📄 bib.html
字号:
<!-- PUB PARTNERS END -->
<!-- END LEFT NAV -->
<td rowspan="8" align="right" valign="top"><img src="/images/iswbls.gif" width=1 height=400 alt="" border="0"></td>
<td><img src="/images/white.gif" width="5" height="1" alt="" border="0"></td>
<!-- end of ITK left NAV -->
<!-- begin main content -->
<td width="100%" valign="top" align="left">
<!-- END SUB HEADER -->
<!--Begin Content Column -->
<FONT FACE="Arial,Helvetica" SIZE="-1">
To access the contents, click the chapter and section titles.
</FONT>
<P>
<B>Intrusion Detection: Network Security beyond the Firewall</B>
<FONT SIZE="-1">
<BR>
<I>(Publisher: John Wiley & Sons, Inc.)</I>
<BR>
Author(s): Terry Escamilla
<BR>
ISBN: 0471290009
<BR>
Publication Date: 11/01/98
</FONT>
<P>
<form name="Search" method="GET" action="http://search.earthweb.com/search97/search_redir.cgi">
<INPUT TYPE="hidden" NAME="Action" VALUE="Search">
<INPUT TYPE="hidden" NAME="SearchPage" VALUE="http://search.earthweb.com/search97/samples/forms/srchdemo.htm">
<INPUT TYPE="hidden" NAME="Collection" VALUE="ITK">
<INPUT TYPE="hidden" NAME="ResultTemplate" VALUE="itk-full.hts">
<INPUT TYPE="hidden" NAME="ViewTemplate" VALUE="view.hts">
<font face="arial, helvetica" size=2><b>Search this book:</b></font><br>
<INPUT NAME="queryText" size=50 VALUE=""> <input type="submit" name="submitbutton" value="Go!">
<INPUT type=hidden NAME="section_on" VALUE="on">
<INPUT type=hidden NAME="section" VALUE="http://www.itknowledge.com/reference/standard/0471290009/">
</form>
<!-- Empty Reference Subhead -->
<!--ISBN=0471290009//-->
<!--TITLE=Intrusion Detection: Network Security Beyond the Firewall//-->
<!--AUTHOR=Terry Escamilla//-->
<!--PUBLISHER=John Wiley & Sons, Inc.//-->
<!--IMPRINT=Wiley Computer Publishing//-->
<!--CHAPTER=0//-->
<!--PAGES=329-332//-->
<!--UNASSIGNED1//-->
<!--UNASSIGNED2//-->
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="ewtoc.html">Table of Contents</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<H2><A NAME="Heading1"></A><FONT COLOR="#000077">References</FONT></H2>
<P>Abrams, Marshall D., Sushil Jajodia, and Harold J. Podell, eds. <I>Information Security: An Integrated Collection of Essays.</I> Los Alamitos, CA: IEEE Computer Society Press, 1995.</P>
<P>Ahuja, Vijay. <I>Network and Internet Security</I>. Boston, MA: Academic Press, 1996.</P>
<P>Albitz, P., and Cricket Liu. <I>DNS and BIND in a Nutshell.</I> Sebastopol, CA: O’Reilly and Associates, Inc., 1992.</P>
<P>Aleph One. “Smashing the stack for fun and profit.” <I>Phrack</I>, no. 7 (1997): 49.</P>
<P>Anderson, J.P. “Computer security technology planning study.” ESD-TR-73-51, Hanscom AFB, MA: United States Air Force Electronics Systems Division,1972.</P>
<P>Anonymous. <I>Maximum Security</I>. Indianapolis, IN: Sams.net, 1997.</P>
<P>Bell, D. E. “Lattices, policies, and implementations.” In <I>Proceedings of the Thirteenth National Computer Security Conference</I> (1990): 165–171.</P>
<P>Bellovin, Steven M. “Security problems in the TCP/IP protocol suite.” <I>Computer Communications Review</I> (1989), no. 19 (2): 32–48.</P>
<P>———“Packets found on an Internet.” <I>Computer Communications Review</I> (1993), no. 23 (3): 26–31.</P>
<P>———“Problem areas for IP security protocols.” In <I>Proceedings of the Sixth USENIX UNIX Security Symposium</I> (1996): San Jose, CA.</P>
<P>———“There be dragons.” In <I>Third USENIX UNIX Security Symposium</I> (1992): Baltimore, MD.</P>
<P>———“Using the Domain Name System for system break-ins.” In <I>Proceedings of the Fifth USENIX UNIX Security Symposium</I> (1995): 205–214. Salt Lake City.</P>
<P>Bellovin, Steven M., and Michael Merritt. “Limitations of the Kerberos authentication system.” In <I>USENIX Conference Proceedings</I> (1991): 253–267. Dallas, TX.</P>
<P>———“Encrypted key exchange: Password-based protocols secure against dictionary attacks.” In <I>Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy</I> (1992): 72–84. Oakland, CA.</P>
<P>Bishop, Matt. “Anatomy of a proactive password changer.” In <I>Proceedings of the Third USENIX UNIX Security Symposium</I> (1992): 171–184. Baltimore, MD.</P>
<P>Brinkley, Donald L., and Roger R. Schell. “Concepts and terminology for computer security.” In <I>Information Security: An Integrated Collection of Essays</I>, edited by M. Abrams, S. Jajodia, and H. Podell, 40–90. Los Alamitos, CA: IEEE Computer Society Press, 1995.</P>
<P>Chapman, D. Brent, and Elizabeth D. Zwicky, <I>Building Internet Firewalls</I>. Sebastopol, CA: O’Reilly & Associates, Inc., 1995.</P>
<P>Chapman, D. Brent. “Network (In)Security Through IP Packet Filtering.” <I>Proceedings of the Third USENIX UNIX Security Symposium</I> (1992): 63–76. Baltimore, MD.</P>
<P>Cheswick, William R. “An evening with Berferd, in which a cracker is lured, endured, and studied.” In <I>Proceedings of the Winter USENIX Conference</I> (1992). San Francisco.</P>
<P>Cheswick, William R. “The design of a secure Internet gateway.” In <I>Proceedings of the Summer USENIX Conference</I> (1990). Anaheim, CA.</P>
<P>Cheswick, William R., and Steven M. Bellovin. <I>Firewalls and Internet Security: Repelling the Wily Hacker</I>. Reading, MA: Addison-Wesley, 1994.</P>
<P>Comer, Douglas E. <I>Internetworking with TCP/IP, Vol. 1, Principles, Protocols, and Architecture</I>. Englewood Cliffs, NJ: Prentice Hall, 1991.</P>
<P>Comer, Douglas E. <I>Internetworking with TCP/IP, Vol. 2, Design, Implementation, and Internals</I>. Englewood Cliffs, NJ: Prentice Hall, 1991.</P>
<P>Coopers & Lybrand. “Microsoft Windows NT Server: Security Features and Future Direction.” Available at <A HREF="www.microsoft.com/security">www.microsoft.com/security</A>. 1997.</P>
<P>daemon9, route, infinity. “IP-spoofing Demystified: Trust-Relationship Exploitation.” <I>Phrack</I> (1996).</P>
<P>Denning, Dorothy E. <I>Cryptography and Data Security</I>. Reading, MA: Addison-Wesley, 1983.</P>
<P>Denning, Dorothy E. “An intrusion-detection model.” In <I>Proceedings of the 1986 IEEE Symposium on Security and Privacy</I> (1986).</P>
<P>Dole, Bryn, Steve Lodin, and Eugene Spafford. “Misplaced Trust: Kerberos 4 Session Keys.” In <I>Proceedings of Symposium on Network and Distributed Systems Security</I>, IEEE (1997).</P>
<P>Ferbrache, David, and Gavin Shearer. <I>UNIX Installation Security and Integrity</I>. Englewood Cliffs, NJ: Prentice Hall, 1993.</P>
<P>Finseth, C. “An access control protocol, sometimes called TACACS.” RFC 1492.</P>
<P>1993.</P>
<P>Garfinkel, Simson, and Gene Spafford. <I>Practical UNIX and Internet Security</I>. Sebastopol, CA: O’Reilly and Associates, Inc., 1996.</P>
<P>Harmon, Paul, Rex Amus, and William Morrissey. <I>Expert Systems Tools and Applications</I>. New York, NY: John Wiley & Sons, Inc., 1988.</P>
<P>Infoworld. “Test center comparison: Network intrusion-detection solutions.” <I>Infoworld</I> (1998), no. 20 (18): 88–98.</P>
<P>ISS. “ISS Security Alert.” Available at <A HREF="www.iss.net">www.iss.net</A>, October 21, 1997.</P>
<P>Kaufman, Charlie, Radia Perlman, and Mike Speciner. <I>Network Security: Private Communication in a Public World</I>. Englewood Cliffs, NJ: Prentice Hall, 1995.</P>
<P>Klander, Lars. <I>Hacker Proof: The Ultimate Guide to Network Security</I>. Houston, TX: Jamsa Press, 1997.</P>
<P>Klein, Daniel V. “Foiling the cracker: A survey of, and improvements to, password security.” In <I>Proceedings of the USENIX UNIX Security Workshop</I> (1990): 5–14. Portland, OR.</P>
<P>Knightmare, The. <I>Secrets of a Super Hacker</I>. Port Townsend, WA: Loompanics, Ltd., 1994.</P>
<P>Koblitz, Neal. <I>A Course in Number Theory and Cryptography</I>. New York, NY: Springer-Verlag, 1994.</P>
<P>Landreth, Bill. <I>Out of the Inner Circle</I>. Bellevue, WA: Microsoft Press, 1985.</P>
<P>LaPadula, L.J. “Formal modeling in a generalized framework for access control.” In <I>Proceedings of the IEEE Computer Security Foundations Workshop III</I> (1990): 100–109. Los Alamitos, CA.</P>
<P>Littmann, Jonathan. <I>The Fugitive Game</I>. Boston, MA: Little, Brown, and Co., 1997.</P>
<P>L0pht. “L0phtcrack.” Available at <A HREF="www.l0pht.com">www.l0pht.com</A>. 1997.</P>
<P>Luby, Michael. <I>Pseudorandomness and Cryptographic Applications</I>. Princeton, NJ: Princeton University Press, 1996.</P>
<P>Macgregor, R., A. Aresi, and A. Siegert. <I>WWW.Security: How to build a secure World Wide Web connection</I>. Upper Saddle River, NJ: Prentice Hall, 1996.</P>
<P>Microsoft. “Microsoft Windows NT Server White Paper.” Available at <A HREF="www.microsoft.com/security">www.microsoft.com/security</A>. 1997.</P>
<P>Miller, Barton P., et al. “Fuzz revisited: A re-examination of the reliability of UNIX utilities and services.” Available from COAST at <A HREF="www.cs.purdue.edu/coast">www.cs.purdue.edu/coast</A>. 1995.</P>
<P>Morris, Robert T. “A weakness in the 4.2BSD UNIX TCP/IP software.” Computing Science Technical Report 117 (1985). Murray Hill, NJ: AT&T Bell Laboratories.</P>
<P>Mudge. “Compromised buffer overflows from Intel to Sparc Version 8.” Available at <A HREF="www.l0pht.com">www.l0pht.com</A>. 1996.</P>
<P>NTbugtraq. “FAQ: NT Cryptographic Password Attacks & Defenses.” Available at <A HREF="www.ntbugtraq.com/samfaq.htm">www.ntbugtraq.com/samfaq.htm</A>. 1997.</P>
<P>Okuntseff, Nik. <I>Windows NT Security: Programming Easy-to-Use Security Options</I>. Lawrence, KA: R&D Books, 1998.</P>
<P>PeterZ. “Weaknesses in SecurID.” Available at <A HREF="www.secnet.com/securid.ps">www.secnet.com/securid.ps</A>. 1996.</P>
<P>Postel, John. “Internet protocol.” RFC 791 (1981).</P>
<P>Ptacek, Thomas H., and Newsham, Timothy N. “Insertion, evasion, and denial of service: Eluding network intrusion detection.” Available at <A HREF="www.secnet.com">www.secnet.com</A>. 1998.</P>
<P>Ramsey, R. <I>All About Administering NIS+</I>. Englewood Cliffs, NJ: Prentice Hall, 1994.</P>
<P>Reilly, Michael. “Finding Holes in Your NT Security.” <I>Windows NT Magazine</I>, October (1996).</P>
<P>Rigney, C., A. Rubens, W. Simpson, and S. Willens. “Remote Authentication Dial In User Service (RADIUS).” RFC 2138 (1997).</P>
<P>Rivest, R. L., A. Shamir, and L. Adleman. “A method for obtaining digital signatures and public-key cryptosystems.” <I>Communications of the ACM</I> (1978), no. 21 (2): 120–126.</P>
<P>Samalin, Samuel. <I>Secure UNIX</I>. New York, NY: McGraw-Hill, 1997.</P>
<P>Schneier, Bruce. <I>Applied Cryptography: Protocols, Algorithms, and Source Code in C.</I> New York, NY: John Wiley & Sons, Inc., 1996.</P>
<P>Sheldon, Tom. <I>Windows NT Security Handbook</I>. Berkeley, CA: Osborne McGraw-Hill, 1997.</P>
<P>Smaha, Stephen, and Jessica Winslow. “Software tools for detecting misuse on UNIX systems.” Haystack Labs, 1994.</P>
<P>Snapp, Steven, et al. “DIDS (Distributed Intrusion Detection System)— Motivation, architecture, and an early prototype.” In <I>Proceedings of the Fourteenth National Computer Security Conference</I> (1991), 167–176.</P>
<P>Stallings, William. <I>Network and Internetwork Security</I>. Englewood Cliffs, NJ: Prentice Hall, 1995.</P>
<P>Stern, Hal. <I>Managing NFS and NIS.</I> Sebastopol, CA: O’Reilly and Associates, Inc., 1991.</P>
<P>Stevens, W. Richard. <I>UNIX Network Programming</I>. Englewood Cliffs, NJ: Prentice Hall, 1990.</P>
<P>Stevens, W. Richard. <I>Advanced Programming in the UNIX Environment</I>. Reading, MA: Addison-Wesley, 1992.</P>
<P>Stevens, W. Richard. <I>TCP/IP Illustrated, Vols. 1 & 2</I>. Reading, MA: Addison-Wesley, 1994.</P>
<P>Stoll, Cliff. <I>The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage</I>. New York, NY: Simon and Schuster, Inc., 1989.</P>
<P>Summers, Rita C. <I>Secure Computing: Threats and Safeguards</I>. New York: McGraw-Hill, 1997.</P>
<P>TIS. <I>Gauntlet Firewall Administrators Guide</I>. Trusted Information Systems, 1997.</P>
<P>Trott, Bob. “Microsoft hit with NT registry security flaw.” <I>Infoworld Electric</I> October 14 (1997).</P>
<P>Vacca, John. <I>Internet Security Secrets</I>. Foster City, CA: IDG Books, 1996.</P>
<P>Waterman, Donald. <I>A Guide to Expert Systems.</I> Reading, MA: Addison-Wesley, 1986.</P>
<P>Williams, James G., and Marshall D. Abrams. “Formal methods and models.” In <I>Information Security: An Integrated Collection of Essays</I>, edited by M. Abrams, S. Jajodia, and H. Podell, 170–186. Los Alamitos, CA: IEEE Computer Society Press, 1995.</P>
<P>Winsor, Janice. <I>Solaris Advanced System Administrator’s Guide.</I> Emeryville, CA: Ziff Davis, 1993.</P><P><BR></P>
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="ewtoc.html">Table of Contents</A></TD>
</TR>
</TABLE>
</CENTER>
<!-- all of the reference materials (books) have the footer and subfoot reveresed -->
<!-- reference_subfoot = footer -->
<!-- reference_footer = subfoot -->
<!-- BEGIN SUB FOOTER -->
<br><br>
</TD>
</TR>
</TABLE>
<table width="640" border=0 cellpadding=0 cellspacing=0>
<tr>
<td align="left" width=135><img src="/images/white.gif" width=100 height="1" alt="" border="0"></td>
<!-- END SUB FOOTER -->
<!-- all of the books have the footer and subfoot reveresed -->
<!-- reference_subfoot = footer -->
<!-- reference_footer = subfoot -->
<!-- FOOTER -->
<td width="515" align="left" bgcolor="#FFFFFF">
<font face="arial, helvetica" size="1"><b><a href="/products.html"><font color="#006666">Products</font></a> | <a href="/contactus.html"><font color="#006666">Contact Us</font></a> | <a href="/aboutus.html"><font color="#006666">About Us</font></a> | <a href="http://www.earthweb.com/corporate/privacy.html" target="_blank"><font color="#006666">Privacy</font></a> | <a href="http://www.itmarketer.com/" target="_blank"><font color="#006666">Ad Info</font></a> | <a href="/"><font color="#006666">Home</font></a></b>
<br><br>
Use of this site is subject to certain <a href="/agreement.html">Terms & Conditions</a>, <a href="/copyright.html">Copyright © 1996-1999 EarthWeb Inc.</a><br>
All rights reserved. Reproduction whole or in part in any form or medium without express written permision of EarthWeb is prohibited.</font><p>
</td>
</tr>
</table>
</BODY>
</HTML>
<!-- END FOOTER -->
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -