Try the CERT site www.cert.org and peruse the articles in the 'new user' section. Also, read their regularly updated 'top vulnerabilities' paper and 'security practices' guidelines.
Also check out Robert Graham's site: www.robertgraham.com/pubs for some interesting FAQs on reading firewall logs, detecting intrusion attempts and 'hacking terminology'. -----Original Message----- From: Pat Meeks [mailto:[EMAIL PROTECTED]] Sent: Sunday, July 21, 2002 4:30 PM To: [EMAIL PROTECTED] Subject: List Lurker Would Like To Learn More About Security Basics I manage a web site and found this list and web site when I got hit by a spammer because I was using an old version of Matt Wright's FormMail. I received a "baptism by fire" and a short intro into something called "open relays". By poking around the net, I was able to learn enough to ask my hosting service (I'm on a shared hosting setup) to move my site to a secure server and for me to change the email program. The hosting service moaned at the request (as it is no big deal to be an open relay), but moved me anyway (at least I know it was a different IP, but I still have no idea how to check to see if the server is not an open relay). Security is an issue rarely discussed in web design newsgroups and I lack technical expertise. My eyes have been "watering over" trying to get a handle on the terminology used in many of the posts. I'm very interested in learning about security issues on shared hosting platforms and very interested in learning more about the really good thread that's been running concerning DSL and protecting home computers and small networks. Can you please point me to a site that helps newbies and non-techies learn security basics? The only sites I've found seem to be for network administrators and other professionals that already know the basics. For example, I'd like to be able to understand the terminology used in the DSL thread. Many thanks! Pat
