Computer System and Network Security
We will bankrupt ourselves in the vain search
for absolute security.
— Dwight D. Eisenhower
The world is never going to be perfect, either on-
or offline; so let's not set impossibly
high standards for online.
— Esther Dyson
He that breaks a thing to find out what it is has left the path of wisdom."
— Gandalf in The Fellowship of the Ring
From a practical standpoint the security problem will
remain as long as manufacturers remain
committed to current system architectures,
produced without a firm requirement for
As long as there is support for ad hoc fixes
and security packages for these inadequate
designs and as long as the illusory results
of penetration teams are accepted as
demonstrations of a computer system security,
proper security will not be a reality.
— Roger Schell in the USAF report Preliminary Notes on the Design of Secure Military Computer Systems, written in 1973.
World War Two cryptographic hardware
Left: German Enigma encryption machine
Right: U.S. SIGABA encryption machine
National Museum of the U.S. Air Force, WPAFB
This page remains under construction, just as your information security policy should.
These pages are intended to provide some background for the courses I teach, listing the references and URLs for various tools, studies, and other issues that come up in courses, which saves time spent on conference call services with students. Plus, of course, once I have these pages I no longer have to try to remember specific reference details! I'm not trying to review specific commercial security systems as that is done elsewhere (and would be hard to maintain).
Remember that some attempts to increase security in one area can make it worse in others. Mid-range security cameras can be turned against you — see the risks of home and office cameras incorporating tiny web servers that can be turned against you by simple Google searches.
Also check out Purdue's CERIAS information assurance research and development group and their resources at cerias.purdue.edu. You might also investigate a Computer Information Systems (CIS) Degree from Boston University.
Remember that installing some tools, and even taking security quite seriously on an on-going basis, does not make you secure! There is no such thing as a completely secure system. Hence some lawyer repellent, er, I mean, disclaimer:
The following are no more than suggestions. There is no guarantee that they will make your system secure. Mention here of a commercial product is by no means an endorsement — I'm just trying to direct you to several available tools, and I may have only one such example handy right now.
Use this information as a tool, in addition to what you have already learned.
|Just Enough Cryptography||How to Verify Digital Signatures|
|TCP/IP — How the networking protocols work||How Does NAT (Network Address Translation) Work?|
|How Does IP Routing Work?||A simple explanation of IPsec|
Data Integrity Tools
||Government Surveillance||Government and Industry Regulations|
|How to set up encrypted storage on Amazon EC2||Availability Tools||Computer Forensics|
|Passwords — How they work and how to break them||Reverse-Engineering the Hacker|
|System Security Auditing and Monitoring Tools||OS-Specific Security Issues||How to harden a default Linux or BSD installation|
|Attacks on Virtualization Security||Hardware Exploits||Physical Security|
|Intrusion Detection Tools||Analyzing multiple intrusions into a poorly configured Linux system|
|Network Monitoring / Protocol Analysis / Packet Sniffing Tools||Network Security Auditing Tools||SSL/TLS Security|
|802.11i / WPA2 wireless networking||QR codes and Near-Field Communication Risks||How to set up and use SSH|
|Firewall Tools||Web Security||TCP/IP Stack hardening|
|Network Attack Analysis: Classifying and Identifying Attack Patterns With Textual Analysis Tools|
|An Overview of Cloud Security||Security Concerns of Cloud Technology Users: A Survey of Major Cloud Customers||Cloud Security Blog — Thoughts from Time to Time on Cloud Security|
|Secure Distributed Logging: Syslog, TLS, and Amazon EC2 Cloud Servers||How to set up encrypted storage on Amazon EC2||Hacked in the Cloud — An Attacker Takes Over a Cloud Server|
Good free anti-virus / anti-malware software includes ClamAV, ClamXav, Avira, AVG, Avast!, and ZoneAlarm. ZoneAlarm incorporates spyware detection and removal software.
The Kaspersky Rescue Disk lets you safely boot and clean infected Windows systems that can't be cleaned with the normal tools.
Malware.lu is a repository of malware and technical analyses for security researchers.
|Learn about scams, spam, phishing, and worse, and take some great Phishing IQ tests||Analyzing Hostile Data||Software Security Tools|
|Social Engineering and Fighting Internet Hoaxes||Why HTML E-mail is Dangerous||Analyzing Web Mail Abuse and Spear-Phishing|
|Analyzing a Phishing Scam Attempt||Attrition.org's list of vendors that have shipped malware with their products.|
|Recommended Reference Books — How-to guides for best practice, background information, and more||Security-Related RFCs (Valuable Documents!) and Mitre nomenclature projects||Infosec Bulletins and Mailing Lists|
|General Information||Cyberwar||Other Organizations' Policies|
|Infosec Response Teams||Keeping Track of the Bad Guys||Downright Scary Threats|
|Cryptographic History||The Gallery of Crash Dump Screens||Cryptographic Haiku|
CVE Details is a great source of information on vulnerabilities. You can search by CVE reference, by vendor, and product name.
Some of these are useful, some have a relatively high level of hype, but you might find some of these useful:
Make sure you understand your systems well, and set them up properly! As Hippocrates said, "Primum non nocere", or "First, do no harm."
Look into getting a Master of Science in Information Security Online from Norwich University.
Be aware that your browser always gives away some information about you, unless you are using Tor and using it very carefully. Your browser just provided this information:
|REMOTE_ADDR||18.104.22.168 (your IP address)|
|REMOTE_PORT||42360 (your TCP port number)|
|HTTP_ACCEPT_ENCODING||x-gzip, gzip, deflate|