|
Techniques Adopted By 'System Crackers' When Attempting To
Break Into Corporate or Sensitive Private Networks
Network Security Solutions Ltd.; 1998; ASCII
This white paper was written to help give systems administrators
and network operations staff an insight into the tactics and
methodologies adopted by typical system crackers when targeting
large networks.
Understanding Microsoft Proxy Server 2.0
NeonSurge - Rhino9; 1998; ASCII
A paper on the MS Proxy Server features, architecture, etc.
Millenium Hacking (Hacking 2000)
CyberTech Security (UHF); 1998; ASCII
A general HOWTO for hacking with a goal of showing what hacking
was like at the end of the millenium.
Packets Found on an Internet
Bellovin, Steven M.; 1993; Postscript
A very interesting paper describing the various attacks, probes,
and miscellaneous packets floating past AT&T; Bell Labs' net
connection.
Security Problems in the TCP/IP Protocol Suite
Bellovin, Steven M.; 1989; Postscript
A broad overview of problems within TCP/IP itself, as well as
many common application layer protocols which rely on TCP/IP.
There Be Dragons
Bellovin, Steven M.; 1992; Postscript
Another Bellovin paper discussing the various attacks made on
att.research.com. This paper is also the source for this page's
title.
An Advanced 4.3BSD IPC Tutorial
-
PDF Version
Berkeley CSRG; date unknown; Postscript
This paper describes the IPC facilities new to 4.3BSD.
It was written by the CSRG as a supplement to the manpages.
NFS Tracing by Passive Network Monitoring
Blaze, Matt; 1992; ASCII
Blaze, now famous for cracking the Clipper chip while at Bell
Labs, wrote this paper while he was a PhD candidate at Princeton.
Network (In)Security Through IP Packet Filtering
-
PDF Version
Chapman, D. Brent; 1992; Postscript
Why packet filtering is a difficult to use and not always a very
secure method of securing a network.
An Evening with Berferd
Cheswick, Bill; 1991; Postscript
A cracker from Norway is "lured, endured, and studied."
Improving the Security of your Unix System
Curry, David, SRI International; 1990; Postscript
This is the somewhat well known SRI Report on Unix Security.
It's a good solid starting place for securing a Unix box.
COPS and Robbers
Farmer, Dan; 1991; ASCII
This paper discusses a bit of general security and then goes into
detail reguarding Unix system misconfigurations, specifically ones
that COPS
checks for.
Improving The Security of Your System by Breaking Into It
Farmer & Wietse; date unknown; ASCII
An excellent text by Dan Farmer and Wietse Venema. If you
haven't read this before, here's your opportunity.
A Simple Active Attack Against TCP
-
PDF Version
Joncheray, Laurent; 1995; Postscript
This paper describes an active attack against TCP which allows
re-direction (hijacking) of the TCP stream.
Foiling the Cracker
Klein, Daniel; Postscript
A Survey of, and Improvements to, Password Security. Basically
a treatise on how to select proper passwords.
A Weakness in the 4.2BSD Unix TCP/IP Software
Morris, Robert T; 1985; Postscript
This paper describes the much ballyhooed method by which one may
forge packets a stink about it!
The Risks of Key Recovery, Key Escrow, and Trusted 3rd Party
Encryption
Various Authors; May 1996; ASCII
This paper examines the technical risks, costs, and implications
of deploying systems that provide government access to encryption
keys.
Thinking About Firewalls
-
PDF Version
Ranum, Marcus; Postscript
A general overview of firewalls, with tips on how to select one
to meet your needs.
ALT2600.txt
Voyager; 1995; ASCII
This is the FAQ from the internet news group Alt.2600. Deals with
various topics concerning hacking and phreaking.
The Hacker's Handbook
Cornwall, Hugo; 1985; ASCII
A book about hacking techniques, hacking intelligence, Networks,
etc.
Crash Course in X-Windows Security
Unknown Author; Unknown Date; ASCII
This document will help you learn about X-Windows Security and how
to make it more secure.
Things that go Bump on the net
Unknown Author; Unknown Date; ASCII
This is a brief look at some of the more colorful characters in
the menagerie of network security threats, with an emphasis on
how they relate to agent-based sytems.
Securing X Windows
Fisher, John; 1995; ASCII
This document talks about how X-windows works, Host
Authenticiation and Token Authenticiation, Xterm Vulnerablities
and related security information.
A Unix Hacking Tutorial
Sir Hackalot; Unknown date; ASCII
A Excellent hacking tutorial for the starting hacker or
hacker-wanna-be.
The Neophyte's Guide to Hacking
Deicide; August 1993; ASCII
Another guide for beginning hackers that talks about a wide
range of topics.
Hacking Kit version 2.0 Beta
Invisible Evil; March 1997;ASCII
A very detailed and well written guide for hackers. This
document is also fairly up to date and includes examples and
source code.
IP Hijacking
Laurant Joucheray; April 24, 1995; Postscript
This paper discuesses the art of IP hijacking.
Linux security archives by date
Various Authors; March 1995 through October 1996; ASCII
The Linux Security list-archives from March 1995 through
October 1996.
Sockets Frequently Asked Questions
Vic Metcalfe; August 1996; ASCII (tarred and zipped)
Socket Frequently Asked Questions includes many examples and
source code.
Confidence Remains High Issues 1-6 + Summer Issue
Various Authors; Various Dates; ASCII (tarred and zipped)
An excellent magazine discussing hacking, phone, radio, and more.
Common Insecurities Fail Scrutiny
*Hobbit*; January 1997 ; ASCII
An analysis of TCP/IP NetBIOS file-sharing protocols is presented
as well as the examination of protocol and administrative
vulnerabilities.
Firewall Papers and Performance Issues
-
PDF Version
Various Authors; April 1997 ; Various Formats
This is a small collection of Papers and source concerning
firewalls and their performace.
Linux Stack OverFlows
Willy Tarreau; June 1997 ; HTML
An HTML page with sample utilities describing stack overruns
on Linux.
Hacking Unix Systems
Red Knight; October 1989 ; ASCII
An Indepth Guide to Hacking UNIX and the Concept of Basic Networking.
Sequence Number Attacks
Rik Farrow; December 1994 ; ASCII
A brief article that gives an overview of TCP sequence number
attacks. (Includes rfc1948 which shows how to protecte against
TCP sequence no. attacks.)
Buffer OverWrites
Various Authors; June 1997 ; Various Formats
A collection of papers and utilities concerning the art of
buffer overwriting.
Introduction to Internet Protocols
Charles L. Hedrick; July 1987; ASCII
An introduction to the Internet networking protocols (TCP/IP).
A Novice's Guide to Hacking
The Mentor; December 1988; ASCII
Another good source of reading for beginners.
Backdoors
Christopher Klaus; August 1997; ASCII
A discussion of many common backdoors and ways to check for them.
Them and Us
Paul Taylor; June 1997; ASCII
Chapter 6 of Paul Taylor's Hacker Book which talks about some
of the ethics and boundaries of hacking.
The Design of a Secure Internet Gateway
Bill Cheswick; Unknown Date; Postscript
This paper describes an internet gateway configuration that helps
protect the internal network even if an external machine is
compromised.
Some Problems with the FTP Protocol
David Sacerdote; April 1996; ASCII
Discusses problems with the File Transfer Protocol, a failure of
common implementations, and suggestions for repair.
Psychotic's Unix Bible
Virtual Circuit; Unknown Date; Zipped
An excellent Unix resource to have. The Unix Bible contains and
illustrates many Unix commands and their syntaxes.
The interaction of SSH and X11
Ulrich Flegel; September 1997; Postscript
Thoughts concerning the security of SSH in conjunction with X11.
Beginners Guide to Hacking
Phantom; October 1997; ASCII
An excellent guide with examples and text discussing getting
access, hacking root, covering tracks, and much more.
|
