Page 1 of 5 123 ... LastLast
Results 1 to 10 of 41

Thread: MsMittens' Security Bible?

  1. #1
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323

    MsMittens' Security Bible?

    Well, ok. Maybe call it something else. I was talking with a publisher today about the possibility of writing a book. They are interested but damned if I can figure out what to specifically cover. I suppose I'd have a chapter on wargames, how exploits work, how networking works, standard trojans/virii/worms and of course how to defend against this. The target would be those with some knowledge and who want to get to the next level.

    But I'm curious as to feedback from members as to what you'd look for in a security book that perhaps hasn't been covered or isn't covered well enough.

    The goal of the book isn't $$ or fame. Rather I'm looking at a way to create a book that I'd feel comfortable using in class and that doesn't send my students to sleepyland.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #2
    Senior Member
    Join Date
    Dec 2002
    Posts
    275

    Re: MsMittens' Security Bible?

    Originally posted here by MsMittens
    Well, ok. Maybe call it something else. I was talking with a publisher today about the possibility of writing a book. They are interested but damned if I can figure out what to specifically cover. I suppose I'd have a chapter on wargames, how exploits work, how networking works, standard trojans/virii/worms and of course how to defend against this. The target would be those with some knowledge and who want to get to the next level.

    But I'm curious as to feedback from members as to what you'd look for in a security book that perhaps hasn't been covered or isn't covered well enough.

    The goal of the book isn't $$ or fame. Rather I'm looking at a way to create a book that I'd feel comfortable using in class and that doesn't send my students to sleepyland.
    The goal of the book isn't $$ or fame.
    Are you sure... j/k


    Well, ok. Maybe call it something else.
    Yeah, not sure if that title would sell a bunch of copies. Then again, you said it wasn't for the cash.

    But I'm curious as to feedback from members as to what you'd look for in a security book that perhaps hasn't been covered or isn't covered well enough.
    To my peanut brain, that's going to be a tough one to answer. What about local security policy, in detail? Told ya I was workin with very little?


    .dublix

  3. #3
    Senior Member
    Join Date
    Jan 2004
    Posts
    199
    In reference to your networking section, i'm currently reading a few books about networking in general, and also some aimed at the security side of networks. Pretty much all of the books cover the TCP/IP suite, and talk about protocols such as ICMP, DHCP, IGMP etc but i've found that they just give a short summary about these such protocols. I'd think it would be a cool idea to include a more detailed look at these protocols, including structure, construction, examples etc..

    Not sure if this helps much, but anyway good luck with the book.
    -

  4. #4
    Senior Member
    Join Date
    Oct 2003
    Posts
    394
    I like to test software and find out what is good. Efter that usualy it can be some crash. And progblem is how to fix it.// "I learn me at my own hands."

    First step for me is how to make PC safe in home (without network) and protect it from all porssable what can happend. // It can be few levels for different users.
    ->Home(Office), Children

    Secound step is make network, and make it safe.
    ->Home(Office)
    ->Children(online games)
    ->Admin(privat)
    ->Admin(company)

    And as appendix , hardware that can be used for that.
    Little more is some international laws for PC.
    I think that if write about it, so it can be more then one book.

    I hope that you book will be good.
    // too far away outside of limit

  5. #5
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    I think it's a great idea. So put me down for one! As I look over my shoulder at the other security books I have, the common theme that is missing out of most, is currency, obviously things get outdated quickly. A couple of subjects of immediate interest:

    Modern discovery and scanning techniques used by the bad guys and how to detect and defend.

    More how you can uncover vulnerabilities in your home stand-alone PC and Lan. (New stuff).


    Selecting the audience to write to will be challenging for sure. Just a suggestion, but you might check some of the questions/posts asked here. Obviously if someone asks, "What does TCP stand for?", I don't think that would be your intended audience. But if she/he asks something like, "What is the importance of the least significant bit????



    Good luck!

  6. #6
    Member
    Join Date
    Jan 2004
    Posts
    33
    I have always used hands on in my class. Setting up servers on different platforms and then having the class attack before patching and then after patching. I keep thier interest by explaining the documented exploits that they will be using during the exercises.
    Then give them a couple hours to hack away on the different platforms before we go into lecture about patching and prevention. They administer what they have learned and then we setup to attack again. Once they are happy with the solution they have implemented I always try to find a hole that was missed or forgotten about.

    The real question is do you want this book to be a resource/reference or do you want it to be a classroom manual.......Rarely have I seen a book that can be both, so is the purpose short term solutions to exploits that will be considered "old" in a few months or more vanilla explainations about things that have not changed for a long time.

    You are two steps ahead of me at least you have a publisher that is interested in publishing your work. I look forward to seeing what you come up with.....Good Luck

  7. #7
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Location
    Miami, FL
    Posts
    795
    But I'm curious as to feedback from members as to what you'd look for in a security book that perhaps hasn't been covered or isn't covered well enough

    I look for the most detailed books for internet security. From what I've seen on this forum you will do an excellent job I wouldnt worry about that. When you publish a book let me know so I can buy it. Thanks Computer Nerd22

  8. #8
    Well thats funny Becuase I just started writing a book on caraudio installation from basic to intermediate level installation, and One my first problems was the same thing what to write on. For me Im just covering every aspect of 12-volt install front to back. Then I plan on writing several books covering specific areas. And yes my books will be about making money but also to teach someone who has never installed anything in there life a total beginner a very easy way to get done what they are trying to do.

    This will be quite involved becuase not only will I have to teach what I know, but I have to keep in mind that the person reading has never done anything related to radios and speakers and subs and so on...Thats my goal...So hope this might help you. later

  9. #9
    Junior Member
    Join Date
    May 2002
    Posts
    25
    Sign me up for sure ! As a newbie what would I want to read and feel I spent my money well? For the most part it seems ports and scripts are certainly learnable if taught in the right way. I feel most of what I read starts over my head. If I were to ask you what i'd like to see it would be the most important things in the most simple way to impliment the tasks at hand. I'm certain whatever direction you take I'd learn as do I each time I visit this site. Good Luck
    Just when i got used to yesterday, along came today.

  10. #10
    Senior Member
    Join Date
    Sep 2003
    Posts
    500
    What you could do is make a chapter on a subject, then at the end of the chapter have problems/questions. And included with these could be excersises that the person could perform. For example:

    Use nmap on your computer? What ports should be open? What can you do to fix the ones that shouldn't be open?
    Along with this would be a nice guide on how to solve the problem/excercise. Very few books these days actually try to come out of the book so to speak. If you can give them situations and tasks that they could perform on their computer then they would definately be more interested in the book.

    You could go over various tools used today as well as their use and good guides on how to use them. For example: Snort, ethereal, nmap, nessus, and the like.

    You could aslo include a cd with the book that would include tools they could use to work with (basically just include a copy of knoppix-STD, but then you would have to buy rights to use it).

    Basically, make the book as interactive as possible. Instead of just listing the facts (which will be forgotten) give the students a chance to put the ideas into practice.

    My 2 cents
    You shall no longer take things at second or third hand,
    nor look through the eyes of the dead...You shall listen to all
    sides and filter them for your self.
    -Walt Whitman-

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •