Use the 'Net to Secure Your Nete

James W. Meritt

As you have no doubt seen in the popular media, security throughout the 'Net is almost a lost cause. There are three obvious reasons for this: "Don't care", "Don't know", and "Don't have the resources" to secure the network even if you did care and did know. Reading this article somewhat belies the "don't care" part, and I hope to furnish information to help the "don't know". Since there is much you can do for little or no money, there may be some help here for the "don't have", too. The following sites are ones that I have found to be most informative and most stable (they have been there and up every time I've checked for years). There are many, many other security-related resources on the 'Net, but these should furnish a good start.

Official Sites

There is an assortment of official sites with a great deal of information on network security. Among them is the Computer Security Institute, which is the oldest international membership organization offering training specifically targeted to information security professionals at:

http://www.gocsi.com/

The Computer Security Resource Clearinghouse at:

http://csrc.ncsl.nist.gov/

is designed to collect and disseminate computer security information and resources to help users, systems administrators, managers, and security professionals better protect their data and systems.

The Department of Energy Information server at:

http://doe-is.llnl.gov/index.html

is designed to enhance information security data sharing. Their Computer Incident Advisory system is at:

http://ciac.llnl.gov/

Informative Sites

Along with these sites, there are others containing immediately relevant information.

http://www.infowar.com/

is the InfoWar Web site for Information Warriors. The National Computer Security Association reading room is at:

http://www.ncsa.com/readingroom/

There is a large collection of papers about various different computer security issues at:

http://www.alw.nih.gov:80/Security/first-papers.html

Mailing Lists

A variety of mailing lists concerned with security issues are listed at:

http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/news-items/ \

  old-news-items/951223.listoflists.html

They have been archived at:

http://www.neosoft.com/internet/paml/
http://www.tryc.on.ca/mailinglists.html

Plans, Policy, and Procedures

The organizational policies are necessary to provide a security architecture for all of a company's operations. The policies undergo normal review procedures, and then are approved by agency management for implementation. Planning network security -- what needs to be done and what documents and policies need to be established -- are described in:

http://www.reliable.net/security.htm,
http://www.info-sec.com/internet/security/internet_081297c.html-ssi
http://www.area-development.com/AUG96_14.HTM.

Tools

The tools that you may need to secure your network may be available at both "official" and "unofficial" (hacker) sites. They can be found at:

http://www.ecst.csuchico.edu/~thuff/newtools.html
ftp://coast.cs.purdue.edu/pub/tools/
ftp://ftp.win.tue.nl/pub/security/index.html
http://www.coil.com/%7Eebright/SECUR30.HTM
http://www.antiOnline.com/ and http://www.rootshell.com/

You can use tools that crackers might use in order to check your own site for vulnerabilities.

People

Finally, if you can't find help any other way, there is a list of computer security-related people at:

http://now.cs.berkeley.edu/~daw/people/compsec.html

These are very busy people, and there is no guarantee that they will have an opportunity to assist you, though I have found them extremely helpful.

Hot List

AntiOnline/Hacking and Hackers -- http://www.antionline.com/

COAST Security FTP Archive -- ftp://coast.cs.purdue.edu/pub/tools/

Computer Incident Advisory Capability -- http://ciac.llnl.gov/

Computer Security Institute -- http://www.gocsi.com/

Computer security people -- http://now.cs.berkeley.edu/~daw/people/compsec.html

Computer Security Resource Clearinghouse -- http://csrc.ncsl.nist.gov/

DOE Information Security server --
http://doe-is.llnl.gov/index.html

FIRST Security Papers -- http://www.alw.nih.gov/Security/first-papers.html

INFOWAR: Information Warriors -- http://www.infowar.com/

List of security mailing lists --http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/ \
news-items/old-news-ite ms/951223.listoflists.html

Mailing lists -- http://www.tryc.on.ca/mailinglists.html

Minimize Business Losses Through Proactive Planning -- http://www.area-development.com/AUG96_14.HTM

NCSA Reading Room -- http://www.ncsa.com/readingroom/

Network Security and Network Monitor Programs --http://www.ecst.csuchico.edu/~thuff/newtools.html

Network Security Planning -- http://www.reliable.net/ \
security.htm

Prior Planning Precludes Poor Performance: Plans, Policies and Procedures -- http://www.info-sec.com/internet/ \
security/internet_081297c.html-ssi

Publicly Available Mailing Lists -- http://www.neosoft.com/internet/paml/

Rootshell -- http://www.rootshell.com/

Wietse's tools and papers --
ftp://ftp.win.tue.nl/pub/security/index.html n

About the Author

Jim Meritt is currently working for Wang Global, Inc as a Senior Security Analyst, and has been involved with UNIX systems and networking for more than a decade. His email address is: JWMeritt@AOL.com.