Personally, I would consider "standardized security guides" within the realm of the following sources:On Fri, 2005-04-29 at 13:21 -0700, tuxxer wrote:
On Fri, 2005-04-29 at 20:56 +0100, Timothy Murphy wrote:
Paul W. Frields wrote:
(2) be Fedora-specific enough to give value over some of the other more standardized security guides; and
What are these "standardized security guides"?
I think he's talking about the general, high-level stuff you might get if you googled "linux security" or something.
Sure, but also things like "Practical UNIX and Internet Security, "Computer Security: Art & Science," Gollmann's "Computer Security," and such.
Information Assurance Technology Framework Release 3.1, National Security Agency
Automated Tools for Testing Computer System Vulnerability, NIST Special Publication 800-6
Establishing a Computer Security Incident Response Capability(CSIRC), NIST Special Publication 800-3
A great many(granted not all) security resources written today is full of fluff and doesn't recognize or even mention industry standards or procedures. To tell you the truth, i've found that CS research papers(available from NEC) seem to contain more relevant content than alot of the published books. IMHO.
I've got a basic content done for the first release. I just need to determine the most efficient way to structure the content for the intended audience.
Tuxxer: This is where I could use some help. If you've got the time --- drop me a line --- i'd like to forward to you my sources to look over. Also I wanted to review your list of intended documentation so that we can assure that we don't overlap content.
I am pretty sure the docs will be top notch stuff --- but then again I am pretty bias ;)
Thomas
--
fedora-docs-list@xxxxxxxxxx
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-docs-list
