davy@itstd.sri.com (05/04/90)
Due to the overwhelming demand (1000 FTP connections in 24 hours) for my paper, "Improving the Security of Your UNIX System," I have made it available via some other sources, listed below. Thanks to the system administrators at these sites who've allowed me to distribute the paper through their machines. Dave Curry SRI International ---------------------------------------------------------------- Last update: May 3, 1990 The SRI International white paper, "Improving the Security of Your UNIX System," may be obtained via the following methods: 1. ANONYMOUS FTP The document is available via anonymous FTP from the following hosts: (West Coast) Host: SPAM.ITSTD.SRI.COM Addr: 128.18.4.3 File: pub/security-doc.tar.Z (West Coast) Host: GATEKEEPER.DEC.COM Addr: 16.1.0.2 File: pub/doc/sri-security-doc.tar.Z (East Coast) Host: UUNET.UU.NET Addr: 192.48.96.2 File: doc/security-doc.tar.Z (Midwest) Host: TUT.CIS.OHIO-STATE.EDU Addr: 128.146.8.60 File: pub/security/security-doc.tar.Z (MILNET) Host: WSMR-SIMTEL20.ARMY.MIL Addr: 26.2.0.74 File: pd2:<unix-c.info>security-doc.tar-z [[Ed's Note: Also: Host: TITAN.RICE.EDU Addr: 128.42.1.30 File: sun-source/secdoc.shar.z.uu -bdg]] Transfer the file in "binary" mode from SPAM, TUT and UUNET, or "tenex" mode from SIMTEL-20. After you get the file, execute the commands: % uncompress security-doc.tar.Z % tar xf security-doc % cd security-doc [[Ed's Note: if you get it from Rice, uudecode, uncompress, sh. -bdg]] And now consult the README file. 2. UUCP UUNET subscribers can obtain the document via UUCP from UUNET using a command of the form uucp uunet!~/doc/security-doc.tar.Z destination-filename UUCP sites that are not UUNET subscribers will not be able to get it directly through them, but may be able to find another UUCP neighbor who has the file. ------ You can obtain the file via "anonymous" UUCP from Ohio State University by placing the following line in your L.sys file: # # Direct Trailblazer # osu-cis Any ACU 19200 1-614-292-5112 in:--in:--in: Uanon # # Micom port selector, at 1200, 2400, or 9600 bps. # Replace ##'s below with 12, 24, or 96 (both speed and phone number). # osu-cis Any ACU ##00 1-614-292-31## "" \r\c Name? osu-cis nected \c GO \d\r\d\r\d\r in:--in:--in: Uanon and then issue the command uucp osu-cis!~/security/security-doc.tar.Z destination-filename 3. BITNET BITNET users may obtain the document via the European TRICKLE servers from the UNIX-SW archives. To do this, use the TELL command as follows: TELL TRICKLE AT SOMEHOST /PDGET <UNIX-SW.INFO>SECURITY-DOC.TAR-Z where SOMEHOST is one of: DKTC11 Denmark TREARN Turkey IMIPOLI Italy BANUFS11 Belgium AWIWUW11 Austria DB0FUB11 Germany EB0UB011 Spain There are no TRICKLE hosts in the U.S.; the Europeans are graciously allowing U.S. BITNET users to access their machines. Please be kind to them. Sorry, but the LISTSERV machines at RPIECS and NDSUVM do not provide access to the UNIX-SW repository. The file will arrive in BITSEND, NETDATA format. You should use the BITRCV command from RDRList to get the file. (I have no idea what this means -- go find an IBM guru if you don't know either.) This will be a BINARY file. You won't be able to do much of anything with it on an IBM system. Instead, transfer it to a UNIX system, and then uncompress it and extract the tar file, and then format things. See above under "FTP" for how to do this. 4. ELECTRONIC MAIL The document may also be obtained from the SUN-SPOTS archive server located on host TITAN.RICE.EDU. In order to request the document, send a note with the word help to "archive-server@rice.edu" (uunet!rice!archive-server). I don't, as of this writing, know what the path to the document will be, so you'll have to use the "index" command to hunt around for it. It will probably live in the "sun-source" directory, so you may want to just send "index sun-source" instead of "help". [[Ed's Note: Command is: send sun-source secdoc.shar.z.uu -bdg]] 5. DECNET DECNET users can obtain the file by copying DECWRL::"/pub/doc/sri-security-doc.tar.Z" by using the COPY command, or whatever.