关于linux security的一些文章
Featuring 9 papers as of May 22, 2012
- BYOB: Build Your Own Botnet
- By: Francois Begin (posted on August 17, 2011)
-
A recent report on botnet threats (Dhamballa, 2010) provides a sobering
read for any security professional. According to its authors, the
number of computers that fell victim to botnets grew at the rate of
8%/week in 2010, which translates to more than a six-fold increase over
the course of the year.
- Covert Data Storage Channel Using IP Packet Headers
- By: Jonathan Thyer (posted on February 7, 2008)
-
A covert data channel is a communications channel that is hidden within
the medium of a legitimate communications channel. Covert channels
manipulate a communications medium in an unexpected or unconventional
way in order to transmit information in an almost undetectable fashion.
Otherwise said, a covert data channel transfers arbitrary bytes between
two points in a fashion that would appear legitimate to someone
scrutinizing the exchange. (Bingham, 2006)
- Covert communications: subverting Windows applications
- By: D. Climenti, A. Fontes, A. Menghrajani (posted on September 14, 2007)
-
- Inside-Out Vulnerabilities, Reverse Shells
- By: Richard Hammer (posted on November 10, 2006)
-
Keeping data from leaking out of protected networks is becoming
increasingly difficult due to the increase of malicious code that sends
data from infected systems.
- Network Covert Channels: Subversive Secrecy
- By: Ray Sbrusch (posted on October 25, 2006)
-
Steganography is the practice of concealing information in channels
that superficially appear benign. The National Institute of Standards
and Technology defines a covert channel as any communication channel
that can be exploited
- Steganography: Why it Matters in a "Post 911" World
- By: Bob Gilbert (posted on October 31, 2003)
-
This paper discusses cryptography attempts that to conceal messages by
various translation methods that create new, unrecognizable messages.
- A Detailed look at Steganographic Techniques and their use in an Open-Systems Environment
- By: Bret Dunbar (posted on October 31, 2003)
-
This paper's focus is on a relatively new field of study in Information Technology known as Steganography.
- A Discussion of Covert Channels and Steganography
- By: Mark Owens (posted on October 31, 2003)
-
Although the current threat of steganographic technology appears to lag
its usefulness, the diligent information systems person needs to be
mindful of the security ramifications that a covert channel in their
enterprise carries.
- HTTP Tunnels Though Proxies
- By: Daniel Alman (posted on October 31, 2003)
-
This paper covers the topic of HTTP tunnels, the risks they pose, and
discusses how those risks can be limited with proper administration.
-
- from http://www.sans.org/reading_room/whitepapers/covert/