<html><head><title>Security Talk</title></head>
<body bgcolor="#c0c0c0"><font face="helvetica" color="#404040">
<h1 align=center>Security: welcome to the Grey Zone</h1>
<h2>Topics Covered</h2>
<p align=center><blink>links in this section not yet functional</blink></p>
<ul><li><a href="basictypes.html">Basic Types</a> of security</li>
<li><a href="network.html">Network-based</a> security</li>
<li><a href="host.html">Host-based</a> security</li>
<li>Types of <a href="attackers.html">attackers</a> likely to test your
security</li>
<li><a href="social.html">Social</a> security</li></ul>
<h2>Links</h2>
<h3>Useful security sites</h3>
<p>Is your favourite security site missing? Then
<a href="mailto:leon@brooks.smileys.net">mail it</a> to me.
<ul>
<li><a href="http://www.cert.org">CERT</a> - Computer Emergency Response
Team - join their list for prompt warning of vulnerabilities, much good
advice on compromises and recovery</li>
<li><a href="http://www.auscert.org.au/">AusCERT</a> - local CERT branch,
mail probe reports etc here</li>
<li><a href="http://www.securityfocus.com/">Security Focus</a> - useful
articles, particularly on Linux</li>
<li><a href="http://rootprompt.org/">RootPrompt</a> - Unix-specific security
advice, exploit source, many useful links</li>
</ul>
<h3>Interesting articles on security</h3>
<ul>
<li>An <a href="http://www.isp-planet.com/equipment/ssh_intro.html">introduction
to SecureSHell, including a brief description of a "circuit level" encrypted
VPN (Virtual Private Network)</li>
<li><a href="http://www.linux.com/security/newsitem.phtml?sid=11&aid=8999">Spoofing</a>
TCP/IP addresses</li>
<li>Cracked! How a site was broken into, what the administrator did to track
the intruder, what happened afterwards:
<a href="http://rootprompt.org/article.php3?article=403">Part 1: finding
out</a> - <a href="http://rootprompt.org/article.php3?article=422">Part 2:
watching the cracker</a> -
<a href="http://rootprompt.org/article.php3?article=467">Part 3: tracking
down</a> - <a href="http://rootprompt.org/article.php3?article=493">Part 4:
a sniffer on the loose</a> -
<a href="http://rootprompt.org/article.php3?article=536">Part 5: rebulding
the network</a> - more to follow</li>
<li><a href=http://www.linuxfreak.org/article.php?id=442">Monitoring</a>
your Linux machine</li>
<li><a href="http://www.bsdtoday.com/2000/June/Features192.html">Delegating</a>
tasks with sudo</li>
<li>About <a href="http://www.linux.com/security/newsitem.phtml?sid=11&aid=8921">sniffing</a></li>
<li>Know Your Enemy: <a href="http://rootprompt.org/article.php3?article=159">Part 1:
about script kiddies</a> -
<a href="http://rootprompt.org/article.php3?article=167">Part 2: detection
and alalysis</a> -
<a href="http://rootprompt.org/article.php3?article=186">Part 3: they gain
root</a> - <a href="http://rootprompt.org/article.php3?article=520">Part 4:
anatomy of an attack</a> -
<a href="http://rootprompt.org/article.php3?article=210">Part 5: building a
honeypot</a></li>
<li><a href="http://www.justlinux.com/bin/feature/story.pl?fid=2289899">Newbie</a>
security tips</li>
<li>SANS picks a <a href="http://www.sans.org/topten.htm">Top Ten Security
Risks</a> list</li>
<li>A <a href="http://www.linuxsecurity.com/feature_stories/feature_story-47.html">discussion
of security auditing</a> featuring the man who broke apache.org</li>
<li><a href="ftp://ftp.rubyriver.com/pub/jhardin/antispam/procmail-security.html">Improving</a>
email security with procmail</li>
<li>The experience of
<a href="http://www.justlinux.com/bin/feature/story.pl?fid=1929218">having
your home network cracked</a></li>
<li>Sun describes
<a href="http://www.sunworld.com/sunworldonline/swol-05-2000/swol-05-security.html">the
hacker's toolchest</a></li>
<li>A pessimistic (realistic?) view of
<a href="http://securityportal.com/closet/closet20000510.html">securing your
system</a></li>
<li><a href="http://www.securityfocus.com/focus/linux/articles/linux-bunker.html">Basic
Linux firewallling</a></li>
<li>A
<a href="http://linux.about.com/compute/linux/library/weekly/aa042800c-a1.htm">Linux
workstation security primer</a></li>
<li><a href="http://rootprompt.org/article.php3?article=396">Operating
System Fingerprinting</a> explained</li>
</ul>
<h3>Security and Admin Related Articles</h3>
<ul>
<li><a href="http://www.linuxfreak.org/article.php?id=434">Analysing
logs</a> with the Webalizer</li>
<li><a href="http://www.samag.com/archive/0906/feature.shtml">Setting
up</a> LPRng (more secure and featureful printing)</li>
<li><a href="http://rootprompt.org/article.php3?article=473">Secure
deletion</a> of data</li>
<li><a href="http://rootprompt.org/article.php3?article=449">Log
filtering</a>: making the machine do the work</li>
<li><a href="http://rootprompt.org/article.php3?article=432">Assessing</a> a
crypto package</li>
</ul>
</font></body></html>