Published November 24th, 2004 by Jim O'Halloran
Security Roundup
Now that I’ve finally has a chance to catch up on the backlog in my aggregator I’ve found several useful articles related to the topic of securtiy.
The first from Techworld, introduces the reader to encryption topics. If anytone in my classes is struggling with encryption and GPG, this article may help.
However cryptography is jargon-heavy even by the discouraging standards of the IT world – symmetric and asymmetric cryptosystems, public versus private keys, digital signatures, hash algorithms, RSA, DES, Rijndael, PGP, MD5, SHA-1, https, secure sockets, Camellia, IDEA; what does it all mean?
The SecurityFocus article “Issues Discovering Compromised Machines” provides an excellent overview ov various techniques and the problems associated with detecting compromised machines. Well worth reading!
I decided to look at the problem of reliably discovering the compromised machines on corporate networks. Reliability is of key importance here as there are lots of ways to obtain a suspicion that the machine is “owned” or infected, but sadly there are few truly reliable ways to discover that short of full forensic analysis
If there was ever any doubt about the need to deal with compromised machines then this paper from the Honeynet project should fix that. Profile: Automated Credit Card Fraud looks at the use of IRC bots to compromise eCommerce sites, obtain Credit Card numbers and verify their validity. The level of automation here is pretty amazing.
Finally, there’s the first two parts of the Securing Linux series from IBM’s DeveloperWorks.
Only the paranoid survive, and that is no less true when securing Linux® systems as any other. Fortunately, a host of security features are built into the kernel, are packaged with one of the many Linux distributions, or are available separately as open source applications. The first in a series, this article starts you on your way to understanding security concepts and potential threats, and sets the stage for what you really need to know: how to secure and harden a Linux-based installation.
Part 1: Introduction - covers the basics. Integrity, Confidentiality and Availability.
Part 2: Planning the installation delves a little deeper, looking at topics such as Security Planning and Inventory Assesment, before looking at the importance of installing from known “clean” sources.