os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Spelling corrections :

Browse source 
transalates    -> translates
  indictes       -> indicates
  ficticious     -> fictitious
  sandox         -> sandbox
  priveleged     -> privileged
  unix           -> Unix
  versatily      -> (sentence reworded)
  inerface       -> interface
  internet       -> Internet
  appriate       -> appropriate
  Logictech      -> Logitech
  extetions      -> extensions
  occuring       -> ocurring
  keypair        -> key pair
  tunnelled      -> tunneled
  inializes      -> initializes
  ommitted       -> omitted
  seperate       -> separate
  unintelligable -> unintelligible
  signalling     -> signaling
  appearence     -> appearance
  descision      -> decision

Pointed out by: ispell(1)
This commit is contained in:
Murray Stokely 2001-06-21 17:21:01 +00:00
parent d7cec802c5
commit 88f3235bb0
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=9661
6 changed files with 47 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml
View file

@ -1,7 +1,7 @@
<!-- <!--
The FreeBSD Documentation Project The FreeBSD Documentation Project
$FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.43 2001/06/13 11:36:34 tom Exp $ $FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.44 2001/06/15 21:47:55 murray Exp $
--> -->
<chapter id="advanced-networking"> <chapter id="advanced-networking">
@ -2944,7 +2944,7 @@ dhcp_flags=""</programlisting>
<sect3> <sect3>
<title><filename>/etc/namedb/named.conf</filename></title> <title><filename>/etc/namedb/named.conf</filename></title>
<programlisting>// $FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.43 2001/06/13 11:36:34 tom Exp $ <programlisting>// $FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.44 2001/06/15 21:47:55 murray Exp $
// //
// Refer to the named(8) man page for details. If you are ever going // Refer to the named(8) man page for details. If you are ever going
// to setup a primary server, make sure you've understood the hairy // to setup a primary server, make sure you've understood the hairy
@ -3203,7 +3203,7 @@ foobardomain.org. IN SOA ns1.foobardomain.org. admin.foobardomain.org. (
This is an NS entry. Every nameserver that is going to reply This is an NS entry. Every nameserver that is going to reply
authoritatively for the zone must have one of these entries. authoritatively for the zone must have one of these entries.
The @ as seen here could have been 'foobardomain.org.' The @ The @ as seen here could have been 'foobardomain.org.' The @
transalates to the origin. translates to the origin.
</para> </para>
<programlisting> <programlisting>
@ -3236,7 +3236,7 @@ www IN CNAME @
</programlisting> </programlisting>
<para> <para>
The MX record indictes which mail servers are responsible The MX record indicates which mail servers are responsible
for handling incoming mail for the zone. for handling incoming mail for the zone.
mail.foobardomain.org is the hostname of the mail server, mail.foobardomain.org is the hostname of the mail server,
and 10 being the priority of that mailserver. and 10 being the priority of that mailserver.
@ -3272,7 +3272,7 @@ www IN CNAME @
30 IN PTR foobardomain.org.</programlisting> 30 IN PTR foobardomain.org.</programlisting>
<para> <para>
This file gives the proper IP to hostname mappings of our above This file gives the proper IP to hostname mappings of our above
ficticious domain. fictitious domain.
</para> </para>
</sect3> </sect3>
</sect2> </sect2>
@ -3295,14 +3295,14 @@ www IN CNAME @
</para> </para>
<para>For added security you may want to run &man.named.8; in a <para>For added security you may want to run &man.named.8; in a
sandox. This will reduce the potential damage should it be sandbox. This will reduce the potential damage should it be
compromised. If you include a sandbox directory in its command compromised. If you include a sandbox directory in its command
line, named will &man.chroot.8; line, named will &man.chroot.8;
into that directory immediately upon finishing processing its into that directory immediately upon finishing processing its
command line. It is also a good idea to have named run as a command line. It is also a good idea to have named run as a
non-priveleged user in the sandbox. The default FreeBSD install non-privileged user in the sandbox. The default FreeBSD install
contains a user bind with group bind. If we wanted the sandbox in contains a user bind with group bind. If we wanted the sandbox in
the <filename>/etc/namedb/sanbox</filename> directory the command the <filename>/etc/namedb/sandbox</filename> directory the command
line for named would look like this: line for named would look like this:
</para> </para>
<screen> &prompt.root; <userinput>/usr/sbin/named -u bind -g bind -t /etc/namedb/sandbox &lt;path_to_named.conf> </userinput> <screen> &prompt.root; <userinput>/usr/sbin/named -u bind -g bind -t /etc/namedb/sandbox &lt;path_to_named.conf> </userinput>
@ -3311,7 +3311,7 @@ www IN CNAME @
<para>The following steps should be taken in order to <para>The following steps should be taken in order to
successfully run named in a sandbox. Throughout the following successfully run named in a sandbox. Throughout the following
discussion we will assume the path to your sandbox is discussion we will assume the path to your sandbox is
<filename>/etc/namedb/sandox</filename> <filename>/etc/namedb/sandbox</filename>
</para> </para>
<itemizedlist> <itemizedlist>
@ -3357,13 +3357,13 @@ www IN CNAME @
<filename>sandbox/var/run</filename></para> <filename>sandbox/var/run</filename></para>
</listitem> </listitem>
<listitem> <listitem>
<para>The unix socket used for comunication by the &man.ndc.8; <para>The Unix socket used for communication by the &man.ndc.8;
utility will be created in utility will be created in
<filename>sandbox/var/run</filename></para> <filename>sandbox/var/run</filename></para>
</listitem> </listitem>
<listitem> <listitem>
<para>When using the ndc utility you need to specify the <para>When using the ndc utility you need to specify the
location of the unix socket created in the sandbox, by location of the Unix socket created in the sandbox, by
&man.named.8;, by using the -c switch: &man.named.8;, by using the -c switch:
<command>&prompt.root; ndc -c /etc/namedb/sandbox/var/run/ndc</command> <command>&prompt.root; ndc -c /etc/namedb/sandbox/var/run/ndc</command>
</para> </para>
@ -3452,14 +3452,14 @@ www IN CNAME @
</sect1> </sect1>
<sect1 id="natd"> <sect1 id="natd">
<title>Network Address Transalation daemon (natd)</title> <title>Network Address Translation daemon (natd)</title>
<para><emphasis>Contributed by &a.chern;, June 2001. <para><emphasis>Contributed by &a.chern;, June 2001.
</emphasis> </emphasis>
</para> </para>
<sect2 id="overview"> <sect2 id="overview">
<title>Overview</title> <title>Overview</title>
<para>FreeBSD's Network Address Transalation daemon, commonly known as <para>FreeBSD's Network Address Translation daemon, commonly known as
&man.natd.8; is a daemon that accepts incoming raw IP packets, &man.natd.8; is a daemon that accepts incoming raw IP packets,
changes the source to the local machine and re-injects these packets changes the source to the local machine and re-injects these packets
back into the outgoing IP packet stream. natd does this by changing back into the outgoing IP packet stream. natd does this by changing
@ -3602,10 +3602,10 @@ natd_flags=""</programlisting>
LAN client machines. LAN client machines.
</para> </para>
<para>The -redirect_port argument can be used more versatily to indicate <para>The -redirect_port argument can be used to indicate port
port ranges over individual ports. For example, ranges over individual ports. For example, <replaceable>tcp
<replaceable>tcp 192.168.0.2:2000-3000 2000-3000</replaceable> would 192.168.0.2:2000-3000 2000-3000</replaceable> would redirect
redirect all connections received on ports 2000 to 3000 to ports 2000 all connections received on ports 2000 to 3000 to ports 2000
to 3000 on Client A.</para> to 3000 on Client A.</para>
<para>These options can be used when directly running <para>These options can be used when directly running
@ -3658,7 +3658,7 @@ natd_flags=""</programlisting>
received on a particular ip address is redirected.</para> received on a particular ip address is redirected.</para>
<para>The external ips on the natd machine must be active and aliased <para>The external ips on the natd machine must be active and aliased
to the external inerface. Look at &man.rc.conf.5; to do so.</para> to the external interface. Look at &man.rc.conf.5; to do so.</para>
</sect2> </sect2>
</sect1> </sect1>

6
en_US.ISO8859-1/books/handbook/disks/chapter.sgml
View file

@ -1,7 +1,7 @@
<!-- <!--
The FreeBSD Documentation Project The FreeBSD Documentation Project
$FreeBSD: doc/en_US.ISO8859-1/books/handbook/disks/chapter.sgml,v 1.27 2001/04/21 23:14:53 dd Exp $ $FreeBSD: doc/en_US.ISO8859-1/books/handbook/disks/chapter.sgml,v 1.28 2001/06/16 16:17:28 dannyboy Exp $
--> -->
<chapter id="disks"> <chapter id="disks">
@ -77,7 +77,7 @@
newer version of FreeBSD. Bill removes SCSI unit zero because it was newer version of FreeBSD. Bill removes SCSI unit zero because it was
a bit flaky, and replaces it with another identical disk drive from a bit flaky, and replaces it with another identical disk drive from
the "archive." Bill then installs the new version of FreeBSD onto the the "archive." Bill then installs the new version of FreeBSD onto the
new SCSI unit zero using Fred's magic internet FTP floppies. The new SCSI unit zero using Fred's magic Internet FTP floppies. The
installation goes well.</para> installation goes well.</para>
<para>Fred uses the new version of FreeBSD for a few days, and certifies <para>Fred uses the new version of FreeBSD for a few days, and certifies
@ -1052,7 +1052,7 @@ scsibus1:
devices on the list. Locate your CD burner, and use the three devices on the list. Locate your CD burner, and use the three
numbers separated by commas as the value for numbers separated by commas as the value for
<option>dev</option>. In this case, the CRW device is 1,5,0, so the <option>dev</option>. In this case, the CRW device is 1,5,0, so the
appriate input would be appropriate input would be
<userinput><option>dev</option>=1,5,0</userinput>. There are easier <userinput><option>dev</option>=1,5,0</userinput>. There are easier
ways to specify this value; see &man.cdrecord.1; for ways to specify this value; see &man.cdrecord.1; for
details. That is also the place to look for information on writing details. That is also the place to look for information on writing

4
en_US.ISO8859-1/books/handbook/install/chapter.sgml
View file

@ -1,7 +1,7 @@
<!-- <!--
The FreeBSD Documentation Project The FreeBSD Documentation Project
$FreeBSD: doc/en_US.ISO_8859-1/books/handbook/install/chapter.sgml,v 1.67 2001/05/16 23:15:50 murray Exp $ $FreeBSD: doc/en_US.ISO8859-1/books/handbook/install/chapter.sgml,v 1.68 2001/05/17 23:15:54 murray Exp $
--> -->
<chapter id="install"> <chapter id="install">
@ -1274,7 +1274,7 @@
</listitem> </listitem>
<listitem> <listitem>
<para>Logictech wheel mouse (3 buttons)</para> <para>Logitech wheel mouse (3 buttons)</para>
</listitem> </listitem>
<listitem> <listitem>

4
en_US.ISO8859-1/books/handbook/kernelconfig/chapter.sgml
View file

@ -1,7 +1,7 @@
<!-- <!--
The FreeBSD Documentation Project The FreeBSD Documentation Project
$FreeBSD: doc/en_US.ISO_8859-1/books/handbook/kernelconfig/chapter.sgml,v 1.41 2001/04/25 15:22:44 jim Exp $ $FreeBSD: doc/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.sgml,v 1.42 2001/06/06 20:39:25 chris Exp $
--> -->
<chapter id="kernelconfig"> <chapter id="kernelconfig">
@ -498,7 +498,7 @@ options CD9660_ROOT #CD-ROM usable as root, CD9660 required</programli
these System V facilities.</para> these System V facilities.</para>
</note> </note>
<programlisting>options P1003_1B #Posix P1003_1B real-time extentions <programlisting>options P1003_1B #Posix P1003_1B real-time extensions
options _KPOSIX_PRIORITY_SCHEDULING</programlisting> options _KPOSIX_PRIORITY_SCHEDULING</programlisting>
<para>Real-time extensions added in the 1993 POSIX. Certain <para>Real-time extensions added in the 1993 POSIX. Certain

30
en_US.ISO8859-1/books/handbook/security/chapter.sgml
View file

@ -1,7 +1,7 @@
<!-- <!--
The FreeBSD Documentation Project The FreeBSD Documentation Project
$FreeBSD: doc/en_US.ISO8859-1/books/handbook/security/chapter.sgml,v 1.47 2001/06/11 01:16:52 ache Exp $ $FreeBSD: doc/en_US.ISO8859-1/books/handbook/security/chapter.sgml,v 1.48 2001/06/15 22:23:06 murray Exp $
--> -->
<chapter id="security"> <chapter id="security">
@ -87,9 +87,9 @@
the servers incur on the system under adverse conditions. the servers incur on the system under adverse conditions.
Brute-force network attacks are harder to deal with. A Brute-force network attacks are harder to deal with. A
spoofed-packet attack, for example, is nearly impossible to stop spoofed-packet attack, for example, is nearly impossible to stop
short of cutting your system off from the internet. It may not be short of cutting your system off from the Internet. It may not be
able to take your machine down, but it can fill up internet able to take your machine down, but it can saturate your
pipe.</para> Internet connection.</para>
<para>A user account compromise is even more common then a D.O.S. <para>A user account compromise is even more common then a D.O.S.
attack. Many sysadmins still run standard telnetd, rlogind, rshd, attack. Many sysadmins still run standard telnetd, rlogind, rshd,
@ -243,7 +243,7 @@
<programlisting>foobar:*:1000:1000::0:0:Foo Bar:/home/foobar:/usr/local/bin/tcsh</programlisting> <programlisting>foobar:*:1000:1000::0:0:Foo Bar:/home/foobar:/usr/local/bin/tcsh</programlisting>
<para>This change will prevent normal logins from occuring, <para>This change will prevent normal logins from occurring,
since the encrypted password will never match since the encrypted password will never match
<literal>*</literal>. With this done, staff members must use <literal>*</literal>. With this done, staff members must use
another mechanism to authenticate themselves such as another mechanism to authenticate themselves such as
@ -254,7 +254,7 @@
with <application>ssh</application>, one must generally secure with <application>ssh</application>, one must generally secure
the machine used to login <emphasis>from</emphasis> (typically the machine used to login <emphasis>from</emphasis> (typically
one's workstation). An additional layer of protection can be one's workstation). An additional layer of protection can be
added to the key pair by password protecting the keypair when added to the key pair by password protecting the key pair when
creating it with &man.ssh-keygen.1;. Being able to creating it with &man.ssh-keygen.1;. Being able to
<literal>*</literal> out the passwords for staff accounts also <literal>*</literal> out the passwords for staff accounts also
guarantees that staff members can only login through secure guarantees that staff members can only login through secure
@ -469,7 +469,7 @@
have to give the limited-access box significant access to the have to give the limited-access box significant access to the
other machines in the business, usually either by doing a other machines in the business, usually either by doing a
read-only NFS export of the other machines to the limited-access read-only NFS export of the other machines to the limited-access
box, or by setting up <application>ssh</application> keypairs to box, or by setting up <application>ssh</application> key-pairs to
allow the limit-access box to <application>ssh</application> to allow the limit-access box to <application>ssh</application> to
the other machines. Except for its network traffic, NFS is the the other machines. Except for its network traffic, NFS is the
least visible method &ndash; allowing you to monitor the least visible method &ndash; allowing you to monitor the
@ -630,7 +630,7 @@
low ports except for certain specific services such as low ports except for certain specific services such as
<application>named</application> (if you are primary for a zone), <application>named</application> (if you are primary for a zone),
<application>ntalkd</application>, <application>ntalkd</application>,
<application>sendmail</application>, and other internet-accessible <application>sendmail</application>, and other Internet-accessible
services. If you try to configure the firewall the other way services. If you try to configure the firewall the other way
&ndash; as an inclusive or permissive firewall, there is a good &ndash; as an inclusive or permissive firewall, there is a good
chance that you will forget to <quote>close</quote> a couple of chance that you will forget to <quote>close</quote> a couple of
@ -645,7 +645,7 @@
firewall's configuration. For example, you might use a normal firewall's configuration. For example, you might use a normal
first/last range of 4000 to 5000, and a hiport range of 49152 to first/last range of 4000 to 5000, and a hiport range of 49152 to
65535, then block everything under 4000 off in your firewall 65535, then block everything under 4000 off in your firewall
(except for certain specific internet-accessible ports, of (except for certain specific Internet-accessible ports, of
course).</para> course).</para>
<para>Another common DOS attack is called a springboard attack <para>Another common DOS attack is called a springboard attack
@ -706,7 +706,7 @@
</listitem> </listitem>
</orderedlist> </orderedlist>
<para>If your servers are connected to the internet via a T3 or <para>If your servers are connected to the Internet via a T3 or
better it may be prudent to manually override both better it may be prudent to manually override both
<literal>rtexpire</literal> and <literal>rtminexpire</literal> <literal>rtexpire</literal> and <literal>rtminexpire</literal>
via &man.sysctl.8;. Never set either parameter to zero (unless via &man.sysctl.8;. Never set either parameter to zero (unless
@ -2702,8 +2702,8 @@ spdadd 10.6.7.8 10.2.3.4 any -P out ipsec
access remote machines securely. It can be used as a direct access remote machines securely. It can be used as a direct
replacement for <command>rlogin</command>, replacement for <command>rlogin</command>,
<command>rsh</command>, <command>rcp</command>, and <command>rsh</command>, <command>rcp</command>, and
<command>telnet</command>. Additionaly, any other TCP/IP <command>telnet</command>. Additionally, any other TCP/IP
connections can be tunnelled/forwarded securely through ssh. connections can be tunneled/forwarded securely through ssh.
ssh encrypts all traffic to effectively eliminate eavesdropping, ssh encrypts all traffic to effectively eliminate eavesdropping,
connection hijacking, and other network-level attacks.</para> connection hijacking, and other network-level attacks.</para>
@ -2730,7 +2730,7 @@ spdadd 10.6.7.8 10.2.3.4 any -P out ipsec
</para> </para>
<screen>sshd_enable="YES"</screen> <screen>sshd_enable="YES"</screen>
<para>This will load the ssh daemon the next time your system <para>This will load the ssh daemon the next time your system
inializes. Alternatively, you can simply run the initializes. Alternatively, you can simply run the
<command>sshd</command> daemon.</para> <command>sshd</command> daemon.</para>
</sect2> </sect2>
@ -2847,7 +2847,7 @@ Your identification has been saved in /home/user/.ssh/identity.
</listitem> </listitem>
<listitem> <listitem>
<para><emphasis>-N</emphasis> indicates no command, or tunnel only. <para><emphasis>-N</emphasis> indicates no command, or tunnel only.
If ommitted, &man.ssh.1; would initiate a normal session.</para> If omitted, &man.ssh.1; would initiate a normal session.</para>
</listitem> </listitem>
<listitem><para><emphasis>-f</emphasis> forces &man.ssh.1; to run <listitem><para><emphasis>-f</emphasis> forces &man.ssh.1; to run
in the background.</para> in the background.</para>
@ -2893,7 +2893,7 @@ Escape character is '^]'.
<para>This can be used in conjunction with an &man.ssh-keygen.1; <para>This can be used in conjunction with an &man.ssh-keygen.1;
and additional user accounts to create a more seamless/hassle-free and additional user accounts to create a more seamless/hassle-free
SSH tunneling environment. Keys can be used in place of typing SSH tunneling environment. Keys can be used in place of typing
a password, and the tunnels can be run as a seperate user. a password, and the tunnels can be run as a separate user.
</para> </para>
</sect2> </sect2>

14
en_US.ISO8859-1/books/handbook/x11/chapter.sgml
View file

@ -1,7 +1,7 @@
<!-- <!--
The FreeBSD Documentation Project The FreeBSD Documentation Project
$FreeBSD: doc/en_US.ISO8859-1/books/handbook/x11/chapter.sgml,v 1.15 2001/05/24 03:42:45 murray Exp $ $FreeBSD: doc/en_US.ISO8859-1/books/handbook/x11/chapter.sgml,v 1.16 2001/06/13 11:36:49 tom Exp $
--> -->
<chapter id="x11"> <chapter id="x11">
@ -1326,7 +1326,7 @@ For further configuration, refer to /usr/X11R6/lib/X11/doc/README.Config.</scree
<application>XFree86</application> are less than ideal for typical <application>XFree86</application> are less than ideal for typical
desktop publishing applications. Large presentation fonts show up desktop publishing applications. Large presentation fonts show up
jagged and unprofessional looking and small fonts in Netscape are jagged and unprofessional looking and small fonts in Netscape are
almost completely unintelligable. Fortunately, almost completely unintelligible. Fortunately,
<application>XFree86</application> can be configured to use <application>XFree86</application> can be configured to use
TrueType fonts with a minimum of effort.</para> TrueType fonts with a minimum of effort.</para>
@ -1343,7 +1343,7 @@ For further configuration, refer to /usr/X11R6/lib/X11/doc/README.Config.</scree
</para> </para>
<para>For <application>XFree86</application> 3.3.X you will need <para>For <application>XFree86</application> 3.3.X you will need
to run a seperate TrueType font to run a separate TrueType font
server. <application>Xfstt</application> is commonly used for this server. <application>Xfstt</application> is commonly used for this
purpose. To install <application>Xfstt</application> on your purpose. To install <application>Xfstt</application> on your
FreeBSD system simply install the port from FreeBSD system simply install the port from
@ -1410,7 +1410,7 @@ For further configuration, refer to /usr/X11R6/lib/X11/doc/README.Config.</scree
linkend="term-getty"> for details). That is, it performs system linkend="term-getty"> for details). That is, it performs system
logins to the display being connected to and then runs a session logins to the display being connected to and then runs a session
manager on behalf of the user (usually an X window manager). XDM manager on behalf of the user (usually an X window manager). XDM
then waits for this program to exit, signalling that the user is then waits for this program to exit, signaling that the user is
done and should be logged out of the display. At this point, XDM done and should be logged out of the display. At this point, XDM
can display the login and display chooser screens for the next can display the login and display chooser screens for the next
user to login.</para> user to login.</para>
@ -1447,7 +1447,7 @@ ttyv8 "/usr/X11R6/bin/xdm -nodaemon" xterm off secure
<para>The XDM configuration directory is located in <para>The XDM configuration directory is located in
<filename>/usr/X11R6/lib/X11/xdm</filename>. In this directory <filename>/usr/X11R6/lib/X11/xdm</filename>. In this directory
you will see several files used to change the behavior and you will see several files used to change the behavior and
appearence of XDM. Typically you will find these files:</para> appearance of XDM. Typically you will find these files:</para>
<informaltable> <informaltable>
<tgroup cols="2"> <tgroup cols="2">
@ -1531,7 +1531,7 @@ ttyv8 "/usr/X11R6/bin/xdm -nodaemon" xterm off secure
<title>Xresources</title> <title>Xresources</title>
<para>This is an application-defaults file for the display <para>This is an application-defaults file for the display
chooser and the login screens. This is where you can customize chooser and the login screens. This is where you can customize
the appearence of the login program. The format is identical the appearance of the login program. The format is identical
to the app-defaults file described in the XFree86 to the app-defaults file described in the XFree86
documentation.</para> documentation.</para>
</sect3> </sect3>
@ -1583,7 +1583,7 @@ ttyv8 "/usr/X11R6/bin/xdm -nodaemon" xterm off secure
<para>In order for other clients to connect to your display <para>In order for other clients to connect to your display
server, you will need to edit the access control rules, and server, you will need to edit the access control rules, and
enable the connection listener. By default these are set to enable the connection listener. By default these are set to
conservative values, which is a good descision security-wise. To conservative values, which is a good decision security-wise. To
get XDM to listen for connections first comment out a line in get XDM to listen for connections first comment out a line in
the <filename>xdm-config</filename> file: the <filename>xdm-config</filename> file: