Page 2 of 5 FirstFirst 1234 ... LastLast
Results 11 to 20 of 41

Thread: MsMittens' Security Bible?

  1. #11
    The Recidivist
    Join Date
    Nov 2002
    Posts
    460
    You have written mutiply tuts on honeypots and we have spoken about tarpits. Why not include a chapter/s on those subjects. Defiently would make for an interesting read. I am looking foward to any possibilite of a book written by you. Congrads and hope it turns out as you like it to!!!

    hjack
    "Where the tree of knowledge stands, there is always paradise": thus speak the oldest and the youngest serpents.
    - Friedrich Nietzsche

  2. #12
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    If you are attempting to reach those of intermediate skill and knowledge, please remember that not everybody is at the same leval. One person might be just a knowledgeable beginner, while another would be close to an expert. But, even the person close to the expert leval is probably missing some basics.
    I would be interested in an intermediate book that would also reference good beginning material. Not to lay it out right there, but to at least reference where I can go to fill in the gaps I might have. That way a beginner could also benifit from your work, although they would probably be reading double what the true intermediate student would be.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  3. #13
    Senior Member
    Join Date
    Sep 2003
    Posts
    161
    A walkthough and how to make and use an exploit.

  4. #14
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,883
    Stress the use of google
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  5. #15
    Member
    Join Date
    Nov 2003
    Posts
    67
    Originally posted here by qod
    A walkthough and how to make and use an exploit.
    Then Show how to Defend Against it and variations of it...and Server Security in general..

    HTH

    P.S. I Too Would Like a Copy, When it is finished..

    Cheers
    [gloworange]The Only Way to be Safe is To Never Be Secure. [/gloworange]
    Benjamin Franklin

  6. #16
    Senior Member
    Join Date
    May 2003
    Posts
    159
    If looking at a book for Newbied to Intermediate .. I suggest

    * Thorough explanation of avaiable Network Protocols (There vulnerabilities and means to identify the same and defense against the known vulnerabilities in Depth. A detailed explanation on how to make meaning out of packets captured by sniffer.. before that good guide on where to place the sniffer....

    * Explanation of various Security Architechture and focus on Designing a Secure Network. What should be the consideration before placing a firewall... where should the firewall be places... how many firewalls is it sufficient to secure my network..... Again similar details abt IDS / IPS

    * Secured Communications.... Use of VPN , PGP and other such technologies

    * Cryptography......

    * Honey Net .... Diffrent deployment techniques

    * Future attack trends

    * Future Defense trends

    * Support the book with many real life case studies....

    I guess this is what I would particularly like to see from a SECURITY BIBLE..... but again look for a better name also.........

    Regards

    kalp
    ****** Any man who knows all the answers most likely misunderstood the questions *****

  7. #17
    Senior Member
    Join Date
    Jul 2002
    Posts
    339
    Someone said in another forum in this site that identity theft has become a trend. Yes, I think Security and Privacy should go hand in hand...

    CONFIDENTIALITY is a security issue primarily concerned with protecting information from disclosure, while...
    PRIVACY relates to the careful and ethical secondary use of personal information (using consumer information in ways unknown or unapproved by the consumer)
    You can have good, effective, SECURITY (CONFIDENTIALITY) without PRIVACY, but...
    You cannot manage PRIVACY without good SECURITY!

    Peace always,
    <jdenny>
    Always listen to experts. They\'ll tell you what can\'t be done and why. Then go and do it. -- Robert Heinlein
    I\'m basically a very lazy person who likes to get credit for things other people actually do. -- Linus Torvalds


  8. #18
    Senior Member
    Join Date
    Oct 2003
    Posts
    707
    How about including stories at the beginning of each chapter which of course will be related to the topic that will be talked about ? Maybe along the line of how the cracker manage to crack the system. But yet the admin manage to trace him down with the tools that were available to him. Does that even make any sense ?

    Then you could go in-depth about the tools which were used, and the sort etc etc ...

    I personally would really love to learn more about SQL injection. So it would be pretty cool if you could talk about that.

    P.S. I would sure like a copy of the book once it's out. Hope that everything goes well.
    Operation Cyberslam
    \"I\'ve noticed that everybody that is for abortion has already been born.\" Author Unknown
    Microsoft Shared Computer Toolkit
    Proyecto Ututo EarthCam

  9. #19
    Yes, that's my CC number! 576869746568617's Avatar
    Join Date
    Dec 2003
    Location
    Earth
    Posts
    397
    The Agent is on the right with that idea. I'm tired of case studies. Write the book with a kind of Cloak and Dagger feel, blackhat vs. whitehat. (that's how it is in the real world...isn't it )

    Of course explain the exploit in brutal detail and what vulnerability it exploits. (I wouldn't give the exploit code...I favor Full Disclosure, just not that full). Then, If the blackhat succeeds, explain why (Admin did't patch MS flaw and patch file was out for 6 months).

    When the blackhat fails, .....well I think you get the idea. (I hope so because now I'm confused!)

    Anyhow...It' will make the book more enjoyable to read, and at the same time, you'll have fun writing it. I'm sure most of us will be glad to proof it for you when you get a draft going.


    ----------------------------------Tear Here to Redeem Coupon------------------------------------

    Coupon Good for one autographed copy of MsMittens Security Bible upon publication
    certain restrictions may apply, see www.MsMittens.com for details

  10. #20
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    ----------------------------------Tear Here to Redeem Coupon------------------------------------

    Coupon Good for one autographed copy of MsMittens Security Bible upon publication
    certain restrictions may apply, see www.MsMittens.com for details
    LOL ... Thank all for your suggestions, ideas and comments. It is giving me something to consider. At this point, as I mentioned at the beginning, this is just ideas being tossed about. I don't know if they will go for it but part of the reason for my wanting to do this was a lack of a decent text. Most of the texts that I've seen or used are either too dry, too basic (too beginner), too high level (too advanced) or out-dated.

    Keeping up to date will be hard because much like computers, once bought, it's out of date (for the most part).

    Case studies or "stories" are something I use in class anyways. I have a feeling if I go ahead with this, it will be somewhat like my "lectures" or discussions rather than a step-by-step thing.

    Definately how blackhats get in and how to defend would be the basics of the book (whether we talk about exploits, script kiddie tools, virus, worms, social engineering) and perhaps a break down along those lines.

    Hrmmm.. more to think about.

    Oh.. and title is the last thing I'm thinking about right now. First, I have to get the book idea approved with the publisher. Then write the book. When that's done (which won't be a short time, I think), I'll come back for some title ideas. So let's not put the cart before the horsey just yet.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •