Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security - How Can you Learn Internet Self-Defense?

Posted by Cliff on from the protecting-one's-boxen dept.

notacracker asks: "A friend and I are trying to learn about network security. I figure it would be more fun if we set up a two machine local area network, and practiced breaking in and detecting break-ins. But where to start ? It's easy enough to find a cookbook (eg O'Reilly) on security, but where is the equivalent to an O'Reilly book on cracking and actively defending a system? It sounds like someone has been toying with this idea over at ZDNet as well. You might want to check out their free-for-all hackfest on OpenHack.com (thanks to Tarsi for the link).

5 of 13 comments (clear)

  1. Network Intrusion Detection : An Analysis Handbook by lw54 · · Score: 3
    I highly recommend Network Intrusion Detection : An Analysis Handbook. It has been reviewed on slashdot too. I have a lot of respect for Stephen Northcutt and his book is extrememly easy to read with lots of case studies.

    I highly recommend this book. I enjoyed every minute of it and I feel that people can get a lot out of this book no matter what their security knowledge is.

  2. hacker pages. by crovax · · Score: 3

    L0pht Heavy Industries
    Cult of the dead cow
    Happyhacker.org
    Infiltration.org
    hackers.com
    Hacker news
    attrition.org
    AntiOnline
    AntiCode
    phrack
    2600
    Many of these pages contain arhives that have documents on cracking networks and such.
    Vast documents on cracking NT servers.
    A few of these are not really related but fun any how.
    And the archives also contain many documents on system defence.
    -----
    If my facts are wrong then tell me. I don't mind.

  3. Maximum Security (SAMS) by barbaBob · · Score: 3
    I've got 'Maximum Security : A hacker's guide to protecting your internet site and network' which is a pretty good book. Published by SAMS, and thicker than the NT Workstation Resource Kit ;)

    Highly recommended; the 'Cracked!' series of features from rootprompt.org. Look in the 'Features' sidebar.

    bBob

    --

    --

    --
    *sig*

  4. Inoshiro at Kuro5hin by Pseudonymus+Bosch · · Score: 3

    Inoshiro publishes a series on practical Linux security at Kuro5hin.
    __

    --
    __
    Men with no respect for life must never be allowed to control the ultimate instruments of death.
    GW Bu
  5. Where I am by matman · · Score: 2

    Well, so far, I've read Northcut's "Network Intrusion Detection: An Analysts Handbook" and I found it good, but fairly focused on Intrusion Detection - hence the title.

    I think that first its very important to have a good grasp of all network operations. This is for a number of reasons - basically, if you dont know what's normal, you dont know what's not. There are also a lot of vulnerabilities that arrise out of a combination of configurations, etc. These really require a good grip on the technologies to be able to forcast.

    To be a really good security person requires a lot of experience as an administrator. To me, it's either management, or security after system administration.