Network Security/Computer Security

Network Security/Computer Security Reading List

Computer Security in Real World , Butler Lampson.
Internet security , Rolf Oppliger, Communications of the ACM May 1997
B. Clifford Neuman and Theodore Ts'o. Kerberos: An Authentication Service for Computer Networks, IEEE Communications, 32(9):33-38. September 1994.
"Risks of Passwords" by Peter Neumann. Page 126, Communications of the ACM, April 1994, Vol 37, No. 4
User Authentication Scheme Not Requiring Secrecy in the Computer . Arthur Evans, Jr., William Kantrowitz, and Edwin Weiss. pages 437--442, Communications of the ACM, August 1974, Vol 17, Number 8
David Mazieres and M. Frans Kaashoek. "The design, implementation and operation of an email pseudonym server. In the Proceedings of the 5th ACM Conference on Computer and Communications Security (CCS-5), San Francisco, California, November 1998, pages 27-36
Distributed Firewall , Steven M. Bellovin, ;login:, November 1999.
Security Architecture for Internet Protocol , RFC 2401.

Practical Network Support for IP Traceback , Stefan Savage, David Wetherall, Anna Karlin and Tom Anderson, SIGCOMM 2000.
Hash-Based IP Traceback , Alex C. Snoeren, Craig Partridge, Luis A. Sanchez, Christine E. Jones, Fabrice Tchakountio, Stephen T. Kent, and W. Timothy Strayer. SIGCOMM 2001.
Advanced and Authenticated Marking Schemes for IP Traceback , D. Song and A. Perrig. In IEEE Infocomm 2001.

FireWall Resources on the Internet
The HoneyNet Project Interesting project - To learn the tools, tactics, and motives of the blackhat community, and share those lessons learned.
John the Ripper -- password cracker Don't use it for fun or on unauthorized systems.
W3 Security Resources
Some Unix Network Security tools

Charlie Kaufman, Radia Perlman and Mike Speciner, Network Security , Prentice-Hall PTR, 1995.
William R. Cheswick and Steven M. Bellovin, Firewalls & Internet Security

sacg@acm.org