KnujOn

KnujOn (nûj-ôn)


Security

  1. Why?
  2. Where to start
  3. Concepts
  4. Specific threats
  5. Knowing what the hackers know
  6. Documentation
  7. Books
  8. Links

Writing about security isn't easy. Unlike other technical areas(programming or PC maintenance) security discussions get people very upset. Issues around security can be very polarizing. To even to mention the word "hacking" sometimes results in angry reactions. Some people might say I should not discuss hacker techniques or read magazines like 2600. My philosophy is this: if you are a network administrator or an IT director, it is your responsibility to know as much as possible about security threats. The hackers are reading your system manuals in search of weaknesses, should you not read their journals to protect yourself? Think about what is at stake: your data, your money, your job.

Where to start

Before you even think about the technological aspect, start with sound policy and user training. Think about what you want protected before you run out and buy a security system. Document where your data is, who has access to it, how they access it. Read RFC 2196 and perform a security audit of your entire operation.

Train your staff to select good passwords and protect those passwords. Set policies and procedures for document retention. Make sure electronic documents are deleted completely and paper documents are shredded. Employees are one of the biggest security liabilities. Problems can be avoided with proper training.




Concepts

SSH, SSL, S-HTTP

S-HTTP is a secure web protocol that uses either encryption, digital signatures or both SSH uses RSA public key for securing terminal emulation connections and logins SSL sits between the application layer and transport layer for securing web traffic

SSH Secure Socket Shell. Unix-based interface for accessing remote hosts, like telnet.
OpenSSH

Biometrics

Biometrics is the science of analyzing personal biological data. For computer security and forensics this can include fingerprints, retina scans, facial feature recognition, and voice pattern matching.

KERBEROS

A secure method for authenticating a request for service in a computer network. Used multiple, encrypted “ticket” exchanges to verify a user requesting access. Kerberos FAQ.

IPSec

Applies security at the network/packet level rather than the application level using Authentication Headers or Encapsulating Security Payload. AH allows the sender to be authenticated, ESP uses authentication and encryption. NIST IPsec Project.

Firewalls

A system of programs and servers that protect resources and users on a private network from dangerous transmissions on other networks. Examines each packet and compares it to a set of rules or conditions before passing it on. Firewalls FAQ.

Public & Private keys

Uses password based RSA encryption. A public key is issued by an authority as an encryption method. The private key is kept by the sender and the public key is used by authorized receivers to decrypt. The public key cannot be used to encrypt or vise versa. This is known as asymmetric cryptography.

Hashing

A method of extracting a coded string from a word string to create a digital signature or some other kind of verification

Digital Signatures

A method of verifying the source of a document. Using an encrypted hash code, a DS can be placed on an encrypted or plain text document. More.

Cryptography & Data Encryption

A method of turning text or data into an unreadable format for security and privacy purposes.




Specific threats

Denial of Service

A type of hack or attack that prevents normal network connectivity. More.

Port Scanning/Surfing

Attempts to find open ports on a network to exploit. More.


Knowing what the hackers know

One of the best ways to learn about possible threats is to learn from the people exploiting them. In many cases hackers are exploiting holes in your system that can be closed by changing your configuration or downloading an update patch. In other cases they are exploiting a hole in your procedures that can be closed with better training.

Hackers: heroes of the computer revolution by Steven Levy

The "harmless" hacking book

Articles from the "Cookbook"

The "cookbook" is an on-line continuation of the infamous Anarchist Cookbook by William Powell. The cookbook was a thin volume of recipes for weapons and drugs that emerged amid 1960's paranoia. I read it in college while researching terrorism and was rather unimpressed. Actually trying anything in this book and you probably end up injuring or poisoning yourself. There is actually a counter-commentary on it called Recipes for Disaster. The author has actually released public statements denouncing his own book since. Someone known as Jolly Roger recycled the original book on-line and added various articles on hacking. I have only linked the computer-related articles.
Hacking Tutorial
The Basics of Hacking II
Breaking into BBS Express
Hacking DEC's
PC-Pursuit Port Statistic's
Hacking Vax's & Unix
Telenet


Phrack
Phrack is a hacker magazine that started out as text files posted on boards in the old days. Many of these text versions are still posted on the Internet. I noticed that the "last" ever volume will be issued in July of 2005. Here is the oldest issue I know of: Volume One, Issue One from 1985. Various other issues can be found here. Some recent articles:
Windows NT
Windows Shellcode
Windows Overflow Buffer
Cisco IOS
Linux Kernel Keylogger


2600
2600: The Hacker Quarterly has a fairly simple format. People find security holes and write about them. Often highly critical of government and big-business, it is useful to scan this magazine for security issues that might affect your network.


Telephone Harassment

Call blocking/redail codes: phone-features
National Do Not Call List: donotcall.gov
Reverse phone lookup: reversephonedirectory.com

Documentation

RFC 2196 - Site Security Handbook
RFC 1244 - Site Security Handbook
RFC 2828 - Internet Security Glossary
Other Security RFCs
Information Security Basics
How to develop a Network Security Policy
10 Tips for Creating a Network Security Policy
PGP Encryption
Top 75 Security Tools
WhiteHat.com
WindowsSecurity.com
UNIX Security Checklist
VAX Security
Security-Enhanced Linux
Linux Firewalls
Windows 98 Security
Secure Mac
Handheld Device Security


Books

Practical UNIX & Internet Security
Real World Linux Security
Computer Security Basics
Hack Attacks Encyclopedia
Building a Secure Computer System
Microsoft Windows Security Resource Kit
Hacking Windows XP
Securing Windows Server 2003
Writing Information Security Policies
More...

Links

itsecurity.com
NSA: Information Assurance
CIA: Directorate of Science and Technology
FBI: HAS YOUR BUSINESS BEEN HACKED?
Microsoft Security Updates
Privacy Policy and Mission Statement