 |  |  |  |  |  |  |  |
knoppix or else
 |
I would like to start by saying that,Some people should not mistake me for a " know it all in the UN*X forums" , I work in a highly formal environment (with significant resources) and I know that this isn't for everyone. I don't expect everyone to follow those ideals.(TKS/TheORGE) I just want people to be aware of them & not ignorantly reject them because of your level of education.
If you respond intelligently, I am not rude... but when people post things that are just so blatantly wrong, the very attempt on their part as a novice to try to argue that with me is insulting. many of my posts are downright friendly, I just have zero tolerance for uneducated people that spread misinformation. And without people like me... god imagine where we'd be then?
If bad information just stood as truth! Like I've seen on this board.
I am not here to be liked and I am not seeking friends, but people that know me are aware that I know my shit and that I will also give not only straight answers but high assurance documents for further reading and they find that valuable.
Applying this to me,how do you reconcile this? Or am I misunderstanding you, and you believe that you are more knowledgable on security than the authors of those books above? that is really the only way I can see that your arguments would be logical. (Do you have any exposure to trusted systems? The argument you are making lead me to think no, and if that is the case I can provide some more reading if you are interested,after you have picked up the books above.)
Firewalls are no means an end all security solution, and frequently not needed for security at all.
However, I will take the time to correct you, "Physical Firewall" like "Hardware Firewall" are incorrect terminology, the proper term is "Dedicated Firewall" that is a system that does nothing but act as a firewall. Frequently these run on minimalistic systems with operating systems not seen beyond this niche if not specifically created for it.
Basically all firewalls are software. (with the possible exception of some very
targeted/research projects, we wont get into that)
Again a firewall is not the only "real" way to protect a system, in fact a good number of high security systems run no firewall at all. Heck, all my systems run without firewalls, like I said above it's all in the config. But you probably think extra firewalls means extra security.
Look, the last thing I need is some skiddi3 trying to explain how he & his skiddie friends are going to attempt an attack(correct terminology ) on my TOS.............let me provide more reading material so you can comsume the terminology & apply it next time!..................................After having a bit of drama at my work resulting in way too many email memos being sent and a project being delayed over a misunderstanding of a security related term I decided to hunt
down a copy of RFC2828, which one of the parties in question had neverseen.
Having done this it also occured to me how many debates here and other forums are over simple semantics... and since I happend to have it on hand now...This document is the Internet Security Glossary and is really the closest thing to an offical IS security disctionary.
attached below.
But if your going to run a firewall because you don't know how to configure properly.
http://www.fwtk.org/
It's free, it will do what you need it to. You can filter by ports,content,typing,
protocols, whatever. heck you can even interface it with various modules floating around that actually look at content content... as in: 'what is the jpeg is of?', or 'what is the document is about?'
More reading, http://www.radium.ncsc.mil/tpep/libr...bow/index.html
Heck I'll just post all of my personal bookmarks maybe both of you will learn somthing. I have selected my IS related ones and have pasted them below for both of you.
Organizations:
http://www.acm.org/ (Association of Computing Machinery)
http://www.ieee.org/ (Institute of Electrical and Electronics Engineers)
http://www.bcs.org.uk/ (British Computer Society)
http://www.acs.org.au/ (Australian Computer Society)
Certifications:
http://www.isaca.org/ (CISA/CISM ceritifications)
http://www.isc2.org/ (CISSP certitification)
Standards:
http://csrc.nist.gov/ (The Computer Security Resource Center at the National Institute of Standards and Technology)
http://www.radium.ncsc.mil/ (Trusted Product Evaluation Program + Network Rating Model)
http://www.commoncriteria.org/ (The Common Criteria/ISO 15408)
http://www.iso17799.net/ (ISO17799/BS7799 + BS15000-1, BS7858, and BS8220)
http://babysealkiller.cannabisinfo.org/BS7799/ (BS7799 overview)
http://www.comp.mq.edu.au/units/ite.../RiskManage.pdf (AS/NZS4360 overview)
http://stinet.dtic.mil/str/dodiss4_fields.html (DOD specifications and standards)
http://www.dsp.dla.mil/ (Defense Standardizations Program)
http://www.dscc.dla.mil/Programs/MilSpec/ (MIL specifications and drawings)
http://www.kolacki.com/standards_status.htm (Status of IEEE, ISO, ANSI, and SAE standards w/ SPAWAR, FAA, ILI. IHS, & DOD links)
Education:
http://www.sei.cmu.edu/cmm/ (Capability Maturity Models)
http://www.cs.tcd.ie/courses/baict/...t11/Coursework/ (Trinity Advanced Computer Security coursework)
http://seclab.cs.ucdavis.edu/ (UC Davis Computer Security Lab)
Vendor Security:
http://www.microsoft.com/security/ (Microsoft security)
http://www-3.ibm.com/security/ (IBM security)
www.hp.com/security/ (HP security)
Security Vendors:
http://www.argus-systems.com/ (Argus Systems/Pitbull systems)
http://www.bodacion.com/ (Bodacion Technologies/HYDRA systems)
http://www.eeye.com/ (eEye Digital Security)
If you respond intelligently, I am not rude... but when people post things that are just so blatantly wrong, the very attempt on their part as a novice to try to argue that with me is insulting. many of my posts are downright friendly, I just have zero tolerance for uneducated people that spread misinformation. And without people like me... god imagine where we'd be then?
If bad information just stood as truth! Like I've seen on this board.I am not here to be liked and I am not seeking friends, but people that know me are aware that I know my shit and that I will also give not only straight answers but high assurance documents for further reading and they find that valuable.
•
•
•
•
Originally Posted by TKS
No firewall, whether software, hardware, or both is just asking for trouble.
Firewalls are no means an end all security solution, and frequently not needed for security at all.
However, I will take the time to correct you, "Physical Firewall" like "Hardware Firewall" are incorrect terminology, the proper term is "Dedicated Firewall" that is a system that does nothing but act as a firewall. Frequently these run on minimalistic systems with operating systems not seen beyond this niche if not specifically created for it.
Basically all firewalls are software. (with the possible exception of some very
targeted/research projects, we wont get into that)
Again a firewall is not the only "real" way to protect a system, in fact a good number of high security systems run no firewall at all. Heck, all my systems run without firewalls, like I said above it's all in the config. But you probably think extra firewalls means extra security.
•
•
•
•
Originally Posted by TKS
It's an open invite to anyone who can operate a hacking script. Speaking of which...If he wants his system to be tested...I suggest he leave his IP. I have plenty of friends who can put on a white hat for a day.
) on my TOS.............let me provide more reading material so you can comsume the terminology & apply it next time!..................................After having a bit of drama at my work resulting in way too many email memos being sent and a project being delayed over a misunderstanding of a security related term I decided to hunt down a copy of RFC2828, which one of the parties in question had neverseen.
Having done this it also occured to me how many debates here and other forums are over simple semantics... and since I happend to have it on hand now...This document is the Internet Security Glossary and is really the closest thing to an offical IS security disctionary.
attached below.
But if your going to run a firewall because you don't know how to configure properly.
http://www.fwtk.org/
It's free, it will do what you need it to. You can filter by ports,content,typing,
protocols, whatever. heck you can even interface it with various modules floating around that actually look at content content... as in: 'what is the jpeg is of?', or 'what is the document is about?'
More reading, http://www.radium.ncsc.mil/tpep/libr...bow/index.html
Heck I'll just post all of my personal bookmarks maybe both of you will learn somthing. I have selected my IS related ones and have pasted them below for both of you.
Organizations:
http://www.acm.org/ (Association of Computing Machinery)
http://www.ieee.org/ (Institute of Electrical and Electronics Engineers)
http://www.bcs.org.uk/ (British Computer Society)
http://www.acs.org.au/ (Australian Computer Society)
Certifications:
http://www.isaca.org/ (CISA/CISM ceritifications)
http://www.isc2.org/ (CISSP certitification)
Standards:
http://csrc.nist.gov/ (The Computer Security Resource Center at the National Institute of Standards and Technology)
http://www.radium.ncsc.mil/ (Trusted Product Evaluation Program + Network Rating Model)
http://www.commoncriteria.org/ (The Common Criteria/ISO 15408)
http://www.iso17799.net/ (ISO17799/BS7799 + BS15000-1, BS7858, and BS8220)
http://babysealkiller.cannabisinfo.org/BS7799/ (BS7799 overview)
http://www.comp.mq.edu.au/units/ite.../RiskManage.pdf (AS/NZS4360 overview)
http://stinet.dtic.mil/str/dodiss4_fields.html (DOD specifications and standards)
http://www.dsp.dla.mil/ (Defense Standardizations Program)
http://www.dscc.dla.mil/Programs/MilSpec/ (MIL specifications and drawings)
http://www.kolacki.com/standards_status.htm (Status of IEEE, ISO, ANSI, and SAE standards w/ SPAWAR, FAA, ILI. IHS, & DOD links)
Education:
http://www.sei.cmu.edu/cmm/ (Capability Maturity Models)
http://www.cs.tcd.ie/courses/baict/...t11/Coursework/ (Trinity Advanced Computer Security coursework)
http://seclab.cs.ucdavis.edu/ (UC Davis Computer Security Lab)
Vendor Security:
http://www.microsoft.com/security/ (Microsoft security)
http://www-3.ibm.com/security/ (IBM security)
www.hp.com/security/ (HP security)
Security Vendors:
http://www.argus-systems.com/ (Argus Systems/Pitbull systems)
http://www.bodacion.com/ (Bodacion Technologies/HYDRA systems)
http://www.eeye.com/ (eEye Digital Security)
Not too bad, but here's some you left out:
http://www.sans.org/ (Computer Security Education and Information Security Training)
http://www.gocsi.com/ (Computer Security Institute)
http://www.cert.org/ (CERT Coordination Center)
http://ciac.llnl.gov/ciac/index.html (U.S. DOE-CIAC)
http://www.isecom.org/ (The Institute for Security and Open Methodologies)
http://packetstorm.linuxsecurity.com/ (PacketStorm)
http://www.immunix.com (Immunix Host Intrusion Prevention)
http://www.dshield.org/ (DShield - Distributed Intrusion Detection System)
http://www.cotse.com/ (Church of the Swimming Elephant)
...I had most of the others already...
As I stated before, this forum isn't for arguments or settling personal disputes. This forum is for helping people by answering their questions.
The average user here isn't a Security specialist, so in their environment, a firewall and some flavor of virus protection would be needed, unless you're going to volunteer your services to implement your recommendations in their infrastructure.
The original topic of this thread was regarding Knoppix - NOT Security. I suggest we get back on track, or close the discussion. Feel free to discuss your recommendations for security-related issues in either a new thread or a different area of the forum.
http://www.sans.org/ (Computer Security Education and Information Security Training)
http://www.gocsi.com/ (Computer Security Institute)
http://www.cert.org/ (CERT Coordination Center)
http://ciac.llnl.gov/ciac/index.html (U.S. DOE-CIAC)
http://www.isecom.org/ (The Institute for Security and Open Methodologies)
http://packetstorm.linuxsecurity.com/ (PacketStorm)
http://www.immunix.com (Immunix Host Intrusion Prevention)
http://www.dshield.org/ (DShield - Distributed Intrusion Detection System)
http://www.cotse.com/ (Church of the Swimming Elephant)
...I had most of the others already...
As I stated before, this forum isn't for arguments or settling personal disputes. This forum is for helping people by answering their questions.
The average user here isn't a Security specialist, so in their environment, a firewall and some flavor of virus protection would be needed, unless you're going to volunteer your services to implement your recommendations in their infrastructure.
The original topic of this thread was regarding Knoppix - NOT Security. I suggest we get back on track, or close the discussion. Feel free to discuss your recommendations for security-related issues in either a new thread or a different area of the forum.
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
•
•
Join Date: Feb 2002
Posts: 12,047
Reputation: 
Solved Threads: 129
WeatherChannel, please avoid posting comments about other forum members. Thank you.
Dani the Computer Science Gal 
Follow my Twitter feed! twitter.com/DaniWeb
And if you're interested in Internet marketing there is twitter.com/DaniWebAds
Follow my Twitter feed! twitter.com/DaniWeb
And if you're interested in Internet marketing there is twitter.com/DaniWebAds
•
•
Join Date: Jan 2004
Posts: 468
Reputation:
Solved Threads: 18
Posting Pro in Training
Hey everyone.
Going along with the Knoppix or else...I'd like to offer you a chance for a good distro that could be associated with the "or else" of your statement. I've recently tried a bunch of new distros and havn't been able to find one that sits where I want it to as far as applications/tools/configurability/power retention. I thought Debian would be the best way to go...so I looked for live CD's based off of debian with an optional hard disk install.
I found it...MEPIS Linux. By far the best distribution I have found. While it isn't extremely pretty yet (it's only a year old) it detects darn near everything you have immediately on boot up. It detected my mother-in-laws USB CDRW!!! That's a first for my linux experience. Great thing about MEPIS is that it is a live CD and you can try it out...configure it...and THEN install it after it is configured. It uses debian repositories for packages so you can apt-get your little heart out! The control panel features rawk...I could go on and on. And all of this coming from a die hard slackware user. Of course, I've been looking for something that could do office work on the linux side for a while and this distro is robust enough for me to keep it!
I slapped it onto an emachines T1090 and added it to my LAN. I liked it so much, I made a banner for it and put it onto my site.
http://www.tksbox.net/products
anyway...try this distro out. It is fantastic...and remember, this thing is only a year old. Imagine what the next release will be like.
Going along with the Knoppix or else...I'd like to offer you a chance for a good distro that could be associated with the "or else" of your statement. I've recently tried a bunch of new distros and havn't been able to find one that sits where I want it to as far as applications/tools/configurability/power retention. I thought Debian would be the best way to go...so I looked for live CD's based off of debian with an optional hard disk install.
I found it...MEPIS Linux. By far the best distribution I have found. While it isn't extremely pretty yet (it's only a year old) it detects darn near everything you have immediately on boot up. It detected my mother-in-laws USB CDRW!!! That's a first for my linux experience. Great thing about MEPIS is that it is a live CD and you can try it out...configure it...and THEN install it after it is configured. It uses debian repositories for packages so you can apt-get your little heart out! The control panel features rawk...I could go on and on. And all of this coming from a die hard slackware user. Of course, I've been looking for something that could do office work on the linux side for a while and this distro is robust enough for me to keep it!
I slapped it onto an emachines T1090 and added it to my LAN. I liked it so much, I made a banner for it and put it onto my site.
http://www.tksbox.net/products
anyway...try this distro out. It is fantastic...and remember, this thing is only a year old. Imagine what the next release will be like.
My Home Away from Home: Yet Another Linux Blog
cool but you do realise that knoppix once installel (which you can and i have install from the live cd) is essentially debian once installed. and has a powerful hardware detector the only thing i had trouble with was my onboard sound which took about 20 secs to fix!!! but thanks for giving people variety
•
•
•
•
Originally Posted by TKS
It's an open invite to anyone who can operate a hacking script. Speaking of which...If he wants his system to be tested...I suggest he leave his IP. I have plenty of friends who can put on a white hat for a day.
I will run every service under the sun that you want of any version and configuration of your choice. I'll give you the SA, SO, and ISSO passwords (System Administrator, System Operator, Information Systems Security Operator what root gets broken up into) in fact I'll give you all the passwords for every account on the system. I'll install any trojans you want.Since you boys insist on firewalls
, I will run no firewall or any third party protection software.Could I be a worse admin than this? What is your server going to be?
You can lock the system down as much as you like but you must run at least one standard service. (ftp, rpc, http, ssh, https, sql, smtp, etc) in as locked down but functional state as you wish.You can have as many people help you as you want.
OR.........I can rig up another test server if that one proves to advance for you skiddies.
Again regarding other people pls, don't spin, your getting me banned over here!
Edit***** I apologize drummer boy if this thread took another direction, but bb's are not finite. Here is a more advanced link to your live distros. http://www.frozentech.com/content/livecd.php
•
•
•
•
Originally Posted by WEATHER CHANNEL
Edit***** I apologize drummer boy if this thread took another direction, but bb's are not finite. Here is a more advanced link to your live distros. http://www.frozentech.com/content/livecd.php
drummerboy i dont know if you have installed knoppix yet as i jst skimmed thru most of the posts :o but as long as you keep your mind open to linux try all the distros you can till you find the one that you like best. there are so many to choose from you mite as well find one that works best for you
•
•
•
•
Originally Posted by WEATHER CHANNEL
I would like to start by saying that,Some people should not mistake me for a " know it all in the UN*X forums" , I work in a highly formal environment (with significant resources) and I know that this isn't for everyone. I don't expect everyone to follow those ideals.(TKS/TheORGE) I just want people to be aware of them & not ignorantly reject them because of your level of education.
If you respond intelligently, I am not rude... but when people post things that are just so blatantly wrong, the very attempt on their part as a novice to try to argue that with me is insulting. many of my posts are downright friendly, I just have zero tolerance for uneducated people that spread misinformation. And without people like me... god imagine where we'd be then?
I am not here to be liked and I am not seeking friends, but people that know me are aware that I know my shit and that I will also give not only straight answers but high assurance documents for further reading and they find that valuable.
Applying this to me,how do you reconcile this? Or am I misunderstanding you, and you believe that you are more knowledgable on security than the authors of those books above? that is really the only way I can see that your arguments would be logical. (Do you have any exposure to trusted systems? The argument you are making lead me to think no, and if that is the case I can provide some more reading if you are interested,after you have picked up the books above.)
Firewalls are no means an end all security solution, and frequently not needed for security at all.
However, I will take the time to correct you, "Physical Firewall" like "Hardware Firewall" are incorrect terminology, the proper term is "Dedicated Firewall" that is a system that does nothing but act as a firewall. Frequently these run on minimalistic systems with operating systems not seen beyond this niche if not specifically created for it.
Basically all firewalls are software. (with the possible exception of some very
targeted/research projects, we wont get into that)
Again a firewall is not the only "real" way to protect a system, in fact a good number of high security systems run no firewall at all. Heck, all my systems run without firewalls, like I said above it's all in the config. But you probably think extra firewalls means extra security.
Look, the last thing I need is some skiddi3 trying to explain how he & his skiddie friends are going to attempt an attack(correct terminology
down a copy of RFC2828, which one of the parties in question had neverseen.
Having done this it also occured to me how many debates here and other forums are over simple semantics... and since I happend to have it on hand now...This document is the Internet Security Glossary and is really the closest thing to an offical IS security disctionary.
attached below.
But if your going to run a firewall because you don't know how to configure properly.
http://www.fwtk.org/
It's free, it will do what you need it to. You can filter by ports,content,typing,
protocols, whatever. heck you can even interface it with various modules floating around that actually look at content content... as in: 'what is the jpeg is of?', or 'what is the document is about?'
More reading, http://www.radium.ncsc.mil/tpep/libr...bow/index.html
Heck I'll just post all of my personal bookmarks maybe both of you will learn somthing. I have selected my IS related ones and have pasted them below for both of you.
Organizations:
http://www.acm.org/ (Association of Computing Machinery)
http://www.ieee.org/ (Institute of Electrical and Electronics Engineers)
http://www.bcs.org.uk/ (British Computer Society)
http://www.acs.org.au/ (Australian Computer Society)
Certifications:
http://www.isaca.org/ (CISA/CISM ceritifications)
http://www.isc2.org/ (CISSP certitification)
Standards:
http://csrc.nist.gov/ (The Computer Security Resource Center at the National Institute of Standards and Technology)
http://www.radium.ncsc.mil/ (Trusted Product Evaluation Program + Network Rating Model)
http://www.commoncriteria.org/ (The Common Criteria/ISO 15408)
http://www.iso17799.net/ (ISO17799/BS7799 + BS15000-1, BS7858, and BS8220)
http://babysealkiller.cannabisinfo.org/BS7799/ (BS7799 overview)
http://www.comp.mq.edu.au/units/ite.../RiskManage.pdf (AS/NZS4360 overview)
http://stinet.dtic.mil/str/dodiss4_fields.html (DOD specifications and standards)
http://www.dsp.dla.mil/ (Defense Standardizations Program)
http://www.dscc.dla.mil/Programs/MilSpec/ (MIL specifications and drawings)
http://www.kolacki.com/standards_status.htm (Status of IEEE, ISO, ANSI, and SAE standards w/ SPAWAR, FAA, ILI. IHS, & DOD links)
Education:
http://www.sei.cmu.edu/cmm/ (Capability Maturity Models)
http://www.cs.tcd.ie/courses/baict/...t11/Coursework/ (Trinity Advanced Computer Security coursework)
http://seclab.cs.ucdavis.edu/ (UC Davis Computer Security Lab)
Vendor Security:
http://www.microsoft.com/security/ (Microsoft security)
http://www-3.ibm.com/security/ (IBM security)
www.hp.com/security/ (HP security)
Security Vendors:
http://www.argus-systems.com/ (Argus Systems/Pitbull systems)
http://www.bodacion.com/ (Bodacion Technologies/HYDRA systems)
http://www.eeye.com/ (eEye Digital Security)
http://www.iso17799.net/ is changing URLs to the mother site: http://www.standardsdirect.org/iso17799.htm
Also, the ISO 17799 User Group is now at:
http://www.17799.com
I hope this helps.
Sara
|
Similar Threads
- Knoppix for Newbies! (Getting Started and Choosing a Distro)
- Knoppix is better than ever! (Getting Started and Choosing a Distro)
- tell me why? (Getting Started and Choosing a Distro)
Other Threads in the Getting Started and Choosing a Distro Forum
- Previous Thread: XP and Linux Gentoo
- Next Thread: SuSE 8.0 Internet Connection (ADSL)
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Latest Getting Started and Choosing a Distro Posts
Related Forum Features
age-related baremetal chrome cio cloudcomputing code commercial computers crystalballsunday desktop developers development distributions distro dsl elderly embedded forums google http://expertcore.org/ innovations jauntyjackalope joe_brockmeier kernel library linus linux microsoft multi-core netgear newbies novell openoffice.org opensuse open_source operating operatingsystems parallel performance processing redhat routers smp studios system systembuilders systemintegrators terminalservices thecloud thinclients tools ubuntu users virtualization vmware webbased wikis windows xenon
