Abstract : Today's technology base is becoming increasingly large and complex. Networks are growing, and applications are being migrated from centralized systems to client-server environments. In addition, organizations are connecting their networks to those of other organizations and to the Internet at a rapid rate Network 96. All of this added complexity presents a challenge to administrators who are responsible for managing these systems. The growth in the number of networked systems has accelerated demand for qualified administrators, and the increasing complexity of networked systems has raised the threshold of expertise required of these administrators. At the time of the birth of the Internet, systems administrators were typically well-versed and experienced in the technology they were charged to manage. There is ample evidence that the average level of expertise demonstrated by the fast-growing number of systems administrators today is considerably lower, and insufficient to allow them to configure and manage their complex systems in a survivable manner. This lack of adequate expertise is seen daily at the CERT(tradename) Coordination Center. The continuing growth in the number of courses, seminars, and conferences directed at managing technology in the Internet environment reflects heavy demand for training and development in network systems administration skills. At the same time, a quick look at popular press publications reveals that many organizations now provide business products and services over the Internet, and that they are becoming increasingly concerned about the security and reliability of their technology. All these observations illustrate a dangerous gap between the need to secure systems and the supply of individuals capable of implementing adequately secure information technology environments.
[1]
Tatu Ylonen,et al.
SSH: secure login connections over the internet
,
1996
.
[2]
William G. Wood,et al.
A Guide to the Classification and Assessment of Software Engineering Tools
,
1987
.
[3]
Eugene H. Spafford,et al.
The design and implementation of tripwire: a file system integrity checker
,
1994,
CCS '94.
[4]
Irene E. Gilbert,et al.
Guide for Selecting Automated Risk Analysis Tools
,
1989
.
[5]
D. B. Davis,et al.
Sun Microsystems Inc.
,
1993
.
[6]
Radia J. Perlman,et al.
Network security - private communication in a public world
,
2002,
Prentice Hall series in computer networking and distributed systems.
[7]
Elizabeth D. Zwicky,et al.
Building internet firewalls
,
1995
.
[8]
Bill Cheswick,et al.
Firewalls and internet security - repelling the wily hacker
,
2003,
Addison-Wesley professional computing series.