l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
November 4: Social gathering
Next Installfest:
TBD
Latest News:
Oct. 24: LUGOD election season has begun!
Page last updated:
2003 Aug 11 11:37

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] password stolen at linuxworld
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] password stolen at linuxworld



Speaking as the resident publisher on this list, I smell a book. Anybody 
interested? Such as the person I'm responding to? :@)

-JM

On Sunday 10 August 2003 12:48, ME wrote:
> Heh. :-)
>
> I plan to eventually do a 2 or 3 part talk for NBLUG on System Security,
> but I need to finish my degree first. (?Maybe 2005?)
>
> Of course there are some problems:
> #1: I sold my car to fund going back to school to finish my degree
> #2: I am working and going to school full time, and don't have much time
> #3: I will be applying to grad school around this time
>
> I am looking at a few schools so far. If one of the schools is Davis, I
> might be moving out there. (BTW, LUGOD is one of the bigger non-university
> reasons for including UC Davis at such an important point on my list.
>
> Knowing that I may never get around to do this, if I eventually did it,
> this is what I might do:
>
> * Network Security    : Sniffers, Protocols, Services
> * System Security     : Local access and priv escalation, hiding data,
>                          kernel patches (their costs and benefits)
> * Progamming security : How to write code to avoid race conditions, buffer
>                          over-runs, and bad assumptions
>
> What I would like to do is take a "stock Linux install" and then
> demonstrate how users might gain access to stuff they should not. Then
> show counter-measures, and then counter-counter mesasures etc. (Meant to
> show that security is an on-going issue, and to show "making something
> secure" is a *limit* that we try to achieve, but not something we can
> truely achieve.)
>
> I figure three 1.5 hour presentations could provide enough of the basics
> to help people start adding more security to their systems.
>
> What the presentation would not be:
> * A "how to secure *your* system. (general "your".)
> * A demonstration of system hacking (only a few samples of cracking;
>     the "hacking" takes much more time with analysis and review.)
> * A "see-all, do all, and end-all" to what is secure and what is not.
>
> It would be more like, "These are some things you should really pay
> attention to" but that does not mean "anything else is not important."
>
> Who knows? Maybe I might become a local member to LUGOD some day... :-)
> (I welcome any introductions to professors or students in the Advanced
> degree programs for CS at Davis. I'd like to learn more about what people
> think about it.)
>
> -ME
>
> Bill Kendrick said:
> > On Sun, Aug 10, 2003 at 08:48:46AM -0700, ME wrote:
> >> On some of my servers, I setup a special web page that was available via
> >> htaccess authenticated https that permitted me to open up a hole in the
> >> firewall rules for the IP address from which I was connecting.
> >
> > Mike... I smell a talk. ;)  Wanna do one at LUGOD on stuff like this?
>
> _______________________________________________
> vox mailing list
> vox@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox

-- 
John Mark Walker	:	No Starch Press
Acquisitions Editor	:	415-863-9900
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!