Featuring 34 Papers as of December 16, 2013
Scott Christie - December 16, 2013
Wardriving requires a computer system with the proper tools installed and a Wi-Fi receiver. Locating Wi-Fi access points has evolved from lugging large computers around in cars, to wardriving apps on smartphones such as WiGLE Wi-Fi Service for Android devices (WiGLE, 2013).
SOHO Remote Access VPN. Easy as Pie, Raspberry Pi... Masters
Eric Jodoin - December 5, 2013
Free, unencrypted Wireless Access Points (WAPs) have proliferated and are now found in various locations including restaurants, libraries, schools, hotels, airports, etc.
Comparative Risk Analysis Between GPON Optical LAN and Traditional LAN Technologies
Jason Young - November 11, 2013
Gigabit Passive Optical Networks or "GPON" as promoted by vendors like Tellabs and Zhone Technologies operates quite differently from traditional Ethernet when providing LAN communications in a fiber to the desktop (FTTD) architecture (Tellabs, n.d.b).
Shedding Light on Security Incidents Using Network Flows
Kevin Gennuso - May 16, 2012
Incident handlers, and information security teams in general, face significant challenges when dealing with incidents in modern networks.
The Afterglow effect and Peer 2 Peer networks Masters
Jerome Radcliffe, - August 25, 2010
Overall there is room to grow in the area of P2P connection research. This limited study only looked at a small area of P2P interactions. There are an ever‐ growing number of BitTorrent clients and all of them handle the protocol differently. These differences could greatly impact every area of P2P communications, all of which are areas that could be grounds for research. Further research of how P2P clients interact could provide additional ways to increase efficiency and provide enhanced security.
An Open Source Layer 2 Switch
Jim Wilson - May 4, 2010
Small networks tend to grow and often times the growth is unplanned. The result is a network of daisy-chained switches, not the most reliable solution for a multi switch environment. What is needed is a solution which integrates all switches into a single collision domain or IP space. Most administrators would look at a Cisco solution at this point, but maybe we can use a Linux box instead. The Linux bridging software allows us to create a single LAN segment and combined with other Open Source software provide management and monitoring capabilities.
Hey Dude! I Can Do a Great Humphrey Bogart!
Lee Peterson - November 11, 2009
This paper will present a fictitious router impersonation scenario wherein a router is duped into believing an imposter is a router that is already known and trusted. As a result, his routing tables are overwritten and traffic gets re-routed.
Are Network Designs Ready for a Pandemic?
Alan R. Mercer - April 27, 2009
This paper will investigate the network planning and design considerations that would be affected by the operational impacts of an avian flu pandemic upon a typical organization
Auditing and Securing Multifunction Devices Masters
Charles Scott - October 15, 2007
It used to be that a printer was connected directly to a computer via a serial or parallel interface, while fax machines and copiers did not connect to a computer at all. You knew where these devices were in your buildings and securing their physical output was your primary concern. In today's all-in-one world, you can now obtain single devices that are not only printers, but also copiers, scanners, and fax machines. These networked multifunction devices (MFDs) are increasingly common in enterprise environments and are manufactured by vendors such as Canon, HP, Kyocera, Xerox, and many others.
Packet Sniffing In a Switched Environment
Tom King - January 18, 2007
This paper focuses on the threat of packet sniffing in a switched environment, briefly explores the effect in a non-switched environment, and covers ways to mitigate the threat of network sniffing in both non-switched and switched environments.
A Survey of Wireless Mesh Networking Security Technology and Threats
Anthony Gerkis - October 18, 2006
This paper will summarize the technologies and challenges related to wireless mesh networks.
Wired 802.1x Security
Mohammed Younus - July 27, 2006
This paper defines the fundamentals of 802.1x authentication, explains how the authentication process works in 802.1x, and provides the detailed steps to implement 802.1x in a switched LAN environment using Cisco's Implementation of 802.1x.
GIAC Certified Firewall Analyst (GCFW)
Matthew Sullivan - May 17, 2005
In this paper, I will be introducing the technology of Private VLANs (PVLANs) and VLAN ACLs (VACLs) and discussing how they can add security to the defense in depth model.
Security improvement of a wide and heterogeneous set of network devices: a global approach
Jean-Marc Millet - February 19, 2005
This case study describes the most interesting steps of a project to improve the security of a wide set (about one thousand) of network devices (switches, routers, firewalls) originated from many manufacturers. It is intended to describe a global approach which could be reused to tackle such situations.
Egress Filtering For a Better Internet
Jason Pierce - January 22, 2005
During recent years, there has emerged a necessity for all internet users to try to stop inbound threats. Since most internet security is done from a defensive point of view, the questions is left, "Can proactive internet security provide viable solutions to some of the most serious problems facing the internet today?
Security and Vulnerability Analysis of an Ethernet-based attack on Cisco IOS
Robert Foxworth - June 9, 2004
We note the recent attack on Cisco routers, publicized in July 2003, and analyze this work and expand upon it. This exploit used crafted packets to overflow the input buffer on Cisco devices and caused a Denial of Service, making the device unavailable for legitimate users, leading to loss of network connectivity.
Securing SNMP: A Look at Net-SNMP (SNMPv3)
Michael Stump - October 31, 2003
This paper addresses the many improvements, enhancements, and additions that comprise net-snmp, as well as the benefits of using SNMP to monitor network devices and computers.
Implementing a Secure Internal Network
Ken Creekmore - October 31, 2003
This paper presents how-to options and suggestions for designing and securing an internal network. Scenarios are provided concerning designs that may currently be in place and discussions and analysis on the risks involved and the vulnerabilities presented are included.
Virtual LAN Security: weaknesses and countermeasures
Steve Rouiller - October 31, 2003
In this paper we have presented some attacks on VLAN and how to avoid these attacks.
Securing out-of-band device management
Marc Kolaks - October 31, 2003
This paper will outline vulnerabilities of out-of-band managed systems and devices, provide worksheets for helping to ensure security and give examples of possible architectures for secure remote access.
A Security Assessment of the Ricoh Afcio 450E Multifunction Device
David Garrard - October 31, 2003
This paper provides a Security Assessment of the Ricoh Afcio 450E multifunction device.
Nortel Instant Internet 100-S VPN Configuration
Lloyd Ardoin - October 31, 2003
This paper will discuss the configuration and use of the Nortel Instant Internet 100-S as a VPN client in one organization's network environment.
Easy Steps to Cisco Extended Access List
Nancy Navato - October 31, 2003
The purpose of this document is to explain in simple words how you can easily create an Extended Access List and apply it to your Cisco Router interface.
Disabling Unneeded Features and Services on Cisco Internet Gateway Routers
Toon Mordijck - October 31, 2003
The focus of this document is on closing down services and features as part of the hardening of the router.
Securing IP Routing and Remote Access on Cisco Routers
Mohammed Hatta - October 31, 2003
This paper examines the ways to secure a Cisco router as the first step of defending your network.
Securing the Cisco Local Director
Scott Ambrose - October 31, 2003
This paper documents specific implementation steps required to secure a well-known, widely implemented network appliance load balancer: The Cisco LocalDirector.
Router Audit Tool: Securing Cisco Routers Made Easy!
Brian Stewart - October 31, 2003
This document will discuss the need for a tool such as the CIS Router Audit Tool and it's function in confirming that routers are securely configured in a large network environment.
Securing Your Network With An Internet Access Router (or Getting Your Money's Worth From Your Cisco Gear)
Mark Degner - October 31, 2003
In this document, we will cover the configurations that should be applied to nearly any Cisco router, and routers deployed for Internet access in particular
Securing The Network With Cisco Router
Bang Tan - October 31, 2003
This paper discusses the steps of and security features available on a Cisco router for enhancing the security of a network. Topics covered include: the securing of routing updates through neighbor router authentication and route filtering, using IPSec to secure remote administration of Cisco routers; an overview of reflexive access list and content-based application control; combating code red with network-based application recognition; and, performing integrity checking on routers.
HOW-TO Securely Use SNMP on a BGP/MPLS VPN Network
Guillaume Tamboise - October 31, 2003
This papers discusses how SNMP can be successful in network management.
IPv4 Multicast Security: A Network Perspective
Tom Bachert - October 31, 2003
This paper examines the security implications of multicast communications as they relate to network management.
Implementing Secure Access to Cisco Devices using TACACS+ and SSH
Paul Asadoorian - May 20, 2003
The goal of this paper is to provide an easy guide for network administrators to implement secure remote access for all Cisco networking equipment.
How to Install IC Radius and Extend via Custom Perl Script
Michael Meacle - March 15, 2002
In this HOW TO I will investigate how for a typical company you can install and extend a freely available radius server. In addition, detailed steps also show how the extended radius server can be configured to authenticate a selection of different network elements.
Understanding and Implementing TACACS+
Randy Feliz - October 14, 2001
This paper will focus on understanding and implementing TACACS+
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact email@example.com.
All papers are copyrighted. No re-posting or distribution of papers is permitted.