[Techtalk] Security course

Raven, corporate courtesan raven at oneeyedcrow.net
Tue Jan 15 12:11:57 EST 2002

Heya --

Quoth Adric (Mon, Jan 14, 2002 at 07:28:54PM -0500):
> 	I'm working my way through Avi Rubin's White Hat Security 
> Arsenal: Talking the Threats.  It's quite good, and it might serve as 
> a good text to start from.  He spends some time explaining philosophy 
> and theory and then drives into analyzing specific situations and the 
> tools available for securing them, and each section closes with a 
> real world case study.

	Sounds good; I'll take a look at that one too.  (My security
library is going to grow substantially, I can tell.)  Ideally, I think
we'd have a good combination of theory with practice and examples.  The
case studies sound like a good thing.
> 	Another possible is Hacker's Challenge, a book which walks 
> you through 20 "ripped from the headlines" cases as mysteries, with 
> clues throughout and solutions at the end.  (And yes, there are pages 
> of logfiles in several of the problems.)
	Oh, I just got done with that one, and enjoyed it thoroughly.
Its format was novel among security books that I've seen.  I was pleased
that they gave you most of the information the actual sysadmins had, and
the answers in a separate section so you didn't accidentally read too
far until you'd had time to get through all the logfiles, et cetera.
There were a couple of cases where I felt like they should have given
you a bit more of the information in different places, but I'm very much
hoping that they come out with more of the same.  

	The only reason that I was hesitant to suggest that book as a
resource for the class is that only about half the cases are Unix-based
at all, and only about half of those are Linux.  So although I very much
enjoyed the book, I didn't know whether it would contain enough relevant
content for a Linux list.  (Not that I think people would really mind
discussing Solaris | *BSD | AIX | other *nix security either.)

	It's an educational experience, though.  Even if you don't know
much about a particular OS's security, you can often figure out what's
going on and how the hack happened.  Google is your friend.  [grin]  I'm
not an NT/2000/ME/XP admin by any stretch of the imagination, and I
managed to get several of the Microsoft ones right.  And if you can't
figure it out, the explanations at the end not only tell you what
happened, but also point to relevant sections of the logfiles so you'll
know what to look for next time.



More information about the Techtalk mailing list