CertiGuide to Security+  9  Chapter 0:  Read.Me

0.0  Introduction to Security 1 0.2  Hacker vs. Cracker

If you have scanned the first couple pages of this book you understand there are tradeoffs for every choice. Your authors wish to caution you about *any* “solution” that appears to be a cure-all. Over 100 years ago, the western United States had marketing types who rode in wagons selling magic in a bottle to the citizens in less than pleasant conditions. They were known as ‘snake oil’ salesmen. Any marketing guru that promises a sure-fire cure to end all should be considered a 21^st century version of snake oil. There are numerous legitimate solutions that drastically aid in a challenge.

And again, there are no absolutes in this game. The worm Code Red ripped through the Internet because of holes in Microsoft’s Web Server, IIS in early 2002. By the time the year was half over; successful attacks on Linux systems ran 2 to 1 over Microsoft systems.

The best solution today is probably tomorrow’s ‘less than best,’ and may become ‘fish wrap’. As this introduction has pointed out several times, security is a process, not something you throw some attention to and forget. Any zealot telling you something to the effect that Linux is secure and Windows isn’t has not done their homework. If Redmond suddenly starts proclaiming that Windows is more secure than Linux, well that’s marketing. The reality is everybody, including Apple, is a target, simply because it is there.

For 2004 and beyond the “blended threat”¹⁸ seems to be 'raising the bar'. Basic Do's and Don't from Roberta Bragg here¹⁹. “Normal” users: please read this to get an understanding of that which 'so&so’ is facing²⁰. Look at the security utility in the footnote²¹.

In this introduction, we have thrown a number of terms at you. In the interest of clear communications, we would like to introduce a couple more.

0.0  Introduction to Security 1 0.2  Hacker vs. Cracker