This page lists unconfirmed errors and comments from readers. They have not yet been approved or disproved by the author or editor and represent solely the opinion of the reader. Network Security Hacks, 2e by Andrew Lockhart The catalog page for this title is http://www.oreilly.com/catalog/9780596527631/ This page was last updated August 5, 2008. If you have technical questions or error reports, you can send them to booktech@oreilly.com. Please specify the printing date of your copy or the digital version accessed. Here's a key to the markup: [page-number]: serious technical mistake {page-number}: minor technical mistake : important language/formatting problem (page-number): language change or minor formatting problem UNCONFIRMED errors and comments from readers: {211}4th paragraph; The command line in the 4th paragraph reads "openssl req ... -keyout cakey.pem -out cakey.pem ..."(with ellipsis for irrelevant parts). I.e. the same file name is given for both the certificate and the private key. The command line "openssl req ... -keyout cakey.pem -out cacert.pem ..." would be better. {268} 2nd Paragraph (hack 96) Page may differ, hack is the same. (1st Ed); One option that the author does not seem to be aware of is a secondary use for the Suspend2 patchset. Not only is it useful to laptop users, it is also useful on servers. This is because of the essential purpose of software suspend: preserve the filesystem and memory, without disturbing processes. By its nature it does no more damage to the filesystem than a cold shutdown (perhaps less, as caches are flushed), and it throws a perfect memory image into the bargain. Add in that it is undetectable during the first portion unless the intruder is watching top studiously, and locks memory immediately after that, it can be used as a remarkably effective snapshotting tool. All that would remain would be to remove the hard drive (as most BIOS'es force resuming from the same drive as was suspended) and image it, for a perfect image of the system in question. It would probably be most effective with the filewriter target, as it eliminates the necessity of hunting through the swap parti! tion for the memory image. This omission is present in both 1st and 2nd editions (I checked the 2nd via the TOC sampler).