Solved

All about it

Posted on 2006-10-22
7
187 Views
Last Modified: 2010-04-11

Dear experts,

I'm entering soon into a master of computer security. But I'd like to train myself for a while. So, I'd would like you fellows to help me in giving me websites or tips about computer security and tips also. For instance, I'm in a library and there are some thigns I find interesting: no right click is allowed, when you type something in Google search bar and then you go and type the same thing, you have to type it again, it ius not stored in the search bar, you can't create new windows from the File menu. So I'd like to know how these things are done and how it works. Please help.

Peace,

Freebuddy.
0
Comment
Question by:freebuddy
7 Comments
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 50 total points
Comment Utility
The samples you have provide deal with HTML control statments and browser configuration, which is a very small part of computer secuity.

Computer security is a very, very big and broad area.   Are you only interested in HTML and browser?


--> when you type something in Google search bar and then you go and type the same thing

Which browser are you using?  This is controled by the browser settings that deal with remembering (or not) data entered into forms.

--> no right click is allowed

Deals with HTML code that disables right click.

0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 175 total points
Comment Utility
There are plenty of "tricks" that can be used like this, and its not really security, it's obscurity. Please see this recent post: http://www.experts-exchange.com/Security/Q_22031526.html#17782612
The other settings, such as remembering form data, or search data is set in the browser, but there are "no cache" html tags, however they are deprecated.
http://www.i18nguy.com/markup/metatags.html
Computer Security runs the whole gamut, physical access, exploits, flaws, patches, detection, recovery, policies, prevention, coordinating, and planning. I'm sure I missed something. Security is a Process, not a Program or even a set of programs.

Here is my suggested reading: (in order of importance)
Anything by Bruce Schneier: http://schneier.com/books.html as well as his blog http://schneier.com/blog/
Hacking Exposed (hacking exposed win2k, 2003, linux etc), the entire series is great: http://www.winhackingexposed.com/products.html
These and more are suggested reading form ISC2 (ics squared) https://www.isc2.org/cgi-bin/content.cgi?category=698 the CISSP folks.

-rich
0
 
LVL 8

Expert Comment

by:mugman21
Comment Utility
Simple, learn to program. C and assembler are what you need to study along with TCP/IP. Once you master those, then get back on the security band wagon.

Your examples can all be  defeated easily.

You also need to learn there is no such thing as a secure computer or network. Some just take more time than others to get into...

m.

0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 175 total points
Comment Utility
Security involves trade offs and compromises. http://www.schneier.com/essay-062.html
 http://www.schneier.com/crypto-gram-0608.html#7
Security is a broad term, as is computer security, and the field of computer security or being a security consultant. I've not had to look at much source code in my few years of being a security consultant, I've not really compiled much C code or other. I've reviewed plenty of Html/php/perl code for security improvements. I've not been asked to review C code, and actually I'd have no idea what I be looking for. My consulting, and I can't speak for others, but my experience has been in securing environments and networks. There is one fundamental that seems to escape just about all business and network/IT administrators, the principal of least privilege, namely not running as an administrator for day-to-day tasks. http://richrumble.blogspot.com/2006/08/anti-admin-vs-anti-virus.html
-rich
0
 
LVL 8

Assisted Solution

by:jako
jako earned 25 total points
Comment Utility
now this question is a true ramble puller but I try to resist it :)
instead, I give you a link: http://www.amazon.com/s/ref=nb_ss_b/104-1457775-8530366?url=search-alias%3Dstripbooks&field-keywords=computer+security -- let's see.. uhm.. 11084 results. yes, that should almost cover it ;}
0
 
LVL 24

Expert Comment

by:SunBow
Comment Utility
> interesting: no right click is allowed

IMO that is a stretch, where it is one thing to implement security in HW, and in OS SW, and quite another thing to run interference upon users just because you can. That tends to be counterproductive in any environment.

Policy should begin with maintaining a system with upgrades that is selective to operate only what is permitted. Thus one begins with routers and firewalls, moves on to proxies and DMZs.

Run a google on those terms and you should be well occupied for a time at any terminal, especially one in a library.

Do not disable google or browsing (except from servers). Ensure there are backup admins, and that backups are run that actually permit restores.

Develop and test the Disaster Plan, contingencies for outages.
0
 
LVL 24

Expert Comment

by:SunBow
Comment Utility
Although once your system is down, it is even more secure.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Powershell compliance reports 7 61
Cisco ACS re-imaging with CIMC 2 42
deny local logon 12 62
Sophos EC migration to Cloud. 1 41
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now