCCC_oooo_rrrr_nnnn_eeee_llll_llll _UUUU_nnnn_iiii_vvvv_eeee_rrrr_ssss_iiii_tttt_yyyy_.... _AAAA _nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk _rrrr_oooo_uuuu_tttt_iiii_nnnn_gggg _dddd_aaaa_eeee_mmmm_oooo_nnnn _tttt_hhhh_aaaa_tttt _uuuu_nnnn_dddd_eeee_rrrr_ssss_tttt_aaaa_nnnn_dddd_ssss _tttt_hhhh_eeee _BBBB_GGGG_PPPP_,,,, _EEEE_GGGG_PPPP_,,,, _RRRR_IIII_PPPP_,,,, _RRRR_IIII_PPPP _IIII_IIII_,,,, _OOOO_SSSS_PPPP_FFFF_,,,, _aaaa_nnnn_dddd _HHHH_EEEE_LLLL_LLLL_OOOO _pppp_rrrr_oooo_tttt_oooo_cccc_oooo_llll_ssss_.... _TTTT_hhhh_eeee _pppp_rrrr_iiii_mmmm_aaaa_rrrr_yyyy _aaaa_dddd_vvvv_aaaa_nnnn_tttt_aaaa_gggg_eeee _tttt_oooo _gggg_aaaa_tttt_eeee_dddd is that it is much more configurable than the routed _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _tttt_hhhh_aaaa_tttt _cccc_oooo_mmmm_eeee_ssss _wwww_iiii_tttt_hhhh _mmmm_oooo_ssss_tttt _UUUU_NNNN_IIII_XXXX _ssss_yyyy_ssss_tttt_eeee_mmmm_ssss_;;;; _tttt_hhhh_iiii_ssss _cccc_aaaa_nnnn _bbbb_eeee _uuuu_ssss_eeee_ffff_uuuu_llll _wwww_hhhh_eeee_nnnn _cccc_oooo_nnnn_ssss_tttt_rrrr_uuuu_cccc_tttt_iiii_nnnn_gggg _ffff_iiii_rrrr_eeee_wwww_aaaa_llll_llll_ssss _oooo_rrrr _oooo_tttt_hhhh_eeee_rrrr_wwww_iiii_ssss_eeee _tttt_rrrr_yyyy_iiii_nnnn_gggg _tttt_oooo _llll_iiii_mmmm_iiii_tttt _tttt_hhhh_eeee _aaaa_dddd_vvvv_eeee_rrrr_tttt_iiii_ssss_eeee_mmmm_eeee_nnnn_tttt _oooo_rrrr _aaaa_cccc_cccc_eeee_pppp_tttt_aaaa_nnnn_cccc_eeee _oooo_ffff _rrrr_oooo_uuuu_tttt_iiii_nnnn_gggg _iiii_nnnn_ffff_oooo_rrrr_mmmm_aaaa_tttt_iiii_oooo_nnnn_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _3333_...._0000_...._3333_.... _hhhh_oooo_ssss_tttt_...._tttt_aaaa_rrrr The host _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _EEEE_rrrr_iiii_cccc _WWWW_aaaa_ssss_ssss_eeee_nnnn_aaaa_aaaa_rrrr_.... _AAAA _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _ffff_oooo_rrrr _oooo_bbbb_tttt_aaaa_iiii_nnnn_iiii_nnnn_gggg _iiii_nnnn_ffff_oooo_rrrr_mmmm_aaaa_tttt_iiii_oooo_nnnn _ffff_rrrr_oooo_mmmm _tttt_hhhh_eeee _DDDD_oooo_mmmm_aaaa_iiii_nnnn _NNNN_aaaa_mmmm_eeee _SSSS_yyyy_ssss_tttt_eeee_mmmm_.... _MMMM_uuuu_cccc_hhhh _mmmm_oooo_rrrr_eeee _ffff_llll_eeee_xxxx_iiii_bbbb_llll_eeee _tttt_hhhh_aaaa_nnnn _nnnn_ssss_llll_oooo_oooo_kkkk_uuuu_pppp, and well-suited for use in shell scripts. Version of 23 June 1994. _llll_ssss_oooo_ffff_...._tttt_aaaa_rrrr The lsof _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _VVVV_iiii_cccc _AAAA_bbbb_eeee_llll_llll_.... _AAAA _dddd_eeee_ssss_cccc_eeee_nnnn_dddd_aaaa_nnnn_tttt _oooo_ffff _oooo_ffff_iiii_llll_eeee_ssss July 4, 1994 - 30 - and fstat, lsof is used to list all open files (and network connections, pipes, streams, etc.) on a sys- tem. Can find out which processes have a given file open, which files a specific process has open, and so forth. Useful for tracing network connections to the processes using them, as well. Version 3.02. _nnnn_ffff_ssss_wwww_aaaa_tttt_cccc_hhhh_...._tttt_aaaa_rrrr The nfswatch _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _DDDD_aaaa_vvvv_eeee _CCCC_uuuu_rrrr_rrrr_yyyy _aaaa_nnnn_dddd _JJJJ_eeee_ffff_ffff _MMMM_oooo_gggg_uuuu_llll_.... _MMMM_oooo_nnnn_iiii_tttt_oooo_rrrr_ssss _tttt_hhhh_eeee _llll_oooo_cccc_aaaa_llll _nnnn_eeee_tttt_wwww_oooo_rrrr_kkkk _ffff_oooo_rrrr _NNNN_FFFF_SSSS _pppp_aaaa_cccc_kkkk_eeee_tttt_ssss_,,,, _aaaa_nnnn_dddd _dddd_eeee_cccc_oooo_dddd_eeee_ssss _tttt_hhhh_eeee_mmmm _bbbb_yyyy _cccc_llll_iiii_eeee_nnnn_tttt _aaaa_nnnn_dddd _ssss_eeee_rrrr_vvvv_eeee_rrrr _nnnn_aaaa_mmmm_eeee_,,,, _pppp_rrrr_oooo_cccc_eeee_dddd_uuuu_rrrr_eeee _nnnn_aaaa_mmmm_eeee_,,,, _aaaa_nnnn_dddd _ssss_oooo _ffff_oooo_rrrr_tttt_hhhh_.... _CCCC_aaaa_nnnn _bbbb_eeee _uuuu_ssss_eeee_dddd _tttt_oooo _dddd_eeee_tttt_eeee_rrrr_mmmm_iiii_nnnn_eeee _hhhh_oooo_wwww _mmmm_uuuu_cccc_hhhh _tttt_rrrr_aaaa_ffff_ffff_iiii_cccc _eeee_aaaa_cccc_hhhh _cccc_llll_iiii_eeee_nnnn_tttt _iiii_ssss _ssss_eeee_nnnn_dddd_iiii_nnnn_gggg _tttt_oooo _aaaa _ssss_eeee_rrrr_vvvv_eeee_rrrr_,,,, _wwww_hhhh_aaaa_tttt _uuuu_ssss_eeee_rrrr_ssss _aaaa_rrrr_eeee _aaaa_cccc_cccc_eeee_ssss_ssss_iiii_nnnn_gggg _tttt_hhhh_eeee _ssss_eeee_rrrr_vvvv_eeee_rrrr_,,,, _aaaa_nnnn_dddd _ssss_eeee_vvvv_eeee_rrrr_aaaa_llll _oooo_tttt_hhhh_eeee_rrrr _mmmm_oooo_dddd_eeee_ssss_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _4444_...._1111_.... _rrrr_dddd_iiii_ssss_tttt_...._tttt_aaaa_rrrr The rdist _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _ffff_rrrr_oooo_mmmm _tttt_hhhh_eeee _UUUU_nnnn_iiii_vvvv_eeee_rrrr_ssss_iiii_tttt_yyyy _oooo_ffff _SSSS_oooo_uuuu_tttt_hhhh_eeee_rrrr_nnnn _CCCC_aaaa_llll_---- _iiii_ffff_oooo_rrrr_nnnn_iiii_aaaa_.... _TTTT_hhhh_iiii_ssss _iiii_ssss _aaaa _rrrr_eeee_pppp_llll_aaaa_cccc_eeee_mmmm_eeee_nnnn_tttt _ffff_oooo_rrrr _tttt_hhhh_eeee _rrrr_dddd_iiii_ssss_tttt software distribution utility that originated in Berkeley UNIX and is now shipped with most vendors' releases. In addition to a number of wonderful new features and improvements, this version has had all known rdist _ssss_eeee_cccc_uuuu_rrrr_iiii_tttt_yyyy _hhhh_oooo_llll_eeee_ssss _ffff_iiii_xxxx_eeee_dddd_.... _TTTT_hhhh_iiii_ssss _vvvv_eeee_rrrr_ssss_iiii_oooo_nnnn _dddd_oooo_eeee_ssss _nnnn_oooo_tttt _nnnn_eeee_eeee_dddd _tttt_oooo _rrrr_uuuu_nnnn _ssss_eeee_tttt_----_uuuu_ssss_eeee_rrrr_----_iiii_dddd _````_````_rrrr_oooo_oooo_tttt_,,,,_''''_'''' _uuuu_nnnn_llll_iiii_kkkk_eeee _tttt_hhhh_eeee _ssss_tttt_aaaa_nnnn_dddd_aaaa_rrrr_dddd _vvvv_eeee_rrrr_ssss_iiii_oooo_nnnn_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _6666_...._1111_...._0000_.... _ssss_eeee_nnnn_dddd_mmmm_aaaa_iiii_llll The sendmail _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _EEEE_rrrr_iiii_cccc _AAAA_llll_llll_mmmm_aaaa_nnnn_.... _TTTT_hhhh_iiii_ssss _ssss_uuuu_bbbb_dddd_iiii_rrrr_eeee_cccc_---- _tttt_oooo_rrrr_yyyy _cccc_oooo_nnnn_tttt_aaaa_iiii_nnnn_ssss _tttt_hhhh_eeee _ssss_eeee_nnnn_dddd_mmmm_aaaa_iiii_llll source code, the documenta- tion, and the sample configuration files. This ver- sion is a successor to the version described in the _s_e_n_d_m_a_i_l book from O'Reilly and Associates, and is much newer than the versions shipped by most UNIX ven- dors. In addition to a number of improvements and bug fixes, this version has all known sendmail _s_e_c_u_r_i_t_y _h_o_l_e_s _f_i_x_e_d. _I_t _i_s _l_i_k_e_l_y _t_h_a_t _t_h_i_s _v_e_r_s_i_o_n _o_f _s_e_n_d_m_a_i_l is more secure than the versions shipped by any UNIX vendor. Version 8.6.9. _tttt_cccc_pppp_dddd_uuuu_mmmm_pppp_...._tttt_aaaa_rrrr The tcpdump _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _VVVV_aaaa_nnnn _JJJJ_aaaa_cccc_oooo_bbbb_ssss_oooo_nnnn_.... _TTTT_hhhh_iiii_ssss _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _iiii_ssss _ssss_iiii_mmmm_iiii_llll_aaaa_rrrr _tttt_oooo _SSSS_uuuu_nnnn_''''_ssss _eeee_tttt_hhhh_eeee_rrrr_ffff_iiii_nnnn_dddd, but somewhat more powerful and slightly easier to use. It captures packets from an Ethernet in promiscuous mode, and displays their contents. Numerous options exist to filter the output down to only those packets of interest. This version runs on a number of different UNIX platforms. Version 3.0. _tttt_rrrr_aaaa_cccc_eeee_rrrr_tttt_...._tttt_aaaa_rrrr The traceroute _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _bbbb_yyyy _VVVV_aaaa_nnnn _JJJJ_aaaa_cccc_oooo_bbbb_ssss_oooo_nnnn_.... _AAAA _uuuu_tttt_iiii_llll_iiii_tttt_yyyy _tttt_oooo _tttt_rrrr_aaaa_cccc_eeee _tttt_hhhh_eeee _rrrr_oooo_uuuu_tttt_eeee _IIII_PPPP _pppp_aaaa_cccc_kkkk_eeee_tttt_ssss _ffff_rrrr_oooo_mmmm _tttt_hhhh_eeee _cccc_uuuu_rrrr_rrrr_eeee_nnnn_tttt _ssss_yyyy_ssss_tttt_eeee_mmmm _tttt_aaaa_kkkk_eeee _iiii_nnnn _gggg_eeee_tttt_tttt_iiii_nnnn_gggg _tttt_oooo _ssss_oooo_mmmm_eeee _dddd_eeee_ssss_tttt_iiii_nnnn_aaaa_tttt_iiii_oooo_nnnn _ssss_yyyy_ssss_tttt_eeee_mmmm_.... _VVVV_eeee_rrrr_ssss_iiii_oooo_nnnn _oooo_ffff _2222_8888 _FFFF_eeee_bbbb_rrrr_uuuu_aaaa_rrrr_yyyy _1111_9999_8888_9999_.... _wwww_uuuu_ffff_tttt_pppp_dddd_...._tttt_aaaa_rrrr The ftpd _pppp_rrrr_oooo_gggg_rrrr_aaaa_mmmm _ffff_rrrr_oooo_mmmm _WWWW_aaaa_ssss_hhhh_iiii_nnnn_gggg_tttt_oooo_nnnn _UUUU_nnnn_iiii_vvvv_eeee_rrrr_ssss_iiii_tttt_yyyy_.... _TTTT_hhhh_iiii_ssss _vvvv_eeee_rrrr_ssss_iiii_oooo_nnnn _iiii_ssss _dddd_eeee_ssss_iiii_gggg_nnnn_eeee_dddd _ffff_oooo_rrrr _uuuu_ssss_eeee _bbbb_yyyy _llll_aaaa_rrrr_gggg_eeee _FFFF_TTTT_PPPP _ssss_iiii_tttt_eeee_ssss_,,,, _aaaa_nnnn_dddd _pppp_rrrr_oooo_vvvv_iiii_dddd_eeee_ssss _aaaa _nnnn_uuuu_mmmm_bbbb_eeee_rrrr _oooo_ffff _ffff_eeee_aaaa_tttt_uuuu_rrrr_eeee_ssss _nnnn_oooo_tttt _ffff_oooo_uuuu_nnnn_dddd _iiii_nnnn _vvvv_eeee_nnnn_dddd_oooo_rrrr July 4, 1994 - 31 - _vvvv_eeee_rrrr_ssss_iiii_oooo_nnnn_ssss_,,,, _iiii_nnnn_cccc_llll_uuuu_dddd_iiii_nnnn_gggg _iiii_nnnn_cccc_rrrr_eeee_aaaa_ssss_eeee_dddd _ssss_eeee_cccc_uuuu_rrrr_iiii_tttt_yyyy_.... _TTTT_hhhh_iiii_ssss _iiii_ssss _tttt_hhhh_eeee _ffff_tttt_pppp_dddd used by most major FTP sites, including _w_u_a_r_c_h_i_v_e._w_u_s_t_l._e_d_u, _f_t_p._u_u._n_e_t, and _o_a_k._o_a_k_l_a_n_d._e_d_u. _N_O_T_E: Releases of wu-ftpd _p_r_i_o_r _t_o _v_e_r_s_i_o_n _2._4 _h_a_v_e _a _s_e_r_i_o_u_s _s_e_c_u_r_i_t_y _h_o_l_e _i_n _t_h_e_m, _a_n_d _s_h_o_u_l_d _b_e _r_e_p_l_a_c_e_d _a_s _s_o_o_n _a_s _p_o_s_s_i_b_l_e _w_i_t_h _t_h_e _l_a_t_e_s_t _v_e_r_s_i_o_n. _V_e_r_s_i_o_n _2._4. _1._8. _////_tttt_eeee_aaaa_mmmm_iiii_nnnn_ffff_oooo The _////_tttt_eeee_aaaa_mmmm_iiii_nnnn_ffff_oooo directory contains information about and provided by the FIRST member teams. Includes advisories, articles, etc. The subdirec- tories of this directory are: _aaaa_ssss_ssss_iiii_ssss_tttt The United States Department of Defense Automated Sys- tems Security Incident Response Team (ASSIST). _cccc_eeee_rrrr_tttt The DARPA Computer Emergency Response Team/Coordination Center (CERT/CC). _cccc_eeee_rrrr_tttt______iiii_tttt The Italian Computer Emergency Response Team at the University of Milan. (CERT-IT). _cccc_eeee_rrrr_tttt______nnnn_llll The Netherlands (SURFnet) Computer Emergency Response Team (CERT-NL). _cccc_iiii_aaaa_cccc The United States Department of Energy Computer Incident Advisory Capability. (CIAC). _dddd_dddd_nnnn_ssss_cccc_cccc The United States Defense Information Systems Agency (DISA) Defense Data Network Security Coordination Center. (DDN SCC). _dddd_ffff_nnnn______cccc_eeee_rrrr_tttt The German Research Network Computer Emergency Response Team. (DFN-CERT). _ffff_iiii_rrrr_ssss_tttt The Forum of Incident Response and Security Teams (FIRST). _nnnn_aaaa_ssss_iiii_rrrr_cccc The NASA Automated Systems Incident Response Capabil- ity (NASIRC). _nnnn_iiii_ssss_tttt The United States National Institute of Standards and Technology Computer Security Resource Center (NIST CSRC). July 4, 1994