1. Home
  2. Linux systems
  3. Ppractical unix & internet security

E.1 Professional Organizations

You may find the following organizations helpful. The first few provide newsletters, training, and conferences. FIRST organizations may be able to provide assistance in an emergency.

E.1.1 Association for Computing Machinery (ACM)

The Association for Computing Machinery is the oldest of the professional computer science organizations. It publishes many scholarly journals and annually sponsors dozens of research and community-oriented conferences and workshops. The ACM also is involved with issues of education, professional development, and scientific progress. It has a number of special interest groups (SIGs) that are concerned with security and computer use. These include the SIGs on Security, Audit, and Control; the SIG on Operating Systems; the SIG on Computers and Society; and the SIG on Software Engineering.

Contact the ACM at:

ACM Headquarters
One Astor Plaza
1515 Broadway
17th Floor
New York, New York 10036-5701
(212) 869-7440

The ACM has an extensive set of electronic resources, including information on its conferences and special interest groups. The information provided through its web site is especially comprehensive and well-organized:

http://www.acm.org

The ACM has a U.S. Public Policy committee that comments on pending legislation affecting security, privacy, and usability. Many of the items it is concerned with should also be of concern to those interested in security. Its web site is at:

http://www.acm.org/usacm/

E.1.2 American Society for Industrial Security (ASIS)

The American Society for Industrial Security is a professional organization for those working in the security field. ASIS has been in existence for 40 years and has 32,000 members worldwide as of 2002. Its 25 standing committees focus on particular areas of security, including computer security. The group publishes a monthly magazine devoted to security and loss management. ASIS also sponsors meetings and other group activities. Membership is open only to individuals involved with security at a management level.

Contact ASIS at:

American Society for Industrial Security
1625 Prince Street
Alexandria, Virginia 22314-2818
(703) 519-6200
http://www.asisonline.org/

E.1.3 Computer Security Institute (CSI)

The Computer Security Institute was established in 1974 as a multiservice organization dedicated to helping its members safeguard their electronic data processing resources. CSI sponsors workshops and conferences on security, publishes a research journal and a newsletter devoted to computer security, and serves as a clearinghouse for security information. The Institute offers many other services to members and the community on a for-profit basis. Of particular use is an annual Computer Security Buyer's Guide that lists sources of software, literature, and security consulting.

Contact CSI at:

Computer Security Institute
600 Harrison Street
San Francisco, CA 94107
(415) 947-6320
http://www.gocsi.com

E.1.4 Electronic Frontier Foundation (EFF)

EFF advocates and litigates for civil liberties and freedom on the Internet. Although its concerns are considerably broader than security, EFF maintains an interesting archive of privacy- and security-related documents at http://www.eff.org/Privacy.

Contact EFF at:

Electronic Frontier Foundation
454 Shotwell Street
San Francisco, CA 94110-1914
(415) 436-9333
http://www.eff.org/Privacy

E.1.5 Electronic Privacy Information Center (EPIC)

EPIC is a public-interest research center that studies electronic privacy issues. EPIC litigates and advocates for privacy and civil liberties.

Contact EPIC at:

1718 Connecticut Avenue, NW, Suite 200
Washington, DC 20009
(202) 483-1140
Email: info@epic.org
http://www.epic.org

E.1.6 High Technology Crimes Investigation Association (HTCIA)

The HTCIA is a professional organization for individuals involved with the investigation and prosecution of high-technology crime, including computer crime. There are chapters throughout the United States and in many other countries.

Contact HTCIA at:

HTCIA, Inc.
1474 Freeman Dr.
Amissville, VA 20106
(540) 937-5019
http://htcia.org

E.1.7 Information Systems Security Association (ISSA)

The ISSA is an international organization of information security professionals and practitioners. It provides education forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members. They publish a magazine and sponsor conferences and workshops. Chapters can be found throughout the U.S. and around the world.

Contact ISSA at:

ISSA Headquarters
7044 S. 13th Street
Oak Creek, WI 53154
(414) 768-8000
(800) 370-ISSA
http://www.issa.org

E.1.8 International Information Systems Security Certification Consortium, Inc.

The (ISC)2 is an international organization that supervises the CISSP and SSCP professional certifications. The Certified Information Systems Security Professional and Systems Security Certified Practitioner designations are widely accepted as standard levels of certification of those working in security. The organization requires certificants to subscribe to a professional code of conduct and undergo continuing education after passing the initial tests.

Contact (ISC)2 at:

(ISC)2 Services
P.O. Box 1117
Nestor House
17/F., Printing House
Dunedin, FL 34697 USA
(ISC)2 Europe Operations
Playhouse Yard
6 Duddell Street
London UK EC4V 5EX
(ISC)2 Asia Operations
Central Hong Kong
1 888 333 4458
44 (0) 20 7779 8030
852 2111 6612

(ISC)2's web site is at:

http://www.isc2.org

E.1.9 The Internet Society

The Internet Society sponsors many activities and events related to the Internet, including an annual symposium on network security.

Information is available at the Society's U.S. or European headquarters at:

1775 Wiehle Ave., Suite 102
Reston, VA 20190-5108
(703) 326-9880
4, rue des Falaises
CH-1205 Geneva
Switzerland
41-22-807-1444

The Society can also be contacted electronically at:

Email: info@isoc.org
http://www.isoc.org

E.1.10 IEEE Computer Society

With nearly 100,000 members, the Computer Society is the largest society of the Institute of Electrical and Electronics Engineers (IEEE). It too is involved with scholarly publications, conferences and workshops, professional education, technical standards, and other activities designed to promote the theory and practice of computer science and engineering. The IEEE-CS also has special-interest groups, including a Technical Committee on Security and Privacy, a Technical Committee on Operating Systems, and a Technical Committee on Software Engineering.

Contact the Computer Society at:

IEEE Computer Society
1730 Massachusetts Avenue N.W.
Washington, DC 20036-1992
(202) 371-0101
http://www.computer.org

The Computer Society's Technical Committee on Security and Privacy has a number of resources, including an online newsletter at:

http://www.ieee-security.org/

E.1.11 IFIP, Technical Committee 11

The International Federation for Information Processing, Technical Committee 11, is devoted to research, education, and communication about information systems security. The working groups of the committee sponsor various activities, including conferences, throughout the world.

Contact the committee at:

http://www.ifip.org

(Follow the links for security or for TC 11.)

E.1.12 Systems Administration and Network Security (SANS)

SANS conducts workshops and conferences around the U.S. to provide continuing education in various aspects of system administration and security. This includes training in intrusion detection, firewalls, and general security. The organization also provides various online newsletters and alerts, plus some self-paced instruction.

Contact SANS and get more information via their web site at:

http://www.sans.org

E.1.13 USENIX/SAGE

The USENIX Association is a nonprofit education organization for users of Unix and Unix-like systems. The Association publishes a magazine, sponsors numerous conferences, and has representatives on international standards bodies. The Association sponsors an annual workshop on Unix security and another on systems administration, plus many conferences dealing with security-related information.

SAGE stands for the Systems Administrators Guild. It is a special technical group of the USENIX Association. To join SAGE, you must also be a member of USENIX.

Contact USENIX and SAGE at:

USENIX Association
2560 Ninth Street
Suite 215
Berkeley, CA 94710
(510) 528-8649
Email: office@usenix.org
http://www.usenix.org


    		Preface
    		Part I: Computer Security Basics
    		Part II: Security Building Blocks
    		Part III: Network and Internet Security
    		Part IV: Secure Operations
    		Part V: Handling Security Incidents
    		Part VI: Appendixes
    		Appendix A. Unix Security Checklist
    		Appendix B. Unix Processes
    		Appendix C. Paper Sources
    		Appendix D. Electronic Resources
    		Appendix E. Organizations
    		E.1 Professional Organizations
    		E.2 U.S. Government Organizations
    		E.3 Emergency Response Organizations
    		Colophon