We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

All about it

freebuddy
freebuddy asked
on
Medium Priority
214 Views
Last Modified: 2010-04-11

Dear experts,

I'm entering soon into a master of computer security. But I'd like to train myself for a while. So, I'd would like you fellows to help me in giving me websites or tips about computer security and tips also. For instance, I'm in a library and there are some thigns I find interesting: no right click is allowed, when you type something in Google search bar and then you go and type the same thing, you have to type it again, it ius not stored in the search bar, you can't create new windows from the File menu. So I'd like to know how these things are done and how it works. Please help.

Peace,

Freebuddy.
Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2014
Commented:
The samples you have provide deal with HTML control statments and browser configuration, which is a very small part of computer secuity.

Computer security is a very, very big and broad area.   Are you only interested in HTML and browser?


--> when you type something in Google search bar and then you go and type the same thing

Which browser are you using?  This is controled by the browser settings that deal with remembering (or not) data entered into forms.

--> no right click is allowed

Deals with HTML code that disables right click.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Security Samurai
CERTIFIED EXPERT
Top Expert 2006
Commented:
There are plenty of "tricks" that can be used like this, and its not really security, it's obscurity. Please see this recent post: http://www.experts-exchange.com/Security/Q_22031526.html#17782612
The other settings, such as remembering form data, or search data is set in the browser, but there are "no cache" html tags, however they are deprecated.
http://www.i18nguy.com/markup/metatags.html
Computer Security runs the whole gamut, physical access, exploits, flaws, patches, detection, recovery, policies, prevention, coordinating, and planning. I'm sure I missed something. Security is a Process, not a Program or even a set of programs.

Here is my suggested reading: (in order of importance)
Anything by Bruce Schneier: http://schneier.com/books.html as well as his blog http://schneier.com/blog/
Hacking Exposed (hacking exposed win2k, 2003, linux etc), the entire series is great: http://www.winhackingexposed.com/products.html
These and more are suggested reading form ISC2 (ics squared) https://www.isc2.org/cgi-bin/content.cgi?category=698 the CISSP folks.

-rich

Commented:
Simple, learn to program. C and assembler are what you need to study along with TCP/IP. Once you master those, then get back on the security band wagon.

Your examples can all be  defeated easily.

You also need to learn there is no such thing as a secure computer or network. Some just take more time than others to get into...

m.

Rich RumbleSecurity Samurai
CERTIFIED EXPERT
Top Expert 2006
Commented:
Security involves trade offs and compromises. http://www.schneier.com/essay-062.html
 http://www.schneier.com/crypto-gram-0608.html#7
Security is a broad term, as is computer security, and the field of computer security or being a security consultant. I've not had to look at much source code in my few years of being a security consultant, I've not really compiled much C code or other. I've reviewed plenty of Html/php/perl code for security improvements. I've not been asked to review C code, and actually I'd have no idea what I be looking for. My consulting, and I can't speak for others, but my experience has been in securing environments and networks. There is one fundamental that seems to escape just about all business and network/IT administrators, the principal of least privilege, namely not running as an administrator for day-to-day tasks. http://richrumble.blogspot.com/2006/08/anti-admin-vs-anti-virus.html
-rich
jakosysadmin
Commented:
now this question is a true ramble puller but I try to resist it :)
instead, I give you a link: http://www.amazon.com/s/ref=nb_ss_b/104-1457775-8530366?url=search-alias%3Dstripbooks&field-keywords=computer+security -- let's see.. uhm.. 11084 results. yes, that should almost cover it ;}

Commented:
> interesting: no right click is allowed

IMO that is a stretch, where it is one thing to implement security in HW, and in OS SW, and quite another thing to run interference upon users just because you can. That tends to be counterproductive in any environment.

Policy should begin with maintaining a system with upgrades that is selective to operate only what is permitted. Thus one begins with routers and firewalls, moves on to proxies and DMZs.

Run a google on those terms and you should be well occupied for a time at any terminal, especially one in a library.

Do not disable google or browsing (except from servers). Ensure there are backup admins, and that backups are run that actually permit restores.

Develop and test the Disaster Plan, contingencies for outages.

Commented:
Although once your system is down, it is even more secure.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.