RFC1244 - Page 44

• Title: Site Security Handbook
• Author: J.P. Holbrook, J.K. Reynolds
• Date: July 1, 1991

Page Navigation:

1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  16  17  18  19  20  21  22  23  24  25  26  27  28  29  30  31  32  33  34  35  36  37  38  39  40  41  42  43  44  45  46  47  48  49  50  51  52  53  54  55  56  57  58  59  60  61  62  63  64  65  66  67  68  69  70  71  72  73  74  75  76  77  78  79  80  81  82  83  84  85  86  87  88  89  90  91  92  93  94  95  96  97  98  99  100  101 

Printable Version: RFC1244.PDF

RFC 1244                 Site Security Handbook                July 1991


            government authorities as appropriate.

            The CERT/CC serves as a clearing house for the
            identification and repair of security vulnerabilities,
            informal assessments of existing systems, improvement of
            emergency response capability, and both vendor and user
            security awareness.  In addition, the team works with
            vendors of various systems in order to coordinate the fixes
            for security problems.

            The CERT/CC sends out security advisories to the CERT-
            ADVISORY mailing list whenever appropriate.  They also
            operate a 24-hour hotline that can be called to report
            security problems (e.g., someone breaking into your system),
            as well as to obtain current (and accurate) information
            about rumored security problems.

            To join the CERT-ADVISORY mailing list, send a message to
            CERT@CERT.SEI.CMU.EDU and ask to be added to the mailing
            list.  The material sent to this list also appears in the
            USENET newsgroup "comp.security.announce".  Past advisories
            are available for anonymous FTP from the host
            CERT.SEI.CMU.EDU.  The 24-hour hotline number is (412) 268-
            7090.

            The CERT/CC also maintains a CERT-TOOLS list to encourage
            the exchange of information on tools and techniques that
            increase the secure operation of Internet systems.  The
            CERT/CC does not review or endorse the tools described on
            the list.  To subscribe, send a message to CERT-TOOLS-
            REQUEST@CERT.SEI.CMU.EDU and ask to be added to the mailing
            list.

            The CERT/CC maintains other generally useful security
            information for anonymous FTP from CERT.SEI.CMU.EDU.  Get
            the README file for a list of what is available.

            For more information, contact:

               CERT
               Software Engineering Institute
               Carnegie Mellon University
               Pittsburgh, PA  15213-3890

               (412) 268-7090
               cert@cert.sei.cmu.edu.





Site Security Policy Handbook Working Group                    [Page 44]