The CERT Coordination Center

SANS (SysAdmin, Audit, Network, Security) Institute

Common Vulnerabilities and Exposures

ISS' X-Force™ security intelligence team

ICAT vulnerabilities database

Open Source Vulnerabilities DataBase

NEOHAPSIS network and security consulting

Computer Incident Advisory Capability

U.S. Department of Homeland Security

Virus Bulletin

Integrated Desktop Security

Research & Writings The Generic Virus

Computer Security Tools
The North American Network Operators' Group  
American Registry for Internet Numbers
Zone Lab Personal Firewall
PestPatrol  
Hardening Solaris Systems  
Titan - host-based security tool
Sun Microsystems

Solaris Operating Environment Minimization for Security
Solaris Operating Environment Network Settings for Security  
Solaris Operating Environment Security
JumpStart Architecture and Security Scripts for the Solaris Operating Environment - Part 1
JumpStart Architecture and Security Scripts for the Solaris Operating Environment - Part 2
JumpStart Architecture and Security Scripts for the Solaris Operating Environment - Part 3

Bastille-Linux Scripts to Secure Linux and HP-UX

Packet Storm
NFR Security, Inc.
The Security Portal for Information System Security Professionals
Security Tools

Enterasys Dragon Intrusion Defense System

image http://www.hackerstickers.com/products/stickers.shtml

Computer Security Tools
The North American Network Operators' Group  
American Registry for Internet Numbers
Zone Lab Personal Firewall
PestPatrol
Hardening Solaris Systems
Titan - host-based security tool
Sun Microsystems

Solaris Operating Environment Minimization for Security
http://www.sun.com/blueprints/1299/minimization.pdf

Solaris Operating Environment Security
JumpStart Architecture and Security Scripts for the Solaris Operating Environment - Part 1
JumpStart Architecture and Security Scripts for the Solaris Operating Environment - Part 2
JumpStart Architecture and Security Scripts for the Solaris Operating Environment - Part 3


Bastille-Linux Scripts to Secure Linux and HP-UX


Packet Storm  
NFR Security, Inc.
The Security Portal for Information System Security Professionals
Security Tools


Enterasys Dragon Intrusion Defense System

image

http://www.snort.org/
http://www.whitehats.com/
http://www.silicondefense.com/
http://cve.mitre.org/


http://www.cymru.com/Documents/index.html
http://www.cisco.com/warp/public/707/21.html
http://nsa2.www.conxion.com/cisco/download.htm

http://www.pentics.net/denial-of-service/
http://www.netscan.org/
http://www.powertech.no/smurf/
ftp://ftp.isi.edu/in-notes/rfc2267.txt

http://www.nessus.org/
Nessus Application Support


Ping of Death:

Description: gazillions of machines can be crashed by sending IP packets that exceed the
maximum legal length (65535 octets)



What's source routing?

Under normal conditions, the sender of a TCP/IP data packet exercises no control over how
the packet gets to its destination. The sender simply sends the packet and relies on
intermediate routers to dynamically select the best route, as determined by network traffic,
router availability and other factors. It's entirely possible that every packet going between
Point A and Point B could take a different route.



Source routing allows the sender of the packet to specify the route that a packet must take in
traveling to the destination. If the selected route is not available for any reason, the packet
would not be delivered. If the recipient replied to the packets, the response would follow the
same route.



Why is source routing a security problem?

Source routing is a legitimate activity in some cases. For instance, it can be used to discover
the IP addresses of routers within a network. However, it also has the potential for misuse. A
malicious user could use source routing to learn more about a network that he or she is
targeting for attack. Data packets contain information about where they have been and what
machines they have transited. A malicious user might send data into a network in order to
collect information about the network's topology. If he or she can perform source routing,
they can probe the network more effectively by forcing packets into specific parts of the
network.



Source routing also enables certain types of attacks. For example, suppose an attacker is
unable to attack Company A because it has a well-configured firewall, but learns that
Company B, which has no firewall, is allowed to directly connect to Company A behind its
firewall. Source routing would allow the attacker to direct packets to Company A via
Company B and circumvent the firewall.

Security Targets

Common Vulnerabilities and Exposures