The Internet is a vast repository of information. Even with the help of search engines such as Google, it is still a daunting task to sort through the various sites for relevant information. One of the biggest challenges of administrating an SLES system (or any server for that matter) is maintaining good security. The following sections identify some of the websites and mailing lists that provide security-related information in addition to what is found in this book. Security and Linux-Related Websites The following is a list of URLs to websites containing Linux-related and/or Linux security-related information and applications: Intrusion Detection Systems (LIDS), www.lids.org Incorporates changes to the kernel mandating that all access to system functions be controlled by ACLs. This ensures that changes are locked out and requires that process-file relationships be specifically described. John the Ripper, www.openwall.com/john/ Password auditing tool. With this tool, you can test to see how closely your user passwords conform to your IT policy document. Snort, www.snort.org Passive intrusion detection system. Snort listens to network traffic, verifies packet content against a known set of exploit patterns, and can raise a number of separate alarms. Nmap, www.insecure.org Active, stealthy, port scanning tool. Nmap verifies which ports are visible on a network or system. Using response fingerprints, it can determine the host operating system of the target. Ethereal, www.ethereal.com Network packet-capturing tool or sniffer. Ethereal can be used to completely reconstruct network conversations. It is useful for detecting inappropriate protocols and attack conversations. Tripwire, www.tripwire.org Host-based intrusion detection system. Tripwire creates hashes for files that can be compared to baseline values stored offline. The comparison is used to look for unauthorized changes. Bastille Linux, www.bastille-linux.org Operating system level hardening tool. Bastille Linux can be used to harden a system or simply report on suggestions to further enhance the security on the host. CERT (Computer Emergency Response Team), www.cert.org Coordination center for information on incidents and known software vulnerabilities hosted at Carnegie Mellon University. Internet Security Systems, www.iss.net A security services firm offering solutions and assistance on various aspects of network-based threats. tcpdump and libpcap, www.tcpdump.org These tools are used in conjunction to permit the capture of network traffic for analysis. libpcap allows root to place the network interface in promiscuous mode, and tcpdump captures and formats selected packets. Linux kernel source, www.kernel.org Source code repository for the Linux kernel and associated modules. National Institute of Standards and Technology (NIST) Computer Security Resource Center (CSRC), csrc.nist.gov This site hosts a collection of information relating to computer security, guidelines and best-practices documents. System Administration, Networking, and Security (SANS), www.sans.org, and The Internet Storm Center, isc.sans.org This site maintains a constant real-time eye on the Internet as a whole. Reports are collected and evaluated on live threats and attacks and developing incidents. This is a collaborative vendor-independent project; participation in reporting incidents is encouraged. Security Focus's BugTraq, www.securityfocus.com/archive/1 This site maintains a list of all reported bugs independent of platform or software type. SUSE-Specific Newsgroups and Websites The following is a list of URLs to SUSE-related newsgroups and websites hosted by Novell and third parties: SUSE Support Database (SDB), portal.suse.com/sdb/en/index.html SLES Knowledgebase, support.novell.com/search/kb_index.jsp SUSE FTP server (packages and sources), ftp.suse.com/pub SUSE product support web forums, support.novell.com/forums/2su.html Product support communities where you can find tips, tricks, Q&A, and free tools for various Novell products, including the various SUSE LINUX offerings, support.novell.com/products SUSE LINUX software development community, forge.novell.com/modules/xfmod/community/?susecomm Various SUSE mailing lists, www.suse.com/en/private/support/online_help/mailinglists Novell-Linux, a third-party website pertaining to Novell Linux Desktop and SLES users, www.novell-linux.com FAQ for the alt.os.linux.suse newsgroup, www.project54.com/linux/ng/alt-os-linux-suse-FAQ Unofficial SUSE FAQs, how-tos, and guides, susefaq.sourceforge.net/index.html SUSE security home page, www.novell.com/linux/security/securitysupport.html Reporting or tracking a bug, bugzilla.novell.com |