.Mirror sites
.Security tools
.Mailing lists

Techniques Adopted By 'System Crackers' When Attempting To Break Into Corporate or Sensitive Private Networks
Network Security Solutions Ltd.; 1998; ASCII
This white paper was written to help give systems administrators and network operations staff an insight into the tactics and methodologies adopted by typical system crackers when targeting large networks.

Understanding Microsoft Proxy Server 2.0
NeonSurge - Rhino9; 1998; ASCII A paper on the MS Proxy Server features, architecture, etc.

Millenium Hacking (Hacking 2000)
CyberTech Security (UHF); 1998; ASCII A general HOWTO for hacking with a goal of showing what hacking was like at the end of the millenium.

Packets Found on an Internet
Bellovin, Steven M.; 1993; Postscript A very interesting paper describing the various attacks, probes, and miscellaneous packets floating past AT&T; Bell Labs' net connection.

Security Problems in the TCP/IP Protocol Suite
Bellovin, Steven M.; 1989; Postscript A broad overview of problems within TCP/IP itself, as well as many common application layer protocols which rely on TCP/IP.

There Be Dragons
Bellovin, Steven M.; 1992; Postscript Another Bellovin paper discussing the various attacks made on This paper is also the source for this page's title.

An Advanced 4.3BSD IPC Tutorial - PDF Version
Berkeley CSRG; date unknown; Postscript This paper describes the IPC facilities new to 4.3BSD. It was written by the CSRG as a supplement to the manpages.

NFS Tracing by Passive Network Monitoring
Blaze, Matt; 1992; ASCII Blaze, now famous for cracking the Clipper chip while at Bell Labs, wrote this paper while he was a PhD candidate at Princeton.

Network (In)Security Through IP Packet Filtering - PDF Version
Chapman, D. Brent; 1992; Postscript Why packet filtering is a difficult to use and not always a very secure method of securing a network.

An Evening with Berferd
Cheswick, Bill; 1991; Postscript A cracker from Norway is "lured, endured, and studied."

Improving the Security of your Unix System
Curry, David, SRI International; 1990; Postscript This is the somewhat well known SRI Report on Unix Security. It's a good solid starting place for securing a Unix box.

COPS and Robbers
Farmer, Dan; 1991; ASCII This paper discusses a bit of general security and then goes into detail reguarding Unix system misconfigurations, specifically ones that COPS checks for.

Improving The Security of Your System by Breaking Into It
Farmer & Wietse; date unknown; ASCII An excellent text by Dan Farmer and Wietse Venema. If you haven't read this before, here's your opportunity.

A Simple Active Attack Against TCP - PDF Version
Joncheray, Laurent; 1995; Postscript This paper describes an active attack against TCP which allows re-direction (hijacking) of the TCP stream.

Foiling the Cracker
Klein, Daniel; Postscript A Survey of, and Improvements to, Password Security. Basically a treatise on how to select proper passwords.

A Weakness in the 4.2BSD Unix TCP/IP Software
Morris, Robert T; 1985; Postscript This paper describes the much ballyhooed method by which one may forge packets a stink about it!

The Risks of Key Recovery, Key Escrow, and Trusted 3rd Party Encryption
Various Authors; May 1996; ASCII This paper examines the technical risks, costs, and implications of deploying systems that provide government access to encryption keys.

Thinking About Firewalls - PDF Version
Ranum, Marcus; Postscript A general overview of firewalls, with tips on how to select one to meet your needs.

Voyager; 1995; ASCII This is the FAQ from the internet news group Alt.2600. Deals with various topics concerning hacking and phreaking.

The Hacker's Handbook
Cornwall, Hugo; 1985; ASCII A book about hacking techniques, hacking intelligence, Networks, etc.

Crash Course in X-Windows Security
Unknown Author; Unknown Date; ASCII This document will help you learn about X-Windows Security and how to make it more secure.

Things that go Bump on the net
Unknown Author; Unknown Date; ASCII This is a brief look at some of the more colorful characters in the menagerie of network security threats, with an emphasis on how they relate to agent-based sytems.

Securing X Windows
Fisher, John; 1995; ASCII This document talks about how X-windows works, Host Authenticiation and Token Authenticiation, Xterm Vulnerablities and related security information.

A Unix Hacking Tutorial
Sir Hackalot; Unknown date; ASCII A Excellent hacking tutorial for the starting hacker or hacker-wanna-be.

The Neophyte's Guide to Hacking
Deicide; August 1993; ASCII Another guide for beginning hackers that talks about a wide range of topics.

Hacking Kit version 2.0 Beta
Invisible Evil; March 1997;ASCII A very detailed and well written guide for hackers. This document is also fairly up to date and includes examples and source code.

IP Hijacking
Laurant Joucheray; April 24, 1995; Postscript This paper discuesses the art of IP hijacking.

Linux security archives by date
Various Authors; March 1995 through October 1996; ASCII The Linux Security list-archives from March 1995 through October 1996.

Sockets Frequently Asked Questions
Vic Metcalfe; August 1996; ASCII (tarred and zipped) Socket Frequently Asked Questions includes many examples and source code.

Confidence Remains High Issues 1-6 + Summer Issue
Various Authors; Various Dates; ASCII (tarred and zipped) An excellent magazine discussing hacking, phone, radio, and more.

Common Insecurities Fail Scrutiny
*Hobbit*; January 1997 ; ASCII An analysis of TCP/IP NetBIOS file-sharing protocols is presented as well as the examination of protocol and administrative vulnerabilities.

Firewall Papers and Performance Issues - PDF Version
Various Authors; April 1997 ; Various Formats This is a small collection of Papers and source concerning firewalls and their performace.

Linux Stack OverFlows
Willy Tarreau; June 1997 ; HTML An HTML page with sample utilities describing stack overruns on Linux.

Hacking Unix Systems
Red Knight; October 1989 ; ASCII An Indepth Guide to Hacking UNIX and the Concept of Basic Networking.

Sequence Number Attacks
Rik Farrow; December 1994 ; ASCII A brief article that gives an overview of TCP sequence number attacks. (Includes rfc1948 which shows how to protecte against TCP sequence no. attacks.)

Buffer OverWrites
Various Authors; June 1997 ; Various Formats A collection of papers and utilities concerning the art of buffer overwriting.

Introduction to Internet Protocols
Charles L. Hedrick; July 1987; ASCII An introduction to the Internet networking protocols (TCP/IP).

A Novice's Guide to Hacking
The Mentor; December 1988; ASCII Another good source of reading for beginners.

Christopher Klaus; August 1997; ASCII A discussion of many common backdoors and ways to check for them.

Them and Us
Paul Taylor; June 1997; ASCII Chapter 6 of Paul Taylor's Hacker Book which talks about some of the ethics and boundaries of hacking.

The Design of a Secure Internet Gateway
Bill Cheswick; Unknown Date; Postscript This paper describes an internet gateway configuration that helps protect the internal network even if an external machine is compromised.

Some Problems with the FTP Protocol
David Sacerdote; April 1996; ASCII Discusses problems with the File Transfer Protocol, a failure of common implementations, and suggestions for repair.

Psychotic's Unix Bible
Virtual Circuit; Unknown Date; Zipped An excellent Unix resource to have. The Unix Bible contains and illustrates many Unix commands and their syntaxes.

The interaction of SSH and X11
Ulrich Flegel; September 1997; Postscript Thoughts concerning the security of SSH in conjunction with X11.

Beginners Guide to Hacking
Phantom; October 1997; ASCII An excellent guide with examples and text discussing getting access, hacking root, covering tracks, and much more.