• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!
Collapse

You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:

  • You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
  • You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
  • If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

Previously on "Increasing security knowledge"

Collapse

  • worzelGummidge
    replied
    SANS: Computer Security Training, Network Security Research, InfoSec Resources

    Leave a comment:


  • DaveB
    replied
    Originally posted by yasockie View Post
    Like others have said security is big and also covers putting nets/locks in windows so that people don't smuggle USB stick through windows

    But really nowadays when you look at what people do is Webapps over HTTP so focus on Application layer security, deep packet inspection, learn how to deal with SSL certificates and set up HTTPS properly and that's it.
    The lower OSI layers are already mature and it's a bit irrelevant if they're secure or not if higher up you're encrypting properly...
    No need to go near the windows. Just drop them in the carpark or send them to people as promotional freebies.

    If you are feeling really devious you could try something like this....

    Netragard’s Hacker Interface Device (HID). | Netragard's SNOsoft Research Team

    Leave a comment:


  • yasockie
    replied
    Like others have said security is big and also covers putting nets/locks in windows so that people don't smuggle USB stick through windows

    But really nowadays when you look at what people do is Webapps over HTTP so focus on Application layer security, deep packet inspection, learn how to deal with SSL certificates and set up HTTPS properly and that's it.
    The lower OSI layers are already mature and it's a bit irrelevant if they're secure or not if higher up you're encrypting properly...

    Leave a comment:


  • reddog
    replied
    thanks - I think I'll build some VM's and play around rather than concentrating on theory. Its quite strange though, most books seem to be written in the 90's or very early 2000's. I would have thought there would have been some slightly more up to date literature!

    Leave a comment:


  • DaveB
    replied
    Originally posted by reddog View Post
    Hello - my background is as a Unix Administrator, but I am currently on a project involving a lot of security work (with ssh, ssl, Apache2 and Weblogic). I'd like to learn more about security and maybe make this a long term speciality. Does any have any recommendations of books or websites to learn more (particularly orientated towards linux/unix).

    I have already read the following for general background:

    The Code Book (Simon Singh)
    Cryptography: A Very Short Introduction

    But I am looking for something that is a bit more related to 'plumbing' things together, and I don't for example want to read an O'Reilly SSH book from cover to cover.

    Any info greatly recieved.
    Security is a huge field, from policy and risk to hardcore techie stuff like cryptography and forensics. Pick the bit that interests you and get involved in as much of it as you can. The best way to learn is to do, just like anything else in IT, and will look much better on your CV than qualifications without the experience to back them up.

    If you have the kit available at home have a play with setting up secure connections, PKI, Certificates etc if you want to get into the plumbing side of things. Actually doing it, and looking for solutions to real problems, will teach you a lot moer than just reading a book.

    Leave a comment:


  • SimonMac
    replied
    I've just signed up to do a distance learning Masters in Info Secuirty

    Leave a comment:


  • Incognito
    replied
    Fill yer boots man.

    Amazon.co.uk: CISSP / SSCP recommended reading from www.isc2.org

    Leave a comment:


  • Cliphead
    replied
    Why not start with router security / firewalls?

    Leave a comment:


  • reddog
    started a topic Increasing security knowledge

    Increasing security knowledge

    Hello - my background is as a Unix Administrator, but I am currently on a project involving a lot of security work (with ssh, ssl, Apache2 and Weblogic). I'd like to learn more about security and maybe make this a long term speciality. Does any have any recommendations of books or websites to learn more (particularly orientated towards linux/unix).

    I have already read the following for general background:

    The Code Book (Simon Singh)
    Cryptography: A Very Short Introduction

    But I am looking for something that is a bit more related to 'plumbing' things together, and I don't for example want to read an O'Reilly SSH book from cover to cover.

    Any info greatly recieved.

Working...
X