
<html><head><title>Security Talk</title></head>

<body bgcolor="#c0c0c0"><font face="helvetica" color="#404040">


<h1 align=center>Security: welcome to the Grey Zone</h1>


<h2>Topics Covered</h2>


<p align=center><blink>links in this section not yet functional</blink></p>


<ul><li><a href="basictypes.html">Basic Types</a> of security</li>


<li><a href="network.html">Network-based</a> security</li>


<li><a href="host.html">Host-based</a> security</li>


<li>Types of <a href="attackers.html">attackers</a> likely to test your

security</li>


<li><a href="social.html">Social</a> security</li></ul>


<h2>Links</h2>


<h3>Useful security sites</h3>


<p>Is your favourite security site missing? Then

<a href="mailto:leon@brooks.smileys.net">mail it</a> to me.


<ul>


<li><a href="http://www.cert.org">CERT</a> - Computer Emergency Response

Team - join their list for prompt warning of vulnerabilities, much good

advice on compromises and recovery</li>


<li><a href="http://www.auscert.org.au/">AusCERT</a> - local CERT branch,

mail probe reports etc here</li>


<li><a href="http://www.securityfocus.com/">Security Focus</a> - useful

articles, particularly on Linux</li>


<li><a href="http://rootprompt.org/">RootPrompt</a> - Unix-specific security

advice, exploit source, many useful links</li>


</ul>


<h3>Interesting articles on security</h3>


<ul>


<li>An <a href="http://www.isp-planet.com/equipment/ssh_intro.html">introduction

to SecureSHell, including a brief description of a "circuit level" encrypted

VPN (Virtual Private Network)</li>


<li><a href="http://www.linux.com/security/newsitem.phtml?sid=11&aid=8999">Spoofing</a>

TCP/IP addresses</li>


<li>Cracked! How a site was broken into, what the administrator did to track

the intruder, what happened afterwards:

<a href="http://rootprompt.org/article.php3?article=403">Part 1: finding

out</a> - <a href="http://rootprompt.org/article.php3?article=422">Part 2:

watching the cracker</a> -

<a href="http://rootprompt.org/article.php3?article=467">Part 3: tracking

down</a> - <a href="http://rootprompt.org/article.php3?article=493">Part 4:

a sniffer on the loose</a> -

<a href="http://rootprompt.org/article.php3?article=536">Part 5: rebulding

the network</a> - more to follow</li>


<li><a href=http://www.linuxfreak.org/article.php?id=442">Monitoring</a>

your Linux machine</li>


<li><a href="http://www.bsdtoday.com/2000/June/Features192.html">Delegating</a>

tasks with sudo</li>


<li>About <a href="http://www.linux.com/security/newsitem.phtml?sid=11&aid=8921">sniffing</a></li>


<li>Know Your Enemy: <a href="http://rootprompt.org/article.php3?article=159">Part 1:

about script kiddies</a> -

<a href="http://rootprompt.org/article.php3?article=167">Part 2: detection

and alalysis</a> -

<a href="http://rootprompt.org/article.php3?article=186">Part 3: they gain

root</a> - <a href="http://rootprompt.org/article.php3?article=520">Part 4:

anatomy of an attack</a> -

<a href="http://rootprompt.org/article.php3?article=210">Part 5: building a

honeypot</a></li>


<li><a href="http://www.justlinux.com/bin/feature/story.pl?fid=2289899">Newbie</a>

security tips</li>


<li>SANS picks a <a href="http://www.sans.org/topten.htm">Top Ten Security

Risks</a> list</li>


<li>A <a href="http://www.linuxsecurity.com/feature_stories/feature_story-47.html">discussion

of security auditing</a> featuring the man who broke apache.org</li>


<li><a href="ftp://ftp.rubyriver.com/pub/jhardin/antispam/procmail-security.html">Improving</a>

email security with procmail</li>


<li>The experience of

<a href="http://www.justlinux.com/bin/feature/story.pl?fid=1929218">having

your home network cracked</a></li>


<li>Sun describes

<a href="http://www.sunworld.com/sunworldonline/swol-05-2000/swol-05-security.html">the

hacker's toolchest</a></li>


<li>A pessimistic (realistic?) view of

<a href="http://securityportal.com/closet/closet20000510.html">securing your

system</a></li>


<li><a href="http://www.securityfocus.com/focus/linux/articles/linux-bunker.html">Basic

Linux firewallling</a></li>


<li>A

<a href="http://linux.about.com/compute/linux/library/weekly/aa042800c-a1.htm">Linux

workstation security primer</a></li>


<li><a href="http://rootprompt.org/article.php3?article=396">Operating

System Fingerprinting</a> explained</li>


</ul>


<h3>Security and Admin Related Articles</h3>


<ul>


<li><a href="http://www.linuxfreak.org/article.php?id=434">Analysing

logs</a> with the Webalizer</li>


<li><a href="http://www.samag.com/archive/0906/feature.shtml">Setting

up</a> LPRng (more secure and featureful printing)</li>


<li><a href="http://rootprompt.org/article.php3?article=473">Secure

deletion</a> of data</li>


<li><a href="http://rootprompt.org/article.php3?article=449">Log

filtering</a>: making the machine do the work</li>


<li><a href="http://rootprompt.org/article.php3?article=432">Assessing</a> a

crypto package</li>


</ul>


</font></body></html>