cert-tools-request@cert.sei.cmu.edu (11/20/90)
Archive-name: security-primer/19-Nov-90 Original-posting-by: cert-tools-request@cert.sei.cmu.edu Archive-site: cert.sei.cmu.edu [128.237.253.5] Archive-directory: /pub/info/primer Reposted-by: emv@ox.com (Edward Vielmetti) Russell Brand has an article in the Nov. 12, 1990 issue of Unix Today!. It's entitled "Enhancing Network Security: Simple Prevention Mechanisms That Can Go A Long Way Toward Protecting Your Net". In this article, he refers to a document that gives "the details of how to set up a password policy, fix the standard Unix security holes, and make sure your backup system is working." The document is written by Russell Brand, and is entitled 'Coping with the Threat of Computer Security Incidents: A Primer from Prevention through Recovery'. It's 45 pages that does a very good job of describing some basics about dealing with security incidents. Some of the topics covered: incident avoidance, passwords, pre-planning incident handling, backups, and incident handling. It's available via anonymous FTP from cert.sei.cmu.edu:/pub/info/primer in either compressed Postscript or LaTex source form: primer.ps.Z 124135 Jun 8 17:57 primer.tar.Z 48847 Jun 8 17:57 If you can't retrieve it via anonymous FTP, you can send a message to primer-request@cert.sei.cmu.edu and ask to have a copy e-mailed to you. The default will be 10 shar-format messages; if you need some other format (or can take compressed, uuencoded files), please specify. Also, if you do request by mail, please be patient; it may take a few days to get to the requests. J. Paul Holbrook CERT/CC ph@cert.sei.cmu.edu **CERT-Tools Information:**************************************************** * Submissions : cert-tools@cert.sei.cmu.edu * * Address additions/deletions/changes : cert-tools-request@cert.sei.cmu.edu * * Moderator : tools@cert.sei.cmu.edu * * * * The CERT/CC will not formally review, evaluate, or endorse the tools * * and techniques described. The decision to use the tools and * * techniques described is the responsibility of each user or * * organization and we encourage each organization to thoroughly evaluate * * new tools and techniques before installation or use. * *****************************************************************************