Part V: Handling Security Incidents

Part V: Handling Security Incidents

This part of the book contains instructions for what to do if your computer's security is compromised. This part of the book will also help system administrators protect their systems from authorized users who are misusing their privileges.

Chapter 22, contains step-by-step directions to follow if you discover that an unauthorized person is using your computer.

Chapter 23, discusses approaches for handling computer worms, viruses, Trojan horses, and other programmed threats.

Chapter 24, describes ways that both authorized users and attackers can make your system inoperable. We also explore ways that you can find out who is doing what, and what to do about it.

Chapter 25. Occasionally, the only thing you can do is sue or try to have your attackers thrown in jail. This chapter describes legal recourses you may have after a security breach and discusses why legal approaches are often not helpful. It also covers some emerging concerns about running server sites connected to a wide area network such as the Internet.

Chapter 26, makes the point that somewhere along the line, you need to trust a few things, and people. We hope you are trusting the right ones.



    Part VI: Appendixes