Miscellaneous:

security through obscurity - This site defines security through obscurity. It lists some advantages and disadvantages of its use. It also contains some historical information on the subject.Security Through Obscurity - Security Through Obscurity, and why it just doesn't work. Specifically addresses cryptography and why open source is necessary to produce truly secure internet applications.Security Through ObscurityQuick and interesting perspective on a method of security through obscurity by using older system software thinking hackers usually concentrate on the latest and greatest
Citadel Security: Rated as the fourth fastest growing technology company by DWF Metroplex, Citadel Security Software is making its way to the top. This rating was awarded based on the percent of revenue growth over a period of five years and one year. Being that technology security concerns are on the rise, it does not surprise me one bit. I imagine that any lower ranking security companies or security companies not on the list will rise up as long as we are fighting the War on Terrorism. Security of the Internet
IT Security Cookbook - IT Security Cookbook gives a good overview of security controls.National Security Institute - The National Security Institute provides a wealth of information on security alerts and warnings, security threats, security solutions, government regulations regarding microcomputer security, internet security, communications, encryption information and security patches.Early Computer Security Papers, Part I - University of California at Davis (2001) These papers are unpublished, seminal works in computer security that the Computer Security Resource Center believes every serious student of computer security should read. Computer security as a discipline was first studied in the early 1970's and many early papers on the subject are often overlooked only to determine that people rediscover problems and solutions that waste time and resources.
Information Assurance VTC Briefing Slides - Powerpoint presentations of monthly briefings dealing with a range of topics in information assurance.Articles on Computer Security - On this page you will find several links articles on computer security articles.Computer Security Articles and Information - On this page you will find links computer security articles, as well as recommended books about many aspects of computer security and data protection.
Security World Wide Web Sites - This page features pointers to general information on the WWW about computer security. Information is organized by source and each section is organized by topic.Home Computer Security Writer/Designer: Lawrence R Rogers Editor: Linda Hutz Pesante - Issues and Howto's for securing the home computer, provided in a very easy-to-follow format by CERT. The page also includes examples, checklists, and links to additional resources.Home Computer Security - Examples - CERTŪ Coordination Center; This is a web site provided by CERT/CC that provides a step-by-step approach to protecting your home computer. It steps through operating an anti-virus program, installing patches, operating a firewall program, encrypting and decrypting files and adjusting access control lists. In addition to each of these steps, links will provide additional information to explain the various options and considerations. While not an article on security, it affords a tutorial in how to protect a system and considerations required to effectively promote the appropriate level of security while allowing the system to provide the requested resources. This site full of security information along with a number of links to various terms and definitions.
Legendary hacker to get unleashed and online - One of the first "computer terrorist" procecuted, Kevin Mitnick, will get off of probation Tuesday and be allowed back on the internet. He plans to land a job in computer security and already has a job job interview lined up this week.Old hard drives yield data bonanza - Sandeep Junnarkar (2003); A couple of graduate students at MIT bought 158 hard drives for less than $1000 and found a lot of confidential data still accessable. Credit card numbers, financial transactions, person e-mail, etc were found on the 129 of the 158 drives still functional. Pro-Islamic Hackers Uniting - Becky Worley; This article discusses how Pro-Islamic hackers are uniting to attack sites in the United States, India, and Israel. Targets include universities, educational institution, businesses, and hotels.
Defense-in-Breadth - How to reduce risk using "synergistic security" - Peter Tippett (2002); a discussion on "defense in breadth" a take off from the the term defense in depth, but really reinerates having multilayered, multi-faceted security. and how these layers should create a "synergystic" effect on security.Security Often Sacrified For Convenience by Shawn Hernan (2002) - When faced with tradeoffs between security and interoperability, customers say they want the former but complain loudly if they don't get the latter. The article summarizes a case study and then briefly touches on the issues of corporate insistence upon sameness and standardization, with additional comments pertaining to problems presented by the proliferation of mobile code.Digital National Security Archive
Business Week online Security articlesREPORT OF THE DEFENSE SCIENCE BOARD TASK FORCE ON INFORMATION WARFARE - DEFENSE (IW-D)EMANATIONS SECURITY
EMANATIONS AND CABLING SECURITYSoftware Communications Architecture SpecificationTEMPEST 101
The Complete, Unofficial TEMPEST Information PageTEMPEST SourcesTEMPEST PROTECTION SYSTEMS
Security appliances dominate Infosecurity showWanted: A Few Good Hackers --- The White House Fears Software Developers Can't Plug Security Leaks On Their OwnH.R. 3394 (December 4, 2001) - House bill to authorize funding form computer and network security research and development and research fellowship programs, and for other purposes.
Rampant cordless keyboard strikes again - Hewlett-Packard Norway will no longer guarantee their cordless keyboards for security after yet another report that they transmit keystrokes far afield. This time typing went astray in OsloRemembrance of Data Passed: A Study of Disk Sanitization Practices - I hesitated regarding posting this site since its primary emphasis relates to a study done by two graduate students at MIT regarding sanitizing hard disk drives so data cannot be retrieved after the disk drives are retired. The article points out how an encrypted file system would be one way to prevent the unauthorized access of sensitivedata.The authors state that vendors should encourage the use of encrypting file systems to minimize the data sanitization problem.I found this article extremely interesting. Steganography is said to be one of the main ways terrorists communicate. The author reveals how easy it truly is to embed data inside of data. The author gives some great visual examples, as well as shows on of steganography's simplest tools, called S-Tools. S-Tools is a software program that can take pictures and embed hidden messages inside of them.
Terrorism Questions and Answers: Cyberterrorism addresses what cyberterrorism is, how it works, countermeasures, and other questions.
Statement by Statement of Eugene H. Spafford before Congress - focuses on the important role of university research in information security, and in particular on some of the challenges research faculty face.

Simulations

Fred Cohen &Associates - Security Games - several very interesting security games; Very interesting website. This site contains such posts as: "20 Tips on Software Security," "50 Ways to Defeat Your Firewall," and "50 Ways to Defeat Your Intrusion Detection System." There are many links off of this page which contain very helpful and insightful information.cnet network simulator - enables experimentation with various data-link layer, network layer, routing and transport layer networking protocols in networks consisting of any combination of point-to-point links and IEEE 802.3 Ethernet segments.The Case for Modeling and Simulation of Information Security


Back to Information Assurance e-Library Index   Back to Information Assurance e-Library Index


Click here to return to Wayne's World's homepage: return to Wayne's World


written by Wayne Summers summers_wayne@ColumbusState.edu