Computing Security at SLAC

Here's some useful information on computing security.

Documents

SLAC Computer Policies and Practices
Practices and Rules expected of SLAC Computer Users
passwords*
Good practices in selecting passwords for computer accounts.
security info
Generic security information from CERT (see below) for UNIX and VMS system administrators.
SATAN vulnerability tutorials
Descriptions of the security vulnerabilites that SATAN checks for. (SATAN is an acronym for Security Administrator Tool for Analyzing Networks.)
X Window security information
The X Window System can pose a serious security risk if it is not properly used. See Lionel Cons's HEPiX presentation, and the SATAN tutorial on X.
alt-security-faq
Frequently-Asked Questions about computer security. See also the related USENET newsgroups, comp.security.misc and alt.security. Focus is UNIX.

Information Services

CIAC Bulletins and Notes
DOE Computer Incident Advisory Capability (CIAC) documents of a time-critical or just timely nature.
CERT Server
DOD Computer Emergency Response Team (CERT) FTP server containing far more than just the CERT Advisories.
ESNet Server
The Energy Sciences Network (ESnet) repository of information on computing security, including CERT, CIAC, DDN, and NIST documents, selections from the VIRUS-L list, SunOS security patches, and a Primer on security incidents.
IBM Server
IBM's Computer Virus Information Center. Runs a Gopher server on computer viruses and computer virus prevention for PC-DOS, Windows, OS/2, etc.


* Access to this link is restricted to SLAC users.

Owners: William B. Johnson, John Halperin

This page was originally compiled by Joan Winters.

SLAC (Last revised 10 June 1995)