November 11th, 2001 03:02 PM
New and full of questions
I've known I wanted to be in the computer field for some time now, but just a couple of weeks ago decided that Computer Security would be section for me. I'll try not to ask the same questions that have all ready been answered, I've been reading alot of past posts for the last couple of days, in attempt not to ask the same old questions again(pats self on back) . I have started later then most people learning about this stuff from what I've seen(I'm early 20s). So I'm looking to cover alot of ground fast.
Sorry for the long intro, now for the questions.
#1. I was wondering if it was possible for viruses to defeat say, Norton AntiVirus 2000 that has been kept up to date and is on when the computer is on? Mainly, once you get a virus is there always a way to detect you have it? Hope that kinda makes sense.
#2. I have access to Borland Delphia 5.0 Pro and M$ Visual C++ 5.0, learning edition. Should I try to learn both at the sametime? Focus on one for a while? If just one, which would be the you'd recommend? I have just started into this as well .
#3. I notice this site has viruses to DL. I was wondering if it was safe to DL the ones from the site? If it would help me to further my knowledge to learn how they tick? and about what stage would you recommand doing that?
Sorry, if I've asked alot of boring questions. They'll get better as I learn more, I promise . Thanks for any help you can provide!
November 11th, 2001 04:20 PM
1. NAV (Norton AntiVirus) can detect most viruses, but if you only have the 2000 version, it will soon become out of date as new techniques are used to infect systems. I recommend updating to NAV 2002. But, theoretically, once Norton know about a virus, NAV200x will be able to protect against it... with a few exceptions, but they will be extremely rare.
2. C++ is better, and more useful, and, probably, easier, than Pascal / Delphi... but, with only MS Visual C++ available, I'd recommend getting a non-MS C++ development environment and learning that, rather than getting tyed into an MS proprietary system!!
3. Once you learn various programming languages, you will be able to understand how the viruses available for download work, but if you're interested in security, it'd perhaps be best to leave that to the anti-virus experts, and concentrate on the programming behind port scanners, firewalls etc.
November 12th, 2001 12:22 AM
I am also wondering about which books to get.
I looked around amazon.com and found alot that sound good, but not having a ton of money, nor time to read all of them. I was wondering if someone has been able to read these books and had some thoughts on them as far as good reading material for newbies
Know Your Enemy: Revealing the Security Tools, Tactics, and Motives of the Blackhat Community by The Honeynet Project (Editor), Lance Spitzner (Preface), Bruce Schneier, The Honeynet Project
White-Hat Security Arsenal: Tackling the Threats by Aviel D. Rubin
Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses by Ed Skoudis
If there are some better ones. If you wouldn't mind posting them, Thanks!
November 12th, 2001 02:34 AM
Norton won't detect all viruses but it's better then no security. About what book to read, don't just buy any book out there try and find stuff on the net.
It's free and most books will tell/show u same **** or are outdated.
November 12th, 2001 04:53 AM
For the question about NAV, once NAV learns about a virus, it will always detect it under normal circumstances. and since NAV even complains when a file tries to write to the registry and such, it does a realatively good job. on the other hand though, i have seen/participated in defeatin NAV with existing viruses. Under the proper circumstances, viruses can be "cloaked" (pardon the phrase, it just the best one i could think of at the moment) but there are ways to slip viruses by it, it's just difficult to get past the definitions, esp if they are up to date.