From owner-man-jp-reviewer@jp.freebsd.org  Thu Feb 11 20:30:51 1999
Received: (from daemon@localhost)
	by jaz.jp.freebsd.org (8.9.1+3.1W/8.7.3) id UAA17923;
	Thu, 11 Feb 1999 20:30:51 +0900 (JST)
	(envelope-from owner-man-jp-reviewer@jp.FreeBSD.org)
Received: from ma3.seikyou.ne.jp (ma3.seikyou.ne.jp [202.211.152.179])
	by jaz.jp.freebsd.org (8.9.1+3.1W/8.7.3) with ESMTP id UAA17916
	for <man-jp-reviewer@jp.freebsd.org>; Thu, 11 Feb 1999 20:30:49 +0900 (JST)
	(envelope-from hiloshi@seikyou.ne.jp)
Received: from hiloshi.seikyou.ne.jp (kyoto-504.seikyou.ne.jp [202.211.148.59])
	by ma3.seikyou.ne.jp (8.8.8/3.6WNSK98032401) with ESMTP id UAA25557
	for <man-jp-reviewer@jp.freebsd.org>; Thu, 11 Feb 1999 20:30:43 +0900
Received: (from hiloshi@localhost) by hiloshi.seikyou.ne.jp (8.8.5/3.5Wpl7) id UAA00548; Thu, 11 Feb 1999 20:20:37 +0900 (JST)
Date: Thu, 11 Feb 1999 20:20:37 +0900 (JST)
Message-Id: <199902111120.UAA00548@hiloshi.seikyou.ne.jp>
From: =?ISO-2022-JP?B?GyRCNmIkc0VEGyhC?= <vanitas@ma3.seikyou.ne.jp>
To: man-jp-reviewer@jp.freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
Reply-To: man-jp-reviewer@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+981115
X-Sequence: man-jp-reviewer 1026
Subject: [man-jp-reviewer 1026] (check) security.7
Errors-To: owner-man-jp-reviewer@jp.freebsd.org
Sender: owner-man-jp-reviewer@jp.freebsd.org
X-Originator: vanitas@ma3.seikyou.ne.jp

$B6b$sED$G$9!#(B  $B$9$_$^$;$s!"$^$?BgJQCY$l$F$7$^$$$^$7$?!#(B

 security.7 $B$N%A%'%C%/$G$9!#(B  $B@h$[$IDs=P$$$?$7$^$7$?!#(B

$B0J2<$N(B 2 $BE@$,<+?.$"$j$^$;$s!#(B
$B$=$l0J30$O$@$$$?$$I=8=>e$NJQ99$@$H;W$$$^$9!#(B

$B!&(B223(172):
   A sandbox isn't perfect unless you go to a large amount
   of trouble, but the onion approach to security still stands
   $B!X4IM}<T$,KDBg$J?t$NLdBj$KD>LL$7$J$$8B$j!":=>l$O40`z$G$O(B
     $B$"$j$^$;$s$,!"%;%-%e%j%F%#$K4X$9$k%?%^%M%.E*%"%W%m!<%A$O(B
     $B$3$3$G$b@.$jN)$A$^$9!#!Y(B
   
   $B$H$7$^$7$?$,!"!V(Bunless $B!D!W$N<q;]$,$o$+$j$^$;$s$G$7$?!#(B
   $B!VKDBg$J?t$NLdBj$KD>LL!W$7$F$$$k$J$i!"$+$($C$F!V40`z!W$H$O(B
   $B8@$($J$$$h$&$K;W$&$s$G$9$,!D!#(B $B$I$3$+8mFI$7$F$k$N$G$7$g$&$+!)(B

$B!&(B309(235):
   If an attacker breaks root he can do just about anything,
   but there are certain conveniences.
   $B!X(Broot $B$N8"8B$rGK$k$H!"967b<T$O$[$H$s$I2?$G$b$G$-$^$9!#(B
     $B$7$+$7!"$$$/$D$+JXMx$J$3$H$,$"$j$^$9!#!Y(B
   
   $B$G$O!"!VJXMx$J$3$H!W$H$$$&$N$O!"!V967b$rKI$0$?$a$N$b$N!W(B
   $B$N$h$&$KFI$a$^$9$,!"$3$N8e$N(B For example, $B0J2<$O$=$&$$$C$?(B
   $B5-=R$K$J$C$F$$$J$$$h$&$G$9!#(B
   $B$=$3$G!"!VJXMx$J$3$H!W!a!V967b<T$K$H$C$F(B(root $B$rGK$k$h$j(B
   $B$b(B)$B4JC1$J$3$H!W$+$H2r$7$F!"(B
 $B"*!X(Broot $B$N8"8B$rGK$k$H!"967b<T$O$[$H$s$I2?$G$b$G$-$^$9$,!"(B
     $B$b$C$H4JJX$J$3$H$b$$$/$D$+$"$j$^$9!#!Y(B
   $B$H$7$F$_$^$7$?!#(B


isdnd.rc.5 $B$b:#HUCf$KAw$j$^$9!#(B
$BCY$/$J$C$FK\Ev$K?=$7Lu$"$j$^$;$s!#(B m(__)m
___________________________________________
$B6bED(B $B9@;J(B  email: vanitas@ma3.seikyou.ne.jp
## hellofalot of $B$O(B large amount of $B$K$J$C$F$^$7$?!#(B
## $B$H$$$&$3$H$O!"!V$X$m$&$U$!$m$C$H(B $B$*$V!W$8$c$J$/$F!"(B
## $B!V$X$k(B $B$*$V(B $B$"(B $B$m$C$H(B $B$*$V!W(B $B$@$C$?$N$+!D!)(B (^_^;)
$B!|(B============================== $B0J2<(B ==============================$B!|(B
.\" Copyright (c) 1998, Matthew Dillon.  Terms and conditions are those of
.\" the BSD Copyright as specified in the file "/usr/src/COPYRIGHT" in
.\" the source tree.
.\"
.\"	$Id: security.7,v 1.4 1998/12/26 05:19:42 dillon Exp $
.\" jpman %Id: security.7,v 1.2 1999/01/31 11:05:10 horikawa Stab %
.\"
.Dd December 20, 1998
.Dt SECURITY 7
.Os
.Sh $BL>>N(B
.Nm security
.Nd FreeBSD $B$K$*$1$k%;%-%e%j%F%#F~Lg(B
.Sh $B2r@b(B
.Pp
$B%;%-%e%j%F%#$O!"%7%9%F%`4IM}<T$H$H$b$K;O$^$j!"%7%9%F%`4IM}<T$H(B
$B$H$b$K=*$k5!G=$G$9!#$9$Y$F$N(B
.Bx
$B%7%9%F%`$O@N$+$i%^%k%A%f!<%6$KBP1~$7$F$$$^$9!#%;%-%e%j%F%#$N;EAH$_$r(B
$BAH$_9~$s$G0];}$9$k$3$H$G!"%f!<%6$r(B
.Sq $B@5D>$K(B
$B$7B3$1$k;E;v$O!"%7%9%F%`4IM}<T$N:G$bBg$-$J@UL3$N0l$D$G$7$g$&!#%^%7%s$O!"(B
$B4IM}<T$,@_Dj$7$?$@$1$N%;%-%e%j%F%#$7$+<($7$^$;$s!#%;%-%e%j%F%#$K4X$9$k(B
$BLdBj$O!"$`$7$m!"JXMx$5$r5a$a$k?M4V$H$N6%9gLdBj$G$9!#0lHL$K!"(B
.Ux
$B%7%9%F%`$OG|Bg$J?t$N%W%m%;%9$rF1;~$K<B9T$5$;$k$3$H$b!"$^$?!"$=$NB?$/$r(B
$B%5!<%P$H$7$FF0:n$5$;$k$3$H$b$G$-$^$9!#$3$l$O!"30It$N2?<T$+$,(B
$B@\B3$7$F$-$F!"%5!<%P%W%m%;%9$H2qOC$9$k$3$H$,$G$-$k$H$$$&$3$H$r(B
$B0UL#$7$^$9!#:rF|$^$G$N%_%K%3%s%T%e!<%?$H%a%$%s%U%l!<%`$O!":#F|$G$O(B
$B%G%9%/%H%C%W%3%s%T%e!<%?$H$J$j!"$+$D!"$=$l$i$O%M%C%H%o!<%/$G7k$P$l$F(B
$B%$%s%?!<%M%C%H$H@\B3$5$l$k$h$&$K$J$j$^$7$?!#$3$l$K$h$j!"%;%-%e%j%F%#$O(B
$B@N$HHf$Y$F$O$k$+$KBg$-$JLdBj$H$J$C$F$$$^$9!#(B
.Pp
$B%;%-%e%j%F%#$K4X$9$kLdBj$O!"$$$/$D$+$N%+%F%4%j$KJ,N`$9$k$3$H$,$G$-$^$9!#(B
.Bl -enum -offset indent
.It
$B%5!<%S%9ITG=967b(B
.It
$B%f!<%6%"%+%&%s%H$K$+$+$k4m81(B
.It
$B%"%/%;%92DG=$J%5!<%P$r7PM3$7$?(B root $B8"8B$K$+$+$k4m81(B
.It
$B%f!<%6%"%+%&%s%H$rDL$7$?(B root $B8"8B$K$+$+$k4m81(B
.El
.Pp
$B%5!<%S%9ITG=967b$H$O!"%^%7%s$+$iI,MW$J;q8;$rC%$&9T0Y$G$9!#(B
$B%5!<%S%9ITG=967b$O!"IaDL$O!"$=$N%^%7%s$G<B9T$5$l$k%5!<%P$d(B
$B%M%C%H%o!<%/%9%?%C%/$r05E]$7$F!"%^%7%s$r;H$($J$/$7$?$j%/%i%C%7%e$5$;$h$&$H(B
$B$9$k$h$&$JNOG$$;$N;EAH$_$G$9!#%5!<%S%9ITG=967b$N$$$/$D$+$O!"(B
$B%M%C%H%o!<%/%9%?%C%/$N%P%0$rMxMQ$7$F!"%Q%1%C%H0l$D$G%^%7%s$r(B
$B%/%i%C%7%e$5$;$h$&$H$7$^$9!#8e<T$O!"(B
$B%+!<%M%k$K%P%0=$@5$r;\$9$3$H$K$h$C$F$N$_=$@5$9$k$3$H$,$G$-$^$9!#(B
$B%5!<%P%W%m%;%9$KBP$9$k967b$O!"%5!<%P$N%*%W%7%g%s$rE,@Z$K;XDj$7$F!"(B
$B5U6->u67$N%7%9%F%`$K$*$$$F!"%5!<%P%W%m%;%9$,0z$-5/$3$9Ii2Y$K8B3&$r@_$1$k$3$H$G(B
$B=$@5$9$k$3$H$,$G$-$^$9!#$3$l$i$KHf$Y$k$H!"%M%C%H%o!<%/$X$NNOG$$;$N967b$X$N(B
$BBP1~$O$:$C$HFq$7$/$J$j$^$9!#$?$H$($P!"56B$%Q%1%C%H$K$h$k967b(B
.Pq spoof-packet attack
$B$O!"%$%s%?!<%M%C%H$+$i%7%9%F%`$r@Z$jN%$90J30$NJ}K!$G$O!"M^;_$9$k$3$H$O(B
$B$[$H$s$IIT2DG=$G$9!#(B
.Pp
$B%f!<%6%"%+%&%s%H$r4m81$K;/$9$3$H$O!"%5!<%S%9ITG=967b$h$j$OB?>/$O$"$j$U$l$?(B
$B$b$N$G$9!#$3$N$4;~@*$G$b!"%7%9%F%`4IM}<T$NB?$/$O!"<+J,$?$A$N%^%7%s$G(B
$BI8=`$N(B telnetd, rlogind, rshd, ftpd $B%5!<%P$r<B9T$5$;$F$$$^$9!#$3$l$i$N(B
$B%5!<%P$O!"%G%U%)%k%H$G$O!"0E9f2=$5$l$?%3%M%/%7%g%s>e$GF0:n$7$F$$$^$;$s!#(B
$B$=$N7k2L!"Jz$($F$$$k%f!<%6?t$,I8=`E*$JBg$-$5$J$i$P!"%j%b!<%H(B
.Pq $B$=$N%7%9%F%`$K%m%0%$%s$9$k$N$K:G$bIaDL$GJXMx$J>l=j(B
$B$+$i%m%0%$%s$7$F$$$k%f!<%6$N$&$A0l?M0J>e$O!"%Q%9%o!<%I$rGA$-8+$i$l$F(B
$B$7$^$&$G$7$g$&!#(B
$B%7%9%F%`4IM}<T$,Cm0U?<$$$J$i$P!"$?$H$(%m%0%$%s$,@.8y$7$F$$$?$H$7$F$b!"(B
$B%j%b!<%H%"%/%;%9%m%0$r$H$-$I$-2r@O$7$F!"5?$o$7$$%=!<%9%"%I%l%9$rC5$9$b$N$G$9!#(B
.Pp
$B$R$H$?$S967b<T$,%f!<%6%"%+%&%s%H$X$N%"%/%;%98"$rF~<j$9$k$H!"967b<T$,(B
root $B$N8"8B$rGK$k2DG=@-$,$"$k$3$H$r2>Dj$9$k$Y$-$G$9!#$7$+$7!"(B
$B%;%-%e%j%F%#$r==J,J]$A!"<jF~$l$N9T$-FO$$$?%7%9%F%`$K$*$$$F$O!"(B
$B$"$k%f!<%6%"%+%&%s%H$X$N%"%/%;%9$,2DG=$H$J$C$F$b!"967b<T$KI,$:$7$b(B
root $B$X$N%"%/%;%98"$rM?$($k$H$O8B$i$J$$$N$,8=<B$G$9!#$3$N0c$$$O=EMW$G$9!#(B
$B$H$$$&$N$O!"(Broot $B$X$N%"%/%;%98"$,$J$1$l$P!"0lHLE*$K!"967b<T$O<+J,$N(B
$B?/F~$N:/@W$r1#JC$9$k$3$H$,$G$-$^$;$s$7!"$=$N%f!<%6$N%U%!%$%k$r>C$7$F(B
$B%^%7%s$r%/%i%C%7%e$5$;$k$3$H$,$G$-$k$N$,$;$$$<$$$G!"B>$N%f!<%6$N(B
$B%U%!%$%k$K$O<j=P$7$G$-$^$;$s!#(B
.Pp
$B%7%9%F%`4IM}<T$O!"$"$k%^%7%s>e$G(B root $B$N8"8B$rGK$kJ}K!$,$$$/$D$+$"$k$3$H$r(B
$B?4$7$F$*$+$M$P$J$j$^$;$s!#967b<T$,(B root $B$N%Q%9%o!<%I$rCN$C$F$7$^$&$+$b(B
$B$7$l$^$;$s!#967b<T$,(B root $B$N8"8B$G<B9T$5$l$k%5!<%P$N%P%0$r8+$D$1!"(B
$B%M%C%H%o!<%/$+$i$=$N%5!<%P$X@\B3$7$F(B root $B$N8"8B$rGK$k$3$H$,$G$-$k$+$b(B
$B$7$l$^$;$s!#$R$H$?$S%f!<%6%"%+%&%s%H$rGK$k$H!"%f!<%6%"%+%&%s%H$+$i(B
root $B$N8"8B$rGK$k$3$H$,2DG=$G$"$k%P%0$r;}$D(B suid-root $B%W%m%0%i%`$N(B
$BB8:_$r!"967b<T$OCN$C$F$$$k$+$b$7$l$^$;$s!#(B
.Pp
$B%;%-%e%j%F%#$r2~A1$9$kJ}K!$O!">o$K!"(B
.Sq $B%?%^%M%.$NHiGm$-(B
$B$N$h$&$K(B
$BJ#?t$NAX$N%"%W%m!<%A$G<BAu$5$l$^$9!#$3$l$i$O<!$N$h$&$KJ,N`$G$-$^$9!#(B
.Bl -enum -offset indent
.It
root $B$H%9%?%C%U$N%"%+%&%s%H$N0BA4@-$r9b$a$k!#(B
.It
root $B$N0BA4@-$r9b$a$k(B - root $B8"8B$N%5!<%P$H(B suid/sgid $B%P%$%J%j!#(B
.It
$B%f!<%6%"%+%&%s%H$N0BA4@-$r9b$a$k!#(B
.It
$B%Q%9%o!<%I%U%!%$%k$N0BA4@-$r9b$a$k!#(B
.It
$B%+!<%M%k$N%3%"!"(Braw $B%G%P%$%9!"%U%!%$%k%7%9%F%`$N0BA4@-$r9b$a$k!#(B
.It
$B%U%!%$%k$N40A4@-$N%A%'%C%/(B: $B%P%$%J%j!"@_Dj%U%!%$%k$J$I!#(B
.It
$BJP<968E*J}K!!#(B
.El
.Sh root $B%"%+%&%s%H$H%9%?%C%U%"%+%&%s%H$N0BA4@-$r9b$a$k(B
.Pp
root $B$N%"%+%&%s%H$N0BA4@-$r3NJ]$7$J$$$&$A$+$i%9%?%C%U$N%"%+%&%s%H$N0BA4@-$r(B
$B$&$s$L$s$7$F$b$7$+$?$,$"$j$^$;$s!#$[$H$s$I$N%7%9%F%`$G$O!"(Broot $B%"%+%&%s%H$K(B
$B3d$jEv$F$?%Q%9%o!<%I$,$R$H$D$"$j$^$9!#$^$::G=i$K$9$Y$-$3$H$O!"(B
$B$3$N%Q%9%o!<%I$O(B
.Sq $B$$$D$G$b(B
$B4m81$K;/$5$l$F$$$k$H2>Dj$9$k$3$H$G$9!#(Broot $B%"%+%&%s%H$N0BA4@-$r3NJ]$9$k(B
$B$?$a$K$O!"%M%C%H%o!<%/1[$7$K!"$"$k$$$O$I$l$+0lHL%f!<%6$N%"%+%&%s%H$+$i!"(B
root $B$N%Q%9%o!<%I$r;H$C$F(B root $B%"%+%&%s%H$K%m%0%$%s$9$k$3$H$,7h$7$F(B
$B$G$-$J$$$3$H$r3N<B$K$9$k$3$H$G$9!#@5$7$$%Q%9%o!<%I$,M?$($i$l$h$&$,(B
$BM?$($i$l$^$$$,!"(Btelnetd, rlogind, $B$=$NB>%m%0%$%s=hM}$r9T$J$&%5!<%P(B
$B$9$Y$F$G(B root $B$G$N%m%0%$%s$r5q@d$9$k$h$&$K@_Dj$7$F$$$J$$$H$9$k$J$i!"(B
$B:#$9$0$=$&$$$&$U$&$K@_Dj$7$F2<$5$$!#D>@\(B root $B$G%m%0%$%s$G$-$k$N$O!"(B
$B%7%9%F%`%3%s%=!<%k$+$i$@$1$K$7$F2<$5$$!#$3$3$GLr$KN)$D$N$,(B
.Sq /etc/ttys
$B%U%!%$%k$G$9!#$[$H$s$I$N%7%9%F%`$G$O!"%G%U%)%k%H$G0BA4$G$9$,!"(B
$BM%$l$?%7%9%F%`4IM}<T$O!"@_Dj$,$=$&$J$C$F$$$k$+>o$K%A%'%C%/$rBU$i$J$$(B
$B$b$N$G$9!#(B
.Pp
$B%7%9%F%`4IM}<T$H$7$F!"<+J,$O(B root $B$K$J$l$k$h$&$K$7$F$*$+$M$P$J$i$J$$$N(B
$B$O$b$A$m$s$G$9$+$i!"7j$r$$$/$D$+6u$1$F$*$-$^$9!#$7$+$7!"$=$l$i$N7j$r(B
$BF0:n$5$;$k$K$O!"$5$i$KDI2C$N%Q%9%o!<%IG'>Z$,I,MW$G$"$k$h$&$K$7$F(B
$B$*$-$^$9!#(Broot $B$G%"%/%;%92DG=$H$9$kJ}K!$N0l$D$H$7$F!"(B
$BE,@Z$J%9%?%C%U%"%+%&%s%H$r(B
.Pq /etc/group $B$N(B
wheel $B%0%k!<%W$K2C$($k$3$H$,$"$j$^$9!#(B
wheel $B%0%k!<%W$KCV$+$l$?%9%?%C%U%a%s%P$K$O!"(B
.Sq su
$B$r;H$C$F(B root $B$K$J$k$3$H$,5v$5$l$^$9!#%9%?%C%U%a%s%P$K!"(B
$B%Q%9%o!<%I%U%!%$%k$N%(%s%H%j$G$=$N$^$^(B wheel $B$N%"%/%;%98"$r(B
$BM?$($F$O$$$1$^$;$s!#%9%?%C%U$O!"(B
.Sq staff
$B$+$=$NN`$N%0%k!<%W$KCV$-!"$=$NCf$GK\Ev$K(B root $B$K$J$kI,MW$,$"$k?M(B
$B$@$1$r(B wheel $B%0%k!<%W$K2C$($k$h$&$K$7$^$9!#;DG0$J$,$i!"(Bwheel $B$N(B
$B;EAH$_$@$1$@$H!"?/F~<T$,%Q%9%o!<%I%U%!%$%k$r<j$KF~$l$k$H!"967b<T$,(B
$BGK$kI,MW$,$"$k$N$O(B root $B$N%Q%9%o!<%I$+!"(Bwheel $B%0%k!<%W$K$?$^$?$^B0$9(B
staff $B%"%+%&%s%H$N0l$D$N%Q%9%o!<%I$@$1$G$9!#(Bwheel $B$N;EAH$_$OM-1W(B
$B$G$9$,!"(Bwheel $B%0%k!<%W$,$^$C$?$/B8:_$7$J$$>u67$HHf$Y$F$=$l$[$I(B
$B0BA4$J$o$1$G$O$"$j$^$;$s!#(B
.Pp
root $B%"%+%&%s%H$N0BA4@-$r9b$a$k4V@\E*$JJ}K!$H$7$F!"JL$N%m%0%$%s%"%/%;%9(B
$B$NJ}K!$rMQ$$$F!"%9%?%C%U$N%"%+%&%s%H$N0E9f2=%Q%9%o!<%I$r(B\ * $B$K$7$F(B
$B$*$/$3$H$G!"%9%?%C%U$N%"%+%&%s%H$N0BA4@-$r9b$a$k$b$N$,$"$j$^$9!#$3$NJ}K!(B
$B$@$H!"?/F~<T$,%Q%9%o!<%I%U%!%$%k$rEp$`$3$H$,$G$-$k$+$b$7$l$^$;$s$,!"(B
$B%9%?%C%U%"%+%&%s%H$rGK$k$3$H$O$G$-$J$$$G$7$g$&!#$^$?!"$?$H$((B root $B$,0E9f2=(B
$B%Q%9%o!<%I$r%Q%9%o!<%I%U%!%$%k$KIU$1$F$$$?$H$7$F$b!"4V@\E*$K$O(B root
$B%"%+%&%s%H$bGK$k$3$H$,$G$-$J$$$G$7$g$&!#(B
$B%9%?%C%U%a%s%P$,%9%?%C%U%"%+%&%s%H$G%m%0%$%s$9$k:]$K$O!"(B
.Xr kerberos 1
$B$d(B
.Xr ssh 1
.Po
.Pa /usr/ports/security/ssh
$B;2>H(B
.Pc
$B$N$h$&$J!"8x3+80(B / $BHkL)80$N80$NAH$r;H$&(B
$B0BA4@-$N9b$$%m%0%$%s$N;EAH$_$r;H$$$^$9!#(Bkerberos $B$N$h$&$J;E3]$1$r;H$&>l9g!"(B
$B0lHL$K!"(Bkerberos $B%5!<%P$r<B9T$9$k%^%7%s$H<+J,$N%G%9%/%H%C%W(B
$B%o!<%/%9%F!<%7%g%s$H$N0BA4@-$r3NJ]$7$J$1$l$P$J$j$^$;$s!#(Bssh $B$G(B
$B8x3+80(B / $BHkL)80$N80$NAH$r;H$&>l9g!"0lHL$K!"%m%0%$%s85%^%7%s(B
.Pq $BDL>o$O<+J,$N%o!<%/%9%F!<%7%g%s(B
$B$N0BA4@-$r3NJ]$7$J$1$l$P$J$j$^$;$s!#$3$3$G!"(B
.Xr ssh-keygen 1
$B$G80$NAH$r@8@.$9$k:]!"80$NAH$r%Q%9%o!<%I$GKI8f$9$k$3$H$K$h$j!"(B
$B80$NAH$rKI8n$9$k$?$a$NAX$rDI2C$9$k$3$H$b$G$-$^$9!#%9%?%C%U%"%+%&%s%H$N(B
$B%Q%9%o!<%I$r(B\ * $B$G30$9$3$H$,$G$-$k$3$H$K$h$j!"%9%?%C%U%a%s%P$,(B
$B4IM}<T<+?H$,@_Dj$7$?0BA4@-$N9b$$J}K!$G$N$_%m%0%$%s$G$-$k$3$H$bJ]>Z(B
$B$G$-$^$9!#$+$/$7$F!"B?$/$N?/F~<T$,;H$&=EBg$J%;%-%e%j%F%#$N7j(B
.Pq $B0BA4@-$NDc$$L54X78$J%^%7%s$+$i%M%C%H%o!<%/$rGA$-8+$kJ}K!(B
$B$N$J$$%;%C%7%g%s$rDs6!$9$k!"0BA4@-$N9b$$0E9f2=$5$l$?%3%M%/%7%g%s$r(B
$B;H$&$3$H$r!"$9$Y$F$N%9%?%C%U%a%s%P$K6/@)$9$k$3$H$,$G$-$k$N$G$9!#(B
.Pp
$B$h$j4V@\E*$J%;%-%e%j%F%#$N;EAH$_$O!"$h$j@)8B$N6/$$%5!<%P$+$i@)8B$N<e$$(B
$B%5!<%P$X%m%0%$%s$9$k$3$H$rA0Ds$H$7$F$$$^$9!#Nc$($P!"<g%^%7%s$G!"(B
$B$9$Y$F$N<oN`$N%5!<%P$r<B9T$5$;$F$$$k>l9g!"%o!<%/%9%F!<%7%g%s$G$O$=$l$i$N(B
$B%5!<%P$r<B9T$5$;$F$O$J$j$^$;$s!#%o!<%/%9%F!<%7%g%s$N0BA4@-$rHf3SE*(B
$B9b$a$F$*$/$?$a$K$O!"<B9T$9$k%5!<%P$N?t$r!"2L$F$O%5!<%P$J$7$^$G!"(B
$B$G$-$k$@$18:$i$7$F$*$/$Y$-$G$9!#$^$?!"%Q%9%o!<%IKI8n$5$l$?(B
$B%9%/%j!<%s%;!<%P$rAv$i$;$F$*$/$Y$-$G$9!#(B
$B%o!<%/%9%F!<%7%g%s$X$NJ*M}E*%"%/%;%9$,M?$($i$l$?$H$9$k$H!"967b<T$O(B
$B4IM}<T$,@_Dj$7$?$$$+$J$k<oN`$N%;%-%e%j%F%#$r$b$&$AGK$k$3$H$,$G$-$k$N$O(B
$B$b$A$m$s$N$3$H$G$9!#$3$l$O!"4IM}<T$H$7$F9M$($F$*$+$M$P$J$i$J$$7hDjE*$J(B
$BLdBj$G$9$,!"%7%9%F%`GK$j$NBgB??t$O!"%M%C%H%o!<%/7PM3$G%j%b!<%H$+$i!"(B
$B%o!<%/%9%F!<%7%g%s$d%5!<%P$X$NJ*M}E*%"%/%;%9<jCJ$r;}$?$J$$?M!9$K$h$C$F(B
$B9T$J$o$l$k$H$$$&;v<B$b!"$^$?!"G0F,$KCV$$$F$*$/I,MW$,$"$j$^$9!#(B
.Pp
kerberos $B$N$h$&$JJ}K!$r;H$&$3$H$G!"%9%?%C%U%"%+%&%s%H$N%Q%9%o!<%I$NJQ99(B
$B$b$7$/$ODd;_$r0l2U=j$G9T$J$&$3$H$H!"%9%?%C%U%a%s%P$,%"%+%&%s%H$r;}$D(B
$B$9$Y$F$N%^%7%s$KB(;~$K$=$N8z2L$r5Z$\$9$3$H$,2DG=$H$J$j$^$9!#%9%?%C%U%a%s%P$N(B
$B%"%+%&%s%H$,4m81$K;/$5$l$?$H$-$K!"$9$Y$F$N%^%7%s$G$=$N?M$N%Q%9%o!<%I$r(B
$BB(:B$KJQ99$9$k5!G=$r4E$/8+$F$O$$$1$^$;$s!#%Q%9%o!<%I$,J,;6$5$l$F$$$k$H!"(B
N $BBf$N%^%7%s$G%Q%9%o!<%I$rJQ99$9$k$3$H$O!"$F$s$d$o$s$d$N;vBV$r>7$/2DG=@-$,(B
$B$"$j$^$9!#(Bkerberos $B$K$h$k:F%Q%9%o!<%I@)8B(B
.Pq re-passwording restriction
$B$r2]$9$k$3$H$b$G$-$^$9!#$3$l$r;H$&$3$H$K$h$j2DG=$H$J$k$3$H$O!"(B
$B$"$k(B kerberos $B%A%1%C%H$r$7$P$i$/$7$F$+$i%?%$%`%"%&%H$K$9$k$3$H$@$1$G$J$/!"(B
kerberos $B%7%9%F%`$,%f!<%6$K0lDj4|4V(B
.Pq $BNc$($P!"(B1 $B%v7n$K(B 1 $B2s(B
$B$N8e$K?7$7$$%Q%9%o!<%I$rA*$V$3$H$rMW5a$9$k$3$H$b$G$-$^$9!#(B
.Sh root $B$N0BA4@-$r9b$a$k(B - root $B8"8B$N%5!<%P$H(B suid/sgid $B%P%$%J%j(B
.Pp
$BMQ?4?<$$%7%9%F%`4IM}<T$O!"<+J,$KI,MW$J%5!<%P%W%m%;%9$@$1$r2aITB-$J$/(B
$B<B9T$5$;$k$b$N$G$9!#Bh;0<T@=$N%5!<%P$O$7$P$7$P%P%0$N29>2$G$"$k$3$H$K(B
$BCm0U$7$F2<$5$$!#Nc$($P!"8E$$%P!<%8%g%s$N(B imapd $B$d(B popper $B$r<B9T$5$;(B
$B$F$*$/$H$$$&$3$H$O!"A4@$3&$K6&DL$N(B root $B$N@ZId$rM?$($F$$$k$h$&$J$b$N$G$9!#(B
$B<+J,$GCm0U?<$/%A%'%C%/$7$F$$$J$$%5!<%P$O!"7h$7$F<B9T$7$F$O$$$1$^$;$s!#(B
$B%5!<%P$NB?$/$O(B root $B$G<B9T$5$;$kI,MW$O$"$j$^$;$s!#Nc$($P!"(Bntalk, comsat,
finger $B%G!<%b%s$r!"FCJL$N!V:=>l(B
.Pq sandbox
$B!W%f!<%6$G<B9T$5$;$k$3$H$,$G$-$^$9!#(B
.\"kuma hellofalot of trouble $B$C$F2?$d!)(B
.\" hell of a lot of trouble $B$_$?$$$G$9$M!#(B;-) ($B6b$sED(B '99.02.11)
$B4IM}<T$,KDBg$J?t$NLdBj$KD>LL$7$J$$8B$j!":=>l$O40`z$G$O(B
$B$"$j$^$;$s$,!"%;%-%e%j%F%#$K4X$9$k%?%^%M%.E*%"%W%m!<%A$O$3$3$G$b(B
$B@.$jN)$A$^$9!#:=>l$G<B9T$5$l$F$$$k%5!<%P%W%m%;%9$r7PM3$7$F?/F~$r(B
$B2L$?$9$3$H$,$G$-$?$H$7$F$b!"967b<T$O$5$i$K:=>l$+$i30$KC&=P$7$J$1$l$P(B
$B$J$j$^$;$s!#967b<T$,DL2a$;$M$P$J$i$J$$AX$N?t$,A}$($l$PA}$($k$[$I!"(B
$B$=$l$@$1967b<T$,?/F~$K@.8y$9$k3NN($,8:$j$^$9!#(Broot $B$NH4$17j$O(B
$BNr;KE*$K!"4pK\%7%9%F%`%5!<%P$b4^$a!"(B
root $B8"8B$G<B9T$5$l$k$[$H$s$I$9$Y$F$N%5!<%P%W%m%;%9$KH/8+$5$l$F$$$^$9!#(B
$B%f!<%6$,(B sshd $B7PM3$G$N$_%m%0%$%s$7!"(B
telnetd, rshd, rlogind $B7PM3$G%m%0%$%s$9$k$3$H(B
$B$,7h$7$F$J$$%^%7%s$r$*;H$$$J$i!"$=$l$i$N%5!<%S%9$rDd;_$5$;$F2<$5$$!#(B
.Pp
.Bx Free
$B$G$O!":#$G$O(B ntalkd, comsat, finger $B$O:=>l$G<B9T$5$;$k$3$H$,(B
$B%G%U%)%k%H$K$J$C$F$$$^$9!#<!$K:=>l$G<B9T$5$;$k$Y$-%W%m%0%i%`$N8uJd$H$7$F!"(B
.Xr named 8
$B$,$"$j$^$9!#%G%U%)%k%H$N(B rc.conf $B%U%!%$%k$K$O!"(Bnamed $B$r:=>l$G<B9T$9$k(B
$B$?$a$KI,MW$J0z?t$,%3%a%s%H%"%&%H$5$l$?7A<0$G4^$a$i$l$F$$$^$9!#?7$7$$(B
$B%7%9%F%`$r%$%s%9%H!<%k$7$F$$$k$+!"$=$l$H$b4{B8$N%7%9%F%`$r(B
$B%"%C%W%0%l!<%I$7$F;H$C$F$$$k$+$K0MB8$7$^$9$,!":=>l$H$7$F;HMQ$9$k(B
$BFCJL$N%f!<%6%"%+%&%s%H$,%$%s%9%H!<%k$5$l$F$$$J$$$+$b$7$l$^$;$s!#MQ?4?<$$(B
$B%7%9%F%`4IM}<T$O8&5f$rBU$i$:!"2DG=$J$H$3$m$G$O$D$M$K%5!<%P$K:=>l$r;E9~$`(B
$B$b$N$G$9!#(B
.Pp
$BDL>o!":=>l$G<B9T$7$J$$%5!<%P$,B>$K$$$/$D$+$"$j$^$9!#(Bsendmail, popper,
imapd, ftpd $B$J$I$G$9!#$3$l$i$N$&$A$$$/$D$+$K$OBe$o$j$,$"$j$^$9$,!"(B
$BBe$o$j$N$b$N$r%$%s%9%H!<%k$9$k$K$O!"$=$l$@$1B?$/$N;E;v$,I,MW$K$J$k$N$G!"(B
$B7k6I$3$l$i$r4n$s$GF~$l$F$7$^$$$^$9(B
.Pq $B4JC1EY$,$^$?$b>!Mx$r<}$a$k$o$1$G$9(B
$B!#(B
$B$3$l$i$N%5!<%P$O!"(Broot $B8"8B$G<B9T$;$M$P$J$i$:!"$3$l$i7PM3$G@8$8$k?/F~$N(B
$B8!=P$N$?$a$K$O!"B>$N;EAH$_$K0MB8$;$M$P$J$i$J$$$+$b$7$l$^$;$s!#(B
.Pp
$B%7%9%F%`$N(B root $B8"8B$N@x:_E*$J7j$GB>$KBg$-$J$b$N$H$7$F!"%7%9%F%`$K(B
$B%$%s%9%H!<%k$5$l$?(B suid-root/sgid $B%P%$%J%j$,$"$j$^$9!#(Brlogin $B$J$I!"(B
$B$3$l$i$N%P%$%J%j$N$[$H$s$I$O!"(B/bin, /sbin, /usr/bin, /usr/sbin $B$K(B
$BB8:_$7$^$9!#(B100% $B0BA4$J$b$N$OB8:_$7$J$$$H$O$$$(!"%7%9%F%`%G%U%)%k%H$N(B
siud/sgid $B%P%$%J%j$OHf3SE*0BA4$H$$$($^$9!#$=$l$G$b$J$*!"(Broot $B$N7j$,(B
$B$3$l$i$N%P%$%J%j$K$H$-$*$jH/8+$5$l$F$$$^$9!#(B1998 $BG/$K(B Xlib $B$G8+$D$+$C$?(B
root $B$N7j$O!"(Bxterm
.Pq $BIaDL!"(Bsuid $B@_Dj$5$l$F$$$^$9(B
$B$r967b2DG=$K$7$F$$$^$7$?!#(B
$B0BA4$G$"$kJ}$,$h$$$N$G!"MQ?4?<$$%7%9%F%`4IM}<T$O;DG0$K;W$$$J$,$i$b!"(B
$B%9%?%C%U$N$_$,<B9T$9$kI,MW$,$"$k(B suid $B%P%$%J%j$O!"%9%?%C%U$N$_$,(B
$B%"%/%;%92DG=$JFCJL$J%0%k!<%W$K4^$a$k$h$&$K@)8B$r2C$(!"(B
$BC/$b;H$o$J$$(B suid $B%P%$%J%j$O(B chmod 000 $B$7$FJRIU$1$F$7$^$&$G$7$g$&!#(B
$B%G%#%9%W%l%$$r;}$?$J$$%5!<%P$O!"0lHLE*$K(B xterm $B$N%P%$%J%j$rI,MW$H$7$^$;$s!#(B
sgid $B%P%$%J%j$b$[$H$s$IF1MM$N4m81$JB8:_$K$J$jF@$^$9!#(B
$B?/F~<T$,(B sgid-kmem $B$N%P%$%J%j$rGK$k$3$H$,$G$-$?>l9g!"(B
$B$=$N?/F~<T$O(B /dev/kmem $B$rFI$_=P$9$3$H$,$G$-$k$h$&$K$J$j$^$9!#(B
$B$D$^$j!"0E9f2=$5$l$?%Q%9%o!<%I%U%!%$%k$rFI$_=P$9$3$H$,$G$-$k(B
$B$h$&$K$J$k$N$G!"%Q%9%o!<%I$r;}$D$I$N%"%+%&%s%H$r$b!"(B
.Pq $B@x:_E*$J(B
$B4m81$K;/$9$3$H$K$J$j$^$9!#(B
tty $B%0%k!<%W$rGK$C$??/F~<T$O!"$[$H$s$I$9$Y$F$N%f!<%6$NC<Kv$K=q$-9~$_$,(B
$B$G$-$^$9!#(Btalk-back $B5!G=$r;}$DC<Kv%W%m%0%i%`$d%(%_%e%l!<%?$r%f!<%6$,<B9T(B
$B$7$F$$$k$H!"(B
.Pq $B7k6I!"$=$N%f!<%6$H$7$F<B9T$5$l$k(B
$B%3%^%s%I$r%f!<%6$NC<Kv$K%(%3!<$5$;$k%G!<%?%9%H%j!<%`$r(B
$B?/F~<T$,@8@.$G$-$k2DG=@-$,$"$j$^$9!#(B
.Sh $B%f!<%6%"%+%&%s%H$N0BA4@-$r9b$a$k(B
.Pp
$B%f!<%6%"%+%&%s%H$O!"IaDL!"0BA4@-$r9b$a$k$3$H$,:G$b:$Fq$G$9!#(B
$B%9%?%C%U$KBP$7$F!"%"%F%J%$$N%I%i%3$N$h$&$J873J$J%"%/%;%9@)8B$r2]$7!"(B
$B%9%?%C%U$N%Q%9%o!<%I$r(B\ * $B$G30$9$3$H$,$G$-$k$H$O$$$(!"4IM}<T$,;}$A$&$k(B
$B0lHL%f!<%6$9$Y$F$N%"%+%&%s%H$KBP$7$FF1$8$3$H$O$G$-$J$$$+$bCN$l$^$;$s!#(B
$B==J,$J4IM}$rJ]$D$J$i$P!"4IM}<T$O>!Mx$7!"%f!<%6$N(B
$B%"%+%&%s%H$rE,@Z$J>uBV$G0BA4$r3NJ]$G$-$k$+$b$7$l$^$;$s!#$=$l$,(B
$BJ]$F$J$$$J$i$P!"0lHL%f!<%6$N%"%+%&%s%H$r%b%K%?$7$F$$$C$=$&5$$rG[$k$h$&$K(B
$B$9$k$7$+$"$j$^$;$s!#0lHL%f!<%6%"%+%&%s%H$G$N(B ssh $B$d(B kerberos $B$NMxMQ$O!"(B
$B$$$m$$$mLdBj$r$O$i$s$G$$$^$9!#$=$l$G$b!"0E9f2=%Q%9%o!<%I$HHf3S$9$k$H!"(B
$B$O$k$+$KNI$$2r$G$9!#(B
.Sh $B%Q%9%o!<%I%U%!%$%k$N0BA4@-$r9b$a$k(B
.Pp
$B$G$-$k$@$1B?$/$N%Q%9%o!<%I$r(B\ * $B$G30$7!"$=$l$i$N%"%+%&%s%H$N%"%/%;%9$K$O(B
ssh $B$d(B kerberos $B$r;H$&$h$&$K$9$k$3$H$,!"M#0l$N3N<B$JJ}K!$G$9!#$?$H$(0E9f2=(B
$B%Q%9%o!<%I%U%!%$%k(B 
.Pq /etc/spwd.db
$B$,(B root $B$G$N$_FI$_=P$72DG=$@$H$7$F$b!"(B
$B$?$H$((B root $B$N=q$-9~$_8"8B$,F@$i$l$J$$$K$7$F$b!"?/F~<T$,$=$N%U%!%$%k$N(B
$BFI$_=P$7%"%/%;%98"8B$rF@$k$3$H$O2DG=$+$bCN$l$^$;$s!#(B
.Pp
$B%;%-%e%j%F%#%9%/%j%W%H$O>o$K%Q%9%o!<%I%U%!%$%k$NJQ99$r%A%'%C%/$7!"Js9p(B
$B$9$k$h$&$K$9$Y$-$G$9(B ($B8e=R$N!V%U%!%$%k$N40A4@-$N%A%'%C%/!W$r;2>H$7$F2<$5$$(B)$B!#(B
.Sh $B%+!<%M%k$N%3%"!"(Braw $B%G%P%$%9!"%U%!%$%k%7%9%F%`$N0BA4@-$r9b$a$k(B
.Pp
root $B$N8"8B$rGK$k$H!"967b<T$O$[$H$s$I2?$G$b$G$-$^$9$,!"(B
$B$b$C$H4JJX$J$3$H$b$$$/$D$+$"$j$^$9!#Nc$($P!":G6a$N%+!<%M%k$N$[$H$s$I$G$O!"(B
$BAH$_9~$_$N%Q%1%C%HGA$-8+%G%P%$%9(B
.Pq packet sniffing device
$B%I%i%$%P$rHw$($F$$$^$9!#(B
.Bx Free
$B$G$O(B
.Sq bpf
$B%G%P%$%9$H8F$P$l$F$$$^$9!#?/F~<T$OIaDL!"4m81$K;/$5$l$?(B
$B%^%7%s$G%Q%1%C%HGA$-8+%W%m%0%i%`$r<B9T$5$;$h$&$H;n$_$^$9!#?/F~<T$K(B
$B$o$6$o$6$=$&$$$&5!G=$rDs6!$9$kI,MW$O$J$$$N$G!"$[$H$s$I$N%7%9%F%`$G(B bpf
$B%G%P%$%9$rAH$_9~$`$Y$-$G$O$"$j$^$;$s!#IT9,$J$3$H$K!"%m!<%@%V%k%+!<%M%k(B
$B%b%8%e!<%k(B 
.Pq Loadable Kernel Module:LKM
$B%$%s%?%U%'!<%9$H8F$P$l$k(B
$B%+!<%M%k5!G=$,$"$j$^$9!#$d$k5$$^$s$^$s$N?/F~<T$O!"(BLKM $B$r;H$C$F(B
$B<+J,FH<+$N(B bpf $B$b$7$/$O$=$NB>GA$-8+%G%P%$%9$rF0:nCf$N%+!<%M%k$K(B
$B%$%s%9%H!<%k$9$k$3$H$,2DG=$G$9!#(B
$B%b%8%e!<%k%m!<%@$r;H$&I,MW$,$J$$$N$G$"$l$P!"%+!<%M%k@_Dj$G(B
NO_LKM $B%*%W%7%g%s$r@_Dj$7$F$3$N5!G=$rL58z$K$7$F2<$5$$!#(B
.Pp
bpf $B%G%P%$%9$r30$7!"%b%8%e!<%k%m!<%@$rL58z$K$7$F$b!"(B/dev/mem $B$H(B /dev/kmem
$B$H$$$&G:$_$N<o$,$^$@;D$C$F$$$^$9!#$3$NLdBj$K4X$7$F$O!"?/F~<T$O(B raw
$B%G%P%$%9$K=q$-9~$`$3$H$b$G$-$^$9!#$3$NLdBj$rHr$1$k$?$a!"%7%9%F%`4IM}<T$O(B
$B%+!<%M%k$r$h$j9b$$0BA4%l%Y%k(B
.Pq securelevel
$B!">/$J$/$H$b0BA4%l%Y%k(B 1 $B$G<B9T$5$;$kI,MW$,$"$j$^$9!#(B
sysctl $B$r;H$C$F(B kern.securelevel $BJQ?t$K0BA4%l%Y%k$r@_Dj$9$k$3$H$,(B
$B$G$-$^$9!#$R$H$?$S0BA4%l%Y%k$K(B 1 $B$r@_Dj$9$k$H!"(B
raw $B%G%P%$%9$KBP$9$k=q$-9~$_%"%/%;%9$O5qH]$5$l!"Nc$($P(B
.Sq schg
$B$N$h$&$J(B
$BFCJL$J(B chflags $B%U%i%0$,8z2L$rH/4x$7$^$9!#$3$l$K2C$($F!"(B
$B5/F0$K$*$$$F=EMW$J%P%$%J%j!&%G%#%l%/%H%j!&%9%/%j%W%H%U%!%$%k$J$I!"(B
$B0BA4%l%Y%k$,@_Dj$5$l$k$^$G$N4V$K<B9T$5$l$k$b$N$9$Y$F$KBP$7$F$b(B
.Sq schg
$B%U%i%0$r3N<B$K(B on $B$K$7$F$*$/I,MW$,$"$j$^$9!#$3$N@_Dj$r$d$j2a$.$F$b(B
$B9=$$$^$;$s$,!"$h$j9b$$0BA4%l%Y%k$GF0:n$7$F$$$k>l9g!"%7%9%F%`$N(B
$B%"%C%W%0%l!<%I$,$O$k$+$K:$Fq$K$J$j$^$9!#%7%9%F%`$r$h$j9b$$0BA4%l%Y%k$G(B
$B<B9T$5$;$k$h$&$K$9$k$,!"$*E7F;$5$^$N2<$K$"$k$9$Y$F$N%7%9%F%`%U%!%$%k$H(B
$B%G%#%l%/%H%j$K(B schg $B%U%i%0$r@_Dj$7$J$$$H$$$&BE6($r$9$kJ}K!$b$"$j$^$9!#(B
.Sh $B%U%!%$%k$N40A4@-$N%A%'%C%/(B: $B%P%$%J%j!"@_Dj%U%!%$%k$J$I(B
.Pp
$B$3$H$3$3$K;j$k$H%7%9%F%`4IM}<T$K$G$-$k$3$H$O!"(B
$BJXMxEY$,$=$N=9$$F,$r>e$2$J$$DxEY$K!"(B
$B%3%"%7%9%F%`$N@_Dj(B / $B@)8f%U%!%$%k$rKI8f$9$k$3$H$@$1$G$9!#(B
$B%;%-%e%j%F%#$N%?%^%M%.$N:G8e$NAX$O$*$=$i$/:G$b=EMW$J$b$N!"$9$J$o$AC5CN$G$9!#(B
.Pp
$B%7%9%F%`%U%!%$%k$N40A4@-$r%A%'%C%/$9$kM#0l$N@5$7$$J}K!$O!"JL$N!"$h$j0BA4$J(B
$B%7%9%F%`7PM3$G9T$J$&J}K!$@$1$G$9!#(B
.Sq $B0BA4(B
$B$J%7%9%F%`$r=`Hw$9$k$3$H$OHf3SE*(B
$BMF0W$G$9!#C1$K!"%5!<%S%9$r0l@Z<B9T$7$J$$$h$&$K$9$k$@$1$G$9!#0BA4$J%7%9%F%`(B
$B$rMQ$$$F!"(Bssh $B7PM3$GB>$N%7%9%F%`$N(B root $B6u4V$K%"%/%;%9$7$^$9!#$3$l$O(B
$B%;%-%e%j%F%#$NKvC<$N$h$&$K8+$($k$+$b$7$l$^$;$s!#$7$+$7!"4IM}<T$K$O?.Mj$r(B
$B$I$3$+$KCV$/I,MW$,$"$j$^$9!#$$$-$"$?$j$P$C$?$j$G%5!<%P%W%m%;%9$r(B
$B<B9T$9$k$h$&$JGO</$2$?$3$H$r$7$J$$8B$j$O!"0BA4EY$N9b$$%^%7%s$r9=C[$9$k(B
$B$3$H$OK\Ev$K2DG=$G$9!#$3$3$G(B
.Sq $B0BA4(B
$B$H$$$&>l9g!"J*M}%"%/%;%9$KBP$9$k(B
$B%;%-%e%j%F%#$r$b4^$a$F2>Dj$7$F$$$k$3$H$O$b$A$m$s$G$9!#0BA4$J%^%7%s$G!"(B
$BB>$N$9$Y$F$N%^%7%s$K(B root $B$N%"%/%;%98"8B$r;}$D$b$N$,F@$i$l$k$H!"(B
$B!V0BA4$J%^%7%s$N>e$G!W%7%9%F%`$NB>$N%^%7%s$r%A%'%C%/$9$k(B
$B%;%-%e%j%F%#%9%/%j%W%H$r=q$/$3$H$,$G$-$k$h$&$K$J$j$^$9!#(B
$B:G$bIaDL$N%A%'%C%/J}K!$O!"%;%-%e%j%F%#%9%/%j%W%H$G!"(B
$B$^$:!"(Bfind $B$H(B md5 $B$N%P%$%J%j%U%!%$%k$r%j%b!<%H%^%7%s$K(B
.Xr scp 1
$B$7$F$+$i!"(B
$B%j%b!<%H%7%9%F%`$N$9$Y$F$N%U%!%$%k(B
.Pq $B$b$7$/$O!">/$J$/$H$b(B /, /var, /usr $B%Q!<%F%#%7%g%s(B!
$B$KBP$7$F(B md5 $B$rE,MQ$9$k%7%'%k%3%^%s%I$r(B
ssh $B$r;H$C$F%j%b!<%H%^%7%s$G<B9T$9$k$b$N$G$9!#(B
$B0BA4$J%^%7%s$O!"%A%'%C%/7k2L$r%U%!%$%k$K%3%T!<$7!"A02s$N%A%'%C%/7k2L$H(B
diff $B$r<h$j(B
.Pq $B$^$?$O!"0BA4$J%^%7%s<+?H$N%P%$%J%j$HHf3S$9$k(B
$B0c$$$r(B
$BKhF|$N%l%]!<%H$H$7$F%9%?%C%U%a%s%P$R$H$j$R$H$j$K%a!<%k$rAw$j$^$9!#(B
.Pp
$B$3$N<o$N%A%'%C%/$r9T$J$&$b$&0l$D$NJ}K!$H$7$F!"0BA4$J%^%7%s$KBP$7$F!"(B
$BB>$N%^%7%s$N<g$J%U%!%$%k%7%9%F%`$r(B NFS export $B$9$kJ}K!$,$"$j$^$9!#(B
$B$3$N$d$jJ}$O$$$/$i$+%M%C%H%o!<%/$KIi2Y$r3]$1$k$3$H$K$J$j$^$9$,!"(B
$B?/F~<T$,%A%'%C%/$rC5CN$7$?$j56B$$7$?$j$9$k$3$H$O!"(B
$B;v<B>eIT2DG=$K$J$j$^$9!#(B
.Pp
$BM%$l$?%;%-%e%j%F%#%9%/%j%W%H$O!"0lHL%f!<%6$d%9%?%C%U%a%s%P$N%"%/%;%9@)8f(B
$B%U%!%$%k(B: .rhosts, .shosts, .ssh/authorized_keys $B$J$I!"(BMD5 $B$G$N@::Y$J(B
$B%A%'%C%/$+$i1L$l$=$&$J%U%!%$%k$NJQ99$r%A%'%C%/$7$^$9!#(B
.Pp
$BM%$l$?%;%-%e%j%F%#%9%/%j%W%H$O!"$9$Y$F$N%U%!%$%k%7%9%F%`>e$G(B suid/sgid
$B%P%$%J%j$KBP$7$F%A%'%C%/$r9T$J$$!"A02s$N%A%'%C%/7k2L$b$7$/$O2?$i$+$N(B
$B4p=`(B
.Pq "$BNc$($P!"4p=`$r=5(B 1 $B2s$K$9$k(B"
$B$+$i$N:9J,$@$1$G$J$/!"(B
$B$=$l$i$NB8:_$=$N$b$N$rJs9p$9$k$b$N$G$9!#(B
.Sq nosuid
$B%*%W%7%g%s$r(B
fstab/mount $B$G;XDj$9$k$3$H$G!"$"$k%U%!%$%k%7%9%F%`>e$N(B suid/sgid
$B%P%$%J%j$N<B9T5!G=$r%*%U$K$9$k$3$H$,$G$-$^$9$,!"(Broot $B$K$h$k$3$l$i$N(B
$B<B9T$r%*%U$K$9$k$3$H$O$G$-$^$;$s!#$5$i$K!"(Broot $B8"8B$rGK$C$?<T$OC/$G$b(B
$B<+J,<+?H$GMQ0U$7$?%P%$%J%j$r%$%s%9%H!<%k$9$k$3$H$@$C$F$G$-$^$9!#(B
$B$7$+$7$J$,$i!"%f!<%6$N%G%#%9%/6u4V$rBgNL$K;}$D>l9g!"(B
$B%f!<%6%Q!<%F%#%7%g%s$G(B suid $B%P%$%J%j$H%G%P%$%9(B
.Po
.Sq nodev
$B%*%W%7%g%s(B
.Pc
$B$rIT5v2D$K$7$F$*$-!"%9%-%c%s$7$J$$$G:Q$^$;$k$3$H$bM-1W$+$b$7$l$^$;$s!#(B
$B$=$l$G$b!";d$J$i$P!">/$J$/$H$b=5$K(B 1 $B2s$O%9%-%c%s$9$k(B
$B$G$7$g$&!#$H$$$&$N$O!"%?%^%M%.$N$3$NAX$NL\E*$O?/F~$N8!CN$@$+$i$G$9!#(B
.Pp
$B%W%m%;%9%"%+%&%s%F%#%s%0(B
.Po
.Xr accton 1
$B;2>H(B
.Pc
$B$O!"?/F~8e$NI>2A$N;EAH$_$H$7$FMxMQ$r$*4+$a$9$k!"(B
$BHf3SE*%*!<%P%X%C%I$NDc$$%*%Z%l!<%F%#%s%0%7%9%F%`$N5!G=$G$9!#(B
$B?/F~$r<u$1$?8e$G$bEv3:%U%!%$%k$,L5=}$G$"$k$H$9$k$J$i!"(B
$B?/F~<T$,<B:]$N$H$3$m$I$N$h$&$K$7$F%7%9%F%`$N(B root $B$rGK$C$?$+$r(B
$BDI@W$9$k$N$K:]$7$FFC$KM-1W$G$9!#(B
.Pp
$B:G8e$K!"%;%-%e%j%F%#%9%/%j%W%H$O%m%0%U%!%$%k$r=hM}$9$k$h$&$K$7$F!"(B
$B%m%0%U%!%$%k<+BN$O$G$-$k$@$10BA4@-$N9b$$J}K!$G(B
($B%j%b!<%H(B syslog $B$O6K$a$FM-1W$K$J$jF@$^$9(B)
$B@8@.$9$k$h$&$K$9$Y$-$G$9!#?/F~<T$O<+J,$N?/F~$N:/@W$rJ$$$1#$=$&(B
$B$H$7$^$9$7!"%m%0%U%!%$%k$O%7%9%F%`4IM}<T$,:G=i$N?/F~$N;~9o$HJ}K!$r(B
$BDI@W$7$F$f$/$?$a$K6K$a$F=EMW$G$9!#(B
.Sh $BJP<968E*J}K!(B
.Pp
$BB?>/JP<968E*$K$J$C$F$b7h$7$F0-$$$3$H$K$O$J$j$^$;$s!#86B'E*$K!"(B
$B%7%9%F%`4IM}<T$O!"JXMx$5$K1F6A$rM?$($J$$HO0O$G$$$/$D$G$b%;%-%e%j%F%#(B
$B5!G=$rDI2C$9$k$3$H$,$G$-$^$9!#$^$?!"$$$/$i$+9MN8$7$?7k2L!"JXMx$5$K(B
$B1F6A$rM?$($k%;%-%e%j%F%#5!G=$rDI2C$9$k$3$H$b$G$-$^$9!#(B
.Sh $B%5!<%S%9ITG=967b(B (D.O.S attack) $B$K$D$$$F$NFC5-;v9`(B
.Pp
$B$3$N%;%/%7%g%s$G$O%5!<%S%9ITG=967b$r07$$$^$9!#%5!<%S%9ITG=967b$O!"IaDL$O!"(B
$B%Q%1%C%H967b$G$9!#%M%C%H%o!<%/$rK0OB$5$;$k:G@hC<$N56B$%Q%1%C%H(B
.Pq spoofed packet
$B967b$KBP$7$F%7%9%F%`4IM}<T$,BG$F$k<j$O$=$l$[$IB?$/(B
$B$"$j$^$;$s$,!"0lHLE*$K!"$=$N<o$N967b$,%5!<%P$r%@%&%s$5$;$J$$$3$H$r(B
$B3N<B$K$9$k$3$H$G!"Ho32$r@)8B$9$k$3$H$O$G$-$^$9!#(B
.Bl -enum -offset indent
.It
$B%5!<%P$N(B fork $B$N@)8B(B
.It
$BF'$_Bf967b$N@)8B(B 
.Pq ICMP $B1~Ez967b!"(Bping broadcast $B$J$I(B
.It
$B%+!<%M%k$N7PO)>pJs$N%-%c%C%7%e(B
.El
.Pp
$BIaDL$K8+$i$l$k%5!<%S%9ITG=967b$K!"(Bfork $B$9$k%5!<%P%W%m%;%9$KBP$9$k(B
$B$b$N$,$"$j$^$9!#$3$l$O!"%5!<%P$K%W%m%;%9!&%U%!%$%k5-=R;R!&%a%b%j$r(B
$B?)$$?T$/$5$;$F!"%^%7%s$r;&$=$&$H$9$k$b$N$G$9!#(B
inetd
.Po
.Xr inetd 8
$B;2>H(B
.Pc
$B$K$O!"$3$N<o$N967b$r@)8B$9$k%*%W%7%g%s$,$$$/$D$+$"$j$^$9!#%^%7%s$,(B
$B%@%&%s$9$k$3$H$rKI;_$9$k$3$H$O2DG=$G$9$,!"$3$N<o$N967b$K$h$j%5!<%S%9$,(B
$BJx2u$9$k$3$H$rKI;_$9$k$3$H$O0lHLE*$K2DG=$H$O8B$i$J$$$3$H$KCm0U$9$kI,MW$,(B
$B$"$j$^$9!#(Binetd $B$N%^%K%e%"%k%Z!<%8$rCm0U?<$/FI$s$G2<$5$$!#$H$/$K!"(B
.Fl c ,
.Fl C ,
.Fl R
$B%*%W%7%g%s$KCm0U$7$F2<$5$$!#(BIP $B56B$967b(B
.Pq spoofed-IP attack
$B$O(B inetd $B$N(B 
.Fl C
$B%*%W%7%g%s$r=P$7H4$/$N$G!"IaDL$O%*%W%7%g%s$r(B
$BAH$_9g$o$;$F;HMQ$9$k$Y$-$G$"$k$3$H$KCm0U$7$F2<$5$$!#%9%?%s%I%"%m%s%5!<%P(B
$B$N$$$/$D$+$O!"<+8J$N(B fork $B>e8B$N%Q%i%a!<%?$r;}$C$F$$$^$9!#(B
.Pp
sendmail $B$K$O!"(B
.Fl OMaxDaemonChildren
$B%*%W%7%g%s$,$"$j$^$9!#Ii2Y$K$OCY$l$,$"$k$N$G!"(B
sendmail $B$NIi2Y$K8B3&$r@_$1$k%*%W%7%g%s$r;H$&$h$j$b!"(B
$B$3$N%*%W%7%g%s$r;H$&J}$,$^$H$b$KF0:n$9$k2DG=@-$O$O$k$+$K9b$$$G$9!#(B
sendmail $B$N<B9T$r3+;O$9$k:]$K!"(B
.Cm MaxDaemonChildren
$B%Q%i%a!<%?$r@_Dj$9$k$Y$-$G$9!#$=$NCM$O!"(B
$BDL>o8+9~$^$l$kIi2Y$r07$($kDxEY$K==J,9b$$$,!"(B
$B$=$l$@$1$N?t$N(B sendmail $B$rA`:n$7$h$&$H$9$k$H(B
$B%^%7%s$,B4E]$7$F$7$^$&$[$I$K$O9b$/$J$$$h$&$JCM$K@_Dj$9$k$Y$-$G$9!#(B
sendmail $B$r%-%e!<=hM}%b!<%I(B 
.Pq Fl ODeliveryMode=queued
$B$G<B9T$9$k$3$H$d!"(B
$B%G!<%b%s(B
.Pq Cm sendmail -bd
$B$r%-%e!<=hM}MQ(B
.Pq Cm sendmail -q15m
$B$HJL$K<B9T$9$k$3$H$OMQ?4?<$$$3$H$H8@$($^$9!#$=$l$G$b$J$*%j%"%k%?%$%`$G$N(B
$BG[Aw$rK>$`$N$G$"$l$P!"(B
.Fl q1m
$B$N$h$&$K!"%-%e!<=hM}$r$O$k$+$KC;$$;~4V4V3V$G(B
$B9T$J$&$3$H$,$G$-$^$9!#$$$:$l$K$7$F$b!"(B
.Cm MaxDaemonChildren
$B%*%W%7%g%s$K(B
$B9gM}E*$JCM$r3N<B$K;XDj$7$F!"(Bsendmail $B$,$J$@$l$r$&$C$F<:GT$9$k$3$H$,(B
$B$J$$$h$&$K$7$F2<$5$$!#(B
.Pp
syslogd $B$OD>@\967b$5$l$k2DG=@-$,$"$k$N$G!"2DG=$J$i$P(B
.Fl s
$B%*%W%7%g%s$rMQ$$$k$3$H$r6/$/?d>)$7$^$9!#$3$l$,$G$-$J$$$J$i!"(B
.Fl a
$B%*%W%7%g%s$r;H$C$F2<$5$$!#(B
.Pp
tcpwrapper $B$N5U(B identd $B$J$I$N@\B3JV$7(B
.Pq connect-back
$B$r9T$J$&%5!<%S%9$K(B
$B$D$$$F$O==J,Cm0U$rJ'$&$h$&$K$9$k$Y$-$G$9!#$3$l$i$OD>@\967b$r?)$i$&2DG=@-$,(B
$B$"$j$^$9!#$3$&$$$&;v>p$,$"$k$N$G!"(Btcpwrapper $B$N5U(B ident $B5!G=$r;H$*$&$H$O(B
$B;W$o$J$$$N$,0lHLE*$J$H$3$m$G$9!#(B
.Pp
$B6-3&%k!<%?$N$H$3$m$G%U%!%$%"%&%)!<%k$r@_$1$F!"30It$+$i$N%"%/%;%9$KBP$7$F(B
$BFbIt%5!<%S%9$rKI8f$9$k$3$H$O<B$K$h$$9M$($G$9!#$3$N9M$(J}$O!"(BLAN $B$N30(B
$B$+$i$NK0OB967b$rKI$0$3$H$K$"$j!"(Broot $B$+$i$N%M%C%H%o!<%/%Y!<%9$N(B root 
$B8"8B$X$N967b$+$iFbIt%5!<%S%9$rKI8f$9$k$3$H$K!"$"$^$j9MN8$rJ'$C$F(B
$B$$$^$;$s!#%U%!%$%"%&%)!<%k$O>o$KGSB>E*$K@_Dj$7$F2<$5$$!#$D$^$j!"(B
$B!V%]!<%H(B A, B, C, D $B$H(B M $B$+$i(B Z $B$^$G(B
.Eo *
$B0J30(B
.Ec *
$B$N$9$Y$F$KKI2PJI$r@_$1$k!W$H$$$&$U$&$K$G$9!#(B
$B$3$N$h$&$K$9$k$3$H$G!"(Bnamed
.Pq $B$=$3$,%>!<%s$N%W%i%$%^%j$G$"$k>l9g(B ,
ntalkd, sendmail $B$J$I!"%$%s%?!<%M%C%H$K%"%/%;%9$rDs6!$9$k%5!<%S%9(B
$B$H$7$FFC$K;XDj$9$k$b$N0J30$N!"$9$Y$F$NDc$a$N%]!<%H$r%U%!%$%"%&%)!<%k$G(B
$BDd;_$9$k$3$H$,$G$-$^$9!#%U%!%$%"%&%)!<%k$r$3$NB>$N$d$jJ}!"$D$^$j(B
$BJq4^E*$b$7$/$O<uMFE*$J%U%!%$%"%&%)!<%k$H$7$F@_Dj$7$h$&$H$9$k>l9g!"(B
$B$$$/$D$+$N%5!<%S%9$r(B
.Sq close
$B$9$k$3$H$rK:$l$?$j!"?7$7$$FbIt%5!<%S%9$r(B
$BDI2C$7$F%U%!%$%"%&%)!<%k$N99?7$rK:$l$?$j$9$k$3$H$O$h$/$"$j$^$9!#(B
$B%U%!%$%"%&%)!<%k$N9b$a$NHO0O$N%]!<%H$r3+$1$F$*$$$F!"Dc$a$N%]!<%H$r(B
$B4m81$K;/$9$3$H$J$/<uMFE*$JF0:n$r5v$9$3$H$,$G$-$^$9!#(B
.Bx Free
$B$G$O!"(Bnet.inet.ip.portrange $B$X$N(B sysctl
.Pq sysctl -a \&| fgrep portrange ,
$B$r$$$m$$$m;HMQ$9$k$3$H$G!"(B
$BF0E*%P%$%s%I$K;HMQ$5$l$k%]!<%HHV9f$NHO0O$r@)8f$G$-$k$3$H$r5-21$K$H$I$a$F(B
$B$*$$$F2<$5$$!#$3$l$K$h$j%U%!%$%"%&%)!<%k$N@_Dj$NJ#;(@-$r4KOB$G$-$^$9!#(B
$B;d$O!"%U%!%$%"%&%)!<%k$KDL>o$NHO0O$H$7$F!"(Bfirst/last $B$,(B 4000 $B$+$i(B 5000 $B$r!"(B
$B9b0L%]!<%H$NHO0O$H$7$F!"(B49152 $B$+$i(B 65535 $B$r;HMQ$7$F$$$^$9!#$5$i$K!"(B
.Pq $B$$$/$D$+$N%$%s%?!<%M%C%H%"%/%;%92DG=$J%]!<%H$r=|$/$N$O$b$A$m$s$G$9$,(B
4000 $B$h$j2<$N$9$Y$F$r%V%m%C%/$7$F$$$^$9!#(B
.Pp
$B$^$?JL$N$"$j$U$l$?%5!<%S%9ITG=967b$H$7$F!"F'$_Bf967b(B
.Pq springboard attack
$B$H8F$P$l$k$b$N$,$"$j$^$9!#$3$l$O!"%5!<%P$,<+J,<+?H!"%m!<%+%k%M%C%H%o!<%/!"(B
$BB>$N%^%7%s$r2aIi2Y$KDI$$9~$`$h$&$J1~Ez$r@8@.$5$;$kJ}K!$G%5!<%P$r(B
$B967b$7$^$9!#$3$N<o$N967b$NCf$G:G$b$"$j$U$l$?$b$N$O!"(BICMP PING BROADCAST
$B967b$,$"$j$^$9!#967b<T$O!"<B:]$K967b$7$?$$%^%7%s$N%"%I%l%9$r%=!<%9(B
$B%"%I%l%9$K@_Dj$7$?(B ping $B%Q%1%C%H$r56B$$7$F!"BP>]$N(B LAN $B$N(B
$B%V%m!<%I%-%c%9%H%"%I%l%9$KBP$7$FAw?.$7$^$9!#6-3&$K$"$k%k!<%?$,(B
$B%V%m!<%I%-%c%9%H%"%I%l%9$KBP$9$k(B ping $B$r0.$jDY$9$h$&$K@_Dj$5$l$F$$$J$$(B
$B>l9g!"5>@7<T$rK0OB$5$;$k$N$K==J,$J1~Ez$,!":>>N$5$l$?%=!<%9%"%I%l%9$K(B
$BBP$7$F@8@.$5$l!"(BLAN $B$KMr$,$^$-5/$3$j$^$9!#967b<T$,F1$8%H%j%C%/$r(B
$BB?$/$N0[$J$k%M%C%H%o!<%/$K$^$?$,$kB?$/$N%V%m!<%I%-%c%9%H(B
$B%"%I%l%9$KBP$7$FF1;~$K;HMQ$7$?>l9g!"$H$/$K$R$I$$$3$H$K$J$j$^$9!#(B
$B$3$l$^$G$K!"(B120 $B%a%,%S%C%H0J>e$N%V%m!<%I%-%c%9%H967b$,4QB,$5$l$F$$$^$9!#(B
2 $BHVL\$NF'$_Bf967b$O!"(BICMP $B%(%i!<Js9p$N;E3]$1$rA@$&$b$N$G$9!#(BICMP $B%(%i!<(B
$B1~Ez$r@8@.$9$k%Q%1%C%H$r@8@.$9$k$3$H$K$h$j!"967b<T$O%5!<%P$N(B
$B<u?.%M%C%H%o!<%/$rK0OB$5$;$k$3$H$,$G$-!"F1;~$K!"%5!<%P$,Aw?.(B
$B%M%C%H%o!<%/$r(B ICMP $B1~Ez$GK0OB$5$;$k$h$&$K$9$k$3$H$,$G$-$^$9!#(B
mbuf $B$r>CHq$7?T$/$5$;$k$3$H$K$h$j!"$3$N<o$N967b$G%5!<%P$r(B
$B%/%i%C%7%e$5$;$k$3$H$b2DG=$G$9!#%5!<%P$N(B ICMP $B1~Ez@8@.$,B.2a$.$F!"(B
ICMP $B1~Ez$rAw?.$7?T$/$9$3$H$,$G$-$J$$>l9g!"$H$/$K$R$I$$$3$H$K$J$j$^$9!#(B
.Bx Free
$B%+!<%M%k$K$O!"$3$N<o$N967b$N8z2L$rM^@)$9$k(B ICMP_BANDLIM $B$H(B
$B8F$P$l$k?7$7$$%3%s%Q%$%k%*%W%7%g%s$,$"$j$^$9!#(B
3$B$D$a$N<gMW$J%/%i%9$KB0$9F'$_Bf967b$O!"(Budp echo $B%5!<%S%9$N$h$&$K(B
$B$"$k<o$NFbIt(B inetd $B%5!<%S%9$K4XO"$9$k$b$N$G$9!#967b<T$OC1$K(B
$B%=!<%9%"%I%l%9$,%5!<%P(B A $B$N(B echo $B%]!<%H$G$"$j!"%G%#%9%F%#%M!<%7%g%s(B
$B%"%I%l%9$,%5!<%P(B B $B$N(B echo $B%]!<%H$G$"$k$+$N$h$&$K(B UDP $B%Q%1%C%H$r(B
$B56B$$7$^$9!#$3$3$G%5!<%P(B A, B $B$O$H$b$K<+J,$N(B LAN $B$K@\B3$5$l$F$$$^$9!#(B
$B$3$N(B 2 $B$D$N%5!<%P$O!"$3$N0l$D$N%Q%1%C%H$rN><T$N4V$G8_$$$KAj<j$KBP$7$F(B
$BBG$AJV$7$"$$$^$9!#$3$N$h$&$K$7$F$$$/$D$+$N%Q%1%C%H$rCmF~$9$k$3$H$G!"(B
$B967b<T$ON>J}$N%5!<%P$H(B LAN $B$r2aIi2Y>uBV$K$9$k$3$H$,$G$-$^$9!#(B
$BF1MM$NLdBj$,FbIt(B chargen $B%]!<%H$K$bB8:_$7$^$9!#M-G=$J%7%9%F%`4IM}<T$O(B
$B$3$N<j$N(B inetd $BFbIt%F%9%H%5!<%S%9$N$9$Y$F$rL58z$K$7$F$*$/$b$N$G$9!#(B
.Pp
$B56B$%Q%1%C%H967b$O!"%+!<%M%k$N7PO)>pJs%-%c%C%7%e$K2aIi2Y$r@8$8$5$;$k$?$a$K(B
$BMQ$$$i$l$k$3$H$b$"$j$^$9!#(Bnet.inet.ip.rtexpire, rtminexpire, rtmaxcache
$B$N(B sysctl $B%Q%i%a!<%?$r;2>H$7$F2<$5$$!#$G$?$i$a$J%=!<%9(B IP $B$rMQ$$$?(B
$B$3$N56B$%Q%1%C%H967b$K$h$j!"%+!<%M%k$O!"0l;~E*$J%-%c%C%7%e7PO)$r(B
$B7PO)>pJs%F!<%V%k$K@8@.$7$^$9!#$3$l$O(B
.Sq netstat -rna \&| fgrep W3
$B$G8+$k$3$H$,$G$-$^$9!#$3$l$i$N7PO)$O!"IaDL$O(B 1600 $BICDxEY$G%?%$%`%"%&%H$K(B
$B$J$j$^$9!#%+!<%M%k$,%-%c%C%7%e7PO)%F!<%V%k$,Bg$-$/$J$j2a$.$?$3$H$r(B
$B8!CN$9$k$H!"%+!<%M%k$OF0E*$K(B rtexpire $B$r8:$i$7$^$9$,!"(Brtminexpire $B$h$j(B
$B>.$5$/$J$k$h$&$K$O7h$7$F8:$i$7$^$;$s!#$3$3$KLdBj$,(B 2 $B$D$"$j$^$9!#(B
(1) $BIi2Y$N7Z$$%5!<%P$,FMA3967b$5$l$?>l9g!"%+!<%M%k$,==J,AGAa$/H?1~(B
$B$7$J$$$3$H!#(B(2) $B%+!<%M%k$,967b$KBQ$(@8$-1d$S$i$l$k$[$I==J,(B
rtminexpire $B$,Dc$/$J$C$F$$$J$$$3$H!#<+J,$N%5!<%P$,(B T3 $B$b$7$/$O$=$l$h$j(B
$BNI<A$N2s@~$G%$%s%?!<%M%C%H$K@\B3$5$l$F$$$k>l9g!"(B
.Xr sysctl 8
$B$rMQ$$$F(B rtexpire $B$H(B rtminexpire $B$H$r<jF0$G>e=q$-$7$F$*$/$3$H$,;WN8?<$$$3$H(B
$B$H$$$($^$9!#(B
.Pq $B<+J,$N%^%7%s$r%/%i%C%7%e$5$;$?$/$J$$8B$j$O(B:-
$B$I$A$i$+$r(B 0 $B$K(B
$B$9$k$h$&$J$3$H$O7h$7$F$7$J$$$G2<$5$$!#N>%Q%i%a!<%?$r(B 2 $BIC$K@_Dj$9$l$P!"(B
$B967b$+$i7PO)>pJs%F!<%V%k$r<i$k$K$O==J,$G$7$g$&!#(B

.Sh $B4XO"9`L\(B
.Pp
.Xr accton 1 ,
.Xr chflags 1 ,
.Xr find 1 ,
.Xr kerberos 1 ,
.Xr md5 1 ,
.Xr ssh 1 ,
.Xr sshd 1 ,
.Xr syslogd 1 ,
.Xr xdm 1 ,
.Xr sysctl 8
.Sh $BNr;K(B
.Nm
$B%^%K%e%"%k%Z!<%8$O!"$b$H$b$H(B
.An Matthew Dillon
$B$K$h$C$F=q$+$l$^$7$?!#(B
$B:G=i$K8=$l$?$N$O!"(B
.Bx Free -3.0.1
$B$G(B 1998 $BG/(B 12 $B7n$N$3$H$G$9!#(B
.\" translated by Norihiro Kumagai, 98-12-29
