In my travels and teaching engagements, I am appalled to find so many
who don't know of what I speak when I mention "the Morris Worm"
or "the Internet Worm." A collection of papers exists at Purdue U.
on the CERIAS web site.
You need to look for them with the search engine as it warns that
individual pages will be moved for your convenience. I have duplicated
Gene Spafford's technical report on the Worm here.
For firewalls, I believe the early papers are still the best, and the
technology has not changed substantially since their authors wrote them.
Four of the first and best papers are:
Rik Farrow, Understanding buffer overflow attacks
is an excellent explanation of what they
are and how they work. A reprint from Rik's "Network Defense" column.
(Some of these have pop-ups and other advertisements.)
IPAddressGuide.com. Free on-line IP network tools.
Windows security site for IT admins. WindowSecurity.com provides Windows security news, articles, tutorials, software listings and reviews for information security professionals covering topics such as firewalls, viruses, intrusion detection and other security topics.
The All-Internet-Security.com Directory -- "Better Resources for Better Decisions."
- ITtoolbox Security.
"ITtoolbox Security offers forums for technical discussion, an
integrated directory, white papers and daily news geared towards Security
professionals and users of Security products. The portal also provides
content, community, job postings and much more."
- Sam Spade.
Tools to track down attackers and spammers. There are web-based tools
and a Windows program to download. (Goes well with the paper I wrote
-- Tracing Electronic Mail -- for the US Secret Service
to help trace threatening e-mail sent to any of the princpals
under their protection.
ICSA Labs virus hoax page and
Symantec AntiVirus Research Center, Virus Hoaxes page
Check it out here before sending the warning to all of your
friends and relations... Please?
The SANS Institute
- CSI --
The Computer Security Institute
(Center for Education and Research in Information Assurance and Security)
at Purdue University.
- ICSA Labs
(A Division of TruSecure Corporation).
Certification of sites, products, and professionals. Good introduction
and advanced resource for IT security matters.
CIAC Security Web Site
CIAC stands for Computer Incident Advisory Capability, and they are part
of the US Department of Energy ... the nuclear people.
NIST Computer Security Resources Clearinghouse
Computer Emergency Response Team (CERT)
Who ya gonna call? Ghostbusters!
searchSecurity -- "The Security Specific Search Engine"
The IETF Security Area
The IETF Security Area Home Page.
Son of Devil's Advocate.
Years after I stopped caring, and having to care, about who had the best UNIX
workstation or what UNIX version would win, I continued to read
Stan Kelly-Bootle's column, "The Devil's Advocate," in UNIX Review, and, after a name change,
Performance Computing magazine.
Often it was the only part of UR/PC I read.
The magazine ceased to exist in January 2000 (or 19100, depending on whether
the programmers of your system read the manual),
but Stan's columns live on at
From their home page you can jump to SODA -- Son of Devil's Advocate.
I heartily recommend
bookmarking it and reading it.
[ Home | Services
| Curriculum Vitae
| Papers | Calendar