Section A.8 URLs for Specifications and Definitions

   


A.8 URLs for Specifications and Definitions

Here I list the URLs for the specifications to some protocols and other items that you might want to study to understand or analyze the security implications. The Internet Engineering Task Force (IETF) is a group of engineers that do continuing development on protocols used to keep the Internet running. Proposed new standards or updates to existing standards are released as Request For Comment (RFC) documents that are numbered. A final accepted document (specification) still is called an RFC. Any of them should be available from

www.faqs.org/rfcs/rfc#.html

where # is the RFC number.

A.8.1 Orange Book

The Orange Book, more technically known as DoD 5200.28-STD, "Department of Defense Trusted Computer System Evaluation Criteria," specifies the requirements for secure computing for the U.S. government's high-security needs for classified material. It is used by the military, the CIA, the NSA, their contractors, and others. (The most secure systems still are kept in locked and shielded rooms with no connections to outside networks.)

www.radium.ncsc.mil/tpep/library/rainbow/5200.28-STD.html

A.8.2 RFC 1813: NFS Version 3

The original specification for Sun's NFS is in RFC 1094. The specification for NFS version 3 is RFC 1813. NFS version 3 started showing up in Linux distributions around late 1999 or early 2000 as did TCP support for NFS. NFS over TCP, although slower than over UDP and suffering from scaling problems, offers much better security due to TCP packets being much harder to spoof than UDP packets.

ftp://ftp.isi.edu/in-notes/rfc1094.txt

ftp://ftp.isi.edu/in-notes/rfc1813.txt

A.8.3 NSA Glossary of Computer Security Terms

The NSA maintains a glossary of computer security terms.

http://www.sans.org/newlook/resources/glossary.htm

A.8.4 CNET Glossary of Computer Terms

CNET maintains a glossary of computer terms at

http://coverage.cnet.com/Resources/Info/Glossary/


       
    Top


    Real World Linux Security Prentice Hall Ptr Open Source Technology Series
    Real World Linux Security Prentice Hall Ptr Open Source Technology Series
    ISBN: N/A
    EAN: N/A
    Year: 2002
    Pages: 260

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net