Top: Publications: Papers

Intrusion_Detection

• Automated event log management for PCI DSS compliance
  This white paper highlights why organizations need to implement event log auditing as an integral part of their security policy to meet industry standards such as the Payment Card Industry Data Security Standard (PCI DSS).
  
• Automating vulnerability management for PCI DSS compliance
  This white paper identifies the problems encountered in addressing network security risks through vulnerability management. It describes how automated vulnerability management contributes to compliance with industry standards such as the Payment Card Industry Data Security Standard (PCI DSS) and assists you in proactively identifying security weaknesses before these are exploited.
  
• An Advanced 4.3BSD IPC Tutorial
  Berkeley CSRG; date unknown; GZip'd Postscript; 60k ``This paper describes the IPC facilities new to 4.3BSD. It was written by the CSRG as a supplement to the manpages.
  
• An Evening with Berferd
  Cheswick, Bill; 1991; GZip'd Postscript; 32k ``A cracker from the Netherlands is "lured, endured, and studied."
  
• COPS and Robbers
  Farmer, Dan; 1991; ASCII Text ``This paper discusses a bit of general security and then goes into detail regarding Unix system misconfigurations, specifically ones that COPS checks for
  
• Cracking Shadowed Password Files
  Phrack Vol. 5 Issue #46 GZip'd Postscript; 19k ``A Phrack article describing how to use the system call password function to bypass the shadow password file.
  
• Design of a Secure Internet Gateway
  Cheswick, Bill; 1990; GZip'd Postscript; 17k ``Details the history and design of AT&T's Internet gateway.
  
• Foiling the Cracker
  Klein, Daniel; GZip'd Postscript; 38k ``A Survey of, and Improvements to, Password Security. Basically a treatise on how to select proper passwords.
  
• Improving The Security of Your System by Breaking Into It
  Farmer & Venema; date unknown; HTML ``An excellent text by Dan Farmer and Wietse Venema. If you haven't read this before, here's your opportunity.
  
• Improving the Security of your Unix System
  Curry, David, SRI International; 1990; GZip'd Postscript; 99k ``This is the somewhat well known SRI Report on Unix Security. It's a good solid starting place for securing a Unix box.
  

[ 1 2 ]