Washington State University HomeWSU AdmissionsWSU CampusesWSU HomeWSU Search Tools*
edge graphic
Home Syllabus Notes Labs Grades

Security


Security
        Unix vs. security
        Cautionary disclaimers
        The book's analogy: Security as a mouse infestation
        My analogy: car theft
        Categories of security problems
        /etc/passwd issues
        setuid programs
        Special file permissions
        Miscellaneous issues
        Security tools
        Cryptography
        Firewalls
        Resources
        What to do if you're attacked

Unix vs. security

Cautionary disclaimers

The book's analogy: Security as a mouse infestation

My analogy: car theft

Categories of security problems

/etc/passwd issues

setuid programs

Special file permissions

Miscellaneous issues

Security tools

Cryptography

Firewalls

Resources

What to do if you're attacked

  1. Don't panic
    • The damage has probably been done, and the intrusion has probably been happening for some time
  2. Decide on your response
    • Try to keep management (or others) from overreacting
  3. Hoard all available information
    • You'll want to pick through all sorts of things, so save it all
  4. Assess your exposure
    • Figure out what's been compromised, and what you're going to do about it
  5. Pull the plug
    • Disconnect the affected machine from the network (or close off all outside access) to stop the attack
  6. Devise a recovery plan
    • Again, thinking things through is important
    • Don't blame -- it won't change the situation
  7. Communicate the recovery plan
    • Let people know what's going on and what you're going to do about it
  8. Implement the recovery plan
  9. Report the incident
    • CERT has a reporting form (which is great to fill out, because it asks you questions you might not have thought about)
    • CERT tracks incidents and may be able to advise you, or use your experience to help others avoid or deal with a similar attack

Part of the CptS 302 Website
Instructor: Geoff Allen , geoff@wsu.edu
Source Modified: Tue Apr 24 21:05:26 2001
HTML Generated by WML 2.0.6 (25-Oct-2000): Tue Aug 28 21:12:52 2001
Disclaimer