[H-GEN] comp security > ciac - howto detect intrusion
Matthew Taylor
bmatthewtaylor at yahoo.co.uk
Sat May 10 20:57:36 EDT 2003
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
just spotted this while searching for comp security documents for a uni
assignment.
http://www.ciac.org/cgi-bin/index/documents/CIAC-2305_UNIX_Incident_Guide_How_to_detect_an_Intrusion.pdf
useful beginners reference, covers various various basic tools to
investigate activity.
the 'orange book' www.radium.ncsc.mil/tpep/library/rainbox/5200.28_STD.html
provides a 'spec' for various levels of security rating, curious, has
anyone seen an evaluation of various unix flavours or products against
this spec?
any other 'classic' references to comp security I should be aware of?
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'. See http://www.humbug.org.au/
More information about the General
mailing list