Ten More Resources for Information about TCP/IP Security

Remember the old saying, "The Internet protects those who protect themselves"? Okay, you caught us. We made it up. As you work your way across the Internet and Web, try saying it over and over. Protect yourself. Protect your business. Protect your kids. This topic provides a smorgasbord of tasty delights that protect you from being eaten alive by security breaches. And to give you a break from all your hard work, this topic takes you to visit a museum and watch a video.

Security from A to Z

The Security Center at www.linuxsecurity.com is for everyone who needs to know about Internet security, not just for Linux lovers. It includes invaluable information about Internet security. The Security Dictionary defines just about every Internet security term.

✓ "Wireless Security: Threats and Countermeasures"

✓ "Are Passwords Really Free? A Closer Look at the Hidden Costs of Password Security"

✓ "Wi-Fi Security: What Hackers Know That You Don’t"

✓ "Establish Trust to Protect and Grow Your Online Business: Authentication and Encryption – The Cornerstones of Online Security"

If you want to get deep into technical details about TCP/IP security flaws and solutions, read the paper, "TCP/IP Security" by Chris Chambers, Justin Dolske, and Jayaraman Iyer from the Department of Computer and Information Science, Ohio State University, Columbus, Ohio. Find it here:


www.linuxsecurity.com/resource_files/documentation/ tcpip-security.html.

Certainly Don’t Forget the CERTs

CERTS are where you go to find the most recent and reliable news about security happenings around the world. Internet-savvy folks join the CERT (Computer Emergency Response Team) mailing lists and subscribe to RSS feeds. CERT keeps you up to date on the latest and newest security vulnerabilities; and shows you how to solve or work around such problems.

CERT also publishes tech tips and practices. This collection of documents gives you a leg up on designing and implementing security polices for your network. The U.S. government CERT (at www.us-cert.gov/) probably has the most comprehensive information, but numerous other countries maintain CERTS as well. Countries ranging from A to V, Argentina to Vietnam, have Web sites for their CERTS.

Take a Virtual Museum Tour

Interested in cryptology, the basis of encryption? When you take this tour (www.nsa.gov/about/cryptologic_heritage/museum/virtual_ tour/index.shtml), you can visit any or all of the exhibits in the museum. Our favorite is the Computer Development exhibition, which has a Cray XMP-24 supercomputer, one of the first supercomputers.

Crime Stoppers’ Cinema

One of Google’s online video TechTalks, "Crime: The Real Internet Security Problem," presents some startling security ideas. Dr. Phillip Hallam-Baker, a leading designer of Internet security, sets out a comprehensive strategy for defeating the serious and growing problem of Internet crime. Consumer fraud, for example (in particular, phishing), keeps growing despite all the protections that are in place. Internet crime is big business. Dr. Hallam-Baker talks about how Internet users consider security a top priority. Despite that fact, Dr. Hallam-Baker explains that almost none of the security mechanisms developed to end Internet crime have worked effectively.

To watch and listen to Dr. Hallam-Baker’s talk, visit the Web site, video. google.com, and use the search term "Internet Security." If you also search on "TCP/IP," you will find several more videos about Internet security and TCP/IP.

Speaking of video, don’t forget youtube.com. Search for Internet security, and you’ll find lots of useful videos.

YouTube may also have content that you find inappropriate and offensive. Just to be safe, keep your search parameters tight.

The TCP/IP Guide — Free and Online

Don’t feel daunted by the size of the site for the TCP/IP Guide at, www. tcpipguide.com. Charles Kozierok, the author, has supplied a guide to the Guide. In addition to sections about all aspects of security protocols, this topic is a comprehensive guide to all things TCP/IP from A to Z: addressing to zones.

Finding Podcasts about Internet Security

A podcast is a pre-recorded audio program that’s listed on a Web site as available for download. You can listen as soon as you find a podcast you like, or you can download it and listen to it later on your computer or mobile devices. Although podcasting is associated most often with Apple’s iPod MP3 players, you can listen to podcasts on any computer or mobile device. You can subscribe to RSS feeds of podcasts so that new podcasts can automatically be sent to you.

A good place to start finding podcasts about security is the Network Security Podcast at mckeay.libsyn.com. This site broadcasts weekly talks about Internet security. Some topics have included

✓ Cybercrime servers selling billions of dollars worth of stolen information, illicit services


✓ Fast-spreading phishing scam hits Gmail users

✓ Facebook

✓ The DNS Changer trojan starts its own internal DHCP server

✓ And dozens more podcasts . . .

If you spend all your time listening to security podcasts, another good source is the Cisco Security Podcast Series at

tmp19-146

Save the Children

"DIY: Parents’ Guide to Online Safety" is a must-read article for parents:

tmp19-147

Your kids may know more than you do about computers and the Internet.Even though kids have a lot of Internet know-how, they can be very naive as well. Sadly, we speak from experience. "DIY: Parents’ Guide to Online Safety" is filled with tips on how to protect kids from their own curiosity and from online predators. Not only is this an excellent article, but the authors also list products that help you restrict kids from certain sites and teach you how to find out exactly what your kids are doing, right down to every keystroke they type, if you feel that’s necessary.

Besides this valuable article for parents and anyone concerned with children’s online safety, CNET Australia, the source of the Parent’s Guide, is filled with articles about security and reviews of security-software suites.

Microsoft TechNet Library

You might think that the Microsoft TechNet Library (technet.microsoft. com/en-us/library) is about all things Microsoft. Well, it is, but one of the main topics in the TechNet Library is "Security." If you use any recent Microsoft Windows operating system, you need to look at the security topics at TechNet. The only problem with TechNet is the sheer volume of information, and that you want to read all of it.

Security Cuisine

Sean Boran’s IT Security Cookbook (www.boran.com/security) is another one of those sites that has more information than one person can take in with just one reading. But not to worry — the Cookbook is so well organized that you can find what interests you pretty quickly.

Next post:

Previous post: