A Guide to Computer Security

Navigating Through Internet Resources

Michael J. Castner
ENGL 202C
Ms. Sara Woolfitt
September 17th, 2010

1|Page
Table of Contents
Contents of Guide ..............................................................................................................................3
Intended Audience / Purpose of Guide ...............................................................................................3
Assumed Audience Knowledge ...........................................................................................................3
Structure of Guide..............................................................................................................................4
Tips for Effective Use..........................................................................................................................4
Internet-Based Resources...................................................................................................................5
Ars Technica ..................................................................................................................................... 5
Talisker Computer Network Defense Operational Picture ............................................................... 6
SecTools: The Top 100 Network Security Tools ................................................................................ 7
The Exploit Database ....................................................................................................................... 8
Periodical Index / Professional Journal ...............................................................................................9
ProQuest .......................................................................................................................................... 9
[IN]SECURE MAGAZINE .................................................................................................................. 10
Government Resources .................................................................................................................... 11
Catalog of United States Government Publications....................................................................... 11
The Statistical Abstract of the United States of America ............................................................... 13

2|Page
Contents of Guide
This guide contains an overview of various resources related to the field of Information Technology, with
a particular focus on the area of Information Security. Each resource is profiled and explained, with
subject matter coming from journalistic web sites, periodical literature, government publications, and
other areas of merit. The value that each source of information holds for one interested in the field of
Information Security is also revealed by showing the breadth of topics available, such as: Virus /
malware payload information, current network attack origins, hardware / software industry trends,
penetration testing tools, and other areas specific to one interested in Information Security or
Information Assurance. Links to each resource are provided so that the reader can evaluate and use
them on their own, as well as tips for maximizing the effectiveness of each resource.

Intended Audience / Purpose of Guide

This guide is meant to be read by individuals with an interest or professional background in Information
Security or Information Assurance. Those who have prior experience with some of the topics covered
within the given resources will better benefit from reading them, as they will not have to stop and learn
about certain concepts before moving forward. The guide is meant to supplement, rather than inform,
an individual's existing knowledge of the world of Information Security, by providing knowledge of
resources that they may not have previously been aware of. This guide is also meant to provide a
diverse group of sources that an individual would be able to cite in professional publications, and in that
way provide an assurance of source integrity to the end user. Overall, the purpose of this guide is to
help further develop an individual's base of knowledge in a field where current and reliable information
is key to success.

Assumed Audience Knowledge

An individual who wishes to benefit the most from reading this guide should possess some prerequisite
knowledge. First of all, they should have an intermediate understanding of computer technology in
general. By this, I mean that they should be familiar with the basic hardware and software functionality.
They should also be more than familiar with associated internet technology, as being able to naturally
navigate through some of the given resources will be a great asset to the reader.

Perhaps one of the most important assumptions being made in this guide is the assumption that the
user is familiar with terminology specific to the world of Information Security. Knowing the difference
between concepts such as exploits and payloads is crucial for understanding the more advanced
concepts demonstrated on these pages, and is the main reason that this guide is meant for an audience
that has experience in the field already. As was stated before, the purpose is to supplement rather than
to inform. Thus, being able to speak the language of Information Security is the most important
prerequisite that one intending to read this guide can possess, as it will allow the reader to more fully
take advantage of the information presented.

3|Page
Structure of Guide
The guide is structured to be read in a way that is natural, comfortable, and intuitive. The table of
contents clearly states where material can be found, and sections are differentiated by headings
describing the content they preface. Page numbers correspond to this table, and help the reader easily
locate resources that they are interested in reading. The organizational layout can be said to follow this
example logic flow:

 Guide
o Type of Resource
 Individual Resource

One can see that the content goes from a general description of the type of content to a specific
example within that category. This grouping lends itself not only to a very easy representation within
the table of contents, but also to the natural inclination of the reader to move from general ideas to
specific context of those ideas.

Tips for Effective Use

The following tips will help a reader to get the most out of the guide, and will be most effective when
read and kept in mind prior to their reading of the guide proper:

 For each resource, a tailored tips section is provided on how best to utilize that specific site. If
the reader becomes confused about a particular resource, these sections will likely provide the
best insight on how to solve any problems they are having.
 Part of becoming proficient in the field of Information Security involves absorbing a great deal of
encyclopedic knowledge that be recalled during times of need. This process becomes much
easier if one is actually interested in what they are researching. It is recommended that the
reader of this guide peruse each resource to see which ones are of the most interest to them,
and then explore them to see what kind of information they may be able to easily learn.
 Different types of resources in this guide are appropriate for different situations. It is beneficial
for the reader to be familiar with what some of these situations may be. For example:
o The more official, government-related resources would be excellent citations on an
academic paper.
o The more casual, internet-based resources would be great for obtaining general
knowledge about the field of Information Security on a regular basis, due to their
constant updates.
o The sites that simply provide a portal for the reader to find additional pieces of
information would best be suited to research purposes, where a specific topic is under
investigation.

4|Page
Internet-Based Resources

Ars Technica
Publisher: Conde Nast Digital
URL: http://www.arstechnica.com/

Abstract: Ars Technica is a professional online journal that covers issues relating to hardware,
software, security, tech policy, and global trends. It combines a classic style of firsthand
journalism and article integrity with a more modern approach of referencing online third
parties. The result is an enhanced, hybrid experience that provides the most information
possible in a professional format, suitable for frequent reference by professionals.

Ars Technica contains articles focusing on the following areas (taken directly from their site):
Apple, Business, Gadgets, Gaming, Microsoft, Open Source, Science, Tech Policy, Hardware,
Media, Security, Software, Telecom, and Web. They provide commentary on breaking news,
previews of upcoming hardware / software, reviews of already existing technology, and
thorough opinion pieces on all aspects of the world of technology with the option of community
interaction and input.

The information that this site provides is not only useful to someone interested in Information
Security, but vital. As a facet of computing technology that is constantly evolving and constantly
exposing people to different threats and vulnerabilities, it is critical that someone responsible
for Information Security Risk Assessments is familiar with upcoming / existing hardware and
software, government tech policy, and breaking developments within the world of technology.
If one does not have a base from which to pull a wide array of information from, they will suffer
from the mental fallacy of target-fixation, and lose their objectivity.

One would do well to observe and familiarize themselves with the unique layout of Ars
Technica’s website. They should become familiar with the filtering features, as well as how
articles are updated and presented, in order to get the most out of visiting the site.

Tips: It is very beneficial for the reader to become familiar with the layout of the Ars Technica
website in order to get the most out of this resource. For example, the reader will not see all
information related to Open Source software simply by visiting the default webpage. They
would need to navigate to the Open Source section of the Ars website in order to see all of this
information collected in one place. It is also useful for a reader to expand the comments
section, which is collapsed by default. Within these sections the reader can find the various
opinions posted by regular visitors to the site, as well as corrections to the article that are made
by readers before they can be implemented by the site editors.

5|Page
Talisker Computer Network Defense Operational Picture
Publisher: Computer Network Defense, Ltd.
URL: http://www.securitywizardry.com/radar.htm

Abstract: The Talisker Computer Network Defense Operational Picture is a web portal which
provides a wealth of computer security information to an audience of professionals. It contains
multiple types of information that are constantly being updated, including: A feed of
Information Security-related news articles, a list of new and dangerous security vulnerabilities
that have been discovered, the largest virus / malware threats of the day, the latest versions of
penetration testing / hacking tools, patch and vulnerability information concerning specific
vendors, and a world map showing where most hacking attempts are originating from.

This is one of the most useful sources of information that an individual in the Information
Security field can be aware of. It provides a complete operational picture of the state of the
internet, with specific information on the major areas that Information Security Professionals
should be aware of. It is considered such a useful and reliable source that it is used daily by the
National Security Agency to determine possible threats that should be investigated, as well as
for general information.

Tips: Learning the interface of the Talisker Radar is crucial if one wants to actually be able to use
it. Become familiar with the various interfaces that are presented by exploring their features.
Research any unfamiliar information that is present until you have a better understanding of
what each section is talking about. This will help the Talisker Radar to easily become an
important tool in your Information Security Arsenal.

6|Page
SecTools: The Top 100 Network Security Tools
Author: Lyon, Gordon
Publisher: Insecure.Com LLC
URL: http://www.sectools.org

Abstract: SecTools is a website that aggregates a list of the top one-hundred most useful
software security tools every few years, and divides them up into different categories and ranks
according to responses from site readers. It contains many different types of security analysis
tools, including password crackers, network traffic sniffers, vulnerability scanners, web server
scanners, wireless network utilities, exploit frameworks, and packet creation toolkits. It includes
descriptions of each individual tool, as well as links for where to download them and find
instructions for running them. The base list currently available is from 2006, with updates for
each tool where needed to make sure that all information is still current. A major update is
currently in the works to provide an updated list for the top one-hundred most useful security
tools of 2010.

This information is both relevant and useful for someone in the field of Information Security, as
it provides an exhaustive list of the necessary tools of the trade and information on how to use
them effectively. It is an excellent starting point for someone with technical knowledge, but
lacking in practical application of security techniques and is also a great complementary
resource for someone who performs a function of computer security professionally to expand
their palette.

Tips: Be aware that this site is not entirely current, as the list that is posted originally dates back
to 2006. The site is regularly updated, but this base list has remained the same for quite awhile
and some of the tools may no longer be as effective or relevant as they once were. If the tool
no longer exists or has gone through major changes, these should be reflected by the site, as
accuracy is still a concern, but it will help the reader to be aware of the timeframe in which the
original list was released.

7|Page
The Exploit Database
Author: Moore, H.D.
Publisher: Rapid7 LLC
URL: http://www.exploit-db.com

Abstract: The Exploit Database is a collection of user-submitted exploits and shell code for
software, ranging from simple proof-of-concept code to documented remote exploits. It is
constantly updated to provide the latest code from users, and contains thousands of entries
within its archives. The software affected by these exploits can range from unheard of open-
source software to widely used commercial programs. The exploits themselves also come in
many different categories, including: remote exploits, local exploits, web applications, denial of
service, proof of concept, shell code, and research. It is important to note that the site does not
distribute compiled binaries of the exploit code contained on their site, as they would be liable
for distribution of dangerous software. That is why only source code can be found there, which
must be compiled manually by the end user.

It should be immediately apparent why this information is relevant and useful for someone
interested in Information Security, as this is the proverbial beating heart of the field itself. A
security administrator will either have an easy day at work or the worst possible disaster
imaginable due to some of the content posted within the confines of this webpage. Exploit code
is not only useful for those who wish to maliciously use the code for their own attacks, but for
security administrators and researchers who wish to better defend against attacks that may be
coming their way. Being more familiar with the exploits in the wild can greatly improve the
overall security of the network if a security administrator is careful to plug all necessary holes.
Due to sites like The Exploit Database, there will never be a shortage of holes to plug.

Tips: It is good for the reader to be aware of just how dangerous some of this code can be.
Simply having some of it on a machine is enough to get an individual fired from their job if they
are not careful, as automated systems will automatically flag the code snippets (accurately) as
malicious code. Thus it is extremely important to be mindful of where this site is visited, and
what is downloaded upon each visit.

8|Page
Periodical Index / Professional Journal

ProQuest
Publisher: ProQuest LLC
URL: http://www.proquest.com
http://www.libraries.psu.edu/psul/databases/trythesefirst.html

Abstract: ProQuest is a massive database that contains the complete transcript of many
different periodicals, indexed for easy searching and cross-referencing by end users. It primarily
functions as a starting point for academic and professional research, as the user is easily able to
search for any subject that they are interested in and immediately find thousands of relevant
results. The periodicals contained within the ProQuest databases date from the mid-1700s to
the current date, and have transcripts from over 10,000 sources. Almost all major newspapers
are included in their entirety, as well as scholarly papers and dissertations from various sources.

The usefulness of this resource cannot be stated enough, as it does not function as a provider of
one type of information, but rather as a portal to a wealth of different sources. Anyone
interested in Information Security would easily be able to find scholarly research in their field, as
well as information on past and current events as chronicled in periodicals throughout the
world. The possibilities for use with a database like ProQuest are endless, and the resource will
be as useful as the end user can make it.

Tips: ProQuest, upon first glance, may seem incredibly complicated. This is largely because it IS
indeed very complex and difficult to manipulate. Users who are having trouble using the default
advanced search may want to try the basic search instead. It would also be beneficial to all
readers of this guide to better familiarize themselves with the search function, filtering function,
and basic site layout. Mastering these components will better help the end user to find exactly
the article they are looking for within the billions of articles that ProQuest has available.

9|Page
[IN]SECURE MAGAZINE
Chief Editor: Zorz, Mirko
Publisher: Net Security, Inc.
URL: http://www.net-security.org/insecure-archive.php

Abstract: [IN]SECURE MAGAZINE is a professional journal pertaining to the field of Information

Security, which is published and freely available on their website for anyone who wishes to read
it. [IN]SECURE covers many different aspects of the Information Security / Information
Assurance realm, with a focus on current trends in hardware, software, and Internet Law. They
provide previews and reviews of security-related products, as well as opinion pieces concerning
trends that they have noticed in regard to cyber security.

As an example of some of the content that they cover, one can look through a summary of
topics from their September 2010 issue:
 BlockMaster SafeStick secure USB storage
 Cloud computing in an enterprise environment
 Secure authentication issues
 Bruteforce attacks
 PCI/DSS Compliance issues within the corporate world
 Quality Assurance / security testing
 Credit Card security
 Software Quality / Fuzzing Techniques
 Computer Fraud Prevention

At first glance, this journal may seem similar to the previously-mentioned Ars Technica. Their
content differs with the degree in which they focus on certain topics, however, as Ars is oriented
more towards general news in technology and [IN]SECURE is completely geared towards trends
in Information Security (within the realm of technology). Both are crucial to attaining a greater
understanding of Information Assurance, though [IN]SECURE may be of particular interest to an
individual with a professional background in the field. It should be quite apparent by now that a
professional journal of this quality is entirely relevant to anyone reading this guide, as it
provides a unique source of security-centric information that perfectly complements some of
the more general resources already described.

Tips: Something worth noting is that all back-issues of [IN]SECURE MAGAZINE can be
downloaded from the archive link that was provided. [IN]SECURE does not remove these
previous issues over time, and trends can be traced from issue to issue to see whether or not
the writing team has been correct in some of their technology-related predictions.

10 | P a g e
Government Resources

Catalog of United States Government Publications

Publisher: Government Printing Office of the United States of America
URL: http://catalog.gpo.gov

Abstract: The Catalog of U.S. Government Publications (henceforth "CGP") is an index of all
official federal releases that have been approved for publication through the Government
Printing Office, combining resources that are available for viewing directly through the site
online with listings that are only available physically in localized Federal Depository Libraries.
These publications can come from any of the three branches of government and can be dated
with great reliability back to 1976, though older entries are being added with frequency. The
catalog currently contains over half a million publications, and continues to grow as all current
publications are put into the system immediately after release.
As an example of some of the information that is being added to this publication database on a
basis, an example will be provided here that is relevant to the field of Information Security. If
one utilizes the search function of the database and enters the term "cyber security", they will
quickly be able to locate many reports that contain information of interest. One such article
would be the Congressional report on NIST's Information Technology Lab, which can be found
using the following information:
Title: Cyber Security Activities at NIST's Information Technology Laboratory
Author: United States Congress: House Committee on Science and Technology
Publisher: Government Printing Office of the United States of America
URL: http://frwebgate.access.gpo.gov/cgi-
bin/getdoc.cgi?dbname=111_house_hearings&docid=f:52857.pdf

When reading this article, one can immediately see its relation to the search terms that we
entered, as it contains information about a congressional review of Cyber Security practices and
how they should be applied to the National Institute of Standards and Technology (henceforth
NIST). Specifically, the document goes into detail about a review of the Cyber Security Practices
of many different organizations falling under governmental control and whether or not they
were effective. It compiles recommendations from many witnesses, and concludes that a
stronger partnership with the private technology sector is needed to increase the effectiveness
of Government Cyber Security Practices.

The usefulness and relevance of this resource cannot be overstated for one who is concerned
with the government policy and regulatory factors of Information Security, as the CGP contains
all of the legislative discussions, executive orders, and judicial rulings in regards to cyberspace in
United States history. An incredible amount of information is contained within this database,
and all of it is credible and perfect for citation within an academic paper. Once again, this is a
resource that is as useful as one can make it by using it effectively.

11 | P a g e
Tips: This is a complicated resource, with many different pieces of information being available
for a user to access at one time. While there are obvious advantages to this, the largest
disadvantage is that a user may have trouble finding specific results. Utilizing some basic
search-engine savvy and the skills obtained while learning how to navigate ProQuest will help to
resolve any issues that a user might have with effectively using the CGP.

12 | P a g e
The Statistical Abstract of the United States of America
Publisher: United States Census Bureau
URL: http://www.census.gov/compendia/statab/

Abstract: The Statistical Abstract of the United States is a federal publication that catalogs a
great deal of statistical information, including:
 Population by Sex / Age
 Population by Race
 State Population Statistics
 Births / Deaths
 Healthcare Statistics
 Real Estate Development
 Education
 Government / Law Enforcement
 Employment / Income
 Transportation / Communications
 Agriculture
 Business / Finance

It makes these figures available in multiple formats, including Excel, so that individuals can use
them for independent analysis and utilization within reports outside the original scope of the
U.S. Census. The abstract contains thousands of figures related to the population and economy
of the United States, and is available from the current year back to 1878. This information is
useful not only to those who would read and benefit from this guide, but for anyone interested
in finding out more about the nation that we live in. There is such a wide array of subjects
covered within this resource that it could very well apply to nearly any topic, with Information
Security being no exception.

Tips: The layout of this site is not designed to be intuitive, and presents information in a
somewhat haphazard manner. Becoming familiar with the unique way that information is
presented on this site will go a long way in finding the actual information that you are interested
in, as it may be buried within a few different links and layers.

13 | P a g e