Security for System Administrators
Procedures
- Server Scanning Procedure - Automated vulnerability scanning software for identifying devices on your network that are open to known vulnerabilities
- Web Application Security Assessment Procedure - Automated security and compliance assessment software for checking web applications for common vulnerabilities. It can be used in test, development and production instances to find all linked pages and to check sites for such vulnerabilities as SQL injection, cross-site scripting and buffer overflows.
Tools
- CIS Benchmarks and Scoring Tools - Security configuration benchmarks that detail how to secure an array of workstations, servers, network devices and software applications in terms of technology-specific controls; scoring tools that analyze and report system compliance with the technical control settings in the benchmarks.
- DHCP Information
- Check Current List of Blocked Hosts
- Net Manager Database - Owner Information and IP Ranges
Training Materials
Firewalls at UA (Requires UA NetID and Apple QuickTime Player)
|
Part 1 (Modules 1-4): Basic network and firewall terminology and concepts; UA network architecture. Recommended for anyone wanting to gain or refresh a basic understanding of networking and firewalls. |
||||
|
|
|
|||
|
Part 2 (Module 5): How to create rule sets and request a new firewall implementation, with interactive examples. Recommended for all who complete the first session and others with a basic understanding of networking and firewalls. |
|
|||
|
|
|
|
UA Presentations
- The Man With the Active Directory: Using AD for Improved Security (Video presentation) (PowerPoint presentation)
- Octopolicy: Security Through Group Policy (Video presentation) (PowerPoint presentation)
- Logs Never Die: Log Management/Reporting and Incident Handling (Video presentation) (PowerPoint presentation)
- Web-Raker: Web Application Security (Video presentation) (PowerPoint presentation)
- Live and Let Comply: Tools for Complying With UA Standards (Video presentation) (PowerPoint presentation)
- Goldentools: Centralized Tools on a Decentralized Campus (Video presentation) (PowerPoint presentation)
Other Helpful Resources & Information
- Developments of the Honeyd Virtual Honeypot
- Ethereal: A Network Protocol Analyzer
- F. I. R. E.
- Forensic Acquisition Utilities
- Nessus Vulnerability Scanner
- Packet Storm
- SANS Information and Computer Security Resources
- Security Focus
- Security Tools Distribution
- Stumbler Dot Net
- The Helix Live CD Page
- Top 75 Security Tools by Insecure.org
- TEEX Preparedness Campus - DHS/FEMA Certified Online Training