The Center for Education and Research in Information Assurance and Security, or CERIAS, is the world's foremost University center for multidisciplinary research and education in areas of information security. Our areas of research include computer, network, and communications security as well as information assurance.

This site's design is only visible in a graphical browser that supports web standards, but its content is accessible to any browser or Internet device. (Why?)

Center for Education and Research in Information Assurance and Security

COAST Security Archive Logo Category Index: /pub/doc/misc


No Pointing!

This WWW page was generated automatically. Link makers should not point their links to this page. If you must, please make a link to the search entry point.

Leendert van Doorn, Computer Break-ins: A Case Study
Abstract: This paper describes the modus operandi of hackers based on multiple hacking attempts that occurred during this year at some department computers. Special attention is paid to the methods they use to break into computer systems and what they do once they are in.

Gennady Medvinsky, B. Clifford Neuman, NetCash:A Design for Practical Electronic Currency on the Internet
Abstract: NetCash is a framework that supports realtime electronic payments with provision of anonymity over an unsecure network. It is designed to enable new types of services on the Internet which have not been practical to date because of the absence of a secure, scalable, potentially anonymous payment method. NetCash strikes a balance between unconditionally anonymous electronic currency, and signed instruments analogous to checks that are more scalable but identify the principals in a transaction. It does this by providing the framework within which proposed electronic currency protocols can be integrated with the scalable, but non-anonymous, electronic banking infrastructure that has been proposed for routine transactions.

Christopher William Klaus, Compromise: What if your Machines are Compromised by an Intruder.
Abstract: This FAQ deals with some suggestions for securing your Unix machine after it has already been compromised. Even if your machines have not been compromised, there are many helpful tips on securing machine in this paper. I would appreciate any suggestions. This FAQ will be posted monthly.

Berny Goodheart, How do you CRASH your UNIX System
Abstract: Summary of "How to Crash your UNIX system", also includes several example programs that tends to crash the machine.

Dennis M. Ritchie, On the Security of UNIX
Abstract: This paper discusses the degrees of security which can be provide under the UNIX system and offers a number of hints on how to improve security.

Gennady Medivinsky, B. Clifford Neuman, Electronic Currency for the Internet
Abstract: A framework for electronic currency for the Internet that provides a real-time electronic payment system.

Eugene H. Spafford, Unix and Security: The Influences of History
Abstract: \Unix\ has a reputation as an operating system that is difficult to secure. This reputation is largely unfounded. Instead, the blame lies partially with the traditional use of \Unix\ and partially with the poor security consciousness of its users. \Unix's reputation as a nonsecure operating system comes not from design flaws but from practice. For its first 15 years, \Unix\ was used primarily in academic and computer industrial environments --- two places where computer security has not been a priority until recently. Users in these environments often configured their systems with lax security, and even developed philosophies that viewed security as something to avoid. Because they cater to this community, (and hire from it) many \Unix\ vendors have been slow to incorporate stringent security mechanisms into their systems. This paper describes how the history and development of \Unix\ can be viewed as the source of many serious problems. Some suggestions are made of approaches to help increase the security of your system, and of the \Unix\ community.

_____

O Built by Mark Crosbie and Ivan Krsul.

Security Archive Page Security Archive Homepage.

COAST Homepage COAST Project (CERIAS)Page.

Purdue CS Homepage Purdue CS Dept page.


security-archive@cerias.purdue.edu (COAST Security Archive)