Here are the slides for a presentation that I gave in 1999 titled The Zen of Information Security.

Here are the slides for a presentation that I gave in 2000, titled Securing a Linux Box: It's mine, and You Can't Use It., which was in turn based on another presentation that I gave in 1998. As such, a fair bit of this is somewhat dated.

Here are the slides from a presentation I gave in 2002, titled Network Security: A Quick Overview.

Here are the slides from a presentation I gave in 2008, titled Cryptographic Foibles and Missteps.

Here are some programs that I find useful or generally neat:

• If you run a major revision behind on Linux, you can use use Solar Designer's Secure-Linux patch.
• Also from Solar Designer we have nifty port scan detector.
• Solar Designer also has a good password cracker called John the Ripper.
• Solar Designer also wrote a great pop daemon called Popa3d.
• Solar Designer and the Openwall team pulled all this together, and actually made a linux distribution called Owl.
• Fydor wrote a port scanner that you can use to audit your machine. It is called nmap.
• If you occasionally find that you need to change a user's password, but you don't want it to be easily guessable, and you want the user to change it soon, consider random passwords. You can use rpasswd to generate all sorts of random passwords, including word based passphrases.
• If you need to test the reasonableness of an PRNG, you can do large scale statistical testing on it. NIST has developed a series of tests documented in the excellent NIST SP800-22. NIST stopped support for the UNIX version of the test tool, but I've continued to support it here: sts.