OK, I hold my hands up. As far as networking and security go I know next to nothing, and the limit of my networking expertise is networking 2 PCs together. I just do what I'm told, when networking is concerned and don't ask questions.

So for the completely uninitiated, and I'm talking really uninitiated can anyone recommend any good resources for learning about networking and security? I just feel its something I really need to come up to speed with.

Ta.

i assume youre talking linux security and networking. Red Hat has some good stuff on their site, the manuals in particular. Granted they are really long (ive read most of the security one and about half the customization one... theyll put you to sleep in some parts) but they work well. Also got manuals for every version of redhat imaginable...

http://www.redhat.com/docs/manuals/linux/

the admin primer has some networking stuff in it too i think (printing and the like if i remember correctly). Thats what im trying to get through right now.. reading all 7 manuals or however many there were for RH9.

Linux cook book isnt bad either.. lets see if i can find a link... here we go

http://www.redhat.com/mirrors/LDP/LDP/linuxcookbook/html/cookbook.html#SEC_Top

Thats all i got. Im not claiming to be a networking genius, but this is the best i got. Good luck. If you find anything great, let me know... cant ever know enough

Prometheus

There's a whitepaper from IBM about Linux security here: http://www-124.ibm.com/linux/papers/security/Linux-Security-IBM-White-Paper.pdf (PDF)

Basically, security can be summed up as:
Limiting access. There should be as few servers running and open ports as possible, and limiting access to these as much as possible.
Choosing good passwords. "password" is not a good password.
Patch and upgrade. There's a reason why the developers worked so hard to fix an expliot: so you don't get compromised.
And of course, running a firewall. Preferably two or three, on seperate devices.


Once in a while scan with Ethereal (http://www.ethereal.com/) or Nmap (http://www.insecure.org/nmap/) to see what's happening.

The more paranoid you are, the better. :)

I've been a windows admin, that's why I haven't slept in years!!! I am just trying to get ahead of the curve. :)

Check out The Linux Network Administrator's Guide 2. It is a must read!

Search for it at http://tldp.org. Search key: nag2

Paranoid is good!!!

Security is like a closed door. The people who don't open the door won't come in.

Any security system is constanly evolving, since hte hackers are always trying to outwit the security people.

For the Newbies: Never, never, logon as root or access the internet as root.

Make sure your password is secure and is a mixture of letters and numbers/special characters. A minimum password length of 6 is recommended.

Now Fedora comes setup blocking FTP or Telnet --- That's very good. Don't change it, learn how to use Secure Shell (SSH). And then allow only SSH (make sure to check the trust network conenction --- usually eth0)

Setup a firewall if running more than 3 systems, otherwise make sure you are stealthed on the internet. I use either http://www.grc.com - Gibson Research and/or http://www.dslreprots.com)

There is an excellent tutorial on IPtables at http://www.faqs.org/docs/iptables/index.html
that I have used to create a firewall that performs stateful insepction of packets.

You could also read Firewall and Proxy Server HOWTO at http://www.ibiblio.org/mdw/HOWTO/Firewall-HOWTO.html#toc6

Ed :)