LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   LQ REQ: Real newbie HOWTO's, refs, etc etc. (https://www.linuxquestions.org/questions/linux-security-4/lq-req-real-newbie-howtos-refs-etc-etc-62121/)

unSpawn 05-27-2003 01:40 PM

LQ REQ: Real newbie HOWTO's, refs, etc etc.
 
I would like to ask for your support finding any HOWTO's, references and whatnot that would appeal to or are especially written for newbies.

Minimal requirements could be:
1. handle basic (install/post install) security,
2. clear, simple, step by step structure, "like talking to a 4 yr old",
3. be (somewhat) up to date.
If unsure, just post!


TIA, unSpawn

tcaptain 05-27-2003 02:03 PM

Judging from your post count I guess I can assume you went to the Linux Documentation project? Too high level for documentation? (I know I found them a bit complex at first...)

I'd check out the PETs at Linux Junior and the NHFs at linuxnewbie err...justlinux.com...those used to be pretty good (although I haven't visited in ages)

manthram 05-27-2003 02:55 PM

come on tcaptain, you think unSpwan is asking the how-to's for himself. he is a linux security GURU for crying out loud. I am sure he wants them so that he can post to help the newbie's;)

tcaptain 05-27-2003 03:00 PM

No no...not at all, I didn't think they were for HIM :D

I was just wondering if he had considered LDP and judged the docs too complex

I mean c'mon...2K + posts! You gotta figure he knows a lot about linux or at least LEARNED a few things during his tenure ya know? *poke* hehe

unSpawn 05-27-2003 03:47 PM

Thanks for your suggestions Tcaptain.
Yes, what I'm looking for is the opposite of "documentation". Documentation implies one knows one's way around a Linux/GNU system, etc etc.

I'll add the "Securely Installing Linux" NHF to my list. A quick scan of the PET didn't result in me noticing anything for the uninitiated.

Thanks again, if you find more: please add.

bastard23 05-27-2003 06:21 PM

unSpawn,

Usually the distro documentation is pretty good for beginning information. I've only browsed the Redhat and Mandrake ones since I rarely uses those. The getting started guides usually start at the beginning :). I'm sure other distros have similar guides.

Unfortunately the Debian (what I use) guide seems a little old. Also, the "classic" ones like The Linux System Administrators' Guide or The Linux Network Administrator's Guide are getting dated to very dated.

Looks like some people around here (you and markus1982, that I've noticed) are writing things up. It would be nice if they had a more permanent home (I think linuxnewbie (justlinux) has a section like this.

Or maybe it would be fun to update the classic ones a section at a time. I'll have to google around to see what other people are doing.

I might able to be convinced to write up something. Or at least get UML up and running with different distros and test things. Hmm... I usually need the problem in front of me to get started.

Just some thoughts,
chris

unSpawn 05-27-2003 07:27 PM

Thanks for your post Bastard23, but as I said in my reply to Tcaptain, it's not docs what I'm after. Not "technical documentation" like TLPD/SAG/NAG2 at least, but simple, step by step, "please hold my hand" type of texts, you know, like in "explain it to me like I'm a 4 yr old". Why? Because our audience includes newbies who could be totally bereft of any Linux/GNU knowledge.

If nothing else shows up (I don't hope so) then your idea of rewriting the old HOWTO's isn't that bad. It's just a lot of work.
The work Markus1982 has put into publishing docs stems from his work securing ISP systems and working on adding to Debian docs.
I wouldn't consider them NHF or PET material but rather TLDP.

I'll keep your offer in mind. When the time comes we have to revise/write HOWTO's the capability to fast load distro's and test directions will definately be welcome.

Cummon ppl, don't make me write a Security-for-Newbies HOWTO! My grasp of tone of voice is blisteringly bad and I'm suffering from Occam's Razor deficiency :-]

bastard23 05-27-2003 09:04 PM

unSpawn,

OK, I think I get you. Your looking for a newbie compliment to your "Security references" post. My second paragraph on was more general, me thinks :).

This passwords page or this open ports page from the Redhat Security guide is kinda what I was looking at. I haven't read it all, but I don't know how you can get too much simpler. It is can be sparse on actual commands and the nmap page assumes at least a passing familiarity with the shell. Oh, and Redhat specific. You'd have to read the other guides first to be able to get everything if your starting out as newbie. You are looking for something simpler (or more explicit). Hmm...

I keep my eyes open for good explanations and tutorials (a better word for what your looking for?) of security tools. Especially graphical tools.

Have fun,
chris
P.S. I think I'm going to try out systrace since there is a linux version and the debian package. Here's a couple articles that talk about the BSD version, but everything should translate. Not newbie, but they give a pretty basic overview of what's going on (explain what a syscall is.)

unSpawn 05-28-2003 04:59 AM

Thanks again for posting suggestions Bastard23,

I agree the RH manuals are a start, and I agree to the same "objections" you noted: "familiarity with the shell. Oh, and Redhat specific. You'd have to read the other guides first".

Yes, I guess "tutorials" is the right word. Weird I didn't come up with that description myself :-]

Come on, any more takers?

Would be excellent if, after you get acquainted with Systrace, you where able to post some of your findings.

unSpawn 05-28-2003 04:59 AM

(..)

jharris 05-28-2003 05:16 AM

Dunno if this is any good for you as a general intro, no security in it though :( :study: There seems to be a lack of very basic tutorials.

http://dbstreams.ca/mirrors/linux-newbie/

Jamie...

unSpawn 05-28-2003 05:41 AM

Thanks for your suggestion Jamie, I even managed to find some security tips in it here and here but that's not enough to make the list I'm afraid.

There seems to be a lack of very basic tutorials.
It would appear so. If no one is gonna show up with some tutorials I guess it's time something is done about it...

jharris 05-28-2003 05:52 AM

Quote:

Originally posted by unSpawn
There seems to be a lack of very basic tutorials.
It would appear so. If no one is gonna show up with some tutorials I guess it's time something is done about it...

If you do decide to do something about it and want a proof reader/(pedantic) source of feedback then throw it in my direction.

cheers

Jamie...

unSpawn 05-28-2003 06:36 AM

If you do decide to do something about it and want a proof reader/(pedantic) source of feedback then throw it in my direction.
Thnx man, I certainly will need that kind of support :-]

Ok. If no one else adds some, that about wraps it up.
I think it's time LQ takes a stab at producing a "Linux Newbie Security Tutorial". Any more people want to join in?


It'll be an LQ group effort after all.
Please post what you're part willing to contribute to, or what you think the "Linux Newbie Security Tutorial" should include, or whatever skills you're willing to offer. Note it's not mandatory to have 3xcellent wr1tin5 sk1llz, have guru status or be a security wiz to be able to join in.
the most important thing to realize is the audience will be the uninitiated, the archetypical Linux Newbie.

To give you an example of how we could proceed:
- first discuss the main items and depth of the piece,
- find any off-site ppl willing to contribute/review/validate (if we want to TLDP/PET/NHF it),
- produce the framework and divvy up the parts to be written,
- write, format, collate,
- review rounds, discussion,
(- get off-site approval if necessary for exports.)


Please join in, please contribute and help your fellow LQ community members!

jharris 05-28-2003 06:51 AM

Quote:

Originally posted by unSpawn
Thnx man, I certainly will need that kind of support :-]
NP...
Quote:

Originally posted by unSpawn
Please post what you're part willing to contribute to, or what you think the "Linux Newbie Security Tutorial" should include, or whatever skills you're willing to offer.
From the sounds of it what we need to produce is a reasonably high-level document that will ease people into a security-concious mindset; then they can investigate the low level stuff elsewhere. We could always expand the document to include the low level stuff, but that might be reinventing the wheel. Exactly how we will achive this without scaring them off or putting them to sleep will probably be a big challenge.

As for what I can offer - uhm... Just some time, a reasonably good understanding of overall security and a good deal of linux experience.
Quote:

Originally posted by unSpawn
Note it's not mandatory to have 3xcellent wr1tin5 sk1llz, have guru status or be a security wiz to be able to join in.
Just as well! The first drafts of everything I write are always laughable, and it takes a few proof reads to make them into something resembling English. On this note - I recon that LQ must be a reasonably good place to get people who would be willing to translate a document if we manage produce one. Any offers?
Quote:

Originally posted by unSpawn
To give you an example of how we could proceed:
- first discuss the main items and depth of the piece,
- find any off-site ppl willing to contribute/review/validate (if we want to TLDP/PET/NHF it),
- produce the framework and divvy up the parts to be written,
- write, format, collate,
- review rounds, discussion,
(- get off-site approval if necessary for exports.)

Do you want to keep all this discussion in this thead or do you have plans to take it elsewhere? (new threads/email/irc/etc.)

cheers

Jamie...


All times are GMT -5. The time now is 04:13 PM.