Notebookforums
 
 Home 
       
 Forums 
 
 Guides 
   


Go Back   NotebookForums.com > General Notebook Discussions > Linux Notebooks

Reply
 
Thread Tools Display Modes
Old 04-19-2004, 11:49 AM   #1
mmarkin
Registered User
 
mmarkin's Avatar

Join Date: Jul 2003
Posts: 1,761
Credits: 125
 
mmarkin has disabled reputation
Post Linux Learning Resources

Hello everyone.

To answer the requests many have made, I have decide to start a 'learning resources' thread. The purpose of this thread is to accumulate references (URLs, book info, etc.) to Linux-related LEARNING resources for both novice users and experts alike.

To keep this thread tidy, please ONLY post new references. All other posts, including duplicate entries, will be removed without notice.

Thank you and enjoy.

Mikhail

Last edited by mmarkin; 04-19-2004 at 12:00 PM.
mmarkin is offline   Reply With Quote

Old 04-19-2004, 11:52 AM   #2
gsminardi
gsferrari's alter ego
 
gsminardi's Avatar

Join Date: Mar 2004
Location: Tampa, Florida
Posts: 528
Credits: -11
 
gsminardi is a n00b, but everyone loves n00bs!
The Linux Documentation Project: www.tldp.org
LinuxISO.org: http://www.linuxiso.org
__________________

a.k.a gsferrari

Currently Playing : BF1942/Desert Combat : FarCry Demo 1&2 and full version : Splinter Cell Pandora Tomorrow : Battlefield Vietnam
System : Sager 8790 - P43.4/1.0GB/256MB9700/60GB@7200

Last edited by mmarkin; 04-19-2004 at 01:31 PM. Reason: Learning resources, GS
gsminardi is offline   Reply With Quote
Old 04-19-2004, 11:53 AM   #3
mmarkin
Registered User
 
mmarkin's Avatar

Join Date: Jul 2003
Posts: 1,761
Credits: 125
 
mmarkin has disabled reputation
Some Gentoo-related resources:

Gentoo Documentation Resources [http://www.gentoo.org/doc/en/index.xml]
Gentoo Forums [http://forums.gentoo.org]
mmarkin is offline   Reply With Quote
Old 04-19-2004, 12:03 PM   #4
TrickM
Registered User
 
TrickM's Avatar

Join Date: Jan 2004
Location: East Bay, CA
Posts: 321
Credits: -65
 
TrickM is a n00b, but everyone loves n00bs!
This site's helped me through many a Linux install over the years:

Linux on Laptops [http://www.linux-laptop.net]
__________________
--==##[Sager 4780][3.0GHz/HT][1 GB RAM][ATI Radeon M10 Pro M]##==--

Last edited by mmarkin; 04-19-2004 at 12:08 PM. Reason: The square bracket got into the URL
TrickM is offline   Reply With Quote
Old 04-19-2004, 02:19 PM   #5
leeach
Error!
 
leeach's Avatar

Join Date: Apr 2004
Location: here & there..
Posts: 32
Credits: -341
 
leeach is a n00b, but everyone loves n00bs!
Cool Linx 4 Linux, by leeach

Here are some of my abundant list of favorites. The majority is related to Linux + Security. Some would call this overkill, but just because your'e paranoid, doesn't mean that they aren't out to get you.

Linux Basics
Basics, important sites, HOWTO's, handbooks, hardening, tips
Advisories, alerts, bulletins, disclosure, mailinglists, mailing archives, knowledge bases, other sites
Hardening, distro-specific
Log analysis tools, resources
Daemons, device or application specific
More Brainfood, sites, books

Checklists URL Local Info
UNIX Security Checklist v2.0: http://www.cert.org/tech_tips/unix_s...cklist2.0.html
SANS, The Twenty Most Critical Internet Security Vulnerabilities:
http://www.sans.org/top20/
SANS SCORE Checklists for W32/Solaris/Cisco IOS/Mac OS/etc etc: http://www.sans.org/score/
SANS http://www.sans.org/infosecFAQ/linux/linux_list.htm
SANS, Reading room: http://rr.sans.org/linux/linux_list.php

Security URL Local Info
Blacksheep (HOWTO's, whitepapers, etc):
http://www.blacksheepnetworks.com/security/
CERT, Security improvements:
http://www.cert.org/security-improvement/
CERT, Tech Tips:
http://www.cert.org/tech_tips/
eBCVG.com's security portal:
http://www.ebcvg.com/info.php
Jay Beale's docs (Bastille-linux/CIS):
http://www.bastille-linux.org/jay/se...icles-jjb.html
Linux Administrator's Security Guide (LASG):http://www.seifried.org/lasg/
Linuxmag, Hardening Linux Systems:
http://www.linux-mag.com/2002-09/guru_01.html
LinuxSecurity:
http://www.linuxsecurity.com/
Linux Security HOWTO:
http://tldp.org/HOWTO/Security-HOWTO/index.html
http://www.linuxvoodoo.com/howto/HOWTO/Security-HOWTO/
Linux Security Administrator's Guide (SAG, old): http://www.tldp.org/LDP/sag/index.html
Linux Security Quick Reference Guide (PDF): http://www.tldp.org/REF/ls_quickref/QuickRefCard.pdf
Matt's Unix Security Page:
http://www.deter.com/unix/
Securiteam:
http://www.securiteam.com/
Securityfocus:
http://www.securityfocus.com/
Securing & Optimizing Linux: The Ultimate Solution (PDF): http://www.tldp.org/LDP/solrhe/Secur...ution-v2.0.pdf
Securing & Optimizing Linux RH Edition (older - PDF): http://www.tldp.org/LDP/solrhe/Secur...ition-v1.3.pdf
Security Quick-Start HOWTO for Linux:
http://tldp.org/HOWTO/Security-Quickstart-Redhat-HOWTO/
Security links at Linuxguru's:
http://www.linuxguruz.org/z.php?id=914
The Linux Network Administrator's Guide (NAG): http://www.tldp.org/LDP/nag2/index.html
TLDP Networking Security HOWTO's:
http://www.tldp.org/HOWTO/HOWTO-INDEX/howtos.html
Securitytracker (Advisories): http://www.securitytracker.com/topics/topics.html
The CIT Computer Security Handbook: http://www.cit.nih.gov/security/handbook.html
Aging stuff from Phrack like "Unix System Security Issues": http://www.fc.net/phrack/files/p18/p18-7.html
Scan yourself:
http://scan.sygatetech.com/
Scan yourself and more:
http://grc.com/default.htm

Main Sites URL Local Info
At Stake http://www.atstake.com/
Black Code http://www.blackcode.com/
Cirt http://www.cirt.net/
Counterpane http://www.counterpane.com/
Cryptome http://www.cryptome.org/
eEye http://www.eeye.com/html/
Found Stone http://www.foundstone.com/
Info Sys Sec (Personal Favorite) http://www.infosyssec.com/
InfoSecInstitute (Hacker School, Security Program) http://www.infosecinstitute.com/
Net Security http://www.net-security.org/
IDS Playground http://idsplayground.com/
CERT http://www.cert.org/
ISS http://www.iss.net/
Local Area Security (STD wannabe) http://www.localareasecurity.com/
NG Sec http://www.ngsec.com/
The Linux Documentation Project: http://www.tldp.org/
http://www.rootsecure.net/
http://www.securiteam.com/
http://www.securityfocus.com/
http://slashdot.org/
http://packetstormsecurity.org/
http://project.honeynet.org/
http://networking.webopedia.com/
http://www.winnetmag.com/

Compromise, Breach of Security, Detection URL Local Info
Intruder Detection Checklist (CERT): http://www.cert.org/tech_tips/intrud...checklist.html
Detecting and Removing Malicious Code: http://www.securityfocus.com/infocus/1610
Steps for Recovering from a UNIX or NT System Compromise: http://www.cert.org/tech_tips/root_compromise.html
Formatting and Reinstalling after a Security Incident: http://www.securityfocus.com/infocus/1692
How to Report Internet-Related Crime (CCIPS): http://www.usdoj.gov/criminal/cybercrime/reporting.htm
Intrusion Detection Primer: http://www.linuxsecurity.com/feature...story-143.html
Through the Looking Glass: Finding Evidence of Your Cracker (LG): http://www.linuxgazette.com/issue36/kuethe.html

Advisories, alerts & bulletins URL Local Info
Bugtraq (running): http://www.mail-archive.com/bugtraq@securityfocus.com/
or http://www.derkeiler.com/Mailing-Lis...focus/bugtraq/
Linux Gazette: http://www.linuxgazette.com/
Experts exchange: http://www.experts-exchange.com/

Mailing Lists URL Local Info
Neohapsis (mailinglists/archives): http://www.neohapsis.com/

theaimsgroup (mailinglists/archives): http://marc.theaimsgroup.com/

Der Keiler (mailinglists/archives): http://www.der-keiler.de/

RedHat
Red Hat Support: Errata
http://www.redhat.com/support/errata/

Debian
LQ HOWTO:
Securing Debian:
http://www.linuxquestions.org/questi...threadid=61670
Bugs
http://bugs.debian.org/
Lists
http://lists.debian.org/ (search for debian-security@lists.debian.org)
Security
http://security.debian.org/

S.u.S.E.
Security mailto:suse-security@suse.com
Security Announce mailto:suse-security-announce@suse.com
Security Subscribe (subscribe: mailto:suse-security-subscribe@suse.com)
Mandrake Linux
Security http://www.linux-mandrake.com/en/security/
FLists http://www.linux-mandrake.com/en/flists.php3
Subscribe for URL above mailto:security-announce@linux-mandrake.com
Conectiva Linux
Security http://distro.conectiva.com/seguranca/

Subscribe for URL above; security-mailinglist Lingua Franca is Portugese, but on updates-mailinglist it's Engish. The last one always has the packages updates announced on security-mailinglist. mailto:seguranca@distro.conectiva.com.br

Slackware
Lists http://www.slackware.com/lists/
Subscribe for URL above mailto:slackware-security@slackware.com

Knowledge bases URL Local Info
CERT KB:
http://www.cert.org/kb/
IRIA:
http://www.ists.dartmouth.edu/IRIA/knowledge_base/
Faqchest (archives, FAQ's):
http://www.faqchest.com/
SEI:
http://www.sei.cmu.edu/publications/lists.html
Daryl's TCP/IP Primer:
http://www.tcpipprimer.com

Hardening, Distro Specific URL Local Info
Debian/Mandrake/Red Hat: Bastille Linux:
http://www.bastille-linux.org/

Debian
Debian Security HOWTO: (Esp)
http://www.debian.org/doc/manuals/se...-debian-howto/
Debian Security FAQ:
http://www.debian.org/security/faq

Mandrake
Mandrake: msec-*.rpm:
http://www.linux-mandrake.com/

S.u.S.E.
http://www.suse.de/~marc/

Slackware
Slackware Administrators Security tool kit: http://sourceforge.net/projects/sastk/
System Hardening
http://www.c2i2.com/~dentonj/system-hardening

Log Analysis Tools, Resources URL Local Info
Loganalysis.org (check the library):
http://www.loganalysis.org/
Counterpane, Log Analysis Resources:
http://www.counterpane.com/log-analysis.html

Daemons, Device or Application Specific URL Local Info
The Linux-PAM System Administrators Guide http://www.kernel.org/pub/linux/libs...-html/pam.html
Securing Xwindows: http://www.ussg.iu.edu/usail/externa...d/xsecure.html
How to Build, Install, Secure & Optimize Xinetd: http://www.openna.com/documentations...netd/index.php
Installation of a secure webserver (SuSE): http://www.netsys.com/library/papers..._webserver.txt
Linksys security (LQ notes on): http://www.linuxquestions.org/quest...7007#post157007

Auditing Tools at: URL Local Info
Packetstorm:
http://www.packetstormsecurity.org/UNIX/audit/
SecurityFocus:
http://www.securityfocus.com/tools/category/1
The Unix Auditor's Practical Handbook:
http://www.nii.co.in/tuaph.html

Iptables URL Local Info
IPTables Tutorial:
http://iptables-tutorial.frozentux.n...-tutorial.html
IPSysctl Tutorial:
http://ipsysctl-tutorial.frozentux.n...-tutorial.html
Linuxguruz.org:
http://www.linuxguruz.org/iptables/
Linuxsecurity.com Iptables tutorial: http://www.linuxsecurity.com/resourc...-tutorial.html
Iptables Connection tracking: http://www.sns.ias.edu/~jns/security...conntrack.html
Netfilter Iptabes/Ipchains Log Format:
http://logi.cc/linux/netfilter-log-format.php3
*Please note the easiest way to troubleshoot Netfilter related problems is to add log (target) rules before any "decision" in a chain.

Ipchains URL Local Info
TLDP Ipchains HOWTO:
http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html
Flounder.net Ipchains HOWTO:
http://www.flounder.net/ipchains/ipchains-howto.html
Basic introduction to building ipchains rules: http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html
Explanation of the Ipchains logformat:
http://logi.cc/linux/ipchains-log-format.php3
Ipchains log decoder:
http://dsl081-056-052.dsl-isp.net/dm...der/decode.php
Netfilter Iptabes/Ipchains Log Format:
http://logi.cc/linux/netfilter-log-format.php3
Web-browsers, mail clients, FTP clients, IM, P2P ports database for building your own rules:
http://www.pcflank.com/fw_rules_db.htm

Firewalls URL Local Info
Basics on firewalling:
http://www.linuxdoc.org/HOWTO/Firewall-HOWTO.html
linux-firewall-tools:
http://www.linux-firewall-tools.com/linux/
Firewall FAQ:
http://www.faqs.org/faqs/firewalls-faq/
Firewall Forensics FAQ (What am I seeing?): http://www.robertgraham.com/pubs/firewall-seen.html
Linux Firewall and Security Site:
http://www.linux-firewall-tools.com/linux/
Auditing Your Firewall Setup (old, still usefull): http://www.enteract.com/~lspitz/audit.html
TLDP: Firewall Piercing mini-HOWTO:
http://www.tldp.org/HOWTO/Firewall-Piercing/index.html
Something called the "Home PC Firewall Guide": http://www.firewallguide.com/
CERT: Home Network Security: http://www.cert.org/tech_tips/home_networks.html
Assigned ports > 1024:
http://www.ec11.dial.pipex.com/port-num4.shtml
Port designations:
http://www.chebucto.ns.ca/~rakerman/port-table.html
Vendor/Ethernet MAC Address Lookup:
http://www.coffer.com/mac_find/
Dshield (find out if IP was marked as used in attacks): http://www1.dshield.org/ipinfo.php
Port search (Snort):
http://www.snort.org/ports.html
Neohapsis Port search:
http://www.neohapsis.com/neolabs/neo-ports/
P2P ports (IPMasq):
http://www.tsmservices.com/masq/cfm/main.cfm
Infosyssec's Firewall Security and the Internet (badly updated site): http://www.infosyssec.net/infosyssec/firew1.htm

Emacs URL Local Info
Emacs Reference Card:
http://www.indiana.edu/~ucspubs/b131/

Hardening, Distro Specific URL Local Info
DoS Info
SANS, Help Defeat Denial of Service Attacks: Step-by-Step: http://www.sans.org/dosstep/index.htm
SANS, ICMP Attacks Illustrated:
http://rr.sans.org/threats/ICMP_attacks.php
CERT, Denial of Service Attacks: http://www.cert.org/tech_tips/denial_of_service.html
NWC, Fireproofing Against DoS Attacks (forms of): http://www.nwc.com/1225/1225f38.html
Juniper.net, Minimizing the Effects of DoS Attacks: http://arachne3.juniper.net/techcen...ote/350001.html

Hardening, Distro Specific URL Local Info
DDoS Info
SANS, Consensus Roadmap for Defeating Distributed Denial of Service Attacks:
http://www.sans.org/ddos_roadmap.htm
SANS, Spoofed IP Address Distributed Denial of Service Attacks: Defense-in-Depth:
http://rr.sans.org/threats/spoofed.php
SANS, Understanding DDOS Attack, Tools and Free Anti-tools with Recommendation:
http://rr.sans.org/threats/understa...anding_ddos.php
CISCO, Strategies to Protect Against Distributed Denial of Service (DDoS) Attacks:
http://www.cisco.com/warp/public/707/newsflash.html
Dave Dittrich's references:
http://staff.washington.edu/dittrich/misc/ddos/
Xinetd Sensors:
http://www.gate.net/~ddata/xinetd-sensors.html
Xinetd FAQ:
http://synack.net/xinetd/faq.html
__________________
leeach, CISSP
leeach is offline   Reply With Quote
Old 04-19-2004, 02:20 PM   #6
leeach
Error!
 
leeach's Avatar

Join Date: Apr 2004
Location: here & there..
Posts: 32
Credits: -341
 
leeach is a n00b, but everyone loves n00bs!
Cool And..

(continued...)

Hardening, Distro Specific URL Local Info
Intrusion detection, integrity checks: IDS, NIDS, HIDS, Antivirus, software.
Note: vulnerability checking: CIS, SATAN, COPS, Tiger, Nessus


FAQ: Network Intrusion Detection Systems:
Lotek sniffing docs:
http://www.l0t3k.org/security/documents/sniffing/
Defeating Sniffers and Intrusion Detection Systems, Phrack, http://www.phrack.org/show.php?p=54&a=10
Intrusion Detection FAQ (SANS, handling ID in general): http://www.sans.org/resources/idfaq/index.php
Intrusion Detection and Network Auditing on the Internet: http://www.infosyssec.net/infosyssec/intdet1.htm
Basic File Integrity Checking (with Aide): http://online.securityfocus.com/infocus/1408
IDS, NIDS, File Integrity Checkers
http://www.networkintrusion.co.uk

Hardening, Distro Specific URL Local Info
The IDS acronym game:

IDS: Intrusion Detection System refers to an application able to examine traffic for attributes and properties that mark "benign", suspicious, restricted, forbidden or outright hostile activities.

NIDS: Network IDS refers to Intrusion Detection, like running "sensors" on various sentry or sniffer hosts while logging and/or logprocessing and alerting is done on a centralhost (many-to-one topology).

NIDS examples are:
Snort: http://www.snort.org/ or jump to Snort Basics
Shoki: http://shoki.sourceforge.net/
Prelude: http://www.prelude-ids.org/
Firestorm: http://www.scaramanga.co.uk/firestorm/
Panoptis (DoS, DDoS only):
Defenseworx:
SHADOW:
Pakemon:
Some commercial/non OSS examples: Demarc PureSecure, Cisco Secure IDS (NetRanger), ISS Real Secure, Axent Net Prowler, Recourse ManHunt, NFR Network Flight Recorder, NAI CyberCop Network, Enterasys Dragon and Okena Stormfront/Stormwatch.
Snort also is available commercially these days.

HIDS: Host-based IDS. The HIDS acronym itself is subject to flamewars.
IDS examples are Snort, Shoki, Prelude, Defenseworx, Pakemon, Firestorm and Panoptis (DoS, DDoS only).

IPS: Intrusion Protection System. Passive or active (learning, like the heuristics stuff?) enforcement of rules at the application, system or access level. I suppose we're looking at stuff like Grsecurity, Solar Designer's Open Wall, LIDS, LOMAC, RSBAC, Linux trustees, Linux Extended Attributes or Systrace here.
Commercial/non OSS examples: Entercept, ISS RealSecure, Axent Intruder Alert Manager, Enterasys' Dragon, Tripwire, Okena and CA's eTrust.


Snort Basics:
Using Snort as an IDS and Network Monitor in Linux (SANS): http://www.sans.org/rr/intrusion/monitor.php
ArachNIDS (Snort/Dragon/Defenseworx/Pakemon/Shoki rule, research and info library):
http://whitehats.com/ids/ <--great site, damn near my fav
Snort Stealth Sniffer: Paranoid Penguin: Stealthful Sniffing, Intrusion Detection and Logging:
http://www.linuxjournal.com/article.php?sid=6222

Dropping Packets with Snort:
Snortsam: http://www.snortsam.net/
Hogwash: http://hogwash.sourceforge.net/

Snort GUI's, management, log reporting and analysis:
SnortCenter: http://users.pandora.be/larc
Snort Unified Logging: Barnyard: (Sourceforge)
Snort Unified Logging: Logtopcap
Snort Unified Logging: Mudpit
Analysis Console for Intrusion Databases (ACID): http://acidlab.sourceforge.net/
HOWTO Build Snort with ACID:
http://www.sfhn.net/whites/snortacid.htm
ACID FAQ: http://www.andrew.cmu.edu/~rdanyliw/snort/acid_faq.html
SPADE, Snortsnarf: http://www.silicondefense.com/
Sguil: http://sguil.sourceforge.net/
Enabling Automated Detection of Security Events that affect Multiple Administrative Domains:
http://www.incident.org/thesis/book1.html
Demarc (commercial):
http://www.demarc.com/
RazorBack:
http://www.intersectalliance.com/pr...Back/index.html
Oinkmaster (rulemanagement): http://www.snort.org/dl/contrib/sig...ent/oinkmaster/
Snort alert mailer (C or .perl?):
http://rouxdoo.freeshell.org/dmn/snort/
Pig Sentry:
http://web.proetus.com/tools/pigsentry/

Comparison of IDSs ( NFR NID, Snort, INBOUNDS, SHADOW, Dragon, Tripwire):
http://zen.ece.ohiou.edu/~nagendra/compids.html

Snort help, mailinglist (archives), honeypots:
Snort: Database support FAQ:
http://www.incident.org/snortdb/
Snort mailinglists, Aims:
http://marc.theaimsgroup.com/
Baby steps with a honeypot:
http://www.lucidic.net/whitepapers/mcooper-4-2002.html
Honeypot & Intrusion Detection Resources:
http://www.honeypots.net/

Snort + 802.11 aka Wireless:
http://www.loud-fat-bloke.co.uk/w80211.html

Sniffing (network wiretap, sniffer) FAQ: http://www.robertgraham.com/pubs/sniffing-faq.html

An Analysis of a Compromised Honeypot (Snort+Ethereal): http://www.securityfocus.com/infocus/1676
To add: Firestorm NIDS, Barnyard, Mudpit, Snort GUI's, add-ons etc etc.

File Integrity Detection Systems
Checking a filesystem's contents against one or more checksums to determine if a file (remember anything essentially is a file on a Linux Filesystem) has been changed.
Examples are:
Aide:
http://www.cs.tut.fi/~rammer/aide.html (for remote mgmnt see also ICU) http://www.algonet.se/~nitzer/ICU/)
Samhain:
http://la-samhna.de/samhain/ (for remote mgmnt see docs)
Osiris:
http://osiris.shmoo.com/
Nabou:
http://www.daemon.de/en/software/nabou/
Sentinel:
http://zurk.sourceforge.net/zfile.html
Viper(DB):
http://panorama.sth.ac.at/viperdb/
Integrit:
http://integrit.sourceforge.net/
File Integrity (SecurityFocus, tools list): http://www.securityfocus.com/tools/category/7

Tripwire (for remote mgmnt search Freshmeat.net for "FICC").
Commercial/non OSS examples: Versioner, GFI LANguard System Integrity Monitor, Ionx's Data Sentinel, Tripwire for Servers and Pedestal Software Intact.

Viruses on Linux/GNU, Antivirus software

Sendmail, Tcpdump, OpenSSH, TCP Wrappers, Aide and some other projects have suffered from people succeeding to inject malicious code, and of those only Sendmail and OpenSSH where at main servers, the rest where mirrors AFAIK. Even though all the apps mentioned are safe to use, and the differences were noted soon, the real problem is you 1, have to have the knowledge to read code, and 2, the discipline to read the code each time and question any diffs or 3, have minimal "protection" in place to cope with like rogue compiled apps "phoning home". Which in essence means to end users any Software provided w/o means to verify integrity of the code and the package should be treated with care, instead of accepting it w/o questioning.


As for the "virus" thingie I wish we, as a Linux community, try to "convert" people away from the typical troubles of lesser (game) platforms and direct them towards what's important to know about Linux: user/filesystem permissions, broken /suid/sgid software, worms, trojans and rootkits.

Basic measures should be:
- Using (demanding) source verification tru GPG or minimally md5sums,
- Watch system integrity (Aide, Samhain, Tripwire or any package mgr that can do verification: save those databases off-site),
- Harden your systems by not installing SW you don't need *now*, denying access where not needed and using tools like Bastille-linux, tips from Astaro,
- Patch kernel to protect looking at/writing to crucial /proc and /dev entries and/or use ACL's (see Silvio Cesare's site, Grsecurity, LIDS),
- Watch general/distro security bulletins and don't delay taking action (Slapper, Li0n etc),
- Keep an eye on outgoing traffic (egress logging and filtering),
- Don't compile apps as root but as a non-privileged user,
- Inspect the code if you can,
- Don't use Linux warez,
But most of all: use common sense.

*If you're still not satisfied you've covered it all you could arm yourself with knowledge on forensics stuff like UML, chrooting, disassembly and honeypots.

If you want to find Antivirus software, Google the net for Central Command, Sophos, Mcafee, Kaspersky, H+BEDV, Trend Micro, Frisk, RAV, Clam, Amavis, Spam Assassin, Renattach, Ripmime, Milter or Inflex.
- AV Software is as good as it's signatures/heuristics. Some vendors don't update their Linux sig db's very well, or field software with lacking capabilities. I've tested some (admittedly a long time ago) on my virus/trojan/LRK/malware libs.
Bad (IMHO): Frisk's F-Prot (sigs), Clam (sigs), H+BEDV (libc version). Good (IMNSHO): Mcafee's uvscan (best) and RAV (2nd). Please do test yourself.
- AFAIK only KAV (Kaspersky) has a realtime heuristic virus scanner daemon. I'm in limbo about it's compatibility with recent kernels tho.

Links to check out:

LAVP/Mini-FAQ Linux/Unix AV SW,
NIST (list of AV vendors),
Clam
--------------------------------------------------------------------------

Chroot, chrooting, jailing, comparimization
SendMail: http://www.sendmail.net/000705securitygeneral.shtml
SendMail: http://www.linuxjournal.com/article.php?sid=5753
Snort: http://www.norz.org/software/snortstart.html

OpenSSH for chrooted sessions on Linux: http://mail.incredimail.com/howto/openssh/
http://chrootssh.sourceforge.net/
OpenSSH, Scponly:
http://www.sublimation.org/scponly/
OpenSSH, Rssh:
http://pizzashack.org/rssh/
OpenSSH Sftp logging patch, contact Mike Martinez: mmartinez@reeusda.gov

How to chroot an Apache tree with Linux and Solaris: http://penguin.epfl.ch/chroot.html
An Overview of 'chroot jailing' Services in Linux: http://www.incidents.org/protect/borland.php
How to break out of a chroot() jail: http://www.bpfh.net/simes/computing/chroot-break.html
Breaking out of a restricted shell: http://online.securityfocus.com/infocus/1575, down at "Breaking Out of Various Restrictions"
Chrooting daemons and system processes HOW-TO: http://www.networkdweebs.com/chroot.html

Other SW/HOWTO's unsorted:
http://www.gsyc.inf.uc3m.es/~assman/jail
http://www.opensourcedirectory.org/projects/jailchootp/
http://people.debian.org/~pzn/howto/chroot-bind.sh.txt
http://www.linuxdocs.org/HOWTOs/Chroot-BIND-HOWTO.html
http://www.linuxdoc.org/HOWTO/Chroot-BIND8-HOWTO.html
http://penguin.epfl.ch/chroot.html
http://tjw.org/chroot-login-HOWTO/
http://rr.sans.org/linux/daemons.php
http://www.mlug.ca/sklav/stories/November_issue2001
http://www.floc.net/makejail/
http://www.balabit.hu/downloads/jailer
--------------------------------------------------------------------------

Here's some randomness while I'm at it.
802.11(Wireless)

http://www.ackers.org.uk/
http://airsnort.shmoo.com/
http://www.hyperlinktech.com/
http://www.cisco.com/en/US/products/...ess/index.html
http://www.fab-corp.com/
http://www.free2air.org/
http://www.jiwire.com/
http://www.kismetwireless.net/
http://www.netstumbler.com/
http://www.stumbler.net/
http://www.proxim.com/
http://www.teletronics.com/tii/index.html
http://www.warchalking.org/
http://www.wardriving.com/
http://wifinetnews.com/
http://www.wildpackets.com/
http://www.richmondfreewireless.org/...network&V=5001
http://www.practicallynetworked.com/...s_articles.htm
http://www.wireless-warrior.org/
http://www.expansys.com/d_wireless.asp
http://www.wirelessanarchy.com/
http://store.ydi.com/customer/home.php <---DUMB cheap.


Uhh..Hardware??

http://store.yahoo.com/justdeals/
http://www.linux-on-laptops.com/
http://www.memorystock.com/
http://www.usanotebook.com/
http://www.govliquidation.com/
http://www.thinkgeek.com/


Forumz

http://www.bitbenderforums.com/ <--Great site
http://bsdforums.org/
http://screamingelectron.org/phpBB2/ <--BSD
http://www.knoppix-std.org/forum/
http://www.linuxiso.org/forums/
http://linuxquestions.org/questions/index.php
http://www.port7alliance.com/cgi-bin/ultimatebb.cgi
http://www.linuxpackages.net/forum/ <--check out the site as well.


Random Linx

http://home.online.no/~osmoma/ <-- I think it's safe to say, that if all the Linux Links pages out there were ants,This would be the QUEEN.
http://www.bsdnexus.com/
http://www.linuxcommand.org/ <-- for the newbies
http://linux.org.mt/article/terminal <-- for the newbies
http://s56.net/Books/
http://www.newsforge.com/
http://www.tldp.org/
http://www.unixreview.com/


E-books and e-book linx...

http://rahmat.zikri.com/books.html <-- 1 word. WOW.
http://freebooks.by.ru/
http://www.mindview.net/Books/DownloadSites
http://www.maththinking.com/boat/computerbooks.html
http://docs.rinet.ru:8080/
http://www.ebone.at/files.php?show=Books
http://www.empowermentzone.com/#unix <--amongst other BS

Here's what a lil friend of mine called "Google" can do... just use this link, and replace the last word in the search to whatever your interest may be.
http://www.google.com/search?q=ebook...&start=10&sa=N

http://skaiste.elekta.lt/Books/
http://content.443.ch/pub/
http://www.ods.com.ua/index.phtml <--not bad..
http://kavosh.irost.net/books/library.htm
http://stommel.tamu.edu/~baum/programming.html
http://digital.library.upenn.edu/books/


I have quite a bit more, but my mouse finger hurts. I'll post more in time.
__________________
leeach, CISSP

Last edited by leeach; 04-20-2004 at 10:22 AM. Reason: Typos...
leeach is offline   Reply With Quote
Old 04-19-2004, 03:49 PM   #7
gsminardi
gsferrari's alter ego
 
gsminardi's Avatar

Join Date: Mar 2004
Location: Tampa, Florida
Posts: 528
Credits: -11
 
gsminardi is a n00b, but everyone loves n00bs!
__________________

a.k.a gsferrari

Currently Playing : BF1942/Desert Combat : FarCry Demo 1&2 and full version : Splinter Cell Pandora Tomorrow : Battlefield Vietnam
System : Sager 8790 - P43.4/1.0GB/256MB9700/60GB@7200

Last edited by mmarkin; 04-20-2004 at 02:41 PM. Reason: As pointed out by other users, the two articles were by no means 'linux learning material'
gsminardi is offline   Reply With Quote
Old 04-19-2004, 05:10 PM   #8
synaptical
spanning the globe

Join Date: Mar 2004
Location: NY
Posts: 31
Credits: -142
 
synaptical is a n00b, but everyone loves n00bs!
Rute User's Tutorial:
http://www.fokus.fhg.de/linux/LDP/rute/node1.html

Official Guide to Slackware Linux:
http://www.slackware.com/book/
synaptical is offline   Reply With Quote
Old 04-19-2004, 05:36 PM   #9
aliensub
What if cows could fly?
 
aliensub's Avatar

Join Date: Jan 2004
Posts: 110
Credits: -321
 
aliensub is a n00b, but everyone loves n00bs!
And some Danish help sites:

http://www.linuxbog.dk/ - Extensive danish ressource about Linux

Debianrelated:
www.debianguiden.dk - Danish guide for installing and maintaning Debian
www.debianforum.dk - Danish Debianforum

English:
http://ccfaq.valar.co.uk/ Clark Connect helpsite
www.debianplanet.org - Good how-to´s and other stuff
www.debianhelp.org - Debian community
__________________
Asus M6800N *Rocket coffee making machine*
aliensub is offline   Reply With Quote
Old 04-20-2004, 07:24 AM   #10
vicG
Registered User

Join Date: Feb 2004
Posts: 83
Credits: -327
 
vicG is a n00b, but everyone loves n00bs!
It's probably in leech's list, but I ain't searching through all that (great stuff, leech)

but this was helpful to me long ago:

http://linux-sxs.org/index2.html

Lot's of step-by-steps for various Linux tasks.
vicG is offline   Reply With Quote
Old 10-25-2004, 10:01 AM   #11
wehe
Registered User

Join Date: Oct 2004
Posts: 1
Credits: -350
 
wehe is a n00b, but everyone loves n00bs!
Arrow TuxMobil: Linux on Laptops, Notebooks, PDAs, Phones, ...

TuxMobil is dedicated to Linux And Mobile Computers. It leads you to a lot of useful hands-on information, HOWTOs, and FAQs about installing and running Linux on laptops, notebooks, PDAs, mobile cellular phones, portable music and video players, wearables and other mobile computer devices.
wehe is offline   Reply With Quote
Old 05-11-2005, 08:18 PM   #12
RadHaz
Registered User
 
RadHaz's Avatar

Join Date: May 2005
Posts: 21
Credits: -344
 
RadHaz is a n00b, but everyone loves n00bs!
Ubuntu
Couldn't do without the Ubuntu Forums
__________________
RadHaz is offline   Reply With Quote
Old 05-31-2005, 10:52 PM   #13
Teck1
Registered User

Join Date: Nov 2004
Posts: 10,401
Credits: 1,292
 
Teck1 is a n00b, but everyone loves n00bs!
You all forgot:

Linux From Scratch: www.linuxfromscratch.org

Its a great community in which people that really want to learn (Not people that just want answers) will get help...
Teck1 is offline   Reply With Quote
Old 06-17-2005, 01:40 AM   #14
epb613
Still =] for now...

Join Date: Jul 2004
Location: Baltimore, MD.
Posts: 128
Credits: -107
 
epb613 is a n00b, but everyone loves n00bs!
Here's a link to my Ubuntu / Kubuntu CL56 page: http://mercury.walagata.com/w/epb613/cl56_guide.html
__________________
Compal CL56 Radeon 9700 128mb 1.4Ghz Pentium M Hitachi 7200RPM 40GB Kingston 512mb PC2700/333Mhz
Dual booting Windows 95b (for bios upgrades) and Ubuntu!
iAUDIO 5 512mb + Shure E2C
epb613 is offline   Reply With Quote
Old 06-26-2005, 07:00 PM   #15
TrickyPhillips
Registered User
 
TrickyPhillips's Avatar

Join Date: Jun 2005
Posts: 40
Credits: -337
 
TrickyPhillips is a n00b, but everyone loves n00bs!
The Ubuntuguide. Every new Ubuntu user should read it.

www.ubuntuguide.org
__________________

Dell Inspiron 6000 - 15.4 inch WUXGA
60G HDD - 1.6GHz Pentium M Dothan
512MB RAM - 128MB DDR ATI Radeon X300


Gamer's Zion
TrickyPhillips is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Resources .PoNeH Dell Home (Inspiron, XPS, Studio) 16 08-13-2006 06:56 PM
Free up those resources... (Help) Tanamoril Dell Home (Inspiron, XPS, Studio) 8 12-28-2005 05:40 PM
Arizona High school goes with all notebook learning Adam Notebook News 0 07-11-2005 10:31 AM
Learning Linux advice, etc. randy82103 Linux Notebooks 66 10-17-2003 05:02 AM



All times are GMT -6. The time now is 02:20 PM.


Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Copyright © 2001-2010 NotebookForums LLC