Documents

Here is a repository of various articles we have written over the years. With the kind permission of our publishers, we will also place our published works here. Please feel free to share any comments or suggestions you may have, and feedback and corrections are always welcome!

Security

A Day in the Life of a UNIX Security Bug v1.0 - 01 AUG 1997 - The process of reporting a UNIX security bug to the vendor.

Auditing SMTP, POP, and IMAP with Expect v1.0 - 18 AUG 2000 - Two scripts that demonstrate the power of Expect.

BGPv4 Security Risk Assessment - 11 JUN 2002 - The combined input of a lot of folks on risks to BGP4, the protocol that "runs" the Internet. Edited and largely written by Barry Greene of Cisco. I added a few bits. :)

The Bogon Reference - A wealth of information about bogons, IP routes that should not appear in the Internet routing table or as the source of IP packets. This list is handy for generating filters and the like, and includes dotted decimal notation, bit notation, Cisco ACLs, and Juniper prefix-list formats.

IPv6 Router Setting Reference - Includes IPv6 bogon filtering recommendations and other tips for filtering your IPv6 routers. Written and maintained by Team 6Bogon.

The Firewall Panacea v1.0 - 23 MAR 1998 - A critical look at a product that has become the ultimate faux panacea.

ICMP Packet Filtering v1.2 - 12 MAR 2003 - A guide that details the minimum ICMP message types that should be allowed into and out of any network.

IPSEC on Cisco - 19 AUG 2000 - A quick reference on configuring IPSEC on a Cisco router.

Monitoring DoS Attacks with the VIP Console and NetFlow - 21 MAY 2001 - This paper details a method for monitoring DoS attacks on Cisco routers that utilize the VIP cards and NetFlow.

Reality and Security Tools v1.0 - 30 SEP 1997 - A reminder that the tools are only as good as the authors and the users.

Solaris STREAMS and FW-1 v1.0 - 19 AUG 2000 - A brief discussion of how and where FW-1 inserts itself into the Solaris IP stack and some sample code to query and pop STREAMS modules.

Syslog Bug v1.0 - 02 JUL 1997 - Turning syslog into a malicious, disk filling daemon.

Team Cymru Templates - A series of template documents for securing your routers and services, formerly listed on this page, now with their own area.

Tuning Solaris for FireWall-1 v1.0 - 14 AUG 2000 - A discourse on properly tuning Solaris to serve as a router and platform for CheckPoint FireWall-1.

Tracking Spoofed IP Addresses v2.0 - 08 FEB 2001 - This paper details a method for tracking spoofed IP address attacks using common Cisco router commands and features.

UNIX IP Stack Tuning Guide v2.7 - 03 DEC 2000 - A guide designed to harden the UNIX IP stack against a variety of attack types found on the Internet today.


UNIX

AIX Crash Analysis Example v1.0 - 01 MAY 2000 - A sample of an AIX crash dump analysis which demonstrates the power of the crash command.

The Realities of NIS v1.0 - 13 NOV 1997 - A response to an overly enthusiastic NIS evangelist.

Writing optimal C programs under Solaris (and other Unix variants).

Creating shared libraries

How to determine if another process is alive from within a C program.

How to add a SVR4 package.

How to create a hidden sniffer.

How to prevent and log stack smashing.

How to set the SPEED and DUPLEX of a HME or QFE NIC.

How to read the output of netstat -k.

How to add an direct map to Sun's automounter.

How to add a Jaz drive to your Solaris workstation.

How to set the host to use the on-board MAC address instead of the MAC address in the PROM.


Networking

Cisco router performance tuning v1.0 - 01 SEP 2000 - A few tips designed to improve the performance of your Cisco router.

Speed comparison of various network links.

Fiber distances - A graphic that details the maximum distances of different GigE wiring specifications.

How to configure your Cisco router for multicast.

How to create RJ-45 loopback adapters.


Presentations

Here is a small sample of our public presentations. These are all in Adobe PDF or Microsoft PowerPoint format, easily viewed by most open- and closed-source office productivity suites.

BGP Security Update - Is the Sky Falling?, presentation by Barry Greene at NANOG 25 in Toronto, CA.

BGP Security, originally presented at Equinix Gigabit Peering Forum V, Chicago, IL, 8 May 2002.
ZIP compressed version

60 Days of Basic Naughtiness, originally presented at the Surfnet/CERT-NL security forum, Utrecht, The Netherlands, 16 March 2001.
ZIP compressed version

Trends in Denial of Service Attack Technology, co-authored with the CERT/CC. Originally presented at the CERT-Polska Security conference, Warsaw, Poland, November 2001.
ZIP compressed version

Hey, what does this button do?, What not to do during a DDoS attack, presented at the 2001 FIRST Conference, Toulouse, France, June 2001, and at the CERT-Polska Security conference, Warsaw, Poland, November 2001.
ZIP compressed version