Featuring 30 Papers as of June 4, 2013
Analyzing Polycom® Video Conference Traffic
Chris Cain - June 4, 2013
Most businesses and hospitals have relied on videoconferencing (VC) hardware to perform meetings, interviews, presentations or even tele-medicine procedures for many years.
Analyzing Network Traffic With Basic Linux Tools
Travis Green - November 16, 2012
When examining network traffic, one may examine the packets individually with Tcpdump, or reconstruct it with sophisticated and sometimes expensive tools.
A Complete Guide on IPv6 Attack and Defense
Atik Pilihanto - March 19, 2012
Based on RFC 791, the internet protocol is designed for use in interconnected systems of packet switched computer communication networks.
Using SNORT® for intrusion detection in MODBUS TCP/IP communications
Javier Jimenez Diaz - December 19, 2011
Not long ago, analog and purpose built communications systems use to be prevalent technologies on industrial plants. It wasnt common to find either interoperability or compatibility among them. In the 70s communication Networking began to be used in Direct Digital Control (Berge Jonas, 2004).
Using SSL to Secure LDAP Traffic to Microsoft Domain Controllers
Andrew Reid - September 21, 2011
When deploying application servers there is often a choice to be made regarding the authentication of user credentials. In most cases this is to use an internal account database or an LDAP directory such as Microsoft Active Directory Domain Services.
Scoping Security Assessments - A Project Management Approach
Ahmed Abdel-Aziz - June 7, 2011
Security assessments can mean different things to different people. This paper will explore what a security assessment is, why it should be done, and how it is different than a security audit.
OS and Application Fingerprinting Techniques Masters
Jon Mark Allen - September 27, 2007
This paper will attempt to describe what application and operating system (OS) fingerprinting are and discuss techniques and methods used by three of the most popular fingerprinting applications: nmap, Xprobe2, and p0f. I will discuss similarities and differences between not only active scanning and passive detection, but also the differences between the two active scanners as well. We will conclude with a brief discussion of why successful application or OS identification might be a bad thing for an administrator and offer suggestions to avoid successful detection.
Well It's About Time
Vance Rider - January 19, 2005
This document describes the role time plays in a networked environment. Specifically it introduces the reader to the Network Time Protocol (NTP) and how it is used to synchronize computer clocks together via a hierarchical master slave relationship in a secure manner.
The Next Internet Privacy in Internet Protocol Version 6 (IPv6)
Kevin Scott - June 9, 2004
This paper addresses the aspect of privacy relating to Internet Protocol version 6 (IPv6). It analyzes both the security features implemented in IPv6 as well as privacy-relevant concerns of capabilities implemented within IPv6 such as automatic configuration.
Applying the OSI Seven Layer Network Model To Information Security
Damon Reed - January 11, 2004
Data networking is a critical area of focus in the study of information security. This paper focuses on reviewing a key area of data networking theory - The Open Systems Interconnect (OSI) Seven Layer Network Model.
Monitoring The ARP Protocol On Local Area Networks
David Fuselier - January 11, 2004
This document is a research paper on how to use the ARP protocol to monitor local area networks.
Understanding Instant Messaging (IM) and its security risks
Sujata Chavan - November 5, 2003
This paper provides an overview of IM technology, vulnerabilities and related security issues.
SSL and TLS: A Beginners Guide
Holly McKinley - October 31, 2003
This paper particularly serves as a resource to those who are new to the information assurance field, and provides an insight to two common protocols used in Internet security.
Is The Border Gateway Protocol Safe?
Sargon Elias - October 31, 2003
This paper is about the security issues of organisations that are planning to run their own Border Gateway Protocol (BGP) router to provide a redundant internet connection. This paper includes the following sections; description of the scenario, a brief description of IP and interdomain routing, the risks when using BGP, mitigation steps and future developments.
Security Measures to couple mixed IPv4/IPv6 Networks over a pure IPv6 Infrastructure by making Use of NAT-PT
Thorsten Brikey - October 31, 2003
The scope of this paper is to present a European test installation where NAT-PT is used to couple national networks over an IPv6 backbone.
A Look at Automatic Protocol Generation & Security Protocols
Boris Vassall - October 31, 2003
This paper will attempt to describe automatic protocol generation, and security protocols. Automatic Protocol Generation, APG for short, is a mechanism to generate security protocols automatically.
Securing Time - The Autokey Protocols
Robert Palko - October 31, 2003
This paper investigates the authentication protocols used with NTP-V4.
IP Security Protocol-based VPNs
Eddie Younker - October 31, 2003
IP Security Protocol (IPSec) defines a set of protocols and cryptographic algorithms for creating secure IP traffic sessions between IPSec gateways as discussed in this paper.
Digging Deeper Into TCP/IP
Leah Wilson - October 31, 2003
This paper takes a close look at TCP/IP as a reference for the security professional.
Securing FTP Authentication
Mike Gromek - October 31, 2003
This paper discusses File Transfer Protocol, or FTP, an industry standard method of data exchange between computers, addresses some security concerns and offers several different approaches to these concerns.
SNMP Alert 2002: What is it all about?
Brad Beckenhauer - October 31, 2003
This paper provides a brief history of Simple Network Management Protocol (SNMP) and discusses the tools and information that can be used to test for SNMP vulnerabilities and increase security on your networking infrastructure.
Your Greatest Strength can become your Greatest Weakness: Simple Network Management Protocol Vulnera
Amy Geiger - October 31, 2003
This paper will discuss some of the major vulnerabilities discovered in SNMP and their potential impact as well as some of the major vendors affected by these vulnerabilities and possible solutions and alternatives that can be implemented to protect systems from these vulnerabilities.
Understanding Security Using the OSI Model
Glenn Surman - October 31, 2003
This paper will provide a breakdown of the OSI (Open Source Interconnection) model, and using that model, explain some well-known vulnerabilities.
Securing an Anonymous FTP Server in Solaris 8 with WU-FTPD
Mansel Bell - October 31, 2003
This paper will present one method of securing an anonymous FTP server in an UNIX environment.
Border Gateway Protocol -The Language of the Internet
Yvonne Tracy - October 31, 2003
This paper is an examination of Border Gateway Protocol.
Security Features in IPv6
Penny Hermann-Seton - October 31, 2003
This paper will present an in-depth view of the new security features in Internet Protocol version 6 (IPv6), namely the use of the Authentication Header and Encapsulating Security Payload (ESP) Header and examine how these security features can prevent certain types of network attacks.
The Real Cost of Free Programs such as Instant Messaging and Peer-to-Peer File Sharing Applications
Sigrun Grabowski - October 31, 2003
This paper discusses specific technical details and security risks of the four most popular Instant Messaging clients as well as several peer-to-peer file sharing programs and examines specific threats that are present for both these types of programs.
SNMP and Potential ASN.1 Vulnerabilities
Edmund Whelan - October 31, 2003
This paper briefly describes the SNMP protocol, with emphasis on the underlying ASN.1 notation, discusses the vulnerabilities identified by Oulu and demonstrates the Oulu Protos SNMP testing tool.
Sudha Sudanthi - October 31, 2003
The purpose of the paper is to familiarize you with the Mobile IPv6 standard, its use, and associated security concerns.
IPv6 Deployment in Malaysia: The Issues and Challenges
Raja Mahmood - April 4, 2002
This paper examines the IPv6 prominent features in details, discusses on the IPv6 deployment around the world and studies some of the transition mechanisms available today.
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact firstname.lastname@example.org.
All papers are copyrighted. No re-posting or distribution of papers is permitted.