Unix Computer Security ChecklistAUSCERT, Australian Computer Emergency Response Team; 1995; ASCII Text; 89k A comprehensive checklist for securing your Unix box.
Packets Found on an InternetBellovin, Steven M.; 1993; GZip’d Postscript; 32k A very interesting paper describing the various attacks, probes, and miscellaneous packets floating past AT&T Bell Labs‘ net connection.
Security Problems in the TCP/IP Protocol SuiteBellovin, Steven M.; 1989; GZip’d Postscript; 10k A broad overview of problems within TCP/IP itself, as well as many common application layer protocols which rely on TCP/IP.
There Be DragonsBellovin, Steven M.; 1992; GZip’d Postscript; 58k Another Bellovin paper discussing the various attacks made on att.research.com. This paper is also the source for this page’s title.
An Advanced 4.3BSD IPC TutorialBerkeley CSRG; date unknown; GZip’d Postscript; 60k This paper describes the IPC facilities new to 4.3BSD. It was written by the CSRG as a supplement to the manpages.
NFS Tracing by Passive Network MonitoringBlaze, Matt; 1992; ASCII Text Blaze, now famous for cracking the Clipper chip while at Bell Labs, wrote this paper while he was a PhD candidate at Princeton.
Improving the Security of your Unix SystemCurry, David, SRI International; 1990; GZip’d Postscript; 99k This is the somewhat well known SRI Report on Unix Security. It’s a good solid starting place for securing a Unix box.
With Microscope & TweezersEichin & Rochlis; 1989; GZip’d Postscript.gz; 99k An analysis of the Morris Internet Worm of 1988 from MIT’s perspective.
The COPS Security Checker SystemFarmer & Spafford; 1994; GZip’d Postscript; 45k The original Usenix paper from 1990 republished by CERT in 1994.
COPS and RobbersFarmer, Dan; 1991; ASCII Text This paper discusses a bit of general security and then goes into detail regarding Unix system misconfigurations, specifically ones that COPS checks for.
A Simple Active Attack Against TCPJoncheray, Laurent; 1995; GZip’d Postscript; 90k This paper describes an active attack against TCP which allows re-direction (hijacking) of the TCP stream.
Foiling the CrackerKlein, Daniel; GZip’d Postscript; 38k A Survey of, and Improvements to, Password Security. Basically a treatise on how to select proper passwords.
A Weakness in the 4.2BSD Unix TCP/IP SoftwareMorris, Robert T; 1985; GZip’d Postscript; 10k This paper describes the much ballyhooed method by which one may forge packets with TCP/IP. Morris wrote this in 1985. It only took the media 10 years to make a stink about it!
Covering Your TracksPhrack Vol. 4, Issue #43; GZip’d Postscript; 16k A Phrack article describing the unix system logs and how it is possible to reduce the footprint and visibility of unauthorized access.
Cracking Shadowed Password FilesPhrack Vol. 5 Issue #46 GZip’d Postscript; 19k A Phrack article describing how to use the system call password function to bypass the shadow password file.
Thinking About FirewallsRanum, Marcus; Gzip’d Postscript; 30k A general overview of firewalls, with tips on how to select one to meet your needs.
An Introduction to Internet FirewallsWack & Carnahan for NIST; Gzip’d Postscript; 600k This is a special publication of the National Institute of Standards and Technology which provides a solid introduction to firewalls concepts and uses.
TCP WrapperVenema, Wietse; Gzip’d Postscript; 13k Wietse’s paper describing his TCP Wrapper concept, the basis for the TCP Wrappers security and logging suite.
ITtoolbox Security ITtoolbox Security offers forums for technical discussion, an integrated directory, white papers and daily news geared towards Security professionals and users of Security products.