Improving the Security of Your Site by Breaking Into
Abstract: In this paper we will take an unusual approach to system security. Instead of merely saying that something is a problem, we will look through the eyes of a potential intruder, and show "why" it is one. We will illustrate that even seemingly harmless network services can become valuable tools in the search for weak points of a system, even when these services are operating exactly as they are intended to. In an effort to shed some light on how more advanced intrusions occur, this paper outlines various mechanisms that crackers have actually used to obtain access to systems and, in addition, some techniques we either suspect intruders of using, or that we have used ourselves in tests or in friendly/authorized environments.
Roger J. Martin, Wilma M. Osborne,
Guidance On Software Maintenance
Abstract: This report addresses issues and problems of software maintenance and suggests actions and procedures which can help software maintenance organizations meet the growing demands of maintaining existing systems. The report establishes a working definition for software maintenance and presents an overview of current problems and issues in that area. Tools and techniques that may be used to improve the control of software maintenance activities and the productivity of a software maintenance organization are discussed. Emphasis is placed on the need for strong, effective technical management control of the software maintenance process.
Built by Mark Crosbie and Ivan Krsul.
Security Archive Homepage.
COAST Project Page.
Purdue CS Dept page.