3.0
Online references for ECT 582
Suggested background links.
Caution: Hacker and virus information links are prime locations for viruses, and for hackers to have fun. (Hacker humor.) Be sure your firewall is up to date, and your browser set to high restriction.
  1. Good Firewall FAQ Thanks Shoma.
  2. Purdue Index to security materials, tools, software. Great resource site.
  3. Code Red, Nimda, etc. papers.
  4. Library of Security Papers, including this one Virus Generators
  5. CAUTION! Virus Creation Toolkits You should know that such sites exist. Online Virus creation and Information about Virus constructors
  6. Virus Hoaxes
  7. IETF Working Group on intrusion detection.
  8. Network Scanners like SATAN, etc. Download links. Review at will, but use at your own discretion.
  9. Key Logging Software Note: use at your own risk. I have not tested this free download product.
  10. MS Passport Vulnerability Short-lived, but damaging.
  11. Case study of a WORM that Beagle Worm. Jason Gordon, and Part 2 Long.
  12. General Attacks discussed at CKNOW.COM Computer Knowledge Newsletter. Non-technical with examples (but from 2002).
  13. Some reviews of Denial of Service Attack solutions.
  14. NAPTHA Denial of Service / Resource Starvation attack.
  15. Denial of Service Attack Russian Mafia and NFL Gambling. And Here
  16. Replacements for Passwords relatively long, non-technical, article.
  17. Data Security Standard Visa. Standards for keeping credit card information safe. (Thanks J. Lambertson)
  18. phishing with keylogging
  19. Phishing Archive
  20. DNS hijack example
  21. DNS Hijack Technical article. Thanks J. Berry.
  22. Web Services White Paper April 7th, 2002, IBM and Microsoft. Good examples, and sub-links. Thanks Ouglis.
  23. RFID Passports not encrypted -- thanks Brendan for topic. Contrasting view
  24. X.500 directory overview with useful graphics. Links to tutorials.
  25. Kerberos explained very carefully Brian Tung, of ISI.
  26. SAML myths demystified Frank Cohen, PushToTest.com. 08 July 2003.
  27. SSL / TLS home site for IETF standards group. Recommended to browse.
  28. OpenPGPG for SSL / TLS recommended to browse.
  29. Rosenberg / Remy public key technologies. XML Security Guide online.
  30. Microsoft Passport home site.
  31. simple .NET introduction and pointers to related information at microsoft.
  32. Liberty Alliance Project for federated trust -- structured sharing of identity and trust information.
  33. xmethods.net explore working web services online. Thanks JD.
  34. Web Services Interoperability
  35. Web Services white paper by Brian Robinson, Sept. 20, 2004.
  36. Phillip Hallam-Baker, Verisign Web Services. Powerpoint. 2005-04-10
  37. Mark Colan / Jeff Miller Understanding Web Services Security. 2005-04-10
  38. IBM Web Services Roadmap Older article from 04-2005. IT overview of WSS. 2005-04-10.
  39. Digital Signatures: THE reference
  40. XPath Filter 2.0 TR's (Technical Reports)
  41. Tutorial on XQuery -- good reading
  42. XPATH -- easy to understand examples
  43. XML Signature Really should be required reading.
  44. 16 year old cracks DVD code for linux.
  45. Why Cryptography Is Harder Than It Looks by Bruce Schneier, Counterpane Internet Security, Inc.
  46. Dr. Phillip M. Hallam-Baker C.Eng. FBCS VeriSign Inc. Web Services Security Standards Forum
  47. The Bea-webServices.ppt link. School of Business and Economics Michigan Technological University.
  48. xacml
  49. Securing Web Services using XKMS Discusses that this is java based, and not part of .net at the time of writing.
  50. Patrick Gannon PPT slides www.layer7-tech.com
  51. Mayors Conference PPT