The Best Security Materials
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: The Best Security Materials

  1. #1
    Senior Member
    Join Date
    May 2004
    Posts
    140

    The Best Security Materials

    What is The best thing for a new guy to learn about Security as a whole.I am very new to this. I started as a PC tech intern then some help desk and some ISP stuff and now I was hired 3 months ago as the Security Admin for a Bank. I told them I had VERY little experiance and they didnt seem to care.

    So here I am...I built the helpdesk up as was agreed upon when i was hired and now i need to start in on the security stuff.
    Romans 7:14-20
    14 We know that the law is spiritual; but I am unspiritual, sold as a slave to sin. 15 I do not understand what I do. For what I want to do I do not do, but what I hate I do. 16 And if I do what I do not want to do, I agree that the law is good. 17 As it is, it is no longer I myself who do it, but it is sin living in me. 18 I know that nothing good lives in me, that is, in my sinful nature. For I have the desire to do what is good, but I cannot carry it out.

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Broad topic. You can look through the Security Tutorials forum for some specific tutorials, the Newsletters for some others and probably read everything. The following might help as far as links are concerned:

    http://www.snort.org
    http://www.netfilter.org
    http://www.antionline.com
    http://www.attrition.org
    http://www.cert.org
    http://www.sans.org <--- check out the Reading Room
    http://www.securityfocus.com
    http://www.cve.mitre.org <--- Common Vulnerabilities and Exposures
    http://www.raid-symposium.org <-- Recent Advances in Intrusion Detection (RAID) Conference

    http://directory.google.com/Top/Comp...mail/Security/
    http://www.microsoft.com/security/ <--- Microsoft Security

    Exploits
    http://www.packetstormsecurity.com
    http://www.zone-h.org
    http://www.k-optik.com
    http://www.cotse.com
    http://www.netsys.com

    Penetration Testing

    http://www.gao.gov/special.pubs/mgmtpln.pdf <-- US General Accounting Office Management Planning Guide for Information Systems Security Auditing (PDF)
    http://csrc.nist.gov/publications/dr...ty-testing.pdf <--- National Institute for Standards and Technology (NIST) Guidelines on Network Security Testing (PDF)
    http://www.isecom.org/projects/osstmm.htm <--- Open Source Security Testing Methodology Manual (OSSTMM)

    Security Email Lists

    http://www.netsys.com/cgi-bin/displaynews?a=301 <-- Full Disclosure
    http://www.securityfocus.com/archive <--- BugTraq Mailing Lists (variety of topics)

    Scanning Sites/Utilities

    http://www.security-forums.com/forum...b_pages&cat=21

    Tools

    http://www.blackcode.com/net-tools/
    http://www.kloth.net/services/
    http://network-tools.com/

    Trojans/Port Listings

    http://www.iss.net/security_center/a...ts/default.htm
    http://www.blackcode.com/trojans/ports.php

    If you are like me and like to read actual paper books some to consider include:

    2600 <-- quarterly magazine
    Hacking Exposed, 4th Edition
    Network Intrusion Detection
    Network SEcurity Hacks
    Google Hacks
    TCP/IP Illustrated
    Hacking: The Art of Exploitation
    Hacknotes
    Unix System Administration Handbook (Purple Book)
    .. and many others (my personal collection is about 300-400 books). Visit Amazon.com and do a search on computer security.

    HTH
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    start with the basics. Make sure you keep everything updated, learn your hardware, keep ontop of knowing new virusis that are put on the net that may effect you. Read up on firewall configurations and make sure yours are set correctly. and dont forget about the people working for you, make sure they know what they are doing, and make sure they aren't giving out info to unauthorized people. (read "the art of deception" by Kevin Mitnik) Security isnt just your computers, users play a huge roll as well. Also do things like password audits and watch what they are downloading if anything. stuff like that. but read everything you can get your hands on, the more info you have the better. good luck.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  4. #4
    Senior Member
    Join Date
    May 2004
    Posts
    140
    Dang...this is going to take a while! :shocked

    Thanks, J
    Romans 7:14-20
    14 We know that the law is spiritual; but I am unspiritual, sold as a slave to sin. 15 I do not understand what I do. For what I want to do I do not do, but what I hate I do. 16 And if I do what I do not want to do, I agree that the law is good. 17 As it is, it is no longer I myself who do it, but it is sin living in me. 18 I know that nothing good lives in me, that is, in my sinful nature. For I have the desire to do what is good, but I cannot carry it out.

  5. #5
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Jason, you're starting at the snowflake of a huge glacier. Enjoy!
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  6. #6
    Senior Member therenegade's Avatar
    Join Date
    Apr 2003
    Posts
    400
    Well,does the bloody glacier EVER end?not that I've seen*looks at all the stuff he has to read*
    oh,and getiing back to the topic...it'd also be nifty if you learned a bit about programming..it'd teach you how programs'd work and such

  7. #7
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Well,does the bloody glacier EVER end?not that I've seen*looks at all the stuff he has to read*
    oh,and getiing back to the topic...it'd also be nifty if you learned a bit about programming..it'd teach you how programs'd work and such
    Nope. It never ends. That's why security is always considered a "verb" rather than a noun. It is a process, not a thing. Even IT doesn't have an end when you consider all the different things you can do. That's why when someone says "Where do I start in security?", it's always a broad question. Narrow it down to specifics and people can help you out faster.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  8. #8
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Ms. M: There are times when you are "priceless"....

    Jason, you're starting at the snowflake of a huge glacier. Enjoy!
    This time you exceeded yourself......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  9. #9
    Senior Member
    Join Date
    May 2004
    Posts
    519
    security is a lifestyle (way of life) not just a 9 - 5 job

  10. #10
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    Can you name the bank Only i would like to make sure i dont use it, till your upto speed
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •