Security Training
Security Certification
Internet Storm Center
Cyber Security Graduate School
Security Awareness Training
Penetration Testing
Industrial Control Systems
Cyber Defense Foundations
IT Audit
Computer Forensics
Software SecurityUnix Issues
Featuring 17 Papers as of December 1, 2011
-
Securing Blackboard Learn on Linux
David Lyon - December 1, 2011
Blackboard Learn (Bb Learn) is an application suite providing educational technology to facilitate online, web based learning. It is typical to see Bb Learn hosting courses and content. Common add-ons include the Community and Content systems which are licensed separately.
-
UNIX System Management and Security: Differences between Linux, Solaris, AIX and HP-UX
Haral Tsitsivas - August 3, 2007
This paper discusses the differences in system configuration, management and security between some of the most common versions of UNIX (Red Hat Linux, Solaris, HP-UX and AIX), including management and security tools available on these systems.
-
Securing Webmin with Tcp Wrappers and SSH Port Forwarding-A Practical and Economical Approach
Howard Dulberg - May 20, 2005
More and more companies are utilizing software developed and maintained by the Open Source community to handle a multitude of security and administrative functions.
-
Unix and Sarbanes-Oxley: a management and auditors guide
Micho Schumann - May 5, 2005
This document is designed to assist auditors of publicly traded companies and Security Exchange Commission (SEC) registrants to comply with the Sarbanes- Oxley act ("the act") by reviewing the generally accepted IT control framework called Cobit-12 and applying it towards a Unix environment.
-
Building a Secured OS for a Root Certificate Authority
Don Murdoch - February 26, 2004
This paper discusses the procedures necessary for securing an installation of Red Hat Enterprise Server 2.1 in support of a root certificate authority that will eventually function in the Higher Education Bridge Certificate Authority.
-
Defense In-Depth on a Solaris 2.X System: A Resource Guide
Mark Strong - October 31, 2003
The purpose of this paper is to outline a defense in depth security structure for a Solaris 2.x system and offer resources to help implement and maintain security at each individual layer.
-
Securing HP-UX Services
Fernando Salas - October 31, 2003
The author discusses procedures to improve the security of NIS, FTP, TELNET and modem use, and discusses other characteristics of HP-UX 11 that help to make more secure servers.
-
Securing IRIX 6.5
John Haprian - October 31, 2003
The author offers guidance to those people who require a secure IRIX system yet don't have either the time or the desire to become IRIX security wizards.
-
Trinux - A Digital Tool Belt
Brad Showalter - October 31, 2003
The purpose of this paper is to outline the installation of Trinux via floppy diskettes, along with several security packages, and detail two scenarios of its usage by the paper's author.
-
X Windows Security: How to Protect your Display
Arturo Guillen - October 31, 2003
This paper analyzes the threads and describe the security involved in the X Window Systems. It takes a practical overview of the X Windows security to emphasize the risks and indicate the measurements that must be taken.
-
PAM - It's NOT The Non-Stick Cooking Spray
Susanne Ramsey - October 31, 2003
This paper will introduce the reader to PAM, provide an overview of PAM - it's origins, what PAM is - and an example of how it works.
-
IBM's Cluster 1600 Security Aspects
John Belliveau - October 31, 2003
This paper discusses the new International Business Machines (IBM) Corporation environment known as Cluster 1600, the software at the heart of the environment, and the security features of this software.
-
A Solaris Backup Script How-To
Stanley Hearn - October 31, 2003
Although all parts of the backup strategy are equally important, this paper will focus on the backup script and will detail a flexible backup script that uses built-in Solaris software tools which create a reliable local backup of a Solaris machine running Oracle.
-
Centralized UNIX System Monitoring Using SSH and MRTG
Aaron Wilson - October 31, 2003
This paper discusses the example of an OpenBSD web server that needs to be monitored by an OpenBSD NMS using the Multi Router Traffic Grapher (MRTG). MRTG is a time-tested and flexible monitoring tool.
-
Setting Up and Securing a Small Network with OpenBSD
Blair Heiserman - October 31, 2003
This paper intends to show how to setup a stable and secure small network, while keeping everything in house. I will cover setting up a small network and essential services for network connectivity and functionality.
-
Securing Solaris
Angela Orebaugh - October 31, 2003
When configuring a Solaris system for production, a balance must exist between system manageability and security.
-
Securing Remote Access on AIX 4.3.3 using OpenSSH
Dave Randell - February 5, 2003
The purpose of this paper is to confirm the existence of a security vulnerability relating to the network access of our AIX servers, demonstrate a viable means to overcome it, and to verify that the solution has truly eliminated the exposure.
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.
All papers are copyrighted. No re-posting or distribution of papers is permitted.
Masters This paper was created by a SANS Technology Institute student as part of their Master's curriculum.
