Information Security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.1
Table of contents
- The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security.2
- The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage also see The Cuckoo's Egg - Wikipedia and http://mario.elinos.org.mx/docencia/herseg/cuckoo_egg.pdf
- Hacking: The Art of Exploitation - Hacking is the art of creative problem solving, whether that means finding an unconventional solution to a difficult problem or exploiting holes in sloppy programming. Many people call themselves hackers, but few have the strong technical foundation needed to really push the envelope.
- The Art of Intrusion - Hacker extraordinaire Kevin Mitnick delivers the explosive encore to his bestselling The Art of Deception
- The Art of Deception: Controlling the Human Element of Security - The Art of Deception is about gaining someone's trust by lying to them and then abusing that trust for fun and profit.
- Secrets and Lies: Digital Security in a Networked World - Bestselling author Bruce Schneier offers his expert guidance on achieving security on a network
- The Mythical Man-Month: Essays on Software Engineering - Few books on software project management have been as influential and timeless as The Mythical Man-Month.
An attack vector is a path or means by which a hacker (or cracker) can gain access to a computer or network server in order to deliver a payload or malicious outcome. Attack vectors enable hackers to exploit system vulnerabilities, including the human element.3
The attack surface of a software environment is the sum of the different points (the "attack vectors") where an unauthorized user (the "attacker") can try to enter data to or extract data from an environment.4
Anti-Spam Techniques - To prevent email spam (a.k.a. unsolicited bulk email), both end users and administrators of email systems use various anti-spam techniques.
Network Security Assessment - Network infrastructure vulnerabilities are the foundation for all technical security issues in your information systems. These lower-level vulnerabilities affect everything running on your network. That's why you need to test for them and eliminate them whenever possible.5
An Intrusion Detection System (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any detected activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources, and uses alarm filtering techniques to distinguish malicious activity from false alarms.6
- InfoSec Book Club 2012
- Security Book Club for 2014
- Recommended Reading - This page lists books that I have found to be highly relevant and useful for learning topics within computer security, digital forensics, incident response, malware analysis, and reverse engineering, and other related topics. These books range from introductory texts to advanced research works. While some of these books may seem dated, the information contained is still very useful to people learning today, and much of the information is essential to becoming proficient in the information security realm.
- Bay Area Linux Users Group - BALUG is the Bay Area Linux Users Group. We generally meet monthly in San Francisco (generally in the Chinatown area, near downtown).
- Silicon Valley Linux Users Group - The Silicon Valley Linux User Group (SVLUG) is the oldest and one of the largest Linux user groups in the world.
- Silicon Valley Security Meetup
- The San Francisco Security Meetup Group
- BayThreat is an annual security conference that takes place in the Silicon Valley area.
- BayThreat LinkedIn
- BaySec list
- San Francisco chapter of 2600: Hacker Quarterly magazine
- How To Become A Hacker by Eric Steven Raymond
- How To Ask Questions The Smart Way by Eric Steven Raymond
- The Cathedral and the Bazaar by Eric Steven Raymond, also see https://secure.wikimedia.org/wikipedia/en/wiki/The_Cathedral_and_the_Bazaar and http://www.amazon.com/Cathedral-Bazaar-Musings-Accidental-Revolutionary/dp/0596001088 and http://books.google.com/books/about/The_cathedral_and_the_bazaar.html?id=F6qgFtLwpJgC
Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni, Devon Kearns and Raphaël Hertzog are the core developers.7
Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).8
Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts.
Ncrack's features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap's and many more. Protocols supported include SSH, RDP, FTP, Telnet, HTTP(S), POP3(S), IMAP, SMB, VNC, SIP, Redis, PostgreSQL, MySQL, MSSQL, MongoDB, Cassandra, WinRM and OWA.9
Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. Kali contains several hundred tools which are geared towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering. Kali Linux is developed, funded and maintained by Offensive Security, a leading information security training company.10