RFC1244 - Page 90

• Title: Site Security Handbook
• Author: J.P. Holbrook, J.K. Reynolds
• Date: July 1, 1991

Page Navigation:

1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  16  17  18  19  20  21  22  23  24  25  26  27  28  29  30  31  32  33  34  35  36  37  38  39  40  41  42  43  44  45  46  47  48  49  50  51  52  53  54  55  56  57  58  59  60  61  62  63  64  65  66  67  68  69  70  71  72  73  74  75  76  77  78  79  80  81  82  83  84  85  86  87  88  89  90  91  92  93  94  95  96  97  98  99  100  101 

Printable Version: RFC1244.PDF

RFC 1244                 Site Security Handbook                July 1991


           security problems and solutions, with a particular emphasis on
           encryption.  The encryption coverage serves as a good
           introduction to the subject.  Other topics covered include
           building secure programs and systems, security of database,
           personal computer security, network and communications
           security, physical security, risk analysis and security
           planning, and legal and ethical issues.  538 pages including
           index and bibliography.

   [SHIREY]
           Shirey, R., "Defense Data Network Security Architecture",
           Computer Communication Review, Vol. 20, No. 2, Page 66,
           1 April 1990.

   [SPAFFORD]
           Spafford, E., Heaphy, K., and D. Ferbrache, "Computer
           Viruses: Dealing with Electronic Vandalism and Programmed
           Threats", ADAPSO, 1989. (109 pages.)

           This is a good general reference on computer viruses and
           related concerns.  In addition to describing viruses in
           some detail, it also covers more general security issues,
           legal recourse in case of security problems, and includes
           lists of laws, journals focused on computers security,
           and other security-related resources.

           Available from: ADAPSO, 1300 N. 17th St, Suite 300,
           Arlington VA 22209.  (703) 522-5055.

   [STOLL88]
           Stoll, C., "Stalking the Wily Hacker", Communications
           of the ACM, Vol. 31, No. 5, Pgs. 484-497, ACM,
           New York, NY, May 1988.

           This article describes some of the technical means used
           to trace the intruder that was later chronicled in
           "Cuckoo's Egg" (see below).

   [STOLL89]
           Stoll, C., "The Cuckoo's Egg", ISBN 00385-24946-2,
           Doubleday, 1989.

           Clifford Stoll, an astronomer turned UNIX System
           Administrator, recounts an exciting, true story of how he
           tracked a computer intruder through the maze of American
           military and research networks.  This book is easy to
           understand and can serve as an interesting introduction to
           the world of networking.  Jon Postel says in a book review,



Site Security Policy Handbook Working Group                    [Page 90]