! Aware > default selections > Execution > Limits >

Process Limits

Permission and access restriction (files, resources, etc)
Subsets on this page: - #Apps & Utilities - #Q&A - #Articles - #Books - #Info -
- #Personalize -
     icon
Search ! Aware:

     Home
  By TONY
  By MARK
  By JERRY
  By ANN
  By ERICA

Search all pages

Subjects

By activity
Professions, Sciences, Humanities, Business, ...

User Interface
Text-based, GUI, Audio, Video, Keyboards, Mouse, Images,...

Text Strings
Conversions, tests, processing, manipulation,...

Math
Integer, Floating point, Matrix, Statistics, Boolean, ...

Processing
Algorithms, Memory, Process control, Debugging, ...

Stored Data
Data storage, Integrity, Encryption, Compression, ...

Communications
Networks, protocols, Interprocess, Remote, Client Server, ...

Hard World
Timing, Calendar and Clock, Audio, Video, Printer, Controls...

File System
Management, Filtering, File & Directory access, Viewers, ...



Subject Divisions (default selections)
(These links to detailed subjects under this one retain your personalized selections.)

Process Limits: Identity - Process ownership and Identity

Process Limits: Resources - Process Limits on resource usage (disk, CPU, memory, et al)

Process Limits: File Access - Process Limits on File access (permissions, ownership, modes, et al)

#Overviews and other related subjects# - related, but not under or including this subject directly.


Information and Publications: Showing

alt.2600 FAQ, Beta .013 - Part 1/1

At MIT Part 1/1 

The alt.2600 Survival Guide

ftp://rtfm.mit.edu/pub/faqs/alt-2600/survival-guide (At MIT)

Secure UNIX Programming FAQ

ftp://rtfm.mit.edu/pub/faqs/unix-faq/programmer/secure-programming (At MIT)

See Also

Full List of Information

Other references not displayed here

Inactive Orbits: (Not included on this page)

[(URL not accessible, obsolete, not reference quality)]


Books: Showing

The Total CISSP Exam Prep Book: Practice Questions, Answers, and Test Taking Tips and Techniques
[Thomas Peltier, Patrick D. Howard; 2002-06-24] ISBN 0849313503
- At Barnes & Noble - At Amazon - At Half

Internet Privacy for Dummies (For Dummies)
[John R. Levine, et al; 2002-05] ISBN 0764508466
- At Barnes & Noble - At Amazon - At Half

The Secured Enterprise: Protecting Your Information Assets
[Chris Byrnes, et al; 2002-02-28] ISBN 013061906X
- At Barnes & Noble - At Amazon - At Half

Securing Business Information: Strategies to Protect the Enterprise and Its Network
[Chrisitan F. Byrnes, et al; 2002-01-30] ISBN 020176735X
- At Barnes & Noble - At Amazon - At Half

Digital Rights Management: Business and Technology
[Bill Rosenblatt, et al; 2001-11-15] ISBN 0764548891
- At Barnes & Noble - At Amazon - At Half

Handbook of Computer Crime Investigation: Forensic Tools & Technology
[Eoghan Casey (Editor); 2001-10-15] ISBN 0121631036
- At Barnes & Noble - At Amazon - At Half

Building Secure Software: How to Avoid Security Problems the Right Way
[John Viega, Gary McGraw; 2001-09-24] ISBN 020172152X
- At Barnes & Noble - At Amazon - At Half

Viruses Revealed
[C. David Harley, et al; 2001-09-21] ISBN 0072130903
- At Barnes & Noble - At Amazon - At Half

CISSP Exam Cram
[Mandy Andress; 2001-09-20] ISBN 1588800296
- At Barnes & Noble - At Amazon - At Half

Information Assurance: Surviving the Information Environment
[Andrew Blyth, Gerald L. Kovacich; 2001-09-15] ISBN 185233326X
- At Barnes & Noble - At Amazon - At Half

The CISSP Prep Guide: Mastering the Ten Domains of Computer Security
[Ronald L. Krutz, et al; 2001-08-24] ISBN 0471413569
- At Barnes & Noble - At Amazon - At Half

Safe & Secure: Secure Your Home Network, and Protect Your Privacy Online
[Felix Lau, et al; 2001-08-23] ISBN 0672322439
- At Barnes & Noble - At Amazon - At Half

Security Architecture: Design, Deployment and Operations
[Christopher King, et al; 2001-07-30] ISBN 0072133856
- At Barnes & Noble - At Amazon - At Half

Invasion of Privacy : How to Protect Yourself in the Digital Age
[Michael S. Hyatt; 2001-04-18] ISBN 0895262878
- At Barnes & Noble - At Amazon - At Half

Protect Yourself Online
[Matthew Danda; 2001-03-28] ISBN 0735611882
- At Barnes & Noble - At Amazon - At Half

Ew 101 : A First Course in Electronic Warfare (Artech House Radar Library)
[David L. Adamy (Editor); 2001-02] ISBN 1580531695
- At Barnes & Noble - At Amazon - At Half

Information Security Risk Analysis
[Thomas R. Peltier; 2001-01-23] ISBN 0849308801
- At Barnes & Noble - At Amazon - At Half

Programming Windows Security
[Keith Brown; 2000-06-27] ISBN 0201604426
- At Barnes & Noble - At Amazon - At Half

Trust in Cyberspace
[Fred B. Schneider (Editor), et al; 1999-01] ISBN 0309065585
- At Barnes & Noble - At Amazon - At Half

(Partial list shown.)
[Complete List of Books]

Inactive Orbits: (Not included on this page)

[(URL not accessible, obsolete, not reference quality)]


Articles: Showing

Training for Information Assurance ( Donald Welch, Daniel Ragsdale, Wayne Schepens ; IEEE Computer Magazine 2002-04)

- The US is at great risk from terrorist manipulation of the intangible bits and bytes of cyberspace. US military institutions are already preparing for cyberspace terrorism and warfare by educating cadets in information assurance.In January 2000, the US Military Academy at West Point created an information assurance course that centers on a competitive, hands-on defensive project: protect a real network from real attack.This project forced the cadets to pull together what they know theoretically and apply it to a real network under attack without risking the damage that mistakes would cause on a live network.The authors encourage other organizations to follow their lead by conducting similar competitive exercises.

Managing Software Security Risks ( Gary McGraw ; IEEE Computer Magazine 2002-04)

Open Source Security: Opportunity or Oxymoron? ( George Lawton ; IEEE Computer Magazine 2002-03)

Improving Security Using Extensible Lightweight Static Analysis ( David Evans, David Larochelle ; IEEE Software Magazine 2002-01)

- Most security attacks exploit in-stances of well-known classes of implementation flaws. Developers could detect and eliminate many of these flaws before deploying the software, yet these problems persist with disturbing frequency-not be-cause the security community doesn't sufficiently understand them but because techniques for preventing them have not been integrated into the software development process. This article describes an extensible tool that uses lightweight static analysis to detect common security vulnerabilities (including buffer overflows and format string vulnerabilities).

Correctness by Construction: Developing a Commercial Secure System ( Anthony Hall, Roderick Chapman ; IEEE Software Magazine 2002-01)

- Praxis Critical Systems recently developed a secure certification authority for smart cards that had to satisfy performance and usability requirements while meeting stringent security constraints. The authors used a systematic process from requirements elicitation through formal specification, user interface prototyping, rigorous design, and coding to ensure these objectives' achievement. They show how a process that achieves normal commercial productivity can deliver a highly reliable system that meets all its throughput and us-ability goals.

Building Software Securely from the Ground Up ( Anup K. Ghosh, Chuck Howell, James A. Whittaker ; IEEE Software Magazine 2002-01)

Trust-Based Security in Pervasive Computing Environments ( LalanaKagal, TimFinin, AnupamJoshi ; IEEE Computer Magazine 2001-12)

Does Open Source Improve System Security? ( Brian Witten, Carl Landwehr, Michael Caloyannides ; IEEE Software Magazine 2001-09)

- Most commercial software producers guard access to the source code of their systems, making it difficult for anyone outside their organizations to apply a variety of measures that could potentially improve system security. But since an attacker could also examine public source code to find flaws, would source code access be a net gain or loss for security? The question goes beyond the technical issues involved because publishing source code reveals intellectual property and therefore affects the producer's business model. We consider this question from several perspectives and tentatively conclude that having source code available should on balance work in favor of system security.

Facing the Challenge of Wireless Security ( Sandra Kay Miller ; IEEE Computer Magazine 2001-07)

Digital Government Security Infrastructure Design Challenges ( James Joshi, Arif Ghafoor, Walid G. Aref, Eugene H. Spafford ; IEEE Computer Magazine 2001-02)

- Designing security systems for a digital government's multidomain environment requires a careful balancing act between providing convenient access and carefully monitoring permissions.

API-Level Attacks on Embedded Systems ( Mike Bond, Ross Anderson ; IEEE Computer Magazine 2001-010)

- A growing number of embedded systems use security processors to distribute control, billing, and metering among devices with intermittent or restricted online connectivity. The more obvious examples include smart cards, microcontrollers used as value counters in postal meters and vending machines, and cryptographic processors used in networks of automatic teller machines and point-of-sale equipment to encipher customers' personal identification numbers. Recently, a whole new family of attacks has been discovered on the application programming interfaces these security processors use. These API attacks extend and generalize the known types of attack that target authentication protocols. Such attacks present valid commands to the security processor but in an unexpected sequence, thereby obtaining results that break the security policy its designer envisioned. Designing security APIs is a new research field with significant industrial and scientific importance. The poor design of present interfaces prevents many tamper-resistant processors from achieving their potential and leaves a disappointing dependency on procedural controls—the design of which involves subtleties likely to exceed the grasp of most implementers. It is unclear that a "generalized" API will work. The natural accretion of functionality presents security with one of its greatest enemies. Yet, getting the API right is relevant for more than just cryptoprocessors. The API is where cryptography, protocols, operating-system access controls, and operating procedures all come together—or fail to. It truly is a microcosm of the security engineering problem.

Guest Editors' Introduction: Embedded Security: Challenges and Concerns ( William A. Arbaugh, Leendert van Doorn ; IEEE Computer Magazine 2001-010)

- The proliferation of embedded devices is bringing security and privacy issues to the fore. We must ensure that we have learned from past problems and proactively attempt to prevent them in the future.

Search Engines as a Security Threat ( Julio César Hernández, José María Sierra, Arturo Ribagorda, Benjamín Ramos ; IEEE Computer Magazine 2001-010)

- Search engines index a huge number of Web pages and other resources. Hackers can use these engines to make anonymous attacks, find easy victims, and gain the knowledge necessary to mount a powerful attack against a network. Further, search engines can help hackers avoid identification. One reason so few hacking attempts get reported is that there are so many of them. Tracerouting a hacker's IP address to its source often ends at a hop completely unrelated to the hacker's actual ISP or local network, which makes reporting the hacker to the upstream provider difficult. Search engines are dangerous largely because users are careless. In the age of DSL and broadband cable accounts, users often keep their machines turned on and connected to the Internet for days. Most of them would be shocked to find that potential hackers target their machines up to several times a minute. Most home-machine hack attempts seek to make their targets zombies in a distributed denial-of-service attack. Search engines make discovering candidate machines almost effortless. It isn't possible to secure all channels against hackers trying to penetrate a vulnerable system. But search engines needn't be wide-open channels that continue to help hackers find and penetrate weak systems.

System Insecurity in the Internet Age ( John Michener ; IEEE Software Magazine 1999-07)

- The general-purpose computing environment that characterizes the PC and Internet was not designed for privacy or integrity. Surveying a variety of Internet targets and likely attackers, the author discusses how these systems can be hardened to survive attacks.

Software Security in an Internet World: An Executive Summary ( Timothy J. Shimeall, John J. McDermott ; IEEE Software Magazine 1999-07)

- Businesses of all sizes use the Internet for sales, purchasing, and collaboration. They all need reliable systems. Here are a few steps we can take now to ensure the security of software and thus to sustain the growth of Internet commerce.

Software Assurance for Security ( Gary McGraw ; IEEE Computer Magazine 1999-04)

Surviving Information Warfare Attacks ( Sushil Jajodia, Paul Ammann, Catherine D. McCollum ; IEEE Computer Magazine 1999-04)

- In today's heavily networked environment, you must guard against both obvious and subtle intrusions that can delete or corrupt vital data. Ideally, your security measures will allow critical system operation even when you're under attack.

Integrating Security into the Curriculum ( Cynthia E. Irvine, Shiu-Kai Chin, Deborah Frincke ; IEEE Computer Magazine 1998-12)

- Computer security can be used as a vehicle to achieve accreditation goals for computer science and engineering programs, while at the same time engaging students with relevant, exciting topics. The authors' approach, based on educational outcomes, illustrates that security topics can contribute to an engineering program by fostering all skills required to produce graduates capable of critical thinking.

Computer Security Research: A British Perspective ( Bruce H. Barnes ; IEEE Software Magazine 1998-09)

(Partial list shown.)
[Complete List of Articles]


Questions and Answers: Showing

On the Prevalence and Removal of Spyware? [2002/04/02]

At Ask Slashdot

University Network Policies and Punishment? [2002/03/15]

At Ask Slashdot

IT Security Certifications? [2002/01/07]

At Ask Slashdot

Satellite Command Security? [2001/12/28]

At Ask Slashdot

Blocking Destructive Users from Websites? [2001/11/06]

At Ask Slashdot

Is the Unix Community Worried About Worms? [2001/09/21]

At Ask Slashdot

Establishing A Nimda Virus Log File Pool? [2001/09/20]

At Ask Slashdot

Handing Over Root Passwords to Clients and Contractors? [2001/08/18]

At Ask Slashdot

Keeping Audit Trail of Activities from Root Login? [2001/08/18]

At Ask Slashdot

Security-Meantime Between Rootshell? [2001/05/19]

At Ask Slashdot

Open Source Security Testing Methods? [2001/05/03]

At Ask Slashdot

Certifying Software As Secure? [ 2000/09/25]

At Ask Slashdot

Auditing for Linux? [ 2000/03/28]

At Ask Slashdot

Quota Compatibility between Linux and Solaris [ 1999/10/17]

At Ask Slashdot


Applications and Utilities: Showing

userv - is a system facility to allow one program to invoke another when only limited trust exists between them. {GPL,GNU}

At GNU project

isic-0.05 - IP Stack Integrity Checker

At FreeBSD Ports
isic-0.05.tgz (At OpenBSD 2.7_packages i386)
isic-0.05.tgz (At OpenBSD 2.8_packages i386)
isic-0.05.tgz (At OpenBSD 2.7_packages sparc)
isic-0.05.tgz (At OpenBSD 2.8_packages sparc)
Ip Stack Integrity Checker (IP, TCP, UDP, ICMP et. al.) (At NetBSD packages collection)

flawfinder-0.21 - Examines source code looking for security weaknesses

At FreeBSD Ports

bfbtester-2.0.1 - A security tool for testing binaries for overflows

At FreeBSD Ports
bfbtester-1.0.tgz - brute force binary tester (At OpenBSD 2.8_packages i386)
bfbtester-1.0.tgz - brute force binary tester (At OpenBSD 2.8_packages sparc)

bcwipe-0.2.4 - BCWipe securely erase data from magnetic and solid-state memory

At FreeBSD Ports

its4-1.1.1 - Tool to scan C/C++ source for potential vulnerabilities

At FreeBSD Ports
static C/C++ code scanner for potential security problems (At NetBSD packages collection)

dsniff-2.3 - Various sniffing utilities for penetration testing

At FreeBSD Ports
dsniff-1.5.tgz (At OpenBSD 2.7_packages i386)
dsniff-2.2.tgz - password sniffer (At OpenBSD 2.8_packages i386)
dsniff-2.2.tgz - password sniffer (At OpenBSD 2.8_packages sparc)
password sniffer (At NetBSD packages collection)

pscan-1.3 - Security C code scanner for misuse of format strings

At FreeBSD Ports

l0pht-watch-1.1 - A program to report on what goes on in /tmp

At FreeBSD Ports

StackGuard - Helps to prevent buffer overflows in subsequently compiled binaries {GPL}

(Info at freshmeat)

Norton AntiVirus 2002 Professional Edition

Norton Internet Security 2002 Professional Edition

Norton Antivirus 8.0

Norton SystemWorks 2002 Professional Edition

McAfee VirusScan 6.0

Norton SystemWorks 2002

Norton AntiVirus 2002 8.0

Norton AntiVirus 7.0/Norton Personal Firewall 1.0 Bundle

Net Nanny 4.0

Quieteye 2.4 Child Monitoring Software: Protecting Your Child on the Internet

Norton Internet Security 2002

Handango Security Guard

PC-Cillin 2000 Virus Protection

Norton SystemWorks 1.0

InterScan 5.X 1000-user for MSG Security Suite for SMTP

Dr. Solomon Virex 6.1 OS 7.5.5 and Up

VirusScan Professional 6

Symantec Antivirus SOL 7.5 DSK/SVR/MSEX/NT/NNOTES/FWALL MEDIA

McAfee Utilities 4.0

Net Nanny 4.0

Dr. Solomon's Virex 6.0

InterScan Viruswall (100-user)

ServiceProtect 1.X for Linux Red Hat (50-user)

PC-Cillin 2000 1000-user Maintenance Renewal

PC-Cillin 2000 50-user Maintenance Renewal

Scanmail for Lotus Notes Server (250-user)

PC-Cillin 2000 500-user Maintenance Renewal

PC-Cillin 2000 250-user Maintenance Renewal

McAfee VirusScan/McAfee QuickClean Bundle

PC-Cillin 2000 (250-user)

Norton AntiVirus 2002

PC-Cillin 2000 100-user Maintenance Renewal

VirusScan Professional 6.0

Norton Antivirus 7.0

Cyberscrub Professional Edition 1.5

InterScan 5.X 500-user for MSG Security Suite for SMTP

InterScan Viruswall (250-user)

InoculateIt 6.0 Lotus Notes Opt Upgrade from InoculateIt 4.5X Lotus Opt

Scanmail for Lotus Notes Server (500-user)

PC-Cillin 2000 25-user Maintenance Renewal

Scanmail for Lotus Notes Server (50-user)

eTrust Inoculateit 4.5 Netware Advanced Edition (25-clients)

Scanmail for Lotus Notes Server (1000-user)

Scanmail for Lotus Notes Server (100-user)

OfficeScan 5.0 for SBS 2000 (50-user)

InterScan Virus Wall (1000-user)

InterScan Viruswall (25-user)

Norton AntiVirus 2002 8.0 (5-user)

InterScan Suite Virus Wall and Emanager (50-user)

PC-Cillin 2000 Virus Protection (50-pack)

InterScan Suite Virus Wall and Emanager (100-user)

InterScan Suite Virus Wall and Emanager (500-user)

VirusBarrier New Anti-Virus

eTrust Inoculateit 6.0 for Linux Workgroup Edition (25 Clients)

eTrust InoculateIt 6.0 for Linux Advanced Edition (25-clients)

InterScan Suite Virus Wall and Emanager (1000-user)

McAfee VirusScan 6.0

Norton AntiVirus 2002 8.0 (10-user)

InterScan Virus Wall (500-user)

InterScan Suite Virus Wall and Emanager (25-user)

PC-Cillin 2000 Virus Protection (25-pack)

InterScan Viruswall (50-user)

Norton Antivirus 7.0

Related Subjects (default selections)
Subject classifications directly under this one are #here#.

(The following links to subjects at this site retain your personalized selections.)

See also: Communication Filtering and Firewalls

Communication Filtering and Firewalls - Preventing certain types of communication. Communication security, encryption, et al. -

Up to Execution

(There may be additional related subject pages listed here)

External Categories

freshmeat.net : Topic : Security

Security - - System security software.

Computers : Hacking :

Computers : Security :

Personalized Selections
Platform:
Unix/BSD/Linux. 		Prog.Language:
C/C++.
Perl. 		License:
Open-source.
  GPL or LGPL.
Commercial. 		Maturity:
Stable.
Tip: To exclude choices, select all others in same column
Pre-Selections

Use our system: Bring Rapid Knowledge Transfer and Awareness to your company website!


Rapid-Links: Search | About | Comments | Submit Path: RocketAware > Execution > Limits >
RocketAware.com is a service of Mib Software
Copyright 2002, Forrest J. Cavalier III. All Rights Reserved.
We welcome submissions and comments