Important undiscussed (and firewall related) issues in network
security include:
The importance of logging system activity in tracking break in
attempts, and the use of log files in subsequent court
actions.
Legal and ethical issues, both from the perspective of the
system manager and in relation to the crooks.
Passwords -- their general applicability, the tendency of
people to share them around and the sacrosanct nature of
/etc/passwd
Security within Unix (and other server environments),
and the use of tools such as cops and
crack.
Network security analysis tools, including
nmap and (earlier)
satan.
The entirely unresolved philosophical and ethical question as
to whether it is nobler to discuss issues like all of these in a
full and frank way, or to hide them and hope the students and other
potential bad guys don't hear about them... See, for example,
Charles Tomlinson's 1853 "Rudimentary Treatise on the Construction
of Locks" (available on lots of Web sites) for an excellent
viewpoint on this.
[Previous Lecture] [Lecture Index] [Next Lecture]