Reading Room Categories

Other SANS Locations:

GIAC
Incidents.org
Intrusion Detection FAQ
SANS Home
SANS Bookstore

Potential Vulnerabilities of Timbuktu Remote Control Software
David Batz
October 9, 2002

e-News: An 'Open' Portal Policy
Robert B. Fried
August 13, 2002

Cyber Scam Artists: A New Kind of .con
Robert Fried
June 12, 2002

Buffer Overflows for Dummies
Josef Nelißen
May 1, 2002

SSL Man-in-the-Middle Attacks
Peter Burkholder
February 1, 2002

The Instant Messaging Menace: Security Problems in the Enterprise and Some Solutions
Dan Frase
January 31, 2002

Cross-Sight Scripting Vulnerabilities
Mark Shiarla
January 9, 2002

ICMP Attacks Illustrated
Christopher Low
December 11, 2001

Remote Access White Paper
Ken Stasiak, CISSP
November 28, 2001

Internal Threat – Risks and Countermeasures
Jarvis Robinson
November 15, 2001

Address Resolution Protocol Spoofing and Man-in-the-Middle Attacks
Robert Wagner
September 27, 2001

Free InfoSec Training, Compliments of History
Chris Bachmann
September 21, 2001

Analysis of FTP Hijack
Phong Huynh
September 19, 2001

Outsourcing and the Increased Dangers of ‘Dial Up’Access
Paul Jenkinson
September 15, 2001

Spoofed IP Address Distributed Denial of Service Attacks: Defense-in-Depth
Steven H. Bass
September 12, 2001

Peer-to-Peer Security and Intel’s Peer-to-Peer Trusted Library
Chris McKean
August 20, 2001

Instant Messaging: How Secure Is It?
Susan Willner
August 19, 2001

The Changing Face of Distributed Denial of Service Mitigation
Justin Stephen
August 16, 2001

Defending Against Code Red II Using Symantec NetProwler and Intruder Alert
Kenneth Donze
August 15, 2001

Electromagnetic Attack: Is Your Infrastructure and Data at Risk?
Michael B. Hayden
August 10, 2001

Unicode Vulnerability – How & Why?
Andrew Brannan
August 7, 2001

Cyber-stalking, Privacy Intrusion at It’s Scariest
Pamela Valentine
July 27, 2001

An Overview of Gnutella
Brenda L. Batkins
July 27, 2001

Vulnerability Assessments: The Pro-active Steps to Secure Your Organization
Robert Boyce
July 12, 2001

Kernel Rootkits
Dino Dai Zovi
July 4, 2001

Aspects of Biological Evolution and Their Implications for Unix Computer Security
Michael Folsom
July 3, 2001

Big Brother is Watching: An Update on Web Bugs
Steve Nichols
July 3, 2001

Spoofing: An Overview of Some the Current Spoofing Threats
Neil B. Riser
July 1, 2001

A General Overview of Attack Methods
Vincent Vono
June 25, 2001

Open File Shares: An Unexpected Business Risk
Jaime Carpenter
June 21, 2001

Understanding and Guarding Against Rootkits
Mark Carney
June 20, 2001

SADMIND/IIS Worm
Nancy L. Feder
June 12, 2001

Cisco IOS Vulnerability Results in Unexpected Reload
James Born
June 12, 2001

When Abuse Becomes Criminal: An Analysis of the Security Professional’s Responsibilities in Dealing With Cyber Problems of Various Severities
Alec Nisbet
May 24, 2001

Good News, Bad News: The Infosec Issues of Usenet
Bob Long
May 22, 2001

Instant Messaging. How Dangerous Is It?
Stuart A. Levine
May 19, 2001

The Truth About ICMP
Lindsay van Eden
May 17, 2001

A Call to Digital Arms
David A. Woody
May 16, 2001

Offline NT Password & Registry Editor: An Administrator Tool that Compromises Security
John J. Orsini
May 12, 2001

Windows, NTFS and Alternate Data Streams
Damon Martin
May 9, 2001

Email Wiretap
Carolyn A. Davenport
May 2, 2001

Web Spoofing
Paul O’Brien
April 25, 2001

Internet Relay Chat – Pros, Cons and Those Pesky Bots
James Etherton
April 24, 2001

Don’t Let Hackers Gather Your Information
Robert Maheu
April 15, 2001

Stick And Network Signature Based Intrusion Detection
Steve Howard
April 11, 2001

Basics of CGI Security: Common Gateway Interface, CGI, at a Glance
Jeffrey McKay
April 8, 2001

Understanding DDOS Attack, Tools and Free Anti-tools with Recommendation
DeokJo Jeon
April 7, 2001

Adore Worm – Another Mutation
J. Anthony Dell
April 6, 2001

Semantic Attacks – What’s in a URL?
Richard Siedzik
April 6, 2001

The Importance of the Ramen Worm
Paul W. DePriest
April 4, 2001

Analysis of a Telnet Session Hijack via Spoofed MAC Addresses and Session Resynchronization
Ed Norris
March 20, 2001

An Analysis of Fragmentation Attacks
Jason Anderson
March 15, 2001

ShareSniffer: An Interesting Look at Data Sharing
Jeremy Shane Horn
March 12, 2001

Denial of Service Attacks - DDOS, SMURF, FRAGGLE, TRINOO
B.K.Lokesh
March 1, 2001

PC Week Hack of 1999
Shawn Balestracci
February 26, 2001

Development of Exploits for CVE-2000-0666
Jon Lasser
February 26, 2001

Man-In-the-Middle Attack - A Brief
Bhavin Bharat Bhansali
February 16, 2001

"Web Server Folder Traversal" vulnerability (MS00-078)
Steven Shields
February 13, 2001

SNMP Vulnerabilities
Lookman Y. Fazal
December 26, 2000

Protecting Network Infrastructure at the Protocol Level
Curt Wilson
December 15, 2000

Computer Crime: The Insecurity of Your Network
Steven A. Sandberg
December 14, 2000

FTP and the Warez Scene
Shelli Crocker
December 14, 2000

A Real Vulnerability: Rogue System Libraries and Binaries
Manny D. Peterson
December 14, 2000

The Coroners Toolkit: A Handy Suite of Utilities
Mike Wagner
December 13, 2000

The Microsoft OOTBS Got You Down?  Smile – There is Treatment
Becky Cosby
December 13, 2000

NAPTHA: A new type of Denial of Service Attack
Brandi Copans
December 10, 2000

Information Security Reconnaissance: Journey to Mordor (a.k.a. Know Your Enemy)
Fred Hill
December 7, 2000

Defending Networks from SYN Flooding In Depth
Adam L. Rice
December 6, 2000

Understanding Computer Break-Ins
Wiletta DeVaughn
December 6, 2000

The Default Password Threat
Walter Opaska
December 4, 2000

The Naptha Denial-of-Service Vulnerabilities
Sven Peterson
December 3, 2000

Defenses Against Distributed Denial of Service Attacks
Gary C. Kessler
November 29, 2000

Risk, Vulnerability Assessments, PDD 63 and Risk Management – An Overview
Thomas P. Lardner, Jr.
November 22, 2000

WU-FTP Your Way To Root
Michael Sparks
November 21, 2000

Introduction to IP Spoofing
Victor Velasco
November 21, 2000

Buffer Overflows: Why, How and Prevention
Nicole LaRock Decker
November 13, 2000

Why Place Your Web Servers On the Web?
Darrin Mourer
November 8, 2000