Home News & Discussion Research Project Completed Projects Resources Unix Course Notes MVS Job Stream Example 1 Example 2 Example 3 Lab 1 Lab 2 JCL Notes
2004-01-17 02:28

Unix exploit - PATH

Unix/Linux/GNU Resources

The Web Developer Virtual Library Tutorials (a complete set of introductory tutorials)

Learning the VI text editor

VI LOVERS HOME PAGE vi Editor Resources (VI text editor tutorial)

Quick Vi Tutorial

Advanced Vi Tutorial

CTC Tutorial on vi (Cornell Tutorial on the vi text editor)

Linda MacEwan's Floppix

Installing Linux (How to install Linux)

news:comp.os.linux.setup (Usenet News Group with discussions about setting up Linux.) (Installing the Debian distribution of Linux.) (Installing Red Hat) (Installing Slackware)

Linux MAN Pages Indexed HTML Version - "A Gift to Linux Users: HTML version of the the MAN pages. I'm trying to understand Linux and the documentation sucks. My brain is so full that in order to learn something new I have to forget something to make room for it. So I need docs that I can read and search. I'm sure I speak for a lot of people besides myself that the biggest barrier to Linux is the documentation. It doesn't matter how good it is if you can't figure out how to use it."

Linux Homes, Documentation, and Software (Linux man pages) (Linux software for download)

Basic Programming

Basic Programming: Loops in Java (applicable to any programming language, e.g. shell, Perl)

Shell Scripting (Tutorial on Shell Scripts [mostly C Shell])

Regular Expressions / sed / grep / vi

Appendix A

Regular Expressions are a powerful pattern-matching language.

To see what's possible once you learn Regular Expressions, read what a Perl master has to say: (Using Regular Expressions)

For help learning Regular Expressions in the vi text editor see "Searching and Replacing text" in this tutorial: (Linux User Guide: Advanced vi Tutorial) (alternate source) (alternate source)

Here is a Java applet that lets you experiment with Regular Expressions online: (Java Perl Regular Expression evaluator)

sed, Perl and Regular Expressions

Regular Expressions

Perl Tutorial - First Meeting - Regular Expressions (With cool Java applet!)

82.562 Perl Patterns

Searching and replacing text

Regular Expression in JavaScript 1.2 - Regular Expressions Introduction

Unix for Linguists Regular Expressions

Regular Expression in JavaScript 1.2 - Regular Expressions Introduction


Rootshell: Network Security incidents and exploits

The WWW Security FAQ

National Security Institute Security Resource Net

Apache Week: Using User Authentication

Bugtraq mailing list archives

L0pht Heavy Industries (Software to find holes and to break into systems)

Dan Farmer: COPS, SATAN, etc.

Deception ToolKit (Make your system appear to be hackable)

Network Security Solutions Ltd. - White Papers and Advisories

Computer Virus Myths home page

Securing NIS

Enterprise Network Security and Risk Management


The Web Developer Virtual Library: UNIX (Unix/Linux Filesystem Hierarchy Standard [FHS]) (Unix resources) (Unix Guru Universe) (An online Unix course, text, and study guide by David Jones in Australia)

Microsoft Windows NT Server 4.0 versus UNIX (The technical merits of Unix.) (Linux popularity grows) (GNU Awk Users Guide) (Ethernet IP/ARP packet simulations) (Alt.Fan.Warlord - the art of signatures)

Unix - Frequently Asked Questions - Why do some scripts start with #! ...

Mastery of Unix

"Mastery of UNIX, like mastery of language, offers real freedom. The price of freedom is always dear, but there's no substitute. Personally, I'd rather pay for my freedom than live in a bitmapped, pop-up-happy dungeon like NT. I'm hoping that as IT folks become more seasoned and less impressed by superficial convenience at the expense of real freedom, they will yearn for the kind of freedom and responsibility UNIX allows. When they do, UNIX will be there to fill the need." - Thomas Scoville, The Elements of Unix Style: Unix as Literature


From Thu Dec 17 14:30:23 1998
From: Aleph One <>
Subject: Re: Learning security [SUMMARY]

This is a summary of the many (and I do mean many) replies. Thanks to
everyone that contributed.

Why do programmers write unsafe code?

- There is no curriculum that addresses computer security in most schools.
- Programming books/classes do not teach secure/safe programming techniques.
- No one uses formal verification methods.
- C is an unsafe language.
- The standard C library string functions are unsafe.
- Programmers do not think 'multiuser'.
- Programmers are human. Humans are lazy.
- Most programmers are simply not good programmers.
- Most programmers are not security people.
- Most security people are not programmers.
- Most computer security models suck.
- Lots of legacy code that is broken.
- Consumers don't care about security.
- Cost in extra developing time.
- Cost in extra testing.

What secure programming resources are available?


"How Attackers Break Programs, and How to Write Programs Securely" by M. Bishop.
<  >


UC David ECS153 "Introduction to Computer Security" (M. Bishop)

EnGarde's Secure Programming Tutorial
<   >


"Designing Secure Software" by Peter Galvin
<   >

"The Unix Secure Programming FAQ" by Peter Galvin
<   >

"A Lab engineers check list for writing secure Unix code" by AUCERT
<   >

"How to find security holes" by Kragen Sitaker
<   >
<   >

"setuid - checklist for security of setuid programs"
<   >

"perlsec - Perl security"
<   >


"Robust Programming" by M. Bishop
< >
<   >
<   >

"Security Code Review Guidelines" By Adam Shostack
<   >

Talks & Tutorials:

"UNIX Security: Security in Programming" by M. Bishop
<   >
<   >

"Shifting the Odds: Writing (More) Secure Software" by Steve Bellovin

<   >
<   >

Books on writing secure software:

"Practical Unix and Internet Security" from O'Reilly & Associates
Chapter 22 "Writing Secure SUID and Network Programs"
<   >

Books on writing bug free software:

"Writing Solid Code" by Steve Maguire
<   >

"Code Complete" by Steve McConnel
<   >


Web Author: Ian! D. Allen      Updated: 2004-01-17 02:28

Internet Free Zone Level 1 logo Support free and non-commercial Internet.

Any Browser logo This site works best in Any Browser, a campaign for non-specific WWW.

Creative Commons License logo This work is licensed under a Creative Commons License.