Dan
Farmer, Wietse
Venema,
Improving the Security of Your Site by Breaking Into
it
Abstract: In this paper we will take an unusual approach
to system security. Instead of merely saying that something is a
problem, we will look through the eyes of a potential intruder,
and show "why" it is one. We will illustrate that even seemingly
harmless network services can become valuable tools in the search
for weak points of a system, even when these services are
operating exactly as they are intended to. In an effort to shed
some light on how more advanced intrusions occur, this paper
outlines various mechanisms that crackers have actually used to
obtain access to systems and, in addition, some techniques we
either suspect intruders of using, or that we have used ourselves
in tests or in friendly/authorized environments.
Roger J. Martin, Wilma M. Osborne,
Guidance On Software Maintenance
Abstract: This report addresses issues and problems of
software maintenance and suggests actions and procedures which
can help software maintenance organizations meet the growing
demands of maintaining existing systems. The report establishes a
working definition for software maintenance and presents an
overview of current problems and issues in that area. Tools and
techniques that may be used to improve the control of software
maintenance activities and the productivity of a software
maintenance organization are discussed. Emphasis is placed on the
need for strong, effective technical management control of the
software maintenance process.
Built by Mark Crosbie and Ivan Krsul.