Maximum security: A hacker's guide to protecting your internet site and network

e projects that are in the design phase and design/implementation of network security products. NOTE: Mr. Murray also has been the technical editor and advisor on many books on Internet-related technologies. Independent Consultant Redwood City, CA 94061 Contact: Eric Murray E-mail: ericm@lne.com URL: Feist Systems Feist Systems is an ISP and System Integrator that can provide safe connections to the Internet as well as enhance your LAN/WAN security through a variety of services provided by skilled industry professionals. Feist Systems 110 S. Main Street, Suite 1000 Wichita, KS 67202 Contact: Bruce Marshall Phone: 316-337-8688 Fax: 316-833-5231 E-mail: bkmarsh@feist.com URL: Finlayson Consulting Secure Net applications, cryptographic applications, security advisory consulting. Finlayson Consulting 1884 Columbia Road, NW #1004 Washington, DC 20009 Contact: Ross A. Finlayson Phone: 202-387-8208 E-mail: raf@tomco.net URL: Galaxy Computer Services, Inc. Firewall implementation (various flavors of UNIX) in a heterogeneous environment. Penetration testing and risk assessment, client-server application security in the Windows NT environment, network security product--the Information Diode&tm;--an accreditable, one-way only path from low to high networks. Galaxy Computer Services, Inc. 17831 Shotley Bridge Place Olney, MD 20832-1670 Contact: George Romas Phone: 301-570-4647 Fax: 301-924-8609 E-mail: gromas@gcsi.com, George_Romas@msn.com Gemini Computers Inc. Gemini products provide trustworthy support for secure system applications using the Al certified foundation of the Gemini Trusted Network Processor (GTNP) with integrated encryption. Trustworthiness is based on trusted end-to-end encryption technologies supporting the legal foundation of the electronic world in compliance with applicable standards, guidelines, and laws. Gemini Computers Inc. P.O. Box 222417 Carmel, CA 93922-2417 Contact: Dr. Tien F. Tao, President Phone: 408-373-850 Fax: 408-373-5792 E-mail: tft@geminisecure.com URL: GlobalCenter ISP offering dial-up, dedicated, and server co-location services, security consulting on firewalls, security policies, encryption, virtual private networks, spam detection and cancellation, junk e-mail filtering, abuse prevention. GlobalCenter 1224 E. Washington Street Phoenix, AZ 85034 Contact: Jim Lippard Phone: 602-416-6122 Fax: 602-416-6111 E-mail: jl@primenet.com Grand Designs, Ltd./ConfluX.net The principals each have over 20 years experience in the areas of networking and software engineering. We have experience with secure networking and systems security including work for military subcontracts. Our ConfluX.net unit offers secure Internet access (that is, virtual private networks) and Web hosting. Grand Designs, Ltd./ConfluX.net 4917 Evergreen Way, Suite 10 Everett, WA 98203 Contact: John Painter or William Heaton Phone: 206-710-9006 E-mail: info@gdltd.com, info@conflux.net URL: Gregory R. Block UNIX/NT security and networking consultant, ten years of experience in the field, tiger- team analyses, firewalls, topology, design and implementation at all levels. Finger for PGP key and mail for further information. Gregory R. Block 48A Hendon Lane London, N3 1TT UK E-mail: gblock@lemon.net Hyperon Consulting Hyperon Consulting is a high-technology company that provides advanced Internet and electronic commerce security solutions to industry. CISSP certified and familiar with banking regulations. Hyperon Consulting 3422 Old Capitol Trail, Suite 1245 Wilmington, DE 19808 Contact: James Molini Phone: 302-996-3047 Fax: 302-996-5818 URL: IC Tech Systems consultants and integrators. Specializing in midrange system integration. IC Tech 131 Willow Pond Way Penfield, NY 14526 Contact: Vadim Mordkovich Phone/Fax: 716-388-1877 E-mail: ictech@frontiernet.net URL: www.frontiernet.net/~ictech I.T. NetworX Ltd. Specialist Internet/intranet security on UNIX and Windows NT. Services offered: firewalls, penetration testing, design, consultancy, products, freeware configuration. Since 1984. I.T. NetworX Ltd. 67 Merrion Square Dublin 2 Ireland Contact: Michael Ryan Phone: +353-1-6768866 and +353-87-444024 Fax: +353-1-6768868 E-mail: mike@NetworX.ie Integrity Sciences, Inc. Integrity Sciences, Inc. provides consulting and software engineering services for secure networks, focusing on strong password authentication protocols immune to network attack. Integrity Sciences, Inc. Westboro, MA 01581 Contact: David Jablon Phone: 508-898-9024 E-mail: dpj@world.std.com URL: International Network Services Offering a full suite of consulting services including risk assessment, requirements development, perimeter security, host and Web server security, penetration testing and audits, and customer training and security awareness programs. International Network Services 300 Crown Colony Drive, Fifth Floor Quincy, MA 02169 Contact: Harold Long, Managing Director Phone: 617-376-2450 Fax: 617-376-2458 E-mail: hlong@ins.com URL: InterNet Guide Service Inc. InterNet Guide Service is a consulting and coaching firm specializing in Internet strategy, security, and digital commerce. Member of NCSA, certified IBM firewall expert. InterNet Guide Service Inc. 55A Richardson Street Billerica, MA 01821 Contact: Eric S. Johansson Phone: 508-667-4791 E-mail: esj@harvee.billeric.ma.us Internet Information Services, Inc. (IIS) IIS provides a full range of security expertise to businesses that want to outsource the management of their network security. This includes firewall design and integration, virtual private network design and integration, site security evaluation, security policy development and security systems design and implementation. Internet Information Services, Inc. (IIS) 7979 Old Georgetown Road Bethesda, MD 20814 USA Contact: Robert Tewes Phone: 301-718-1770 Fax: 301-718-1770 E-mail: roberttewes@iis.net URL: www.iis.net Internet Security Systems, Inc. (ISS) ISS is the pioneer and leading supplier of network security assessment tools, providing comprehensive auditing, monitoring, and response software. The company's flagship product, Internet Scanner, is the leading commercial attack simulation and security audit tool used by organizations worldwide. Internet Security Systems, Inc. (ISS) 41 Perimeter Center East, Suite 660 Atlanta, GA 30071 USA (Corporate Headquarters) Contact: Paul Graffeo Phone: 770-395-0150 Fax: 770-395-1972 E-mail: info@iss.net URL: Interpact, Inc./Infowar.Com Only if you really care about security, we offer security design, architecture, modeling, and penetration testing. We have clients on three continents and work for governments and the largest corporations. Interpact, Inc./Infowar.Com 11511 Pine Street Seminole, FL 33772 Contact: Winn Schwartai Phone: 813-393-6600 Fax: 813-393-6361 E-mail: winn@infowar.com URL: Jeff Flynn & Associates Holistic network security services: needs assessment, security awareness, training, physical security, logical security, analysis, design, configuration, deployment, testing, investigation, firewalls, encryption, authentication, intrusion detection. Jeff Flynn & Associates 19 Perryville Irvine, CA, 92620 Contact: Jeff Flynn Phone: 551-6398 Jerboa, Inc. UNIX, firewalls (all vendors), product reviews, consulting, topology, policy development, product integration, compatibility testing, training, seminars, business planning, Web technologies, encryption, and tunneling. Jerboa, Inc. P.O. Box 382648 Cambridge, MA 02238 Contact: Ian Poynter, Diana Kelley Phone: 617-492-8084 Fax: 617-492-8089 E-mail: info@jerboa.com URL: Kinchlea Computer Consulting UNIX/network security experts (most platforms), firewalls, security audits, security consultation. Vancouver Islands' security experts. We are small but highly knowledgeable and professional. Kinchlea Computer Consulting 3730 Denman Road Denman Island, BC, Canada, V0R 1T0 Contact: Dave Kinchlea, President Phone: 250-335-0907 Fax: 250-335-0902 E-mail: kcc@kinch.ark.com URL: Kinetic, Inc. Internet-related open systems and computer security consulting. UNIX security audits, firewall design, secure off-site Web management/housing facilities. Kinetic, Inc. Park Place West, Suite 315 6465 Wayzata Boulevard Minneapolis, MN 55426-1730 Contact: Scott Hoffer Phone: 612-225-8533 Fax: 612-225-8508 E-mail: 411@kinetic.com URL: Lawrence J. Kilgallen VMS security. Lawrence J. Kilgallen Box 397081 Cambridge, MA 02139-7081 Phone: 617-498-9606 E-mail: Kilgallen@eisner.decus.org Learning Tree International Learning Tree provides 4-day hands-on courses on UNIX security, Windows NT security, Internet/intranet security, and firewalls, plus over 130 other information technology topics. Call for a free course catalog! Learning Tree International 1805 Library Street Reston, VA 20190-5630 Contact: Linda Trude Phone: 800-843-8733 Fax: 800-709-6405 E-mail: uscourses@learningtree.com URL: Livermore Software Labs LSLI is the maker of the PORTUS Secure Firewall for AIX, HP, Solaris, and Apple. It is a Houston-based network-consulting firm. Livermore Software Labs 2825 Wilcrest, Suite 160 Houston, Texas 77042-3358 Contact: Jay Lyall Voice Mail: 713-974-3274 Phone: 800-240-5754 Fax: 713-978-6246 E-mail: portusinfo@lsli.com URL: Lurhq Corporation Lurhq is a network security organization specializing in firewalls, Web-server security, electronic commerce implementations, and penetration testing. We offer many security services and customize these services for your unique security requirements! Lurhq Corporation Myrtle Beach, SC Contact: Kristi Sarvis, Sales Coordinator E-mail: info@lurhq.com URL: Maxon Services Network Security systems integrator/consultant, Windows NT, UNIX, CISCO, Check Point Firewall 1, Security Dynamics Ace Server. Maxon Services 8550 Marie-Victorin Brossard, Quebec Canada, J4X 1A1 Contact: Eric Tremblay Phone: 514-466 2422 Fax: 514-466 2113 URL: Metamor Technologies, Ltd. Metamor Technologies is a project-oriented consulting company helping companies through technical transitions. Firewall, commerce, and security reviews are just some of the exciting services offered by our Internet technology division. Visit our Web page for a full tour! Metamor Technologies, Ltd. 1 North Franklin, Suite 1500 Chicago, IL, 60606 Contact: Paul Christian Nelis Phone: 312-251-2000 Fax: 312-251-2999 E-mail: nelis@metamor.com URL: Milkyway Networks Corporation Milkyway Networks is a leading provider of network security solutions for enterprise networks. Milkyway's firewall product comes with a factory hardened operating systems ensuring one of the most secure firewalls on the market. In addition to firewalls the company provides products for secure remote access and an auditing tool to probe your network for potential security weakness. Milkyway has a U.S. office in Santa Clara with its corporate offices in Ottawa, Canada. Milkyway Networks Corporation 4655 Old Ironsides Drive Suite 490 Santa Clara, CA, 95054 Contact: Jeff Sherwood, Vice-President Sales Phone: 408-566-0800 Fax: 408-566-0810 E-mail: info@milkyway.com URL: www.milkyway.com Milvets System Technology, Inc Systems integration of network security products. Reseller agreements with market- leading firewall vendors. Specializing in UNIX- and NT-based systems. Milvets System Technology, Inc 4600 Forbes Boulevard, Suite 104 Lanham, MD 20706 Contact: Greg Simpson Phone: 301-731-9130 Fax: 301-731-4773 E-mail: simpson@milvets.com, Milvets@milvets.com Miora Systems Consulting, Inc. (MSC) Miora Systems Consulting helps organizations improve their computer and information security posture and their disaster recovery readiness. We are an affiliate of the National Computer Security Association. Services include security assessments, penetration testing, firewall verification, virus assessments, disaster-recovery planning, pbs and war- dialing attacks, security-policy development, and others. Miora Systems Consulting, Inc. (MSC) P.O. Box 6028 8055 W. Manchester Avenue Suite 450 Playa del Rey, CA, 90296 Contact: Michael Miora Phone: 310-306-1365 Fax: 310-305-1493 E-mail: mmiora@miora.com URL: MTG Management Consultants IT management and security. Criminal justice systems specialists. MTG Management Consultants 1111 3rd Avenue Suite 2700 Seattle, WA 98101 Contact: Scott Colvin Phone: 206-442-5010 Fax: 206-442-5011 URL: Myxa Corporation Myxa is a technology-services company that deals with UNIX, client/server, and networking (intra and Internet), including firewalls and security. We've helped companies design, implement, and manage their systems and networks since 1976. Myxa Corporation 654 Red Lion Road, Suite 200 Huntingdon Valley, PA 19006 Contact: Timothy M. Brown Phone: 215-947-9900 Fax: 215-935-0235 E-mail: sales@myxa.com URL: NetPartners Internet Solutions, Inc. NetPartners' mission is to bring sophisticated Internet technology to the mass business market. Products include Firewall-1, Raptor, BorderWare, Sidewinder, Gauntlet, ISS, Compaq, Cisco, Interscan, SUN. NetPartners is also the manufacturer of WebSENSE--an advanced Internet content screening system that allows businesses and educational institutions to monitor and/or eliminate network traffic to Internet sites deemed inappropriate or otherwise undesirable for business use. NetPartners Internet Solutions, Inc. 9210 Sky Park Court First Floor San Diego , CA 92123 Contact: Jeff True Phone: 619-505-3044 Fax: 619-495-1950 E-mail: jtrue@netpart.com URL: Network Evolutions, Incorporated NEI is an international technology consulting firm that provides enterprise-wide network design services, network security audits, and intranet/Internet firewall implementation services. Network Evolutions, Incorporated 1850 Centennial Park Drive, Suite 625 Reston, Virginia 20191 Contact: David Kim, President Phone: 703-476-5100 Fax: 703-476-5103 E-mail: kim@netevolve.com URL: New Edge Technologies I am a computer network security consultant with 17 years of hard-core diverse experience in telephony, electronic communications systems, licensing systems, network security, encryption techniques, and analysis. New Edge Technologies United States Contact: Donald R. Martin E-mail: grey@earth.usa.net URL: Newline Network security and performance analysis, penetration testing, monthly security reviews and briefings. Newline 969 La Felice Lane Fallbrook, CA 92028 Contact: Steve Edwards Phone: 619-723-2727 Fax: 619-731-3000 E-mail: sedwards@newline.com NH&A Anti-virus, security, and network management. NH&A 577 Isham Street, Suite 2-B New York City, NY 10034 Contact: Norman Hirsch Phone: 212-304-9660 Fax: 212-304-9759 E-mail: nhirsch@nha.com URL: NorthWestNet, Inc. Managed firewall services (UNIX and NT), vulnerability assessment services, security incident response team (SIRT) services, virtual private networking (VPN) services, security awareness training. NorthWestNet, Inc. 15400 SE 30th Place, Suite 202 Bellevue, WA 98007 Contact: Security Engineering Manager Phone: +1 (425)-649-7400 Fax: +1 (425)-649-7451 E-mail: info@nwnet.net URL: Omnes FireWall-1, penetration testing, security audits, tiger teams, encryption, and virtual private networks, Firewall-1 CCSE training. Omnes 5599 San Felipe, Suite 400 Houston, TX 77056 555 Industrial Boulevard, Sugarland, TX 77478, Contact: Nassim Chaabouni, Network Security Consultant Phone: 281-285 8151 Fax: 281-285 8161 E-mail: Chaabouni@houston.omnes.net URL : Onsight, Inc. Consulting/training firm in Chicago/midwest with heavy background in host and network security, firewalls, and encryption. Onsight, Inc. 2512 Hartzell Evanston, IL 60201 Contact: Brian Hatch Phone: 847-869-9133 Fax: 847-869-9134 E-mail: bri@avue.com URL: Plum Lake Alchemy UNIX, WWW, and security consulting. Raptor Eagle Firewall specialists. Plum Lake Alchemy 1000 Kiely Boulevard #66 Santa Clara, CA 95051 Contact: Matthew Wallace Phone: 408-985-2722 E-mail: matt@ender.com URL: R.C. Consulting, Inc. Provides enterprise-level security consulting for Windows NT environments, particularly where those environments are intended to interact with the Internet. Executive briefings on existing or future security products/strategies tailored to your specific requirements in person, or via e-mail/phone/vidphone. Host and moderator of the NTBugTraq mailing list, dedicated to examining security exploits and bugs in Windows NT. R.C. Consulting, Inc. Kenrei Court, R.R. #1 Lindsay, Ontario, K9V 4R1 Canada Contact: Russ Cooper Phone: 705-878-3405 Fax: 705-878-1804 E-mail: Russ.Cooper@rc.on.ca URL: Rampart Consulting Independent consulting in Internet security policy and security assessment. Firewall installation, UNIX system and network management, DNS administration, SMTP consulting and general system training. Rampart Consulting 1-285 Rangely Drive Colorado Springs, CO 80921 Contact: Dan Lowry Phone: 719-481-9394 E-mail: danlow@earthlink.net URL: www.earthlink.net/~danlow Realogic, Inc. UNIX/NT firewalls, security audits, penetration testing, MS certified, provides service to mid to large Fortune corporations throughout the western states. TIS, AltaVista, Firewall- I, and BorderWare. MS-Proxy, MS-IIS, MS-Commerce Server specialist. Offices throughout U.S. and Europe. Realogic, Inc. 801 Montgomery Street, Suite 200 San Francisco, CA 94133 Contact: Kelly Gibbs Phone: 415-956-1300 Fax: 415-956-1301 E-mail: k.gibbs@realogic.com URL: Ritter Software Engineering Advanced patented and patent-pending ciphering technologies with very significant advantages in particular applications. Also providing custom cipher designs, implementations, and consulting. Ritter Software Engineering 2609 Choctaw Trail Austin, Texas 78745 Contact: Terry Ritter, P.E. Phone/Fax: 512-892-0494 E-mail: ritter@io.com URL: Saffire Systems Saffire Systems specializes in secure software development, consulting, and systems integration. Saffire Systems provides engineering services (architecture, design, implementation, and testing), evaluation support services, secure network evaluations, and Windows NT security training. Saffire Systems P.O. Box 11154 Champaign, IL 61826-1154 Contact: Michelle A. Ruppel Phone: 217-359-7763 Fax: 217-356-7050 E-mail: maruppel@prairienet.org SecTek, Inc. SecTek provides services in following areas: INFOSEC, COMPSEC, physical security, access control, risk assessments, penetration tests, firewall design/implementation, intrusion detection, intranets. SecTek, Inc. 208 Elden Street, Suite 201 Herndon, VA 22070 Contact: Bruce Moore Phone: 703-834-0507 Fax: 703-834-0214 E-mail: wmoore@sectek.com URL: Secure Networks Inc. SNI is a security research house whose primary focus is the development of security auditing tools. SNI's premier product is Ballista, an advanced network auditing tool. SNI also provides security audits to both commercial and government clients. Secure Networks Inc. 40 703 6th Avenue S.W. Calgary, Alberta, t2p-0t9 Contact: Alfred Huger Phone: 403-262-9211 Fax: 403-262-9221 E-mail: ahuger@secnet.com URL: or SecureNet Engineering, Inc. Providing information technology and security consulting services to government, financial, and technological industries. SecureNet Engineering, Inc. P.O. Box 520 Folsom, CA, 95763-0520 Contact: Thomas H. McCreary Phone: 916-987-1800, 800-240-9863 E-mail: mccreary@pacbell.net Security First Technologies, Inc. Developers of secure networks for government and industry for over 10 years, B1 security, CMW, trusted operating systems, UNIX, Windows NT, secure network design and implementation, security auditing, penetration studies, authentication and encryption software products (VirtualVault, HannaH, Troy). Mr. Kalwerisky is the author of "Windows NT: Guidelines for Audit, Security, and Control," Microsoft Press, 1994. Security First Technologies, Inc. 3390 Peachtree Road, Suite 1600 Atlanta, Georgia, 30326 Contact: Jeff Kalwerisky, VP Consulting Services Phone: 404-812-6665 Fax: 404-812-6616 E-mail: jeffk@s-1.com URL: Sequent Computer Systems BV UNIX, firewalls, networking, Internet, intranet, auditing, tiger teams, security, cryptology, security policy. Sequent Computer Systems BV Rijnzathe 7 De Meern, Utrecht, 3454PV The Netherlands Contact: Hans Van de Looy Phone: +31 30 6666 070 Fax: +31 30 6666 054 E-mail: hvdl@sequent.com URL: SmallWorks, Inc. SmallWorks is a software-development and consulting group specializing in standards- based Internet security packages, including but not limited to firewalls, IPSEC implementations, and high-security Internet connectivity solutions. A partial list of our clients includes Tivoli Systems, Sterling Commerce, Cisco Systems (SmallWorks developed the TACACS+, CiscoSecure UNIX Server for Cisco Systems). SmallWorks, Inc. 4501 Spicewood Springs Road Suite #1001 Austin, TX 78759 Contact: Steve Bagwell, Director of Sales Phone: 512-338-0619 Fax: 512-338-0625 E-mail: steve@smallworks.com URL: Soundcode, Inc. Soundcode, Inc. provides the latest in data security and electronic (digital) signature software for the Internet, intranets, and personal computers. With Point 'n Crypt Professional for one-click file lock-up, sending, and storage, Point 'n Sign for the one- click signing of electronic documents, and scCryptoEngine, a powerful programming engine for both encryption and digital signatures, Soundcode makes computer privacy easy. Soundcode, Inc. 11613 124th Avenue NE, Suite G-317 Kirkland, WA 98034-8100 Contact: Pete Adlerberg Voice: 206-828-9155 Fax: 206-329-4351 Toll-Free: 888-45-SOUND E-mail: pete@soundcode.com URL: Strategic Data Command Inc. Firewalls, risk analysis, security management, and design. Strategic Data Command Inc. 2505 Parker St. Berkeley, CA 94704 USA Contact: Lawrence Suto Phone: 510-502-9224 Technical Reflections Security design and implementation on systems such as UNIX and Windows NT/95. Securing Web servers for electronic transactions. We also participate in tiger and attach teams to help secure sites via firewalls and other security policies. Technical Reflections 6625 Fox Road Marcy, NY 13403 Contact: Joe Riolo Phone: 315-865-5639 Fax: 315-336-6514 Technologic, Inc. Manufacturers of the Interceptor&tm; firewall, Internet security consulting, virtual private networking, security audits, and penetration testing. "Can your network keep a secret?"TM Technologic, Inc. 1000 Abernathy Road, Suite 1075 Atlanta, GA 30328 Contact: Eric Bleke Phone: 770-522-0222 Fax: 770-522-0201 E-mail: info@tlogic.com URL: Triumph Technologies, Inc. Triumph Technologies' Internet Security Division is focused on providing enterprise- wide security solutions. We utilize only the best security products and technologies. We offer services which include: turn-key firewall solutions (UNIX/NT), enterprise security assessments, IP addressing re/designing, and integration of specialized products such as SMTP mail content management. Triumph Technologies, Inc. 3 New England Executive Park Burlington, MA 01803 Contact: Mitchell Hryckowian Phone: 617-273-0073 Fax: 617-272-4855 E-mail: info@security.triumph.com URL: Tucker Network Technologies, Inc. Network and telecommunications consulting and integration firm specializing in LAN/WAN, network management, Internet policy, infrastructures, firewalls, security, and access. Tucker Network Technologies, Inc. P.O. Box 429 50 Washington Street South Norwalk, CT 06856-0429 Contact: Tucker McDonagh, Managing Director Phone: 203-857-0080 Fax: 203-857-0082 E-mail: tucker@tuckernet.com Visionary Corporate Computing Concepts UNIX, firewall solutions, research and penetration testing, risk assessments, intrusion detection, remote system monitoring, emergency problem handling, consulting, and outsourcing. Visionary Corporate Computing Concepts 712 Richland Street Suite F Columbia, SC, 29201 USA Contact: Matthew Caldwell Phone: 803-733-7333 Fax: 803-733-5888 E-mail: matt.caldwell@vc3.com URL: Wang I-Net Government Services Wang I-Net offers the XTS-300&tm; NSA-evaluated B3 Trusted Computer System, the Secure Automated Guard Environment (SAGE&tm;), and trusted application development services. Wang I-Net Secure Systems customers include the NSA, DoD, Army, Air Force, Navy, State Department, FBI, DOE, IRS, NATO, governments of UK, Canada, and Norway, and several contractors. Wang I-Net Government Services 7900 Westpark Drive MS 700 McLean, VA 22102-4299 Contact: K.M. Goertzel Phone: 703-827-3914 Fax: 703-827-3161 E-mail: goertzek@wangfed.com URL: NOTE: Wang Federal is one of the leading providers of TEMPEST protection technology. Wang Federal's TEMPEST products prevent eavesdropping of electronic emissions that leak from your monitor (or computer). Zot Consulting I have over 17 years of experience on the Internet. I do pure Internet consulting for firewalls, Web and information servers, database connectivity, and company security for small and Fortune 100 companies. Zot Consulting 808 SE Umatilla Street Portland, OR 97202 Contact: Zot O'Connor Phone: 503-231-3893 Fax: 503-236-5177 E-mail: zot@crl.com URL: C A Hidden Message About the Internet On the CD-ROM accompanying this book, you'll find a directory called message. Within it are two files: message.pgp and keys.asc. message.pgp is a small file, encrypted in 1024-bit PGP, that contains a hidden message. keys.asc is an ASCII file containing the PGP key generated for the hidden message. Your mission is to crack this hidden message by determining the passphrase used to encrypt it. This is not as difficult as it seems; it requires ingenuity rather than any particular cracking tool. Following is a single line of clear text; your job is to determine the significance of that text. Having done so, you can crack the encrypted text. The public key used was root@netherworld.net. The passphrase is composed of the significant strings you derive from the clear text. (These are not difficult to decode; their meanings are actually quite obvious if you apply yourself.) The clear text fields are separated by semicolons. That means the passphrase is a series of text strings. Examples of such text strings might be any of the following: • A line from a Shakespearean play • A time, place, or person • A name Each string will be in perfectly understandable English. Piece them together in order, and you will have the passphrase. This will serve as the private key necessary to decrypt the message. Here is a powerful hint, and the only one I will give: The field separator (semicolon) represents one space, one dash, and one space. Thus, fields separated by semicolons in the following clear text represent phrases separated by a space, a dash, and a space. So if the hidden message was apples oranges pears, it would be written this way: apples - oranges - pears The message contained within that file is very serious. It relates a critical point about the Internet--one that even many security experts might have missed. That point will undoubtedly be a matter of some debate. Good luck. Clear text: 4X755(4X230.4);abydos;072899;9:11;13:17 D What's on the CD-ROM On the Maximum Security CD-ROM, you will find some of the sample files that have been presented in this book along with a wealth of other applications and utilities. NOTE: Refer to the readme file on the CD-ROM for the latest listing of software. Also, in the readme file, you will find instructions on how to install one or more HTML presentations. In particular, there is an HTML presentation that will link you to most Web sites mentioned throughout this book. Windows Software The following network utilities for Windows are on the CD-ROM. This listing provides contact information for each company and a description of its product. DataGuard 1.3 Demo Release DataGuard allows secure and rapid enciphering of files and directories. Data encrypted in this way can be sent using standard e-mail programs via public networks (such as the Internet); secure data transmission is guaranteed. The use of efficient, optimized algorithms reduces high performance losses in the system due to the encryption and decryption process without endangering security. Requires Windows 95 or NT 4.0. Secure Link Services AG Ruchstuckstrasse 6, 8306 Brüttisellen, Switzerland Voice: +41 1 805 53 53 Fax: +41 1 805 53 10 E-mail: info@sls.net URL: File Lock Series File Lock 95 Lite uses the Standard or Enhanced encryption method to protect any information that is for your eyes only, such as a personal diary or finance information. File Lock 95 Standard includes two additional encryption methods: the RUBY and the Diamond. This is ideal for business-related information protection. File Lock Wizard for Windows 95 is the easiest of the File Lock series. It comes complete with three encryption algorithms with four compression algorithms. It is the best in data protection for the home PC user. These products require Windows 95 or NT and are fully functional trial versions with a limited number of days. D & L Computing P.O. Box 6141 Huntsville, AL, 35824 Voice: 205-772-3765 Fax: 205-772-8119 E-mail: DLComputing@Juno.com, DLCSales@Juno.Com URL: SAFEsuite SAFEsuiteTM is a family of network security assessment tools designed to audit, monitor, and correct all aspects of network security. Internet Scanner is the fastest, most comprehensive, proactive UNIX and Windows NT security scanner available. It configures easily, scans quickly, and produces comprehensive reports. Internet Scanner probes a network environment for selected security vulnerabilities, simulating the techniques of a determined intruder. Depending on the reporting options selected, Internet Scanner provides information about each vulnerability found: location, in-depth description, and suggested corrective actions. (Requires Windows NT.) Internet Security Systems, Inc. (ISS) 41 Perimeter Center East, Suite 660 Atlanta, GA, 30071 Voice: 770-395-0150 Fax: 770-395-1972 E-mail: info@iss.net URL: EtherBoy (Of the NetMan Suite) EtherBoy gives you affordable real-time multiprotocol network monitoring on your IBM- compatible PC. It provides insights and answers to a large number of network management and usage questions. Because EtherBoy is totally passive, no additional load is placed on your network resources. It is an ideal addition to your desktop-based management station, or as a laptop-based portable network probe. A unique tool that combines many security techniques into a single package, EtherBoy can: • View all traffic on your LAN. • Identify all devices on your LAN, including potential security threats. • Fully configure protocol focusing and visualization. • Define custom protocols. • Zoom in on areas of interest. • Produce reports in text, HTML, data, or rich text format. • Display real-time traffic statistics. • Monitor individual hosts and links. • Customize alarm triggers. • Obtain full protocol summaries for each link. EtherBoy will work on both the Microsoft Windows and Microsoft Windows 95 platforms. NDG Software P.O. Box 1424 Booragoon, WA, 6154, Australia Voice: +61 9 388 8814 Fax: +61 9 388 8813 E-mail: lou@ndg.com.au URL: WebBoy WebBoy is a complete Internet/intranet monitoring package. It provides statistics on standard Web traffic, including URLs accessed, cache hit ratios, Internet protocols, and user-defined protocols. To aid the security-conscious administrator, WebBoy provides a configurable alarm mechanism to enable monitoring and notification of unusual network activity. In particular, WebBoy is invaluable in summarizing top hosts, URLs, proxies, Web clients, servers, and alarms. WebBoy will work on both the Microsoft Windows and Microsoft Windows 95 platforms. NDG Software P.O. Box 1424 Booragoon, WA, 6154, Australia Voice: +61 9 388 8814 Fax: +61 9 388 8813 E-mail: lou@ndg.com.au URL: PacketBoy PacketBoy is a packet analyzer/decoder package capable of decoding many of the commonly used LAN protocols. Protocols that can be decoded include TCP/IP, IPX (Novell NetWare), AppleTalk, Banyan, and DECNET protocol suites. Multiple captures can be loaded and saved to disk. To aid the security-conscious administrator, PacketBoy provides a configurable capture trigger to automatically start packet capture when unusual or undesirable network activity occurs. It is an ideal addition to your desktop- based management station, or as a laptop-based portable network probe. Supports DOS and Windows 95. NDG Software P.O. Box 1424 Booragoon, WA, 6154, Australia Voice: +61 9 388 8814 Fax: +61 9 388 8813 E-mail: lou@ndg.com.au URL: Point 'n Crypt World 1.5 Point 'n Crypt World 1.5 is a Windows extension that allows users to quickly and easily encrypt any desktop file. It is the easiest disk/file encryption system on the market. Based on 40-bit DES-CBC mode encryption (exportable outside North America), Point 'n Crypt World puts a secure envelope around any document you want to keep private. Whether it resides on a desktop, within a file system, or needs to travel across public information highways (such as the Internet), your information will be protected. Offering easy-to-use privacy, Point 'n Crypt World is distributed to a varied group of users from novices to experts. Point 'n Crypt requires little or no tutoring. Installing and using Point 'n Crypt World is elegantly simple. The installation is brief, straightforward, and virtually foolproof. Extensive online help is included to get you over any rough spots or to learn about Point 'n Crypt World's cryptographic internals. Simply right-click any desktop file, select Encrypt, provide a passphrase, and it's done. Point 'n Crypt World is available for $29.95 from the Soundcode Web site at www.soundcode.com. For stronger encryption, check out Point 'n Crypt Professional (list price $59.95), which supports 448-bit Blowfish and 168-bit Triple DES. Soundcode, Inc. 11613 124th Avenue NE, Suite G-317 Kirkland, WA, 98034-8100 Voice: 206-828-9155 Fax: 206-329-4351 Toll-Free: 1-888-45-SOUND (76863) E-mail: pete@soundcode.com URL: GeoBoy GeoBoy is a geographical tracing tool capable of tracing and displaying routes taken by traffic traversing the Internet. GeoBoy allows you to locate Internet delays and traffic congestion. GeoBoy resolves geographical locations from a series of cache files that can be updated and customized by the user. Supports Windows 95. NDG Software P.O. Box 1424 Booragoon, WA, 6154, Australia Voice: +61 9 388 8814 Fax: +61 9 388 8813 E-mail: lou@ndg.com.au URL: NetScanTools 32 Bit v2.42 NetScanTools 32 Bit v2.42, designed by Northwest Performance Software, combines a number of UNIX network analysis utilities in a single package that runs under Microsoft Windows 95 and Microsoft Windows NT. Northwest Performance Software PO Box 148 Maple Valley, WA, 98038-0148 Voice: 253-630-7206 Fax: 253-639-9865, 425-413-0745 E-mail: sales@nwpsw.com URL: WinU 3.2 WinU is a tamper-proof replacement user interface for Windows 95 with access control, time-limit, and security features. It's easy to set up, easy to use, and virtually impossible to circumvent. This makes WinU excellent for parents who want to allow children to use only certain software on the family PC. Any program or desktop can be password- protected or time- limited. You can set up different WinU desktops, with different programs and customizations, for each member of the family. Businesses can use WinU to allow employees to run only authorized software, making other programs unavailable. WinU is also ideal for public-access computers. You can let patrons use your computers without worrying that they might change the computer's setup or delete important files. Bardon Data Systems 1164 Solano Avenue #415 Albany, CA, 94706 Voice: 510-526-8470 Fax: 510-526-1271 E-mail: bsmiler@bardon.com URL: PrivaSuite PrivaSuite encrypts any text, fax, or file in any language and any format. It can encrypt individual cells in a spreadsheet or encrypt the entire spreadsheet. PrivaSuite makes compartmentalization of information simple and fast. You can encrypt individual clauses in a contract, encrypt the whole contract, or do both--multilayer encryption is effortless with PrivaSuite. You can encrypt files saved on your hard drive or on the network for "eyes only" access and encrypt hard-copy documents so that only you and the intended recipient can read them. In short, if the information is on your computer, PrivaSuite can encrypt it with just 2-3 keystrokes, and with virtually no interruption to your workflow. The program works in Microsoft Windows 3.x and 95 and employs a 56-bit DES engine (wherever allowed) or 40-bit international engine. Aliroo Ltd. 30100 Town Center Drive, Suite 0344 Laguna Niguel, CA, 92677 Voice: 714-488-0253 Fax: 714-240-2861 E-mail: steve@aliroo.com URL: HideThat 2.0 HideThat is a fully customizable secure screen saver, utilizing your logos, pictures, and messages. Several security features are included, along with an extensive help file on PC security. HideThat works on the Microsoft Windows 95 platform. CobWeb Applications Cherry Tree Cottage Leatherhead Road Surrey, UK KT23 4SS Voice: +44 1372 459040 Fax: +44 1372 459040 E-mail: mikec@cobweb.co.uk URL: WebSENSE WebSENSE is an advanced Internet content screening system that allows organizations to monitor and eliminate network traffic to Internet sites deemed inappropriate or otherwise undesirable in their networked environment. WebSENSE is implemented as a Windows NT service running on a single Windows NT computer, eliminating the need for software to be loaded on individual user workstations. Additionally, WebSENSE supports a wide range of TCP protocols, including HTTP, Gopher, FTP, Telnet, IRC, NNTP, and RealAudio. The recommended minimum requirements are Intel 486, 16MB RAM, and Windows NT 3.51 (or greater). NetPartners Internet Solutions, Inc. 9210 Sky Park Court, 1st Floor San Diego, CA, 92123 Voice: 619-505-3044 Fax: 619-495-1950 E-mail: jtrue@netpart.com URL: Cetus StormWindows Cetus StormWindows&tm; for Windows 95 allows authorized users to add several types and degrees of protections to the desktop and system of a Windows 95 computer. Intelligent use of StormWindows security measures will allow secure use of any shared Windows 95 PC (a version for Windows NT 4 is under development). Examples of desktop protections include • Hiding all desktop icons • Hiding Start menu programs groups and links • Preventing the saving of desktop changes • Hiding all drives in My Computer • Hiding the Start menu settings folders (Control Panel and printers) and taskbar • Hiding Network Neighborhood Some of the system protections include • Disabling the MS-DOS prompt and the exiting to MS-DOS mode • Preventing warm booting (Ctrl+Alt+Del) • Blocking the running of Registration Editor and System Policy Editor • Preventing the merging of REG files into the Registry • Preventing the addition or deletion of printers • Keeping the Documents menu empty • Hiding sensitive Control Panel pages and settings StormWindows security schemes can be imported from and exported to other computers by disk. StormWindows changes do not require the use of policies. StormWindows protections would probably be most useful to someone in charge of a number of computers at a school or business, a network manager, or a parent. Access to StormWindows is password protected. Cetus Software Inc. P.O. Box 700 Carver, MA, 02330 E-mail: support@cetussoft.com URL: PGP for GroupWise PGP for GroupWise provides seamless integration between GroupWise versions 4.1 and 5.x and either the DOS or Windows versions of PGP. With the software, you can create public encryption keys, mail your keys to others, encrypt, digitally sign, decrypt, and verify digital signatures in order to maintain privacy in your Internet or intranet communications. Attached documents can by encrypted as well. Risch Consulting E-mail: mvrisch@midway.uchicago.edu URL: Windows Task-Lock Windows Task-Lock, version 4.1 (sgllock.zip) provides a simple, inexpensive, but effective way to password-protect specified applications for Windows 95 no matter how they are executed. It is easy to configure and requires little or no modifications to your current system configuration. Optional sound events, stealth mode, and password time- out are included. The administrator password is enabled for site licenses. Online help is provided. (Windows 95 required.) Posum L.L.C. P.O. Box 21015 Huntsville, AL, 35824 Fax: 205-895-8361 E-mail: 103672.2634@compuserve.com URL: Windows Enforcer Windows Enforcer, version 4.0 (enforcer.zip) protects systems that are accessible to many people and require a consistent configuration and a consistent limited selection of services such as public displays or computer labs. It is also great for child-proofing individual systems. This is accomplished by ensuring that user-specified tasks either never run, always run, or are allowed to run. It is easy to configure and requires little or no modifications to your current system configuration. Optional user-specified sounds for the startup and access-denied events are also available. Online help is provided. (Windows 3.x and Windows 95.) Posum L.L.C. P.O. Box 21015 Huntsville, AL, 35824 Fax: 205-895-8361 E-mail: 103672.2634@compuserve.com URL: UNIX Software The following utilities for UNIX are on the CD-ROM. This listing provides contact information for each company and a description of its product. Portus Secure Network Firewall Portus is an NCSA-certified high-performance application-proxy gateway. It supports all TCP/IP connections and has a UDP proxy add-on. It offers high levels of security without becoming network chokepoint. Products include Portus Secure Network Firewall for AIX, Portus Secure Network Firewall for Solaris, Portus Secure Network Firewall Installation and Administration Guide (Acrobat file), and Portus Secure Network Firewall General Information Manual--Firewall Tutorial (Acrobat file). These are 30-day fully functional demos. Freemont Avenue Software, Inc. 2825 Wilcrest, Suite 160 Houston, TX, 77042 Voice: 713-974-3274 Fax: 713-978-6246 E-mail: portus@lsli.com Datalynx, Inc. Voice: 619-560-8112 Fax: 619-560-8114 E-mail: sales@dlxguard.com URL: SATAN (Security Administrator's Tool for Analyzing Networks) SATAN recognizes several common networking-related security problems and reports them without actually exploiting them. For each type of problem found, SATAN offers a tutorial that explains the problem and what its impact could be. The tutorial also explains what can be done about the problem. SATAN collects information that is available to everyone with access to the network. With a properly configured firewall in place, that should be near-zero information for outsiders. SATAN will inevitably find problems. Here's the current problem list: • NFS file systems exported to arbitrary hosts • NFS file systems exported to unprivileged programs • NFS file systems exported via the portmapper • NIS password file access from arbitrary hosts • Old (before 8.6.10) sendmail versions • REXD access from arbitrary hosts • X server access control disabled • Arbitrary files accessible via TFTP • Remote shell access from arbitrary hosts • Writable anonymous FTP home directory System requirements: UNIX, at least 16MB of RAM, and 50mHz. Authors: Dan Farmer and Weitse Venema Location: Strobe Strobe is a network/security tool that locates and describes all listening TCP ports on a (remote) host or on many hosts in a manner that maximizes bandwidth utilization and minimizes process resources manner. Strobe approximates a parallel finite state machine internally. In nonlinear multihost mode, it attempts to apportion bandwidth and sockets among the hosts very efficiently. This can reap appreciable gains in speed for multiple distinct hosts/routes. On a machine with a reasonable number of sockets, strobe is fast enough to port scan entire Internet subdomains. It is even possible to survey an entire small country in a reasonable time from a fast machine on the network backbone, provided the machine in question uses dynamic socket allocation or has had its static socket allocation increased very appreciably (check your kernel options). Strobe is said to be faster than ISS2.1 (a high quality commercial security scanner by cklaus@iss.net and friends) or PingWare (also commercial). Author: Julian Assange Location: SAFEsuite SAFEsuite&tm; is a family of network security assessment tools designed to audit, monitor, and correct all aspects of network security. Internet Scanner is the fastest, most comprehensive, proactive UNIX and Windows NT security scanner available. It configures easily, scans quickly, and produces comprehensive reports. Internet Scanner probes a network environment for selected security vulnerabilities, simulating the techniques of a determined intruder. Depending on the reporting options selected, Internet Scanner provides information about each vulnerability found: location, in-depth description, and suggested corrective actions. Internet Security Systems, Inc. (ISS) 41 Perimeter Center East, Suite 660 Atlanta, GA, 30071 Voice: 770-395-0150 Fax: 770-395-1972 E-mail: info@iss.net URL: NetWare The following NetWare utilities are on the CD-ROM. This listing provides contact information for each company and a description of its product. SecureConsole SecureConsole for NetWare is a fileserver console security application that adds a new level of control and accountability to the NetWare server. It restricts access for individual users or NetWare security groups to specific server commands or applications. SecureConsole also records the commands performed by each logon. SecureConsole acts like a screen saver on the console forcing the user to identify himself with a valid NetWare login and password. If the user is authorized to access the server, SecureConsole unlocks the screen but continues to verify the user's actions against his list of authorized functions and application screens. This means that different users or groups can have different levels of access. Installation of SecureConsole is simple! The software can be installed through the NetWare v4 product installation program or by copying the program to the server manually. No special NetWare queues, setup files, or license files are required, and the product is not serialized. This allows for software distribution products or batch installation to multiple fileservers. Server Systems Limited 7A Villa Marina Arcade Harris Promenade Douglas, UK Voice: 1-800-581-3502 (USA) Fax: 1-800-581-3502 (USA) Voice: +61 6 292-9988 (Australia) Fax: +61 6 292-9977 (Australia) Voice: +44 117 940-2020 (UK) Fax: +44 117 907-7448 (UK) E-mail: sales@serversystems.com, 100033,3202 (CompuServe) URL: spooflog.c and spooflog.h Author: Greg Miller Macintosh Software The following Macintosh utility is on the CD-ROM. This listing provides contact information for the company. Mac TCP Watcher Stairways Software Pty. Ltd. PO Box 1123 Booragoon, WA, 6154, Australia E-mail: support@stairways.com.au URL: Information The following information is also located on the CD-ROM. Computer Facility Security--An Overview Bret Watson & Associates c/- 6 June Rd Gooseberry Hill, Western Australia, 6076, Australia Tel: +61 041 4411 149 Fax: +61 09 454 6042 E-mail: consulting@bwa.net URL: RadLast RadLast filters Radius 1 and 2 detail files. Kinchlea Computer Consulting 3730 Denman Rd Denman Island, BC, Canada, V0R 1T0 Tel: 250-335-0907 Fax: 250-335-0902 E-mail: kcc@kinch.ark.com URL: About the Software Please read all documentation associated with a third-party product (usually contained with files named readme.txt or license.txt) and follow all guidelines.