Top Document: comp.security.unix and comp.security.misc frequently asked questions Previous Document: Here's new, unbreakable encryption software. Next Document: Is there a newer version of cops? See reader questions & answers on this topic! - Help others by sharing your knowledge The number one thing to do is to install all of your vendor's security patches and to disable unused services (in unix, comment things out of /etc/inetd.conf, and remove daemon invocations from /etc/rc* (details depend on OS version)). See some other basic information in http://www.cert.org/tech_tips/unix_configuration_guidelines.html Subscribe to the CERT advisory list and to your vendor's security alert list to keep current in future. If you're trying to learn your way around unix and internet security in general, I suggest you want to start with a good grasp of unix basics, e.g. from the Kernighan & Pike book. You'll also want to be strong in C, which education you can begin with the Kernighan & Ritchie book. (Of course there are alternatives to both.) If you're feeling strong after that and want to go for the details, read Farmer & Venema's "Improving the Security of Your Site by Breaking Into it" at http://www.fish.com/security/admin-guide-to-cracking.html , and the Cheswick & Bellovin firewalls book. For a gentler approach covering a broader range of security issues, read Spafford & Garfinkel's "Practical Unix and Internet Security". A more hands-on-oriented book about firewalls is Chapman & Zwicky. If you're interested in cryptography, the canonical book is Schneier's "Applied Cryptography", and you might be interested in RFC 1750. I've received a recommendation for "Windows NT Security" by Rutstein. Some URLs with security notes for particular systems (in addition to those above, and don't forget your vendor's security patch list): Linux security: http://metalab.unc.edu/LDP/HOWTO/Security-HOWTO.html Irix (out of date but contains notes which are still important): ftp://rtfm.mit.edu/pub/faqs/sgi/faq/security Improve assorted file permissions for solaris 2.2 through 2.6, changing the pkg database to match: ftp://ftp.fwi.uva.nl/pub/solaris/fix-modes.tar.gz Solaris security: http://www.sunworld.com/common/security-faq.html Unix versus Windows NT: [http://www.unix-vs-nt.org is now a domain squatter; does this page have a new home, anyone?] (Canonical URLs for additional platforms solicited! Non-vendor URLs preferred.) User Contributions:Top Document: comp.security.unix and comp.security.misc frequently asked questions Previous Document: Here's new, unbreakable encryption software. Next Document: Is there a newer version of cops? Single Page [ Usenet FAQs | Web FAQs | Documents | RFC Index ] Send corrections/additions to the FAQ Maintainer: flaps@dgp.toronto.edu (Alan J Rosenthal)
Last Update March 27 2014 @ 02:11 PM
|
Comment about this article, ask questions, or add new information about this topic: