Wednesday, October 8, 2008

Almost Everything You Ever Wanted To Know About Security

Almost Everything You Ever Wanted To Know About Security*

*(but were afraid to ask!)

This document is meant to answer some of the questions which regularly

appear in the Usenet newsgroups "comp.security.misc" and "alt.security",

and is meant to provide some background to the subject for newcomers to

that newsgroup.

This FAQ is maintained by Alec Muffett (aem@aber.ac.uk, uknet!aber!aem),

with contributions from numerous others [perhaps]. The views expressed

in the document are the personal views of the author(s), and it should

not be inferred that they are necessarily shared by anyone with whom the

author(s) are now, or ever may be, associated.

Many thanks go to (in no particular order): Steve Bellovin, Matt Bishop,

Mark Brader, Ed DeHart, Dave Hayes, Jeffrey Hutzelman, William LeFebvre,

Wes Morgan, Rob Quinn, Chip Rosenthal, Wietse Venema, Gene Spafford,

John Wack and Randall Atkinson.

Disclaimer: Every attempt is made to ensure that the information

contained in this FAQ is up to date and accurate, but no responsibility

will be accepted for actions resulting from information gained herein.

Questions which this document addresses:

Q.1 What are alt.security and comp.security.misc for?

Q.2 Whats the difference between a hacker and a cracker?

Q.3 What is "security through obscurity"

Q.4 What makes a system insecure?

Q.5 What tools are there to aid security?

Q.6 Isn't it dangerous to give cracking tools to everyone?

Q.7 Where can I get these tools?

Q.8 Why and how do systems get broken into?

Q.9 Who can I contact if I get broken into?

Q.10 What is a firewall?

Q.11 Why shouldn't I use setuid shell scripts?

Q.12 Why shouldn't I leave "root" permanently logged on the console?

Q.13 Why shouldn't I create Unix accounts with null passwords?

Q.14 What security holes are associated with X-windows (and other WMs)?

Q.15 What security holes are associated with NFS?

Q.16 How can I generate safe passwords?

Q.17 Why are passwords so important?

Q.18 How many possible passwords are there?

Q.19 Where can I get more information?

Q.20 How silly can people get?

Read more.............

Posted by ADMIN at 11:49 PM  

| Hotlinks: DiggIt! Del.icio.us

0 Comments:

Post a Comment

Subscribe to: Post Comments (Atom)