Practical UNIX and Internet security
When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the or...
| Autor principal: | |
|---|---|
| Otros Autores: | , |
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Beijing ; Sebastopol, California :
O'Reilly
2003.
|
| Edición: | 3rd ed |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627407006719 |
Tabla de Contenidos:
- Table of Contents; Preface; Unix "Security"?; What This Book Is; What This Book Is Not; Third-Party Security Tools; Scope of This Book; Which Unix System?; Versions Covered in This Book; "Secure" Versions of Unix; Conventions Used in This Book; Comments and Questions; Acknowledgments; Third Edition; Second Edition; First Edition; A Note to Would-Be Attackers; Part I; Chapter 1. Introduction: Some Fundamental Questions; What Is Computer Security?; What Is an Operating System?; What Is a Deployment Environment?; Summary; Chapter 2. Unix History and Lineage; History of Unix
- Multics: The Unix PrototypeThe Birth of Unix; Unix escapes AT&T; Unix goes commercial; The Unix Wars: Why Berkeley 4.2 over System V; Unix Wars 2: SVR4 versus OSF/1; Free Unix; FSF and GNU; Minix; Xinu; Linux; NetBSD, FreeBSD, and OpenBSD; Businesses adopt Unix; Second-Generation Commercial Unix Systems; What the Future Holds; Security and Unix; Expectations; Software Quality; Add-on Functionality Breeds Problems; The Failed P1003.1e/2c Unix Security Standard; Role of This Book; Summary; Chapter 3. Policies and Guidelines; Planning Your Security Needs; Types of Security; Trust
- Risk AssessmentSteps in Risk Assessment; Identifying assets; Identifying threats; Review Your Risks; Cost-Benefit Analysis and Best Practices; The Cost of Loss; The Probability of a Loss; The Cost of Prevention; Adding Up the Numbers; Best Practices; Convincing Management; Policy; The Role of Policy; Standards; Guidelines; Some Key Ideas in Developing a Workable Policy; Assign an owner; Be positive; Remember that employees are people too; Concentrate on education; Have authority commensurate with responsibility; Be sure you know your security perimeter; Pick a basic philosophy
- Defend in depthRisk Management Means Common Sense; Compliance Audits; Outsourcing Options; Formulating Your Plan of Action; Choosing a Vendor; Get a referral and insist on references; Beware of soup-to-nuts; Insist on breadth of background; People; "Reformed" hackers; Monitoring Services; Final Words on Outsourcing; The Problem with Security Through Obscurity; Keeping Secrets; Responsible Disclosure; Summary; Part II; Chapter 4. Users, Passwords, and Authentication; Logging in with Usernames and Passwords; Unix Usernames; Authenticating Users; Authenticating with Passwords
- Entering your passwordChanging your password; Verifying your new password; Changing another user's password; The Care and Feeding of Passwords; Bad Passwords: Open Doors; Smoking Joes; Good Passwords: Locked Doors; Password Synchronization: Using the Same Password on Many Machines; Writing Down Passwords; How Unix Implements Passwords; The /etc/passwd File; The Unix Encrypted Password System; The traditional crypt() algorithm; Unix salt; crypt16(), DES Extended, and Modular Crypt Format; The shadow password and master password files; One-Time Passwords; Public Key Authentication
- Network Account and Authorization Systems
