As you can see, intrusion detection is the theme for the August issue.
In this issue, we offer a variety of security-related articles on
topics such as integrating Tripwire into Big Brother, implementing
a password strength-checking module, a handy checklist for determining
whether your system has been cracked, and setting up an IDS with open
source tools. In the Web-exclusive articles this month, Chris Kuethe
covers basic IDS setup considerations, and Ido Dubrawsky surveys some
commonly used tools.
The topic of intrusion detection has become so broad in the past
few years, however, that we've only touched the surface with
the articles in this and other security-focused issues of Sys
Admin. If you find yourself needing to learn more about intrusion
detection, there are many resources to help you. Online, I recommend
checking out the SANS Institute (http://www.sans.org). In
addition to their Intrusion Detection FAQ, SANS offers some excellent
practical articles in their security reading room, such as "Evading
Passive Sniffer Detection with IDS Sensors" by Bryan S. Brandt
and "DRAGON - An Intrusion Detection System" by Joni Ramos.
Other online resources include: the Network Intrusion Detection
Systems FAQ by Robert Graham at:
and the Intrusion Detection Primer by Benjamin D. Thomas at:
Stokely Consulting's Unix System Administrator Resources
also has a page of various security links at:
If you prefer books to online resources, here are a few you might
want to consider purchasing:
Practical UNIX & Internet Security by Simson Garfinkel
and Gene Spafford (O'Reilly & Associates; ISBN: 1565921488).
Network Intrusion Detection: An Analyst's Handbook
by Stephen Northcutt, Donald McLachlan, Judy Novak (New Riders Publishing;
Secrets & Lies: Digital Security in a Networked World
by Bruce Schneier (John Wiley & Sons; ISBN: 0471253111).
I've seen the following quote from Schneier's book reprinted
elsewhere, but I think it's worth sharing again. Schneier writes:
"We're still stuck with an insecure Internet and insecure
password-protected systems. But by the same token, we're still
stuck with insecure door locks, assailable financial systems, and
an imperfect legal system. None of this has caused the downfall
of civilization yet, and it is unlikely to. And neither will our
digital security systems, if we refocus on the processes instead
of the technologies."
I hope readers will continue to submit articles to Sys Admin
that will benefit us all as we strive to improve our security processes.
Please send your comments and suggestions to me at: email@example.com.
Editor in Chief