Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

Featuring 30 papers as of Jul 9, 2008

Is Internet Explorer More Secure than FireFox?

Larry Fortier

October 1, 2007

- download paper

OS and Application Fingerprinting Techniques

Jon Mark Allen

September 27, 2007

- download paper

Security Implications of the Virtualized Data Center

Alan Murphy

June 19, 2007

- download paper

Port Knocking: Beyond the Basics

Dawn Isabel

May 17, 2005

- download paper

Linux Repository Server: Implementing and Hardening Step by Step

Alexandre Teixeira

May 5, 2005

- download paper

Linux Repository Server: Implementing and Hardening Step by Step

Alexandre Teixeira

March 9, 2005

- download paper

Meeting the challenges of automated patch management

John Walther

September 16, 2004

- download paper

Metrics for Operational Security Control

Richard Cambra

August 15, 2004

- download paper

Protecting Students in the Public School Environment

John Decker

July 25, 2004

- download paper

Operating System Build Management in the Enterprise

Duncan Beattie

April 8, 2004

- download paper

Options for Secure Personal Password Management

Hugh Ranalli

December 14, 2003

- download paper

Role-Based Access Control: The NIST Solution

Hazen Weber

December 13, 2003

- download paper

Implementing the "Just-enough Privilege" Security Model

Tom Martzahn

November 19, 2003

- download paper

Backup Rotations - A Final Defense

Stephen Lennon

October 31, 2003

- download paper

The Divine Right of Kings: Domain Administrators and your (In)secure Network

Mark Austin

October 31, 2003

- download paper

Non-Malicious Destruction of Data

Saffet G. Ozdemir

October 31, 2003

- download paper

Some of the Dangers of Connecting your AS/400 to a Network

Michael Walsh

October 31, 2003

- download paper

Systems Administrators: The First Line of Defense

Elizabeth Frank

October 31, 2003

- download paper

Patch DoS

Chad Oleary

October 31, 2003

- download paper

Proposal for Managing System Security Patches in an Enterprise Network

Karenda Bernal

October 31, 2003

- download paper

Slogging (syslog-ging) through the Mud

Michael Sullivan

October 31, 2003

- download paper

Steps Toward a Secure Windows XP Stand Alone Workstation Abstract

Patrick Grace

October 31, 2003

- download paper

Systems Security Management: Small Business Style

Nathaniel Dean

October 31, 2003

- download paper

Security Administration Solution or Why We Implemented An Identity Management/Account Provisioning T

Suzette Franklin

October 31, 2003

- download paper

Using Fport on Windows NT to Map Applications to Open Ports

Teena J. Henson

October 31, 2003

- download paper

Protecting Insecure Programs

Shawn Instenes

October 31, 2003

- download paper

Keeping Red Hat Linux Systems Secure with up2date

John Mravunac

October 31, 2003

- download paper

Securing Internet Explorer Through Patch Management

Ben Meader

October 31, 2003

- download paper

Methodologically Upgrading A Production System

Otan Ayan

June 27, 2003

- download paper

Password Security in NIS Systems

Eric Gallagher

July 19, 2001

- download paper