Home > Articles > Operating Systems, Server

This chapter is from the book

Network Utilities

To make use of a networked environment, it made sense to extend certain tools, some of which have already been described. Networks also created a need for new utilities to control and monitor them; this led to ideas for new tools that took advantage of network speed and connectivity. This section describes concepts and utilities for systems attached to a network; without a network connection, they are of little use.

Trusted Hosts

Some commands, including rcp and rsh, work only if the remote system trusts your local computer (that is, the remote system knows your local computer and believes that it is not pretending to be a system that it is not). The /etc/hosts.equiv file lists trusted systems. For reasons of security, Superuser account does not rely on this file to identify trusted Superusers from other systems.

Host-based trust is largely obsolete. The rcp, rlogin, and rsh commands15 are deprecated in favor of ssh (page 374) and scp (page 376). Because there are many ways to subvert trusted host security, including subverting DNS systems and IP spoofing (page 1474), authentication based on IP address is widely regarded as insecure and obsolete. In a small homogeneous network of machines with local DNS control, it can be "good enough." The ease of use in these situations may outweigh the security concerns.

SECURITY: Do Not Share Your Login Account

You can use a .rhosts file to allow another user to log in as you from a remote system without knowing your password. This setup is not recommended. Do not compromise the security of your files or the entire system by sharing your login account. Use ssh and scp instead of rsh and rcp whenever possible.

ssh: Logs in or Runs a Command on a Remote Computer

You can use the secure ssh utility to log in on a remote system over the network. You might choose to use a remote system to access a special-purpose application, use a device that is available only on that system, or because you know that the remote system is faster or not as busy as your local computer. While traveling, many people use ssh on a laptop to log in on a system at headquarters. From a GUI you are able to use many systems simultaneously by logging in on each, using a different terminal emulator window.

You can log in on a remote machine that is running the sshd daemon and that you have an account on. For information on configuring ssh, see page 1029. All communication under ssh, including your name and password, is encrypted. When your login name is the same on the local and remote machines, give the command ssh hostname, where hostname is the name of the machine that you want to log in on:

[bravo]$ ssh kudos 
alex@kudos's password:
Last login: Sat Sep 14 06:51:59 from bravo
Have a lot of fun...
You have new mail.
[kudos]$ logout
Connection to kudos closed.

After you supply your password, you are running a shell on the remote machine. When you log out, the connection is broken, and you resume using your local computer. To log in with a user name different from the one you are using on the local machine, give the command ssh user@hostname, where user is your login name on the remote machine named hostname:16

[bravo]$ ssh watson@kudos 
watson@kudos's password:

The ssh utility also allows you to run a command on a remote system without logging in on that system. When you need to run more than one command, it is usually easier to log in and run the commands on the remote machine. The next example runs ls on the memos directory on the remote system kudos. The example assumes that the user running the command has a login on kudos and that memos is in the user's home directory on kudos:

[bravo]$ ssh kudos ls memos 
alex@kudos's password:

Suppose that a file named memo.new is on your local machine and that you cannot remember whether it contains certain changes or whether you made these changes to the file named memo.draft on the system named kudos. You could copy memo.draft to your local system and run diff (page 67) on the two files, but then you would have three similar copies of the file spread across two systems. If you are not careful about removing the old copies when you are done, you may be confused again in a few days. Instead of copying the file, you can use ssh:

[bravo]$ ssh kudos cat memos/memo.draft | diff memos.new – 

When you run ssh, standard output of the command run on the remote machine is passed to the local shell as though the command had been run in place on the local machine. Unless you quote characters that have special meaning to the shell, they are interpreted by the local machine. In the preceding example the output of the cat command on kudos is sent through a pipe on bravo to diff (running on bravo), which compares the local file memos.new to standard input (). The following command line has the same effect but causes diff to run on the remote system:

[bravo]$ cat memos.new | ssh kudos diff – memos/memo.draft 

Standard output from diff on the remote system is sent to the local shell, which displays it on the screen (because it is not redirected). Refer to page 1321 in Part III for more information on ssh.


The ssh utility can tunnel other protocols. You can secure protocols including POP, X, IMAP, and WWW using ssh as a virtual private network (VPN) between the two systems. Assume that you have a POP client on your local machine, the POP server is on a remote network that is protected by a firewall, and that you can access the remote network only using ssh. You can tunnel the POP protocol, which uses port 110, through an ssh tunnel. In this example, kudos is the firewall gateway machine, pophost is the POP server, and 1550 is a local port that you selected to use on your end of the tunnel.

$ ssh -N -L 1550:pophost:110 kudos 

The –N option causes ssh not to execute any remote commands: ssh works only as a private network to forward ports. You can forward ports in either direction and in combination by using the –L and –R flags. See the ssh man page for details.

Once you are authenticated, you can set your POP client so that the POP server is localhost and the POP port is 1550. Then, when the client fetches e-mail, it makes a connection to port 1550 on the local machine which is forwarded through the ssh tunnel to kudos and then to pophost port 110 where the real daemon is running.

scp: Copies a file from/to a Remote Computer

The scp (secure copy) utility copies a file from one computer to another on a network. Using ssh to transfer files, scp uses the same authentication mechanism as ssh and therefore provides the same security. The scp utility asks you for a password when it is needed for security. The format of an scp command is

scp [fromhost:]source-file [tohost:][destination-file] 

You can copy from or to your local machine or between two remote machines. When you specify a simple, or relative, filename, it is assumed to be relative to your home directory on a remote machine and relative to your working directory on your local machine. An absolute pathname describes a path from the root directory on any machine. Make sure that you have read permission to the file you are copying and write permission for the directory you are copying it into. In the following example, Alex uses scp to copy rain.jpg from his working directory on bravo (which happens to be his home directory) to his home directory on kudos:

[alex@bravo alex]$ scp rain.jpg kudos: 
alex@kudos's password:
rain.jpg         100% |***********************| 30161   00:00

As the transfer progresses, the percent and number of bytes transferred increase and the time remaining decreases. The asterisks provide a visual representation of the progress of the transfer.

Use the –r option to copy a directory recursively. See the scp man page for more information.

telnet: Logs in on a Remote Computer

You can use the TELNET protocol to interact with a remote computer. The telnet utility, a user interface to this protocol, is older than ssh and is not secure but may work where ssh is not available (there is more non-UNIX support for TELNET access than there is for ssh access). In addition, many legacy devices, such as terminal servers and network devices, do not support ssh.

[bravo]$ telnet kudos 
Connected to kudos.tcorp.com
Escape character is '^]'.

Welcome to SuSE Linux 7.3 (i386) - Kernel 2.4.10-4GB (2).
kudos login: watson
You have old mail in /var/mail/watson.
Last login: Mon Feb 25 14:46:55 from bravo.tcorp.com
watson@kudos:~> logout
Connection closed by foreign host.

When you connect to a remote UNIX or GNU/Linux system through telnet, you are presented with a regular login: prompt. Unless you specify differently, the ssh utility assumes that your login name on the remote system matches that on the local system. Because telnet is designed to work with non-UNIX/Linux systems, it makes no such assumptions.

SECURITY: telnet Is Not Secure

Whenever you enter sensitive information, such as your password, while you are using telnet, it is transmitted in cleartext and can be read by someone who is listening in on the session.

Another difference between these two utilities is that telnet allows you to configure many special parameters, such as how RETURNs or interrupts are processed. When using telnet between two UNIX/Linux systems, you rarely need to change any parameters.

When you do not specify the name of a remote host on the command line, telnet runs in an interactive mode. The following example is equivalent to the previous telnet example:

[bravo]$ telnet 
telnet> open kudos
Connected to kudos.tcorp.com
Escape character is '^]'.

Before connecting you to a remote system, telnet tells you what your escape character is; in most cases it is ^] (the ^ represents the CONTROL key on your keyboard). When you press CONTROL-], you escape to telnet's interactive mode. Continuing the preceding example:

[kudos]$ CONTROL-] 
telnet> ?

(displays help information)

telnet> close 
Connection closed.

When you enter a question mark in response to the telnet> prompt, telnet displays a list of its commands. The close command ends the current telnet session, returning you to your local system. To get out of telnet's interactive mode and resume communication with the remote system, press RETURN in response to a prompt.

It has been possible to use telnet to access special remote services at sites that have chosen to make such services available. However, many of these services, such as the U.S. Library of Congress Information System (LOCIS), have moved to the Web, so you can now obtain the same information by using a Web browser.

ftp: Transfers Files over a Network

You can use the ftp17 (file transfer protocol) utility to transfer files between systems on a network. This interactive utility allows you to browse through a directory on the remote system to identify files you may want to transfer:

[kudos]$ ftp bravo 
Connected to bravo.tcorp.com.
220 bravo.tcorp.com FTP server (Version wu-2.6.1-20) ready.
Name (bravo:alex): watson
331 Password required for watson.
230 User watson logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> bin
200 Type set to I.
ftp> cd memos
250 CWD command successful.
ftp> put memo.921
local: memo.921 remote: memo.921
200 PORT command successful.
227 Entering Passive Mode (192,168,0,1,225,45)
150 Opening BINARY mode data connection for memo.921. (8401 bytes)
100% |***************************| 8401  3.38 KB/s  00:00 ETA
226 Transfer complete.
8401 bytes received in 00:02 (3.38 KB/s)
ftp> quit
221-You have transferred 56064 bytes in 1 files.
221-Total traffic for this session was 56485 bytes in 1 transfers.
221-Thank you for using the FTP service on bravo.tcorp.com.
221 Goodbye.

The remote system prompts you for a login name and password. By default the system expects that your login name is the same on both systems; just press RETURN if it is. In this case it is not, so Alex enters watson before pressing RETURN. Then he enters his password.

Although it is not necessary in this case, Alex gives a bin (binary) command as a matter of habit; he always establishes binary transfer mode as soon as he logs in.18 With ftp in binary mode, you can transfer ASCII and binary files. ASCII mode can guarantee the successful transfer of ASCII files only.

Binary mode transfers an exact, byte-for-byte image of a file. ASCII mode performs end-of-line conversions between different systems and is consequently slower than binary mode. DOS/MS Windows, Macintosh, and UNIX/Linux each use different characters to indicate the end of a line of text. For example, Microsoft operating systems use a RETURN (CONTROL-M) followed by a NEWLINE (CONTROL-J) to mark the end of a line, whereas UNIX/Linux uses a NEWLINE by itself. Use ASCII mode to transfer plain text files (sometimes indicated by a .txt filename extension) only. Transfer Microsoft Word and other word processing documents in binary mode, as they are not plain text files. Unless you specifically need to convert the end-of-line characters, use binary mode.

Before transferring the file, Alex uses ftp's cd command to change directories on the remote system (use lcd to change directories on the local system). Then the put command, followed by the filename, transfers the file to the remote system in the remote working directory (memos).

The ftp utility makes no assumptions about filesystem structure, because you can use ftp to exchange files with non-UNIX/Linux systems (whose filenaming conventions may be different).

Anonymous FTP

Systems often provide ftp access to anyone on a network by providing a special login: anonymous (you can usually use the login name ftp in place of anonymous). The anonymous FTP user is usually restricted to a portion of a filesystem that has been set aside to hold files that are to be shared with remote users. Traditionally any password is acceptable for anonymous FTP; by convention you are expected to give your e-mail address. Some sites reject your connection if they cannot identify the name of your computer or if you supply a password that doesn't match the name of your site. Alex can enter alex@tcorp.com in response to the password prompt.

While using ftp, you can type help at any ftp> prompt to see a list of commands. For using Mozilla to perform an anonymous FTP transfer, see "Downloading a File" on page 408. Refer to page 1180 in Part III for more information on ftp.

ping: Tests a Network Connection

The ping19 utility (http://ftp.arl.mil/~mike/ping.html) sends an ECHO_REQUEST packet to a remote computer. This packet causes the remote system to send back a reply. This is a quick way to verify that a remote system is available, as well as to check how well the network is operating, such as how fast it is or whether it is dropping data packets. The protocol ping uses is ICMP (Internet Control Message Protocol). Without any options ping tests the connection once per second until you abort the execution with CONTROL-C.

[kudos]$ ping tsx-11.mit.edu 
PING tsx-11.mit.edu ( from : 56(84) bytes of data.
64 bytes from TSX-11.MIT.EDU ( icmp_seq=0 ttl=48 time=500.199 msec
64 bytes from TSX-11.MIT.EDU ( icmp_seq=1 ttl=48 time=518.703 msec
64 bytes from TSX-11.MIT.EDU ( icmp_seq=2 ttl=48 time=516.304 msec
64 bytes from TSX-11.MIT.EDU ( icmp_seq=3 ttl=48 time=95.807 msec

--- tsx-11.mit.edu ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/mdev = 95.807/407.753/518.703/180.243 ms

In this example the remote system named tsx-11.mit.edu is up and available to you over the network.

By default ping sends packets containing 64 bytes (56 data bytes and 8 bytes of protocol header information). In the preceding example four packets were sent to the system tsx-11.mit.edu before the user interrupted ping by pressing CONTROL-C. The four-part number in parentheses on each line is the remote system's IP address. A packet sequence number (called icmp_seq) is also given. If a packet is dropped, a gap occurs in the sequence numbers. The round-trip time is listed last, in microseconds; this represents the time that elapsed from when the packet was sent from the local system to the remote system until the reply from the remote system was received by the local system. This time is affected by the distance between the two systems, as well as by network traffic and the load on both computers. Before it terminates, ping summarizes the results, indicating how many packets were sent and received, as well as the minimum, average, maximum, and mean deviation round-trip times it measured.

TIP: When ping Cannot Connect

If unable to contact the remote system, ping continues trying until you interrupt it with CONTROL-C. There may be several reasons why a system does not answer: The remote computer may be down, the network interface or some part of the network between the systems may be broken, there may be a software failure, or the remote machine may be set up, for reasons of security, not to return pings (try pinging www.microsoft.com or www.ibm.com).

traceroute: Traces a Route over the Internet

The traceroute utility, supplied with Red Hat Linux, traces the route an IP packet follows, including all the intermediary points traversed (called network hops), to its destination (the argument to traceroute—an Internet host). It displays a numbered list of host names, if available, and IP addresses, together with the round-trip time it took for a packet to get to each router along the way and an acknowledgment to get back. You can put this information to good use when you are trying to determine where a network bottleneck is.

The traceroute utility has no concept of the path from one host to the next; it simply sends out packets with increasing TTL values. TTL is an IP header field that indicates how many more hops the packet should be allowed to make before being discarded or returned. In the case of a traceroute packet, the packet is returned by the host that has the packet when the TTL value is zero. The result is a list of hosts that the packet travels through to get to its destination.

The traceroute utility can help you solve routing configuration problems and routing path failures. When you cannot reach a host, use traceroute to see what path the packet follows, how far it gets, and what the delay is.

The next example is the output of traceroute following a route from a local computer to www.linux.org. The first line tells you the IP address of the target, the maximum number of hops that will be traced, and the size of the packets that will be used. Each numbered line contains the name and IP address of the intermediate destination, followed by the time it takes a packet to make a round-trip to that destination and back. The traceroute utility sends three packets to each destination; thus there are three times on each line. Line 1 shows the statistics when a packet is sent to the local gateway (under 3 ms). Lines 4–6 show it bouncing around Mountain View (California) before it goes to San Jose. Between hops 13 and 14 the packet travels across the United States (San Francisco to somewhere in the East). By hop 18 the packet has found www.linux.org. The traceroute utility displays asterisks when it does not receive a response. Each asterisk indicates that traceroute has waited three seconds.

$ /usr/sbin/traceroute www.linux.org 
traceroute to www.linux.org (, 30 hops max, 38 byte packets
 1  gw.localco.com. (  2.904 ms  2.425 ms  2.783 ms
 2  covad-gw2.meer.net (  19.727 ms  23.287 ms  24.783 ms
 3  gw-mv1.meer.net (  18.795 ms  24.973 ms  19.207 ms
 4  d1-4-2.a02.mtvwca01.us.ra.verio.net (  59.091 ms d1-10-0-0-200.a03.
       mtvwca01.us.ra.verio.net (  54.948 ms  39.485 ms
 5  fa-11-0-0.a01.mtvwca01.us.ra.verio.net (  40.182 ms  44.405 ms 49.362 ms
 6  p1-1-0-0.a09.mtvwca01.us.ra.verio.net (  78.688 ms  66.266 ms 28.003 ms
 7  p1-12-0-0.a01.snjsca01.us.ra.verio.net ( 32.424 ms 94.337 ms 54.946 ms
 8  f4-1-0.sjc0.verio.net (  38.952 ms  63.111 ms  49.083 ms
 9  sjc0.nuq0.verio.net (  45.031 ms  43.496 ms  44.925 ms
10  mae-west1.US.CRL.NET (  48.525 ms  66.296 ms  38.996 ms
11  t3-ames.3.sfo.us.crl.net (  138.808 ms  78.579 ms  68.699 ms
12  E0-CRL-SFO-02-E0X0.US.CRL.NET (  43.023 ms  51.910 ms  42.967 ms
13  sfo2-vva1.ATM.us.crl.net (  135.551 ms  154.606 ms  178.632 ms
14  mae-east-02.ix.ai.net (  158.351 ms  201.811 ms  204.560 ms
15  oc12-3-0-0.mae-east.ix.ai.net (  202.851 ms  155.667 ms  219.116 ms
16  border-ai.invlogic.com (  214.622 ms *  190.423 ms
17  router.invlogic.com (  224.378 ms  235.427 ms  228.856 ms
18  www.linux.org (  207.964 ms  178.683 ms  179.483 ms

host and dig: Queries Internet Name Servers

The host utility looks up an IP address given a name or vice versa. This utility is easy to use and replaces nslookup in its simplest case. The following example shows how to use host to look up the domain name of a machine, given an IP address:

$ host domain name pointer ns.meer.net.

You can also use host to determine the IP address of a domain name:

$ host ns.meer.net 
ns.meer.net. has address

The dig (domain information groper) utility queries DNS servers and individual machines for information about a domain. A powerful utility, dig has many features that you may never use. It is more involved than host and replaces nslookup in its complex cases. The following dig command uses the keyword any to get any available information about the upstate.edu domain.

# dig any upstate.edu 
; <<>> DiG 9.1.3 <<>> any upstate.edu
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30224;; flags: qr rd ra; QUERY: 1, 
graphics/ccc.gifANSWER: 11, AUTHORITY: 5, ADDITIONAL: 7

;upstate.edu.                    IN      ANY

upstate.edu.             74567   IN      NS      dns.duc.upstate.edu.
upstate.edu.             74567   IN      NS      dns.eng.upstate.edu.
upstate.edu.             74567   IN      NS      dns.acesag.upstate.edu.
upstate.edu.             74567   IN      NS      dns.upstate.edu.
upstate.edu.             74567   IN      NS      nr01.netmgt.upstate.edu.
upstate.edu.            83413   IN      SOA     dns.upstate.edu. bailebn.noc.upstate.edu. 
graphics/ccc.gif2002022106 3600 900 259200 86400
upstate.edu.             83438   IN      MX      10 ducserv6.duc.upstate.edu.
upstate.edu.             83438   IN      MX      10 ducserv3c.duc.upstate.edu.
upstate.edu.             83438   IN      MX      10 ducserv6b.duc.upstate.edu.
upstate.edu.             83438   IN      MX      20 ducserv3.duc.upstate.edu.
upstate.edu.             83438   IN      MX      20 ducserv3b.duc.upstate.edu.

upstate.edu.             74567   IN      NS      dns.duc.upstate.edu.
upstate.edu.             74567   IN      NS      dns.eng.upstate.edu.
upstate.edu.             74567   IN      NS      dns.acesag.upstate.edu.
upstate.edu.             74567   IN      NS      dns.upstate.edu.
upstate.edu.             74567   IN      NS      nr01.netmgt.upstate.edu.

dns.duc.upstate.edu.     2867    IN      A
dns.eng.upstate.edu.     68182   IN      A
dns.acesag.upstate.edu.  132867  IN      A
dns.upstate.edu.         160958  IN      A

nr01.netmgt.upstate.edu. 74567   IN      A 
graphics/ccc.gif83438  IN      A
ducserv3c.duc.upstate.edu. 83438 IN      A

;; Query time: 29 msec
;; WHEN: Thu Feb 28 15:54:33 2002
;; MSG SIZE  rcvd: 499

The dig utility displays a lot of information.

  • The Authority Section specifies the primary name servers, and the Additional Section specifies the IP addresses that correspond to the names in the Authority Section.

  • The SERVER line (toward the end) specifies the name and IP address of the DNS server that the local system uses: This is where dig gets its information.

  • The second column specifies the TTL (page 1499) in seconds.

  • IN in the third column is the query class and indicates that this is an Internet class query.

  • NS, SOA, MX, NS, or A in the fourth column specifies the type of information (DNS query type) that the row holds:

    • The NS (name server) record(s) specify name servers that upstate.edu uses. An NS record is meaningful only when you query a domain.

    • The MX (mail exchanger) record(s) specify a mail server for the domain you are querying. The upstate.edu domain has several mail servers. The lower the preference value (the number before the mail server domain in the right column), the higher the priority (ducserv6b is always tried before ducserv3).

    • There is one SOA (start or zone of authority) for a given domain. The SOA

      • Is the authoritative primary DNS for the domain.

      • Defines who the point of contact is for the domain.

      • Controls the TTL for records from the DNS.

      • Controls how often another name server will retry the domain's name server.

      • Controls when another name server will timeout when trying to contact the domain's name server.

  • The A (network Address) record specifies in the last column the IP address that corresponds to the domain name in the first column.

The dig utility has many query types. The any type is used in the preceding example. You can also use mx, ns, soa, and others. Refer to the dig man page for more details.

whois: Looks Up Information about an Internet Site

The whois utility queries a whois server for information about an Internet site. This utility returns site contact and InterNIC or other registry information that can help you track down the person responsible for a site: Perhaps that person is sending you or your company spam (page 1493). Many sites on the Internet are easier to use and faster than whois. Use a browser to search on whois or go to www.netsol.com/cgi-bin/whois/whois or www.ripe.net/perl/whois to get started.

When you search by name, whois may return more than one entry. In the following example, whois returns SOBELL.NET and SOBELL.COM when queried for sobell:

$ whois sobell 

Whois Server Version 1.3

Domain names in the .com, .net, and .org domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.


To single out one record, look it up with "xxx", where xxx is one of the
of the records displayed above. If the records are the same, look them up
with "=xxx" to receive a full display for each record.

>>> Last update of whois database: Tue, 26 Feb 2002 05:22:08 EST <<<

The Registry database contains ONLY .COM, .NET, .ORG, .EDU domains and Registrars.

When you do not specify a whois server, whois defaults to whois.crsnic.net. Set the NICNAMESERVER or WHOISSERVER shell variables, or use the –h option to whois to specify a different whois server.

To obtain information on a domain name, specify the complete domain name as in the following example:

$ whois sobell.com 

Whois Server Version 1.3

Domain names in the .com, .net, and .org domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Domain Name: SOBELL.COM
   Whois Server: whois.networksolutions.com
   Referral URL: http://www.networksolutions.com
   Name Server: NS.MEER.NET
   Name Server: NS2.MEER.NET
   Updated Date: 05-nov-2001

>>> Last update of whois database: Tue, 26 Feb 2002 05:22:08 EST <<<

The Registry database contains ONLY .COM, .NET, .ORG, .EDU domains and

Sobell Associates Inc (SOBELL-DOM)
   PO Box 1089
   Menlo Park, CA 94026

   Domain Name: SOBELL.COM

   Administrative Contact, Billing Contact:
      Sobell, Mark  (MS989)  sobell@MEER.NET
      Sobell Associates Inc
      PO Box 1089
      Menlo Park, CA 94026
[No phone]
   Technical Contact:
      meer.net hostmaster  (MN85-ORG)  hostmaster@MEER.NET
      po box 390804
      Mountain View, CA 94039
      Fax- +1.888.844.6337

   Record last updated on 09-Apr-2000.
   Record expires on 08-Apr-2004.
   Record created on 07-Apr-1995.
   Database last updated on 26-Feb-2002 01:57:00 EST.

   Domain servers in listed order:


Several top-level registries serve various regions of the world. The ones you are most likely to use are

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020