Used by permission. Kevin Siers, North Carolina -- Editorial cartoons from the Charlotte Observer - Visit Kevin's archices.
Last updated: 17 July 2000
05:30 EDT
Contact info: ferguson@employees.org or dts@senie.com
Used by permission. Kevin Siers, North Carolina -- Editorial
cartoons from the Charlotte Observer - Visit
Kevin's archices.
Law Enforcement Contacts:
NIPC (National Infrstructure Protection Center)
http://www.nipc.gov/
NIPC: TRINOO/Tribal Flood Net (TFN)/tfn2k stuff
http://www.fbi.gov/nipc/trinoo.htm
U.S. Department of Justice, Computer Crime and Intellectual Property
Section (CCIPS)
http://www.cybercrime.gov/
Technical Information:
CERTŪ (Computer Emergency Response Team at CMU)
http://www.cert.org/
Cisco Systems: Distributed Denial of Service (DDoS) News
Flash, February 9, 2000
http://www.cisco.com/warp/public/707/newsflash.html
Cisco Systems: Internet Security Advisories
http://www.cisco.com/warp/public/707/advisory.html
Cisco Systems: Characterizing and Tracing Packet Floods
Using Cisco Routers
http://www.cisco.com/warp/public/707/22.html
Cisco Systems Product Security Incident Response (PSIRT)
http://www.cisco.com/warp/public/707/sec_incident_response.shtml
Cisco Systems: "Essential IOS" - Features Every
ISP Should Consider
http://www.cisco.com/public/cons/isp/documents/IOSEssentialsPDF.zip
Cisco Flow Logs and Intrusion Detection at the Ohio State
University
http://www.usenix.org/publications/login/1999-9/osu.html
Craig Huegen's very useful web page on minimizing the
effects of DoS attacks:
http://users.quadrunner.com/chuegen/smurf.cgi
Dave Dittrich's (University of Washington) analysis of the
recent DDoS attack tools
http://www.washington.edu/People/dad/
"Documenting
Special Use IPv4 Address Blocks that have been registered with IANA",
draft-manning-dsua-08.txt, Bill Manning, 1 May 2000.
DoD CERT Online
http://www.assist.mil/
Federal Computer Incident Response Capability (FedCIRC)
http://www.fedcirc.gov/
ICSA.net (International Computer Security Association)
http://www.icsa.net/
JMU WinTrin00 report
http://www.jmu.edu/info-security/engineering/issues/wintrino.htm
Know your enemy: Script Kiddies
http://www.enteract.com/~lspitz/enemy.html
Mitre's Cyber Resource Centre
http://www.mitre.org/research/cyber/
netscan.org
http://www.netscan.org/
Network World Fusion Research: Denial of Service attack resources
http://www.nwfusion.com/research/dos.html
Packet Storm
http://packetstorm.securify.com/
Smurf Amplifier Registry (SAR)
http://www.powertech.no/smurf/
RFC1918: "Address Allocation for Private Internets", Y. Rekhter, B.
Moskowitz,
D. Karrenberg, G. J. de Groot, E. Lear, February 1996.
http://www.ietf.org/rfc/rfc1918.txt
RFC1948: "Defending Against Sequence Number Attacks", S. Bellovin, May
1996.
http://www.ietf.org/rfc/rfc1948.txt
RFC2196: "Site Security Handbook", B. Fraser, September 1997.
http://www.ietf.org/rfc/rfc2196.txt
RFC2350 (BCP21): "Expectations for Computer Security Incident
Response", N. Brownlee,
E. Guttman, June 1998.
http://www.ietf.org/rfc/rfc2350.txt
RFC2644 (BCP34): "Changing the Default for Directed Broadcasts in
Routers",
D. Senie, August 1999.
http://www.ietf.org/rfc/rfc2644.txt
RFC2827 (BCP38): "Network Ingress Filtering: Defeating
Denial of Service Attacks which
employ IP Source Address Spoofing", P. Ferguson, D.
Senie, May 2000.
(Obsoletes RFC 2267)
http://www.ietf.org/rfc/rfc2827.txt
The SANS Institute: "Handling A Distributed Denial of
Service Trojan Infection: Step-by-Step."
http://www.sans.org/y2k/DDoS.htm
"Security Expectations for Internet Service Providers",
draft-ietf-grip-isp-expectations-03.txt,
T. Killalea, February 2000.
http://www.ietf.org/internet-drafts/draft-ietf-grip-isp-expectations-03.txt
"Security Checklist for Internet Service Provider (ISP) Consumers",
draft-ietf-grip-user-02.txt,
T. Hansen, June 1999.
http://www.ietf.org/internet-drafts/draft-ietf-grip-user-02.txt
"Site Security Handbook Addendum for ISP's",
draft-ietf-grip-ssh-add-00.txt, T. Debeaupuis,
August 1999.
http://www.ietf.org/internet-drafts/draft-ietf-grip-ssh-add-00.txt
SecurityFocus.com
http://www.securityfocus.com/
Pertinent mailing lists:
The North American Network Operators Group
http://www.nanog.org/mailinglist.html
Cisco NSP (Network Service Provider) list, hosted by Nether.Net
To subscribe to this list, send a message to cisco-nsp-request@puck.nether.net,
with "subscribe"
in the message body.
Cisco User's Mailing List, a.k.a. "Cisco@Spot"
The Cisco mailing list is maintained by David Wood of the University of Colorado.
To subscribe to this list, send your request to cisco-request@spot.colorado.edu, with
"subscribe" in the message body. Searchable archives of this mailing list
can be found
at http://www.nexial.com/mailinglists/
The CERTŪ Advisory Mailing List
http://www.cert.org/contact_cert/certmaillist.html
The Firewalls Digest mailing list
http://lists.gnac.net/firewalls/
Originally hosted for many years by Great
Circle Associates, it is now hosted by Global
Networking and
Computing. Searchable archives of this mailing
list can also be found at http://www.nexial.com/mailinglists/
BUGTRAQ
To subscribe to this list, send your request to listserv@lists.securityfocus.com,
with "subscribe bugtraq" in
the message body.
Questions or comments on this
page: ferguson@employees.org or dts@senie.com