General discussion

Locked

Computer Security Education

By Al Macintyre ·
Learning how to do a competent job with Computer Security requires continuing education because as technology evolves and our enterprises acquire applications we were previously inexperienced with, the risks also change.

I have amassed many URLs to an abundance of resources to help in this challenge, but I do not like posts by other people that give URLs without much of an explanation of their function, so what I seek by this discussion thread is mini-reviews of the pros & cons of one site over another ? here?s a good place for X ? here?s a better place, and I am hoping that once I have posted some examples, other enthusiasts will add to my collection.

Initially, I plan to structure my posts like the Disaster Avoidance Discussion http://www.TechRepublic.com/forumdiscuss/thread_detail.jhtml?thread_id=17159 although the questions that inspired me to start this discussion were most recently passed to me via the Discussion on Computer Protection Adequacy, whose URL I do not have handy right now ? I plan to do a section later on relevant cross-posts where other TR resources are relevant to this discussion.

This conversation is currently closed to new comments.

37 total posts (Page 1 of 4)   01 | 02 | 03 | 04   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Classic Generals

by Al Macintyre In reply to Computer Security Educati ...

This is my name for resources that should be known to anyone who claims to be a Security Professional. What does not fit on this list & what?s missing?

CERT http://www.cert.org
DOJ http://www.usdoj.gov/criminal/cybercrime/index.html = US Gov Department of Justice Cyber Crime Site
EPIC http://www.epic.org = Electronic Privacy Information Center
ETA? http://www.law.upenn.edu/bll/ulc/ulc_frame.htm Electronic Transaction Legalities adopted by a majority of USA states.
E-sign rules http://www.cybersign.com/news_news.htm#top = Summary of US Gov Federal Electronic Signatures in Global & National Commerce Act
FBI http://www.ifccfbi.gov = US Gov Computer Fraud Complaint Site
FEMA
FTC http://www.ftc.gov/ = US Gov Federal Trade Commission home page
GSA http://www.itpolicy.gsa.gov/ = US Gov IT issues on-ramp
INTERPOL
ITAA http://www.itaa.org

I do not have all the web sites of these places. ? nail down the URLs, understand their function or role. Which is the first place we should go for help for what kind of scenario?

I plan to do individual posts answering these type rhetorical questions, and going into some more detail on the sites cited above, and more in this general category of what I think we who claim to be Security Professionals really ought to be cognizant of.

Collapse -

Top Gov Standards

by Al Macintyre In reply to Classic Generals

Contrary to widespread computer press reporting that no computer can be truly secure, there is such an animal as a computer system that has met high standards of security set by the US Gov Dod, although some action is needed by the buyer of a systemto adhere to those standards. Take a look at

http://www.radium.ncsc.mil/tpep/epl/epl-by-vendor.html

This is a directory, by vendor, of computer systems that have been evaluated by the Trusted Product Evaluation Program (TPEP) & passed certainstandards within the past 3 years rating maintenance cycle. The security criteria these systems met are listed in "Common Criteria for Information Technology Evaluation" (CCITSE) jointly developed by the USA, UK, Germany, France, Canada, and the Netherlands.

26 computer vendors are listed on this directory by vendor, with links at top of list to evaluations indexed by rating class or by product - a little over 60 passed the tests.

This includes such well known combinations as
DEC VAX
IBM AS/400
MS NT
Netware 4+

Many familiar brand names are also conspicuous by their absense.

According to the FAQ on evaluated products, many of the reports are available for downloading & a CD Rom copy of the collection is available from the National Security Agency ... address given in the FAQ.

You might like to go here & see if the computer infrastructure used by your enterprise is listed, then if it is, look at the detail evaluation to see what is needed to make your system truely secure, then engage in a discussion in your business as to whether or not this is something desired by the enterprise.

Collapse -

"Hacker Proof?"

by Al Macintyre In reply to Top Gov Standards

One of the FAQ questions, at the Department of Defense site I cite at

http://www.radium.ncsc.mil/tpep/epl/epl-by-vendor.html

is about "hacker proof" systems.

Basically there are certain well understood threats & some systems have effective assured counter measures, so that the product is vulnerable to less risk than one with no such assurances & the rating system reflects the degree to which a system is protected.

The FAQ goes on to discuss general types of threats such as the "social engineering" of many hackers trying to con personnel into believing that they are authorized users, in which naive users need education to evade insider-related threats.

Collapse -

Federal Cyber Cops

by Al Macintyre In reply to Classic Generals

The Internet Fraud Complaint Center (IFCC) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C). Complaints posted here are referred to whichever law enforcement or regulartory agency has jurisdiction over our complaint ? we do not have to be figuring out whether the right place to contact is the Better Business Bureau, SEC, our local police, Interpol, or some place in between.

http://www.ifccfbi.gov

This team effort offers massive services to individual crime fighting agencies. Just like we can subscribe to a discussion on TR & learn of a hit by someone else where we are interested, the cyber cops can subscribe to notification of any new hits related to folks under investigation.

Collapse -

Gov NIPC

by Al Macintyre In reply to Federal Cyber Cops

The National Infrastructure Protection Center (NIPC) serves as a national critical infrastructure threat assessment, warning,
vulnerability, and law enforcement investigation and response entity. The NIPC provides timely warnings of international
threats, comprehensive analysis and law enforcement investigation and response.

http://www.nipc.gov/

Collapse -

ICSA.net Firewall Certification

by Al Macintyre In reply to Classic Generals

http://www.icsa.net/html/labs/ certifies firewalls, has a list of those
certified, and a buyer's guide with security tips & advice for selecting
firewalls. Their lab has approx 40 different firewalls continuously setup,
against which they test the latest security alert risks as they are
discovered. Their web site lists the approx 40 products that they have
certified, by vendor & by product - you can click on details of their
Firewall Lab Reports for whichever product you interested in & you can download for free a buyer's guide to firewalls.

They also publish Information Security Magazine, have TrueSecure software &
services, run NTBugtraq, and are involved in a bunch of computer security
consortiums described on theirweb site.

Collapse -
by Al Macintyre In reply to Classic Generals

CERT is a center of Internet Security Expertise located at the Software Engineering Institute, a US government funded research and development center operated by Carnegie Mellon University. They provide incident response services to sites that havebeen victims of attack, publish a variety of security alerts, do research & education to help companies improve their computer security.

Their home page has a section with the latest security advisories, there is also a section with most current activity risks, and each quarter they issue a summary to draw attention to recent frequency of different types.

Past summaries are available from www.cert.org/summaries/

Collapse -

Novice Introductions

by Al Macintyre In reply to Computer Security Educati ...

These are the general computer support places for beginners to the challenges of computer security issues, be they small business or consumers. Here are some xamples of what I am referring to & I plan to so individual posts reviewing these type places & I invite other folks to add to this collection.

http://www.askme.com = TR style Q+A for non-technical topics.

http://ciac.llnl.gov/ciac/CIACChainLetters.html = explanations of the most prevalent Chain Letters circulating the internet

http://www.cybercrime.com/ = Click on Message Boards ? this is a wide ranging discussion hosted by ZD Net, many of whose participants are below the tech level we often expect to see on TR.

http://www.smartcomputing.com = One of the better publications for computing beginners I think. They may not include all products in their reviews, but they explain concepts for people new to anything.

http://www.urbanlegends.com - stuff that far too many people are taken in by.

Collapse -

Cyber Crime Treaty Issues

by Al Macintyre In reply to Novice Introductions

An International Treaty on Cyber Crime seems close to signing by Euripean Union, USA, Canada, Japan, and other nations. It is needed because of the high volume of activities via the internet that are illegal in one nation but legal in another, so the relevant laws need to be harmonized so nations can do a better job fighting pornography, hacking, fraud, identify theft, viruses & other problems.

Information on this treaty can be found at

http://www.usatoday.com/life/cyber/zd/zd7.htmand

www.SecurityFocus.com

The latter site also has news of other events of security interest.

Opposition to the treaty may get the phraseology adjusted to satisfy various concerns.

Initial phraseology seems to ban some tools that now areessential to security experts verifying adequacy of security, because they are popular in the hands of intruders, rather than defining hacking into a site without permission of the site as being the banned activity.

There is concern that languagetelling ISPs to copy traffic, so that law enforcement can study what is now considered by some people to be private communications to help resolve issues of pornography, spam, Denial of Service attacks, viruses & so forth, means that ISPs will have to buy more hard disk to satisfy this new legal requirement.

In some cases the treaty will mean that stuff that is illegal in our country will now also be illegal in others, while in some cases it will mean that stuff that was legal here, will nowbe illegal. Likewise the powers of the police will change. Some people are concerned that this will adversely impact traditional constitutional checks & balances. This concern is shared by people in the USA & Britain.

Collapse -

e-mail not just attachments

by Al Macintyre In reply to Novice Introductions

Thanks to a link in the Gadwall Group Cynical CIO newsletter http://www.gadwall.com/publishing/subjectindices.html
I found out about a great article on CNET about the state-of-art of Malicious e-Mail
http://enterprise.cnet.com/enterprise/0-9567-7-3780311.html

This is an excellent overview of problems associated
with viruses and email. It opens with some
statistics and a general discussion, then
focuses on viruses transmitted via .exe and .vbs
attachments, HTML email messages, and rogue HTML links.

Back to Security Forum
37 total posts (Page 1 of 4)   01 | 02 | 03 | 04   Next

Related Discussions

Related Forums