docLiteraturverzeichnis
download 
Report Transcription
Literaturverzeichnis
“firewall” — 2006/1/4 — 15:26 — page 617 — #636 Literaturverzeichnis [1] Linux Standard Base Specification 1.0.0 http://www.linuxbase.org/spec/ [2] Paul Russel, »IPCHAINS-HOWTO«, zu finden unter /usr[/share]/doc/howto oder http://people.netfilter.org/~rusty/ipchains/ [3] Rusty Russel, »Linux 2.4 Packet Filtering HOWTO«, zu finden unter http://netfilter.filewatcher.org/unreliable-guides/index.html [4] Rusty Russel, »Linux 2.4 NAT HOWTO«, zu finden unter http://netfilter.filewatcher.org/unreliable-guides/index.html [5] Marc Grennan, »Firewall and Proxy Server HOWTO«, zu finden unter /usr[/share]/doc/howto oder http://www.grennan.com/Firewall-HOWTO.html [6] Simson Garfinkel, Gene Spafford, »Practical UNIX and Internet Security«, O’Reilly, 1996 [7] D. J. Bernstein, »SYN cookies« http://cr.yp.to/syncookies.html [8] Scott Wunsch, »Chroot-BIND HOWTO v1.5«, 1. Dezember 2001, http://www.losurs.org/docs/howto/Chroot-BIND.html http://tldp.org/HOWTO/Chroot-BIND-HOWTO.html [9] »DVD+RW/+R/-R[W] for Linux«, August 2004, http://fy.chalmers.se/~appro/linux/DVD+RW/ [10] Michael D. Bauer, »Linux Server Security«, 2nd Edition, O’Reilly, 2005 [11] John Borland, »Hacker smears Web sites with pro-Napster messages«, CNET News, 7. September 2000, http://news.com.com/2100-1023-245470.html | 617 “firewall” — 2006/1/4 — 15:26 — page 618 — #637 [12] Peter van Dijk, »How we defaced www.apache.org«, Bugtraq 4. Mai 2000, Auf den Seiten von Security-Focus ist die Bugtraq-Mail nicht mehr zu finden, es existieren Server, auf denen sich Kopien dieses Artikels befinden. Zum Beispiel: http://www.dataloss.net/papers/how.defaced.apache.org.txt [13] Hubert Erb, »Die Cyberspace-Fallen des FBI«, Telepolis 15.5.2001, http://www.heise.de/tp/r4/artikel/7/7634/1.html [14] Steve Gibson, »The Strange Tale of the Denial of Service Attacks against GRC.COM«, Gibson Research Corporation, April 2001, http://grc.com/dos/grcdos.htm [15] Steve Gibson, »DRDoS – Distributed Reflection Denial of Service«, Gibson Research Corporation, 22. Februar 2002, http://grc.com/dos/drdos.htm [16] Kevin J. Houle, George M. Weaver, »Trends in Denial of Service Attack Technology«, CERT Coordination Center, October 2001, http://www.cert.org/archive/pdf/DoS_trends.pdf [17] Craig A. Huegen, »The Latest in Denial of Service Attacks: ‚Smurfing‘ «, Die Originalquelle ist nicht mehr verfügbar, aber eine Suche mit Google findet schnell Server, auf denen eine Kopie zu finden ist, z. B.: http://www.governmentsecurity.org/articles/ THELATESTINDENIALOFSERVICEATTACKSSMURFING.php (Dies ist eine Zeile, der Umbruch war aus drucktechnischen Gründen notwendig.) [18] Robert G. Ferrell, »Have Root, Will Hack – 80 Agonizing Hours in the life of an Information Systems Security Officer«, Security Focus, 13. Juni 2000, http://www.securityfocus.com/infocus/1256 [19] Fyodor, »The Art of Port Scanning«, http://www.insecure.org/nmap/nmap_doc.html [20] Fyodor, »Remote OS detection via TCP/IP Stack Fingerprinting«, Phrack Magazine 54, http://www.phrack.org/show.php?p=54&a=9 [21] Inoshiro, »Auditing kuro5hin«, http://www.kuro5hin.org/?op=displaystory;sid=2000/4/24/72315/1468 [22] Laurent Joncheray, »A simple Attack against TCP«, Merit Network Inc., 24. April 1995, http://www.deter.com/unix/papers/tcp_attack.pdf [23] Toby Miller, »Analysis of the T0rn rootkit«, SANS Institute 2000, http://www.sans.org/y2k/t0rn.htm (t0rn wird t - NUll - r - n buchstabiert) 618 | Literaturverzeichnis “firewall” — 2006/1/4 — 15:26 — page 619 — #638 [24] Viktor Mraz, Klaus Weidner, »Falsch verbunden – Gefahr durch DNS-Spoofing«, c’t 10/97, S. 286 [25] Peter Münster, »local user can delete arbitrary files on SuSE-Linux«, Bugtraq 21.4.2000, http://cert.uni-stuttgart.de/archive/bugtraq/2000/04/msg00152.html [26] Noel, »Cracked!«, http://rootprompt.org/article.php3?article=403 [27] Aleph One, »Smashing The Stack For Fun And Profit«, Phrack Vol. 7, Issue 49, 8. November 1996, http://www.phrack.org/show.php?p=49&a=14 [28] Rain Forest Puppy, »How I hacked PacketStorm«, Advisory RFP2K01, 19.5.2000, http://www.securityfocus.com/advisories/2234 [29] Marcus J. Ranum, »artificial ignorance: how-to guide«, Firewall Wizards Mailing List, 23.9.1997, http://www.ranum.com/security/computer_security/papers/ai/ http://archives.neohapsis.com/archives/nfr-wizards/1997/09/0098.html [30] Greg Sandoval, Troy Wolverton, »Leading Web sites under attack«, CNet News, 9. Februar 2000, http://news.com.com/2100-1017-236683.html [31] »Security Advisory, BIND Vulnerabilities and Solutions«, Secure Networks Inc & CORE Seguridad de la Informacion, 22. April 1997 [32] Richard M. Smith, »The Web Bug FAQ«, 11. November 1999, http://www.eff.org/Privacy/Marketing/web_bug.html [33] Chris Oakes, »Word Docs With Ears?«, Wired News, 31.August 2000, http://www.wired.com/news/technology/0,1282,38516,00.html [34] Clifford Stoll, »Kuckucksei – Die Jagd auf die deutschen Hacker, die das Pentagon knackten«, S. Fischer Verlag GmbH, 1989 [35] Tyler, »My experience with being cracked«, Rootprompt.org, 19. Juli 2000, http://rootprompt.org/article.php3?article=678 [36] Wietse Vennema, »TCP WRAPPER – Network monitoring, access control, and booby traps.«, Eindhoven University of Technology, ftp://ftp.porcupine.org/pub/security/tcp_wrapper.txt.Z [37] Jonathan Wilkins, »Taranis«, Phrack Vol. 11 Issue 57, 11. August 2001 http://www.phrack.org/show.php?p=57&a=6 [38] »Hacker Posts Credit Card Info«, Wired News, 10. Januar 2000, http://www.wired.com/news/technology/0,1282,33539,00.html Literaturverzeichnis | 619 “firewall” — 2006/1/4 — 15:26 — page 620 — #639 [39] »Three Kazak Men Arrested in London for Hacking into Bloomberg L.P.’s Computer System«, Pressemitteilung des U.S. Department of Justice, 14. August 2000, http://www.usdoj.gov/criminal/cybercrime/bloomberg.htm [40] James Troup, »more details on the recent compromise of debian.org mirrors«, 28. November 2003, http://lists.debian.org/debian-devel-announce/2003/ debian-devel-announce-200311/msg00012.html (Dies ist eine Zeile, der Umbruch war aus drucktechnischen Gründen notwendig.) http://www.wiggy.net/debian/explanation [41] David Barroso Berrueta, »The Rise of the Spammers«, 26. Sptember 2003, Die Originalquelle ist nicht länger verfügbar, aber es existieren noch Server, auf denen Kopien zu finden sind. Zum Beispiel: http://www.infosecwriters.com/text_resources/pdf/spammers.pdf http://www.securitydocs.com/library/676 [42] »Dialer – Die Tricks unseriöser Anbieter«, Dialerschutz.de, Webseite besucht am 12.12.2003, http://www.dialerschutz.de/home/Tricks/body_tricks.html [43] »Gator Information Center«, PC Pitstop, Webseite besucht am 12.12.2003, http://www.pcpitstop.com/gator/default.asp [44] Steve Gibson, »The Anatomy of File Download Spyware«, Gibson Research Corporation, 14.7.2000, http://www.grc.com/downloaders.htm [45] Alexey Podrezov, »F-Secure Virus Descriptions: Xombe«, F-Secure Corporation, 9.1.2004, http://f-secure.com/v-descs/xombe.shtml [46] Alexey Podrezov, »F-Secure Virus Descriptions: SubSeven«, F-Secure Corporation, 1998 – 2001, http://www.f-secure.com/v-descs/subseven.shtml [47] Scott Gettis, »Backdoor.Tofger«, Symantec Corporation, 15.12.2003, http://www.symantec.com/avcenter/venc/data/backdoor.tofger.html [48] Peter Szor, »F-Secure Virus Descriptions: Ska«, F-Secure Corporation, 1999, http://www.f-secure.com/v-descs/ska.shtml [49] Motoaki Yamamura, »W32.DoS.Trinoo«, Symantec Corporation, 22.2.2000, http://www.symantec.com/avcenter/venc/data/w32.dos.trinoo.html [50] Eric Chien, »PWSteal.Freemega«, Symantec Corporation, 12.1.2004, http://www.symantec.com/avcenter/venc/data/pwsteal.freemega.html 620 | Literaturverzeichnis “firewall” — 2006/1/4 — 15:26 — page 621 — #640 [51] Alexey Podrezov, »F-Secure Virus Descriptions: Sober.C«, F-Secure Corporation, 21.12.2003, http://www.f-secure.com/v-descs/sober_c.shtml [52] Douglas Knowles, »Trojan.Qhosts«, Symantec Corporation, 4.10.2003, http://securityresponse.symantec.com/avcenter/venc/data/trojan.qhosts.html [53] Alexey Podrezov, Katrin Tocheva, »F-Secure Virus Descriptions: Webber«, F-Secure Corporation, 11.11.2003, http://www.f-secure.com/v-descs/webber_a.shtml [54] »F-Secure Virus Descriptions: Fakerr«, F-Secure Corporation, 16.7.2003, http://www.f-secure.com/v-descs/fakerr.shtml [55] »F-Secure Virus Descriptions: Fizzer«, F-Secure Corporation, 9.5.2003, http://www.f-secure.com/v-descs/fizzer.shtml [56] Kevin Poulsen, »Rise of the Spam Zombies«, The Register, 13.12.2003, http://www.theregister.co.uk/content/55/30414.html [57] »Reverse-Proxy Spam Trojan – Migmaf«, LURHQ Corporation, 11.7.2003 http://www.lurhq.com/migmaf.html [58] »Virus attack on PC downloaded kiddie porn«, The Inquirer, 18.4.2003 http://www.theinquirer.net/?article=9023 [59] Florian Rötzer, »Der Trojaner ist Schuld«, Telepolis, 11.8.2003 http://www.heise.de/tp/deutsch/inhalt/te/15422/1.html [60] Cristiano Lincoln Mattos, »Security flaw in Linux 2.4 IPTables using FTP PORT«, Tempest Security Technologies, 2001, http://www.netfilter.org/security/2001-04-16-ftp.html [61] »Cisco Secure PIX Firewall FTP Vulnerabilities«, Cisco, 2000, http://www.securityfocus.com/advisories/2133 [62] Jozsef Kadlecsik, Harald Welte, »IRC connection tracking opens unwanted ports«, The Netfilter Project, 25. Feb 2002, http://www.netfilter.org/security/2002-02-25-irc-dcc-mask.html [63] John Leyden, »Office workers give away passwords for a cheap pen«, The Register, 18.4.2003 http://www.theregister.co.uk/2003/04/18/office_workers_give_away_passwords/ [64] John Leyden, »Brits are crap at password security«, The Register, 20.4.2004 http://www.theregister.co.uk/2004/04/20/password_surveys/ [65] Sarah Granger, »Social Engineering Fundamentals, Part I: Hacker Tactics«, Security Focus, 18.12.2001 http://www.securityfocus.com/infocus/1527 Literaturverzeichnis | 621 “firewall” — 2006/1/4 — 15:26 — page 622 — #641 [66] »Kevin Mitnick«, Wikipedia, 16.9.2005 http://en.wikipedia.org/wiki/Kevin_Mitnick [67] Israel, »Introducing social engineering to the workplace«, Lineman.Net, 22.3.2004, http://lineman.net/article136.html [68] Israel, »Penetration Testing Using Social Engineering (Part 1)«, Lineman.Net, 14.5.2004, http://lineman.net/node/270 [69] »Phishing«, Wikipedia, 15.9.2005 http://en.wikipedia.org/wiki/Phishing [70] Alfred Krüger, »Auftragswürmer für die Mafia«, Telepolis, 19.4.2005. http://www.heise.de/tp/r4/artikel/19/19913/1.html [71] Brian Krebs, »Technology Fueling Wave of Phishing Scams«, Washington Post, 18.1.2005, http://www.washingtonpost.com/ac2/wp-dyn/A17680-2005Jan18 [72] »Strategiewechsel bei Wurmautoren: Weniger auffallen, mehr Kontrolle«, Heise Newsticker, 15.4.2005, http://www.heise.de/newsticker/meldung/58614 [73] » Wurm hört Netzwerkverkehr ab«, Heise Newsticker, 15.9.2004 http.//www.heise.de/newsticker/meldung/51099 622 | Literaturverzeichnis
