This page contains, mostly, links to whitepapers, etc. that have either found or written. As I find/write more stuff, I will update this page with that information. Keep checking back...
| What's a firewall? | A while back I got into a discussion with someone on a newsgroup (never a good idea) about what makes a firewall. This paper is what resulted. While Linksys has since made some code changes that invalidates the specific issues I had with their router, the jest of my message remains accurate. |
| Building Secure and Manageable Networks | I originally wrote this for a local presentation in Houston, then updated it and presented it at MCTCON 2002. So much of security is an esoteric process, and all too often admins overlook the need for creating a security policy (the hard and boring work) by diving headlong into the configuration (the easy and glory work). Don't be lazy. Do the hard work first. Proper Prior Planning Prevents Poor Performance. The 6 "P's" |
| Turning Performance Measurements into Network Management | I originally wrote this for BMC Software, Inc. for use on as a whitepaper for customers, etc. There are new (and much better) versions of the products mentioned, but the concepts of utilizing performance metrics as a component of an overall network management process remain the same. I think that this is an aspect of network management that far too many admins don't pay close enough attention to... |
| Monitoring PIX Firewalls using Syslog | Have you ever found yourself wondering "OK, I know I need to implement Syslog for my PIX firewall, but what Syslog messages should I pay particular attention to"? If so, this list is for you. When I wrote my book I finally got around to putting together what I consider a good baseline list of PIX Syslog message that deserve some sort of attention. |
As the menu to the left mentions, this page also contains "other miscellaneous things", specifically information out on the web that I have found of some sort of value at some time. While certainly not all inclusive, these links provide a wealth of information for those who are willing to take a little time and do a little reading.
| NSA Security Docs | The NSA (yes, that NSA) maintains a killer collection of security recommendation guides for Microsoft and Cisco products. They are an excellent reference and provide some good how-to examples. |
| SecurityFocus | SecurityFocus is one of those "one stop shops" of security information and resources |
| Insecure.org | Insecure.org is another security portal site, although this is also where you can get the nMap port scanner. I use and highly recommend it on both Windows and Unix. |
| Nessus.org | Nessus is the biggest open source vulnerability scanner that I know of. It is an excellent resource that should be a part of every security admins toolkit. It only runs on the various flavors of Unix/Linux, which sucks, but if you aren't learning either/all you are selling your security skills short anyway... |
| Snort.org | Snort is the most well known open-source IDS out there. While I have not had the time or opportunity to learn it as well as I would like, it comes recommended highly enough by people I trust that it makes my list. |