Thursday Morning

I decided to take the rest of the week off for vacation. I will be bloging and gaming. I'm going to go see Narnia later today, which should be cool. I will be posting a review about it today.

Yet another blog I started

I have started a new blog to test out WordPress. Here is the link: http://phuture.wordpress.com. Why did I decide to try Wordpress? Why not. Its free currently for a lite version and the interface is clean and simple to use. This is very important to me. Dont get me wrond I feel comfortable in any *nix shell enviroment and can move around but I think about other people who are lacking the skills in the computer department.

Keep It Simple Stupid

KISS- I have been applying this to my life lately, throwing out alot of junk. Organizing and enjoying the things that I have not what I want. I can honestly say Im happy. How does this relate to computer security? It doesnt I just felt like ranting.

More papers on security.

Its back to work for me. I will be posting some more articles here shortly. I'm currently working on a physical security paper expalining about CCTV, Alarms and Biometrics. This should be a good paper. This weekend I studied ARP poisining and spoofing and ways to try to prevent it. It really is amazing how hackers change their MAC address to get free Internet access at your local starbucks on your dime.

Cisco PIX 506E

Cisco Pix 506E Security Appliance

This firewall is a enterprise class security appliance. It could be used for small to medium sized businesses, sattelite offices and regional offices.It supports two 10/100 fast ethernet cards and also two 802.1q virtual interfaces.This alows your business to create a DMZ or demilitarized zone. This is a spot on your network that you put your webservers but not your backend servers like SQL or Exchange. Cisco took the approach of multilayered defense again with this product and it has alot of nice feautres to help protect your network and data.There are no moving parts making it more reliable.

The Cisco Pix 506E uses what Cisco calls Cisco Adaptive Security Algorithim.This provides statefull packet inspection it logs all authorized attempts to use the network as well as trying to block unauthorized access.The firewall is designed to look for common vulnerabilities, it looks for about 55 well known attacks.It inspects layers 4 through 7 os the OSI layers. The Cisco Pix 506E also looks at application data traversing the network and even protocol status.The designers of this firewall did a good job. The Cisco Adaptive Security Algorithim does protocol field checking and also URL length checking. It does not mention anything about if it can filter Unicode.It has over 100 applications already documented so you can allow or disallow them easily.

Cisco PIX Device manager allows administrators to manage their network remotely.Network or Firewall administratos can still create their own ACL's or access control lists and user and group based policies. Network administrators can decide which applications that are and are not allowed thru their network as well as protocols.Protocols that this device checks are HTTP, FTP,SMTP, DNS, SQl*Net,NFS,ILS, SCCP and many more.For instance I would not allow my employess to use Telnet, if they needed remote connectivity at all I would suggest SSH using a cool program called Putty for Windows based machines.

Since Im on the topic of remote management I will talk about some of the Cisco Pix 506E solutions.The are many different ways to mange this device. It can be troubleshooted and configured remotely.If you have a web browser which I hope all admins have, you can access this firewall through the Internet. It uses SNMP simple network management protocol for monitoring devices on the network.You can use Auto Update server, security monitor and management center for firewalls.

The firewall does auditing, has support for Dynamic devices on the network and can do software images.

The Cisco Pix 506E also has support for VPN's or virtual private networks.You can use either IKE Internet Key Exchange or IPsec.Cisco also offers VPN concentrators to speed up connections. I will be writing articles on those shorlty. The encryption standards it supports are DES data encryption standard, this is crackable. 3DES which is more secure and AES advanced encryption standard. I recommend the later. The VPN can work with NAT or network address translation which hides your internal IP address from the Internet. Support for up to 10 VPN uers.The firewall also supports TACAS+ and RADIUS.

VoIP- Voice over Internet protocol can also be ran thru this firewall. So that you can sleep well at night knowing that your multimedia and voice connections are secure.
This is probably my favorite about this device. Intrusion Prevention. This firewall has tools that protect it from many well-known attacks.

Dos or denial of service attacks are prevented from bringing down your network and firewall. I do question how much data this device can take before shutting down or how many packets it can drop quickly. There tools are called DNSGuard, FloodGuard, MailGuard, IPVerify and TCP intercept.

This firewall can also contact adminstrators real time thru a cell phone SMS or email thru a devich such as a RIM Blackberry.I have read of software that will allow you to SSH to your router, computer thru the Blackberry. Cisco's auditing software is called CiscoWorks Information management Solutions or SIMS.No not the game. It collects and anayzes data from across your network allowing you to prioritize threat levels.

Benjamin Hargis
Phuture Networks
http://www.phuturenetworks.com/
http://www.computersecurityadvice.com/

Voice over IP

I hear allot about VOIP what is it?

VOIP stands for voice over internet protocol. Basically it means making phones calls over your local area network (LAN) or even across the Internet.

VOIP is normally cheaper than your PSTN that’s public switched telephone network i.e. your local carrier.

VOIP is a good choice for businesses as well to save money on long distance calls if they have many satellite offices. VOIP service providers usually have lower fees because they are not a government regulated currently as the phone systems which at one time were a monopoly. VOIP can even be free if you connect directly to another VOIP client.

VOIP routers can send your incoming phone calls to you anywhere thus cutting down on the number of lines and you can be reached anywhere you have a Internet connection.

This and the combination of technologies like WiFi are going to make for one huge network. That voice, data and video will be sent everywhere and from anywhere. With this VOIP technology you have allot more features as well such as Caller ID, Call Forwarding and answering services all from your computer or PDA.

There are some issues to still be worked on.

Here are some:

The amount of band with required.

Security issues- what type of encryption should be used and how much is going to slow down the call and network?

This is a exciting and new technology which I will be writing more about.

Benjamin Hargis

More info on Cisco PIX 501

Cisco Firewall PIX 501

This firewall is designed for homes and small businesses.This firewall can support up to ten users on a basic license from Cisco. It has a 133 MHz processor and comes with 16MB's of RAM. In addition it has 8MB of Flash RAM.

The Firewall also comes with 1 uplink port and a four port switch. It does not support Layer 2 transparent fire walling. It also does not support the routing protocol OSFP which stands for Open Shortest Path First. There is no VLAN-Virtual Local Area Network.

The PIX 501 allows you to setup a VPN-Virtual Private Network easily with the Cisco Easy VPN Server.

The firewall supports speeds up to 60Mbps bidirectional.

When you implement cryptography such as 3DES or DES it slows down the traffic.The PIX 501 can support anywhere from 50-unlimited users depending on your license

Cisco PIX Technology

Cisco PIX Security Appliance.

Cisco PIX Security applications can enforce policies on users and applications.

Cisco PIX can protect you from many different network and Internet based attacks.

Cisco PIX offers secure connectivity, using methods such as SSHv2 Secure Shell Two and VPN virtual private networks.

This is fairly easy to setup.

Cisco PIX can provide you with secure VOIP voice over internet protocol.

IPSec or Internet Protocol Security IPSec can be setup for VPN's.

Cisco PIX Security appliances provide multiple layers of security.

This hardware/software based solutions is designed to look for anomolies aka weird traffic thats not normal on your network, which could be an indication of a attack.

There is over thirty different engines looking for different attack signatures.

The current version is Cisco PIX appliance version 7.0

Here are some of the feautures:

You can rollback previous configurations in IOS.

QOS- Quality of Service

You can update software on the fly with bringing down the hardware. No rebooting.

VPN client security

Layer 2 transparent firewall.

This is really interesting 3G mobile security services.

You can configure the firewall to block instant messaging, point to point networking P2P.

You have the ability to block applications trying to tunnel thru your network with encrypted
traffic.

Cisco PIX provide rich statefull packet inspection PIX can protect your voice, data, and video
traffic.

Version 7.0 also supports IKE or Internet Key Exchange.

Everything can be managed from Cisco Adaptive Device Manger which can be console and web based.

Benjamin Hargis CEO Phuture Networks
http://www.phuturenetworks.com
http://www.computersecurityadvice.com/
Here are some other sites for you viewing pleasure:http://www.checkmategame.blogspot.com
http://www.realestatelead.blogspot.com/

Sales Tips

-Here are some tips for people in sales, hope this helps.

Anticipate objections and be ready with rebuttals.

Get down to the real objection.

Follow up with all leads.

Do it the best its ever been done.

Its all numbers, dial more.

Provide value for customers.

Control the conversation, listen even more.

Follow ethical practices.

Planning, goal setting, decision making, delegation and communication work on improving these areas.

Toss out ideas at meetings.

Keep abreast of the market

Look for multiple sources of income.

Assume responsibility for your actions.

Build relationships.

Network like crazy.

Be resourcefull, ready, remebered and relentless.

Help customers discover the best solutions.

Persist and dont give up!

I've been in sales for 15 years this can be valuable to new sales people and veterans.

Building Internet Firewalls

Building Internet Firewalls by Oreilly

This book covers the basics of firewall technology to the nitty gritty details. I highly recommend it. It is well written and covers such interesting topics as protocols, databases, security strategies and examles of firewall setups.

Building Internet Firewalls covers packet Filtering, Proxy Services, NAT- network address translation and VPN's virtual private networks. Firewall architecture such as single box, screened host, bastion host, multiple screened hosts, modems and internal firewalls for your intranets.

The different ways to filter traffic are also discussed in depth. You can filter based upon address, protocol, source and destination addresses amongst many other variables. It discusses both Micorsoft Windows and *nix based solutions.

It goes over Internet Services such as RPC, DCOM, DOM, CIFS, SMB, SSL, RAS, PPTP and so many others.

This book is a awesome reference to add to your security analyst book collection.

Microsoft Security Update

Microsoft has released several security alerts for Microsoft Internet Explorer. Here are four of them:

HTTPS Proxy Vulnerability (CAN-2005-2830)

File Download Dialog Box Manipulation Vulnerability (CAN-2005-2829)

COM Object Instantiation Memory Corruption Vulnerability (CAN-2005-2831)

Mismatched Document Object Model Objects Memory Corruption Vulnerability (CAN-2005-1790)

This can cause problems ranging from attackers reading web addresses sent to a proxy server to running malicious code on your hosts to gain admin access.

MS05-055Vulnerability in Windows Kernel Allows Elevation of Privilege (908523)http://www.microsoft.com/technet/security/bulletin/MS05-055.mspx

This one allows attackers to escalate or gain higher privleges than allowed an example would be a user with no rights gaining administrative control of the machine. It is possible to change kernel memory with this vulnerability. This can lead to remote code execution as well.

Cisco PIX 501 security appliance

The is a firewall thats easy to set up for home or small office. It has a four port fast Ethernet switch built in.

This firewall can provide up to 60Mbps data transfer or 3Mbps of encrypted traffic using (3DES) . This can be used for VPN's Virtual Private Networks.

It supports AES which is the Advanced Encrytion Standard at up to 4mbps.

Here is Cisco's overview of their product

SANS going to start IT college

SANS will create a IT college! This is great news. Its going to be in Maryland, hmm I wonder why. Maryland is famous for computer security why do you ask? The National Security Agency is there. I would love to attend this school, it would be fun. They will offer two programs for Masters Degrees:

Information Security Engineering
Information Security Management

This will not be easy there looking for high GPA's and recommendations from employeers.

Security Warrior

This is a great book that gets more technical than most books I read. What does it contain? What does it not :)

It has assembly programming tutorials, reverse engineering concepts and tools. Overflow attacks and ways to stop them or at least make it more difficult.

TCP/IP analysis and tools to help in your network engineering chores. It breaks down protocols and their strengths and weaknesses.

It also covers forensics, and anti-forensics. SQL, Wireless, VPN's and SSL.

There is so much in this book and its a great read and handy reference this is my third time reading it so I recommend it to any security analyst's bookshelf.

Bidding for Excel Vulnerability

A cracker discovered a hole in Microsoft Excel and try to auction it off! This is a first, kinda funny in my opinion. Ebay quickly pulled it from their website. This is a goodthing. There are tons of free software out on the Internet to recover Microsoft Office passwords.

I use many Linux Distributions on bootable CD's to recover these from clients who have forgot or lost their passwords. I can recover most files even ones that have been deleted.

Virus Definitions

I'm amazed on how so many people think that antivirus software is a cureall its only as good as your last updates. Malicious users write malware daily to exploit and corrupt your systems. Turn on your auotmatic updates! YOu should also use a firewall, if your using wireless use WPA with strong paawords.

Spyware is also rampant on the Internet is your homepage changing automatically? There is also the threat of keyloggers which could be logging your bank account info, or even your Amazon account information! Use tools such as SpyBot Search and Destroy or Adaware.

What is PERL?

Practical extraction and reporting language. Perl is a stable programming language. It is great for automating tasks, especially system administration chores. It is Open Source which means its free.

PERL was created by Larry Wall. PERL is sometimes called the duct-tape of the internet. PERL can be used with popular database programs and implemented into websites as well.

Where can you get PERL? http://www.perl.org/get.html

Website on PERL http://www.perl.org/news.html

The PERL Journal http://www.tpj.com/

Examle of PERL code:

A cheap alarm clock: perl -e ’sleep(120); while (1) { print "\a" }’

Random Password Generator

Steve Gibson writes great software. This tool will generate random passwords for you you, this is usefull for alot of things such as WPA and WEP.

https://www.grc.com/passwords

It gives you 3 choices!

63 random alpha-numeric characters (a-z, A-Z, 0-9)

63 random printable ASCII characters

64 random hexadecimal characters (0-9 and A-F):

Want to learn ARM assembly?

So what exactly is ARM, its a RISC based processor it can be used for mobile applications such as cellphones, it also can be used for routers, switches and hubs. I like embedded programming and figured I would include a link to learn to code in assembly for ARM.

http://www.heyrick.co.uk/assembler

Microsoft Security Video

This come from Microsoft in Japan- it is so cool.

From Microsoft Japan
http://www.microsoft.com/japan/athome/security/images/thinksecurity/tv/thinksec_1m.wvx

Firefox Vulnerability

We all new this one was coming. I love Firefox but the more popular it gets the more were going to see holes and exploits. Its still alot safer than IE.

http://isc.sans.org/diary.php?storyid=920

This code was written just to test Firefox, and it worked.

Real Estate Website

Check this out if you are in Real Estate http://realestatelead.blogspot.com/

Voice Over IP

This technology is hot, it allows you to make phone calls over the internet with the IP protocol, companies like Google might have plans to use this nationally already. There is also VONAGE.

You can check them out here : http://www.vonage.com/

Looking for a great debugger?

IDA Pro dissasembler is perfect for looking at machine language. Word of warning it is difficult to use, but it is the best in my opinion. It works with different processors as well. It also serves as a dissasembler. This is great for looking at Malware to find it what makes it tick and see which system calls its using. It call also allow you to view HEX. Stacks, jumps, tables it has it all!

Wired buffer overflow show

I came across this on Wired's website www.wired.com It's a flash program showing how a buffer overflow works. Pretty cool yet makes it look way to easy :) Generating shellcode is not for the faint. Here is the link http://ly.lygo.com/ly/wired/news/flash/special_reports_bugs_1.html

Microsoft Internet Explorer Vulnerability

Another one? Come on Microsoft, Smart people use Firefox www.mozilla.org. There is a window() object that fails to check code passed thru it correctly. An attacker can execute code to launch a shell and take over the computer. The IE user would have to view a HTML documnent or email to be affected.

Disable Active scripting.

Follow this link to check out a paper on malicious active scritping:
http://www.cert.org/tech_tips/malicious_code_FAQ.html#ie56

Cisco Vulnerability

Cisco just released a report warning of a flaw with OpenSSL www.openssl.org/ It is possible for an attacker to perform a man in the middle attack by spoofing IP addresses thru DHCP. DNS posioning is also a possibility only certain version of BIND are affected. For more information go here: http://www.cisco.com/warp/public/707/cisco-response-20051202-openssl.shtml

Best computer security websites

Here are websites I frequent alot:

http://www.securityfocus.com
http://www.packetstormsecurity.nl
http://www.sans.org
http://www.cert.org
http://www.securiteam.com
http://www.linuxsecurity.com
http://www.phrack.org
http://www.neworder.box.sk
http://www.slashdot.org
http://www.google.com
http://www.securitynewsportal.com
http://www.infosyssec.com
http://www.snort.org
http://www.honeynet.org
http://www.dshield.org
http://www.astalavista.com
http://www.whitehats.com
http://www.incidents.org
http://www.microsoft.com
http://www.iss.net
http://www.cisecurity.org
http://www.networkintrusion.co.uk
http://www.isc.incidents.org
http://www.grc.com
http://www.foundstone.com

Web Programming

Have you ever seen acronyms like SOAP, XML, HTML and wonder what they are. Would you like to learn how to code in DTD, CSS or learn server scripting like PHP? This site shows you everything has awesome tutorials and is laid out easily.

http://www.w3schools.com/

Global Information Assurance Cert

Sans http://www.sans.org came up with a certification called GIAC. The basic cert is for security fundamentals. There are advanced topics like forensics, firewalls, incident handling, hacker techniques, and windows and unix OS information. This looks like a solid cert to obtain.

Here is all the certifications they offer:

http://www.giac.org/certifications/

TCP/IP

Need hep understanding IP addressing? Here is one of the best papers that Ive found on the net. Explains everything from subnetting to broadcast addressing. It also explains about the different classes such as A, B, C and D. http://www.bergen.org/ATC/Course/InfoTech/Coolip/

One of the best sites for Computer Security Training

I came across this site and it has a ton of information on different security certificates that are out there. http://www.cccure.org/

Looking for Information on CISSP

This is the official site to get information on obtaining your CISSP certificate. This site has alot of great information on it. Check it out here: https://www.isc2.org/cgi-bin/index.cgi

Hardware Modification

If your anything like me you like to take things apart and make them better, faster, smaller, lighter etc. Here are some great sites to help you out with your modding.

http://www.hackaday.com

http://www.makezine.com/blog/

Cpanel

My friend decided to host my website, I know have access to this program called Cpanel, its sweet, I have many scripts I can play with and best of all its running on a Linux server. Say goodbye to be stuck in some lame program where I cant even view the HTML :) It has full support for PERL, PHP its looks awesome.

http://www.cpanel.net

Cisco CCNA Certification: Broadcasts, Unicasts, And Multicasts

When you begin your CCNA studies, you get hit with a lot of different networking terms right away that you might not be familiar with. What makes it a little more confusing is that a lot of these terms sound a lot alike. Here, we're going to discuss the differences between broadcasts, multicasts, and unicasts at both the Data Link (Layer 2) and Network (Layer 3) layers of the OSI model.

A broadcast is simply a unit of information that every other device on the segment will receive. A broadcast is indicated by having every bit of the address set to its highest possible value. Since a hexadecimal bit's highest value is "f", a hexadecimal broadcast is ff-ff-ff-ff-ff-ff (or FF-FF-FF-FF-FF-FF, as the upper case does not affect hex value). The CCNA exam will demand you be very familiar with hex conversions, so if you're not comfortable with these conversions, get comfortable with them before taking the exam!At layer 3, a broadcast is indicated by setting every bit in the 32-bit binary string to "1", making the dotted decimal value 255.255.255.255.

Every host on a segment will receive such a broadcast. (Keep in mind that switches will forward a broadcast, but routers do not.) In contrast to a broadcast, a unicast is a packet or frame with only one destination. There is a middle ground between broadcasts and unicasts, and that is a multicast. Where a broadcast will be received by all, and a unicast is received by only one host, a multicast will be received by multiple hosts, all belonging to a "multicast group". As you climb the Cisco certification pyramid, you'll be introduced to creating multicast groups and controlling multicast traffic, but for your CCNA studies you need only keep certain multicast groups in mind.Class D addresses are reserved for multicasting this range is 224.0.0.0 - 239.255.255.255.

The addresses 224.0.0.0 - 224.255.255.255 are reserved for use by network protocols on a local network segment, and like broadcasts, routers will not forward these multicast packets. (Packets with these addresses are sent with a Time To Live of 1.)As a CCNA candidate, you should know that OSPF routers use the address 224.0.0.5 to send hellos, EIGRP routers use 224.0.0.10 to send updates, and RIP version 2 uses 224.0.0.9 to send routing updates. RIP version 1 and IGRP both broadcast their updates.Multicasting gets a bit more complicated as you go from your CCNA to the CCNP and CCIE, but by simply understanding what multicasting is, you go a long way toward securing the CCNA.

Cisco Router Security

Network security is a hot topic today, and will only increase in importance in the months and years ahead.While most of the attention is paid to exterior threats, there are some steps you can take to prevent unwanted Cisco router access from within your organization.Whether you want to limit what certain users can do and run on your routers, or prevent unauthorized users in your company from getting to config mode in the first place, here are four important yet simple steps you can take to do so.Encrypt the passwords in your running configuration.This is a basic

Cisco router security command that is often overlooked. It doesn’t do you any good to set passwords for your ISDN connection or Telnet connections if anyone who can see your router’s running configuration can see the passwords. By default, these passwords are displayed in your running config in clear text.One simple command takes care of that. In global configuration mode, run service password-encryption. This command will encrypt all clear text passwords in your running configuration.Set a console password.If I walked into your network room right now, could I sit down and start configuring your Cisco routers? If so, you need to set a console password. This password is a basic yet important step in limiting router access in your network.

Go into line configuration mode with the command “line con 0”, and set a password with the password command.Limit user capabilities with privilege level commands.Not everyone who has access to your routers should be able to do anything they want. With careful use of privilege levels, you can limit the commands given users can run on your routers.Privilege levels can be a little clumsy at first, but with practice you’ll be tying your routers down as tight as you like. Visit www.cisco.com/univercd for documentation on configuring privilege levels.Configure an “enable secret” password.It’s not uncommon for me to see a router that has an enable mode password set, but it’s in clear text. By using “enable secret”, the enable mode password will automatically be encrypted. Remember, if you have an enable password and enable secret password set on the same router, the enable secret password takes precedence.These four basic steps will help prevent unwanted router access from inside your network. If only preventing problems from outside your network was as simple!

Author: Chris Bryant

Tips On Buying A Cisco CCNA / CCNP Home Lab Kit

Buying a CCNA / CCNP home lab is the best way to be totally prepared for your Cisco exams.

Most home labs are put together one router or switch at a time, but many CCNA / CCNP candidates prefer to buy kits where you get multiple routers and switches, along with all the cables and other connection devices you'll need.
While this is a good idea, keep a few things in mind when purchasing Cisco home lab kits.

Don't buy anything you don't need. The problem is that when you're first starting out with your Cisco home lab, you don't know everything that you need. (I sure didn't!) Keep in mind that you only need one transceiver per AUI port on a Cisco router, so if you're getting routers with two AUI ports in all, you don't need five transceivers in the kit. It doesn't hurt to have one spare, but three is a little too much.

More importantly, don't buy kits with old CCNA or CCNP study guides included. I've seen kits with books that were three years old and were of no use to the candidate. If you see a kit that looks good but includes books or manuals you just don't want, ask the vendor for a price that doesn't include the books. It never hurts to ask.
Watch the IOS version. Unless you've got access to IOS upgrades, you'll be working with the

IOS version that's on the routers and switches when you buy the kit for a while. You don't necessarily need the latest and greatest IOS version for CCNA study, but don't buy routers with IOS versions beginning with "10" unless you have an IOS to upgrade them with. (And make sure the routers have enough memory to handle the IOS you plan on putting on them.)
Purchasing a Cisco CCNA / CCNP Home Lab is one of the best investments in your career that you will ever make. Exercise just a bit of caution when purchasing your kit, and you'll be on your way to true Cisco success, in the exam room and on your network!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage , home of free CCNA and CCNP tutorials! Pass the CCNA exam with Chris Bryant!

Some things I would like to accomplish in my lifetime

Master UNIX
Visit Japan
Master spanish
Get my pilot's license
Visit Tibet
Learn Zen
Get a degree
Get a degree in Computer Science
Get married
make money
Invest in Real Estate
workout daily
Speak chinese
Help mankind
Become a engineer
Get my HAM license
understand electronics
understand physics
be a better boyfriend
get my MBA
Get a PhD
Purchase a home
Pray daily
stop smoking
visit Europe
Purchase a powerbook
Purchase a Sun Workstation
Design Planes
Get a job in Aerospace
learn GO Get a handheld GPS unit
Purchase an Escalade
eat healthier
visit Bali
Retire in Montana
own a boat

Classes I'm planning on taking:

Introduction to Engineering
Personal Finance
Physics
Chemistry
Logic
Business Writing and Communication
Finance
Child Psychology
Web Design
PERL
PHP
C and C++
Cryptography and Security Mechanisms
Practices for Administration of Physical and Operations Security Security in Systems Architecture and Applications Disaster Recovery/Forensics

You may ask all those? Yes, I love learning. Wouldnt mind getting a PHD. :)

Classes Ive taken in no particular order

UNIX/Linux System Administration
UNIX/Linux Operating System
Business 001 - Introduction To BusinessBusiness 005 -
Business Law I
Management 001 - Principles Of Management
Psychology 001 - General Psychology I
Philosophy 001 - Introduction To Philosophy
Internetworking
Electronics
Computer Repair
Computer Networking
Microsoft Windows
Spanish 001 - Elementary Spanish I
Computer Information Systems 787 - Network Essentials

Configuration Guidelines from CERT

I recommend that all sys administrators read these excellent articles:


Home Network Security
Windows NT Configuration Guidelines
UNIX Configuration Guidelines
UNIX Security Checklist New Version 2.0
Anonymous FTP Configuration Guidelines