8. Почтовые списки и другие ресурсы
Было бы невозможно перечислить все почтовые подписные листы и другие ресурсы, имеющие отношения к безопасности. Однако ссылки, названные ниже, являются стартовыми точками, с которых читатель может начать. Все эти ссылки предназначены для клиентов ИНТЕРНЕТ. Некоторые специфические ресурсы (производители и географические адреса) могут быть найдены через представленные ниже ссылки.
Почтовые подписные листы:
CERT(TM) Advisory
Посылайте почтовое сообщение по адресу: [email protected]
В теле сообщения надо написать: subscribe cert <FIRSTNAME> <LASTNAME>.
Консультация CERT предоставляет информацию о том, как получить поправку (patch) к программе или подробности того, как обойти какую-то известную проблему безопасности. Координационный центр CERT работает с поставщиками, чтобы предоставлять нужные коррекции программ или методики для решения задач безопасности, и не публикует ничего об известных уязвимостях до тех пор, пока не будут найдены средства их защиты. Консультация CERT может также выдавать предупреждения клиентуре о возможных атаках (например, "CA-91:18.Active.Internet.tftp.Attacks").
Консультации CERT публикуются в группе новостей USENET: comp.security.announce.
Архивы консультации CERT доступны посредством анонимного FTP по адресу info.cert.org в каталоге /pub/cert_advisories.
VIRUS-L List
Посылайте почтовое сообщение по адресу: listserv%[email protected]
Тело сообщения: subscribe virus-L FIRSTNAME LASTNAME
VIRUS-L является почтовым подписным листом, работающим через посредника, и посвященным проблеме компьютерных вирусов. За дополнительной информацией рекомендуется обращаться к файлу "virus-l.README", доступному через анонимный FTP по адресу cs.ucr.edu.
Internet Firewalls
Посылайте почтовое сообщение по адресу: [email protected]
Тело сообщения: subscribe firewalls [email protected]
Подписные листы по сетевым экранам являются дискуссионным форумом для администраторов и программистов.
Группы новостей USENET:
comp.security.announce
Группа новостей comp.security.announce работает через посредника и используется только для рассылки рекомендаций CERT.
comp.security.misc
comp.security.misc является форумом для обсуждения компьютерной безопасности, особенно если это относится к ОС UNIX(r).
alt.security
Группа новостей alt.security является также форумом для обсуждения компьютерной безопасности, и других вопросов, таких как замки автомашин и охранные системы.
comp.virus
Группа новостей comp.virus работает через посредника и нацелена на компьютерные вирусы. Дополнительную информацию смотри в файле "virus-l.README", доступном через анонимный FTP по адресу info.cert.org в каталоге /pub/virus-l.
comp.risks
Группа новостей comp.risks является форумом, работающим через посредника, посвященным рискам при работе с ЭВМ и смежным темам.
Страницы World-Wide Web:
www.first.org
Ресурсы компьютерной безопасности Счетной палаты. Главное внимание уделено информации по преодолению кризисов, по угрозам безопасности, уязвимостям и решениям. В то же время, Счетная палата стремится предоставить общий индекс по компьютерной безопасности, включая риски, конфиденциальность, юридические вопросы, вирусы, страхование, политика и обучение.
www.telstra.com.au/info/security.html
Этот индекс ссылок содержит список ссылок на первоисточники по сетевой и компьютерной безопасности. Многие, если не все, программные средства работают хорошо, но мы не гарантируем этого. Эта информация предназначена для обучения и легального использования методик компьютерной безопасности.
www.alw.nih.gov/Security/security.html
На этой странице представлена общая информация о компьютерной информации. Информация привязана к первоисточникам, а в каждом разделе данные организованы по темам. Последние модификации представлены на странице What's New.
csrc.ncsl.nist.gov
Этот архив в Национальном Институте Стандартов и ресурсы технологии компьютерной безопасности Счетной палаты, страница содержит много уведомлений, программ и документов, относящихся к компьютерной безопасности.
9. Литература
[Appelman, 1995] | Appelman, Heller, Ehrman, White, and McAuliffe, «The Law and The Internet», USENIX 1995 Technical Conference on UNIX and Advanced Computing, New Orleans, LA, January 16-20, 1995. |
[ABA, 1989] | American Bar Association, Section of Science and Technology, «Guide to the Prosecution of Telecommunication Fraud by the Use of Computer Crime Statutes», American Bar Association, 1989. |
[Aucoin, 1989] | R. Aucoin, «Computer Viruses: Checklist for Recovery», Computers in Libraries, Vol. 9, No. 2, Pg. 4, Февраль 1989. |
[Barrett, 1996] | D. Barrett, «Bandits on the Information Superhighway», O'Reilly & Associates, Sebastopol, CA, 1996. |
[Bates, 1992] | R. Bates, «Disaster Recovery Planning: Networks, Telecommunications and Data Communications», McGraw-Hill, 1992. |
[Bellovin, 1989] | S. Bellovin, «Security Problems in the TCP/IP Protocol Suite», Computer Communication Review, Vol 19, 2, pp. 32-48, Апрель 1989. |
[Bellovin, 1990] | S. Bellovin, and M. Merritt, «Limitations of the Kerberos Authentication System», Computer Communications Review, October 1990. |
[Bellovin, 1992] | S. Bellovin, «There Be Dragon», USENIX: Proceedings of the Third Usenix Security Symposium, Baltimore, MD. September, 1992. |
[Bender, 1894] | D. Bender, «Computer Law: Evidence and Procedure», M. Bender, New York, NY, 1978-present. |
[Bloombecker, 1990] | B. Bloombecker, «Spectacular Computer Crimes», Dow Jones- Irwin, Homewood, IL. 1990. |
[Brand, 1990] | R. Brand, «Coping with the Threat of Computer Security Incidents: A Primer from Prevention through Recovery», R. Brand, 8 June 1990. |
[Brock, 1989] | J. Brock, «November 1988 Internet Computer Virus and the Vulnerability of National Telecommunications Networks to Computer Viruses», GAO/T-IMTEC-89-10, Washington, DC, 20 July 1989. |
[BS 7799] | British Standard, BS Tech Cttee BSFD/12, Info. Sec. Mgmt, «BS 7799 : 1995 Code of Practice for Information Security Management», British Standards Institution, London, 54, Effective 15 February 1995. |
[Caelli, 1988] | W. Caelli, Editor, «Computer Security in the Age of Information», Proceedings of the Fifth IFIP International Conference on Computer Security, IFIP/Sec '88. |
[Carroll, 1987] | J. Carroll, «Computer Security», 2nd Edition, Butterworth Publishers, Stoneham, MA, 1987. |
[Cavazos, 1995] | E. Cavazos and G. Morin, «Cyber-Space and The Law», MIT Press, Cambridge, MA, 1995. |
[CCH, 1989] | Commerce Clearing House, «Guide to Computer Law», (Topical Law Reports), Chicago, IL., 1989. |
[Chapman, 1992] | B. Chapman, «Network(In) Security Through IP Packet Filtering», USENIX: Proceedings of the Third UNIX Security Symposium, Baltimore, MD, Сентябрь 1992. |
[Chapman, 1995] | B. Chapman and E. Zwicky, «Building Internet Firewalls», O'Reilly and Associates, Sebastopol, CA, 1995. |
[Cheswick, 1990] | B. Cheswick, «The Design of a Secure Internet Gateway», Proceedings of the Summer Usenix Conference, Anaheim, CA, Июнь 1990. |
[Cheswick1] | W. Cheswick, «An Evening with Berferd In Which a Cracker is Lured, Endured, and Studied», AT&T Bell Laboratories. |
[Cheswick, 1994] | W. Cheswick and S. Bellovin, «Firewalls and Internet Security: Repelling the Wily Hacker», Addison-Wesley, Reading, MA, 1994. |
[Conly, 1989] | C. Conly, «Organizing for Computer Crime Investigation and Prosecution», U.S. Dept. of Justice, Office of Justice Programs, Under Contract Number OJP-86-C-002, National Institute of Justice, Washington, DC, Июль 1989. |
[Cooper, 1989] | J. Cooper, «Computer and Communications Security: Strategies for the 1990s», McGraw-Hill, 1989. |
[CPSR, 1989] | Computer Professionals for Social Responsibility, «CPSR Statement on the Computer Virus», CPSR, Communications of the ACM, Vol. 32, No. 6, Pg. 699, Июнь 1989. |
[CSC-STD-002-85, 1985] | Department of Defense, «Password Management Guideline», CSC-STD-002-85, 12 April 1985, 31 pages. |
[Curry, 1990] | D. Curry, «Improving the Security of Your UNIX System», SRI International Report ITSTD-721-FR-90-21, Апрель 1990. |
[Curry, 1992] | D. Curry, «UNIX System Security: A Guide for Users and Systems Administrators», Addision-Wesley, Reading, MA, 1992. |
[DDN88] | Defense Data Network, «BSD 4.2 and 4.3 Software Problem Resolution», DDN MGT Bulletin #43, DDN Network Information Center, 3 November 1988. |
[DDN89] | DCA DDN Defense Communications System, «DDN Security Bulletin 03», DDN Security Coordination Center, 17 October 1989. |
[Denning, 1990] | P. Denning, Editor, «Computers Under Attack: Intruders, Worms, and Viruses», ACM Press, 1990. |
[Eichin, 1989] | M. Eichin, and J. Rochlis, «With Microscope and Tweezers: An Analysis of the Internet Virus of November 1988», Massachusetts Institute of Technology, Февраль 1989. |
[Eisenberg, 89] | T. Eisenberg, D. Gries, J. Hartmanis, D. Holcomb, M. Lynn, and T. Santoro, «The Computer Worm», Cornell University, 6 February 1989. |
[Ermann, 1990] | D. Ermann, M. Williams, and C. Gutierrez, Editors, «Computers, Ethics, and Society», Oxford University Press, NY, 1990. (376 pages, includes bibliographical references). |
[Farmer, 1990] | D. Farmer and E. Spafford, «The COPS Security Checker System», Proceedings of the Summer 1990 USENIX Conference, Anaheim, CA, Pgs. 165-170, Июнь 1990. |
[Farrow, 1991] | Rik Farrow, «UNIX Systems Security», Addison-Wesley, Reading, MA, 1991. |
[Fenwick, 1985] | W. Fenwick, Chair, «Computer Litigation, 1985: Trial Tactics and Techniques», Litigation Course Handbook Series No. 280, Prepared for distribution at the Computer Litigation, 1985: Trial Tactics and Techniques Program, February-March 1985. |
[Fites 1989] | M. Fites, P. Kratz, and A. Brebner, «Control and Security of Computer Information Systems», Computer Science Press, 1989. |
[Fites, 1992] | Fites, Johnson, and Kratz, «The Computer Virus Crisis», Van Hostrand Reinhold, 2nd edition, 1992. |
[Forester, 1990] | T. Forester, and P. Morrison, «Computer Ethics: Tales and Ethical Dilemmas in Computing», MIT Press, Cambridge, MA, 1990. |
[Foster, 1990] | T. Forester, and P. Morrison, «Computer Ethics: Tales and Ethical Dilemmas in Computing», MIT Press, Cambridge, MA, 1990. (192 pages including index.) |
[GAO/IMTEX-89-57, 1989] | U.S. General Accounting Office, «Computer Security — Virus Highlights Need for Improved Internet Management», United States General Accounting Office, Washington, DC, 1989. |
[Garfinkel, 1991] | S. Garfinkel, and E. Spafford, «Practical Unix Security», O'Reilly & Associates, ISBN 0-937175-72-2, Май 1991. |
[Garfinkel, 1995] | S. Garfinkel, «PGP:Pretty Good Privacy», O'Reilly & Associates, Sebastopol, CA, 1996. |
[Garfinkel, 1996] | S. Garfinkel and E. Spafford, «Practical UNIX and Internet Security», O'Reilly & Associates, Sebastopol, CA, 1996. |
[Gemignani, 1989] | M. Gemignani, «Viruses and Criminal Law», Communications of the ACM, Vol. 32, No. 6, Pgs. 669-671, Июнь 1989. |
[Goodell, 1996] | J. Goodell, «The Cyberthief and the Samurai: The True Story of Kevin Mitnick-And The Man Who Hunted Him Down», Dell Publishing, 1996. |
[Gould, 1989] | C. Gould, Editor, «The Information Web: Ethical and Social Implications of Computer Networking», Westview Press, Boulder, CO, 1989. |
[Greenia, 1989] | M. Greenia, «Computer Security Information Sourcebook», Lexikon Services, Sacramento, CA, 1989. |
[Hafner, 1991] | K. Hafner and J. Markoff, «Cyberpunk: Outlaws and Hackers on the Computer Frontier», Touchstone, Simon & Schuster, 1991. |
[Hess] | D. Hess, D. Safford, and U. Pooch, «A Unix Network Protocol Security Study: Network Information Service», Texas A&M University. |
[Hoffman, 1990] | L. Hoffman, «Rogue Programs: Viruses, Worms, and Trojan Horses», Van Nostrand Reinhold, NY, 1990. (384 pages, includes bibliographical references and index.) |
[Howard, 1995] | G. Howard, «Introduction to Internet Security: From Basics to Beyond», Prima Publishing, Rocklin, CA, 1995. |
[Huband, 1986] | F. Huband, and R. Shelton, Editors, «Protection of Computer Systems and Software: New Approaches for Combating Theft of Software and Unauthorized Intrusion», Papers presented at a workshop sponsored by the National Science Foundation, 1986. |
[Hughes, 1995] | L. Hughes Jr., «Actually Useful Internet Security Techniques», New Riders Publishing, Indianapolis, IN, 1995. |
[IAB-RFC1087, 1989] | Internet Activities Board, «Ethics and the Internet», RFC 1087, IAB, Январь 1989. Also appears in the Communications of the ACM, Vol. 32, No. 6, Pg. 710, Июнь 1989. |
[Icove, 1995] | D. Icove, K. Seger, and W. VonStorch, «Computer Crime: A Crimefighter's Handbook», O'Reilly & Associates, Sebastopol, CA, 1995. |
[IVPC, 1996] | IVPC, «International Virus Prevention Conference '96 Proceedings», NCSA, 1996. |
[Johnson] | D. Johnson, and J. Podesta, «Formulating A Company Policy on Access to and Use and Disclosure of Electronic Mail on Company Computer Systems». |
[Kane, 1994] | P. Kane, «PC Security and Virus Protection Handbook: The Ongoing War Against Information Sabotage», M&T Books, 1994. |
[Kaufman, 1995] | C. Kaufman, R. Perlman, and M. Speciner, «Network Security: PRIVATE Communication in a PUBLIC World», Prentice Hall, Englewood Cliffs, NJ, 1995. |
[Kent, 1990] | S. Kent, «E-Mail Privacy for the Internet: New Software and Strict Registration Procedures will be Implemented this Year», Business Communications Review, Vol. 20, No. 1, Pg. 55, 1 January 1990. |
[Levy, 1984] | S. Levy, «Hacker: Heroes of the Computer Revolution», Delta, 1984. |
[Lewis, 1996] | S. Lewis, «Disaster Recovery Yellow Pages», The Systems Audit Group, 1996. |
[Littleman, 1996] | J. Littleman, «The Fugitive Game: Online with Kevin Mitnick», Little, Brown, MA., 1996. |
[Lu, 1989] | W. Lu and M. Sundareshan, «Secure Communication in Internet Environments: A Hierarchical Key Management Scheme for End-to-End Encryption», IEEE Transactions on Communications, Vol. 37, No. 10, Pg. 1014, 1 October 1989. |
[Lu, 1990] | W. Lu and M. Sundareshan, «A Model for Multilevel Security in Computer Networks», IEEE Transactions on Software Engineering, Vol. 16, No. 6, Page 647, 1 June 1990. |
[Martin, 1989] | M. Martin, and R. Schinzinger, «Ethics in Engineering», McGraw Hill, 2nd Edition, 1989. |
[Merkle] | R. Merkle, «A Fast Software One Way Hash Function», Journal of Cryptology, Vol. 3, No. 1. |
[McEwen, 1989] | J. McEwen, «Dedicated Computer Crime Units», Report Contributors: D. Fester and H. Nugent, Prepared for the National Institute of Justice, U.S. Department of Justice, by Institute for Law and Justice, Inc., under contract number OJP-85-C-006, Washington, DC, 1989. |
[MIT, 1989] | Massachusetts Institute of Technology, «Teaching Students About Responsible Use of Computers», MIT, 1985-1986. Also reprinted in the Communications of the ACM, Vol. 32, No. 6, Pg. 704, Athena Project, MIT, Июнь 1989. |
[Mogel, 1989] | Mogul, J., «Simple and Flexible Datagram Access Controls for UNIX-based Gateways», Digital Western Research Laboratory Research Report 89/4, Март 1989. |
[Muffett, 1992] | A. Muffett, «Crack Version 4.1: A Sensible Password Checker for Unix» |
[NCSA1, 1995] | NCSA, «NCSA Firewall Policy Guide», 1995. |
[NCSA2, 1995] | NCSA, «NCSA's Corporate Computer Virus Prevention Policy Model», NCSA, 1995. |
[NCSA, 1996] | NCSA, «Firewalls & Internet Security Conference '96 Proceedings», 1996. |
[NCSC-89-660-P, 1990] | National Computer Security Center, «Guidelines for Formal Verification Systems», Shipping list no.: 89-660-P, The Center, Fort George G. Meade, MD, 1 April 1990. |
[NCSC-89-254-P, 1988] | National Computer Security Center, «Glossary of Computer Security Terms», Shipping list no.: 89-254-P, The Center, Fort George G. Meade, MD, 21 October 1988. |
[NCSC-C1-001-89, 1989] | Tinto, M., «Computer Viruses: Prevention, Detection, and Treatment», National Computer Security Center C1 Technical Report C1-001-89, Июнь 1989. |
[NCSC Conference, 1989] | National Computer Security Conference, «12th National Computer Security Conference: Baltimore Convention Center, Baltimore, MD, 10-13 October, 1989: Information Systems Security, Solutions for Today — Concepts for Tomorrow», National Institute of Standards and National Computer Security Center, 1989. |
[NCSC-CSC-STD-003-85, 1985] | Нational Computer Security Center, «Guidance for Applying the Department of Defense Trusted Computer System Evaluation Criteria in Specific Environments», CSC-STD-003-85, NCSC, 25 June 1985 |
[NCSC-STD-004-85, 1985] | National Computer Security Center, «Technical Rationale Behind CSC-STD-003-85: Computer Security Requirements», CSC-STD-004-85, NCSC, 25 June 1985 |
[NCSC-STD-005-85, 1985] | National Computer Security Center, «Magnetic Remanence Security Guideline», CSC-STD-005-85, NCSC, 15 November 1985 |
[NCSC-TCSEC, 1985] | National Computer Security Center, «Trusted Computer System Evaluation Criteria», DoD 5200.28-STD, CSC-STD-001-83, NCSC, Декабрь 1985. |
[NCSC-TG-003, 1987] | NCSC, «A Guide to Understanding DISCRETIONARY ACCESS CONTROL in Trusted Systems», NCSC-TG-003, Version-1, 30 September 1987, 29 pages. |
[NCSC-TG-001, 1988] | NCSC, «A Guide to Understanding AUDIT in Trusted Systems», NCSC-TG-001, Version-2, 1 June 1988, 25 pages. |
[NCSC-TG-004, 1988] | National Computer Security Center, «Glossary of Computer Security Terms», NCSC-TG-004, NCSC, 21 October 1988. |
[NCSC-TG-005, 1987] | National Computer Security Center, «Trusted Network Interpretation», NCSC-TG-005, NCSC, 31 July 1987. |
[NCSC-TG-006, 1988] | NCSC, «A Guide to Understanding CONFIGURATION MANAGEMENT in Trusted Systems», NCSC-TG-006, Version-1, 28 March 1988, 31 pages. |
[NCSC-TRUSIX, 1990] | National Computer Security Center, «Trusted UNIX Working Group (TRUSIX) rationale for selecting access control list features for the UNIX system», Shipping list no.: 90-076-P, The Center, Fort George G. Meade, MD, 1990 |
[NRC, 1991] | National Research Council, «Computers at Risk: Safe Computing in the Information Age», National Academy Press, 1991. |
[Nemeth, 1995] | E. Nemeth, G. Snyder, S. Seebass, and T. Hein, «UNIX Systems Administration Handbook», Prentice Hall PTR, Englewood Cliffs, NJ, 2nd ed. 1995. |
[NIST, 1989] | National Institute of Standards and Technology, «Computer Viruses and Related Threats: A Management Guide», NIST Special Publication 500-166, Август 1989. |
[NSA] | National Security Agency, «Information Systems Security Products and Services Catalog», NSA, Quarterly Publication. |
[NSF, 1988] | National Science Foundation, «NSF Poses Code of Networking Ethics», Communications of the ACM, Vol. 32, No. 6, Pg. 688, Июнь 1989. Also appears in the minutes of the regular meeting of the Division Advisory Panel for Networking and Communications Research and Infrastructure, Dave Farber, Chair, November 29-30, 1988. |
[NTISSAM, 1987] | NTISS, «Advisory Memorandum on Office Automation Security Guideline», NTISSAM COMPUSEC/1-87, 16 January 1987, 58 pages. |
[OTA-CIT-310, 1987] | United States Congress, Office of Technology Assessment, «Defending Secrets, Sharing Data: New Locks and Keys for Electronic Information», OTA-CIT-310, October 1987. |
[OTA-TCT-606] | Congress of the United States, Office of Technology Assessment, «Information Security and Privacy in Network Environments», OTA-TCT-606, Сентябрь 1994. |
[Palmer, 1989] | I. Palmer, and G. Potter, «Computer Security Risk Management», Van Nostrand Reinhold, NY, 1989. |
[Parker, 1989] | D. Parker, «Computer Crime: Criminal Justice Resource Manual», U.S. Dept. of Justice, National Institute of Justice, Office of Justice Programs, Under Contract Number OJP-86-C-002, Washington, D.C., Август 1989. |
[Parker, 1990] | D. Parker, S. Swope, and B. Baker, «Ethical Conflicts: Information and Computer Science, Technology and Business», QED Information Sciences, Inc., Wellesley, MA. (245 pages). |
[Pfleeger, 1989] | C. Pfleeger, «Security in Computing», Prentice-Hall, Englewood Cliffs, NJ, 1989. |
[Quarterman, 1990] | J. Quarterman, J., «The Matrix: Computer Networks and Conferencing Systems Worldwide», Digital Press, Bedford, MA, 1990. |
[Ranum1, 1992] | M. Ranum, «An Internet Firewall», Proceedings of World Conference on Systems Management and Security, 1992. |
[Ranum2, 1992] | M. Ranum, «A Network Firewall», Digital Equipment Corporation Washington Open Systems Resource Center, June 12, 1992. |
[Ranum, 1993] | M. Ranum, «Thinking About Firewalls», 1993. |
[Ranum, 1994] | M. Ranum and F. Avolio, «A Toolkit and Methods for Internet Firewalls», Trustest Information Systems, 1994. |
[Reinhardt, 1992] | R. Reinhardt, «An Architectural Overview of UNIX Network Security» |
[Reinhardt, 1993] | R. Reinhardt, «An Architectural Overview of UNIX Network Security», ARINC Research Corporation, February 18, 1993. |
[Reynolds-RFC1135, 1989] | The Helminthiasis of the Internet, RFC 1135, USC/Information Sciences Institute, Marina del Rey, CA, Декабрь 1989 |
[Russell, 1991] | D. Russell and G. Gangemi, «Computer Security Basics» O'Reilly & Associates, Sebastopol, CA, 1991. |
[Schneier 1996] | B. Schneier, «Applied Cryptography: Protocols, Algorithms, and Source Code in C», John Wiley & Sons, New York, second edition, 1996. |
[Seeley, 1989] | D. Seeley, «A Tour of the Worm», Proceedings of 1989 Winter USENIX Conference, Usenix Association, San Diego, CA, Февраль 1989. |
[Shaw, 1986] | E. Shaw Jr., «Computer Fraud and Abuse Act of 1986», Congressional Record (3 June 1986), Washington, D.C., 3 June 1986. |
[Shimomura, 1996] | T. Shimomura with J. Markoff, «Takedown:The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw-by the Man Who Did It», Hyperion, 1996. |
[Shirey, 1990] | R. Shirey, «Defense Data Network Security Architecture», Computer Communication Review, Vol. 20, No. 2, Page 66, 1 April 1990. |
[Slatalla, 1995] | M. Slatalla and J. Quittner, «Masters of Deception: The Gang that Ruled Cyberspace», Harper Collins Publishers, 1995. |
[Smith, 1989] | M. Smith, «Commonsense Computer Security: Your Practical Guide to Preventing Accidental and Deliberate Electronic Data Loss», McGraw-Hill, New York, NY, 1989. |
[Smith, 1995] | D. Smith, «Forming an Incident Response Team», Sixth Annual Computer Security Incident Handling Workshop, Boston, MA, July 25-29, 1995. |
[Spafford, 1988] | E. Spafford, «The Internet Worm Program: An Analysis», Computer Communication Review, Vol. 19, No. 1, ACM SIGCOM, Январь 1989. Also issued as Purdue CS Technical Report CSD-TR-823, 28 November 1988 |
[Spafford, 1989] | G. Spafford, «An Analysis of the Internet Worm», Proceedings of the European Software Engineering Conference 1989, Warwick England, Сентябрь 1989. Proceedings published by Springer-Verlag as: Lecture Notes in Computer Science #387. Also issued as Purdue Technical Report #CSD-TR-933 |
[Spafford, 1989] | E. Spafford, K. Heaphy, and D. Ferbrache, «Computer Viruses: Dealing with Electronic Vandalism and Programmed Threats», ADAPSO, 1989. (109 pages.) |
[Stallings1, 1995] | W. Stallings, «Internet Security Handbook», IDG Books, Foster City CA, 1995. |
[Stallings2, 1995] | W. Stallings, «Network and Internetwork Security», Prentice Hall, 1995. |
[Stallings3, 1995] | W. Stallings, «Protect Your Privacy: A Guide for PGP Users» PTR Prentice Hall, 1995. |
[Stoll, 1988] | C. Stoll, «Stalking the Wily Hacker», Communications of the ACM, Vol. 31, No. 5, Pgs. 484-497, ACM, New York, NY, Май 1988. |
[Stoll, 1989] | C. Stoll, «The Cuckoo's Egg», ISBN 00385-24946-2, Doubleday, 1989. |
[Treese, 1993] | G. Treese and A. Wolman, «X Through the Firewall, and Other Applications Relays», Digital Equipment Corporation, Cambridge Research Laboratory, CRL 93/10, May 3, 1993. |
[Trible, 1986] | P. Trible, «The Computer Fraud and Abuse Act of 1986», U.S. Senate Committee on the Judiciary, 1986. |
[Venema] | W. Venema, «TCP WRAPPER: Network monitoring, access control, and booby traps», Mathematics and Computing Science, Eindhoven University of Technology, The Netherlands. |
USENIX, 1988] | USENIX, «USENIX Proceedings: UNIX Security Workshop», Portland, OR, August 29-30, 1988. |
[USENIX, 1990] | USENIX, «USENIX Proceedings:UNIX Security II Workshop», Portland, OR, August 27-28, 1990. |
[USENIX, 1992] | USENIX, «USENIX Symposium Proceedings: UNIX Security III», Baltimore, MD, September 14-16, 1992. |
[USENIX, 1993] | USENIX, «USENIX Symposium Proceedings: UNIX Security IV», Santa Clara, CA, October 4-6, 1993. |
[USENIX, 1995] | USENIX, «The Fifth USENIX UNIX Security Symposium», Salt Lake City, UT, June 5-7, 1995. |
[Wood, 1987] | C. Wood, W. Banks, S. Guarro, A. Garcia, V. Hampel, and H. Sartorio, «Computer Security: A Comprehensive Controls Checklist», John Wiley and Sons, Interscience Publication, 1987. |
[Wrobel, 1993] | L. Wrobel, «Writing Disaster Recovery Plans for Telecommunications Networks and LANS», Artech House, 1993. |
[Vallabhaneni, 1989] | S. Vallabhaneni, «Auditing Computer Security: A Manual with Case Studies», Wiley, New York, NY, 1989. |
Вопросы безопасности
This entire document discusses security issues.
Адреса автора
Barbara Y. Fraser (Editor)
Software Engineering Institute
Carnegie Mellon University
5000 Forbes Avenue
Pittsburgh, PA 15213
Phone: (412) 268-5010
Fax: (412) 268-6989
EMail: gro.trec@fyb