Announcing the COAST Security FTP Archive! The COAST group at Purdue are happy to (finally) announce the availability of our security archive. The archive is currently available via FTP, with extensions to gopher and WWW planned soon. The archive currently contains software, standards, tools, and other material in the following areas: * access control * artificial life * authentication * criminal investigation * cryptography * e-mail privacy enhancement * firewalls * formal methods * general guidelines * genetic algorithms * incident response * institutional policies * intrusion detection * law & ethics * malware (viruses, worms, etc) * network security * password systems * policies * privacy * risk assessment * security related equipment * security tools * social impacts * software forensics * software maintenance * standards * technical tips * the computer underground The collection also contains a large set of site "mirrors" of interesting collections, many of which are linked by topic to the rest of the archive. You can connect to the archive using standard ftp to "coast.cs.purdue.edu". Information about the archive structure and contents is present in "/pub/aux"; we encourage users to look there, and to read the README* files located in the various directories. If you know of material you think should be added, please send mail to security-archive@cs.purdue.edu and tell us what you have and where we can get a copy. In order of preference, we would prefer to get: -- a pointer to the source ftp site for a package -- a pointer to a mirror ftp site for the package -- a uuencoded tar file -- a shar file -- a diskette or QIC tape If you are providing software, we encourage you to "sign" the software with PGP to produce a standalone signature file. This will help to ensure against trojaned versions of the software finding their way into the archive. Any comments or suggestions about the archive should be directed to "security-archive@cs.purdue.edu" -- please let us know what you think!