Search CSRC

Conference: 15th National Computer Security Conference Abstract: The number of personal computer viruses continues to grow at an alarming rate. Many of these viruses are variants (i.e., close relatives) of "old" viruses. This often results in less than accurate identification of viruses. The consequences of this can be distressing: virus removal software fails, s...

Abstract:

Abstract: This document provides guidance for technical managers for the reduction of risk to their computer systems and networks from attack by computer viruses, unauthorized users, and related threats. The guidance discusses the combined use of policies, procedures, and controls to address security vulnerab...

Abstract: The document is intended to assist the users and system administrators of Windows 2000 Professional systems in configuring their hosts by providing configuration templates and security checklists. The guide provides detailed information about the security features of Win2K Pro, security configuratio...

Abstract: Computer viruses continue to pose a threat to the integrity and availability of computer systems. This is especially true for users of personal computers. A variety of anti-virus tools are now available to help manage this threat. These tools use a wide range of techniques to detect, identify, and r...

***Disclaimer: Items in the following lists are provided for research purposes, and do not imply endorsement by NIST.*** U.S. Government Activities / Initiatives Related Standards / Best Practices C-SCRM Research / References Involved Standards Organizations / Associations U.S. Government Activities / Initiatives Committee on National Security Systems Directive (CNSSD) 505 - "...provides the guidance for organizations that own, operate, or maintain [National Security Systems (NSS)] to address supply chain risk and implement and sustain SCRM capabilities". Comprehensive National...

Call for Proposals All electronic data shall be provided either in a zip file, or on a single CD-ROM, DVD, or USB flash drive labeled with the submitter’s name, as well as the name of the proposed cryptosystem. 2.C.1 Implementations Two implementations are required in the submission package: a reference implementation and an optimized implementation. The goal of the reference implementation is to promote understanding of how the submitted algorithm may be implemented. Since this implementation is intended for reference purposes, clarity in the implementation code is more important than the...

Abstract: Firewalls are essential devices or programs that help organizations protect their networks and systems, and help home users protect their computers, from hostile attacks, break-ins, viruses, and malicious software. Firewalls control the flow of network traffic between networks and between hosts that...

Abstract: This bulletin provides information about "malware," a term used to describe malicious code and malicious software that are covertly inserted into an information technology (IT) system to compromise the confidentiality, integrity, or availability of the data, applications, or operating system, or to...

Abstract: NIST Special Publication 800-68 has been created to assist IT professionals, in particularly Windows XP system administrators and information security personnel, in effectively securing Windows XP systems. It discusses Windows XP and various application security settings in technical detail. The gui...

Abstract: Computer systems and the information they store are valuable resources that need to be protected. Increasingly sophisticated threats including system and network intruders, computer viruses, and network worms can exploit a variety of weaknesses in computer systems and cause significant damage. Due t...

Abstract: Government agencies and other organizations have begun to augment their computer security efforts because of increased threats to computer security. Incidents involving these threats, including computer viruses, malicious user activity, and vulnerabilities associated with high technology, require a...

Type: Presentation

Abstract: This bulletin summarizes the information that was published in NIST Interagency Report (NISTIR) 7621, Small Business Information Security: The Fundamentals, by Richard Kissel. The publication presents three major areas that small businesses should address to provide security for their information, s...

Abstract: This publication provides recommendations for improving an organization s malware incident prevention measures. It also gives extensive recommendations for enhancing an organization s existing incident response capability so that it is better prepared to handle malware incidents, particularly widesp...

Abstract: This National Institute of Standards and Technology Internal Report (NISTIR) presents nine articles which represent a wide spectrum of computer security information. The articles were selected by the staff of the Computer Security Division, Computer Systems Laboratory, at the National Institute of S...