Total Pageviews

Tuesday 22 May 2012

关于linux security的一些文章

Featuring 9 papers as of May 22, 2012
PDF BYOB: Build Your Own Botnet
By: Francois Begin (posted on August 17, 2011)
A recent report on botnet threats (Dhamballa, 2010) provides a sobering read for any security professional. According to its authors, the number of computers that fell victim to botnets grew at the rate of 8%/week in 2010, which translates to more than a six-fold increase over the course of the year.
PDF Covert Data Storage Channel Using IP Packet Headers
By: Jonathan Thyer (posted on February 7, 2008)
A covert data channel is a communications channel that is hidden within the medium of a legitimate communications channel. Covert channels manipulate a communications medium in an unexpected or unconventional way in order to transmit information in an almost undetectable fashion. Otherwise said, a covert data channel transfers arbitrary bytes between two points in a fashion that would appear legitimate to someone scrutinizing the exchange. (Bingham, 2006)
PDF Covert communications: subverting Windows applications
By: D. Climenti, A. Fontes, A. Menghrajani (posted on September 14, 2007)
PDF Inside-Out Vulnerabilities, Reverse Shells
By: Richard Hammer (posted on November 10, 2006)
Keeping data from leaking out of protected networks is becoming increasingly difficult due to the increase of malicious code that sends data from infected systems.
PDF Network Covert Channels: Subversive Secrecy
By: Ray Sbrusch (posted on October 25, 2006)
Steganography is the practice of concealing information in channels that superficially appear benign. The National Institute of Standards and Technology defines a covert channel as any communication channel that can be exploited
PDF Steganography: Why it Matters in a "Post 911" World
By: Bob Gilbert (posted on October 31, 2003)
This paper discusses cryptography attempts that to conceal messages by various translation methods that create new, unrecognizable messages.
PDF A Detailed look at Steganographic Techniques and their use in an Open-Systems Environment
By: Bret Dunbar (posted on October 31, 2003)
This paper's focus is on a relatively new field of study in Information Technology known as Steganography.
PDF A Discussion of Covert Channels and Steganography
By: Mark Owens (posted on October 31, 2003)
Although the current threat of steganographic technology appears to lag its usefulness, the diligent information systems person needs to be mindful of the security ramifications that a covert channel in their enterprise carries.
PDF HTTP Tunnels Though Proxies
By: Daniel Alman (posted on October 31, 2003)
This paper covers the topic of HTTP tunnels, the risks they pose, and discusses how those risks can be limited with proper administration.
 
from http://www.sans.org/reading_room/whitepapers/covert/