Knowledge Base

If you're interested in learning more about the subject of auditing *nix operating systems, there are many resources available in print and on the Internet.

As far as books go, one of the "go to" books on Unix security is Practical Unix & Internet Security, by Simson Garfinkel, Gene Spafford, and Alan Schwartz, published by O'Reilly Media, Inc. This book provides an excellent overview of the topic, along with detailed guidance on how to secure the Unix environment.

Another excellent print resource is Essential System Administration, by Æleen Frisch, published by O'Reilly Media, Inc. This book is written for *nix administrators but also can serve as an excellent guide for auditors who are looking for details on how to implement many of the concepts discussed in this chapter.

There are also many websites devoted to Unix. The problem is wading through them to determine which ones can be of the most use. Following are some to consider:

• http://www.sans.org/rr/-certifications and other documents from SANS

• http://www.sans.org/top20-SANS top 20 vulnerabilities

• http://www.nsa.gov/snac/-security configuration guides from the National Security Agency

• http://www.csrc.nist.gov/publications/nistpubs/index.html-security guidelines from the National Institute of Standards and Technologies

• http://www.insecure.org/tools.html-top 75 security tools as generated from a survey of NMAP users

• http://www.seclists.org/-list of lists; good security-oriented mailing lists

• http://www.securityfocus.com/-mailing lists, news, vulnerabilities

• http://www.cve.mitre.org/-along with the vulnerability database section of security focus, this is a good site to begin research on potential vulnerabilities.

Remember that Google is your friend, and there is a wealth of information on the Internet about how Unix and Linux systems work. For example, try searching for "command list unix" without the quotes.