NETWORKING SECURITY RESOURCES

(Any comment or contribution is welcome.)

Last Updated:06/12/2002

 


Latest Links:

        6.12 Detection of Invalid Routing Announcement in the Internet. http://www4.ncsu.edu:8030/~xzhao/research.html

 


Network Resources and Collections:

        IETF security working group: http://web.mit.edu/network/ietf/sa/

        Security Focus and bugtraq mailing list can be found: http://www.securityfocus.com

        The CERT® Coordination Center (CERT/CC): http://www.cert.org

        Networking Security Tools: http://www.securiteam.com/tools/archive.html

        A link to a Reading list in networking security area: http://www-net.cs.umass.edu/security/reading-list.htm

        Many useful links on this website, http://cchen1.et.ntust.edu.tw/linux/linux.htm

       DOS websites: http://staff.washington.edu/dittrich/misc/ddos/
                                 http://grc.com/dos/grcdos.htm
       DDOS attack resource at: http://www.megasecurity.org/dos.html , a lot of tools.

       DDOS attack resource at: http://staff.washington.edu/dittrich/misc/ddos/

        Cisco Routers and IOS security Issues:       http://www.cisco.com/public/cons/isp/documents/IOSEssentialsPDF.zip
                                                                            http://nsa2.www.conxion.com/cisco/download.htm
        National Security Agency Security Recommendation Guides: http://nsa1.www.conxion.com/cisco/download.htm

        An article about router security: http://www.loopy.org/router.htm

        Secure BGP website: http://www.net-tech.bbn.com/sbgp/sbgp-index.html

        Bookmarks contributed by Chen Zesheng. Click Here.

        The CVE website: Common Vulnerabilities and Exposures. http://cve.mitre.org ( A list of standardized names for vulnerabilities and other information security exposures.)                

        The ICAT website: A searchable index of information on computer vulnerablities. http://icat.nist.gov/icat.cfm

         Honeynet Project's website. http://project.honeynet.org/


Papers and Articles Classified:

        1.V. Srinivasan G. Varghesey S. Suriz M. Waldvogelx, Fast and Scalable Layer Four Switching,                     http://citeseer.nj.nec.com/cache/papers/cs/25670/http:zSzzSzmarcel.wanda.chzSzPublicationszSzsrinivasan98fast.pdf/srinivasan98fast.pdf

        2.Marcel Waldvogely, et. al., Scalable High Speed IP Routing Lookups.  http://www.acm.org/sigcomm/sigcomm97/papers/p182.pdf

        3.Pankaj Gupta and Nick McKeown, Packet Classification on Multiple Fields. http://citeseer.nj.nec.com/cache/papers/cs/16061/http:zSzzSzwhistler.cmcl.cs.cmu.eduzSzsigcomm99zSzclass_stanford.pdf/gupta99packet.pdf

        4.Shubhash Wasti,Hardware Assisted Packet Filtering Firewall. http://bistrica.usask.ca/madmuc/papers/shw320.pdf

        5.Haining Wang Danlu Zhang Kang G. Shin, Detecting SYN Flooding Attacks http://www.eecs.umich.edu/~hxw/paper/attack.pdf

        6.David E. Taylor, John W. Lockwood, Todd S. Sproull, Jonathan S. Turner, David B. Parlour. Scalable IP Lookup for Programmable Routers,  http://www.arl.wustl.edu/~det3/fipl.pdf

      Three links to descriptions about DDOS attack. 1.  http://grc.com/dos/drdos.htm 2.  http://grc.com/dos/attacklog.htm 3.  http://grc.com/dos/grcdos.htm

        IP traceback software can be found at http://www.ir.bbn.com/projects/SPIE/

        J. Lemon, “Resisting SYN Flooding DoS Attacks with a SYN Cache”,Proceedings of USENIX BSDCon’2002, February, 2002. http://people.freebsd.org/~jlemon/ (Download the PDF file directly from the webpage)

        A paper about detecting anomalous packets by correlating different packets. http://www.silicondefense.com/software/spice/index.htm

M. Sung, M. Haas and J. Xu, "Analysis of DoS attack traffic data", accepted and will be presented for 2002 FIRST conference (www.first.org),
            http://www.cc.gatech.edu/people/home/mhsung/

        Donald Cohen, K. Narayanaswamy, A Fair Service Approach to Defending Against Packet Flooding Attacks http://www.cs3-inc.com/ddos.PDF

 

        A solution claims that computing aggregates for many parameters and using historical information are promising methods of identifying DDoS traffic and decreasing collateral damage  http://www.nanog.org/mtg-0105/poletto.html

        Lance Spitzner, "Understanding the FW-1 State Table", http://www.enteract.com/~lspitz/fwtable.html

        David M. Wilson, "DoS Attack on a Check Point Firewall" http://rr.sans.org/casestudies/dos_attack.php

        S. Bellovin, "Security Problems in the TCP/IP Protocol Suite,"  http://www.research.att.com/~smb/papers/index.html
        Laurent Joncheray, A simple Active Attack Against TCP,                     http://citeseer.nj.nec.com/cache/papers/cs/3657/http:zSzzSzwww.deter.comzSzunixzSzpaperszSztcp_attack.pdf/joncheray95simple.pdf

LAND ATTACK, detailed introduction on insecure.org. http://www.insecure.org/sploits/land.ip.DOS.html

        Papers on securing BGP at http://www.cse.ucsc.edu/research/ccrg/publications.html#Network

        An analysis of  BGP security: www.ietf.org/internet-drafts/draft-murphy-bgp-secr-04.txt

      Aman Shaikh, et. al. Routing Stability in Congested Networks: Experimentation and Analysis (abstract, paper) at
         http://www.acm.org/sigs/sigcomm/sigcomm2000/conf/techprog.htm

 

        A reading list of peer to peer and application networking in CS dept. Umass. http://www-net.cs.umass.edu/cs791n/reading_list.htm

        peer to peer group home. http://www.peer-to-peerwg.org/

        Fyodor, "The Art of Port Scanning" September 1997 http://www.insecure.org/nmap/p51-11.txt 

        Ronald Black, "How Does Network Security Scanning Work Anyway?" http://rr.sans.org/securitybasics/netsec_scanning.php

        John Kristoff, "trouble of UDP scanning", http://condor.depaul.edu/~jkristof/papers/

        Cristian Estan and George Varghese -- CAIDA, UC San Diego."New Directions in Traffic Measurement and Accounting." at                   http://www.icir.org/vern/sigcomm-imeas-2001.program.html  

        Dealing with mallocfail and High CPU Utilization Resulting From the "Code Red" Worm http://www.cisco.com/warp/public/63/ts_codred_worm.shtml

        Sprintlab IP monitoring project. http://www.sprintlabs.com/Department/IP-Interworking/Monitor/#talks


Tools downloading site

SNORT:  The website to download SNORT tool:  http://www.snort.org

NMAP:  The website to download NMAP tool: http://www.insecure.org/nmap/

Many DOS tools, http://www.itsecurity.it/dos.htm, http://www.staticdischarge.org/Hacking/Sources/

IP Filter Links


Companies:

Silicon Defense, http://www.silicondefense.com/research/index.htm


People:

        Steven M. Bellovin's Home Page: http://www.research.att.com/~smb/

        Nick McKeown's Home Page: http://klamath.stanford.edu/~nickm/

        Stefan Savage's Home Page: http://www.cs.washington.edu/homes/savage/

        Supratik Bhattacharyya's Home Page: http://www.sprintlabs.com/People/supratik/


Mailing Lists:


Other Useful Links:

        Google: www.google.com

        IETF: www.ietf.org

 

 

 

 

Go back to our lab's    homepage.                                                                                                            

Contact: jiawu@ecs.umass.edu