DOCSLIB.ORG

Maximum Internet Security: a Hackers Guide - Networking - Intrusion Detection

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

- Maximum Internet Security: A Hackers Guide - Networking - Intrusion Detection Exact Phrase All Words Search Tips Maximum Internet Security: A Hackers Guide Author: Publishing Sams Web Price: $49.99 US Publisher: Sams Featured Author ISBN: 1575212684 Benoît Marchal Publication Date: 6/25/97 Pages: 928 Benoît Marchal Table of Contents runs Pineapplesoft, a Save to MyInformIT consulting company that specializes in Internet applications — Now more than ever, it is imperative that users be able to protect their system particularly e-commerce, from hackers trashing their Web sites or stealing information. Written by a XML, and Java. In 1997, reformed hacker, this comprehensive resource identifies security holes in Ben co-founded the common computer and network systems, allowing system administrators to XML/EDI Group, a think discover faults inherent within their network- and work toward a solution to tank that promotes the use those problems. of XML in e-commerce applications. Table of Contents I Setting the Stage 1 -Why Did I Write This Book? 2 -How This Book Will Help You Featured Book 3 -Hackers and Crackers Sams Teach 4 -Just Who Can Be Hacked, Anyway? Yourself Shell II Understanding the Terrain Programming in 5 -Is Security a Futile Endeavor? 24 Hours 6 -A Brief Primer on TCP/IP 7 -Birth of a Network: The Internet Take control of your 8 -Internet Warfare systems by harnessing the power of the shell. III Tools 9 -Scanners 10 -Password Crackers 11 -Trojans 12 -Sniffers 13 -Techniques to Hide One's Identity 14 -Destructive Devices IV Platforms and Security 15 -The Hole 16 -Microsoft 17 -UNIX: The Big Kahuna 18 -Novell 19 -VAX/VMS 20 -Macintosh 21 -Plan 9 from Bell Labs V Beginning at Ground Zero 22 -Who or What Is Root? 23 -An Introduction to Breaching a Server Internally http://www.informit.com/product/1575212684/ (1 of 2) [17.07.2000 19:54:50] - Maximum Internet Security: A Hackers Guide - Networking - Intrusion Detection 24 -Security Concepts VI The Remote Attack 25 -The Remote Attack 26 -Levels of Attack 27 -Firewalls 28 -Spoofing Attacks 29 -Telnet-Based Attacks 30 -Language, Extensions, and Security VII The Law 31 -Reality Bytes: Computer Security and the VIII Appendixes 31 -VIII Appendixes Appendix A -How to Get More Information Appendix B -Security Consultants Appendix C -A Hidden Message About the Internet Appendix D -What's on the CD-ROM About InformIT | Press Area | Advertising | Careers Contact Us Copyright, Terms & Conditions Privacy Policy | | © Copyright 2000 InformIT. All rights reserved. http://www.informit.com/product/1575212684/ (2 of 2) [17.07.2000 19:54:50] - Why Did I Write This Book? From: Maximum Internet Security: A Hackers Guide Exact Phrase All Words Why Did I Write This Book? Search Tips Contents Next > From: Maximum Internet Security: A Hackers Guide Save to MyInformIT Author: Publishing Sams Publisher: Sams More Information Hacking and cracking are activities that generate intense public interest. Stories of hacked servers and downed Internet providers appear regularly in national news. Consequently, publishers are in a race to deliver books on these subjects. To its credit, the publishing community has not failed in this resolve. Security books appear on shelves in ever-increasing numbers. However, the public remains wary. Consumers recognize driving commercialism when they see it, and are understandably suspicious of books such as this one. They need only browse the shelves of their local bookstore to accurately assess the situation. Books about Internet security are common (firewall technology seems to dominate the subject list). In such books, the information is often sparse, confined to a narrow range of products. Authors typically include full-text reproductions of stale, dated documents that are readily available on the Net. This poses a problem, mainly because such texts are impractical. Experienced readers are already aware of these reference sources, and inexperienced ones are poorly served by them. Hence, consumers know that they might get little bang for their buck. Because of this trend, Internet security books have sold poorly at America's neighborhood bookstores. Another reason that such books sell poorly is this: The public erroneously believes that to hack or crack, you must first be a genius or a UNIX guru. Neither is true, though admittedly, certain exploits require advanced knowledge of the target's operating system. However, these exploits can now be simplified through utilities that are available for a wide range of platforms. Despite the availability of such programs, however, the public remains mystified by hacking and cracking, and therefore, reticent to spend forty dollars for a hacking book. So, at the outset, Sams.net embarked on a rather unusual journey in publishing this book. The Sams.net imprint occupies a place of authority within the field. Better than two thirds of all information professionals I know have purchased at least one Sams.net product. For that reason, this book represented to them a special situation. Hacking, cracking, and Internet security are all explosive subjects. There is a sharp difference between publishing a primer about C++ and publishing a hacking guide. A book such as this one harbors certain dangers, including ● The possibility that readers will use the information maliciously ● The possibility of angering the often-secretive Internet-security community ● The possibility of angering vendors that have yet to close security holes within their software If any of these dangers materialize, Sams.net will be subject to scrutiny or perhaps even censure. So, again, if all of this is true, why would Sams.net publish this book? Sams.net published this book (and I agreed to write it) because there is a real need. I'd like to explain that need for a moment, because it is a matter of some dispute within the Internet community. Many people feel that this need is a manufactured one, a device dreamt up by software vendors specializing in security products. This charge--as the reader will soon learn--is unfounded. Today, thousands of institutions, businesses, and individuals are going online. This phenomenon--which has been given a dozen different names--is most commonly referred to as the Internet explosion. That explosion has drastically altered the composition of the Internet. By composition of the Internet, I refer to the cyberography of http://www.informit.com/content/1575212684/element_002.shtml (1 of 8) [17.07.2000 19:55:14] - Why Did I Write This Book? From: Maximum Internet Security: A Hackers Guide the Net, or the demography of cyberspace. This quality is used to express the now diverse mixture of users (who have varying degrees of online expertise) and their operating systems. A decade ago, most servers were maintained by personnel with at least basic knowledge of network security. That fact didn't prevent break-ins, of course, but they occurred rarely in proportion to the number of potential targets. Today, the Internet's population is dominated by those without strong security knowledge, many of whom establish direct links to the backbone. The number of viable targets is staggering. Similarly, individual users are unaware that their personal computers are at risk of penetration. Folks across the country surf the Net using networked operating systems, oblivious to dangers common to their platform. To be blunt, much of America is going online unarmed and unprepared. You might wonder even more why Sams would publish a book such as this. After all, isn't the dissemination of such information likely to cause (rather than prevent) computer break-ins? In the short run, yes. Some readers will use this book for dark and unintended purposes. However, this activity will not weaken network security; it will strengthen it. To demonstrate why, I'd like to briefly examine the two most common reasons for security breaches: ● Misconfiguration of the victim host ● System flaws or deficiency of vendor response Misconfiguration of the Victim Host The primary reason for security breaches is misconfiguration of the victim host. Plainly stated, most operating systems ship in an insecure state. There are two manifestations of this phenomenon, which I classify as active and passive states of insecurity in shipped software. The Active State The active state of insecurity in shipped software primarily involves network utilities. Certain network utilities, when enabled, create serious security risks. Many software products ship with these options enabled. The resulting risks remain until the system administrator deactivates or properly configures the utility in question. A good example would be network printing options (the capability of printing over an Ethernet or the Internet). These options might be enabled in a fresh install, leaving the system insecure. It is up to the system administrator (or user) to disable these utilities. However, to disable them, the administrator (or user) must first know of their existence. You might wonder how a user could be unaware of such utilities. The answer is simple: Think of your favorite word processor. Just how much do you know about it? If you routinely write macros in a word-processing environment, you are an advanced user, one member of a limited class. In contrast, the majority of people use only the basic functions of word processors: text, tables, spell check, and so forth. There is certainly nothing wrong with this approach. Nevertheless, most word processors have more advanced features, which are often missed by casual users. For example, how many readers who used DOS-based WordPerfect knew that it included a command-line screen-capture utility? It was called Grab. It grabbed the screen in any DOS-based program. At the time, that functionality was unheard of in word processors. The Grab program was extremely powerful when coupled with a sister utility called Convert, which was used to transform other graphic file formats into *.wpg files, a format suitable for importation into a WordPerfect document.
Recommended publications
  • Adobe Application Manager Enterprise Edition Deployment Guide

    Adobe Application Manager Enterprise Edition Deployment Guide

    ADOBE® APPLICATION MANAGER ENTERPRISE EDITION GUIDE DE DEPLOIEMENT EN ENTREPRISE Adobe® Application Manager Enterprise Edition version 3.1 Version de document 3.1 Date du document : Septembre 2012 © 2012 Adobe Systems Incorporated and its licensors. All rights reserved. Adobe® Application Manager Enterprise Edition Guide de déploiement en entreprise This guide is licensed for use under the terms of the Creative Commons Attribution Non-Commercial 3.0 License. This License allows users to copy, distribute, and transmit the guide for noncommercial purposes only so long as (1) proper attribution to Adobe is given as the owner of the guide; and (2) any reuse or distribution of the guide contains a notice that use of the guide is governed by these terms. The best way to provide notice is to include the following link. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/3.0/ Adobe, the Adobe logo, Acrobat, Adobe Audition, Adobe Bridge, Adobe Device Central, Adobe OnLocation, Adobe Premiere, Adobe Premiere Pro, Adobe Technical Communication Suite, After Effects, Contribute, Captivate, Creative Suite, CS Live, Dreamweaver, Encore, Fireworks, Flash, Flash Builder, Flash Catalyst, FrameMaker, Illustrator, InDesign, Photoshop, RoboHelp, SiteCatalyst, and Soundbooth are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. Apple, Mac, and Mac OS are trademarks of Apple Inc., registered in the United States and other countries. Microsoft, Windows, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. UNIX is a registered trademark of The Open Group in the US and other countries.
  • To Provide Adequate Commercial Security

    To Provide Adequate Commercial Security

    MINIMAL KEY LENGTHS FOR SYMMETRIC CIPHERS TO PROVIDE ADEQUATE COMMERCIAL SECURITY AReport by an AdHoc Groupof Cryptographers andComputerScientists »■■ MattBlaze 1 WhitfieldDiffie2 Ronald L. Rivest3 Bruce Schneier4 Tsutomu Shimomura5 Eric Thompson6 MichaelWiener7 JANUARY 1996 ABSTRACT Encryption plays an essential role in protecting the privacy of electronic information against threats from a variety ofpotential attackers. In so doing, modern cryptography employs a combination ofconventional or symmetric cryptographic systems for encrypting data andpublic key or asymmetric systems for managing the keys used by the symmetric systems. Assessing the strength required of the symmetric cryptographic systems is therefore an essential step in employing cryptography for computer and communication security. Technology readily available today (late 1995) makes brute-force attacks against cryptographic systems considered adequate for the past several years both fast and cheap. General purpose computers can be used, but a much more efficient approach is to employ commercially available Field Programmable Gate Array (FPGA) technology. For attackers prepared to make a higher initial investment, custom-made, special-purpose chips make such calculations much faster and significantly lower the amortized costper solution. As a result, cryptosystems with 40-bit keys offer virtually no protection at this point against brute-force attacks. Even the U.S. Data Encryption Standard with 56-bit keys is increasingly inadequate. As cryptosystems often succumb to "smarter" attacks than brute-force key search, it is also important toremember that the keylengths discussed here are the minimum needed for security against the computational threats considered. Fortunately, the cost of very strong encryption is not significantly greater than that of weak encryption.
  • Legislators of Cyberspace: an Analysis of the Role Of

    Legislators of Cyberspace: an Analysis of the Role Of

    SHAPING CODE Jay P. Kesan* & Rajiv C. Shah** I. INTRODUCTION ............................................................................................................................ 4 II. THE CASE STUDIES: THE DEVELOPMENT OF CODE WITHIN INSTITUTIONS.............................. 13 A. World Wide Web......................................................................................................... 14 1. Libwww............................................................................................................ 14 2. NCSA Mosaic .................................................................................................. 16 B. Cookies ........................................................................................................................ 21 1. Netscape’s Cookies .......................................................................................... 21 2. The IETF’s Standard for Cookies .................................................................... 24 C. Platform for Internet Content Selection....................................................................... 28 D. Apache......................................................................................................................... 34 III. LEGISLATIVE BODIES: SOCIETAL INSTITUTIONS THAT DEVELOP CODE ................................. 37 A. Universities.................................................................................................................. 38 B. Firms...........................................................................................................................
  • Microsoft Frontpage Course Design 2000-2001

    Microsoft Frontpage Course Design 2000-2001

    Microsoft FrontPage Course Design 2000-2001 Course Information Organization: EASTERN ARIZONA COLLEGE Division: General Education Course Number: CMP Title: Microsoft FrontPage Credits: 1 Developed by: Dr. Barbara Ganz Lecture/Lab Ratio: 1 Lec/1 Lab Transfer Status: Non-Transferable to ASU, UofA and NAU Extended Registration Class: Not an extended registration course CIP Code: 52.0408 Awareness Course: No Intensive Writing Course: No Prerequisites: 1. None Educational Value: This class is designed for Intermediate Computer and Internet users who desire to learn the basic of web site development. Goals: 1. To introduce students to the uses of Microsoft FrontPage. Description: An introduction to web page development using Microsoft FrontPage in a non-programming approach. Includes hyperlinks, graphic, frames, tables, ftp. Emphasis on good website design strategies. Experience using the Internet and basic computers skills are recommended. Textbooks: Joyce Fox and Christina Dudley. Quick Course in Microsoft FrontPage 2000. Microsoft Press, Supplies: None Microsoft FrontPage 1 CMP April '02 Competencies and Performance Standards 1. Define a website and web page and describe their basic elements. Domain--Cognitive Level--Evaluation Importance--Useful Difficulty--Low Criteria--Performance will be Conditions--Competence will be Learning Objectives: satisfactory when: demonstrated: a. Define website, web page, and • learner can define website, web • By oral report in a class other applicable Internet terms. page, and other applicable discussion. b. Explain the characteristics of an Internet terms. effective website and web page. • learner can explain the c. Describe the basic elements of a characteristics of an effective web page. website and web page. • learner can describe the basic elements of a web page.
  • Copyrighted Material

    Copyrighted Material

    05_096970 ch01.qxp 4/20/07 11:27 PM Page 3 1 Introducing Cascading Style Sheets Cascading style sheets is a language intended to simplify website design and development. Put simply, CSS handles the look and feel of a web page. With CSS, you can control the color of text, the style of fonts, the spacing between paragraphs, how columns are sized and laid out, what back- ground images or colors are used, as well as a variety of other visual effects. CSS was created in language that is easy to learn and understand, but it provides powerful control over the presentation of a document. Most commonly, CSS is combined with the markup languages HTML or XHTML. These markup languages contain the actual text you see in a web page — the hyperlinks, paragraphs, headings, lists, and tables — and are the glue of a web docu- ment. They contain the web page’s data, as well as the CSS document that contains information about what the web page should look like, and JavaScript, which is another language that pro- vides dynamic and interactive functionality. HTML and XHTML are very similar languages. In fact, for the majority of documents today, they are pretty much identical, although XHTML has some strict requirements about the type of syntax used. I discuss the differences between these two languages in detail in Chapter 2, and I also pro- vide a few simple examples of what each language looks like and how CSS comes together with the language to create a web page. In this chapter, however, I discuss the following: ❑ The W3C, an organization that plans and makes recommendations for how the web should functionCOPYRIGHTED and evolve MATERIAL ❑ How Internet documents work, where they come from, and how the browser displays them ❑ An abridged history of the Internet ❑ Why CSS was a desperately needed solution ❑ The advantages of using CSS 05_096970 ch01.qxp 4/20/07 11:27 PM Page 4 Part I: The Basics The next section takes a look at the independent organization that makes recommendations about how CSS, as well as a variety of other web-specific languages, should be used and implemented.
  • ED381174.Pdf

    ED381174.Pdf

    DOCUMENT RESUME ED 381 174 IR 055 469 AUTHOR Klatt, Edward C.; And Others TITLE Windows to the World: Utah Library Network Internet Training Manual. INSTITUTION Utah State Library, Salt Lake City. PUB DATE Mar 95 NOTE 136p. AVAILABLE FROMWorld Wide Web at http://www.state.lib.ut.us/internet.htm (available electronically) or Utah State Library Division, 2150 S. 3rd W., Suite 16, Salt Lake City, UT 84115-2579 ($10; quantity price, $5). PUB TYPE Guides Non-Classroom Use (055) EDRS PRICE MF01/PC06 Plus Postage. DESCRIPTORS Access to Information; *Computer Networks; Computer Software; Electronic Mail; *information Networks; *Information Systems; *Librarians; Online Catalogs; Professional Training; Telecommunications IDENTIFIERS *Internet; Utah ABSTRACT This guide reviews the basic principles of Internet exploration for the novice user, describing various functions and utilizing "onscreen" displays. The introduction explains what the Internet is, and provides historical information. The introduction is followed by a listing of Internet hardware and software (freeware and shareware), both lists including information fo: PC-compatibles and Macintosh computers. Users are introduced to and instructed in the use of the following Internet systems and services: EWAN telnet; OPACS (Online Public Access Catalogs); CARL (Colorado Alliance of Research Libraries; FirstSearch; UMI (University Microfilm Inc.); Deseret News; Pegasus E-Mail; Listservs; WinVN Newsreader; Viewers; Netscape; Mosaic; Gopher; Archie; and FTP (File Transfer Protocol). Over 100 computer screen reproductions help to illustrate the instruction. Contains 16 references and a form for ordering additional copies of this guide are provided. (MAS) *********************************************************************** Reproductions supplied by EDRS are the best that can be made from the original document.
  • 2015 Valuation Handbook – Guide to Cost of Capital and Data Published Therein in Connection with Their Internal Business Operations

    2015 Valuation Handbook – Guide to Cost of Capital and Data Published Therein in Connection with Their Internal Business Operations

    Market Results Through #DBDLADQ 2014 201 Valuation Handbook Guide to Cost of Capital Industry Risk Premia Company List Cover image: Duff & Phelps Cover design: Tim Harms Copyright © 2015 by John Wiley & Sons, Inc. All rights reserved. Published by John Wiley & Sons, Inc., Hoboken, New Jersey. Published simultaneously in Canada. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600, or on the Web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748- 6008, or online at http://www.wiley.com/go/permissions. The forgoing does not preclude End-users from using the 2015 Valuation Handbook – Guide to Cost of Capital and data published therein in connection with their internal business operations. Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose.
  • Adobe Contribute CS5 What's

    Adobe Contribute CS5 What's

    Contents Who uses Adobe Contribute? 2 Contribute CS5 What’s New Top new features of Adobe Contribute CS5 2 Predefined content types 2 XML editing 3 Cross-browser preview 4 Adobe® Contribute® CS5 Spry widget editing 4 Simplify website management Multipage search and replace 5 Integrate authoring, reviewing, and publishing into a collaborative workflow with Adobe Subversion support 5 Contribute CS5 software, an easy-to-use HTML editor and website management tool. Increase web publishing productivity while simplifying oversight and approval tasks. Image hotspot support 5 W3-compliant code when embedding SWF and FLV files 5 Quickly create and edit web pages collaboratively in a WYSIWYG HTML editor, without writing code. Adobe Contribute CS5 enables in-browser editing of text, images, and CSS for content authors, as well as Server Side Include editing 6 drag-and-drop input of FLV, SWF, and PDF files. Managers can encourage creative web development while easily controlling website look and feel, as well as workflow, review, and version processes to Text and image enhancements 6 produce static or dynamic websites with one-click publishing. Adobe Contribute CS5 is also Many businesses and web developers are saddled with unwieldy content management systems (CMS) available as a component of that cost huge sums of money to configure and customize, and equally large amounts of time for staff Still using Contribute CS3? 7 Adobe Creative Suite® 5 Web Premium and Adobe training—yet the results are often delayed site updates, bottlenecked HTML experts, and frustrated About Adobe Systems Incorporated 7 Creative Suite® 5 content authors. Similarly poor results are the norm when complex sites are managed with basic HTML Master Collection software.
  • Usenet News HOWTO

    Usenet News HOWTO

    Usenet News HOWTO Shuvam Misra (usenet at starcomsoftware dot com) Revision History Revision 2.1 2002−08−20 Revised by: sm New sections on Security and Software History, lots of other small additions and cleanup Revision 2.0 2002−07−30 Revised by: sm Rewritten by new authors at Starcom Software Revision 1.4 1995−11−29 Revised by: vs Original document; authored by Vince Skahan. Usenet News HOWTO Table of Contents 1. What is the Usenet?........................................................................................................................................1 1.1. Discussion groups.............................................................................................................................1 1.2. How it works, loosely speaking........................................................................................................1 1.3. About sizes, volumes, and so on.......................................................................................................2 2. Principles of Operation...................................................................................................................................4 2.1. Newsgroups and articles...................................................................................................................4 2.2. Of readers and servers.......................................................................................................................6 2.3. Newsfeeds.........................................................................................................................................6
  • NBAR2 Standard Protocol Pack 1.0

    NBAR2 Standard Protocol Pack 1.0

    NBAR2 Standard Protocol Pack 1.0 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 © 2013 Cisco Systems, Inc. All rights reserved. CONTENTS CHAPTER 1 Release Notes for NBAR2 Standard Protocol Pack 1.0 1 CHAPTER 2 BGP 3 BITTORRENT 6 CITRIX 7 DHCP 8 DIRECTCONNECT 9 DNS 10 EDONKEY 11 EGP 12 EIGRP 13 EXCHANGE 14 FASTTRACK 15 FINGER 16 FTP 17 GNUTELLA 18 GOPHER 19 GRE 20 H323 21 HTTP 22 ICMP 23 IMAP 24 IPINIP 25 IPV6-ICMP 26 IRC 27 KAZAA2 28 KERBEROS 29 L2TP 30 NBAR2 Standard Protocol Pack 1.0 iii Contents LDAP 31 MGCP 32 NETBIOS 33 NETSHOW 34 NFS 35 NNTP 36 NOTES 37 NTP 38 OSPF 39 POP3 40 PPTP 41 PRINTER 42 RIP 43 RTCP 44 RTP 45 RTSP 46 SAP 47 SECURE-FTP 48 SECURE-HTTP 49 SECURE-IMAP 50 SECURE-IRC 51 SECURE-LDAP 52 SECURE-NNTP 53 SECURE-POP3 54 SECURE-TELNET 55 SIP 56 SKINNY 57 SKYPE 58 SMTP 59 SNMP 60 SOCKS 61 SQLNET 62 SQLSERVER 63 SSH 64 STREAMWORK 65 NBAR2 Standard Protocol Pack 1.0 iv Contents SUNRPC 66 SYSLOG 67 TELNET 68 TFTP 69 VDOLIVE 70 WINMX 71 NBAR2 Standard Protocol Pack 1.0 v Contents NBAR2 Standard Protocol Pack 1.0 vi CHAPTER 1 Release Notes for NBAR2 Standard Protocol Pack 1.0 NBAR2 Standard Protocol Pack Overview The Network Based Application Recognition (NBAR2) Standard Protocol Pack 1.0 is provided as the base protocol pack with an unlicensed Cisco image on a device.
  • Linux + Windows 95 Mini-HOWTO

    Linux + Windows 95 Mini-HOWTO

    Linux + Windows 95 mini−HOWTO Jonathon Katz [email protected] Joy Yokley − Converted document from HTML to DocBook 4.1 (SGML) 2001−03−01 Revision History Revision 1.1.1 2001−04−19 Revised by: DCM Corrected a typo. Revision 1.1 2001−02−28 Revised by: JEY Revision 1.0 1998−08−15 Revised by: JK Revision 0.9 1996−10−26 Revised by: JK Revision 0.8 1996−06−25 Revised by: JK This document details how to install Linux on a machine that currently runs Windows 95" Linux + Windows 95 mini−HOWTO Table of Contents 1. Introduction.....................................................................................................................................................1 2. Installation Options........................................................................................................................................2 2.1. I Have This Partition I Want to Spare!.............................................................................................2 2.2. What Is This 528M 1024th Cylinder Stuff?.....................................................................................2 3. What's Next.....................................................................................................................................................3 4. Using Your New System.................................................................................................................................4 4.1. Installing on a Drive with FAT32.....................................................................................................4
  • Teaching Adversarial Thinking for Cybersecurity

    Teaching Adversarial Thinking for Cybersecurity

    Journal of The Colloquium for Information System Security Education (CISSE) September 2016 Teaching Adversarial Thinking for Cybersecurity Seth T. Hamman †, ‡ [email protected] Kenneth M. Hopkinson † [email protected] † Air Force Institute of Technology Wright-Patterson AFB, OH 45433 ‡ Cedarville University Cedarville, OH 45314 Abstract - The academic discipline of cybersecurity is still in its formative years. One area in need of improvement is teaching cybersecurity students adversarial thinking—an important academic objective that is typically defined as “the ability to think like a hacker.” Working from this simplistic definition makes framing student learning outcomes difficult, and without proper learning outcomes, it is not possible to create appropriate instructional materials. A better understanding of the concept of adversarial thinking is needed in order to improve this aspect of cybersecurity education. This paper sheds new light on adversarial thinking by exploring it through the lens of Sternberg’s triarchic theory of intelligence. The triarchic theory’s division of the intellect into the analytical, creative, and practical components provides a comprehensive framework for examining the characteristic thought processes of hackers. This exploration produces a novel, multidimensional definition of adversarial thinking that leads immediately to three clearly defined learning outcomes and to some new ideas for teaching adversarial thinking to cybersecurity students. Categories and Subject Descriptors K.3.2 [Computers and Education]: Computer and Information Science Education 1 Journal of The Colloquium for Information System Security Education (CISSE) September 2016 General Terms Computer science education, Curriculum Keywords Adversarial Thinking Definition, Cybersecurity Education, Triarchic Theory of Intelligence 1. INTRODUCTION It is widely acknowledged that teaching adversarial thinking to cybersecurity students is important.