Talk:Unix security

Computer Security: Computing High‑importance

This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security articles

High

This article has been rated as High-importance on the project's importance scale.

This article is supported by WikiProject Computing.

This article has been marked as needing immediate attention.

Things you can help WikiProject Computer Security with:

Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...

Answer question about Same-origin_policy
Review importance and quality of existing articles
Identify categories related to Computer Security
Tag related articles
Identify articles for creation (see also: Article requests)
Identify articles for improvement
Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
Find editors who have shown interest in this subject and ask them to take a look here.

Computing: Software Low‑importance

This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles

Low

This article has been rated as Low-importance on the project's importance scale.

This article is supported by WikiProject Software (assessed as Low-importance).

This article is supported by WikiProject Computer Security (assessed as High-importance).

Things you can help WikiProject Computer Security with:

Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...

Answer question about Same-origin_policy
Review importance and quality of existing articles
Identify categories related to Computer Security
Tag related articles
Identify articles for creation (see also: Article requests)
Identify articles for improvement
Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
Find editors who have shown interest in this subject and ask them to take a look here.

Future Work[edit]

I'd like to start working on sections and cleaning them up.

Patching[edit]

I'd like to ditch most everything in this section and put in best-practices instead. Thoughts? Tall Girl 22:11, 20 May 2006 (UTC)[reply]

Please don't, https://en.wikipedia.org/wiki/Wikipedia:What_Wikipedia_is_not#Wikipedia_is_not_a_manual,_guidebook,_textbook,_or_scientific_journal MüllerMarcus (talk) 10:55, 13 April 2024 (UTC)[reply]

Some papers[edit]

Rather then focusing on firewalls and such, i'd have expected this to be a general Unix article. Such as:

On the Security of UNIX by Dennis Ritchie http://www.tom-yam.or.jp/2238/ref/secur.pdf
Introduction to Computer Security: Unix security by Pavel Laskov - http://www.ra.cs.uni-tuebingen.de/lehre/ss09/introsec/08-unix.pdf
And lectures, such as: http://213.174.143.38/download/cse497b-lecture-18-unixsecurity-pdf-14090696.html

81.206.113.131 (talk) 18:57, 11 November 2010 (UTC)[reply]

Packet filtering[edit]

This article does not mention packet filtering and iptables.

It does now!!! Tall Girl 19:52, 20 May 2006 (UTC)[reply]

Before I go crazy with iptables edits, isn't that pushing this page into a more Linux security direction than Unix security focus? Tall Girl 01:00, 22 April 2006 (UTC)[reply]

Okay, so I'm about to start a section on iptables. Tall Girl 18:42, 20 May 2006 (UTC)[reply]

I'm done for now. Please review, comment, tear me to shreds, etc. Tall Girl 19:52, 20 May 2006 (UTC)[reply]

In the firewall section there should be a more general discussion of firewalling, packet filtering, stateful inspection etc. Then particular implementations should be mentioned whith details about what their features are in a general sense eg is it a simple packet filter, or an old implementation that ran on an older series of Kernals (eg ipchains). Ones that should be mentioned are (off the top of my head), OpenBSD packet filter (pf), [ipfw], [ipchains], [IPFilter] and any firewalling code included in propritary Unix (what do Solaris and AIX and HPUX use?). Only then should detailed descriptions of the particular filters syntax etc be mentioned and probably not in huge detail. Some mention could also be made of products like checkpoint firewall one that can run on a unix box, and various specific implementations with open source roots like smoothwall and astaro. To round out the firewall section there could be a discussion about firewall products which tend to contain things like web filters (eg squidguard, dansguardian) spam filters (eg spam assassin, mailscanner) vpn terminators, bandwidth management (QoS) and anti-virus. Htaccess 19:50, 14 June 2006 (UTC)[reply]

Sorry that I'm 18 years late for the feedback, but I just removed that section. As you say, it pushes the article to be a Linux-specific thing, and atop of that, with nftables, this whole section was not only a fair bit too deep, but also a fair decade too outdated :) Hope you don't mind! MüllerMarcus (talk) 10:53, 13 April 2024 (UTC)[reply]

grsecurity[edit]

This article does not mention grsecurity.

… And that's totally OK for an article on general UNIX security. This isn't about Linux, nor is it useful for any likely reader to link to them here. MüllerMarcus (talk) 10:57, 13 April 2024 (UTC)[reply]

IDS[edit]

This article does not mention Intrustion Detection Systems and Snort.

… and that's OK for an article on UNIX security, as opposed to general computer (network) security. IDSes are as relevant to UNIX systems as to Windows networks, or clusters of Amigas, if you care enough. MüllerMarcus (talk) 10:57, 13 April 2024 (UTC)[reply]

Malware and Virus[edit]

Maybe ClamAV should be mentioned?

no; that's not UNIX security. Information like "as with most other operating system families, there is anti-virus software that runs on various UNIX platforms" would be specific enough, but honestly, where's the value in stating that? — Preceding unsigned comment added by MüllerMarcus (talk • contribs) 10:52, 13 April 2024 (UTC)[reply]

Log file monitoring[edit]

I think I'd go insane without LogWatch. Very good for finding out what's going on where on a Linux system (and I believe it works with others, but I don't use any others at the moment) without having to read all of /var/logs.

Exported[edit]

I exported this page to v:Unix security. You may now adjust it for Wikipedia's purposes. - Sidelight 12 ^Talk 11:50, 3 April 2014 (UTC)[reply]

Root access[edit]

Is it really necessary to have the superman analogy? The explanation should be self-explanatory, without requiring an explanation to explain the previous explanation. If it's a concept that should be broken down into more simple terms, that should ideally be done via the initial explanation. It's also very tonally distinct from the rest of the article. 121.98.148.203 (talk) 03:24, 17 January 2021 (UTC)[reply]

Yeah, that was silly, and uncited, I removed it (see below) MüllerMarcus (talk) 10:58, 13 April 2024 (UTC)[reply]

I'm doing cleanup – uncited claims, wrong claims, overgeneralizations and tutorial content[edit]

This article really is not good. The "needs citations" template has been there for nearly 10 years now, and forcing oneself to add sources would have made the authors realize that a lot of the content they've added is not relevant to this article, too specific, or hearsay.

So, I'll do Wikipedia:Be bold and clean this up now. Most of the things I'm about to remove are already part of other articles, or simply not encyclopedic. MüllerMarcus (talk) 10:26, 13 April 2024 (UTC)[reply]

Done for now; not removing the "generally lacks citations" template, because I could not source all claims nor clearly mark them individually. This is still not a great article, but at least it's a bit more on-topic and correct now. MüllerMarcus (talk) 11:07, 13 April 2024 (UTC)[reply]