A Evening with BerFerd In Which a Cracker is Lured, Endured, and
Abstract: This paper is chronicle of the crackers' "successes" and disappointments, the bait and traps used to lure and detect him, and the chroot "Jail" we built to watch his activities.
Steven M. Bellovin,
There Be Dragons
Abstract: Our security gateway to the Internet, research.att.com, provides only a limited set of services. Most of the standard servers have been replaced by a variety of trap programs that look for attacks. Using these, we have detected a wide variety of pokes, ranging from simple doorknob-twisting to determined assaults. The attacks range from simple attempts to log in as guest to forged NFS packets. We believe that many other sites are being probed but are unaware of it: the standard network daemons do not provide administrators with either appropriate controls and filters or with the logging necessary to detect attacks.
Fuat Baran, Howard Kaye, Margarita Suarez,
Security Breaches: Five Recent Incidents at Columbia
Abstract: During a two-month period (February through March, 1990) Columbia University was involved in five break-in incidents. This paper provides a detailed account of each incident as well as what steps we took,both short-term and long-term, to reduce the likelihood of future incidents.
Unix Admin. Horror Story Summary
Abstract: This is version 1.0 of the unofficial "Unix Administration Horror Story Summary". This is a summary of the "Unix Administration Horror Stories" thread which was seen in comp.unix.admin in October '92.
A Guide to Internet Security: Becoming an Uebercracker and
Becoming an UeberAdmin to stop Uebercrackers.
Abstract: This is a paper will be broken into two parts, one showing 15 easy steps to becoming a uebercracker and the next part showing how to become a ueberadmin and how to stop a uebercracker. A uebercracker is a term phrased by Dan Farmer to refer to some elite (cr/h)acker that is practically impossible to keep out of the networks.
Built by Mark Crosbie and Ivan Krsul.
Security Archive Homepage.
COAST Project (CERIAS)Page.
Purdue CS Dept page.