From: Osiris
To: ddavis
Subject: Re: Archangel or Harlequinn. Need Direction.
Date: Saturday, December 27, 1997 1:10 PM
While I am neither of the parties you requested the information from, I have
some advice for you. (Important note: where lines wrap, reconstruct an unbroken
URL by pasting the both the first line and the truncated remains into notepad,
fusing them, and using that as the URL.) Sources and advice follow..
1. Get Linux or FreeBSD ASAP
2. Acquire one or more books written by Spafford, Bellovin, Cheswick, Rubin, or
Ranum
3. Get both the Camel and Llama books on PERL
4. Get ORA's book on TCP/IP
5. Purchase some old boxes (386/486) and install network cards
Armed with these items, construct a small UNIX network within your home
(garage, perhaps?). If you choose LINUX, read all the HOWTOs, particularly the
networking HOWTO. Create at least 5 user accounts, allowing at least shell
access for each account on each box. Once this confguration has been
established (with all networking up and working properly), make attempts (as
variuous users) to break one or more boxes on the system. (You should ideally
attack various services, not just one.) Also: download either the SAFEsuite
demo, the old ISS, or SATAN. Run these utilities against your system, and read
the tutorials that accompany the documentation provided with these utilities.
Next, acquire all tools located at this URL:
http://www.giga.or.at/pub/hacker/unix
Learn how to use each one. Next, obtain the AUSCERT UNIX security checklist
here:
ftp://ftp.auscert.org.au/pub/auscert/papers/unix_security_checklist
Next, obtain the UNIX security checklist located here:
http://stimpy.cac.washington.edu/~dittrich/R870/security-checklist.html
Next, obtain the Site Security Handbook (RFC 1244), which is here:
http://stimpy.cac.washington.edu/~dittrich/R870/rfc1244.txt
Next, obtain this document from SRI:
http://stimpy.cac.washington.edu/~dittrich/R870/SRI-Whitepaper.ps
After reading and understanding all accompanying documentation listed above
(and trying out some or all of the cited tools), read the following documents:
Intrusion Detection Checklist
ftp://info.cert.org/pub/tech_tips/intruder_detection_checklist
Dan Farmer's Survey on Various Hosts:
http://www.trouble.org/survey/
Improving the Security of Your Site by Breaking Into it
http://www.trouble.org/security/admin-guide-to-cracking.html
All the papers on this page, but especially the work by Nancy Cook and her
partner.
http://www.trouble.org/security/auditing_course/
Murphy's law and computer security by Wietse Venema
http://www.trouble.org/security/murphy.html
After absorbing that information, then seek out these papers:
CIAC-2308_Securing_Internet_Information_Servers.pdf
http://ciac.llnl.gov/ciac/documents/CIAC-2308_Securing_Internet_Information_Servers.pdf
Securing X Windows
http://ciac.llnl.gov/ciac/documents/CIAC-2316_Securing_X_Windows.pdf
How to Detect an Intrusion
http://ciac.llnl.gov/ciac/documents/CIAC-2305_UNIX_Incident_Guide_How_to_Detect_an_Intrusion.pdf
Finally, go here and begin the process of studying each hole addressed in the
BUGTRAQ archive. That is located here:
http://www.geek-girl.com/bugtraq/search.html
Other things that will help you tremendously are these:
1. Subscribe to all known mailing lists on UNIX security, e.g. BUGTRAQ, CIAC,
CERT, etc.
2. From these lists, generate a database of email addresses of known security
experts. Good examples would be Farmer, Venema, Spafford, Ranum, etc.
3. Scour the Internet for any instances of their email addresses - whether on
lists, discussion groups or the web generally. (Note: do *NOT* bug these guys.
Simply read their thoughts and ideas, absorb them, and move on.)
4. As you encounter exploit code on these lists (which you invariably will),
compile it and execute it. Record your results. (One good reason to get LINUX
or FreeBSD: all compilers are free and already well configured on a full
install.)
5. Try to spend one hour a day studying socket programming.
6. Go to a used bookstore and buy every book you cn find on system
administration. In lieu of this, at least buy books that are in remaindering
bins. The cheaper, the better.
7. Don't laugh, but learning at least the basics of thee languages would help:
A. PERL
B. AWK/GAWK/NAWK
C. SED
D. Expect
Also, it would be of some help to get a translation table that shows variances
between similar or identical tasks performed in sh/bash/csh. In addition, you
may wish to seek out the differences between disparate versions of UNIX. It is
worth buying old manuals for AIX, HP-UX, Unicos, IRIX, Data General, SunOS,
Solaris, XENIX, SYS V, and so forth. What follows is a list of books that might
help you. (These are in alphabetical order, so order does not indicate
preference. Personally, I prefer books authored by those I cited above.)
Building Internet Firewalls
D. Brent Chapman, Elizabeth D. Zwicky (1995)
ISBN: 1565921240
Commonsense Computer Security: Your Practical Guide to Information Protection
Martin R. Smith (1994)
ISBN: 0077078055
Computer Crime: A Crimefighter's Handbook
David J. Icove, David, Seger, Karl Icove, Karl A. Seger, Vonstorch (1995)
ISBN: 1565920864
Computer Security
John M. Carroll (1996)
ISBN: 0750696001
Computer Security Basics
Deborah Russell, G.T. Gangemi (1991)
ISBN: 0937175714
Computer Security Handbook
Arthur E. Hutt, Seymour Bosworth, Douglas B. Hoyt (1995)
ISBN: 0471118540
Firewalls and Internet Security: Repelling the Wily Hacker
William R. Cheswick, Steven M. Bellovin (1994)
ISBN: 0201633574
Fundamentals of Computer Security Technology
Edward G. Amoroso (1994)
ISBN: 0131089293
Hacker Proof: The Ultimate Guide to Network Security
Lars Klander, Edward J. Renehan (1997)
ISBN: 188413355X
Halting the Hacker: A Practical Guide to Computer Security
Donald L. Pipkin (1997)
ISBN: 013243718X
Information Warfare : Chaos on the Electronic Superhighway
Winn Schwartau (1996)
ISBN: 1560251328
Internet Firewalls and Network Security
Chris Hare, Karanjit S. Siyan (1996)
ISBN: 1562056328
Internet Firewalls and Network Security
Karanjit, Ph.D. Siyan, Chris Hare (1996)
ISBN: 1562054376
Internet Security: Professional Reference
Derek Atkins, Tom Sheldon, Tim Petru, Joel Snyder (1997)
ISBN: 156205760X
Maximum Security: A Hacker's Guide to Protecting Your Internet Site and Network
Anonymous (1997)
ISBN: 1575212684
Personal Computer Security
Edward Tiley (1996)
ISBN: 1568848145
Practical Unix and Internet Security
Simson Garfinkel, Gene Spafford (1996)
ISBN: 1565921488
Protecting Your Web Site With Firewalls
Marcus Goncalves, Vinicius A. Goncalves (1997)
ISBN: 0136282075
Protection and Security on the Information Superhighway
Frederick B. Cohen (1995)
ISBN: 0471113891
Secrets of a Super Hacker
Knightmare, the Knightmare (1994)
ISBN: 1559501065
Security in Computing
Charles P. Pfleeger (1996)
ISBN: 0133374866
Web Commerce Cookbook
Gordon McComb (1997)
ISBN: 0471196630
Web Security Sourcebook
Avi Rubin, Daniel Geer, Marcus J. Ranum, Aviel D. Rubin, dan Geer (1997)
ISBN: 047118148X
Web Security & Commerce (Nutshell Handbook)
Simson Garfinkel, Gene Spafford (1997)
ISBN: 1565922697
http://www.amazon.com/exec/obidos/ISBN=1565922697/t/0560-5831826-082656
Access Control and Personal Identification Systems
Dan M. Bowers (1988)
ISBN: 0409900834
Internet Security Secrets
John R. Vacca. (1996)
ISBN: 1-56884-457-3.
Network and Internetwork Security: Principles and Practice.
William Stallings. (1995)
ISBN: 0-02-415483-0
Network Security: How to Plan for It and Achieve It.
Richard H. Baker. (1994)
ISBN: 0-07-005141-0
UNIX Security for the Organization.
R. Bringle Bryant. (1994)
ISBN: 0-672-30571-2.
UNIX Security: A Practical Tutorial.
N. Derek Arnold.
ISBN: 0-07-002560-6 (1993)
UNIX System Security: How to Protect Your Data and Prevent Intruders.
Rick Farrow. (1991)
ISBN: 0-201-57030-0
UNIX System Security Essentials.
Christoph Braun and Siemens Nixdorf. (1995)
ISBN: 0-201-42775-3
UNIX System Security.
David A. Curry. (1992)
ISBN: 0-201-56327-4
UNIX Unleashed. 1994
Susan Peppard, Pete Holsberg, James Armstrong Jr., Salim Douba, S.Lee Henry,
Ron
Rose, Richard Rummel, Scott Parker, Ann Marshall, Ron Dippold, Chris Negus,
John
Valley, Jeff Smith, Dave Taylor, Sydney Weinstein and David Till
ISBN: 0-672-30402-3.
Lastly, you will need to get some goo tools to experiment with. They are here:
http://ciac.llnl.gov/ciac/SecurityTools.html
Basically, that should get you started. It is not neccessary that you learn
everything all at once. Obviously, the firm offering you the position does not
expect the impossible. However, UNIX security is an on-going and complex field.
You aren't going to ace it in a day. The idea is to get yourself up to speed
with older problems, so that when newer ones crop up, you will understand their
basis and origin.
The reason for creating a network in your garage is that it offers you a chance
to screw things up without any repurcussions. Also, it simulates a
micro-network, and allows you to view logs and responses from both the attack
and victim sides. This is invluable, as it will prepare you to instantly
recognize trouble, just from examining the logs. Chief areas that you should
cover are these:
1. NFS
2. The R Services
3. Passwords - proactive password checkers, DES in general, Crack, etc.
4. Spoofing
5. Routing techniques
6. Firewalls
7. CGI (if webservers are an integral part of the architecture of that
network).
It is reccomended that you get the TIS Firewall Tooklit when you are ready.
(Though, I suspect that the firm hiring you is more interested in local
security that remote problems. Nevertheless, it is worth doing).
Anyway...that is my .02.
Cheers.
ddavis wrote:
> I am leaving my current low paying job for a higher paying one and the new
> people want me to learn networking and UNIX. I studied some unix in the
> past and still have a book I bought call Unix Power Tools. What advice can
> you give me. I'm not into the illegal stuff. During the interview for the
> new job, I was told that I may be asked to find a way to stop students (the
> new job is at a university) from accessing this or that and other security
> things. I believe hacking will give me an insight into what can or cannot
> be done. Plus it's something that my low confidence has always told me
> that I couldn't do.
