A good little black book

NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY
10/04/05
Today's focus: A good little black book

Dear security.world@gmail.com,

In this issue:

* The Little Black Book of Computer Security
* Links related to Security
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Trend Micro

The Trend Micro Threat Map dynamically displays real-time data
to show worldwide trends in virus and content security threats
as they happen. Collected from actual computer infections, the
Threat Map can be used to help determine appropriate security
policies, based on the prevalence of threats that can adversely
affect your business.
http://www.fattail.com/redir/redirect.asp?CID=116876
_______________________________________________________________
INSIGHT ON WEB PERFORMANCE

Many Web administrators live in a state of blissful ignorance,
unaware of the true health and performance of a Web site until
users complain. Network World's latest Clear Choice Test
reviews an appliance that actively monitors actual Web site
traffic, giving Web managers a heads-up on problems before their
users do. For more, click here:
http://www.fattail.com/redir/redirect.asp?CID=116131
_______________________________________________________________

Today's focus: A good little black book

By M. E. Kabay

As Malcolm X once pointed out, Western society is so thoroughly
permeated with racism that "black" is almost always a negative
word. We speak of a "blacklist" and a "black mark"; most
pinko-gray people (E.M. Forster's preferred description of
"white" folks) think that there's nothing peculiar about
"denigrating" or "blackening" someone's reputation. Security
books with "black" in the title have usually been focused on
criminal hacking or virus writing.

I've had a decade-long argument with Mark Ludwig, for example,
about his habit of publishing books that provide full details of
virus code (e.g., _The Little Black Book of Computer Viruses_
and _The Giant Black Book of Computer Viruses_).

On the other hand, "black book" can also be used in a positive
sense; one dictionary defines it as a book full of telephone
numbers. By extension, "black book" has come to mean a concise
technical manual that can be carried about easily - what was
once called a "vade mecum" (Latin for "come with me").

I recently received a review copy of a useful security "vade
mecum" called _ The Little Black Book of Computer Security
<http://www.networkworld.com/nlsec7895> _ by Joel Dubin, CISSP.

In 150 pages, Dubin presents a neat package of valuable
reminders about significant security best practices and security
assessment questions. The jacket bio says that the author "works
as an independent computer-security consultant who is based out
of Chicago. He has received multiple certifications from Sun
Microsystems in the Java programming language as well as MBA and
BA degrees from Northwestern University."

This little book is ideal for widespread distribution to
employees throughout an organization as part of a
security-awareness campaign. The 7-inch-by-4.5-inch book is just
the right size to slip into a pocket, purse, or computer bag. It
has 19 chapters and five appendices with topics such as:

* Assessing Your System
* Writing Your Security Policy
* Taking Care of Physical Security
* Managing Human Resources
* Putting Software Access Controls in Place

And so on.

Flipping pretty much at random into the book to pick an example,
I opened it at Chapter 9, "Protecting your system against
viruses, Trojans, and worms." Dubin starts with a concise
definition of malware, provides a simple and clear table
distinguishing among viruses, Trojans and worms, and summarizes
the main sources of infection with a paragraph each.

Here's an example - the section on Web sites:

"Malicious Web sites and their pop-ups can contain malware in
two forms: tiny blank images and HTML tags. The former are
invisible on the page but contain spyware, for example, in
embedded HTML code. The latter can use your browser to download
malicious code from the attacker's Web site to your computer."

Now, readers with extensive technical knowledge may want to
quibble with the details, but for educational purposes, this is
an adequate introduction to some of the problems of malicious
code on Web sites.

The malware chapter continues with clear, numbered
recommendations for defenses. The numbering makes it easy for
technical support or security personnel to refer to specific
recommendations or steps when discussing the procedures with
users. There are also occasional notes flagged with a special
symbol to mark extra information; e.g., Chapter 9 includes this
tidbit:

"Generally, a firewall cannot protect a computer from virus
attacks because most viruses operate at the application level
(especially when they slip through as e-mail attachments).
Similarly, trojans are like mini-application servers that open
ports on the victim's computer and then go to town. An
application-level firewall or a proxy that strips e-mail
attachments can provide some protection."

This booklet is useful and inexpensive, at $19.95 for single
copies and less for bulk orders by arrangement with the
publisher - contact Jan Hazen <mailto:jhazen@pentontech.com>. I
am ordering several hundred copies for my graduate students as
examples of useful awareness materials and to provide review and
reminders of practical recommendations for first-level
information security measures.

Good job, Mr. Dubin.

Disclaimer: I have no financial interest in this venture and
Norwich University has received no special discounts as a result
of this review.

The top 5: Today's most-read stories

1. How to solve Windows system crashes in minutes
<http://www.networkworld.com/nlsecuritynewsal7602>
2. Nortel faces uphill battle
<http://www.networkworld.com/nlsec8109>
3. Cisco pushes new security software
<http://www.networkworld.com/nlsec8110>
4. Verizon CTO lays out next-gen network plans
<http://www.networkworld.com/nlsecuritynewsal7959>
5. Next-gen net seen at a crossroads
<http://www.networkworld.com/nlsec8111>

_______________________________________________________________
To contact: M. E. Kabay

M. E. Kabay, Ph.D., CISSP, is Associate Professor in the
Division of Business and Management at Norwich University in
Northfield, Vt. Mich can be reached by e-mail
<mailto:mkabay@norwich.edu> and his Web site
<http://www2.norwich.edu/mkabay/index.htm>.

New information assurance journal - Norwich University Journal
of Information Assurance (NUJIA). See
<http://nujia.norwich.edu/>
_______________________________________________________________
This newsletter is sponsored by Trend Micro

The Trend Micro Threat Map dynamically displays real-time data
to show worldwide trends in virus and content security threats
as they happen. Collected from actual computer infections, the
Threat Map can be used to help determine appropriate security
policies, based on the prevalence of threats that can adversely
affect your business.
http://www.fattail.com/redir/redirect.asp?CID=116875
_______________________________________________________________
ARCHIVE LINKS

Archive of the Security newsletter:
http://www.networkworld.com/newsletters/sec/index.html

Security Research Center:
http://www.networkworld.com/topics/security.html

Instant sign-up for Security News Alert:
http://www.networkworld.com/isusecna

Instant sign-up for Virus & Bug Patch Alert:
http://www.networkworld.com/isubug
_______________________________________________________________
Webcast - IT security without compromise

Explore proven leadership approaches to IT security as leading
experts from Cisco Systems and Microsolved discuss how to
implement a comprehensive, integrated security architecture.
Find out more, watch now.
http://www.fattail.com/redir/redirect.asp?CID=116056
_______________________________________________________________
FEATURED READER RESOURCE

IT PROS SHARE THEIR TALES OF MAKING ITIL WORK

Running an enterprise network is challenging. IT organizational
change can be even more so if managers don't balance efforts
proportionally across people, process and technology.
Implementing best practices frameworks such as Information
Technology Infrastructure Library (ITIL) can help, but they
introduce their own set of challenges. Click here for more:

<http://www.networkworld.com/news/2005/092205-itil.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005