On Fri, 2005-04-29 at 18:56 -0500, Thomas Jones wrote: > Paul W. Frields wrote: > > On Fri, 2005-04-29 at 13:21 -0700, tuxxer wrote: > >>On Fri, 2005-04-29 at 20:56 +0100, Timothy Murphy wrote: > >> > >>>Paul W. Frields wrote: > >>> > >>> > >>>>(2) be Fedora-specific enough to give value over some of the other more > >>>>standardized security guides; and > >>> > >>>What are these "standardized security guides"? > >>> > >> > >>I think he's talking about the general, high-level stuff you might get > >>if you googled "linux security" or something. > > > > > > Sure, but also things like "Practical UNIX and Internet Security, > > "Computer Security: Art & Science," Gollmann's "Computer Security," and > > such. > > > > > Personally, I would consider "standardized security guides" within the > realm of the following sources: > > Information Assurance Technology Framework Release 3.1, National > Security Agency > Automated Tools for Testing Computer System Vulnerability, NIST Special > Publication 800-6 > Establishing a Computer Security Incident Response Capability(CSIRC), > NIST Special Publication 800-3 > > A great many(granted not all) security resources written today is full > of fluff and doesn't recognize or even mention industry standards or > procedures. To tell you the truth, i've found that CS research > papers(available from NEC) seem to contain more relevant content than > alot of the published books. IMHO. Okay, okay, you definitely win the Battle of the Citations. ;-) (Like Karsten, my specialized experience doesn't fall into the security realm either, except in a more esoteric sense.) You're working from a different definition for "standardized" than I intended, which is a good indicator that I made a poor word choice. "General practical" would have been better, and would be more along the lines of the books I named. In any case, I'm glad we have a good security technical editor aboard. -- Paul W. Frields, RHCE http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 Fedora Documentation Project: http://fedora.redhat.com/projects/docs/
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-docs-list@xxxxxxxxxx To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-docs-list