134 - A.4 Security Electronic References


Oracle Security
By William Heney, Marlene Theriault
Table of Contents
Appendix A.  References

A.4 Security Electronic References

This section contains references to helpful security- related web sites and newsgroups.

A.4.1 Security Web Sites

These web sites are likely to be helpful informational resources. Some will be particularly useful if you have to deal with an attack on your site.

A.4.1.1 COAST

COAST (Computer Operations, Audit, and Security Technology) is a multi-project, multi- investigator effort in computer security research and education in the Computer Sciences Department at Purdue University. COAST contains information about software, companies, FIRST teams , archives, standards, professional organizations, government agencies, and FAQs [A] among other goodies . The WWW hotlist index at COAST is the most comprehensive list of its type available on the Internet at this time. COAST also provides a valuable service to the Internet community by maintaining a current and well-organized repository of the most important security tools and documents on the Internet; you can obtain these via anonymous FTP.

[A] Frequently asked questions.

A.4.1.2 FIRST

FIRST (Forum of Incident Response and Security Teams) maintains a large archive of material, including pointers to web pages for other FIRST teams.

A.4.1.3 CERT-CC

CERT-CC (Computer Emergency Response Team Coordination Center) was founded in response to the Internet worm incident in 1988. CERT-CC acts as a clearinghouse for information, and helps organizations respond to security attacks. You can get on CERT-CC's mailing list for security advisories and fixes, and can obtain archived past advisories via anonymous FTP from:

A.4.1.4 World Wide Web Consortium

Here is an explanation of the WWW Consortium (W3C) from their own web site:

"The W3C was founded in October 1994 to lead the World Wide Web to its full potential by developing common protocols that promote its evolution and ensure its interoperability. We are an international industry consortium, jointly hosted by the Massachusetts Institute of Technology Laboratory of Computer Science (MIT/LCS), the Institut National de Recherche en Informatique et en Automatique (INFRIA) in Europe; and the Keio University Shonan Fujisawa Campus in Japan."

Services provided by the Consortium include: a repository of information about the World Wide Web for developers and users, reference code implementations to embody and promote standards, and various prototype and sample applications to demonstrate use of new technology. We especially like their security Frequently Asked Questions (FAQ) link.

A.4.1.5 Web security

Lincoln Stein's FAQ about web security contains a lot of good, practical information, and it is updated on a regular basis.

A.4.1.6 Windows NT security

This site contains information and solicits reports of break-ins. You can get on the mailing list for NT security advisories.


A.4.2 Security Usenet Groups

Several Usenet newsgroups are particularly good sources of information on network security and related topics.

comp.security.announce ( moderated )

Computer security announcements, including new CERT-CC advisories


Miscellaneous computer and network security


UNIX security


Information about firewalls

comp.virus (moderated)

Information on computer viruses and related topics


Discussions about cryptology research and application

sci.crypt.research (moderated)

Discussions about cryptology research

comp.risks (moderated)

Discussions about risks to society from computers and computerization


Discussions about computer administrative policy issues, including security


Oracle Security
Oracle Security Handbook : Implement a Sound Security Plan in Your Oracle Environment
ISBN: 0072133252
EAN: 2147483647
Year: 1998
Pages: 154

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net