Issue No. 05 - September/October (2004 vol. 6)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MITP.2004.68
Defending the Network
Network Security Assessment, Chris McNab. To help network administrators defend their systems from attack, this author offers steps to identify and assess risks. He follows that up with a testing model to adopt, refine, and reuse for defensive strategies.
This guide covers offensive technologies by grouping and analyzing them at a higher level—from both an offensive and defensive standpoint. If you need to develop and implement a security assessment program, this book can help.
Focusing on Internet-Protocol-based network security assessment in a structured and logical way, the author describes how a determined attacker will scour Internet-based networks in search of vulnerable components. A former hacker, he outlines techniques for assessing Web services, remote maintenance, FTP (file transfer protocol) servers, databases, Windows networking, virtual private networks, and application-level risks.
O'Reilly; ISBN 0-596-00611-X; 371 pp.; $27.17.
Key to Security Keys
Network Security: Private Communication in a Public World, Charlie Kaufman, Radia Perlman, and Mike Speciner. This book primarily targets graduate or advanced undergraduate students, security managers, and programmers.
The authors survey computer security in three sections. Opening with cryptography, they describe the meaning of keys and algorithms. The second part deals with authentication, and the benefits and pitfalls of different schemes. The final section covers e-mail-related issues. Exercises at the end of each chapter let readers test their comprehension of concepts.
Other coverage includes discussions of the Advanced Encryption Standard (AES), IPSec, secure sockets layer, and Web security; cryptography, including secret and public keys, hashes, and message digests; avoiding the pitfalls of authentication handshakes; and security issues associated with URLs, HTTP (hypertext transport protocol), HTML (hypertext markup language), and cookies.
Pearson Education; ISBN 0-13-046019-2; 752 pp.; $46.19.
EnterpriseITplanet.com's AntiOnline is a community of security, network, and computer professionals, along with students and amateurs who are interested in computer and network security.
The Web site offers access to thousands of archived programs, as well as thousands of security-related text files. Visitors can also interact with other security-minded individuals.
Security news items have included "Experts Question UN's Anti-Spam Plan," "Software Piracy Losses Add Up to $29B," and "Keep Your iPod Off My Network!" Recent available security products include Shavlik HFNetChkPro/Security Agents (Shavlik Technologies, LLC), CI Discovery (Kemma Software), GFI MailEssentials (GFI Software Ltd), NetScreen Secure Access (Juniper Networks, Inc), Encryption Plus Email (PC Guardian Technologies, Inc), and ADvantage (Javelina Software, LLC).
The discussions forum breaks conversations into separate categories. An antivirus section covers information on preventing viruses from infecting your system. Visitors can go to the intrusion detection system (IDS) and scanner section for information on vulnerability scanners. The wireless security section includes information on WiFi, cell phones, and PDAs.
The site also offers tutorials such as "An Introduction to Securing a Wireless Network," "A Tale of Two Logfiles," "Researching CyberLaw," "Secure Linux Boot Loaders," and "TCP Flags: Their Use and Abuse."
SecurityFocus is a vendor-neutral site that includes the BugTraq mailing list, which offers detailed discussions and announcements of computer security vulnerabilities. BugTraq is the cornerstone of this security community.
The SecurityFocus Vulnerability Database provides security professionals with information on vulnerabilities for all platforms and services. This information is provided for free with a 48-hour delay from when the vulnerability is first posted, or as a paid service from Symantec without any delay.
SecurityFocus Infocus feature articles fall into eight areas of interest: penetration-testing, firewalls, Microsoft, Unix, IDS, virus, incident handling, and foundations. Each area aims at helping readers implement security measures as well as introducing readers to new technologies, methods, and potential concerns.
Open Source for Windows Administrators, Christian Gross. The author targets Windows administrators interested in using open-source applications to improve efficiency, whether they're designing a desktop or managing an FTP server. The book does not seek to replace Windows tasks with open-source methods; rather, it shows how open-source projects such as Cygwin, Bash, Python, Java, Ruby, MySQL, Apache, and Tomcat can help solve common problems.
The book focuses directly on how an administrator can install, package, and use each project to solve common tasks, and integrate the projects with other business and server applications. It covers the available documentation, versions, and distributions for each project.
With a focus on how open-source software can simplify common administration tasks and save money, the author uses a component approach so administrators can pick and choose open-source technologies. A companion CD contains demos and source code.
Charles River Media; ISBN 1-58450-347-5; 600 pp.; $33.97.
LinuxWorld Conference and Expo 05
14-17 February 2005
The LinuxWorld Conference will cover Linux and open source as solutions to enterprise needs. It will thus focus on Linux development, deployment, and management in desktop environments, paying special attention to open-source applications, security, utility computing, and IT infrastructure.
Speakers will also focus on business and address strategic issues such as return on investment, total cost of ownership, standards, architecture, and case studies.
Hands-on labs are three hours long and have attendees following along on laptops. Tutorials are three-hour lectures with a work book; these target final decision makers in IT solutions and services.
Part of the Jupiter Media Corp., Server Watch's Apachetoday.com site bills itself as the central spot for news, reviews, and server downloads. The latest release of Apache, an open-source Web server that runs on Alpha, Intel, and Pentium platforms, is available from links on this page.
The site also provides links to Apache-related articles, including Apache versus Microsoft's Internet Information Services (IIS), a ServerWatch forum posting about compiling Apache 2.x under Windows; and a June 2004 Security Space survey. Tutorials on the site include "Advanced Logging Techniques with Apache," which explains how to configure an Apache server to provide necessary information without overly affecting performance. "Log Analysis Basics, Apache Maintenance Basics," explains log monitoring and configuration management, and summarizes major steps and maintenance tasks. "Reverse Proxying With Apache 2.0" discusses when and how to implement a reverse proxy server using Apache 2.0.
Just Linux is an online forum and resource center for all things Linux. Site visitors can register to post on the forum boards, or peruse the question and answers available there. The Help File Library contains links to topics including networks, compiling kernels, modems, software, and tools.
What JustLinux and its many forum users have created is a form of documentation for new and experienced Linux users who seek help from more-experienced users. All users can contribute personal tips and tricks, or full- fledged articles, which site managers convert to instructional help files. What makes this concept unique is the help-seeking user feels comfortable asking questions and getting direct help.