Ron;
If I may quote from the "About the Author" page in the book "Real World Linux
Security, By Bob Toxen.
"Bob Toxen counts his recognition as one of the 168 developers of Berkeley UNIX,
among his accomplishments during six years of Linux experience and 26 years of UNIX
experience. As an undergraduate there in in the late 70's, he learned about security
by breaking into the UNIX systems, successfully evading such system administrators as
Jeff Schriebmann, Bill Joy and Bob Kridle; they later founded Unisoft, Sun and Mt.
Xinu. He was one of four developers who did the initial port of UNIX to the Silicon
Graphics hardware and has hacked the kernel of a C2-compliant secure UNIX system.
Bob was the architect of the client/server system that NASA's Kennedy Space Center
uses to communicate with the 3000 PC's used to store and retrieve the 900 GB of
documents pertaining to space shuttle Payloads..."
You should really try this book. Good read.
Rusty
Ron DuFresne wrote:
> who's "Bob Toxen"? master of what?
>
> Thanks,
>
> Ron DuFresne
>
> On Thu, 29 Mar 2001, Rusty wrote:
>
> > Mark;
> >
> > If you really want to learn how to harden a system (non-Mickeysoft) let me
> > suggest you purchase a copy of Linux Security by Bob Toxen, ISBN 0-13-028187-5.
> >
> > This book is from a master and is not just informational. It is a workbook,
> > step by step instruction on how to make it very difficult for a cracker to
> > exploit your machine.
> >
> > Rusty
> >
> > Mark Andrich wrote:
> >
> > > I'm in a similar situation myself..... The most useful resources I've found
> > > are the following:
> > >
> > > 1. This list.... I'll pick a topic and begin exploring.
> > >
> > > 2. www.sans.org - Their online courses (begin with security kickstart) have
> > > a good amount of relevant material compared to most of the other online
> > > training I've tried. They've also got a reading room chock full of good
> > > techie stuff. Lastly, Stephen Northcutt has a book called Network Intrusion
> > > Detection - An Analysts Handbook, definitely worth reading.
> > >
> > > 3. packetstrom.securfiy.com - Message forums, tools (mostly Linux, some
> > > wintools)
> > >
> > > 4. Other books: Hacking Exposed 2nd Edition, TCP/IP Illustrated, The
> > > Complete Hacker's Handbook(More of a history book so far...) - All are worth
> > > reading.
> > >
> > > 5. Lastly, Any literature you'll pick up will stress knowledge about TCP/IP.
> > > Download some analyzing tools like WinDump and start checking out the
> > > packets on your network.
> > >
> > > As for test sites... Unless you have written permission, don't risk playing
> > > around with someone else's machine. Your best bet is to set up your own home
> > > network and go nuts on it. (I started about a year ago with one windows 98
> > > machine and now have win98, WinME, WinNTBO, Linux, Mac). This really is the
> > > best way to learn.
> > >
> > > Hope this helps!
> > >
> > > Mark
> > >
> > > > -----Original Message-----
> > > > From: Gary Jones [SMTP:[EMAIL PROTECTED]]
> > > > Sent: Thursday, March 29, 2001 9:27 AM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: Re: Firewalls-Digest V8 #1568
> > > >
> > > > I am VERY new to this mail list! I am a post-grad
> > > > working in Network Administration. My home PC is a
> > > > Win-ME system with a software firewall (Norton). At
> > > > work I am responsible for 50 machines running NT 4.0,
> > > > with a hardware firewall between the Cisco router and
> > > > my NT server. (2 cards in proxy server).
> > > >
> > > > I have recently been reading "A hackers guide to
> > > > protecting your internet site & network", although I
> > > > am unsure of the intentions of the author I have found
> > > > it a valuable and eye - opening resource.
> > > >
> > > > However, reading through this mail - there are many
> > > > areas I do not have a clue about!
> > > >
> > > > My question to the group is simple - Where do I start
> > > > ?
> > > > I want to learn as much about security on the net as
> > > > possible and would prefer to experiment on my home box
> > > > - before I implement anything at work.
> > > >
> > > > Additionally does anybody know anything about possible
> > > > test sites out there in the void? is there a location
> > > > that you can practice cracking on - if I learn to
> > > > compromise security I can learn to protect my network!
> > > >
> > > > Although I have Uni education - education on security
> > > > was sadly lacking.
> > > >
> > > > Please point me in the right direction!
> > > >
> > > > Thanks to all who take the time to read this.
> > > > Kind Regards
> > > > Gary Jones
> > > >
> > > > ____________________________________________________________
> > > > Do You Yahoo!?
> > > > Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
> > > > or your free @yahoo.ie address at http://mail.yahoo.ie
> > > > -
> > > > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > > > "unsubscribe firewalls" in the body of the message.]
> > > -
> > > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > > "unsubscribe firewalls" in the body of the message.]
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> "Cutting the space budget really restores my faith in humanity. It
> eliminates dreams, goals, and ideals and lets us get straight to the
> business of hate, debauchery, and self-annihilation." -- Johnny Hart
> ***testing, only testing, and damn good at it too!***
>
> OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
