 |
This chapter is about: Basic Concepts & Techniques
...the chapter aims to raise awareness in two areas, technical and social.
I don't think you can feel confident defending data unless you understand the
basic workings of the hardware you are using. This doesn't mean you have to go
out and get a degree in electronics. But you do need to know what happens
when you turn on a PC, in terms of BIOS and boot sectors, if you are going
to defend against something like a boot sector virus. The more serious
consequences of a lack of knowledge in this area include both over-confidence
and blind panic. However, because information is stolen by people, not computers,
this chapter also begins to develop the security "mindset" that you will need
if you are to make realistic assessments of the threats posed to your personal
computer resources.
This chapter also makes some suggestions as to how you can use security resources
which you may already have, or which you can acquire at little or no cost, to
give you a head start in securing your personal computer facilities. Some of the
suggestions are less than elegant, but then again they won't break your budget.
The point is, you can get a lot of security from knowing how personal computers
work and applying a good dose of common sense when working with them. Security
is as much a question of outlook as it is of outlay. There is no point spending
money on security measures if you do not use them, and there is no better
place to start than by using the resources that you already have.
Personally, I am finding that Altavista is
the best search engine for finding security related information on the Internet. You
may want to spend some time with the Help section, particularly the section on
limiting searches to specific URLs, and so on. But with the entire Web indexed and
ready to search, Altavista is the first place I turn when I want to research
something, and NO, they don't pay me to say this.
A site you might not think of visiting for security information is
MasterCard which offers some
excellent explanations of public key cryptography in the PDF document
called SETBUS.PDF. Why? Because this is "key" to the Secure Electronic
Transaction or SET standard for secure transactions. Here are some general
lists of security links:
The Book Itself?
For more information on The NCSA Guide to PC & LAN Security, published
by McGraw-Hill (700 pages and 250 illustrations, plus 3.5 inch software disk,
check out Chapter 1.
Table of Contents with Links to Chapters
- Chapter 1. Security Matters: Assessing the problems,
threats, and issues
- Chapter 2. Security Solutions: Basic concepts and
techniques
- Chapter 3. Security Planning: Risk analysis and
security policy
- Chapter 4. Secure Hardware: Defending and insuring
equipment
- Chapter 5. Secure Power: Spikes, Sparks, and Electrical
Threats
- Chapter 6. Secure Sites: Defending sites and systems
- Chapter 7. Secure Access: Controls, passwords, and
encryption
- Chapter 8. Secure Data: Backup, backup, backup
- Chapter 9. Secure Code: Defeating viruses, worms and
other malicious code
- Chapter 10. Secure Software: Piracy, bugs, and other
"soft" threats
- Chapter 11. Secure Networks I: Generic network defense
- Chapter 12. Secure Networks II: Protecting name brand
networks
- Chapter 13. Secure Communications: WANs, remote access,
and the Internet
- Chapter 14. Secure People: Hacking and ethical issues
- Chapter 15. Security in the Future: How to become and
remain secure
- Appendix A: Threat List
- Appendix B: A Brief Guide to Batch Files
- Appendix C: Computer Security Policy
- Appendix D: Notes on EMR
- Appendix E: Export Restrictions on Encryption
- Appendix F: Further Resources
- Appendix G: Glossary
- Appendix H: How Public Key Encryption Works
- Appendix I: Introduction to LANs
- Appendix J: Securing Safe Software
- Appendix K: Appraising Microsoft AV
[Click Here for Top of Page] [Click
Here
for PC LAN Security Home Page] [Click Here for Contents]
This page updated by
Stephen Cobb, July 5,
1996 © Copyright, 1996-2001, Stephen Cobb
|
