| View previous topic :: View next topic |
| Author |
Message |
Lockup
Guru
Joined: 25 Jul 2002
Posts: 430
|
 Posted: Mon Jun 16, 2003 2:22 pm Post subject: network security info, where to start? |
 |
|
Over the last few months ive been reading a bit about network security but never really decided to get into it "seriously" until now...Thing is, im not too sure where to start...
I know that id be probably best starting by learning how tcp/ip works(any suggestions for online docs except the rfcs?)
but...what next?
heh, yeah i know...broad question hehehe, right now im not looking for anything OS-specific, just "general" network security, and when i have a decent base i'd check *nix-specific security(not only network that is)
if you guys know any good online guides/faqs/references i'd greatly appreciate it (im a student, can't really afford those big books hehe) |
|
| Back to top |
|
 |
EvilN
n00b
Joined: 13 Feb 2003
Posts: 47
Location: Stockholm, Sweden
|
| Posted: Mon Jun 16, 2003 2:28 pm Post subject: |
|
|
I'd say, take a TCP/IP intro course.
There is tons of stuff that you need to know that is taken into account in such a course.
Stuff that you propably would miss if you tried to do it the hard way (reading yourself to it).
Once you got the TCP/UDP/ICMP-IP basics your set to figure out a lot of it yourself.
I mean, just to send a simple http request to a webserver involves:
ARP, TCP, IP, Ethernet stuff and of course everything in that such as DNS (possibly ICMP if something is wrong) on top of that is what you dont see, subnetting, routing (happens mostly at the ISPs) and such.
Grab the basics with a trainer that you can ask what you dont get and go from there in the direction that intressts you.
Good luck! (But beware, the more you learn the less you understand).
--
Sorry, missed out on the "Cant afford part" but still, it will be a really long road if you dont get help in the beginning.
_________________
Juniper Networks Certified Internet Associate
JNCIA-M #0090 |
|
| Back to top |
|
|
Lockup
Guru
Joined: 25 Jul 2002
Posts: 430
|
| Posted: Mon Jun 16, 2003 2:50 pm Post subject: |
|
|
thanks, thing is the only networking classes around here are for the cisco certs(im taking them next term, well, the first 3 chapters at college(im taking comp sci), the rest is optional(but ill take it anyways)
i wanted to get some nice base without having to wait for those classes, otherwise id have just waited... |
|
| Back to top |
|
|
uzik
Apprentice
Joined: 17 Apr 2003
Posts: 257
|
| Posted: Mon Jun 16, 2003 6:23 pm Post subject: |
|
|
There are some programs out there that will test the security of your
network (one that comes to mind is SATAN), read the docs from them and see what they do.
You might also read the gentoo user/setup docs. There's some security info
there.
A good book on firewalls would also be a good start. |
|
| Back to top |
|
|
EvilN
n00b
Joined: 13 Feb 2003
Posts: 47
Location: Stockholm, Sweden
|
| Posted: Tue Jun 17, 2003 6:47 am Post subject: |
|
|
| Lockup wrote: | thanks, thing is the only networking classes around here are for the cisco certs(im taking them next term, well, the first 3 chapters at college(im taking comp sci), the rest is optional(but ill take it anyways)
i wanted to get some nice base without having to wait for those classes, otherwise id have just waited... |
Normally if you are certing for a router you have pretty good basic IP knowledge before you try to cert.
Okey a few pointers.
Learn the ISO stack (7-layer) and see where all protocols fit in it.
This is essential to understand what protocol is doing what.
For example.
Layer1 is physical connectors and cables (these are specified by IEEE 802.3 for ethernet).
All data is exchanged on Layer2 in the ISO stack and it is done with MAC addresses (there are other layer2 protocols but lets stick to Ethernet).
Yepp, thats right...IP idresses arent directly used to exchange data between hosts on a network segment.
IP is Layer3 and is ONLY used to find a path between hosts on different network segments (LANs) through routers..although IP is also used in the LAN but only to resolv MAC addresses. This is done by a protocol called ARP (Address Resolution Protocol).
ARP, translates IP addresses to MAC addresses so the data can be transefered between hosts on the network segment...this is also used to transefr data to your router. (Okey okey, ARP doesnt translate addresses but it asks everybody on the network segment what host has what IP address).
TCP (Transmission Control Protocol) is layer4 and is responsible for the connections to be set up correctly between the hosts.
It has some fault checking and flow control functions bult in it and it is connection orianted (this means that two host needs to negotiate a TCP session before it can actually transfer any data.
So:
for a tcp/ip packet to go form one host to another we involve 4 layers from the ISO stack (layer 5-7 are used for application specific purposes and are involved in this too but arent essential in the communication between hosts) we have cables and connectros (Layer1) we have our ethernet traffic (layer2) we have our IP header (layer3, this is where your IP source and destination resides) we have our TCP (or UDP) header wich sets up connections and controls them and finally we have layer 5-7 that we network engineers dont care too much about since they are application specific. An example of a layer 5 header would be the http stuff such as an URL.
And before other network engineers starts flaming me for this description:
I cant give a perfect explanation for every single protocol and every exakt feture in each protocol in a forum, that would be 200pages.
I just wanted to brief about the complexity and what would have to look into to really understand what is happening.
A lot of the above stuff can be googeled for so have a look around.
There are many hundreds of protocol that is actually used to get the internet going but they all fit into the ISO stack (almost, since Multi Protocol Label Switching and a few others put themselves in between layer 2 and 3).
Best of luck to you and if you have questions about what to look for next just PM me.
Regars /NIls
_________________
Juniper Networks Certified Internet Associate
JNCIA-M #0090 |
|
| Back to top |
|
|
Jimbow
Guru
Joined: 18 Feb 2003
Posts: 597
Location: Silver City, NM
|
| Posted: Tue Jun 17, 2003 7:59 am Post subject: |
|
|
I suggest that you buy, beg, steal, or check out from a library two books:
UNIX Network Programming by W. Richard Stevens
This is a very practical book with lots of C code and examples. It will teach you a lot about Unix/Linux in addition to networking.
Internetworking with TCP/IP volume I by Douglas E. Comer.
This contains all the nitty gritty details of IP addresses, routing, protocol layers, and all the bits in packets. It contains no programming.
Don't waste your time with what you can find one the web. These are the books on the internet and networking. I encourage you to buy them. Your time is valuable: if you are going to invest your time in learning something, you are cheating yourself if you don't own the book.
These books are expensive but they are worth it.
_________________
After Perl everything else is just assembly language. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
