SANS InfoSec Reading Room - Attacking Attackers

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

Featuring 4 papers as of May 18, 2013

• DDoS Roadmap: Steps 1 & 2

• Roadmap to Defeating DDoS

The Jester Dynamic: A Lesson in Asymmetric Unmanaged Cyber Warfare

By: Terrence OConnor (posted on February 14, 2012)

We live in an era where a single soldier can digitally leak thousands of classified documents (possibly changing the course of war), attackers can compromise unmanned drone control software and intercept unencrypted video feeds, and recreational hackers can steal and release personal information from members of cyber think-tanks.

LaBrea - A New Approach to Securing Our Networks

By: Leigh Haig (posted on October 31, 2003)

An examination of how Code Red could defeat existing security mechanisms, what benefit the tool LaBrea could offer, the history and technology behind this application, the networking fundamentals that allow it to work, and a look at the failings of other defenses within existing security solutions.

Anti-Hacking: The Protection of Computers

By: Chadd Schlotter (posted on October 31, 2003)

The three aspects discussed in this paper: Education of the Security Adminis trator, Securing the Environment, and How to Fight Back are just one combined definition of how to protect a system against hacking.

Honey Pots and Honey Nets - Security through Deception

By: William W. Martin (posted on October 31, 2003)

A discussion on the security tool and concept known as a Honey Pot and Honeynet.