As any good kid from the 80′s will tell you “Knowing is half the battle” and G.I. Joe wasn’t far off in their assessment of value. Knowing is indeed paramount to success of any venture. But it is knowing where to go for the information that sets true professionals apart.
Computer Security is a hazy field full of tools that can both be used to secure a machine and at the same time used to break into them. More often than not these double edged swords are better off recognized and worked with. Manufacturers and vendors hate when security vulnerabilities are released, but by releasing them they get fixed quicker. So I’ve compiled a list of places you need to know about to prepare yourself and learn a bit more about the landscape of computer security.
Computer Network Defense Operational Picture: This is the granddaddy of them all when it comes to information overload. This is a great second monitor screen. Don’t pay any attention to the fact that defense is spelled wrong at the top of the page, this site is a one stop shoppe for 80% of the security information out there.
Think of this one page as a feed aggregator for Security news and tools. To top it off there is also a very useful world clock at the bottom in case you are trying to reach a colleague in a different country and you don’t want to call at 3 am. Or better yet you’ll know when the peak usage times of site will fire up because the east coast of the USA is about to wake up.
They have indicators for the following sites:
- The Internet Storm Center
- IBM Internet Security Systems
- The Internet Traffic Report
- Atlas Attack Source Map
- Symantec Security Alerts
Those are just an at a glance reference tools. They also have their own threat index, listing the vendors and that patch / vulnerabilities currently out there. Currently there is a Vulnerability in some Adobe product, which its recommended to patch. So I’ll need to look into that later on today.
They also have a running feed of vulnerabilities and security news scrolling on the left, as well as the current versions of tools on the right hand side. And it looks awesome to boot. Want to impress coworkers with a spiffy movie worthy site on your machine to make it look like your “teh 13373 H@x0r” then this will probably fit the bill.
This next Section is a three-fer. Insecure.org, besides having one of the best logos out there is a cornucopia of information. It ranges from fare fit for the novice to information that an expert would find useful and challenging.
Insecure.org is the home site of NMAP one of the most widely used security tools out there. This is the umbrella name used most often to refer to all the services offered on the site.
Seclists.org You can get information on sightings of the tool in movies as well as access to some of the best security mailing lists in the business. some of the lists are very technical while others are more conversational. Most of the lists have RSS feeds associated with them so you don’t need to fill your inbox with them, but you can still get the information.
Sectools.org: If you need to find out what people are using on the high end side of security and intrusion prevention the look no further. Each tool is broken down into price, OS, Open / Closed Source, Gui / Command line. Unbelievable amount of information here. Could use a little clutter control for the icons but otherwise invaluable.
Bruce Schneier: This isn’t the same as the other sites listed. Think of this more like you would taking a course in theory during your study of the discipline. This man has a keen insight into the industry and a razor sharp mind when it comes to dissecting security conepts and practices.
He routinely takes Governments and policies to task when they need to be exposed for what they are. He is the CTO for BT a global communications company. He writes and edits a monthly email newsletter, which is required skimming for anyone interested in the industry, as well as the author of two books and numerous white papers. What better way to learn about security than to pick the brain of one of the thought leaders in the field.
Last but certainly not least in this list is the venerable Internet Storm Center. The first link in this post gave only a small hint about the information available on this site. Their threat level, green – red is a good indicator for the current state of affairs on the network. Green doesn’t mean you can run about willy nilly but rather that there is no current incident greater than normal traffic. So like swimming in the ocean, its still dangerous, there just isn’t an undertow right now.
Visiting the Storm center you will see the Handler’s diary which usually cover topical bits of news an new vulnerabilities or attacks that are currently happening. These diaries also cover resurgences of older attacks and their implications. This is usually higher end stuff here aimed at professionals in the field. But there is a good deal of information on the site for everyone. Sans the sponsor of the ISC hosts free security webcasts, teaches courses in securing networks and machines and I also just saw that their is a podcast there as well. Enjoy
Now you might want to know why there is no sit listed as a Master level site. This is quite simply because Security information should be accessible to as many people as possible. There is some higher end discussion in each of the sites listed but no site should ever be beyond 90% of their audience or they wouldn’t last long. Those who are considered experts in their fields, specifically a field such as computer security realize that the more knowledge they impart to those with a lesser understanding the easier their job becomes. So don’t be afraid to ask questions, to search for information when confronted with an abbreviation or a term you don’t know.
Knowing might be half the battle but the other half is teaching, so if you know it, share it, and if you don’t then ask about it.