Learning about Computer Security
Results 1 to 6 of 6

Thread: Learning about Computer Security

  1. #1
    Junior Member
    Join Date
    Jan 2003
    Posts
    2

    Lightbulb Learning about Computer Security

    The following is a list of recommended resources for learning as much as you can about computer security.

    To begin with, it is important to know about the underlying network technologies. Since most firewalls and security devices are built on TCP/IP networks, a good reference on TCP/IP is essential. I recommend:

    O'Reilly TCP/IP Network Administration
    http://www.amazon.com/exec/obidos/AS...002325-3115155

    In addition to this, it is always useful to know as much as possible about the systems on which you are working. For Linux/Unix systems, there are assorted O'Reilly books on the topics of system administration and system command references, one of my favourites is Linux in a Nutshell,
    http://www.amazon.com/exec/obidos/tg...glance&s=books

    If firewalling is your primary concern, another good (O'Reilly) book is:
    Building Internet Firewalls
    http://www.amazon.com/exec/obidos/tg...glance&s=books
    Additionally, the book "Firewalls & Internet Security - Repelling The Wily Hacker" is worth a read:
    http://www.amazon.com/exec/obidos/AS...002325-3115155

    There are also many online resources, mostly published by emergency response teams like CERT. I recommend the following resources:
    ftp://ftp.auscert.org.au/pub/auscert...rity_checklist

    The following document also makes an interesting read:
    http://www.trouble.org/survey

    Once you have all of these resources thoroughly digested, join a few security mailing lists and security related websites (such as this one). For security-related mailing lists, go to www.securityfocus.com

    If possible, test some of the security vulnerabilities on your own systems (eg build a small network of old linux computers and test code for vulnerabilities to see the effects)
    An advantage of this is that you can see log files and identify patterns, which will help you when looking at real logs during/after an incident.

    Some other recommended books include:

    Common Sense computer security, Your practical guide to information protection
    ISBN: 0077078055

    Computer Crime: A crimefighters handbook
    ISBN: 1565920864

    Computer Secyrity
    ISBN: 0750696001

    Hacker Proof
    ISBN: 188413355X

    Internet Firewalls and Network Security
    ISBN: 15620563

    Maximum Security: A Hacker's Guide To Protecting Your Internet Site And Network
    ISBN: 1575212684

    Practical Unix And Internet Security
    ISBN: 1565921488

    UNIX Unleashed
    ISBN: 0-672-30402-3

    In addition to all of this, some at least basic knowledge of programming will help, preferably in a language suitable for your systems (eg C or C++ in Unix, whatever you want in Windows since its not going to help imrpove its security anyway) Also sockets programming knowledge can be a help.

    Moving on to specific security issues, you should know all applicable vulnerabilities in recent versions of the software you run (eg apache, sendmail) and be aware of the patches for them. Also be aware of the web site(s) where notices of new bugs are posted, so that you can check on a daily basis for new security holes in your server software.

    You should also learn where on your system the logfiles are kept for each daemon or server application you run, and also logs for system events. In addition to this, you should perform some random tests to get to know the servers you are securing, for example know a rough estimate of the average load at a certain time, how many users you expect to be logged in and at what times, and remember roughly which processes are running during normal operation. This way, if you suspect something is wrong, your suspicion can be checked with simple calls to uptime, who and ps aux (This is assuming a *nix based system). The sooner you can identify the fact that you are under attack, the sooner you can respond to it.

    It is also useful to know at least the basics about various forms of cryptography in everyday use, including DES, MD5 and the various public key systems in use (eg PGP and GPG).

    Perhaps the most important thing to remember, both when learning about and implementing security measures, is that the security should be as good as possible, but no better. Do not try to stop users from doing something they've always done... they'll just find ways around your security, giving you a false sense of security, and worsening the problem. Talk to your users when implementing and designing a security policy, find out what they want, and explain to them why that particular service might not be secure. Be open to suggestions, however, the users know what they need to do, do not feel that just because a particular protocol or application is insecure you should not implement it, you can always add an extra layer of packet-based security around it, or lo kthe service off from the outside world, or put it on a proxy server or bastion host. There is almost always a way to provide your users with what they need (that is, what they need, not necessarily what they want... most users would want free access to MP3s and games servers, but that is inappropriate in a business environment).

    Overall, just remember to think before you act, and use your own common sense and judgement. Also, don't trust absolutely everything you read, false bugs have been known to be reported, and some "fixes" are simply ways to open your system to even more attackers!
    In the water where i center my emotion
    All the world can pass me by

  2. #2
    Senior Member
    Join Date
    Jan 2003
    Posts
    100
    informative and well researched .. thanx
    Just because you don\'t see it doesn\'t mean it\'s not there

  3. #3
    Senior Member
    Join Date
    Mar 2002
    Posts
    238
    This looks like such a good thread to add some links to so others can benefit. Nice post, Angelus.

    -> If you need help with security, HTML, Windows, Linux, programming, or using specific features of Operating Systems, a series called "Complete" by Sybex, Inc. offers a very large quantity of information. Each book is, from my experience, high quality and is over 1000 pages. And they are $19.95, too, so compared to other more expensive informative books this is a good buy. View the series at http://www.sybex.com

    -> I read a book called "A Complete Hacker's Handbook: Revised And Updated" by Dr-K. It is a very informative book and goes through the basics of computer security and just plain computers. For example, the beginning of the book explains the structures of binary, hexidecimal, and octal. This is a very new book (C 2002) so I highly recommend it.
    ISBN: 1842227246

    -> Hacking Exposed Third Edition: I also own this book. It's practically the Britannica Encyclopedia of computer security and network protection. I would defenately recommend this book, as it is widely known for its great content.
    ISBN: 007219381
    You can also buy this book directly from its authors at http://www.hackingexposed.com

    -> Updated daily if not hourly, OSSR is a computer security organization dedicated to bringing you great news and alerts as soon as it hits the screen. If you are looking to stay as current as possible with computer security and hacking, Open System Security Resources is a site you wouldn't want to miss. http://ossr.phpwebhosting.com


    Well, that's my small addition, guys. Hope I helped


    Regards,
    Silentstalker
    -{[ Joe ]}- (Joe@nitesecurity.com)
    http://www.nitesecurity.com

    [shadow]I\'m Just A Soldier In This War Against Ignorance.[/shadow]

  4. #4
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    All of these posts up here are great. Very informative.
    While it is very important to read, it is just as important to experiment and play around.

    You can read until your eyes bleed, but can you apply it?

    Play with different operating systems, put them all on a network and just play. Read and play.

    Well, it helps if you enjoy it too.
    Don't do it for the wrong reasons. $ and looking "cool" to your peers are the wrong reasons.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  5. #5
    Senior Member
    Join Date
    Mar 2002
    Posts
    238
    Well I did a little more searching around...

    _
    Web Hacking: Attacks and Defense
    "Book Info: Exposes complete methodologies showing the actual techniques and attacks. Shows countermeasures, tools, and eye-opening case studies. Covers the web commerce playground, describing web languages and protocols, web and database servers, and payment systems. Softcover. "

    Get it From Amazon.com

    _
    Hack Attacks Revealed: A Complete Reference With Custom Security Hacking Toolkit
    "Book Description: Beat hackers at their own game — The world of a hacker revealed by a corporate hack master. Hack Attacks Revealed: Take a technogothic journey inside the world of a hacker as seen by security expert John Chirillo. Drawing on his own experience as a hacking consultant for Fortune 1000 companies, Chirillo shows how hackers can exploit network security holes and how you can recognize an oncoming threat to your security. The book features details of the powerful Tiger Box® system, used by... read more --This text refers to an out of print or unavailable edition of this title. "

    Get it From Amazon.com

    _
    Preorder Today: Hacking Exposed: Network Security Secrets & Solutions, Fourth Edition
    Well, it comes out February 25, 2003, which is roughly a month from now. If I were you, I'd preorder the fourth edition, because it will probably be popular as hell when it comes out. Just my advice. ISBN: 0072227427

    Preorder it From Amazon.com


    Just thought I could have added a little more


    Regards,
    Silentstalker
    -{[ Joe ]}- (Joe@nitesecurity.com)
    http://www.nitesecurity.com

    [shadow]I\'m Just A Soldier In This War Against Ignorance.[/shadow]

  6. #6
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    All of those books are great, some I've read and some I'll have to go buy now... but one thing a lot of people forget is before you start working with your computers security, you should have a good understanding of how your computer actually works. I get a lot of questions from people asking how to do different things, or what things mean, but they don't grasp the basics of a computer.

    For that purpose, so you understand your hardware and how it all works together, I'd recommend

    Enhanced A+ Guide to Managing and Maintaining Your PC
    Enhanced Third Edition by Jean Andrews
    ISBN 0-619-03433-5

    It spends 11 chapters on hardware, 3 chapters on the verious Win Platforms, a chapter on building/purchasing a PC, 1 on communicating over phone lines, a networking chapter, a printer and laptop chapter, and a virus/disater recover chapter, Then a chapter on the Professional PC Technician...

    It's a really great book

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •