Friday, August 13, 2010

So you want to be a hacker: More resources, free and not

There are thousands of resources on the web that will teach you how hackers do what they do. They range from the legitimate resources like SANS, Security Focus (with hundreds of others) to much less savory - which we won't go into here. 

Not everyone finds these things interesting, but everyone can benefit from learning a little bit about how hackers and identity thieves operate, and there are a lot of sites that will teach you without exposing you the risks searching the seamier side of the web might. So here are a few places you can go to either learn more about computer security or learn more about how the bad guys take advantages of computer insecurity:

Wikipedia, about.com, howstuffworks.cometc. Go to these sites, type in your query, and pick the topic that most closely matches what you're looking for. About.com and howstuffworks.com usually have short courses in topics like computer security, networking, etc. At these sites you can learn the basics of just about any topic, not just computers.

csrc.nist.gov is the Computer Security Resource Center at the National Institute of Standards and Technology. Here you can find the security standards government computers are supposed to comply with (and usually don't) and you can find instructions for seriously hardening your system against attack.

Security Focus is a Symantec site that reports on vulnerabilities and has a number of security related email lists covering topics from security basics to Windows and Apple specific lists. It links to the Symantec connect site, where you can find forums and blogs on a number of topics, most related in some way to Symantec products.

SANS is THE place to go for security training. There are other places that offer good and recognised training, but SANS is the one place everyone in security knows. You could say they're the Microsoft of security, but without all the hate and ill feelings. They have a large library of free security papers written by security professionals.