|
|
 |
|
 |
Volume 37, Number 1, 1998
Internet Computing |
|
Table of contents:  HTML ASCII |
|
This article: HTML ASCII |
Copyright info |
|
|
|
|
| |
|
Catapults and grappling hooks: The tools and techniques
of information warfare - References |
|
by A. Boulanger |
|
|
|
Cited references and notes
- CERT is a service mark of Carnegie Mellon
University.
- CERT Frequently Asked Questions (FAQ); available at
http://www.cert.org.
- K. Hafner and J. Markoff, Cyberpunk, Outlaws and
Hackers on the Computer Frontier, Simon & Schuster, New York
(1991).
- Information Security: Computer Attacks at
Department of Defense Pose Increasing Risks, General Accounting
Office Chapter Report, AIMD-96-84 (May 22, 1996); available at
http://nsi.org/Library/Compsec/infosec.txt.
- A script is a sequence of command
invocations.
- C. Klaus, "ISS Internet Security Scanner," program
documentation (released 1992).
- D. Farmer and W. Venema, "SATAN--Security Analysis
Tool for Auditing Networks," program documentation (released April 5th,
1995).
- D. Farmer and W. Venema, "Improving the Security of
Your Site by Breaking Into It" (December 1993); available from
http://www.mcg.gla.ac.uk/staff/rory/admin_guide.html.
- M. J. Christensen, "Courtney," program documentation
(released March 22, 1995).
- D. Farmer and E. Spafford, "The COPS Security
Checker System," Proceedings of Summer USENIX Conference, Anaheim,
CA (June 1990), pp. 165-170.
- D. Safford, D. Schales, and D. Hess, "The TAMU
Security Package: An Ongoing Response to Internet Intruders in an
Academic Environment," Proceedings of the Fourth UNIX Security
Symposium, Santa Clara, CA (October 1993), pp. 91-118.
- M. Ranum, "Internet Firewalls Frequently Asked
Questions," available at
http://www.clark.net/pub/mjr/pubs/fwfaq/index.htm.
- J. B. Postel, Simple Mail Transfer Protocol,
RFC821, The Internet Engineering Task Force (August 1982), available at
ftp://ftp.isi.edu/in-notes/rfc821.txt.
- R. T. Morris, A Weakness in the 4.2BSD UNIX
TCP/IP Software, Bell Labs Computer Science Technical Report 117
(February 25, 1985); available at
http://www.eecs.harvard.edu/~rtm/papers.html.
- S. Bellovin, "Security Problems in the TCP/IP
Protocol Suite," Computer Communications Review 19, No. 2
(April 1989), pp. 32-48.
- T. Shimomura and J. Markoff, "Takedown: The Pursuit
and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw--By
the Man Who Did It," Hyperion, New York (1996).
- "Social engineering" refers to the manipulation of a
person by persuasion. The victim may be persuaded to divulge sensitive
information or to help the perpetrator in other ways. For example, the
victim might install harmful software.
- C. Landwehr, A. Bull, J. McDermott, and W. Choi, "A
Taxonomy of Computer Program Security Flaws," ACM Computing Surveys
26, No. 3 (September 1994).
- Advisories published by the U.S. Department of
Energy's Computer Incident Advisory Capability (1997); see
http://ciac.llnl.gov.
- Bugtraq mailing list (1997); see
http://www.geek-girl.com/bugtraq/.
- D. V. Klein, "Foiling the Cracker": A Survey of
and Improvements to Password Security," USENIX Security
Workshop Proceedings, Portland, OR (August 1990) pp. 5-14.
- See
http://www.neosoft.com/neosoft/man/dig.1.html.
- J. Assange, Strobe 1.2, program documentation
(Feb. 27, 1995).
- Vulnerability in NCSA/Apachi CGI Example Code,
CERT Advisory CA96.06 (June 4, 1997); available at
ftp://info.cert.org/pub/cert_advisories/CA-96.06.cgi_example_code.
- A shell is the user interface to an operating
environment.
- In "promiscuous mode" the network interface receives
all network traffic.
- CERT Coordination Center 1995 Annual Report,
available from the CERT Coordination Center; see
http://www.cert.org/pub/annual-reports/cert_rpt_95.html.
- Computer Crime and Security Survey, Computer
Security Institute, San Francisco, CA (March 6, 1997); available at
http://www.gocsi.com/.
- CERT Coordination Center 1996 Annual Report
(March 20, 1996); available at
http://www.cert.org.
- B. Violino and B. Davis, "Security: Window of
Vulnerability," Information Week (March 10, 1997).
|
|
|
|
