Mark Jacobson's Links to Security Info

Computer and Network Security Links

Cybersecurity and you
Five tips for home and small business users.

DeepSight Analyzer.
How many threats have been detected in the last 7 days?
How many were detected in Europe? ...Australia? ...North America?

UMR Trustworthy Systems Lab.
University of Missouri-Rolla

Computer Security Institute.
CSI around since 1974. NetSec conference every June.

SmartGATE.

Firewall products.

FAQ.
Marcus Ranum/Matt Curtin's Frequently Asked Questions on Firewalls.

Idaho CS423/523.
Deborah Frinke's Network Security class

RSA Security.
Good Time magazine article on Beating the Snoops. The need for encryption for wireless networking and the RSA solution to WEPCrack and AirSnort.

RSA encryption.
Detailed information about how it (RSA cipher and encryption algorithm) works. Quite technical.

Firewall products.
Critique of IPSec protocol.
Crytographic evaluation of IPSec protocol by Bruce Schneier.

Counterpane Internet Security, Inc.
4,000 events per second processed? Monitoring the internet and networks for suspicious activity requires lots of processing power, software tools and expertise.

War Games movie.
Way ahead of its time predicting problems with Internet security.

Hijacking a session using Hunt software to achieve intrusion.
Attack scenario explained in 15 steps.

Security Administrator Tool for Analyzing Networks.
SATAN was written because we realized that computer systems are becoming more and more dependent on the network, and at the same becoming more and more vulnerable to attack via that same network.

For each type or problem found, SATAN offers a tutorial that explains the problem and what its impact could be. The tutorial also explains what can be done about the problem: correct an error in a configuration file, install a bugfix from the vendor, use other means to restrict access, or simply disable service.

SATAN collects information that is available to everyone on with access to the network. With a properly-configured firewall in place, that should be near-zero information for outsiders.

Breaking into your site.
Goal: Improving security by finding the vulnerabilities and fixing them. The uebercracker (Nietzsche reference).

We will illustrate that even seemingly harmless network services can become valuable tools in the search for weak points of a system, even when these services are operating exactly as they are intended to.

dsniff.
Another tool available for sniffing network packets
  1. Using a Honeypot to watch and surveil intruders could land you in jail or a big lawsuit???

  2. Pretty Good Privacy, aka via TLA as PGP.

  3. Shortcut to Cryptography. More links that you could ever need.