[Nottingham] network security in Linux!

Lee nottingham at mailman.lug.org.uk
Tue Apr 29 22:12:02 2003 

Hmm, have a look at snort, lids, and tripwire... 


there fun, might give you a few idea//

s/wan / stunnel are fun too....

so's ssh....

linux journal has a article this month about the cryto API for linux, an
interesting read....

I guess, if had the time to write a tool, it would have to be a layer 7
analysys tool, perhaps loggin tcp/udp connections at the application
layer??? perhaps???

or doing some sort of traffic/usage analysis on network traffic to or
from a machine to detect any weird behaviour....

,you could just scout linux code for buffer overflows, always good on a
rainy sunday ;-)....

Freenet's alway a good project to get involved with, you gotta help the
chinese out somehow...:-))))

As for an Idea to make a Computer more secure, well my idea is a large
water proof safe, with a computer inside it, it also involves expanse of
deep sea water (atlantic perhaps) and a large amount of digging do you
get the picture...????? :-)))

There does seems to be a glut of layer 2,3,4 tools for network loggin,
tracking and analysis, but not much that brings that together with
analysis of layer 7, it's a difficult job, as every application creates
log differently....:-(

Perhaps, if you really bored (or want to get top marks) you could build
me a secure user authentication system for naan which uses certifcates
and a bit of mobile IP??? wireless always makes it more fun.

Laters,
Lee




On Tue, 2003-04-29 at 19:53, Martin Waryniak wrote:
> Hi everybody,
> 
> I haven't posted for a while on the LUG and also haven't made it to any 
> of the meetings since March, just been stuck in a lot of (partially) 
> pointless coursework. Hopefully I will be able to make for the showing 
> of Revolution OS.
> 
> Anyway, the reason for my post, I am currently looking for an idea for 
> my final year group project I have to do as a CompSci student. I am 
> interested in netowrk security and cryptography and have read a couple 
> of books on the topics but do not know much "practical" stuff. I was 
> just wondering, has anyone got any ideas on a project in that area 
> (preferably in a Unix/Linux) environment? Are there any bugs or security 
> holes that you are aware of or find annoying in Linux or Unix that you 
> think a (semi) skilled programmer with interest in that area can fix? Or 
> have you got an idea for a tool that would increase security for a Linux 
> machine on a network, etc.
> 
> I understand that you are not going to do my project for me, I am just 
> looking for some inspiration. As Unix and Linux are often used as 
> webservers etc. I was hoping that some of you might have experiene with 
> network security in Linux.
> Thanks a lot everybody!
> Martin
> 
> -- 
> Martin Waryniak
> School of Computer Science
> University of Nottingham
> 
> 
> 
> _______________________________________________
> Nottingham mailing list
> Nottingham@mailman.lug.org.uk
> http://mailman.lug.org.uk/mailman/listinfo/nottingham