Joined: 04 Mar 2003
|Posted: Sat Jul 02, 2005 9:29 pm Post subject: Jun '05 SFDC Column
June SFDC column
Once again a busy month has gone by, and we are now in the midst of summer. We have had our first member article by Sid, which was based on Internet Security. Also we had HD Moore give generously of his time to share with us an excellent interview. It made for great reading in case you did not notice it earlier. The “Interview with a security professional” series is going great with quite a few more in the works, and more member articles soon to be posted as well. On that note lets take a look at some of the more interesting posts made last month.
IPSec: does it work?
The poster wanted to know if implementing IPSec was really worth it, and also if there would be any appreciable consequences to network bandwidth. The answers provided in the thread touch on most of the issues when dealing with a possible IPSec deployment on your network. It was stated correctly that there is not really a big hit on the client side, but more so on the server side. This stands to reason as the server would, or could be handling a large number of concurrent connections. There are many, many IPSec solutions out there today on the market. If you are contemplating deploying IPSec on your network/s then you might be best to solicit some quotes and information from some of the various vendors. Lastly realize that IPSec is but one layer in a properly defended network, it is not a magical solution.
File enumeration batch file
The question here was how to list all the files of a given directory to a text file. There are several answers given in this thread to do just that. This can be a useful thing to do in case you wish to view say the contents of a file. Even more so if you set it up as a batch file and set it to work at specific times via the at command. The “at” command can also be a useful thing for a pen-tester to use as well. Think of an “at” command to initiate a netcat session, which shovels off a forward shell to the attacker .
C socket newbie
In this post a member would like to get some good links, or information as it pertains to socket programming. This is an excellent question, and some good answers were provided in the thread. First off one has to decide in what operating system the socket programming will take place. Will it be win32 or *nix? Well it was suggested in this thread that it would be best to start in the world of linux as it is easier to do so. This is an area of interest myself, and I practice socket programming in linux as time permits. Should any of you wish to further your knowledge of not only C programming, but also TCP/IP I would definitely advise you to practice raw socket programming. Coding a raw socket allows you total freedom when constructing your protocols. Not only that but it will also give you further insight into the aforementioned TCP/IP. There are several good books out there that deal with socket programming, but Beej’s tutorial stands out as an excellent resource. Should any of you have some quality links, or book recommendations dealing with raw socket programming I would love to see them. Please feel free to post them in this thread.
Programming language choice
The poster here poses the question of which programming languages should one learn in today’s job market. That is indeed an excellent question to ask, and some feedback is indeed given in this thread. One should also remember what HD Moore said in his interview with us ie: learning C# would be a good idea. You really cannot go wrong with learning C, or ASM really as they are both still very much in use. Though you really need to ask yourself as well, just what are your exact career aspirations. Do you lean more towards security, or more so to actual program development. If you are leaning more towards development, then you may wish to look at C#, as it is still very much a Windows centric networked world out there. Bottom line is though is that you really can’t go wrong by learning how to program, regardless of the language. Many programmers will say though that learning C is the best choice for a first one. I would be interested in hearing what our members who are programmers have to say about this. Once again please feel free to post your thoughts on this to this thread.
Well it is almost time once again for our quarterly prize giveaways. I would like to ask all members to get ready to do some voting in the categories that will be available to them to do so in. Remember that this is a great way to give a member that you feel deserves it some recognition for their efforts. After all the success of this forum is a direct result of the members themselves, and the hard work of the moderators.
Lastly, you may have noticed quite a few posts in my recent columns being based out of the programming section. This is for a rather obvious reason I believe. To really understand computer security you must know programming concepts, and ideally be able to program. That sentiment has been echoed by several of our security professionals that we interviewed on the site. There is simply no escaping the importance of programming as it impacts computer security. On that note I would like to extend a big thank you to Capi who has graciously given of both his time, and skill in answering questions in the programming section. One cannot forget either the contributions of Justin to the cryptography section. We are lucky to have a very talented cryptographer in our midst. It is great that this forum has such a widely varied field of expertise. Till next month folks, have a safe, and happy July.