11. Security Sources

There are a LOT of good sites out there for Unix security in general and Linux security specifically. It's very important to subscribe to one (or more) of the security mailing lists and keep current on security fixes. Most of these lists are very low volume, and very informative.

11.1 LinuxSecurity.com References

The LinuxSecurity.com web site has numerous Linux and open source security references written by the LinuxSecurity staff and people collectively around the world.

• Linux Advisory Watch -- A comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability.

• Linux Security Week -- The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

• Linux Security Discussion List -- This mailing list is for general security-related questions and comments.

• Linux Security Newsletters -- Subscription information for all newsletters.

• comp.os.linux.security FAQ -- Frequently Asked Questions with answers for the comp.os.linux.security newsgroup.

• Linux Security Documentation -- A great starting point for information pertaining to Linux and Open Source security.

11.2 FTP Sites

CERT is the Computer Emergency Response Team. They often send out alerts of current attacks and fixes. See ftp://ftp.cert.org for more information.

ZEDZ (formerly Replay) ( http://www.zedz.net) has archives of many security programs. Since they are outside the US, they don't need to obey US crypto restrictions.

Matt Blaze is the author of CFS and a great security advocate. Matt's archive is available at ftp://ftp.research.att.com/pub/mab

tue.nl is a great security FTP site in the Netherlands. ftp.win.tue.nl

11.3 Web Sites

• The Hacker FAQ is a FAQ about hackers: The Hacker FAQ
• The COAST archive has a large number of Unix security programs and information: COAST
• SuSe Security Page: http://www.suse.de/security/
• Rootshell.com is a great site for seeing what exploits are currently being used by crackers: http://www.rootshell.com/
• BUGTRAQ puts out advisories on security issues: BUGTRAQ archives
• CERT, the Computer Emergency Response Team, puts out advisories on common attacks on Unix platforms: CERT home
• Dan Farmer is the author of SATAN and many other security tools. His home site has some interesting security survey information, as well as security tools: http://www.trouble.org
• The Linux security WWW is a good site for Linux security information: Linux Security WWW
• Infilsec has a vulnerability engine that can tell you what vulnerabilities affect a specific platform: http://www.infilsec.com/vulnerabilities/
• CIAC sends out periodic security bulletins on common exploits: http://ciac.llnl.gov/cgi-bin/index/bulletins
• A good starting point for Linux Pluggable Authentication modules can be found at http://www.kernel.org/pub/linux/libs/pam/.
• The Debian project has a web page for their security fixes and information. It is at http://www.debian.com/security/.
• WWW Security FAQ, written by Lincoln Stein, is a great web security reference. Find it at http://www.w3.org/Security/Faq/www-security-faq.html

11.4 Mailing Lists

Bugtraq: To subscribe to bugtraq, send mail to listserv@netspace.org containing the message body subscribe bugtraq. (see links above for archives).

CIAC: Send e-mail to majordomo@tholia.llnl.gov. In the BODY (not subject) of the message put (either or both):

subscribe ciac-bulletin

Red Hat has a number of mailing lists, the most important of which is the redhat-announce list. You can read about security (and other) fixes as soon as they come out. Send email to redhat-announce-list-request@redhat.com with the Subject

Subscribe

The Debian project has a security mailing list that covers their security fixes. See http://www.debian.com/security/ for more information.

11.5 Books - Printed Reading Material

There are a number of good security books out there. This section lists a few of them. In addition to the security specific books, security is covered in a number of other books on system administration.

• Building Internet Firewalls By D. Brent Chapman & Elizabeth D. Zwicky, 1st Edition September 1995, ISBN: 1-56592-124-0

• Practical UNIX & Internet Security, 2nd Edition By Simson Garfinkel & Gene Spafford, 2nd Edition April 1996, ISBN: 1-56592-148-8

• Computer Security Basics By Deborah Russell & G.T. Gangemi, Sr., 1st Edition July 1991, ISBN: 0-937175-71-4

• Linux Network Administrator's Guide By Olaf Kirch, 1st Edition January 1995, ISBN: 1-56592-087-2

• PGP: Pretty Good Privacy By Simson Garfinkel, 1st Edition December 1994, ISBN: 1-56592-098-8

• Computer Crime A Crimefighter's Handbook By David Icove, Karl Seger & William VonStorch (Consulting Editor Eugene H. Spafford), 1st Edition August 1995, ISBN: 1-56592-086-4

• Linux Security By John S. Flowers, New Riders; ISBN: 0735700354, March 1999

• Maximum Linux Security : A Hacker's Guide to Protecting Your Linux Server and Network, Anonymous, Paperback - 829 pages, Sams; ISBN: 0672313413, July 1999

• Intrusion Detection By Terry Escamilla, Paperback - 416 pages (September 1998), John Wiley and Sons; ISBN: 0471290009

• Fighting Computer Crime, Donn Parker, Paperback - 526 pages (September 1998), John Wiley and Sons; ISBN: 0471163783