RFC1244 - Page 88

• Title: Site Security Handbook
• Author: J.P. Holbrook, J.K. Reynolds
• Date: July 1, 1991

Page Navigation:

1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  16  17  18  19  20  21  22  23  24  25  26  27  28  29  30  31  32  33  34  35  36  37  38  39  40  41  42  43  44  45  46  47  48  49  50  51  52  53  54  55  56  57  58  59  60  61  62  63  64  65  66  67  68  69  70  71  72  73  74  75  76  77  78  79  80  81  82  83  84  85  86  87  88  89  90  91  92  93  94  95  96  97  98  99  100  101 

Printable Version: RFC1244.PDF

RFC 1244                 Site Security Handbook                July 1991


           security.  The first part of the book covers standard Unix
           and Unix security basics, with particular emphasis on
           passwords.  The second section covers enforcing security on
           the system.  Of particular interest to the Internet user are
           the sections on network security, which address many
           of the common security problems that afflict Internet Unix
           users.  Four chapters deal with handling security incidents,
           and the book concludes with discussions of encryption,
           physical security, and useful checklists and lists of
           resources.  The book lives up to its name; it is filled with
           specific references to possible security holes, files to
           check, and things to do to improve security.  This
           book is an excellent complement to this handbook.

   [GREENIA90]
           Greenia, M., "Computer Security Information Sourcebook",
           Lexikon Services, Sacramento, CA, 1989.

           A manager's guide to computer security.  Contains a
           sourcebook of key reference materials including
           access control and computer crimes bibliographies.

   [HOFFMAN]
           Hoffman, L., "Rogue Programs: Viruses, Worms, and
           Trojan Horses", Van Nostrand Reinhold, NY, 1990.
           (384 pages, includes bibliographical references and index.)

   [JOHNSON]
           Johnson, D., and J. Podesta, "Formulating A Company Policy
           on Access to and Use and Disclosure of Electronic Mail on
           Company Computer Systems".

           A white paper prepared for the EMA, written by two experts
           in privacy law.  Gives background on the issues, and presents
           some policy options.

           Available from: The Electronic Mail Association (EMA)
           1555 Wilson Blvd, Suite 555, Arlington, VA, 22209.
           (703) 522-7111.

   [KENT]
           Kent, Stephen, "E-Mail Privacy for the Internet: New Software
           and Strict Registration Procedures will be Implemented this
           Year", Business Communications Review, Vol. 20, No. 1,
           Pg. 55, 1 January 1990.






Site Security Policy Handbook Working Group                    [Page 88]