C3 Security Consulting LLC
Confidentiality
Integrety
Availability		 company banner
HomeSecurityServicesVistaInformationCompany
  
floating layer default test box
Information
Basics
Checklists
CIA
Glossary & Acronyms
References and
Acknowledgments
Windows 98
Windows NT4
Windows XP
On this page:
Security vs. Risk
Encryption and Decryption
Absolute Security
Related Links
WaveSec
WaveSec is a part of the FreeS/WAN project looking at how it FreeS/WAN applies to Wireless LANs. They provide tools, documentations and sample configurations.
Cerberus
Cerberus, an IPsec implementation from NIST. This implementation contain many different encryption cypher (including all the AES finalists), but is subject to US export controls.
PoPTop
PoPTop, a PPTP server for Linux.
Read Linux partitions from Windows
This may be useful if you have installed both Windows and Linux as a dual boot environment on your computer.
linux-wlan project
The goal of the linux-wlan project is to develop a complete, standards based, wireless LAN system using the GNU/Linux operating system.

Security vs. Risk

Print view

Security and risk are two terms that are frequently used interchangeably. Just remember; a risk does not automatically imply a security threat (a power outage is a risk, but not necessarily a security threat). However, a security threat does imply a risk.

Encryption and Decryption

  • Encryption is used to provide confidentiality for data.
  • Encrypted data is termed “ciphertext”.
  • Ciphertext is transformed back into data using decryption.
  • The mathematical process of encryption is an algorithm.
  • Many common algorithms operate on blocks (chunks) of data during an encryption or decryption operation. For this reason, these algorithms are commonly referred to as block cipher algorithms.
  • Data is encrypted using an algorithm in conjunction with a key, also known as a certificate.
  • The key is a number.
  • Data can be recovered from ciphertext only by using the same key that was used to encrypt the data.
  • Unauthorized recipients of the ciphertext who know the cryptographic algorithm, but do not have the correct key, should not be able to decrypt the ciphertext.
  • However, anyone who has the key and the cryptographic algorithm can easily decrypt the ciphertext and obtain the original data.

Although much has been written on this subject, a great place to start is the RSA Laboratories whitepaper "Frequently Asked Questions About Today's Cryptography".

Absolute Security

Sorry, but there is no such thing. A more practical approach is by the 80/20 rule. It is like locking your car at night. It will cause the casual opportunist to move on. Use a steering lock and it will stop the amateur thief. Install a car alarm and it will stop all but the skilled and dedicated criminals (who usually are neither). Include a tracking system, for example Lo-Jack, and you stand a good chance of recovering your vehicle after a successful theft.

There are some fundamental steps that all companies, from sole proprietor up, should have at least considered as the beginning of security strategy. A proactive approach now will reduce the impact of a violation.

Don’t let the word “strategy” put you off. As soon as you install a virus checker (and if you haven’t done that, stop reading and go do it now! Anything is better than nothing but if you pick one of the big names, Symantec, McAfee, etc. you won’t go far wrong), you have started planning your security strategy.

The categories listed on the Basics page are your starting point. If this is the first time you have been to this site, we highly recommend you scan through the sections and ensure you have hit the main points. These sections are not meant to be exhaustive, and they are dealt with in other areas in much greater detail, but if you are looking to start somewhere, this will give you an idea of what you should be considering.

Once you have scanned these sections, and you still have questions, use the links to take you to pages with more information. If you still have unanswered questions, and you know your business better than anyone, talk to a security consultant. Obviously we hope it will be C3SC, but do call someone.

Firewalls

A firewall separates one portion of a network from another and allows only authorized network traffic to pass through. A firewall typically separates the local private network from the Internet. Some firewalls examine the traffic that flows in and possibly out of the network to make sure it is legitimate. Firewalls hide the identities of computers within your private network to make it harder for criminal hackers to target individual computers. Firewalls can be combined with other devices to reduce the resource requirements.
▲Top of page
Did you know?
An average of $1,300 is spent per employee in companies of $10m revenue or less.
This is 10 times greater than companies with revenue of $100m - $1bn. Unable to realize the economies of scale, smaller companies spend disproportionately higher amounts on security - learn how to leverage lessons learnt by larger companies.
Need to grant admin access for a single app to a specific user or group?
Don't just give out root. Use Sudo to define and control admin access to all resources - and you are the admin, do the same thing for yourself. You will be much less likely to step on yourself.
Set up a firewall. Even if you just use dial-up or DSL you are fully exposed to the internet.
This is your primary defense and protects against outside attacks by screening and blocking all traffic between your network and the Internet that is not allowed. The firewall also hides computer addresses. Firewall hardware connects between the cable/ DSL modem and your computers. Windows operating systems have great built-in firewalls.
Many security initiatives fail to have longevity.
Because they are not presented to senior management as a business need they lack the authority to be prioritized.
Live CD
If you want to test a new/different version of Linux, there are many "live CD" distributions that allow you to boot into the operating system without needing to install it on the hard drive.
Trademarks© Copyright (2006) C3 Security Consulting LLC, Washington DC. (+1 866 799 2969) - Hosted by Webmasters.com