Additional Security References

As a trusted administrator, you should become familiar with the standards established by various government agencies. Government publications describe in detail the standards, policies, methods, and terminology associated with computer security.

Other publications listed here are guides for system administrators of UNIX systems and are useful in gaining a thorough understanding of UNIX security problems and solutions. Some publications listed here describe successful attempts to penetrate computer systems around the world and illustrate real threats to computer security. These publications emphasize the importance of computer systems managed by knowledgeable and capable administrators.

U.S. Government Publications

Computer Security Requirements, Guidance for Applying the Department of Defense Trusted Computer System Evaluation Criteria in Specific Environments, DoD, CSC-STD-003-85, 1985.

Department of Defense Password Management Guideline, DoD, CSC-STD-002-85, 1985.

Department of Defense Trusted Computer System Evaluation Criteria (TCSEC) National Computer Security Center, DoD 520.28-STD, 1985.

Graubart, Richard D., J.L. Berger, and John P.L. Woodward, Compartmented Mode Workstations Evaluation Criteria, Version 1, DIA DDS-2600-6243-91, Mitre, Bedford, Massachusetts, March 1991.

Personal Computer Security Considerations, National Computer Security Center, NCSC-WA-002-85, 1985.

Technical Rationale behind CSC-STD-003-85 Computer Security Requirements, Guidance for Applying the Department of Defense Trusted Computer System Evaluation Criteria in Specific Environments, DoD, CSC-STD-004-85, 1985.

Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria, National Computer Security Center, NCSC-TG-005 Version 1, 1987.

Woodward, John P.L., Security Requirements for System High and Compartmented Mode Workstations, DIA DDS-2600-5502-87, Mitre, Bedford, Massachusetts, November 1987.

UNIX Security Publications

Farrow, Rik, UNIX System Security, Addison-Wesley, Reading, MA, 1991.

Garfinkel, Simson, and Gene Spafford, Practical UNIX Security, O'Reilly & Associates, Inc., Sebastopol, CA, 1991.

Gregory, Peter, Solaris Security, Sun Microsystems Press, September 1999.

Hayes, Frank, "Is Your System Safe?" UNIXWORLD, June 1990.

Wood, Patrick H., and Stephen Kochan, UNIX System Security, Hayden Books, Indianapolis, IN, 1986.

General Computer Security Publications

Denning, Peter J., Computers under Attack: Intruders, Worms and Viruses, ACM Press, Addison-Wesley, Reading, MA, 1990.

Farrow, Rik, "Inside the Internet Worm," UNIXWORLD, June 1990.

Hafner, Katie, and John Markroff, Cyberpunk: Outlaws and Hackers on the Computer Frontier, Simon & Schuster, New York, NY, 1991.

Levy, Steven, Hackers: Heroes of the Computer Revolution, Dell Books, New York, NY, 1984.

McAffe, John, and C. Haynes, Computer Viruses, Worms, Data Diddlers, Killer Programs, and Other Threats to Your System, St. Martin's Press, New York, NY, 1989.

Page, Bob, "A Report on the Internet Worm," University of Lowell, Computer Science Department, November 1988.

Russell, Deborah, and G.T. Gangemi, Sr., Computer Security Basics, O'Reilly & Associates, Inc., Sebastopol, CA, 1990.

"Special Report: Computer Security and the Internet", Scientific American, October 1998. pp 95-117. Contains articles on hackers, firewalls, encryption, digital signatures, and Java, with extensive bibliographies.

Seeley, Donn, "A Tour of the Worm," University of Utah Department of Computer Science, Technical Report, November 1988.

Spafford, Eugene H., "The Internet Worm: Crisis and Aftermath," Communications of the ACM, June 1989.

Stoll, Cliff, The Cuckoo's Egg, Doubleday, Garden City, NY, 1989.

Thompson, Ken, "Reflections on Trusting Trust," 1983 ACM Turing Award Lecture, Communications of the ACM, August 1984.

General UNIX Publications

Bach, Maurice J., The Design of the UNIX Operating System, Prentice Hall, Englewood Cliffs, NJ, 1986.

Kobert, Jeannie Johnstone, Guide To High Availability: Configuring boot/root/swap, Sun Microsystems Press, September 1999.

Nemeth, Evi, Garth Snyder, and Scott Seebas, UNIX System Administration Handbook, Prentice Hall, Englewood Cliffs, NJ, 1989.

Winsor, Janice, Solaris 7 Reference, Sun Microsystems Press, September 1999.