Security - How Can you Learn Internet Self-Defense? 13
notacracker asks: "A friend and I are trying to learn about network security. I figure it would be more fun if we set up a two machine local area network, and practiced breaking in and detecting break-ins. But where to start ? It's easy enough to find a cookbook (eg O'Reilly) on security, but where is the equivalent to an O'Reilly book on cracking and actively defending a system? It sounds like someone has been toying with this idea over at ZDNet as well. You might want to check out their free-for-all hackfest on OpenHack.com (thanks to Tarsi for the link).
Network Intrusion Detection : An Analysis Handbook (Score:3)
I highly recommend this book. I enjoyed every minute of it and I feel that people can get a lot out of this book no matter what their security knowledge is.
Re:Network Intrusion Detection : An Analysis Handb (Score:1)
Run Portsentry too. (Score:1)
Build yourself up a large arsenal of "eleet script kiddie" programs (jolt, jolt2, teardrop, winnuke, all of the thousand or so Wu-Ftpd exploits) and play around with them, to see just how vulnerable your machines are.
Subscribe to Bugtraq and read it voraciously.
- A.P.
--
"One World, one Web, one Program" - Microsoft promotional ad
hacker pages. (Score:3)
Cult of the dead cow [cultdeadcow.com]
Happyhacker.org [happyhacker.org]
Infiltration.org [infiltration.org]
hackers.com [hackers.com]
Hacker news [hackernews.com]
attrition.org [attrition.org]
AntiOnline [antionline.com]
AntiCode [anticode.com]
phrack [phrack.com]
2600 [2600.com]
Many of these pages contain arhives that have documents on cracking networks and such.
Vast documents on cracking NT servers.
A few of these are not really related but fun any how.
And the archives also contain many documents on system defence.
-----
If my facts are wrong then tell me. I don't mind.
Maximum Security (SAMS) (Score:3)
Highly recommended; the 'Cracked!' series of features from rootprompt.org [rootpromt.org]. Look in the 'Features' sidebar.
bBob
--
Inoshiro at Kuro5hin (Score:3)
__
From one beginner to another... (Score:1)
I was fortunate enough to attend the "Hacking Exposed:Live!" [usenix.org] tutorial at Usenix2000 [usenix.org] in San Diego, Ca. 3 weeks ago and can recommend "Hacking Exposed:" [hackingexposed.com](McClure,Cambray & Kurtz,Osborne/Mcgraw-Hill, $39.99 ). My prior network security experience consisted of copying IPCHAINS scripts to rc.firewall, yet I had no problem understanding the material or applying the suggested counter measures. I have since purchased the book and found it even more informative and thorough.
You may also find SecurityFocus.com [securityfocus.com] useful.
Another Book (Score:1)
Read, read, read (Score:1)
Where I am (Score:2)
I think that first its very important to have a good grasp of all network operations. This is for a number of reasons - basically, if you dont know what's normal, you dont know what's not. There are also a lot of vulnerabilities that arrise out of a combination of configurations, etc. These really require a good grip on the technologies to be able to forcast.
To be a really good security person requires a lot of experience as an administrator. To me, it's either management, or security after system administration.
insecure.org, Re:[Cr]acker pages (Score:1)
Fyodar's exploit world [insecure.org] has a good collection of scanners, articles, and known exploits (if that's what you want).
Word of advice though, don't ask about the back doors in the various Quakes (here [insecure.org] and here [insecure.org]) during interviews on /. unless you've got Karma to spare . . . ouch.
It's mostly a conglomerate of different sources, but a number of the articles are kinda interesting. Keeping up with CERT [cert.org] advisories would probably be better for self defense though (always good to know what they do though). The scanners are pretty good, especially if your, um, on the "testing" end and the the detection end . . .
Ummm... (Score:1)
Re:Network Intrusion Detection : An Analysis Handb (Score:1)