This preface includes brief descriptions of the contents of this guide and an explanation of typographical conventions used, and refers you to additional sources of information.
This guide is written for system and network administrators responsible for IRIX backups, security, or accounting. If you are responsible for your personal workstation only, refer to the Personal System Administration Guide first for this information.
IRIX Admin: Backup, Security, and Accounting documents data backup and recovery, host and network security, and host resource auditing and accounting for IRIX computer sites. It contains the following chapters:
Part I of this guide contains three chapters on the following backup and recovery topics:
Chapter 1, “Planning a Backup Strategy”—discusses types of backup media, tools available, and ideas on implementing a backup strategy.
Chapter 2, “Backup and Recovery Procedures”—provides detailed information on each of the backup tools available and gives examples of their use.
Chapter 3, “Troubleshooting Backup and Recovery”—provides information on types of backup errors, and explains some common error messages.
Part II of this guide covers system and network security and contains two chapters:
Chapter 4, “IRIX System Security”—discusses how to implement local system security.
Chapter 5, “Network Security”—discusses how to implement local area network security and network firewalls.
Part III of this guide covers system accounting and auditing and contains the following two chapters:
Chapter 6, “Administering the System Audit Trail”—describes how to audit all events on an IRIX system.
Chapter 7, “System Accounting”—describes how to track system usage.
If you are responsible for backups, refer to Part I. Read Chapter 1 if you have yet to implement a backup policy, Chapter 2 to learn details on the use of a particular backup tool, and Chapter 3 if you are having trouble with backups.
If you are responsible for security, read Part II, Chapter 4 for details on configuring IRIX host security, and Chapter 5 if you are responsible for network security as well.
If you are responsible for system auditing, read Part III, Chapter 6. If you are responsible for monitoring system usage (accounting), read Part III, Chapter 7.
These type conventions and symbols are used in this guide:
| Bold | Keywords and literal command-line arguments (options/flags). | |
| Italics | Commands, filenames, document titles, new terms, onscreen button names, and variables to be supplied by the user in examples. | |
| cpio(1) | Reference page for the cpio command in section 1 of the online manual. | |
| Fixed-width | Error messages, prompts, and onscreen text. | |
| Bold fixed-width |
| |
| ALL CAPS | Environment variables. | |
| “” | (Double quotation marks) Onscreen menu items and references in text to document section titles | |
| # | IRIX shell prompt for the superuser (root) | |
| % | IRIX shell prompt for users other than superuser | |
| >> | Command Monitor prompt |
The following books, and other network and product resources are available to help you establish system and network security.
The following books provide additional information on system and network security.
William Cheswick and Steven Bellovin. Firewalls and Internet Security, Repelling the Wily Hacker. Addison-Wesley. ISBN 0-201-63466-X, second edition 1998.
Douglas E. Comer and David L. Stevens. Internetworking with TCP/IP: Client-Server Programming and Applications, BSD Socket Version, Volume 3. Prentice-Hall, Inc. ISBN 0-13-260969-X, second edition 1996.
David A. Curry. UNIX System Security. Addison-Wesley. ISBN 0-201-56327-4, 1992.
Simson Garfinkle and Eugene Spafford. Practical UNIX and Internet Security. O'Reilly & Associates, Inc. ISBN 1-565921-48-8, second edition 1996.
Various resources addressing security are provided on the Internet itself. Pointers (URLs) are provided here rather than including the information in full, as the material is frequently updated.
Internet resources relating to system security include answers to frequently asked questions (FAQs) from various newsgroups, documents concerning the practice and theory of security, bulletins on new security issues, interactive mailing lists discussing security issues, and so on. Pointers to some of these resources are listed below.
Here are some URLs (universal resource locators) that can connect you to information to various sources of security information on the World Wide Web (WWW):
http://www.sgi.com/ —A good starting point for finding information and products available for Silicon Graphics platforms.
http://www.sgi.com/Support/security/security.html —Security page maintained by Silicon Graphics support services.
ftp://sgi.sgigate.com/~ftp/Security —Security-related patches to download for Silicon Graphics products. There is no charge for security patches.
http://www.lib.ox.ac.uk/internet/news/faq/comp.security.unix.html —A list of general UNIX-related security FAQs.
http://www.alw.nih.gov/Security/ —Links to a wide variety of security-related resources including multiple FAQs.
http://www.telstra.com.au/info/security.html —Many links to general network security information including security-related mailing lists.
http://www.cert.org/ —The Computer Emergency Response Team (CERT) Coordination Center was established by the Advanced Research Projects Agency to coordinate information regarding security threats to the Internet.
http://ciac.llnl.gov/ —The U.S. Department of Energy's Computer Incident Advisory Capability (CIAC) page has links to advisory bulletins, mailing lists, documents, and more.
http://www.faqs.org/faqs/firewalls-faq/ —Firewall FAQ. Frequently asked questions and answers concerning firewalls.
http://www.faqs.org/faqs/by-newsgroup/comp/comp.security.unix.html —A collection of UNIX security FAQs.
http://www-ns.rutgers.edu/www-security/index.html —A home page for security issues related to the World Wide Web.
http://www.socks.nec.com/ —Where to begin for SOCKS proxies. An introduction, downloadable proxies, and more information are included.
Note that URLs change and some of these may already be out of date. Use a good WWW search tool and search for various key words such as “security,” “network security,” and “firewall” to find others.
Here are some news groups you can subscribe to that can help you keep up-to-date on security issues:
comp.security.unix—General discussion of UNIX-related security issues.
comp.security.announce—Announcements regarding security-related products and services.
comp.sys.sgi.admin—Discussion of system administration for Silicon Graphics products.
comp.sys.sgi.announce—Announcements of new products and services of interest to the users of Silicon Graphics products.
comp.security.firewalls—General discussion of network firewall issues for all platforms.
Silicon Graphics provides two IRIX security options. Commercial Security Pak gives both administrator and user greater group and privilege control. Trusted IRIX meets the B1 security level with identification, authentication, and auditing facilities.
Contact your Silicon Graphics sales representative for information on the Gauntlet for IRIX and other security-related products. Silicon Graphics also has Netscape products, which support secure Internet access through encrypting and proxying servers.
Some additional products are mentioned on the Web pages listed above, but note that mention there does not imply endorsement by Silicon Graphics, and configuration and support of these products is either supplied by their vendors or your responsibility.