NukeNabber can be considered a personal host intrusion detector for stand-alone PC’s, which will notify you of attempted connections to user-defined ports. Legion can be quite hard to find. Most other vulnerability scanners also now look for unprotected shares. In the back of your materials are additional references. (Editor’s note: for students taking this course online, the Glossary is included as a separate download file. – JEK)

Welcome to Unix and Linux, security for these operating systems is a complete paradigm shift from Windows. Unix has been around a lot longer. The source code for Linux is freely available, so would be attackers are free to examine it and test it for holes such as buffer overflows and deadlock conditions.

As we begin to focus on Windows 2000 for the rest of this section, the three primary differences from Windows NT are: Active Directory, Group Policy, and templates. We will first introduce the Active Directory. Years ago, a standards organization called the CCITT (now International Telecommunication Union, or ITU) created a recommendation for a standard for a world wide directory service that was ratified by the International Organization for Standards (ISO).

The World Wide Web has become the de facto communications medium for the Internet. Millions of people use it every day to get information, communicate with coworkers, buy and sell goods, entertain themselves, and keep up to date with current events. However, most of these people have very little knowledge about how the web actually works. On this slide we will give you a brief introduction to the web and tell you everything you always wanted to know about the web but were afraid to ask. All in less than three minutes....

You hear a lot of talk about firewalls in relation to network security. The name “firewall” comes from the building industry and it denotes a wall constructed to stop (or at least slow) the spread of fire from one space to another. In network security, a firewall serves the same purpose. But instead of being built from bricks or steel it is built with computers and routers. But the concept is still the same. A network firewall is designed to protect what’s “inside” the firewall from what may be “outside.” Most often, you will hear firewalls used in reference to Internet protection, and most...

The Internet Protocol (IP) is the protocol by which information is sent from one computer to another on the Internet. Each computer on the Internet has at least one address that uniquely identifies it from all other computers on the Internet. When you send or receive data (for example, an e-mail note or a web page), the message gets divided into little chunks called packets.

Hello, and welcome to Information Security: The Big Picture. My name is Stephen Fried, and over the course of the next six hours I will be guiding you on a tour of the world of information security. This course provides an introduction into the area of computer and network security. As more and more people and companies connect to the Internet, the incidence of hacker attacks, break-ins, and vandalism continues to increase.

The Internet Protocol (IP) is the protocol by which information is sent from one computer to another on the Internet. Each computer on the Internet has at least one address that uniquely identifies it from all other computers on the Internet. When you send or receive data (for example, an e-mail note or a web page), the message gets divided into little chunks called packets. Each of these packets contains both the sender's Internet address and the receiver's address.

Note that we are intentionally leaving out certain systems because they are too complicated to be appropriately handled in the time permitted. These services are covered in detail in courses from the SANS Unix Security curriculum: • NTP, Apache, DNS, and Sendmail are all covered in the Running Unix Applications Securely course (day four of the curriculum). • Topics in Unix Security (day three) spends half a day talking about SSH. • RPC-based applications (including NFS and NIS) and vulnerabilities are covered in more detail in the Common Unix Vulnerabilities class (day one)....

Like most operating systems in the last 40 years, Unix uses a hierarchical "tree-structured" file system (interestingly, tree-structure and other aspects of the Unix file system are a direct result of the original Unix developers being influenced by the Multics project they had been working on). Directories contain files and subdirectories which, may in turn, contain other files and subdirectories, and so on.

In this module we are going to look at legacy Windows Desktops. This includes Windows 98 and Me, which are similar. The most important thing to know about Windows 98 and ME is there is no file security and there is no authentication necessary. Even if you configure the system for multiple users and have a password screen at bootup, anyone can hit “Cancel” and still get in. Access to files depends on access to the machine.

In this section we are going to cover some of the key aspects that need to be addressed in order to have a secure web server using IIS. It is important to note that a system is only as secure as its weakest link and therefore any web server must be built on a secure and hardened Windows 2000 system. Securing Windows 2000 is not covered in this section but has been covered in a previous module. So before you install IIS make sure that you spend the time to properly harden your base operating system. Once you have a secure operating system configured, you...

Greetings! This section of the course covers auditing Windows as a method of verifying that your computer systems remain secure. One of the key concepts that we have emphasized throughout this course is in order to have a secure system you must know your system. If you do not understand what is running on your system, how will you be able to secure it? In this module, we give you the information and tools you need to “know thy systems” and therefore secure them.

We will review backup strategies, techniques, and other practices that make system and data recovery a reliable and viable option when data loss occurs. Superb backup tools exist for the Windows platform. A recent SANS Institute survey indicates that several backup programs are in wide use. Veritas’ (formerly Seagate’s) BackupExec and Computer Associates’ ArcServe programs were the most popular products in this survey. Legato’s Networker is also represented and is a good tool for managing backups in a combined Windows/Unix network....

The upgrade to Windows 2000 Professional is Windows XP Professional. The upgrade to Windows 2000 Server will be Windows Server .NET. Windows 2000 and XP Professional are very similar. They both inherit multiple security configuration tools from the Windows 2000 platform – but XP adds some new security features as well. Any study of Windows 2000/XP Professional should keep in mind the numerous Windows 2000 platform security features.

This section will build on the basic NT security knowledge you have already gained. However, you will find that every NT security function is magnified in Windows 2000, and Windows 2000 has ten times the security features available in Windows NT. If NT were a row boat, Windows 2000 is the QE2. If NT were a cottage, then Windows 2000 is a 56 room mansion. Active Directory, security templates.

Hello, and welcome to Windows NT Security Step-by-step, a survival guide for Windows NT security. This presentation is based on the material from the SANS Institute Windows NT Security Step-by-step Guide, which offers a consensus document by security professionals from 87 large organizations. It helps show you what you need to do to have a secure Windows NT implementation.

Hello, in this module we are going to discuss wireless networking. Specifically, we'll take a look at how wireless technology works, how it is commonly deployed, and the security issues associated with using it. Because wireless communications can penetrate opaque objects such as buildings, the risk of someone accessing a private network increases markedly. With wireless, an attacker does not need to gain access to physical cables or jacks, but only needs to have an antenna and be within range of the transmissions....

Picture this - the trade press is all abuzz with warnings of a new killer virus, Child of Chernobyl. Recall that Chernobyl struck on April 26, 1999. In Korea alone, it affected as many as a million computers, causing more than $250 million in damages. The boss has just come down with a magazine article in hand and has told you to drop everything.

Now that we have taken a detailed look at cryptography, lets take a look at another related area, which is steganography or data hiding. Steganography (“stego”) is related to cryptography (“crypto”) because with both fields you do not want someone to be able to read your message, but stego does it with a slightly different approach.