Documente Academic
Documente Profesional
Documente Cultură
http://www.auscert.org.au/render.html?it=5816&template=1
Introduction
This document has been published by the Australian Computer Emergency Response Team
(AusCERT). It provides a checklist of steps to improve the security of UNIX and Linux
systems. We encourage system administrators to review all sections of this document and if
appropriate modify their systems to fix potential weaknesses.
The checklist is structured to follow the lifecycle of a system, from planning and installation
to recovery and maintenance. Sections A to G of the checklist are best applied to a system
before it is connected to the network for the first time. In addition, the checklist can be
reapplied on a regular basis, to audit conformance.
No two organisations are the same, so in applying the checklist consideration should be
given to the appropriateness of each action to your particular situation. Rather than
enforcing a single configuration, this checklist will identify the specific choices and possible
security controls that should be considered at each stage.
Operating system specific footnotes throughout the document offer some additional
information to help with applying these steps on specific UNIX and Linux variants.
The most current version of this document is available at http://www.auscert.org.au/1935
We will continue to update this checklist. Any comments should be directed via email to
auscert@auscert.org.au.
Before using this document, please ensure you have the latest version. New versions of this
checklist will be available via the URL listed above and should be checked for periodically.
Disclaimer
AusCERT advises that this information is provided without warranty - sites should ensure
that actions and procedures taken from information in this document are verified and in
accordance with security policies that are in place within their organisation. Listing of
software products or tools within this document does not constitute endorsement by
AusCERT or The University of Queensland.
Contents
A. Determine Appropriate Security
B. Installation
C. Patch and Update
D. Minimise
1 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
E. Secure Base OS
F. Secure Major Services
G. Add Monitoring Capability
H. Connect to Net
I. Test Backup/Rebuild Strategy
J. Maintain
References
2 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
attacks.
Targeted attacks:
Targeted attacks refer to those where attackers may specifically target your
business or your customers. Depending on the kind of information processed,
threats may include malicious changes by a disgruntled insider, a denial of service
attack for the purpose of extortion, or industrial espionage or sabotage.
Indiscriminate attacks:
All computers on the Internet are subject to these threats. Some organisations
believe that their systems will not be of interest to attackers; this is incorrect.
Attackers are interested in controlling your computers for a number of reasons,
including to launch attacks on other organisations, to send spam, or to capture
users' authentication credentials.
3. Impacts if threats are realised
For each of the threat scenarios, estimate the impact on your organisation if the
attack is realised.
The cost may be measured in money / time / reputation
4. Determine acceptable risk
Based on the potential impacts, determine what level of risk can be accepted.
Such determination of risk acceptance levels should be done in conjunction with
senior management.
Making explicit the threats and impacts in this way will highlight what the priorities
should be for protecting each kind of information on the system.
For organisations with little dependence on IT and no critical data these steps can be
done informally. Otherwise, consider doing the assessment in writing, integrated
with the risk assessment for the overall network.
More formal risk management frameworks are available to assist with this, such as
OCTAVE (http://www.cert.org/octave).
In the Australian context, guidelines for information security risk management are
provided by HB 231:2004, available from Standards Australia.
3 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
For example:
Authentication clients, if this is an authentication server;
Computers that may be administered from this computer;
Workstations, if this is a file server.
This computer must be made at least as secure as those systems.
3. Which computers trust this computer to maintain confidentiality of data?
These may include:
Peer VPN endpoints;
Database clients.
This computer must be made at least as secure as those systems.
B. Installation
B.1 Install from trusted media
If installing the operating system from downloaded ISO images, Use a trustworthy
computer to check the integrity of the install CDs after they are burnt, using a hash
4 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
5 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Solaris
HP-UX
D. Minimise
After the initial installation is complete, minimise the amount of software that is present by
uninstalling or disabling the unneeded software packages, leaving a minimal set of software.
Ideally, only the software that will be used in performing the computer's role, as decided in
A.1 above, should remain.
Check the dependencies between software packages to determine which libraries and helper
software are also required for the role.
6 of 41
27-05-2013 09:32 PM
FreeBSD,
http://www.auscert.org.au/render.html?it=5816&template=1
AIX
HP-UX
7 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Solaris,
AIX
AIX
find / -perm
8 of 41
27-05-2013 09:32 PM
Debian,
Solaris
http://www.auscert.org.au/render.html?it=5816&template=1
OpenBSD
E. Secure Base OS
E.1 Physical, console and boot security
Check that physical access to the computer is restricted appropriately. Regardless of
what configuration is used, an attacker with physical access to the computer can in
most cases take full control of the system.
That said, the following controls should be considered to increase the difficulty of the
walk-in attack:
Disable booting from any removable media by configuring the BIOS or
EEPROM.
Set a password to prevent changes to these BIOS or EEPROM settings.
Ensure the boot loader does not allow booting to single user mode without a
password.
Consider disabling any special hotkeys that drop the console into a debugging
mode.
For situations where access is public, such as an internet cafe or shared computer
lab, these measures are essential. For other situations these measures can be
considered based on physical security.
Solaris,
HP-UX,
FreeBSD,
OpenBSD
9 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
10 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Check that the secure option is removed from any local entries that
don't need root login capabilities. The secure option should be
removed from console if you do not want users to be able to reboot in
single user mode. [Note: This does not affect usability of the su
command.]
If it is not already the default, consider using a special group (such as
the wheel group on BSD systems) to restrict which users can use su
to become root.
11 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
FreeBSD,
AIX
E.3 Authentication
E.3.1 Password authentication
E.3.1.1 Evaluate two-factor authentication
Consider the benefit and cost of using one-time password sheets,
security tokens or smart cards instead of relying on reusable
passwords alone.
Passwords do not scale well in a network because lack of trust
between domains requires different passwords. In practice this results
in users either choosing bad passwords, reusing passwords with
multiple systems or companies, or writing them down. The various
forms of two-factor authentication offer an answer to this.
AIX,
IRIX
12 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
section J.7.3
HP-UX
AIX
13 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Note the libpam.so.3, this shows the program is linked with PAM.
Depending on the system, PAM may be configured with the file
/etc/pam.conf or with individual configuration files in /etc/pam.d/. PAM is
very flexible and it is possible to require more than one authentication
method.
Check that PAM is configured to deny access by default - a misconfigured
service may result in an attempt to authenticate using a less secure
mechanism, or even no authentication at all.
If contemplating any change to the PAM configuration be careful that the
effect is understood, so as not to leave the system in an insecure state.
Enforce your password policy using PAM, as discussed in E.3.1
Consider enforcing user resource limits with PAM: This may be done using
the pam_limits.so module with configuration in /etc/limits.conf where
available.
Linux,
Solaris,
OpenBSD
E.3.5 LDAP
LDAP is a protocol for accessing online directory services. In the special case
where LDAP is used to distribute authentication data the security of the LDAP
server and its configuration become critical.
For authentication to the LDAP server itself consider using client-side
certificates or Kerberos. Alternatively, as a bare minimum use SASL
DIGEST-MD5 authentication.
Verify that communication with the LDAP server is protected by TLS, so that
data is not transmitted in the clear.
For the UNIX system's authentication data, if supported by the LDAP server
use SHA1 (preferably) or MD5 password hashes rather than the weaker UNIX
crypt hashes or plaintext passwords.
Ensure that LDAP access controls are correct for all attributes that contain
authentication credentials or other sensitive data. In particular, password
hashes should not be readable by other users, whether authenticated or not.
14 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
15 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Ensure root's login files do not source any other files not owned by
root or which are group or world writable.
Ensure root cron job files do not source any other files not owned by
root or which are group or world writable.
Check the contents of the following files for the root account. Any
programs or scripts referenced in these files should have the
permissions recommended above:
~/.login, ~/.profile, ~/.bashrc, ~/.cshrc and similar shell
initialization files;
~/.logout and similar session cleanup files;
16 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
FreeBSD
17 of 41
Solaris,
HP-UX,
AIX
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
E.4.4 sudo
The sudo utility is available for practically all UNIX variants and can help
minimise the need to use the root account.
For systems administered by more than one person, sudo can also be helpful
to split the power of root to some extent if full Role Based Access Control is
not available.
sudo allows users or groups of users to execute specific authorized
commands as another user, such as the root user. It requires unprivileged
users to enter their own user password in order to execute privileged
commands. This enables administrative tasks to be distributed among
different users, while limiting the distribution of the root password.
Also, sudo can be configured to log each access (or attempted access) to
commands by users, enabling some auditing of users' privileged actions.
Exercise caution when configuring sudo. Even if a user is only granted access
to execute one specific program with root privileges, if that program can be
made to spawn a shell or run other commands (e.g. many text editors can do
this), then the user can execute arbitrary commands as root using their sudo
access, and this usage may not be logged. It can be difficult to determine
which programs may grant unintended access or privilege escalation. This is
why permitting an extremely limited set of commands is preferable.
E.5 Other
E.5.1 Cron
Ensure that the permissions for root's crontab are set to 600 and that the
owner is set to root.
18 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
HP-UX,
AIX
Do not use .netrc files. Instead use SSH and scp, or rsync over SSH if
automated file transfers or execution are required.
19 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Many services do this automatically, however some will run as root by default
and will need to be configured manually.
Solaris,
FreeBSD
F.2 tcp_wrappers
The primary way to restrict accesses to the host's services by IP address is to use a
host firewall, discussed in section H.1. However, many UNIX and Linux systems also
provide a second control, in the form of tcp_wrappers. This may already be in use on
your system by default.
tcp_wrappers does provide some extra flexibility if needed; it can be configured to
require reverse DNS lookups or ident (RFC931) lookups, allows automatic execution
of scripts when conditions are met, and can also provide improved logging for
services that do not have adequate access logs of their own.
There are two ways that tcp_wrappers may be used on the system:
It is possible to explicitly "wrap" a service, by running the program tcpd to
accept connections which are then passed to the actual network service.
More commonly though, the vendor has already compiled network services to
use the libwrap library. In this case the relevant daemon will enforce the
tcp_wrappers restrictions when accepting connections.
The main configuration file for tcp_wrappers is /etc/hosts.allow
Explicitly list host IPs which are allowed access to the services in this file. At the
bottom of the file put all:all:deny to deny all other IP addresses. The rules in this
file work on a "first match wins" basis.
The file /etc/hosts.deny may also be used, though this is no longer required.
If /etc/hosts.deny is present, put all:all in this file.
HP-UX
20 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
F.4 SSH
Do not log in via SSH from an insecure workstation. Contrary to popular belief,
public key cryptography will not protect you in doing this. Where SSH is used, a trust
relationship is implied - the SSH server computer trusts the security of the SSH
client computer.
Be aware that when doing X-forwarding through SSH, the trust relationship is also
reversed - the workstation running the X display must also trust the computer
running each X program. This is due to the cross-client X attacks described below in
F.9.3
Suggested configuration options for the OpenSSH sshd implementation:
In the configuration file sshd_config do use:
Protocol 2 (the SSH 1 protocol had weaknesses)
ListenAddress 192.168.45.3 (bind to one address only)
PermitRootLogin no
Listen 222 (consider using an alternate port)
PermitEmptyPasswords no
AllowUsers one two@host1 three
Where SSH is used by scripts, configure SSH on the server side to allow execution of
a certain single command only. This is achieved using a command= directive in the
authorized_keys file.
Many UNIX and Linux systems are compromised by attackers through SSH, by
21 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
F.5 Printing
There are several different default printing systems supplied with UNIX and Linux
systems. The three most common of these are BSD style lpr (also found on AIX),
LPRng and CUPS.
In general, prevent the printing service from listening to the network unless
necessary for this computer's role.
If a network printing service is part of this computer's role, then do not rely solely
on IP addresses for authentication (for instance the hosts.lpd file with lpd or LPRng
is based only on IP address.)
F.6 RPC/portmapper
Look for the specific facilities provided by your operating system for securing RPC
access with authentication and/or encryption. The security features available vary
greatly between UNIX variants.
Be aware that some older portmapper/rpcbind daemons may forward RPC requests
from remote hosts, and make them appear to come from the localhost.
22 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
F.7.2 Samba
The Samba service provides filesystem and printer shares using the CIFS
protocol that is also used in Microsoft Windows.
If users in your environment authenticate to Active Directory for other
services, then consider pointing to the same AD server for Samba
authentication, setting
security = ADS
See the Samba HOWTO for further details on implementing this: HOWTO
Otherwise, configure your shares for user-level security using the
security = user
parameter. In current versions of Samba this is the default.
Require at least NTLM2 authentication as a bare minimum, with
lanman auth = no
ntlm auth = no
restrict anonymous = 2
guest ok = no
Consider using stronger client authentication methods. Samba supports
better authentication through Kerberos or Pluggable Authentication Modules
(PAM).
Restrict access to the Samba service with the parameters:
hosts allow =
hosts deny =
Protect the Samba services with firewall rules to ensure they can not be
accessed from hosts outside the local network. Samba uses ports 137 and
138 (UDP) and ports 139 and 445 (TCP).
23 of 41
27-05-2013 09:32 PM
24 of 41
http://www.auscert.org.au/render.html?it=5816&template=1
F.8.1 Sendmail
On most UNIX and Linux systems the default MTA will be Sendmail. This
section provides configuration recommendations specifically for Sendmail,
though the same configuration goals can be applied to other MTAs.
If this computer is not a mail server, then:
Disable SMTP connections from other computers by adding
Addr=127.0.0.1 to each DAEMON_OPTIONS macro that is in your config.
For example:
DAEMON_OPTIONS(`Name=IPv4, Family=inet, Addr=127.0.0.1')
DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Addr=::1')
FEATURE(`no_default_msa')
DAEMON_OPTIONS(`Name=MSA, Port=587, Address=127.0.0.1')
Consider disabling the daemon mode altogether by removing the -bd
option from the startup script. This will still allow most local Mail User
Agents to invoke the sendmail binary to send mail. In this case, do use
a -q30m option to ensure queued outbound messages are still
processed.
If this IS a mail server, then:
Ensure familiarity with Sendmail access control and anti-spam control
features. See http://www.sendmail.org/m4/anti_spam.html for an
overview.
If it is really necessary to relay mail from roaming users outside your
local address range, then configure Sendmail to require SMTP AUTH for
these connections.
In both cases:
If you do not require emails to be piped to other programs for
processing then disable prog mailer functionality with
MODIFY_MAILER_FLAGS(`LOCAL', `-|')
If you do require piping email to programs, use smrsh to limit the
programs that can be executed to only those programs linked in the
smrsh configuration directory. This can be turned on with
FEATURE(`smrsh', `/usr/libexec/smrsh')
(The location of the smrsh binary may vary on different systems.)
Consider setting sendmail logging to a minimum log level of 10.
This will help detect attempted exploitation of sendmail vulnerabilities
as well as logging each connection and the username used in each
SMTP AUTH. To do this use:
define (`confLOG_LEVEL', `10')
/etc/mail/aliases
check that any programs executed from this file are owned by root,
have permissions 755 and are stored in the smrsh configuration
directory, e.g. /etc/smrsh
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
25 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Ensure familiarity with the man pages for xauth and Xsecurity. This information will
be useful in configuring the security you require. The chapter on X Window System
security in the X Window System Administrator's Guide is also a good reference.
26 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Apache is the most common web server on Unix systems. If you are using
Apache, implement the security recommendations outlined in
http://httpd.apache.org/docs/misc/security_tips.html
Consider running the web server in a chroot jail (see section F.2.1). Some
systems supply the web server in this configuration by default. Example
steps for chrooting Apache on Linux and Solaris can be found at
http://penguin.triumf.ca/chroot.html. A simpler way to chroot Apache is now
provided by the mod_security's SecChrootDir option, as described here.
Consider configuring the web server to disallow automatic directory listing if
an index.html file is not present in the directory.
Consider configuring the web server to not follow symbolic links. This
prevents a user with access to the web server's document tree from making
other documents, outside the tree, available via symbolic links.
Consider running the web server on a dedicated computer that is not relied
on for other services.
27 of 41
27-05-2013 09:32 PM
28 of 41
http://www.auscert.org.au/render.html?it=5816&template=1
For logon pages, it is recommended to use SSL not only for the form
submission, but also for the logon page itself, as this makes it easier to
instruct users not to submit their password to an unauthenticated site.
F.13 CVS
Use SSH to authenticate and encrypt all CVS access.
Do not use CVS pserver functionality.
Create a UNIX account on the computer for each CVS user, and limit their SSH
session so it is only able execute the command "cvs server".
Why this provides better security than cvs pserver:
1. cvs does not need to run as root
2. Access control is enforced by the operating system, not by cvs.
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Be aware that CVS access control is per-directory, rather than per-file. (The CVS
manual in section 2-2-2 describes the access control model.)
Use LockDir in CVSROOT/config to have read only directories where appropriate.
29 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Ensure that you use an invalid password and user shell for the ftp entry in
the system password file and the shadow password file (if you have one). It
should look something like:
ftp:*:400:400:Anonymous
ftp:/home/ftp:/bin/false
where /home/ftp is the anonymous FTP area.
Set the permissions of the FTP home directory ~ftp/ to 555 (read nowrite
execute), and check that this directory is owned by root (ftp).
Make sure that you do not have a copy of your real /etc/passwd file as
~ftp/etc/passwd. Create one from scratch with permissions 444, owned by
root. It should not contain the names of any accounts in your real password
file. It should contain only root and ftp. These should be dummy entries
with disabled passwords e.g.:
root:*:0:0:Ftp maintainer::
ftp:*:400:400:Anonymous ftp::
The password file is used only to provide uid to username mapping for ls
listings within ftp.
Make sure that you do not have a copy of your real /etc/group file as
~ftp/etc/group. Create one from scratch with permissions 444, owned by
root.
Ensure the files ~ftp/.rhosts and ~ftp/.forward do not exist.
Set the login shell of the ftp account to a non-functional shell such as
/bin/false.
Ensure no files or directories are owned by the ftp account or have the same
group as the ftp account. If they are, it may be possible for an intruder to
replace them with a trojan version.
Ensure no files or directories in the FTP area are world writable.
Ensure that the directories ~ftp/etc and ~ftp/bin are owned by root with
permissions 111.
Ensure that any files in ~ftp/bin are owned by root with permissions 111.
Ensure that files in ~ftp/etc are owned by root with permissions 444.
Ensure that there is a mail alias for ftp to avoid mail bounces.
Ensure the mail spool file for the ftp daemon account is owned by root with
permissions 400. (Depending on the system this will be in a location such as
/var/mail/ftp or /usr/spool/mail/ftp )
Never mount disks from other machines to the ~ftp hierarchy unless they
are mounted read-only.
HP-UX
30 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
31 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Unless this computer is a log server, ensure that syslog will not accept incoming log
packets over the network. On some systems this is the default. On others it may be
implemented by starting syslog with the -t option (nolisten).
Consider increasing the level of logging provided by syslog.
Make sure that the messages of the LOG_AUTH facility at level LOG_INFO and
above get logged.
For email, enable a minimum level of "info" for mail messages to be logged by
syslog.
Check that there is a reliable mechanism for log rotation. If there is not, you may
need to replace an existing logging daemon with a more secure or full-featured one.
Check that all login attempts are logged, both successful and unsuccessful. There
may be several different ways to log in, such as at the console, through X and
through SSH.
Consider protecting your log files with filesystem attributes if possible, to make them
append-only. See section E.4.2 for details.
OpenBSD,
AIX
32 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Solaris,
HP-UX,
AIX
G.4.3 lsof
lsof is a tool for monitoring open system files that can be useful in checking
current activity on the system. lsof may be included with your operating
system, and is also available from the source at ftp://lsof.itap.purdue.edu
/pub/tools/unix/lsof/
33 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Solaris
HP-UX
34 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
OpenBSD
H. Connect to Net
H.1 First put in place a host firewall.
H.1.1 Identify host firewall software
Most UNIX operating sytems provide a packet filtering host firewall system,
either as part of the base install, or as an option you can install.
On a minority of systems, a reasonable host firewall is already configured by
default on newly installed systems, though this can usually be tightened
further.
Linux,
Solaris,
HP-UX,
FreeBSD,
OpenBSD,
AIX,
IRIX
35 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
FreeBSD
Solaris,
HP-UX,
FreeBSD,
OpenBSD,
AIX
36 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
37 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
38 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
J. Maintain
J.1 Mailing lists
Notifications of patch releases and security updates are generally done via mailing
lists.
Subscribe to the vendor "announce" list as well as any security mailing lists for your
specific operating system.
Subscribe to the appropriate security/updates mailing list for each third party
software package installed.
Also subscribe to security advisory mailing lists from your local incident response
team (if you have one available).
AusCERT Security Bulletins are available at http://www.auscert.org.au/1
US-CERT Vulnerability Notes are available at http://www.kb.cert.org/vuls/
39 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
40 of 41
27-05-2013 09:32 PM
http://www.auscert.org.au/render.html?it=5816&template=1
Further Reading
Books
Practical UNIX & Internet Security, 2nd Edition
Simson Garfinkel and Gene Spafford
O'Reilly & Associates, 1996
Volume 8: X Window System Administrator's Guide
Linda Mui and Eric Pearce
O'Reilly & Associates, 1992 (out of print)
PDF now free online at http://www.oreilly.com/openbook/
Securing Systems with the Solaris Security Toolkit
Alex Noordergraaf and Glenn Brunette
Prentice Hall PTR/Sun Microsystems Press, 2003
Managing NFS and NIS, 2nd Edition
Hal Stern
O'Reilly & Associates, 2001
Building Internet Firewalls, Second Edition
Elizabeth D. Zwicky, Simon Cooper, and D. Brent Chapman
O'Reilly & Associates, 1995
Online References
AusCERT Security Bulletins http://www.auscert.org.au/1
US-CERT Technical Cyber Security Alerts http://www.us-cert.gov/cas/techalerts
/index.html
US-CERT Current Activity http://www.us-cert.gov/current/
41 of 41
27-05-2013 09:32 PM