[Ilugc] resources for network security in linux
- From: girish1729@xxxxxxxxx (Girish Venkatachalam)
- Date: Wed Aug 2 22:57:02 2006
--- Suresh Ramasubramanian <linux@xxxxxxxxxxxxxxxx>
wrote:
On Wed, Aug 02, 2006 at 06:44:51AM -0700, Girish
Venkatachalam wrote:
more about
1) good network design
2) corporate VPN use ( I know only VPN theory)
well - you'd talk about concepts like a bastion
host, dmz, etc.
This is a firewall vendor (netscreen)'s whitepaper
but does spell out a few
of the concepts in quite clear language. Dates back
to 2001 but still ok
http://www.defconpics.org/other/Principles%20of%20Secure%20Network%20Design.pdf
Some cisco press books like this one -
network security basics
http://www.ciscopress.com/articles/article.asp?p=170742
and this -
general design considerations for secure networks
http://www.ciscopress.com/articles/article.asp?p=174313&rl=1
are also worth a read.
The linux NAG has quite a lot of decent resources in
it.
But by far the best book on this that I know of is
"The Practice of System
and Network Administration" by Limoncelli and Hogan
<
http://www.amazon.com/exec/obidos/redirect?link_code=ur2&tag=tomontime-20&camp=1789&creative=9325&path=external-search%3Fsearch-type=ss%26index=books%26keyword=0201702711>
That amazon link is from
http://www.everythingsysadmin.com - the authors'
website, and so I guess the authors get a commission
if you buy that from
amazon. Everythingsysadmin.com has some great
articles in it, worth a read
Or do you want to join me in the talk? I am
somewhat
weak in those topics. It will be great if both of
us
share a two hour slot.
I may not be able to make it this saturday - out of
town. Sometime in the
near future hopefully.
Thanks Suresh. But this much is very clear that there
is no way I am going to be able to talk about these
things just by "bookish" knowledge even if I do find
time to read whatever you sent.
So whichever weekend you are free we can meet. No
issues.
Here is a first cut "syllabus" for the talk. Please do
let me know if you find that ok. I am also zero in
spam and it will be wonderful to learn that as well.
Especially Bayesian filtering and stuff. :-)
Security 101
1) What is authentication?
2) Difference between Symmetric and Asymmetric crypto
3) Threat model and various types of attacks
4) What is RSA? DH? AES? 3DES? Anatomy of ciphering
5) Security on the Internet (securing protocols like
DNS, SMTP, SNMP, HTTP, FTP etc.)
6) Security protocols like SSL,ssh, IPsec
Network Security architecture and design
1) Threat model
2) DMZ, firewalls, proxies
3) Worms, Denial of service attacks on the routers and
TCP/IP infrastructure, discussion about the "Iloveu"
worm(virus?) and few other recent attacks and how you
patched the vulnerabilities
4) VPN design and considerations- implications on
networking, tunneling etc.
5) Spam control theory, architecture of participating
peers and real world examples from Vipul's razor ,
Spamassassin etc...
How you can get started onto the security bandwagon
1) Learn how to use the OpenSSL tool
2) I will demo simple usages of the tool
3) Used for encryption, signing, hashing, keypair
generation, random number generation etc...
Security as a career
1) Where to start and what does the market need?
2) Why security programming will make you a sound
programmer?
3) Need to understand networking very well to
implement security protocols
4) Huge demand for *good* security engineers in the
market. PKI,VPN, networking and crypto knowledge: how
to develop them?
Suresh,
I think I will spend the first 40 minutes intro. Then
you can take over and talk for about 50 minutes. Then
I will demo OpenSSL toolkit and finally wind up with a
light discussion on career options which you should
help me of course.
Friends,
Have I captured everyone's need? Did I miss anything?
Suresh,
Let us first prepare the slides and send them. That
way at least I will get some time to prepare and ppl
can come knowing what to expect and possibly also come
prepared as security waters are very deep...
My suggestion is let us prepare the slides offlist and
send it as one pdf.
Bharathi,
Could you arrange sometime this month or at most early
next month when Suresh is free so we can meet?
Thanks.
warm regards,
Girish
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com ;
Other related posts:
