Frequently Asked Questions on VIRUS-L/compvirus
4b52313f35e3d742045819277d3c303dbb03bb0ed5fbec704526d91f08f0c5b2
Improving the Security of Your Site by Breaking Into It: Discussion of a number of commonly used attacks on UNIX systems, and how to check your systems for vulnerability to them
91575d495d1b3e2b463590766dd0e0d9decf8bbda0098a26dd02299032050ffa
Federal Criteria for Information Technology Security, Volume 1: The new "Orange Book"
91d70ede5e19abceb9d75f03f29ea485a6b0afbf947519ed1d199ecfad42c2a1
Federal Criteria for Information Technology Security, Volume 2: The new "Orange Book"
b3e165a8eff1c6bde007885ac8f90edf9fafb8ca178214c906aed823f2abd8b8
The complete text of the US Family Educational Right to Privacy Act (the Buckley Amendment), 20 USC
8a9b6e270a14bc31d97a6c93f5932f9596710164db08f7aec11d3ccd2141ae22
Standard for Automated Password Generator: Federal Information Processing Standard No 181
02952ef5f8c13c50eb6ce030fb7c7f1c01dd13574d86e18a35ba67c6136f1652
Software Forensics - Can We Track Code to its Authors? Viruses,worms,trojan horses,and crackers all exis tand threaten the security of our computer systems. Often, we are aware of an intrusion only after it has occurred. On some occasions, we may have a fragment of code left behind - used by an adversary to gain access or damage the system. A natural question to ask is ?Can we use this remnant of code to positively identify the culprit?? In this paper, we detail some of the features of code remnants that might be analyzed and then used to identify their authors. We further outline some of the difficulties involved in tracing an intruder by analyzing code. We conclude by discussing some future work that needs to be done before this approach can be properly evaluated. We refer to our process as software forensics, similar to medical forensics: we are examining the remains to obtain evidence about the factors involved.
51ca864dc4ba5dabd2362150f8fd3492c354f24b3846f274e9535342ae6ff98b
Information about the computer crime laws in France
1d886d56e35e42ebf29c68b4428e7aced7b46ef6cafb8c17fe4134757f2a2251
Security Breaches: Five Recent Incidents at Columbia University: A detailed account of five break-ins at Columbia University, and the steps taken to stop them
2feafb1c47fcd53a7d556a45badd13d69c04f6223800088fc3e67c73f0e5aa3e
Thinking About Firewalls: A description of some of the considerations and trade-offs in designing network firewalls.
354e9098225cd71c585f2ae1f222a7df59e115bb0a5844f33feba7f2f7766af1
An Internet Gatekeeper: A description of how to construct an Internet firewall
671808d0a012bdfacec964ce161ff165a2fc9055011009556cd0724dab2ba474
Green Book on the Security of Information Systems: A document that sets out the development of a consistent approach to Information Security in Europe, taking into account common interests with other countries.
6bba7e535a52a3ed4bd2e857d3e04ef255318bcaf6861df330b237ed20bf63fb
Site Security Handbook - RFC 1244: The product of the Site Security Policy Handbook Working Group of the Internet Engineering Task Force
6e39442e679f0ad24c62d14bf04440c4c84b44a9e9837f03bf71cf161ed4c17e
Computer Break-ins: A Case Study: A study of multiple break-in attempts at Vrije Universiteit in Amsterdam
e6d02e3a0fd550ee1247757d53e59b8cf26e8af72d363ffca0dc5307195dd7a0
Horses and Barn Doors: Evolution of Corporate Guidelines for Internet Usage: A description of how Intel Corp's Internet usage policies were developed.
0c9cf01eae7b116a04dad028cc5069300632ba32ec63eeecf157dff031d6f4b9
Identification Protocol - RFC 1413: A description of the Identification Protocol, a means to determine the identity of the user of a particular TCP connection
02347bfce69a6303df9e02a554abd0bca82e25e751243d7c950ae3d61dedcf9b
Guidelines for the Secure Operation of the Internet - RFC 1281: Provides a set of guidelines to aid in the secure operation of the Internet.
5d0a6db1a5cde0c7608453b7a8f8107a1edbb8805e5fffa26f876ce9b2f5f224
A Network Perimeter With Secure External Access: A description of the firewall in use at whitehousegov
2a0f0711b46a6fae3725b69d6340fabe2aa888202189559596ef0f5b0fc9a166
Information Technology Security Evaluation Criteria: The European "Orange Book".
47b4843b69ff9cbc8f110c8acbd01ed2fc796a597b79577798c555d2b280ca4e
The Internet Worm Program: An Analysis: A description of the algorithms used by the Internet Worm program of November 2, 1988
affa84c4a62ed1123918b7a64289ba5cf8cc9d19567ee5cdad990ab88edae0ba
The Internet Worm Incident A description of the events involved in the Internet Worm of November 2, 1988
8eb9f7185ac48e4ccca04ccc9a7510dabb32136d2718846650061924075abaa7
Designing an Authentication System: A Dialogue in Four Scenes: A "play" in which the characters end up designing an authentication system much like Kerberos Provides an easy-to-understand description of why Kerberos is the way it is.
16fe80c2e2de29d853ad40a1310a0473a61da8860453522091e89e3a20ca97c1
Kerberos: An Authentication Service for Open Network Systems: A description of the Kerberos authentication system
6368a099d905b089968075a87f72e845d263ed0ee2a25e21ddb465b7b7558a9e
Limitations of the Kerberos Authentication System: A description of some limitations and weaknesses in the Kerberos authentication system.
b56bc24f8eb0acdda7f968de1e80f956ec7ce19d1301212bbdd564a0672b9a21
KryptoKnight Authentication and Key Distribution System: An authentication and key distribution system that provides facilities for secure communication in any type of network environment
5239521a40929028d5693e30df4f661a3e4fdffce637545fb696a359735a47a8