CEG 429/629: Internet Security
Reading List

Prabhaker Mateti

Abstract: This page collects the CEG 429 Internet Security List of References in one place. Even if Mateti did not lecture on the contents of the Required Readings/Visits, there can be exam questions based on these.

Intro

• The list below is that of web portals. All required visits. Some are "gone."
• www.infosyssec.org/ A comprehensive computer and network security portal with many tutorials.
• www.phrack.org/ An electronic magazine that publishes excellent, in-depth technical articles on security exploits whose authors rarely reveal their true names. If we can put aside our prejudices regarding who and what hackers are, we will see that this site is a source of solid technical information that can be used by bad guys for malicious purposes, and the good guys to protect their own computer systems.
• www.attrition.org/mirror/ collects the images of defaced web sites, such as CIA. Recently (2002), stopped this activity.
• Hackers.com/ "One of the prettiest hacker sites in existence. You will also find plenty of useful content if you dig through it."
• www.securityfocus.com/ Slogan: "The leading provider of Security Intelligence Service for Business" Hosts BUGTRAQ. The site has a comprehensive collection of security tools. It also highlights current incidents in internet security. This is a white-hat site.
• http://www.packetstormsecurity.org/ This is a security portal. It archives security tools and exploits. This is a white-hat site.
• www.antionline.com/ No, it is not a site promoting against the use of online activity. It is similar to the Security Focus site.
• www.antioffline.com/ Named "after" the above? The site is more of a black-hat site. It has interviews with personalities who operate under well-known pseudonyms on the security scene.
• www.infowar.com/ takes a broader view of security and has articles about how countries can get affected.

NetUtils

• Prabhaker Mateti, Local Area Networks A basic intro. What is NIC? What is 192.168.*.*? Etc. Do the lab procedure based on the above if you never setup a LAN. This is part of your prerequisites.
• Yechiam Yemini, "The Network Book," http://www.cs.columbia.edu/netbook/ This is a textbook aimed at juniors and seniors. The first few chapters are highly readable. Required Reading: Chapters 1 and 2.
• Prabhaker Mateti, Linux Notes, It describes Linux in two minutes and has pointers to further Linux info. Recommended Reading.
• Prabhaker Mateti, OSIS Lab. It describes our OSIS Lab at Wright State U. Recommended Reading.
• http://www.ssh.com/support/downloads/secureshellwks/non-commercial.html Windows ssh client. Linux: Most distributions include ssh and sshd.

TCPIP

• Prabhaker Mateti, "LAN Refresher," Internet Security Class Notes, www.cs.wright.edu/~pmateti/ Courses/499/LAN/ Required reading.
• Prabhaker Mateti, "The TCP/IP Suite," to appear in Computer Networks Handbook. (An earlier version appeared in Internet Encyclopedia, John Wiley 2003, and also in Information Security Handbook, John Wiley 2004.) pp. 50. Recommended reading. [ local copy ]
• Krnl, "Introduction and Overview of Internet Routing," Phrack Magazine, Volume 8, Issue 53 July 8, 1998, article 05 of 15, www.phrack.org Recommended reading.
• Brent Baccala, Editor, Connected: An Internet Encyclopedia, April, 1997, http://www.freesoft.org/ CIE/index.htm Reference. Look it up here for more details on the TCP/IP.
• Douglas Comer, TCP/IP books' web site http://www.netbook.cs.purdue.edu Highly recommended. The site has many animations that are instructive.

Cryptography

• North American Cryptography Archives, http://cryptography.org/ Recommended visit.
• The Feasibility of Breaking PGP, http://axion.physics.ubc.ca/pgp-attack.html Recommended visit.
• Microsoft, "Introduction to Code Signing," http://msdn.microsoft.com/workshop/security/ authcode/intro_authenticode.asp 1996. Required reading.
• Bruce Schneier, "Applied Cryptography: Protocols, Algorithms, and Source Code in C", John Wiley & Sons; ISBN: 0471117099. Reference.
• Simson Garfinkel, and Gene Spafford, "Practical UNIX & Internet Security," 2nd Edition, April 1996, ISBN 1-56592-148-8, 1000 pages; Chapter 6: Cryptography. Required reading.
• Bert-Jaap Koops, Crypto Law Survey, January 2004. http://rechten.kub.nl/koops/cryptolaw/index.htm This is a survey of existing and proposed laws and regulations in various countries on cryptography. Governments of advanced countries have long restricted export of cryptography for fear that their intelligence activities are hampered by the crypto use of foreign states and scoundrels. Recommended visit.

Password

• Simson Garfinkel, Gene Spafford, Practical Unix and Internet Security, 2nd edition (April 1996), O'Reilly & Associates; ISBN: 1565921488. Chapter 8 Defending Your Accounts. Recommended Reading.
• Prabhaker Mateti, Cryptography in Internet Security, A lecture from a course on Internet Security. www.cs.wright.edu/ ~pmateti/Courses/429/. Required Reading.
• Prabhaker Mateti, Authentication, A lecture from a course on Internet Security. www.cs.wright.edu/ ~pmateti/Courses/429/. Required Reading.
• Michael H. Jackson, Linux Shadow Password HOWTO, April 1996.www.tldp.org/HOWTO/Shadow-Password-HOWTO.html Recommended Reading
• L0pht, L0phtCrack, an NT password auditing tool. LC 5 is the latest version. http://www.google.com/search?q=l0phtcrack
• Password Cracking FAQ, http://www.password-crackers.com/en/articles/12/ Also has links to many down loadable cracking tools. Recommended Reading
• Joe Sanjour, Andrew Arensburger, Anne Brink, Choosing a Good Password, 02-Jun-1999 www.cs.umd.edu/faq/ Passwords.shtml Recommended Reading
• Microsoft, Windows NT System Key Permits Strong Encryption of the SAM (Q143475), support.microsoft.com/ default.aspx?scid=kb;EN-US;q143475 Recommended Reading
• N. Haller, C. Metz, P. Nesser, M. Straw, "A One-Time Password System," RFP 2289, February 1998.
  http://www.ietf.org/rfc/rfc2289.txt Reference.

BufferOverflow

• Aleph One, "Smashing The Stack For Fun And Profit," Phrack, Vol 7, Issue 49, File 14 of 16, www.phrack. com. A classic article. local copy (.txt) But it has a few inaccuracies. Here is the version of this paper with my corrections in place. Required Reading.
• Arash Baratloo, Navjot Singh, and Timothy Tsai, "Transparent Run-Time Defense Against Stack Smashing Attacks," Usenix 2000, http://www.usenix.org/events/usenix2000/general/full_papers/baratloo/baratloo_html/ index.html Reference.

• Matt Conover, and WSD, "w00w00 on Heap Overflows", January 1999, www.w00w00.org/ files/ articles/heaptut.txt Reference.
• Crispin Cowan, Calton Pu, Dave Maier, Heather Hinton, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle and Qian Zhang, "StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks," 1998, www.cse.ogi.edu/DISC/ projects/ immunix/ StackGuard/ usenixsc98_html/ Reference.
• DilDog, "The Tao of Windows Buffer Overflow," Date unknown, www.cultdeadcow.com/ cDc_files/ cDc-351/ Worth a visit. Reference.
• Peter Baer Galvin, "The Unix Secure Programming FAQ: Tips on security design principles, programming methods, and testing," SunWorld Magazine, Aug 1998, packetstorm.decepticons.org/ programming-tutorials/ unix.secure.programming.html [ Local Copy ] Required Reading.
• mudge@l0pht.com, "Compromised -­ Buffer Overflows, from Intel to SPARC Version 8," Date unknown. Reference.
• David A. Wheeler, "Secure Programming for Linux and Unix HOWTO," April 2000, tldp.org/HOWTO/Secure-Programs-HOWTO/index.html Highly recommended reading.

LinuxNotes

• Prabhaker Mateti, Linux Links, http://www.cs.wright.edu/~pmateti/Linux/index.html This is my link farm on Linux. Required visit.
• Debian Tutorial, http://www.debian.org/doc/manuals/debian-tutorial/ This is aimed at readers who are new to Debian. It assumes no prior knowledge of GNU/Linux or other Unix-like systems. Required visit.
• Debian GNU/Linux Network Administrator's Manual http://www.debian.org/doc/manuals/network-administrator/ Reference.
• http://www.debian-administration.org/ This blog collects interesting and useful information related to the system administration of Debian. Required visit.
• Securing Debian Manual, http://www.debian.org/doc/manuals/securing-debian-howto/ Required visit.
• http://www.debian.org/doc/manuals/debian-reference/reference.en.html Reference.

BootUp

• Lars Wirzenius, "Linux Administrators' Guide," http://www.linuxdoc.org/LDP/sag/ Recommended Reading. Required "skimming."
• Linux HOWTOs are installed on each PC in the OSIS lab. Look under /usr/share/doc/HOWTO/. Recommended Reading. Required "skimming."
• SAGE, the System Administrators Guild, http://www.usenix.org/sage/ Required "visit."

Config

• CERT, Securing Desktop Workstations, http://www.cert.org/security-improvement/ modules/m04.html. Required Reading.
• CERT, UNIX Configuration Guidelines, http://www.cert.org/tech_tips/unix_configuration_ guidelines.html [WSU copy] Required Reading.
• CERT, Windows NT Configuration Guidelines, http://www.cert.org/tech_tips/win_ configuration_guidelines.html Recommended Reading.
• Dave Wreski, Linux Security Administrator's Guide, http://www.nic.com/~dave/ SecurityAdminGuide/SecurityAdminGuide.html1998. Become familiar with it.
• Kurt Seifried, Linux Administrator's Security Guide, http://www.seifried.org/lasg/ 2001. New version of Wreski's document.
• Prabhaker Mateti, Security Fortification, June 2000. A lecture from a course on Internet Security. www.cs.wright.edu/~pmateti/InternetSecurity Required Reading.
• Prabhaker Mateti, Hardening a System, June 2000. A lecture from a course on Internet Security. www.cs.wright.edu/~pmateti/InternetSecurity Required Reading.
• Microsoft Security, http://www.microsoft.com/security/default.asp Reference.
• Michael Espinala, "The Hardening of Microsoft Windows NT Operating System Version 4.0", March 1998. Even though the title has "hardening" in it, this excellent paper is about proper configuration. Reference.
• Tom Sheldon, Windows NT Security Handbook, ISBN: 0078822408, Nov 1996. Reference.

Fortification

• Wietse Venema, "TCP Wrapper: Network monitoring, access control, and booby traps", Proceedings of the Third Usenix UNIX Security Symposium, pp. 85-92, Baltimore, September 1992. The source distribution is available at ftp://ftp.porcupine.org/pub/security/. Required reading. [Local copy in .ps].
• Unix Workstation Support Group, Using Rsync + SSH as a Replacement for NIS, www.uwsg.iu.edu/ security/rsync.html Recommended Reading.
• D. O'Brien, "Recognizing and Recovering from Rootkit Attacks". Sys Admin 5(11) (November 1996), pp. 8-20. Required reading. [local copy]
• Fred Cohen and Assoc, Audit Check Lists, http://www.all.net/books/audit/unix/top.html Recommended Reading.
• Bastille-Linux Scripts to Secure Linux, http://www.sans.org/newlook/projects/bastille_linux.htm Reference

HardenOS

• immunix.org Carefully re-compiled RedHat distribution. Worth visiting. Reference
• Seán Boran, Hardening Solaris, October 25, 1999, securityportal.com/cover/ coverstory19991025.html Actually proper configuration and fortification. Reference.
• Michael Espinala, "The Hardening of Microsoft Windows NT Operating System Version 4.0", March 1998. Proper configuration, actually. Reference.

Sniffers

• Christopher Klaus, The computer-security/ sniffers FAQ, Jul 1997, http://www.faqs.org/faqs/ computer-security/sniffers/ Recommended Reading.
• Brecht Claerhout, sniffit , http://reptile.rug.ac.be/~coder/sniffit/sniffit.html . (Local copy sniffit.0.3.5.tar.gz ) Reference. Download the source for the lab.
• Robert Graham, Sniffing (network wiretap, sniffer) FAQ, http://www.robertgraham.com/pubs/ sniffing-faq.html Recommended Reading.
• AntiSniff. Used to be at http://www.l0pht.com, website now gone. "Antisniff Unix Researchers (free) version 1-1 - This is a command line only version that runs many of the same tests to determine if a sniffer is running on the local network that the Windows NT/98/95 GUI does." http://packetstormsecurity.nl/sniffers/antisniff/ Recommended download.

Probing/Port Scanning

• Fyodor, "The Art of Port Scanning," 1997, www.nmap.org Required Reading.

• Ron Gula, How to Handle and Identify Network Probes, April 1999, www.securitywizards.com [Local Copy] Required Reading.

• Hobbit, The FTP Bounce Attack, http://www.insecure.org/nmap/ hobbit.ftpbounce.txt The original paper on the subject. Reference.
• Fyodor, Remote OS detection via TCP/IP Stack Finger Printing. Written: October 18, 1998 Last Modified: April 10, 1999. http://www.insecure.org/nmap/nmap-fingerprinting-article.html Required Reading.
• Solar Designer, Designing and Attacking Port Scan Detection Tools, Phrack Magazine, Volume 8, Issue 53, July 8, 1998, article 13 of 15, www.phrack.com . Recommended Reading.

BackDoors

• Christopher Klaus, "Backdoors", Usenet news group article, 8/4/97. Reference.
• klog, Backdooring Binary Objects, Phrack Magazine, www.phrack.com Volume 0xa, Issue 0x38 05.01.2000 0x09[0x10] Recommended Reading.
• Van Hauser, Placing Backdoors Through Firewalls, April 1998, http://www.itsecurity.com/ papers/p37.htm Required Reading after the Firewalls lecture.
• Yin Zhang, and Vern Paxson, "Detecting Backdoors", Proceedings of the 9th USENIX Security Symposium, Denver, Colorado, August 2000. Reference
• Simson Garfinkel, Gene Spafford, Chapter 10: Auditing and Logging, Practical Unix and Internet Security, 3rd edition (2003), O'Reilly & Associates; ISBN: 0596003234. Required Reading.

Root Kits

• D. O'Brien , "Recognizing and Recovering from Rootkit Attacks". Sys Admin 5(11) (November 1996), pp. 8-20. [local copy] Required reading.
• Greg Hoglund, "A *REAL* NT Rootkit, patching the NT Kernel," Phrack Magazine, Vol. 9, Issue 55, 09.09.99, 05 of 19. www.phrack.org Excellent article. Highly recommended reading.
• http://www.chkrootkit.org/ chkrootkit is a tool to locally check for signs of a rootkit. Highly recommended reading.
• Dave Dittrich, "Root Kits" and hiding files/directories/processes after a break-in, Date: 2002/01/05, staff.washington.edu/ dittrich/ misc/faqs/rootkits.faq
• http://packetstormsecurity.nl/UNIX/penetration/rootkits/ Collection of rootkits.

IPExploits/Spoofing and Fragmentation

• Brecht Claerhout, A short overview of IP spoofing: Parts I and II, 1996. The papers are found in many web archives, but do not seem to be published in any formal way. ipspoof.tgz is a collection of files from these papers. Recommended Reading.
• Craig A. Huegen, The Latest in Denial of Service Attacks: "Smurfing": Description and Information to Minimize Effects, Feb 2000, http://www.quadrunner.com/~chuegen/smurf.txt Recommended Reading.

TCP Exploits

• Steve Bellovin, Security Problems in the TCP/IP Protocol Suite, Computer Communication Review, Vol. 19, no. 2 (April 1989) pages 32-48; [Local copy.] Recommended Reading.
• CERT, Advisory CA-2001-09 Statistical Weaknesses in TCP/IP Initial Sequence Numbers, http://www.cert.org/advisories/CA-2001-09.html Recommended Reading.
• Brecht Claerhout, A short overview of IP spoofing: Parts I and II, 1996. The papers are found in many web archives, but do not seem to be published in any formal way. ipspoof.tgz is a collection of files from these papers. Even though the title says IP spoofing, these are all about TCP exploits based on IP spoofing. Recommended Reading.
• Daemon9 / route / infinity, "Project Neptune", Phrack Magazine, Volume Seven, Issue Forty-Eight, File 13 of 18, July 1996. Explains, in detail, SYN flooding. Recommended Reading.
• Prabhaker Mateti, IP and ICMP Exploits, June 2000. A lecture from a course on Internet Security. www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/IPexploits. Explains IP spoofing. Required Reading.
• Prabhaker Mateti, TCP/IP Refresher, June 2000. A lecture from a course on Internet Security. www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/TCPIP/. Required Reading.
• Prabhaker Mateti, "Security Issues in the TCP/IP Suite", to appear in "Security in Distributed and Networking Systems", 28 pp., 2007 sec-tcpip.pdf Required Reading.

Secure Software

• Matt Bishop, Robust Programming, October 1998. [HTML] [PDF] nob.cs.ucdavis.edu/~bishop/ Required Reading.
• Simson Garfinkel, Gene Spafford Practical Unix and Internet Security, 2nd edition (April 1996), O'Reilly & Associates; ISBN: 1565921488. Errata: www.oreilly.com/catalog/puis/errata/ Chapter 23: Writing Secure SUID and Network Programs. Recommended Reading.
• Prabhaker Mateti, "Practical Advice on Writing Pre- Post-Conditions for Real Programs," Lecture Notes, May 1998. [local copy] Required Reading.
• Prabhaker Mateti, "Buffer Overflow", Lectures on Internet Security, www.cs.wright.edu /~pmateti/ Courses/ 429/ Top/ lectures.html. There is a section on robust programming techniques that avoid the buffer overflow exploits. Required Reading.
• Adam Shostack, "Security Code Review Guidelines," July 2000, www.homeport.org/ ~adam/ review.html Reference.
• David A. Wheeler, "Secure Programming for Linux and Unix HOWTO," April 2000, www.linuxdoc.org/ HOWTO/Secure-Programs-HOWTO.html Reference.
• David Evans, SPLINT, www.splint.org, University of Virginia, 2001. Reference

Packet Filtering

• D. Brent Chapman, "Network (In)Security Through IP Packet Filtering," Third USENIX UNIX Security Symposium; Baltimore, MD; September, 1992. [Local copy .ps] Recommended Reading.
• Oskar Andreasson, "Iptables Tutorial", 2006, http://iptables-tutorial.frozentux.net/ This is about 270 pages. Recommended Reading.
• Rusty Russell, "Linux 2.4 Packet Filtering HOWTO," 2002/02/19. http://www.iptables.org/ Reference.
• Robert L. Ziegler, and Carl B. Constaintine, "Linux Firewalls," 2nd Edition, ISBN: 0735710996, New Riders Publishing, October 2001. Describes how to set up a Linux based firewall using iptables. Several scripts from the chapters of the book are on-line at http://www.linux-firewall-tools.com/linux/book/. Reference.
• P. Srisuresh, and K. Egevang, RFC 3022, (Obsoletes: RFC 1631) "Traditional IP Network Address Translator (Traditional NAT)", ftp://ftp.rfc-editor.org/in-notes/rfc3022.txt January 2001
• Simson Garfinkel, Gene Spafford, "Practical Unix and Internet Security," 2nd edition (April 1996), O'Reilly & Associates; ISBN: 1565921488. Errata: http://www.oreilly.com/catalog/puis/errata/ Chapter 21: Firewalls. Required Reading.
• Prabhaker Mateti, Firewalls, June 2000. A lecture from a course on Internet Security. www.cs.wright.edu/~pmateti/InternetSecurity Required Reading.
• Prabhaker Mateti, An Example Firewall Setup, May 2003. A lecture from a course on Internet Security. http://www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/FireWallSetup/ Recommended Reading.
• Thomas M. Eastep, "ShoreWall: IP Tables Made Easy," http://www.shorewall.net/ , May 2003. This is a fron end to IP tables. Recommended visit/download.

Firewalls

• D. Brent Chapman & Elizabeth D. Zwicky; Building Internet Firewalls. O'Reilly & Associates. ISBN 1-56592-124-0, 517 pages. Reference.
• Simson Garfinkel, Gene Spafford, "Practical Unix and Internet Security," 2nd edition (April 1996), O'Reilly & Associates; ISBN: 1565921488. Errata: http://www.oreilly.com/catalog/puis/errata/ Chapter 21: Firewalls. Required Reading.
• Mark Grennan, Firewall and Proxy Server HOWTO, Aug 21, 2000, http://www.tldp.org/HOWTO/Firewall-HOWTO.html. Recommended Reading.
• Microsoft, Frequently Asked Questions About Internet Firewalls, Last Updated: March 10, 2004, http://www.microsoft.com/security/protect/firewall.asp Required Reading.
• Robert L. Ziegler, and Carl B. Constaintine, "Linux Firewalls," 2nd Edition, ISBN: 0735710996, New Riders Publishing, October 2001. Describes how to set up a Linux based firewall. Reference.
• R. Shirey, Internet Security Glossary, RFC 2828, www.rfc-editor.org. Reference.

Viruses, Worms, and Trojans

• Vesselin Bontchev, Future Trends in Virus Writing, 1994, IFIP TC-11, www.commandcom.com/ virus/ trends.html Recommended Reading.
• Virus Bulletin is the technical journal on developments in the field of computer viruses and anti-virus products, www.virusbtn.com/VirusInformation/ Reference.
• Simson Garfinkel, Gene Spafford, Practical Unix and Internet Security, 2nd edition (April 1996), O'Reilly & Associates; ISBN: 1565921488. www.oreilly.com/catalog/puis/errata/ Chapter 11. Protecting Against Programmed Threats. Required Reading.
• Sandeep Kumar, and Gene Spafford, "A Generic Virus Scanner in C++," Proceedings of the 8th Computer Security Applications Conference; IEEE Press, Piscataway, NJ; pp. 210-219, 2-4 Dec 1992. [Local copy .pdf] Required Reading.
• Steve R. White, Morton Swimmer, Edward J. Pring, William C. Arnold, David M. Chess, John F. Morar, "Anatomy of a Commercial-Grade Immune System," 1999, www.research.ibm.com/ antivirus/ SciPapers/ White/Anatomy/anatomy.html The site (www.research.ibm.com/ antivirus/) has many other excellent articles. Recommended Reading.
• Dark Angel, “(Phalcon/Skism)Virus Writing Tutorials,” http://www.sirkussystem.com/virus.html Required Reading.
• Matthew G. Schultz, Eleazar Eskin, Erez Zadok, Manasi Bhattacharyya, and Salvatore J. Stolfo, "MEF: Malicious Email Filter A UNIX Mail Filter that Detects Malicious Windows Executables," Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, June 25-30, 2001, Boston, Masssachusetts, USA; http://www.usenix.org/publications/library/proceedings/ usenix01/ freenix01/ schultz/ schultz_html/ index.html Reference.

Privacy

• ACLU, "Privacy Rights Pocket Card," tips for protecting your own right to privacy. aclu.org/ action/ privcard.html. Required Reading.
• Ian Clarke, Brandon Wiley, Oskar Sandberg and Theodore W. Hong, "Freenet: A Distributed Anonymous Information Storage and Retrieval System", ICSI Workshop on Design Issues in Anonymity and Unobservability, July 25-26, Berkeley, California. freenet.sourceforge.net/ index.php? page=theoppr Required Reading.
• Federal Trade Commission, Privacy Online: A Report to Congress, June 1998, http://www.ftc.gov/ reports/ privacy3/ toc.htm Recommended Reading.
• Simson Garfinkel, "Database Nation: The Death of Privacy in the 21st Century", http://simson.net/2048. Recommended Reading.
• Reading list from Harvard, http://cyber.law.harvard.edu/ltac98/topic3-privacy.html Reference.
• M. E. Kabay, "Anonymity and Pseudonymity in Cyberspace: Deindividuation, Incivility and Lawlessness Versus Freedom and Privacy," Annual Conference of the European Institute for Computer Anti­virus Research (EICAR), Munich, Germany 16­8 March 1998. [Local copy .pdf] Recommended Reading.
• Prabhaker Mateti, "Personal Security and Privacy on the Web," June 2000, slides: HTML | ppt. Required Reading.

Ethics

• Dissident, "The Ethics of Hacking." An opinion on hacking ethically. Date unknown. www.attrition.org/ ~modify/ texts/ hacking_texts/ hacethic.txt [local copy] Required Reading.
• "Ethical Navigations through Virtual Technologies" Astrolabe project, Ohio State University, is about ethics and values issues involved in the development and use of technologies. Their "topics page" lists more than a dozen areas. One of them is Hacker Ethics. Required visit.
• "Instructional Resources in Engineering Ethics, Computer Ethics & Research Ethics," an excellent web site. http://onlineethics.org/edu/instruct.html Recommended visit.
• Hacker Sitings and News, http://www.infowar.com/hacker/hacker.shtml Recommended visit.
• "Ethics in Computing," http://courses.ncsu.edu/classes-a/computer_ethics/. Recommended visit.

Intrusion Detection

• Aurobindo Sundaram, An Introduction to Intrusion Detection, ACM Crossroads (Electronic Magazine), 1996, http://www.acm.org/crossroads/xrds2-4/intrus.html Required Reading.
• Simson Garfinkel, Gene Spafford Practical Unix and Internet Security, 2nd edition (April 1996), O'Reilly & Associates; ISBN: 1565921488. Errata: http://www.oreilly.com/catalog/puis/errata/ Chapter 9: Integrity Management, Chapter 24: Discovering a Break-in. Recommended Reading.
• Intrusion Detection FAQ, www.sans.org/newlook/resources/IDFAQ/ID_FAQ.htm Reference.
• Kurt Seifried, Linux Administrator's Security Guide, http://www.linuxdoc.org/LDP/lasg/lasg-www/ Required skimming.
• Fred Cohen, The Deception Toolkit Home Page and Mailing List, http://www.all.net/dtk/ Required Reading.

Security Audit

• Prabhaker Mateti, Security Audit, July 2000, [PowerPoint slides].
• Lance Spitzner, "Auditing Your Firewall Setup," March, 2000. http://www.enteract.com/~lspitz/ audit.html. Required Reading.
• Henderson Group, "How to Audit Windows NT Security," 10/01/97, http://home.us.net/~stu/ ntsec1.html Recommended Reading.
• Dan Farmer, and Wietse Venema, "Improving the Security of Your Site by Breaking Into it," [Local copy .html] Required Reading.

• Auditors Checklists and Other Audit Information, http://all.net/books/audit/top.html Recommended Reading.
• Dan Farmer, and Wietse Venema, "An Internet Security Audit for fish.com computing network," 1996, [Local copy .ps]. Required Reading.
• P. Holbrook, J. Reynolds (Editors), "RFC 1244, Site Security Handbook," www.cis.ohio-state.edu/ htbin/rfc/ rfc1244.html Reference.

Wireless Hacks

• Prabhaker Mateti, "Hacking Techniques in Wireless Networks", to appear in "The Handbook of Information Security", Hossein Bidgoli (Editor-in-Chief), John Wiley & Sons, Inc., 2005. HTMLized version MS-Word DOC version Required reading.

Events