|
Zardoz (computer Security)
In computer security, the Zardoz list, more formally known as the Security-Digest list, was a famous semi-private full disclosure mailing list run by Neil Gorsuch from 1989 through 1991. It identified weaknesses in systems and gave directions on where to find them. Zardoz is most notable for its status as a perennial target for computer hackers, who sought archives of the list for information on undisclosed software vulnerabilities. Membership restrictions Access to Zardoz was approved on a case-by-case basis by Gorsuch, principally by reference to the user account used to send subscription requests; requests were approved for root users, valid UUCP owners, or system administrators listed at the NIC. The openness of the list to users other than Unix system administrators was a regular topic of conversation, with participants expressing concern that vulnerabilities or exploitation details disclosed on the list were liable to spread to hackers. On the other hand, the circulation of ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Full Disclosure (computer Security)
In the field of computer security, independent researchers often discover flaws in software that can be abused to cause unintended behaviour; these flaws are called vulnerabilities. The process by which the analysis of these vulnerabilities is shared with third parties is the subject of much debate, and is referred to as the researcher's ''disclosure policy''. Full disclosure is the practice of publishing analysis of software vulnerabilities as early as possible, making the data accessible to everyone without restriction. The primary purpose of widely disseminating information about vulnerabilities is so that potential victims are as knowledgeable as those who attack them. In his 2007 essay on the topic, Bruce Schneier stated "Full disclosure – the practice of making the details of security vulnerabilities public – is a damned good idea. Public scrutiny is the only reliable way to improve security, while secrecy only makes us less secure". Leonard Rose, co-creator of an elec ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OpenVMS
OpenVMS, often referred to as just VMS, is a multi-user, multiprocessing and virtual memory-based operating system. It is designed to support time-sharing, batch processing, transaction processing and workstation applications. Customers using OpenVMS include banks and financial services, hospitals and healthcare, telecommunications operators, network information services, and industrial manufacturers. During the 1990s and 2000s, there were approximately half a million VMS systems in operation worldwide. It was first announced by Digital Equipment Corporation (DEC) as VAX/VMS (''Virtual Address eXtension/Virtual Memory System'') alongside the VAX-11/780 minicomputer in 1977. OpenVMS has subsequently been ported to run on DEC Alpha systems, the Itanium-based HPE Integrity Servers, and select x86-64 hardware and hypervisors. Since 2014, OpenVMS is developed and supported by VMS Software Inc. (VSI). OpenVMS offers high availability through computer cluster, clustering — the ability ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Crack (password Software)
Crack is a Unix password cracking program designed to allow system administrators to locate users who may have weak passwords vulnerable to a dictionary attack. Crack was the first standalone password cracker for Unix systems and the first to introduce programmable dictionary generation as well. Crack began in 1990 when Alec Muffett, a Unix system administrator at the University of Wales Aberystwyth, was trying to improve Dan Farmer's 'pwc' cracker in COPS. Muffett found that by re-engineering the memory management, he got a noticeable performance increase. This led to a total rewrite which became "Crack v2.0" and further development to improve usability. Public Releases The first public release of Crack was version 2.7a, which was posted to the Usenet newsgroups alt.sources and alt.security on 15 July 1991. Crack v3.2a+fcrypt, posted to comp.sources.misc on 23 August 1991, introduced an optimised version of the Unix crypt() function but was still only really a faster versi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Alec Muffett
Alec David Edward Muffett (born April 22, 1968) is an Anglo-American internet security evangelist, architect, and software engineer. His work includes Crack, the original Unix password cracker, and for the CrackLib password-integrity testing library.; He is active in the open-source software community. Career Muffett joined Sun Microsystems in 1992, working initially as a systems administrator. He rose through the ranks to become the principal engineer for security, a position which he held until he was retrenched, with many others, in 2009 (shortly before Oracle acquired Sun). While at Sun he was one of the researchers who worked on the factorization of the 512 bit RSA Challenge Number; RSA-155 was successfully factorized in August 1999.RSA-155 is factored! , rsa.com; accessed March 23, 2017. Muffett also worked on the Sun ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Brendan Kehoe
Brendan Patrick Kehoe (3 December 1970 – 19 July 2011) was an Irish software developer and author. Born in Dublin, Kehoe was raised in China, Maine, in the United States. In his early teens, he was first exposed to computing when he was given a Commodore 64 computer, which he used to teach himself about computing and computer networks. On leaving high-school, he moved to Widener University where he continued his computer studies, leaving in 1992. Career Kehoe wrote two books and a number of technology articles in the specialist press (e.g., '' Boardwatch Magazine'') on the topic of the Internet. His first book, ''Zen and the Art of the Internet: A Beginner's Guide'', first published by Prentice Hall in July 1992, was the first mass-published user's guide to the Internet. ''Zen'' was written while Kehoe was still at Widener; he struck a bargain with the publishers to ensure that the original edition of the book would remain free-of-charge in the internet for everyone to acce ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Unix
Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, and others. Initially intended for use inside the Bell System, AT&T licensed Unix to outside parties in the late 1970s, leading to a variety of both academic and commercial Unix variants from vendors including University of California, Berkeley ( BSD), Microsoft ( Xenix), Sun Microsystems (SunOS/ Solaris), HP/ HPE (HP-UX), and IBM ( AIX). In the early 1990s, AT&T sold its rights in Unix to Novell, which then sold the UNIX trademark to The Open Group, an industry consortium founded in 1996. The Open Group allows the use of the mark for certified operating systems that comply with the Single UNIX Specification (SUS). Unix systems are characterized by a modular design that is sometimes called the " Unix philosophy". According to this p ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Henry Spencer
Henry Spencer (born 1955) is a Canadian computer programmer and space enthusiast. He wrote "regex", a widely used software library for regular expressions, and co-wrote C News, a Usenet server program. He also wrote ''The Ten Commandments for C Programmers''. He is coauthor, with David Lawrence, of the book ''Managing Usenet''. While working at the University of Toronto he ran the first active Usenet site outside the U.S., starting in 1981. His records from that period were eventually acquired by Google to provide an archive of Usenet in the 1980s. The first international Usenet site was run in Ottawa, in 1981; however, it is generally not remembered, as it served merely as a read-only medium. Later in 1981, Spencer acquired a Usenet feed from Duke University, and brought "utzoo" online; the earliest public archives of Usenet date from May 1981 as a result. The small size of Usenet in its youthful days, and Spencer's early involvement, made him a well-recognised participant; t ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Shell Scripts
A shell script is a computer program designed to be run by a Unix shell, a command-line interpreter. The various dialects of shell scripts are considered to be scripting languages. Typical operations performed by shell scripts include file manipulation, program execution, and printing text. A script which sets up the environment, runs the program, and does any necessary cleanup or logging, is called a wrapper. The term is also used more generally to mean the automated mode of running an operating system shell; each operating system uses a particular name for these functions including batch files (MSDos-Win95 stream, OS/2), command procedures (VMS), and shell scripts (Windows NT stream and third-party derivatives like 4NT—article is at cmd.exe), and mainframe operating systems are associated with a number of terms. Shells commonly present in Unix and Unix-like systems include the Korn shell, the Bourne shell, and GNU Bash. While a Unix operating system may have a different d ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
SUID
The Unix access rights flags setuid and setgid (short for ''set user identity'' and ''set group identity'') allow users to run an executable with the file system permissions of the executable's owner or group respectively and to change behaviour in directories. They are often used to allow users on a computer system to run programs with temporarily elevated privileges in order to perform a specific task. While the assumed user id or group id privileges provided are not always elevated, at a minimum they are specific. The flags setuid and setgid are needed for tasks that require different privileges than what the user is normally granted, such as the ability to alter system files or databases to change their login password. Some of the tasks that require additional privileges may not immediately be obvious, though, such as the ping command, which must send and listen for control packets on a network interface. File modes The setuid and setgid bits are normally represented as th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Ultrix
Ultrix (officially all-caps ULTRIX) is the brand name of Digital Equipment Corporation's (DEC) discontinued native Unix operating systems for the PDP-11, VAX, MicroVAX and DECstations. History The initial development of Unix occurred on DEC equipment, notably DEC PDP-7 and PDP-11 (Programmable Data Processor) systems. Later DEC computers, such as their VAX, also offered Unix. The first port to VAX, UNIX/32V, was finished in 1978, not long after the October 1977 announcement of the VAX, for which – at that time – DEC only supplied its own proprietary operating system, VMS. DEC's Unix Engineering Group (UEG) was started by Bill Munson with Jerry Brenner and Fred Canter, both from DEC's Customer Service Engineering group, Bill Shannon (from Case Western Reserve University), and Armando Stettner (from Bell Labs). Other later members of UEG included Joel Magid, Bill Doll, and Jim Barclay recruited from DEC's marketing and product management groups. Under Canter's direction, U ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Gene Spafford
Eugene Howard Spafford (born 1956), known as Spaf, is an American professor of computer science at Purdue University and a computer security expert. Spafford serves as an advisor to U.S. government agencies and corporations. In 1998, he founded and was the first director of the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University. Biography Education and early career Spafford attended the State University of New York at Brockport, graduating with a double major in mathematics and computer science in three years. He then attended the School of Information and Computer Sciences (now the College of Computing) at the Georgia Institute of Technology. He received his Master of Science (M.S.) in 1981, and Doctor of Philosophy (Ph.D.) in 1986, for his design and implementation of the kernel of the original ''Clouds'' distributed operating system. During the formative years of the Internet, Spafford made significant contributions to estab ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
