Use the 'Net to Secure Your Nete
James W. Meritt
As you have no doubt seen in the popular media, security throughout the 'Net is almost a lost cause. There are three obvious reasons for this: "Don't care", "Don't know", and "Don't have the resources" to secure the network even if you did care and did know. Reading this article somewhat belies the "don't care" part, and I hope to furnish information to help the "don't know". Since there is much you can do for little or no money, there may be some help here for the "don't have", too. The following sites are ones that I have found to be most informative and most stable (they have been there and up every time I've checked for years). There are many, many other security-related resources on the 'Net, but these should furnish a good start.
Official Sites There is an assortment of official sites with a great deal of information on network security. Among them is the Computer Security Institute, which is the oldest international membership organization offering training specifically targeted to information security professionals at:
http://www.gocsi.com/
The Computer Security Resource Clearinghouse at:
http://csrc.ncsl.nist.gov/
is designed to collect and disseminate computer security information and resources to help users, systems administrators, managers, and security professionals better protect their data and systems.
The Department of Energy Information server at:
http://doe-is.llnl.gov/index.html
is designed to enhance information security data sharing. Their Computer Incident Advisory system is at:
http://ciac.llnl.gov/
Informative Sites Along with these sites, there are others containing immediately relevant information.
http://www.infowar.com/
is the InfoWar Web site for Information Warriors. The National Computer Security Association reading room is at:
http://www.ncsa.com/readingroom/
There is a large collection of papers about various different computer security issues at:
http://www.alw.nih.gov:80/Security/first-papers.html
Mailing Lists A variety of mailing lists concerned with security issues are listed at:
http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/news-items/ \
old-news-items/951223.listoflists.html
They have been archived at:
http://www.neosoft.com/internet/paml/
http://www.tryc.on.ca/mailinglists.html
Plans, Policy, and Procedures The organizational policies are necessary to provide a security architecture for all of a company's operations. The policies undergo normal review procedures, and then are approved by agency management for implementation. Planning network security -- what needs to be done and what documents and policies need to be established -- are described in:
http://www.reliable.net/security.htm,
http://www.info-sec.com/internet/security/internet_081297c.html-ssi
http://www.area-development.com/AUG96_14.HTM.
Tools The tools that you may need to secure your network may be available at both "official" and "unofficial" (hacker) sites. They can be found at:
http://www.ecst.csuchico.edu/~thuff/newtools.html
ftp://coast.cs.purdue.edu/pub/tools/
ftp://ftp.win.tue.nl/pub/security/index.html
http://www.coil.com/%7Eebright/SECUR30.HTM
http://www.antiOnline.com/ and http://www.rootshell.com/
You can use tools that crackers might use in order to check your own site for vulnerabilities.
People Finally, if you can't find help any other way, there is a list of computer security-related people at:
http://now.cs.berkeley.edu/~daw/people/compsec.html
These are very busy people, and there is no guarantee that they will have an opportunity to assist you, though I have found them extremely helpful.
Hot List AntiOnline/Hacking and Hackers -- http://www.antionline.com/
COAST Security FTP Archive -- ftp://coast.cs.purdue.edu/pub/tools/
Computer Incident Advisory Capability -- http://ciac.llnl.gov/
Computer Security Institute -- http://www.gocsi.com/
Computer security people -- http://now.cs.berkeley.edu/~daw/people/compsec.html
Computer Security Resource Clearinghouse -- http://csrc.ncsl.nist.gov/
DOE Information Security server --
http://doe-is.llnl.gov/index.html
FIRST Security Papers -- http://www.alw.nih.gov/Security/first-papers.html INFOWAR: Information Warriors -- http://www.infowar.com/
List of security mailing lists --http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/ \
news-items/old-news-ite ms/951223.listoflists.html
Mailing lists -- http://www.tryc.on.ca/mailinglists.html
Minimize Business Losses Through Proactive Planning -- http://www.area-development.com/AUG96_14.HTM
NCSA Reading Room -- http://www.ncsa.com/readingroom/
Network Security and Network Monitor Programs --http://www.ecst.csuchico.edu/~thuff/newtools.html
Network Security Planning -- http://www.reliable.net/ \
security.htm
Prior Planning Precludes Poor Performance: Plans, Policies and Procedures -- http://www.info-sec.com/internet/ \
security/internet_081297c.html-ssi
Publicly Available Mailing Lists -- http://www.neosoft.com/internet/paml/
Rootshell -- http://www.rootshell.com/
Wietse's tools and papers --
ftp://ftp.win.tue.nl/pub/security/index.html n
About the Author
Jim Meritt is currently working for Wang Global, Inc as a Senior Security Analyst, and has been involved with UNIX systems and networking for more than a decade. His email address is: JWMeritt@AOL.com. |