Computer System and Network Security

Distrust and caution are the parents of security.
— Benjamin Franklin

We will bankrupt ourselves in the vain search for absolute security.
— Dwight D. Eisenhower

This page remains under construction, just as your information security policy should. After all, you never know when someone may have developed a new technique to try to steal the credit card processing information going over your network. This material is an addition to any reference material provided elsewhere. This forum provides additional information, and lists references and URLs that come up during some courses I teach. Also check out Purdue's CERIAS information assurance research and development group and their resources: http://www.cerias.purdue.edu/

Remember that installing some tools, and even taking security quite seriously on an on-going basis, does not make you secure! Information security must be a matter of risk management, since complete risk avoidance is impossible. Just as a quality home security system cannot absolutely guarantee that your valuables will never be stolen, there is no such thing as a completely secure system. The precise set of threats and the potential costs of breaches will depend on whether your organization is military, government, commercial, academic, or whatver. Hence some lawyer repellent, er, I mean, disclaimer:

The following are no more than suggestions. There is no guarantee that they will make your system secure. Mention here of a commercial product is by no means an endorsement — I'm just trying to direct you to several available tools, and I may have only one such example handy right now.

Use this information as a tool, in addition to what you have already learned.

Fundamentals

• Just Enough Cryptography
  • Cryptographic algorithms, digital signatures, cryptographic hashes, the basics of how they work
• How to Verify Digital Signatures
• TCP/IP — How the networking protocols work
• How Does NAT (Network Address Translation) Work?
• How Does IP Routing Work?
• A simple explanation of IPsec
  • What IPsec is, what network security it provides, how it builds a VPN, how to set it up.

Information Security

• Confidentiality and Data Integrity Tools
  • PGP & Gnu Privacy Guard, Key Recovery, RADIUS, Risks of Google, Sanitizing Media, Secure Online Data Storage, Information Leakage, Commercial Cryptography, SSH, Secure FTP, Hardware Encryption, Voice Scramblers, Cryptography and International Law, X Privacy and xspy, IPSec, VPN's, Spyware
• Government and Industry Regulations
  • HIPAA, Sarbanes-Oxley (Sarbox/SOX), PCI (Payment Card Industry)
• Availability Tools
  • Real costs of data loss, Remote and local archiving, Disk longevity and failure rates, Laptop theft prevention, Fighting spam
• Computer Forensics
• Public Key Infrastructure (PKI) Providers

User Authentication

• Authentication Tools
  • Well-known default passwords, Rainbow Tables, Comparing OS user authentication strength, Kerberos, Password tools, sudo, Tokens, Biometrics
• Passwords — How they work and how to break them
  • How passwords work and how they're stored, salt values, hashes and entropy
  • Forms of attacks, analysis of authentication strength of various operating systems, dictionary attacks, cracking attacks, Rainbow Table attacks, frequent password changes and the illusion of security
• Reverse-Engineering the Hacker —
  • What types of passwords will a typical hacker guess?

System Security (operating system auditing and hardening)

• System Security Auditing and Monitoring Tools
  • TARA, COPS, Titan, Bastille, ISS tools, Password Testing and Cracking
• OS-Specific Security Issues
  • Cisco IOS, Linux, Solaris, Tru64 (ULTRIX, OSF/1), IRIX, AIX, DOS, Macintosh, Novell, AS/400, VMS, Windows
• Intrusion Detection Tools
  • Tripwire, AIDE, Snort, RazorBack, ACID-XML, SNARE, BackLog, NetRanger, NetStalker, GrIDS
• Analyzing multiple intrusions into a poorly configured Linux system
• Hardware Exploits
• Physical Security

Network Security

• Network Security Auditing Tools
  • Top 100 Network Security Tools, Lists of TCP ports used by attacks, Port scanners, Network vulnerability testing, DNS security, Automatic Teller Machine (ATM) security
• Network Monitoring / Protocol Analysis / Packet Sniffing Tools
  • Unix-based, Windows-based, switch spoofing, Wireless LAN/WAN security, WLAN antenna construction, packet-sniffing attack detection
• 802.11i / WPA2 wireless networking
• Firewall Tools
  • Unix/Linux-based, Windows based, Home / Small-Office Firewall, Commercial vendors
• How to set up and use SSH
• Web Security
• TCP/IP Stack hardening
• Network Attack Analysis: Classifying and Identifying Attack Patterns With Textual Analysis Tools

Malware, Social Engineering, and Software Security

• Social Engineering and Fighting Internet Hoaxes
• Why HTML E-mail is Dangerous
• Analyzing Web Mail Abuse and Spear-Phishing
• Analyzing a Phishing Scam Attempt
• SonicWALL's great Phishing Analysis Quiz
• Analyzing Hostile Data
  • An overview of viruses, worms, trojans, downloaders and other malware, plus analysis of: Bagel, Mytob, Mydoom, The Russian M.O.B., and more
• Software Security Tools
  • Buffer Overflows, Writing Safe Code, C/C++ Security, Python Security, Java Security, ActiveX Attacks, Writing Exploit Code

Reference Material

• Recommended Reference Books — How-to guides for best practice, background information, and more
• Security-Related RFCs (Valuable Documents!) and Mitre nomenclature projects
  • Some of these function as dictionaries and explain the terminology. Others provide the formal definitions of networking protocols.
• Infosec Bulletins
• General Information
  • Big-Money Losses, Telecommunication Outages, COMSEC and GSM/mobile hacking, DNS Security Issues, Incidents and Anecdotes, Government Warnings and Reactions
• Cyberwar
  • Military Applications of Network Attack and Defense — "Network-Centric Warfare", International Conflict on the Internet, Military-Industrial Espionage, Viruses and Hacking, Threat Reports and Warnings, Offensive Information Warfare & Information Operations
• Other Organizations' Policies
• Infosec Response Teams
  • Incident Response Teams, Assistance and Guidance, Research and Development, Vendors, Risk Management and Insurance Coverage
• The Government Surveillance Agencies
  • CESID, CIA, CSE, CSIS, DIA, DSD, FBI, FSB, GCHQ, IKSI, NIMA, NSA, NRO, EIEIO...
• Keeping Track of the Bad Guys
  • Classic Hackers, Hacker Technology
• Downright Scary Threats
  • Separatists, para-military, military, and intelligence organizations
• Cryptographic History
  • WWII German Enigma system and its weaknesses, WWII and Cold War tourism
• The Gallery of Crash Dump Screens

Where to go from here

Make sure you understand your systems well, and set them up properly! As Hippocrates said, "Primum non nocere", or "First, do no harm."

• Online computer science courses (so you can better understand what you're up against!)
• U.S. Government Cyber Security Tips
• The Top 20 Internet Security Risks, from SANS
• Home Network Security Issues, from CERT

Home Unix/Linux Networking Infosec Travel Technical Radio Site Map Contact