The Web Developer
Virtual Library Tutorials (a complete set of introductory tutorials)
Learning the VI text editor
VI LOVERS HOME PAGE
(VI text editor tutorial)
CTC Tutorial on vi
(Cornell Tutorial on the vi text editor)
Linda MacEwan's Floppix
(How to install Linux)
News Group with discussions about setting up Linux.)
(Installing the Debian distribution of Linux.)
(Installing Red Hat)
Linux MAN Pages Indexed HTML
Version - "A Gift to Linux Users: HTML version of the the MAN
pages. I'm trying to understand Linux and the documentation sucks. My brain is
so full that in order to learn something new I have to forget something to
make room for it. So I need docs that I can read and search. I'm sure I speak
for a lot of people besides myself that the biggest barrier to Linux is the
documentation. It doesn't matter how good it is if you can't figure out how to
Linux Homes, Documentation, and Software
(Linux man pages)
software for download)
Programming: Loops in Java (applicable to any programming language, e.g.
(Tutorial on Shell Scripts [mostly C Shell])
Regular Expressions / sed / grep / vi
Regular Expressions are a powerful pattern-matching language.
To see what's possible once you learn Regular Expressions, read what a Perl
master has to say:
(Using Regular Expressions)
For help learning Regular Expressions in the vi text
editor see "Searching and Replacing text" in this tutorial:
(Linux User Guide: Advanced vi Tutorial)
Here is a Java applet that lets you experiment with Regular Expressions
(Java Perl Regular Expression evaluator)
sed, Perl and
- First Meeting - Regular Expressions (With cool Java applet!)
and replacing text
for Linguists Regular Expressions
Security incidents and exploits
National Security Institute Security
Apache Week: Using
Bugtraq mailing list archives
L0pht Heavy Industries (Software to
find holes and to break into systems)
Dan Farmer: COPS, SATAN, etc.
Deception ToolKit (Make your system appear
to be hackable)
Network Security Solutions Ltd. -
White Papers and Advisories
Computer Virus Myths home page
Network Security and Risk Management
The Web Developer Virtual
(Unix/Linux Filesystem Hierarchy Standard [FHS])
http://www.ugu.com/ (Unix Guru Universe)
(An online Unix course, text, and study guide by David Jones in Australia)
Microsoft Windows NT Server 4.0
versus UNIX (The technical merits of Unix.)
(Linux popularity grows)
(GNU Awk Users Guide)
(Ethernet IP/ARP packet simulations)
(Alt.Fan.Warlord - the art of signatures)
- Frequently Asked Questions - Why do some scripts start with #! ...
Mastery of Unix
"Mastery of UNIX, like mastery of language, offers real freedom. The
price of freedom is always dear, but there's no substitute. Personally, I'd
rather pay for my freedom than live in a bitmapped, pop-up-happy dungeon like
NT. I'm hoping that as IT folks become more seasoned and less impressed by
superficial convenience at the expense of real freedom, they will yearn for
the kind of freedom and responsibility UNIX allows. When they do, UNIX will be
there to fill the need." - Thomas Scoville, The Elements
of Unix Style: Unix as Literature
This is a summary of the many (and I do mean many) replies. Thanks to
everyone that contributed.
Why do programmers write unsafe code?
- There is no curriculum that addresses computer security in most schools.
- Programming books/classes do not teach secure/safe programming techniques.
- No one uses formal verification methods.
- C is an unsafe language.
- The standard C library string functions are unsafe.
- Programmers do not think 'multiuser'.
- Programmers are human. Humans are lazy.
- Most programmers are simply not good programmers.
- Most programmers are not security people.
- Most security people are not programmers.
- Most computer security models suck.
- Lots of legacy code that is broken.
- Consumers don't care about security.
- Cost in extra developing time.
- Cost in extra testing.
What secure programming resources are available?
"How Attackers Break Programs, and How to Write Programs Securely"
by M. Bishop.
< http://www.sans.org/ >
UC David ECS153 "Introduction to Computer Security" (M. Bishop)
EnGarde's Secure Programming Tutorial
"Designing Secure Software" by Peter Galvin
"The Unix Secure Programming FAQ" by Peter Galvin
"A Lab engineers check list for writing secure Unix code" by
"How to find security holes" by Kragen Sitaker
"setuid - checklist for security of setuid programs"
"perlsec - Perl security"
"Robust Programming" by M. Bishop
"Security Code Review Guidelines" By Adam Shostack
Talks & Tutorials:
"UNIX Security: Security in Programming" by M. Bishop
"Shifting the Odds: Writing (More) Secure Software" by Steve
Books on writing secure software:
"Practical Unix and Internet Security" from O'Reilly &
Chapter 22 "Writing Secure SUID and Network Programs"
Books on writing bug free software:
"Writing Solid Code" by Steve Maguire
"Code Complete" by Steve McConnel