NETWORKING SECURITY RESOURCES
(Any comment or contribution is welcome.)
Last Updated:06/12/2002
Latest Links:
6.12 Detection of Invalid Routing Announcement in the Internet. http://www4.ncsu.edu:8030/~xzhao/research.html
Network Resources and Collections:
IETF security working group: http://web.mit.edu/network/ietf/sa/
Security Focus and bugtraq mailing list can be found: http://www.securityfocus.com
The CERT® Coordination Center (CERT/CC): http://www.cert.org
Networking Security Tools: http://www.securiteam.com/tools/archive.html
A link to a Reading list in networking security area: http://www-net.cs.umass.edu/security/reading-list.htm
Many useful links on this website, http://cchen1.et.ntust.edu.tw/linux/linux.htm
DOS websites: http://staff.washington.edu/dittrich/misc/ddos/
http://grc.com/dos/grcdos.htm
DDOS attack resource at: http://www.megasecurity.org/dos.html
, a lot of tools.
DDOS attack resource at: http://staff.washington.edu/dittrich/misc/ddos/
Cisco
Routers and IOS security Issues: http://www.cisco.com/public/cons/isp/documents/IOSEssentialsPDF.zip
http://nsa2.www.conxion.com/cisco/download.htm
National Security Agency
Security Recommendation Guides: http://nsa1.www.conxion.com/cisco/download.htm
An article about router security: http://www.loopy.org/router.htm
Secure BGP website: http://www.net-tech.bbn.com/sbgp/sbgp-index.html
Bookmarks contributed by Chen Zesheng. Click Here.
The CVE website: Common Vulnerabilities and Exposures. http://cve.mitre.org ( A list of standardized names for vulnerabilities and other information security exposures.)
The ICAT website: A searchable index of information on computer vulnerablities. http://icat.nist.gov/icat.cfm
Honeynet Project's website. http://project.honeynet.org/
Papers and Articles Classified:
1.V. Srinivasan G. Varghesey S. Suriz M. Waldvogelx, Fast and Scalable Layer Four Switching, http://citeseer.nj.nec.com/cache/papers/cs/25670/http:zSzzSzmarcel.wanda.chzSzPublicationszSzsrinivasan98fast.pdf/srinivasan98fast.pdf
2.Marcel Waldvogely, et. al., Scalable High Speed IP Routing Lookups. http://www.acm.org/sigcomm/sigcomm97/papers/p182.pdf
3.Pankaj Gupta and Nick McKeown, Packet Classification on Multiple Fields. http://citeseer.nj.nec.com/cache/papers/cs/16061/http:zSzzSzwhistler.cmcl.cs.cmu.eduzSzsigcomm99zSzclass_stanford.pdf/gupta99packet.pdf
4.Shubhash Wasti,Hardware Assisted Packet Filtering Firewall. http://bistrica.usask.ca/madmuc/papers/shw320.pdf
5.Haining Wang Danlu Zhang Kang G. Shin, Detecting SYN Flooding Attacks http://www.eecs.umich.edu/~hxw/paper/attack.pdf
6.David E. Taylor, John W. Lockwood, Todd S. Sproull, Jonathan S. Turner, David B. Parlour. Scalable IP Lookup for Programmable Routers, http://www.arl.wustl.edu/~det3/fipl.pdf
Three links to descriptions about DDOS attack. 1. http://grc.com/dos/drdos.htm 2. http://grc.com/dos/attacklog.htm 3. http://grc.com/dos/grcdos.htm
IP traceback software can be found at http://www.ir.bbn.com/projects/SPIE/
J. Lemon, “Resisting SYN Flooding DoS Attacks with a SYN Cache”,Proceedings of USENIX BSDCon’2002, February, 2002. http://people.freebsd.org/~jlemon/ (Download the PDF file directly from the webpage)
A paper about detecting anomalous packets by correlating different packets. http://www.silicondefense.com/software/spice/index.htm
M.
Sung, M. Haas and J. Xu, "Analysis of DoS attack traffic data",
accepted and will be presented for 2002 FIRST conference (www.first.org),
http://www.cc.gatech.edu/people/home/mhsung/
Donald Cohen, K. Narayanaswamy, A Fair Service Approach to Defending Against Packet Flooding Attacks http://www.cs3-inc.com/ddos.PDF
A solution claims that computing aggregates for many parameters and using historical information are promising methods of identifying DDoS traffic and decreasing collateral damage http://www.nanog.org/mtg-0105/poletto.html
Lance Spitzner, "Understanding the FW-1 State Table", http://www.enteract.com/~lspitz/fwtable.html
David M. Wilson, "DoS Attack on a Check Point Firewall" http://rr.sans.org/casestudies/dos_attack.php
S. Bellovin, "Security Problems in the
TCP/IP Protocol Suite," http://www.research.att.com/~smb/papers/index.html
Laurent
Joncheray, A simple Active Attack Against TCP,
http://citeseer.nj.nec.com/cache/papers/cs/3657/http:zSzzSzwww.deter.comzSzunixzSzpaperszSztcp_attack.pdf/joncheray95simple.pdf
LAND ATTACK, detailed introduction on insecure.org. http://www.insecure.org/sploits/land.ip.DOS.html
Papers on securing BGP at http://www.cse.ucsc.edu/research/ccrg/publications.html#Network
An analysis of BGP security: www.ietf.org/internet-drafts/draft-murphy-bgp-secr-04.txt
Aman
Shaikh, et. al.
Routing Stability in Congested Networks: Experimentation and Analysis (abstract,
paper) at
http://www.acm.org/sigs/sigcomm/sigcomm2000/conf/techprog.htm
A reading list of peer to peer and application networking in CS dept. Umass. http://www-net.cs.umass.edu/cs791n/reading_list.htm
peer to peer group home. http://www.peer-to-peerwg.org/
Fyodor, "The Art of Port Scanning" September 1997 http://www.insecure.org/nmap/p51-11.txt
Ronald Black, "How Does Network Security Scanning Work Anyway?" http://rr.sans.org/securitybasics/netsec_scanning.php
John Kristoff, "trouble of UDP scanning", http://condor.depaul.edu/~jkristof/papers/
Cristian Estan and George Varghese -- CAIDA, UC San Diego."New Directions in Traffic Measurement and Accounting." at http://www.icir.org/vern/sigcomm-imeas-2001.program.html
Dealing with mallocfail and High CPU Utilization Resulting From the "Code Red" Worm http://www.cisco.com/warp/public/63/ts_codred_worm.shtml
Sprintlab IP monitoring project. http://www.sprintlabs.com/Department/IP-Interworking/Monitor/#talks
SNORT: The website to download SNORT tool: http://www.snort.org
NMAP: The website to download NMAP tool: http://www.insecure.org/nmap/
Many DOS tools, http://www.itsecurity.it/dos.htm, http://www.staticdischarge.org/Hacking/Sources/
IP Filter Links
Companies:
Silicon Defense, http://www.silicondefense.com/research/index.htm
People:
Steven M. Bellovin's Home Page: http://www.research.att.com/~smb/
Nick McKeown's Home Page: http://klamath.stanford.edu/~nickm/
Stefan Savage's Home Page: http://www.cs.washington.edu/homes/savage/
Supratik Bhattacharyya's Home Page: http://www.sprintlabs.com/People/supratik/
Mailing Lists:
Google: www.google.com
IETF: www.ietf.org
Go back to our lab's homepage.
Contact: jiawu@ecs.umass.edu