The Center for Education and Research in Information Assurance and Security, or CERIAS, is the world's foremost University center for multidisciplinary research and education in areas of information security. Our areas of research include computer, network, and communications security as well as information assurance.

This site's design is only visible in a graphical browser that supports web standards, but its content is accessible to any browser or Internet device. (Why?)

Center for Education and Research in Information Assurance and Security

COAST Security Archive Logo The COAST Archive FAQ

____

Frequently Asked Questions...

How do I access the archive?
Why can't I access the archive?
Can I download any files in the archive?
How do I uncompress these things if I am using NT or DOS/Windows?
Can I ftp from a Mac?
How do I get permission to include the archive in publications?
How is the archive laid out?
How can I get at authentication and cryptography papers?
Do you have any OS/2 security tools?
Are there restricted encryption tools in the archive?
What do I do when a tool is submitted?
We would like to mirror your archive - how do we do it?
Is there a mailing list for tripwire?

Do you have a question that is not answered here?


How do I access the archive?

You have two choices for access: ftp or WWW (Web). You can ftp to: coast.cs.purdue.edu or point your Web browser at: http://www.cs.purdue.edu/coast/archive/index.html

Why can't I access the archive?

We run a reverse name lookup on our DNS server to verify that everyone who connects is really from where they say they're from. This is a security measure on our part. You will need to contact your system administrator to enable reverse name lookup on your DNS server before you can access the archive by ftp.

NOTE: Most files in the archive are Postscript files. This is a platform independent language for specifying the layout of text and graphics on a printed page. Most modern printers can accept postscript files (that commonly end in the extension .ps) and will print them properly. You cannot view a postscript file as a regular ASCII file in an editor - you need a Postscript viewer (like ghostview). Many of these are freely available on archive sites around the net.


Can I download any files in the archive?

Please read carefully the Copyright notice and the Export Control Notice. You cannot download software that contains any cryptographic code prohibited from being exported from the US. We've tried to ensure that all our archive items comply with this law, but some may have slipped through.

BE AWARE OF EXPORT RESTRICTIONS IF YOU DOWNLOAD CRYTOGRAPHY SOFTWARE - see /pub/auc/README.export if you have any doubts.


How do I uncompress these things if I am using NT or DOS/Windows?

You will probably need an equivalent version of the uncompress program for NT/Windows. I am pretty sure such a program exists - if you go to any of the Internet directories (Yahoo, Lycos etc) they have sections with code for various platforms.

I know GNU do tools for DOS platforms (which are essentially ports of their UNIX tools). You can also get the Mortice-Kern toolkit (MKS) for DOS, which gives you a UNIX shell and programs for DOS. It's a commercial package (not expensive) and comes with good documentation.

Once you uncompress the files, you will need a postscript viewer to view them on-screen. Your printer will probably print them out fine, as most modern printers can handle postscript files.


Can I ftp from a Mac?

Ok, first things first. Are you ftp'ing from your Mac, or another machine. We have reverse DNS lookup enabled as a security precaution. It does a look-back on the address of your ftp connection to ensure that you really are coming from where your address claims to be. You may not have reverse-DNS lookup enabled on your machine. If not, you won't be able to ftp to the archive. Contact your local sysadmin to fix this.

Or, you can use the Web pages to get to what you're after: http://www.cs.purdue. edu/coast

As for viewing - the files are compressed Postscript. They are compressed using the UNIX compress command. They can be uncompressed using...uncompress! You wil l need Mac equivalents of these commands (and of the gzip/gunzip combo). Get the se from a Mac archive site.

The documents can only be viewed in a Postscript viewer or printed on a postscri pt compatible printer (most printers these days). If you don't have a viewer, go to an archive site nearest you and obtain one.


How do I get permission to include the archive in publications?

Please contact Doug Curry at dscurry@dsp.purdue.edu about licensing.

How is the archive laid out?

Our archive is broken down into two main areas: tools for security and papers/documents on security. The papers can be found in ftp://coast.cs.purdue.edu/pub/doc. The tools can be found in /pub/tools. Under this directory are subdirectories for unix, dos, Macintosh and Amiga. The bulk of our tools are for unix in /pub/doc/unix.

If you have WWW access, consult http://www.cs.purdue.edu/coast/archive/index.html which will introduce you to the archive, its layout and provide you with a search mechanism. It's not perfect yet, but we're working on it!


How can I get at authentication and cryptography papers?

Check out the /pub/doc/authentication and /pub/doc/cryptography directories.

If you have WWW access, consult http://www.cs.purdue.edu/coast/archive/index.html which will introduce you to the archive, its layout and provide you with a search mechanism. It's not perfect yet, but we're working on it!


Do you have any OS/2 security tools?

I'm afraid we don't have any OS/2 security tools in the archive. We have not come across any freely available tools. If you find any, please point us to them so we can add them to the archive.

Are there restricted encryption tools in the archive?

We make every effort to keep restricted encryption tools out of the archive, but we make no guarantees.

What do I do when a tool is submitted?

Thank you for taking the time to submit a tool to the archive. We would appreciate it if you could give us a short text description of the tool in the email, and a PGP signature for the package. That way we can verify what you sent to us was written by yourself.

If you maintain a copy on your local machine, we would like to mirror it into the archive on a regular basis. Please let us know if we can make a weekly copy of it.


We would like to mirror your archive - how do we do it?

We would prefer if you didn't mirror the *whole* archive as that is a lot of data to transfer. If you wish to mirror portions of it, that is perfectly acceptable.

We mirror from our sources twice every week. It may be worthwhile to go to the original site if you know exactly what package you want to get. If you are looking for subject specific groupings (i.e. all documents on networking), then it is easier to mirror from our archive.

Please respect the copyright notices on any packages you mirror and keep them intact. Also, please do your mirroring at off-peak hours (11pm - 6am EST).

We have tried to remove any package that is not ITAR compliant from the archive. However, it is quite likely that we missed a few. Please try to watch out for packages that would violate ITAR. Also, be sure to put the ITAR message prominently in your archive, just to be sure! (it's in /pub/README.export).

As for the technical side of mirroring: we mirror packages from remote sites into our "mirrors" tree: /pub/mirrors. Sub-directories there give per-site packages. However, we encourage users to access the archive via the "subject" tree: /pub/doc for documents/papers and /pub/tools for tools. I would encourage you to mirror the subject tree where possible.

If you find yourself mirroring the mirrors tree, it would be easier for us to give you our mirror control file and allow you to mirror directly from the home site.


Is there a mailing list for tripwire?

There is no mailing list for tripwire. If you have questions about tripwire, you can direct them to tripwire-request@cs.purdue.edu

Do you have a question that is not answered here?

Please send questions to

security-archive@cerias.purdue.edu

_____

O Built by Mark Crosbie and Tanya Mastin.

Security Archive Page Security Archive Homepage.

COAST Homepage COAST Project Page.

Purdue CS Homepage Purdue CS Dept page.

Last Modified: May 21, 1996.

security-archive@cs.purdue.edu (COAST Security Archive)