Security

Whitepapers & Publications at the honeynet project: http://www.honeynet.org/papers/

Good discussion of how and more importantly, WHY you must secure your system. There's a whole sub-culture of people devoted to hacking systems - more to the point, they've created scripts and programs to allow nearly anyone, even those who are very un-sophisticated, to very effectively compromise a system, hide the fact that they've done so, then use your system as a springboard to bigger and better things. Highly recommended.

The Ethereal Network Analyzer

A LAN monitor/analyzer - allows viewing of traffic on a LAN. Download it, install it, start it up. Make a connection to your server over the LAN using telnet, rsh, rlogin - watch everything you do INCLUDING THE PASSWORDS appear totally un-encrypted. Then imagine someone not as nice as you doing the same. Then use some of the links below.

Encryption and Security-related Resources

A large collection of links.

SSH Protocols and Secure Shell

One commonly used suite of software to secure connections made across insecure networks. Free for strictly non-commercial use (at least the version 1.* is).

OpenSSH is a FREE version of the SSH suite

Truly free, both as in 'free beer' and 'free speech'. With the expiration of the RSA patents, this may (I am not a lawyer) now be legal for all uses, including commercial.

putty

Free (in the GNU sense) ssh client for Windows. I use this one (my employer still requires Windows use - I'm working on it). It's pretty good.



last modified 20030327 - r. niederman