Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

New FAQ Pages 1

Status
Not open for further replies.
vesselescape

vesselescape

IS-IT--Management
Feb 17, 2002
100
US
Posted several new FAQ under heading of Small Network Security in this group. Please post comments, suggestions, additions, etc in this thread.

Flames ok cause "baby it's cold outside" but remember these are an attempt to provide some basic answers for questions we see a lot. ;-)

General Home Computer and Small Network Security Questions faq83-3147

Firewalls and the Small Network faq83-3148

Ports, IP addresses, and NAT faq83-3149
 
I like it, it's pretty basic as you mentioned but covers the basics without getting deep into the techno-babble. A very good primer. Thumbs up from me.

Andrew
 
We should get a listing of all the common ports. I know it isn't hard to find, but I think it would be nice to have one spot to look. iSeriesCodePoet
IBM iSeries (AS/400) Programmer
[pc2]
 
Thinks I covered it in:
Ports, IP addresses, and NAT ( FAQ83-3149 )

Question: Where can I get a list of "Well Known Ports" there uses, and known exploits?

Answer:There are a number of port lists available, but remember these are only current on the day they are written, and subject to change. Here is one we have found to be a good starting point:

This port list covers from port 0 to port 65535
includes:
PortType, Keyword, Description (Legit Use) Known Exploits

Open to other suggestions and additions if you got em.

Thanks
David
 
Okay... thanks. Guess I should have read it closer :-(. iSeriesCodePoet
IBM iSeries (AS/400) Programmer
[pc2]
 
A couple of other things you may wish to add, first is links to various security info sites, CERT would be a good one, certainly a link to something like the bugtraq mailing list (they were posting Slammer messages hours and hours before it started to become a real problem).

I only breezed through the reading fairly quickly, but also maybe some links to some of the popular scanning tools and such, maybe even a primer on how to do your own mini-security audit, not as good as the real pro's, but will stop most people...granted that type of info is more in line with the Noob IT guy than just the enthusiastic home user.

Andrew
 
Thanks AjayM ....

I think the general security links faq in this group covers a lot, but we will think about the security audit and maybe get up some additional info.

Thanks again for the input
David
 
Sheesh, I should have expanded on that a little more. Basically the first thing I do when coming into a new place of employement where my job duties would include security is to first see where all the weakness's are at. I'll sit at home and port scan (have to be careful as your ISP may not like you doing this), then when I have my list of open ports I'll hit places like CERT or Bugtraq or the newsgroups and I'll try and hack in. I'll try and do it "quietly" and I'll try and do it the "brute force" way.

This serves a lot of functions, most importantly, by my attempts at doing this, I can then look at the log files and see what happened, so I know what to look for in the future. Second, by learning how to "crack" a system I know better how to protect it, face it some of the best security guys I've known and heard of were old-school ex hackers and phreaks.

Anyways, that may be getting a bit to advanced for a newbie guide.

Oh and don't forget the picture of a pair of wire-cutters next to your patch cable. This is my standard response to anybody wanting a truly secure network.

Andrew
 
AjayM - Maybe you should right a FAQ on secuirty audits/penetration testing. Just list some of the tools you use, how to use them and such. Also something about the measures you take once a weakness is found. A lot of people new to security might find this extremely helpful (I know I would have back in the day.) [smile]

vesselescape - Great FAQ! Its great for anyone who needs basic info, or even some that just need a quick refresher. Thanks for the effort, you're a great reason why these boards are great!
[thumbsup2]
________________________________________
Check out
 
I think I could probably get some of the basics down, but it may take a week or two to get it all out on papaer and actually coherent and understandable. Any volunteers for beta reading when that time comes?

Andrew
 
Yeah as soon as its ready send me an email. I'd be more than happy to read it over.
sgt_b2002@yahoo.com
________________________________________
Check out
 
AjayM.....


Beta too


David
 
Status
Not open for further replies.

Similar threads

ttrsux
  • Locked
  • Question
No internet access on new LAN eth0/2 1
Replies
6
Views
140
iggsterman
iggsterman
TessaAbraham
  • Locked
  • Question
Install mod pagespeed
Replies
0
Views
72
TessaAbraham
TessaAbraham
normntwrk
  • Locked
  • Question
new asa5505 - old config
Replies
6
Views
97
normntwrk
normntwrk
sapper1
  • Locked
  • Question
New to Sonicwall and need some help.
Replies
1
Views
55
cajuntank
cajuntank
ITSurvivor
  • Locked
  • Question
Newbie On Netscreen 25
Replies
0
Views
55
ITSurvivor
ITSurvivor

Part and Inventory Search

Sponsor

Back
Top