Security Links for CSCI
558L
Summer 2001
This page is constantly updated.
|
| General Networking Textbooks |
L. Peterson and B. Davies, "Computer Networks: A Systems Approach", Morgan
Kaufman, 1999.
Richard Stevens, "Unix Network Programming: Volume 1: Networking APIs,
Sockets".
S. Keshav, "An engineering approach to Computer Networking".
Any Linux administration and networking book you may have
|
| Conferences |
9th
USENIX Security Symposium ($25/year student membership. Some
papers on intrusion detection)
Usenix Workshop
on Intrusion Detection and Network Monitoring (1999)
8th
USENIXSecurity Symposium (1999)
7th
USENIX Security Symposium (1998)
6th
USENIX Security Symposium (1996)
NANOG
|
| Security Web Sites |
The National Infrastructure Protection Center (NIPC)
The Whitehats web site (security
news, tools, IDS signatures)
Security focus
CERT/CC
The SANS Institute (System Administration,
Networking and Security)
Security Portal
Packet Storm (lots of info,
a MUST see)
Root Shell
@stake
Trusecure
Secureroot
|
| Projects |
The Computer Security Laboratory
at UC Davis
The Lighthouse Project
at
U. of Michigan
ARQoS
"Protection of Network Quality of Service Against Denial of Service Attacks"
at North Carolina State
SPIE: Source Path
Isolation Engine at BBN
|
| Hacker Magazines |
Phrack
2600
Many more magazine
links at Packetstorm
|
| Hacker sites |
hack.org
hack-net.org
hackers.com
hacking exposed
www.stargazer.net/~flatline/
The art of hacking
ftp
hacking
Pulhas
Spyking
www.geocities.com/SiliconValley/1947/
|
| Various Links |
DoS Links
at Network World Fusion
Dave Dittrich's page at
University of Washington (excellent site: tons of security-related links)
A nice collection of DoS
links
RFC 2267: Network Ingress
Filtering
Some short
security tutorials
Maximum Security: A Hacker's Guide
to Protecting Your Internet Site and Network (on-line book)
Secure Connections
from a Unix System using SSH
|
| Network Monitoring Tools |
nmap
ntop
dsniff
tcpdump and Libcap repository
Netlitmus:
An anti-spoofing test tool
|
| Network Attack Tools |
The Ramen
Toolkit
trinoo
The Tribe
Flood Network (TFN)
stacheldraht
mstream
shaft
More Distributed
Attack Tools
Even More tools
|
| Forensic Computing |
http://www.fish.com/forensics/
|
| Network Intrusion Detection
Systems |
DARPA Intrusion Detection Evaluation
(work done at MIT)
Intrusion
Detection Planning Guide from Cisco
Emerald
snort
IDS tools at Packetstorm
(dozens of links)
A short
tutorial on IDS
ICSA
Labs (white paper on IDS assessment)
Network Flight Recorder (NFR)
|
| Buffer and stack overflow, Trojan
horses, etc. |
Smashing the stack for fun and
profit (Phrack, vol. 7 #49)
Blocking
buffer overflow attacks (article from Network
Magazine)
A short
tutorial on Trojan Horses
Some Buffer
Overflow paper
The Tao of Windows
Buffer Overflow
Libsafe: Protecting
Critical Elements of Stacks (from Bell-Labs)
|
| Linux related sites |
Preventing
Distributed Denial of service attacks in Linux
Linux Network
Administrator's Guide, 2nd Edition
Linux
Reverse Engineering Tools
More on Linux Reverse Engineering
|
| Presentations |
A real-audio presentation
at NANOG from Stefan Savage on IP Traceback
methods.
|
| Papers on IP Traceback |
Bellovin, "ICMP Traceback Messages", draft-belovin-itrace-00.txt,
work in progress (expired Sept 2000).
Park, K., Lee, H., "On the effectiveness of probabilistic packet
marking for IP traceback under denial of service attack", Technical Report
CSD-TR 00-013, Purdue University, June 2000. [ps]
Savage, S., Weatherall, D., Karlin, A., Anderson, T., "Practical Network
Support for IP Traceback", Proceedings of Sigcomm 2000. [ps,
pdf].
Song, D., Adrian, P., "Advanced and Authenticated Marking Schemes for IP
Traceback", Technical Report No. UCB/CSD-00-1107, University of California
at Berkeley, June 2000. [ps,
pdf]
UUnet's Centertrack: paper,
presentation
Traceback work
at BBN
|
| Companies |
Astanetworks
Counterpane
Mazu Networks
Foundstone
Cloudshield
Arbor Networks
OneSecure
|
| CS558 Students' Sites |
|
(TBA)
|