Increasing security knowledge
+ Reply to Thread
Posts 1 to 9 of 9
  1. #1

    Still gathering requirements...


    Join Date
    Jul 2006
    Posts
    63
    Thanks (Given)
    0
    Thanks (Received)
    0
    Likes (Given)
    0
    Likes (Received)
    0

    Default Increasing security knowledge

    Hello - my background is as a Unix Administrator, but I am currently on a project involving a lot of security work (with ssh, ssl, Apache2 and Weblogic). I'd like to learn more about security and maybe make this a long term speciality. Does any have any recommendations of books or websites to learn more (particularly orientated towards linux/unix).

    I have already read the following for general background:

    The Code Book (Simon Singh)
    Cryptography: A Very Short Introduction

    But I am looking for something that is a bit more related to 'plumbing' things together, and I don't for example want to read an O'Reilly SSH book from cover to cover.

    Any info greatly recieved.

  2. #2

    Pilchard

    Cliphead's Avatar
    Join Date
    Nov 2005
    Location
    55°51'N, 04°12'W
    Posts
    9,656
    Thanks (Given)
    16
    Thanks (Received)
    12
    Likes (Given)
    140
    Likes (Received)
    128

    Default

    Why not start with router security / firewalls?

  3. #3

    Super poster

    Incognito's Avatar
    Join Date
    Jun 2008
    Posts
    3,010
    Thanks (Given)
    0
    Thanks (Received)
    5
    Likes (Given)
    0
    Likes (Received)
    6
    "I hope Celtic realise that, if their team is good enough, they will win. If they're not good enough, they'll not win - and they can't look at anybody else, whether it is referees or any other influence." - Walter Smith

    On them! On them! They fail!

  4. #4

    TykeLike

    SimonMac's Avatar
    Join Date
    Aug 2010
    Location
    God's Own Republic Of Yorkshire
    Posts
    22,206
    Thanks (Given)
    226
    Thanks (Received)
    1132
    Likes (Given)
    809
    Likes (Received)
    2987

    Default

    I've just signed up to do a distance learning Masters in Info Secuirty
    “Live a good life. If there are gods and they are just, then they will not care how devout you have been, but will welcome you based on the virtues you have lived by. If there are gods, but unjust, then you should not want to worship them. If there are no gods, then you will be gone, but will have lived a noble life that will live on in the memories of your loved ones.”

    ― Marcus Aurelius

  5. #5

    Nice But Dim

    DaveB's Avatar
    Join Date
    Oct 2005
    Posts
    18,785
    Thanks (Given)
    42
    Thanks (Received)
    799
    Likes (Given)
    368
    Likes (Received)
    2417

    Default

    Quote Originally Posted by reddog View Post
    Hello - my background is as a Unix Administrator, but I am currently on a project involving a lot of security work (with ssh, ssl, Apache2 and Weblogic). I'd like to learn more about security and maybe make this a long term speciality. Does any have any recommendations of books or websites to learn more (particularly orientated towards linux/unix).

    I have already read the following for general background:

    The Code Book (Simon Singh)
    Cryptography: A Very Short Introduction

    But I am looking for something that is a bit more related to 'plumbing' things together, and I don't for example want to read an O'Reilly SSH book from cover to cover.

    Any info greatly recieved.
    Security is a huge field, from policy and risk to hardcore techie stuff like cryptography and forensics. Pick the bit that interests you and get involved in as much of it as you can. The best way to learn is to do, just like anything else in IT, and will look much better on your CV than qualifications without the experience to back them up.

    If you have the kit available at home have a play with setting up secure connections, PKI, Certificates etc if you want to get into the plumbing side of things. Actually doing it, and looking for solutions to real problems, will teach you a lot moer than just reading a book.
    "Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.

  6. #6

    Still gathering requirements...


    Join Date
    Jul 2006
    Posts
    63
    Thanks (Given)
    0
    Thanks (Received)
    0
    Likes (Given)
    0
    Likes (Received)
    0

    Default

    thanks - I think I'll build some VM's and play around rather than concentrating on theory. Its quite strange though, most books seem to be written in the 90's or very early 2000's. I would have thought there would have been some slightly more up to date literature!

  7. #7

    Fingers like lightning


    Join Date
    Jan 2011
    Posts
    623
    Thanks (Given)
    8
    Thanks (Received)
    4
    Likes (Given)
    16
    Likes (Received)
    23

    Default

    Like others have said security is big and also covers putting nets/locks in windows so that people don't smuggle USB stick through windows

    But really nowadays when you look at what people do is Webapps over HTTP so focus on Application layer security, deep packet inspection, learn how to deal with SSL certificates and set up HTTPS properly and that's it.
    The lower OSI layers are already mature and it's a bit irrelevant if they're secure or not if higher up you're encrypting properly...

  8. #8

    Nice But Dim

    DaveB's Avatar
    Join Date
    Oct 2005
    Posts
    18,785
    Thanks (Given)
    42
    Thanks (Received)
    799
    Likes (Given)
    368
    Likes (Received)
    2417

    Default

    Quote Originally Posted by yasockie View Post
    Like others have said security is big and also covers putting nets/locks in windows so that people don't smuggle USB stick through windows

    But really nowadays when you look at what people do is Webapps over HTTP so focus on Application layer security, deep packet inspection, learn how to deal with SSL certificates and set up HTTPS properly and that's it.
    The lower OSI layers are already mature and it's a bit irrelevant if they're secure or not if higher up you're encrypting properly...
    No need to go near the windows. Just drop them in the carpark or send them to people as promotional freebies.

    If you are feeling really devious you could try something like this....

    Netragard’s Hacker Interface Device (HID). | Netragard's SNOsoft Research Team
    "Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.

  9. #9

    More time posting than coding

    worzelGummidge's Avatar
    Join Date
    Jul 2009
    Location
    Bristol Field, second to the left.
    Posts
    368
    Thanks (Given)
    2
    Thanks (Received)
    7
    Likes (Given)
    0
    Likes (Received)
    18

+ Reply to Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Content Relevant URLs by vBSEO 3.6.0 ©2011, Crawlability, Inc.