Those questions and this thread blew me away: I'm way behind on both of them.
Yes some years ago for maybe a few hours I understood Kerberos and RSA and using RSA to 'sign' a document. And once for about an hour I understood the keys, handshaking, etc. of Microsoft domain servers, Active Directory, or whatever. But I've never since had any occasion to revisit those ideas or any deeper ideas.
Gee, when I took abstract algebra, I got enough number theory to understand and prove Fermat's little theorem, etc., but I've never had to use it. Maybe if I take some of the old source code I have for PGP and want to revise it, then I would look at such number theory again, but I likely shouldn't be working with the internals of something like PGP.
Gee, once I read
David J. Marchette, 'Computer Intrusion Detection: A Statistical Viewpoint', ISBN 0-387-95281-0, Springer-Verlag, New York, 2001.
and understood that well enough, but I'm still nearly clueless about that article and this thread.
Maybe I should know more: I'm building a Web site that I hope will be popular. So I'll have to run a 'server farm' of the necessary size and manage the network in the farm and the connection to the Internet. So, again, maybe I should know more.
Maybe some of you guys could post some more on this thread and get me, and people with similar ignorance, partly caught up.
So, my first broad question would be, in considering my computer and network security, will I really have to work at the relatively low level of those question? E.g., I know next to nothing about SSH, but I will make use of it via software from others. Do I really need to understand SSH at the level of the packets, handshaking, keys, etc.? If I was curious, would thirty minutes with some Wikipedia article be enough? Would I be able to get enough low level access even to use such details? Is it enough and about all I can do just to leave the details and implementation of SSH to others? E.g., I just spent 12 hours today reading about SQL Server logins, users, Windows authentication, permissions, roles, schemata, etc., but again I just get to use these things as a part-time DBA and don't get to see or work with the details. Similarly for other important parts of network security?
Second, is it really true that commonly information security professionals in US companies need to know and work with such details? E.g., when the world changes over to IPv6, will I have to know the details or will I just leave the details to the people who write the code and build the hardware?
I can understand that Cisco, Juniper, Microsoft, developers of Linux, and intrusion prevention device designers need to understand Ethernet and TCP/IP at all levels, but do I?
Net, how much detail is needed, and what is it actually used for?
Yes some years ago for maybe a few hours I understood Kerberos and RSA and using RSA to 'sign' a document. And once for about an hour I understood the keys, handshaking, etc. of Microsoft domain servers, Active Directory, or whatever. But I've never since had any occasion to revisit those ideas or any deeper ideas.
Gee, when I took abstract algebra, I got enough number theory to understand and prove Fermat's little theorem, etc., but I've never had to use it. Maybe if I take some of the old source code I have for PGP and want to revise it, then I would look at such number theory again, but I likely shouldn't be working with the internals of something like PGP.
Gee, once I read
David J. Marchette, 'Computer Intrusion Detection: A Statistical Viewpoint', ISBN 0-387-95281-0, Springer-Verlag, New York, 2001.
and understood that well enough, but I'm still nearly clueless about that article and this thread.
Maybe I should know more: I'm building a Web site that I hope will be popular. So I'll have to run a 'server farm' of the necessary size and manage the network in the farm and the connection to the Internet. So, again, maybe I should know more.
Maybe some of you guys could post some more on this thread and get me, and people with similar ignorance, partly caught up.
So, my first broad question would be, in considering my computer and network security, will I really have to work at the relatively low level of those question? E.g., I know next to nothing about SSH, but I will make use of it via software from others. Do I really need to understand SSH at the level of the packets, handshaking, keys, etc.? If I was curious, would thirty minutes with some Wikipedia article be enough? Would I be able to get enough low level access even to use such details? Is it enough and about all I can do just to leave the details and implementation of SSH to others? E.g., I just spent 12 hours today reading about SQL Server logins, users, Windows authentication, permissions, roles, schemata, etc., but again I just get to use these things as a part-time DBA and don't get to see or work with the details. Similarly for other important parts of network security?
Second, is it really true that commonly information security professionals in US companies need to know and work with such details? E.g., when the world changes over to IPv6, will I have to know the details or will I just leave the details to the people who write the code and build the hardware?
I can understand that Cisco, Juniper, Microsoft, developers of Linux, and intrusion prevention device designers need to understand Ethernet and TCP/IP at all levels, but do I?
Net, how much detail is needed, and what is it actually used for?