해킹/DDoS 공격(Hacking/DDoS Attack)

 

해킹/DDoS 공격(Hacking/DDoS Attack)

 

 

 

출처 : http://cnscenter.future.co.kr/security/hacking.html

 

아~ 영어 지겹다.. -.-;;;

 

Related Links/Resources

Papers/Articles

FAQs

---

 

 

Related Links/Resources

• APWG, The Anti-Phishing Working Group.
• Digital PhishNet
• Zone-h, 해킹 그룹
• Next Generation Security Software (NGS) Whitepaper

• HackerWhacker Remote Network Security Scan, free internet based security scanner site.
  • Hacker Ports, list of common ports that hackers like to probe.
• HNN(Hacker News Network), news from the computer underground. (HNN에서 @stake로 합병).
• L0phtCrack, hosted by L0pht hacking group. (L0pht->@stake 합병).
• 2600: The Hacker Quarterly, quarterly magazine dedicated to hacking/phreaking.
• AntiOnline , infamous anti hacker site.
• Phrack, hacking/phreaking zine.
• Network Security Library
• RAZOR, worldwide team of cutting-edge security researchers.
• Java Security Hotlist Categories, java security resources.
• www.rootkit.com
• The Black Hat Briefings, security conferences and training series.
• Whitehat
• Hackerslab, hacking trial site.
• CyberArmy, portal for computer Security.
• The Internet Security Alliance
• SecureRoot, computer security resources.
• Nomad Mobile Research Center, hacking related files and project.
• Hacked Websites, attrition.
• Defaced Website Archives
• Spyware Warrior
• Spyware Guide
• Anti-spyware buyer's guide
• Archieve of Hacked Site
• Astalavista, underground information and warez search engine.
• Research Papers, by NGS software.
• Top 75 Security Tools
  - COOL TOOLS: Holy Tool Belt, Batman!
• 2003's Most Popular Viruses, and Hacking Tools
• Security Map, Korean site for hacking information.
• @stake, security service company.
  • research labs - advisories, research reports, tools.
• 한국 내 언더그라운드 해커그룹 리스트 from 해커 의식조사(hwp), 김효석 국회의원, 11월 2000

• DDoS World
• DOShelp.com, Intrusion and attack reporting center.
• SANS Institute
  • Help Defeat Denial of Service Attacks: Step-by-Step , DDoS Roadmap: Steps 1 & 2.
  • Information Security Reading Room, a variety of useful security information.
  • Fundamentals of Effective Network Security
  • resources
    • Security Manager's Journal, weekly magazine.
    • How To Eliminate The Ten Most Critical Internet Security Threats, The Experts’ Consensus, Version 1.32, Jan. 18, 2001. (presentation(pdf), audio file).
• Dave Dittrich's home
  • Some TCP/IP Vulnerabilities
  • Distributed Denial of Service (DDoS) Attacks/tools
  • The "stacheldraht" distributed denial of service attack tool
  • The "Tribe Flood Network" distributed denial of service attack tool
  • The DoS Project's "trinoo" distributed denial of service attack tool
  • A stacheldraht agent scanner (C source code)
  • A trinoo/TFN/stacheldraht agent scanner (C source code, BETA), D. Dittrich, M. Ranum, G. Weaver, D. Brumley and others.
  • "mstream" distributed denial of service attack tool
• Gibson Research Corporation web site, Denial of Service Investigation & Exploration Pages.
• Denial of Service (DoS) Attack Resource Page, Collection of articles and links.
• Distributed Attack Tools, packet storm, DDoS attack tools 제공.
• Denial of Service Attacks, CERT Coordination Center, Tech Tips.
• 10 Types of Web Application Perversion, Sanctuminc.com
• "mstream" DDoS attack tool
  
  • CERT Incident Note IN-2000-05, May 2, 2000.
  • Internet Security Systems Security Alert, May 2, 2000.
• Network Security Library, hacking and security information.
  • UNIX
  • Windows
  • WWW
• RFC 문서
  
  • Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing, RFC2827, P. Ferguson, D. Senie, May 2000.
  • Internet Security Glossary, R. Shirey, May 2000.
• The Hitchhiker's World Issue, Infosecwriters
  
  • #8, December 25, 2003.
  • #7, July 21, 2003.
  • #6, April 20, 2003.
  • #5, October 12, 2002.
  • #4, September 2002.
  • #3, April - May 2002.
  • #2, March 28, 2002.

---

Papers/Articles

[General]
• White Hat v. Black Hat, The Interpol European Working Group on Information Technology Crime, December 11, 2002.
• Infosec's Worst Nightmares, Ed Skoudis, InformationSecurity, November 2002.
• HACKS AND ATACKS : A Complex Infestation, Illena Armstrong, SCmagazine, September 2002.
• Analyzing selected network attacks, Michael Pichler, Technical Project Manager, IBM, June 2002.
• An Introduction to Internet Attack & Penetration, Matta Security Limited, 2002. (local copy)
• ADSL: Security Risks and Countermeasures, Sean Boran, Securityportal, June 14. 2001
• HIDDEN HACKS, Information Secuiryty - Cover story, June 01, 2001
• How Hackers Hack, Kim Zetter and Andrew Brandt, PCWorld, April 02, 2001.
• Hacker Nation, PCWORLD, Mar, 26 2001
• Techniques Adopted By 'System Crackers' When Attempting To Break Into Corporate or Sensitive Private Networks, By the consultants of the Network Security Solutions Ltd. Front-line Information Security Team (FIST), December 1998.
• How hackers attack networks(presentation), TechRepublic, 2002.
• Halting the Hacker: A Practical Guide to Computer Security(sample chapter 8 : Limiting Access), Aleksandar Stancin, Help-Net Security, January 13, 2003. (local copy)
• Mission-Critical Security Planner: When Hackers Won't Take No for an Answer - Sample chapter 1 entitled "Setting the Stage for Successful Security Planning", Mirko Zorz, HelpNet-Security, February 21, 2003. (local copy)
• The Art of Rootkits (2nd ed) Marcus, SecurityWriter, April 06, 2004.
• Demystifying Google Hacks, Debasis Mohanty, July 2004. (local copy)
• Designing Network Security-Sample chapter 5 "Threats in an Enterprise Network", Zaklina Supica, HelpNet-Security, September 24, 2004. (local copy)
• Botnets as a Vehicle for online Crime, CERT/CC, December 2, 2005. (local copy)

• Denial of service: Fighting back, Mandy Andress, NetworkWorld, September 02, 2002.
  - How we did it
  - How the devices compare in tests
  - Detecting DoS attacks before they disable your network
  - A glossary of DoS terms
  
• Fireproofing Against DoS Attacks, NetworkMagazine, Jeff Forristal, December 10, 2001. (local copy).
• DENYING DENIAL-OF-SERVICE, Shon Harris, Information Security Magazine, September 07, 2001 (local copy-comparison)
• Countering SYN Flood Denial-of-Service Attacks, Ross Oliver of TechMavens, August 29, 2001 (local copy-presentation)
• How Vulnerable?, Joel Snyder, InformationSecurioty, March 2003.
  - Not-So-Fine Tuning
  - Comparison Chart

• Phishing Attack Trends Report: May, 2004, Anti-Phishing Working Group, May 1, 2004. (local copy)
• The Phishing Guide : Understanding & Preventing Phishing Attacks, Gunter Ollmann, NGSSoftware, September 2004. (local copy)
• How to Catch a Phish, ActivCard, Inc., October 1, 2004. (local copy)
• Surefire tips to Protect Yourself from Phishing, MailFrontier, October 3, 2004. (local copy)
• Phishing Activity Trends Report, Anti-Phishing Working Group, October 2004. (local copy)
• Phishing Activity Trends Report, Anti-Phishing Working Group, December 2004. (local copy)
• Phishing - A new age weapon, Abhishek Kumar, SecurityWriter, January 25, 2005. (local copy)
• How to Avoid Phishing Scams, Windowsecurity, January 2005.
• Tackling Phishing, Business Communication Review, Rebecca Wetzel, February 2005. (local copy)
• Phishing Activity Trends Report, Anti-Phishing Working Group, April 2005. (local copy)
• Phishing Activity Trends Report, Anti-Phishing Working Group, August 2005. (local copy)
• Technical Trends in Phishing Attacks, CERT/CC, October 21, 2005. (local copy)

• Training Ethical Hackers: Training the Enemy?, Tim Greene, SecurityWriter, July 03, 2004.
• Reverse Engineering Backdoored Binaries, ChrisR, DecurityWriter, July 01, 2004.
• Three Different Shades of Ethical Hacking: Black, White and Gray, David Hafele, SANS Reading Room, May 2, 2004. (local copy)
• An Ettercap Primer, Duane Norton, SANS Reading Room, April 14, 2004. (local copy)
• Security and Vulnerability Analysis of an Ethernet-based attack on Cisco IOS, Robert Foxworth, SANS Reading Room, March 2004. (local copy)
• Reverse-engineering New Exploits, Rik Farrow, Networkmagazine, March 3, 2004.
• Social Engineering, Aaron Dolan, SANS Reading Room, February 10, 2004. (local copy)
• Psychology: A Precious Security Tool, Yves Lafrance, SANS Reading Room, February 2, 2004. (local copy)
• The Soft Underbelly: Attacking the Client, Tom Vogt, SecurityFocus, January 27, 2004.
• Defense-In-Depth Applied to Laptop Security: Ensuring Your Data Remains Your Data, Chris Grant, SANS Reading Room, October 14, 2003. (local copy)
• Intrusion to Integrity: Putting Productivity Back into the Network, Captus Networks, October 1, 2003. (local copy)
• The Threat of Social Engineering and Your Defense Against It, Radha Gulati, SANS Reading Room, October 2003. (local copy)
• Examining the RPC DCOM Vulnerability: Developing a Vulnerability-Exploit Cycle, Kevin OShea, SANS Reading Room, September 3, 2003. (local copy)
• Reverse Engineering a Purported Microsoft Security Patch, Charles Hornat, SecurityWriter, July 17, 2003.
• Red Teaming: The Art of Ethical Hacking, Christopher Peake, SANS Reading Room, July 16, 2003. (local copy)
• Crossing the Line: Ethics for the Security Professional, Scott Carle, March 2003. (local copy)
• Computer Security's Early Warning Systems, Andrew Conry-Murray, Network Magazine, February 05, 2003.
• Alien Autopsy: Reverse Engineering Win32 Trojans on Linux, Joe Stewart, SecuirityFocus, November 14, 2002.
• Anti-Social Engineering, SIMSON GARFINKEL, CSO online, October 07, 2002.
• Internal Network Security, Erik Pace Birkholz, CISSP, MCSE, Foundstone, September 9, 2002.
• The Secret of Agents, Larry Lunetta, SCmagazine, September 2002.
• NETBIOS BASED HACKING TUTORIAL, Gaurav Kumar, August 2002.
• Cracker Tools and Techniques: Faster, Stealthier...More Dangerous, Edward Skoudis, InfosecurityMagazine, July 2002.
  - The Worm Turns
  - Sneaking Past IDS
• Detection of Denial-of-QoS Attacks Based on X2 Statistic And EWMA Control Charts Vinay A. Mahadik, Douglas S. Reeves & Xiaoyong Wu, USENIX Security'02. (local copy)
• Optical Fault Induction Attacks Ross Anderson & Sergei Skorobogatov, University of Cambridge, May 2002. (local copy)
• Hacker Repellent : Deterring Hackers on a Shoestring Budget Amit Klein, SCmagazine, May 2002.
• Overview of Attack Trends, CERT-CC, April 8, 2002. (local copy)
• Avoiding security holes when developing an application - Part 1, Frédéric Raynal, Christophe Blaess, Christophe Grenier, Linux Focus, January, 2001.
• Avoiding security holes when developing an application - Part 2: memory, stack and functions, shellcode, Frédéric Raynal, Christophe Blaess, Christophe Grenier, Linux Focus, March, 2001.
• Avoiding security holes when developing an application - Part 3 : buffer overflows, Frédéric Raynal, Christophe Blaess, Christophe Grenier, Linux Focus, May, 2001.
• Social Engineering Fundamentals, Part I: Hacker Tactics, Sarah Granger, Security Focus, December 18, 2001.
• API Level Attacks on Embedded Systems, University of Cambridge Computer Laboratory, May 2001. (local copy)
• The New Evolution Of Threats, Ben Malisow, SecurityFocus, March 21, 2000.

• Cache Poisoning Checklist, Infoblox, April 2005.
• The Evolving Threats to the Availability and Security of the Domain Name Service, John Holmblad, SANS Reading Room, October 5, 2003. (local copy)
• DNS Cache Poisoning - The Next Generation, Joe Stewart, GCIH, January 27, 2003.

• Know Your Enemy: I, Honeynet Project, July 2000.
• Know Your Enemy: II, Honeynet Project, June 2001.
• Know Your Enemy: III, Honeynet Project, March 2000.

  [Hijacking]

• Network Protocol Stack & TCP hacking, Shyamjith, Linuxgazette, February 28, 2004.
• TCP hijacking, Alexander Prohorenko and Donald Wilde, TechRepublic, Mar 23, 2000.

  [DDoS]

• Worldwide ISP Security Report, Arbor Networks, September 2005. (local copy)
• Test Tool Evolution Keeps Pace with Network Operator Needs, Tolly, White Paper 205122, August 2005. (local copy)
• DDoS Threatens Financial Institutions? Get Prepared!, TopLayer, February 2005. (local copy)
• WARD, DDoS and Three Network Administrative Domains, Hang Chau, SecurityWriter, October 18, 2004. (local copy)
• DoS Attacks: Instigation and Mitigation, Jeremy Martin, SecurityWriter, August 26, 2004. (local copy)
• Application Level DoS Attacks, SecurityWriter, Stephen de Vries, April 1, 2004. (local copy)
• Using Hardware Accelerated Firewalls to Defeat DDoS Attacks, Corrent Corporation, April 1, 2004. (local copy)
• Surviving Distributed Denial of Service Attacks, Stephen de Vries, Corsaire, February 11, 2004. (local copy)
• Defense Against the DoS/DDoS Attacks, Hang Chau, SecurityWriter, 2004. (local copy)
• Defense Against the DoS/DDoS Attacks on Cisco Routers, Hang Chau, SecurityWriter, 2004. (local copy)
• The Unintentional Criminal: DDoS from the inside!, Miguel Dilaj, SANS Reading Room, December 16, 2003. (local copy)
• DDoS: In Depth, Security-protocols, badpack3t December 14, 2003.
• Using Integrated Security Platforms to Improve Network Security and Reduce Total Cost of Ownership, - Implementing Complete Network Security, including Firewalling, VPN, Content Filtering, Virus Protection, and Spam Filtering for Resource-Constrained Organizations Astaro Corporation, October 24, 2003. (local copy)
• Service Provider Infrastructure Security: Detecting, Tracing, and Mitigating Network-Wide Anomalies with Peakflow DoS, Arbor Networks, October 1, 2003. (local copy)
• Distributed Denial of Service Attacks, Elizabeth Clark, Networkmagazine, September 4, 2003.
• A Summary of DoS/DDoS Prevention, Monitoring and Mitigation Techniques in a Service Provider Environment, Michael Glenn, SANS Reading Room, August 21, 2003. (local copy)
• Peakflow Defends Networks Against Zero-Day Threats, Arbor Networks, May 2003. (local copy)
• Trivial Denial of Service Attack against TCP-based VPN, Alex Pankratov, SecurityFocus, 2003. (local copy)
• Closing the Floodgates: DDoS Mitigation Techniques, Matthew Tanase, SecurityFocus, January 7, 2003.
• Barbarians at the Gate: An Introduction to Distributed Denial of Service Attacks, Matt Tanase, SecurityFocus, December 3, 2002.
• Stopping Attacks: The Importance of Denial of Service (DoS) Security Appliances, Top Layer Networks, September 2002. (local copy)
• A Next-Generation DoS Attack: Distributed Reflection, Rodney Denno, SCmagazine, August 2002.
• Distributed Denial Of Service: Protecting Critical Systems, Trinity Security Services, Whitepaper, July 9, 2002.
• Good News/Bad News in DoS Struggle, Jim Carr, NetworkMagazine, July 7, 2002.
• ISPs should emphasize security to avoid DoS attack liability, Auerbach Analysis, TechRepublic, June 18, 2002.
• A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms, University of California, Technical Report #020018, 2002. (local copy)
• Distributed Reflection Denial of Service, Steve Gibson, Gibson Research Corporation, February 2002.
• Managing the Threat of Denial-of-Service Attacks(ver. 10.0), CERT Coordination center, January 28, 2002. (local copy)
• Designing and Deploying Effective Defenses Against Denial-of-Service Attacks, Vince Liu, SCmagazine, January 3, 2002.
• Denial of Security Holes Can Lead to Denial of Service, Linda Paulson, Earthweb, December 19, 2001.
• Fighting DDoS Attacks, M.E. Kabay, NW Fusion's Security Special Report, November 2001. (local copy)
• An Analysis of Using Reflectors for Distributed Denial-of-Service Attacks, SecurityFocus, Vern Paxson, October 30, 2001 (local copy)
• Trends in Denial of Service Attack Technology, George M. Weaver and Kevin J. Houle, CERT/CC, October 24, 2001 (local copy)
• Protect your network from a DoS attack, Drew Bird, Earthweb, August 18, 2001.
• How to stop a service denial attack before it stops you, Shawn P. Mccarthy, Goverment Computer News, July 02, 2001.
• DoS attacks: No remedy in sight, Robert Lemos, ZDNet UK, June 04, 2001.
• The Strange Tale of the Denial of Service Attacks Against GRC.COM, Steve Gibson, May 31, 2001
• Inferring Internet Denial-of-Service Activity, David Moore, Geoffrey M. Voelker and Stefan Savage, May 2001. (local copy)
• Defying Denial of Service Attacks, William Betts, Network Magazine, Dec. 2000.
• Detecting Stepping Stones, Yin Zhang, Department of Computer Science Cornell University, October 18, 2000.
• DDoS:Is There Really a Threat?, D. Dittrich, USENIX Security Symposium, Aug. 16, 2000
• The "mstream" distributed denial of service attack tool, Dave Dittrich , May 1, 2000
• Help Defeat Denial of Service Attacks: Step-by-Step, Revision 1.42, The SANS Institute, March 23, 2000
• Analysis of the Shaft distributed denial of service tool , Sven Dietrich, March 16, 2000.
• Consensus Roadmap for Defeating Distributed Denial of Service Attacks, A Project of the Partnership for Critical Infrastructure Security, Version 1.10, The SANS Institute, Feb. 23, 2000 (local copy).
• Strategies to Protect Against Distributed Denial of Service (DDoS) Attacks, Cisco Systems Inc., Feb. 17, 2000.
• Distributed Denial of Service Attacks: Trin00, Tribe Flood Network, Tribe Flood Network 2000, and Stacheldraht - CIAC 2319, Paul J. Criscuolo, Feb. 14 2000 (local copy).
• TFN2K - An Analysis, Jason Barlow and Woody Thrower, Feb, 10, 2000
• A Cost-Based Framework for Analysis of Denial of Service in Networks, C. Meadows, N. Research Lab, 2000 ( local copy).
• Results of the Distributed-Systems Intruder Tools Workshop, Pittsburgh, December 1999 (local copy).
• Distributed Denial of Service Attack Tools, INTERNET SECURITY SYSTEM (local copy).
• Denial of Service Attacks: An Emerging Vulnerability for the "Connected" Network, SonicWALL, Inc. (local copy).
• Attacks against weaknesses in the TCP/IP protocol - About Smurfs and other vermin, Norman's white paper.

  [Format String attack]

• When code goes wrong - Format String Exploition, DangerDuo, EBCVG Network Security, July 02, 2002.
• Format String Technique, Sloth, NOP Ninjas.com, December 09, 2001. (local copy).
• Format String Attacks, T. Newsham, Guardent, Inc., Sep. 2000 (local copy).
• Format String Attacks: 101, James Bowman, SANSA Institute Information Reading Room, October 17, 2000.

  [BufferOverflow]

• Blind Buffer Overflows In ISAPI Extensions, Isaac Dawson, SecurityFocus, January 25, 2005.
• Metasploit Framework (Part one) - The Prometheus Of Exploitation, Pukhraj Singh and K.K. Mookhey, SecurityFocus, July 12, 2004.
• Make It or Break It: How to Prevent Buffer Overflows, Marco Morana, SecurityPipeline, June 11, 2004.
• Defeating Overflow Attacks, Jason Deckard, SANS Reading Room, April 14, 2004. (local copy).
• Guarded Memory Move (GMM) Buffer Overflow Detection And Analysis, Davide Libenzi, January 17, 2004. (local copy).
• Buffer Overflow for Beginners, Daniel Hodson, SecurityWriters, January 9, 2004.
• PointGuard: Protecting Pointers From Buffer Overflow Vulnerabilities, Crispin Cowan, Steve Beattie, John Johansen and Perry Wagle, HelpNet-Security, August 2003. (local copy).
• Remote Automatic Exploitation of Stack Overflows, Burebista, SecurityWriter, July 31, 2003. (local copy).
• Stack Overflows, Burebista, SecurityWriter, July 29, 2003. (local copy).
• Buffer Overflow Attacks and Their Countermeasures, Sandeep Grover, Linuxjournal, March 10, 2003.
• Buffer Overflows: A Technical Discussion(Slides), ChadChad Harrington, Entercept Security Technologies, November 7 ,2002. (local copy).
• Buffer Overflows - Defending against arbitrary code execution, Steve Fewer, Haxors.com, September 2002. (local copy).
• Four different tricks to bypass StackShield and StackGuard protection, Gerardo Richarte, Core Security Technologies, April 2002. (local copy).
• Buffer Overflows ? What Are They and What Can I Do About Them?, Larry Rogers, CERT, 2002. (local copy).
• A Buffer Overflow Study Attacks & Defenses, Pierre-Alain Fayolle & Vincent Glaume, 2002. (local copy).
• Creating Arbitrary Shellcode In Unicode Expanded Strings, Chris Anley, An NGSSoftware Insight Security Research Publication, January 2002. (local copy).
• Buffer Overflows Demystified, Murat Balaban, November 2001. (local copy).
• Countermeasures against Buffer Overflow Attacks, Niklas Frykholm, RSA Technical notes, November 2000.
• Buffer Overflows:Attacks and Defense for the Vulnerability of the Decade, C. Cowan et.al., IEEE, 1999 (local copy).
• Buffer Overflow, Prabhaker Mateti, College of Engineering & CS. Wright State University
• StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overfolw Attacks, C. Cowan et. al., 7th USENIX Security Conference, Jan. 1998 (local copy).
• Smashing The Stack For Fun And Profit-Phrack, Vol 7, Issue 49, File 14 of 16, Aleph one
• How to write Buffer Overflows, mudge@l0pht.com, Dec. 20 1995
• Transparent Run-Time Defense Against Stack Smashing Attacks, Arash Baratloo & Navjot Singh & Timothy Tsai, Bell Labs, Lucent Technologies
• Advanced buffer overflow exploit, Taeho Oh at SecurityFocus
• w00w00 on Heap Overflows, Matt Conover (a.k.a. Shok) & w00w00 Security Team
• Stack Smashing Vulnerabilities in the UNIX Operating System, Nathan P. Smith, Southern Connecticut State University, 1997
• Win32 Buffer Overflows(Location, Exploitation and Prevention)- Phrack 55-15, dark spyrit AKA Barnaby Jack
• BufferOverFlow.org, resources related to Bufferoverflow

  [Scanning]

• Nessus, Part 2: Analysing Reports, Harry Anderson, SecurityFocus, February 3, 2004.
• Nessus, Part 2: Scanning, Harry Anderson, SecurityFocus, December 16, 2003.
• Nessus, Part 1: Introduction, Harry Anderson, SecurityFocus, October 28, 2003.
• Low-Level Enumeration With TCP/IP, Randy Williams, SecurtyFocus, December 19, 2003.
• Nessus Scanning on Windows Domain, Sunil Vakharia, HelpNet-Security, November 4, 2003. (local copy).
• Secure Setup of a Corporate Detection and Scanning Environment, Dieter Sarrazyn, SANS Reading Room, August 22, 2003. (local copy).
• Stay on top of network security with the powerful (and free) Nessus scanner, Lori Hyde, TechRepublic, July 9, 2003.
• Scanning Networks, Ebcvg, June 08, 2003.
• The Auditor's Toolbox, Carole Fennelly, InformationSecurity, March 2003.
• PortSentry for Attack Detection, Part Two, Ido Dubrawsky, SecurutyFocus, May 29, 2002.
• PortSentry for Attack Detection, Part one, Ido Dubrawsky, SecurityFocus, May 15, 2002.
• ICMP Usage in Scanning(Version2.5) or Understanding some of the ICMP Protocol's Hazards, O. Arkin, June 2001. (local copy).
• Network Scanning Techniques - Understanding how it is done, O. Arkin, 1999 (local copy).

  [Packet Sniffing]

• Packet Sniffing on Layer 2 Switched Local Area Networks, Ryan Spangler, Packetwatch Research, December 2003. (local copy).
• SwitchSniff, Sumit Dhar, linuxjournal, March 5, 2002.
• Sniffing out problems on your network, Steven Pittsley, TechProGuild, May 17, 2001.
• Sniffing (network wiretap, sniffer) FAQ, Robert Graham. 2000
• Packet Sniffing, Steve Gibson, Gibson Research Corporation
  
  
• Ethereal(Packet sniffing tool) : Installation & How to use?, Matt Lesko , SysAdmin, October 10, 2001.

  [IP Spoofing]

• Arp poisoning in practice, DiabloHorn, SecurityWriter, October 2004. (local copy)
• Protecting Your Network from ARP Spoofing-Based Attacks, Global Knowledge, September 1, 2004. (local copy)
• TCP/IP Skills for Security Analysts(Part 2), Don Parker, SecurityFocus, June 9, 2004.
• TCP/IP Skills Required for Security Analysts(Part 1), Don Parker, SecurityFocus, May 17, 2004.
• Feature: Understanding TCP Reset Attacks, Part I, Kerneltrap, May 10, 2004.
• IP Spoofing: Understanding the basics, Informer, LinuxExposed, March, 2004.
• Monitoring The ARP Protocol on Local Area Networks, David Fuselier, August 1, 2003. (local copy)
• Hardening the TCP/IP stack to SYN attacks, Mariusz Burdach, SecurityFocus, September 10, 2003.
• IP Spoofing: An Introduction, Matthew Tanase, SecurityFocus, March 11, 2003.
• Spoofing - Arts of attack and defense, ArticSoft, November 2002. (local copy)
• The IP Smart Spoofing, Laurent Licour and Vincent Royer, Althes, October 2002. (local copy)
• Strange Attractors and TCP/IP Sequence Number Analysis - one Year Later, Michal Zalewski, September 2002.
• Spoofing? arts of attack and defence, Steve Mathews, Articsoft, May 29, 2002.
• Trusted Paths for Browsers: An Open-Source Solution to Web Spoofing, Zishuang (Eileen) Ye, Sean Smith, Department of Computer Science, Dartmouth College, February 4, 2002. (local copy)
• Passive OS Fingerprinting: Details and Techniques, Toby Miller, Incidents.org, November 09, 2001.
• How to Spot Source Address Spoofing, Rik Farrow, Internet Security Newsletter, October 26, 2001
• Introduction to ARP Spoofing(Revision 1), Sean Whalen, April 2001. (local copy)
• CERT Advisory CA-1995-01 IP Spoofing Attacks and Hijacked Terminal Connections, CERT 1995
• IP-spoofing Demystified - Phrack 48-14,daemon9, route, infinity, Phrack Magazine 48
• RFC-2827-Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , P. Ferguson, D. Senie, Jan. 1998
• Security Problems in the TCP/IP Protocol Suite, S.M. Bellovin, AT&T Bell Laboratories
• TCP SYN Flooding and IP Spoofing Attacks, CIAC Bulletin, September 20, 1996
• HACK: How Mitnick hacked Tsutomu Shimomura with an IP sequence attack, 1995

  [Password Crack]

• Password Cracking FAQ, Pavel Semjanov, 2000
• Password Security: A Case History , Robert Morris and Ken Thompson, 1979
• UNIX Password Security -- Ten Years Later , David C. Feldmeier, Philip R. Karn, 1989
• UNIX Password Security , Walter Belgers, Dec, 03 1993
• One-Time Passwords, Cert Advisory CA-94:01, 1994
• Password Cracking Using Focused DictionariesPaul Bobby, July 16 2000
• The Security Risks of Using Passwords, VeriSign Whitepaper
• Human Memory and the Graphical Password, Passlogix Inc. Dec. 2000
• A Note on Proactive Password Checking, Jianxin Jeff Yan, Computer Laboratory, University of Cambridge, 2001. (local copy)
• Microsoft SQL Server Password(cracking the password hashes), David Litchfield, An NGSSoftware Insight Security Research Publication, June 24, 2002. (local copy)
• Obtaining the administrator password, Dr.T, BCVG, September 20, 2002.

  [Spam]

• What do you do to combat spam?, ZDNet, June 06, 2001.
• Fight Spam on the Internet - Anti-spam site, information on spam
• Figuring out fake E-Mail & Posts - alt.spam FAQ
• Anti-Spam Provisions in Sendmail 8.8, Sendmail.org
• internet anonymizing techniques
• SafeWeb , provide anonymity , David M. Martin, ;login online, May 1998

  [Backdoor/Covert Channel]

• How To Write A Setuid Program, M. Bishop, 1987
• 트로이 목마와 백도어 분석 보고서, 정현철, 한국정보보호센터, May 1999
• Backdoors, C. Klaus, August 1997 (local copy).
• A Guide to Understanding Covert Channel Analysis of Trusted Systems - NCSC-TG-030 , V. Gligor, National Computer Security Center, Nov. 1993.
• Covert Actions, CyberGuard whitepaper, 2000
• Detecting Backdoors, Yin Zhang and Vern Paxson, USENIX 2000. (local copy)
• Network Trojans: What you really need to know, H. Carvey, CHI Publishing, October 2000. (local copy)
• Anti-Trojan and Trojan Detection with In-Kernel Digital Signature testing of Executables, Michael A. WIlliams, NetXSecure, April 2002. (local copy)
• Detecting and Containing IRC-Controlled Trojans: When Firewalls, AV, and IDS Are Not Enough, Corey Merchant and Joe Stewart, LURHQ Corporation Secure Operations Center, SecurityFocus, July 10, 2002. Michael A. WIlliams, NetXSecure, April 2002.
• Introduction to Autorooters: Crackers Working Smarter, not Harder, Matt Tanase, SecurityFocus, August 21, 2002.
• Cost-Effective Remote End Point Protection Against Trojans, Spyware, and Other Pests, PestPatrol, September 1, 2002. (local copy)
• Detecting and Removing Trojans and Malicious Code from Win2K, H. Carvey, SecuirytFocus, September 18, 2002.
• The Complete Windows Trojans Paper, Dancho Danchev, Frame4 Security Systems, October 22. 2002. (local copy: PDF, DOC)
• Spies @ Work, OpioN, January 30, 2003.
• The Enemy Within: Firewalls and Backdoors, Bob Rudis, SecurityFocus, June 9, 2003.
• Trojans - and how to protect your network against them, GFI, July 2003.
• Spyware, Deborah Radcliff, Network World, January 26, 2004.
  - How to filter Port 80 traffic
  - Help! I've been Web-jacked!
• Shadow Software Attack, Angelo Rosiello, SecurityWriter, July 12, 2004. (local copy)
• Anti-Spyware Software: Securing the Corporate Network, Webroot Software, August 17, 2004. (local copy)
• Spyware-The new plague, Infoworld's Special Report, October 4, 2004.
  - Spyware infiltrates the enterprise, Michelle Delio
  - Counter-spies on the LAN, Keith Schultz
  - Spyware and adware rogues' gallery, Michelle Delio
  - When is a virus not a virus?, Keith Schultz
  - Seeking spyware remedies, Steve Fox
• Spyware Explained, Jonathan Read, ANTI-TROJAN.ORG TECHNICAL WHITE PAPER, October 2004. (local copy)
• A Discussion of Spyware, Patria Leath, SANS Reading Room, November 2, 2004. (local copy)
• Enterprise-level anti-spyware software, NetworkWorld, Barry Nance, December 13, 2004.
  - How we did it
  - Detecting BHOs
• Anti-Spyware Technology Needs To Get Better, Scot Finnie, SecurityPipeline, January 31, 2005.
• Neutralizing the Spyware Threat, 8e6 Technologies, January 2005. (local copy)
• Neutralizing the Spyware Threat, 8e6 Technologies, January 2005. (local copy)
• Understanding and Preventing Spyware in the Enterprise, TippingPoint, February 2005. (local copy)
• Spyware Prevention: Effective Network Protection Through Defense in Depth, FaceTime, September 14, 2005. (local copy)
• IT Strategy Guide : Spyware, Infoworld, February 2006. (local copy)

  [Web attack]

• The World Wide Web Security FAQ, Lincoln D. Stein, W3C.org
• CGI Security Tutorial , Genrep, 1996
• Security of Web Browser Scripting Languages: Vulnerabilities, Attacks, and Remedies , Vinod Anupam Alain Mayer, Bell Laboratories, 1998
• How Web Servers' Cookies Threaten Your Privacy by Junkbuster.com
• Detecting CGI script abuse, 2000 Advosys Consulting Inc.
• The unofficial Cookie FAQ, David Whalen, 2000
• Cross-Site Scripting Vulnerabilities, Jason Rafail, CERT/CC, 2001. (local copy)
• Fingerprinting Port 80 Attacks: A look into web server, and web application attack signatures, Zenomorph, CGIsecurity.com, November 2001. (local copy)
• Cross-Site Scripting Vulnerabilities, Mark Shiarla, SANS, January 9, 2002.
• Fingerprinting Port 80 Attacks: A look into web server, and web application attack signatures(Part Two), Zenomorph, CGIsecurity.com, March 2002. (html form)
• A Paradigm Shift in Web Application Security, Stratum8 Networks, May 1, 2002. (local copy)
• Evolution of Cross-Site Scripting Attacks, David Endler, iDEFENSE Labs, May 20, 2002. (local copy)
• The Cross Site Scripting FAQ, CGI Security, May 2002.
• SQL Injection Walkthrough, AntiCrack, May 27, 2002.
• Bypassing JavaScript Filters - the Flash! Attack, Obscure, June 05, 2002. (local copy)
• When Code Goes Wrong - SQL Injection, DangerDuo, EBCVG Network Security, June 24, 2002.
• (more) Advanced SQL Injection, Chris Anley, An NGSSoftware Insight Security Research Publication, June 18, 2002. (local copy)
• Web Security for the Enterprise: How to increase protection against port 80 threats, CacheFlow, Whitepaper, June 2002. (local copy)
• Web Hacking: Attacks and Defense, Aleksandar Stancin, HelpNet-Security, August 22, 2002. (local copy)
• Host Discovery with nmap, Mark Wolfgang, November 12, 2002. (local copy)
• SQL Injection and Oracle, Part one, Pete Finnigan, SecurityFocus, November 21, 2002.
• SQL Injection and Oracle, Part Two, Pete Finnigan, SecurityFocus, November 28, 2002.
• Cookies Revealed, Abhishek Bhuyan, EBCVG, February 12, 2003.
• A practical approach for defeating Nmap OS-Fingerprinting, David Barroso Berrueta, HelpNet-Security, March 11, 2003. (local copy, link)
• Introduction of Nmap ("Network Mapper"), Insecure.org, March 2003.
• Defending Against an Internet-based Attack on the Physical World, Simon Byers, Aviel Rubin and Dave Kormann, 2003. (local copy)
• Analysis of Remote Active Operating System Fingerprinting Tools, Ryan Spangler, University of Wisconsin, HelpNet-Security, June 4, 2003. (local copy)
• Tracking Down the Phantom Host, John Payton, SecurityFocus, June 18, 2003.
• Detecting SQL Injection in Oracle, Pete Finnigan, SecurityFocus, July 22, 2003.
• Blindfolded SQL Injection, Ofer Maor and Amichai Shulman, WebCohort Technologies, September 2, 2003. (local copy)
• Advanced cross site scripting and client automation, Gavin Zuchlinski, HelpNet-Security, October 16, 2003. (local copy)
• Real World XSS, David Zimmer, Sandsprite, November 2003. (TXT format)
• The Anatomy of Cross Site Scripting, Gavin Zuchlinski, SecurityFocus, November 5, 2003. (local copy)
• Using Scripts to Exploit and Mitigate Risks, Robert Rodriguez, SANS Reading Room, November 12, 2003. (local copy)
• Nessus & NMAP CheatSheet, skill2die4, SecurityWriter, 2004. (local copy)
• Securing SQL Connection String, Dmitry Dessiatnikov, SANS Reading Room, January 8, 2004. (local copy)
• An Introduction To SQL Injection Attacks For Oracle Developers, Stephen Kost, HelpNet-Security, January 20, 2004. (local copy)
• Detection of SQL Injection and Cross-site Scripting Attacks, K. K. Mookhey and Nilesh Burghate, SecurityFocus, March 17, 2004.
• SQL Injection Signatures Evasion, Ofer Maor & Amichai Shulman, Imperva, April 21, 2004.
• Make it & Break It: Defending Against Cross-Site Scripting Attacks, Marco Morana, SecurityPipeline, September 10, 2004.
• Second-order Code Injection Attacks, Gunter Ollmann, NGS Software, November 2004. (local copy)
• Evasion and Detection of Web Application Attacks, K. K. Mookhey, Network Intelligence, 2005. (local copy(PPT)) (local copy(WP))

  [Java Security]

• Frequently Asked Questions - Java Security , Sun Microsystems
• Chronology of security-related bugs and issues, Sun Microsystems
• Java Security API , Sun Microsystems
• Low Level Security in Java, Sun Microsystems
• Java Security: From HotJava to Netscape and Beyond , Drew Dean, Edward W. Felten, Dan S. Wallach at Princeton University, 1996
• A Comparison between Java and ActiveX Security, David Hopwood, 1997
• Java Security Hotlist Categories, Java Security Links

  [Exploit]

• Anticode - exploits
• Security Bugware - exploits
• Known NT Exploits - exploits
• Exploit World - exploits
  
  Read more about Hacking/DoS Attacks ...

---

FAQs

• alt.2600/#Hack F.A.Q.
• Hacking Frequently Asked Questions : alt.2600/#Hack F.A.Q. 문서의 번역본
  
• The alt.2600 Survival Guide
  
• FAQ: Hacking Lexicon, by Robert Graham (Version 0.4.0, August 21, 2000)
• Sniffing (network wiretap, sniffer) FAQ by Robert Graham.
  
• Denial of Service FAQ : ISS사에서 관리하며, DDoS Attacks에 대한 개요, 작동원리, tool등을 포함하였다.
• Domain Name System Security FAQ, DNS에서의 Security 관련 자주 질문되는 내용.

---