• Choose a category
• All
• Classic-Fiction

By Root 979 0

operating system, by a network, and unless traffic on that network is secure, your data is not safe. Wireless networks are particularly vulnerable, and software that can silently eavesdrop, and exploit weaknesses of some current wireless encryption protocols to decipher encrypted traffic, is readily available. Remote access to your electronic mail, and interactive messaging systems, are also likely to be insecure. If you are still using telnet or nonanonymous ftp to connect to your computer(s), you should immediately switch to a secure shell replacement.[26] The old-style communications software passes all data, including usernames and passwords, in clear text; a network attacker can easily recover such data. Secure-shell software uses strong public-key cryptography to accomplish a secure exchange of a randomly generated lengthy encryption key for use with any of several simpler and faster encryption algorithms. No user data is transmitted until the encrypted channel is established, and the standard encryption methods are well studied and believed to be quite secure; an attacker sees an apparently random stream of bytes in your packets, although source and destination address are still visible, and can be used for traffic analysis. Secure shell also creates a secure channel for X Window System data, protecting input keystrokes and window output from attackers. Of course, this won't help if the attacker sits between you and your computer: Internet cafes, keyboard sniffers, wireless networks, and thin clients can all open up avenues of attack that even the secure shell cannot protect against. Even the varying reflection of a monitor against a wall has been demonstrated to permit the screen image to be read by an attacker 80 meters away.[27]

* * *

[26] See, for example, http://www.columbia.edu/kermit/, http://www.ssh.com/, and http://www.openssh.org/. For an in-depth treatment of this important software SSH, The Secure Shell: The Definitive Guide (O'Reilly).

[27] Markus Kuhn, Optical Time-Domain Eavesdropping Risks of CRT Displays, Proceedings: 2002 IEEE Symposium on Security and Privacy, 12-15 May, 2002, Berkeley, California, IEEE Computer Society Press, 2002, pp. 3-18, ISBN 0-7695-1543-6. Also available at http://www.cl.cam.ac.uk/~mgk25/ieee02-optical.pdf.

Unix File Extension Conventions

Some other operating systems have filenames of the form of a base name, a dot, and a one- to three-character file type or file extension. These extensions serve an important purpose: they indicate that the file contents belong to a particular class of data. For example, an extension pas could mean that the file contains Pascal source code, and exe would identify a binary executable program.

There is no guarantee that file contents are reflected in their file extensions, but most users find them a useful custom, and follow convention.

Unix too has a substantial number of common file extensions, but Unix filenames are not forced to have at most one dot. Sometimes, the extensions are merely conventional (e.g., for most scripting languages). However, compilers generally require particular extensions, and use the base name (after stripping the extension) to form the names of other related files. Some of the more common extensions are shown in Table B-1.

Table B-1. Common Unix file extensions

Extension

Contents

1

Digit one. Manual page for section 1 (user commands)

a

Library archive file

awk

awk language source file

bz2

File compressed by bzip2

c

C language source file

cc C cpp cxx

C++ language source file

eps ps

PostScript page-description language source file

f

Fortran 77 language source file

gz

File compressed by gzip

f90

Fortran 90/95/200x language source file

h

C language header file

html htm

HyperText Markup Language file

o

Object file (from most compiled programming languages)

pdf

Portable Document Format file

s

Assembly language source file (e.g., output by compilers in response to the symbolic