Internet Security Whitepapers

Bypassing Firewall - Firewall Piercing (Inside-Out Attacks)

Internet Security Whitepapers Evading IDS Firewall and Honeypot

A Covert Channel is a communication channel that allows a process to transfer information in a manner that violates the system’s security policy; without alerting any firewalls and IDS’s on the network. The technique derives its stealthy nature by virtue of the fact that it sends traffic through ports that most firewalls will permit through.

Bypassing Firewalls: Tools and Techniques

Internet Security Whitepapers Evading IDS Firewall and Honeypot

This paper highlights a very important problem with network perimeter firewalls. The threat discussed is not exactly new, but neither is it widely recognised- even amongst network security professionals. Most commercial firewalls claim to be application layer devices, but they derive very little useful information about the context of the application traffic that passes through them. Malicious applications can misuse even the simplest protocols in a way that totally bypasses the firewall’s controls. This paper describes the methods of simple protocol tunnels, and shows how they can be applied. It also considers ways to counter this threat, and suggests that architectures based on military security principles and IPSec can improve security dramatically.

Callback Adaptation Techniques

Internet Security Whitepapers VoIP Hacking

The callback adaptation problem was encountered whilst doing a port of the PortAudio API on ASIO API. PortAudio is a cross-platform library that provides streaming audio input and output, ASIO is a Macintosh and Windows API that provides streaming audio input and output. Both API are callback based, but may use audio buffers of different size. This document presents an algorithm developed to allow adaptation between the 2 callback systems.

CAN-SPAM Act of 2003 - United States of America

Internet Security Whitepapers Hacking Laws

To regulate interstate commerce by imposing limitations and penalties on the transmission of unsolicited commercial electronic mail via the Internet.

Cisco Router Guide

Internet Security Whitepapers Hacking Routers, Cable Modems and Firewalls

This guide shows how Cisco Access Routers, Cisco Aggregation Routers, and Cisco Integrated Services Routers enable you to meet your current and future needs with modular designs, allowing incremental migration as your business and network requirements change. In this guide, you can see for yourself how Cisco delivers benefits beyond basic data access, providing services such as voice, security, and wireless as part of an integrated routing system that maximizes productivity and investment protection.

Cisco Router Security Best Practices

Internet Security Whitepapers Hacking Routers, Cable Modems and Firewalls

This document provides Guideline for securing a typical enterprice perimeter (Gateway) router. Security issues related to routing protocols (BGP, OSPF, RIP, VRRP) are beyond the scope of this document.

Cisco Routers as Targets

Internet Security Whitepapers Hacking Routers, Cable Modems and Firewalls

Why we need to protect router resources? Often the "heart" of the network; Gaining a lot more attention from attackers; Few procedures on hardening Cisco routers; Routers are much slower to get upgraded to solve security bugs; Many ISP's are still running custom code from Cisco for older 10.X and 11.X trains; Few people monitor their configurations regularly; Few security measures in place; There are millions of them.

Common Denial of Service Attacks

Internet Security Whitepapers Denial of Service

This paper will examine various denial of service attacks and network defense measures taken against them. A historical look at the evolution of these attacks from different flood attacks to zombie driven botnet attacks will shed light on their increasingly more sophisticated design and the networking community efforts to combat them. The current technology, motivation and future trends of distributed denial of service botnet attacks will be also be presented.

Computer Attack and Cyber Terrorism: Vulnerabilities and Policy Issues for Congress

Internet Security Whitepapers Cyber Warfare and Terrorism

Many Pentagon officials reportedly believe that future adversaries may be unwilling to array conventional forces against U.S. troops, and instead may resort to "asymmetric warfare",where a less powerful opponent uses other strategies to offset and negate U.S. technological superiority. Also, partly because the U.S. military relies significantly on the civilian information infrastructure, these officials believe that future conflictsmaybe characterized bya blurring in distinction between civilian and military targets. As a consequence, they believe that government and civilian computers and information systems are increasingly becoming a viable target for opponents of the U.S., including international terrorist groups.

Computer Crimes Act 1997

Internet Security Whitepapers Hacking Laws

An Act to provide for offences relating to the misuse of computers.