The Team Cymru Document Collection
[ Security ] [ UNIX ] [ Networking ]
[ Security ] [ UNIX ] [ Networking ]
Here is a repository of various articles I have written over the years. With the kind permission of my publishers, I will also place my published works here. Please feel free to share any comments or suggestions you may have, and feedback and corrections are always welcome!
Auditing SMTP, POP, and IMAP with Expect v1.0 - 18 AUG 2000 - Two scripts that demonstrate the power of Expect.
BGPv4 Security Risk Assessment - 11 JUN 2002 - The combined input of a lot of folks on risks to BGP4, the protocol that "runs" the Internet. Edited and largely written by Barry Greene of Cisco. I added a few bits. :)
Bogon List - A list of bogons, IP routes that should not appear in the Internet routing table or as the source of IP packets. This list is handy for generating filters and the like, and includes dotted decimal notation, bit notation, Cisco ACLs, and Juniper prefix-list formats.
ICMP Packet Filtering v1.2 - 12 MAR 2003 - A guide that details the minimum ICMP message types that should be allowed into and out of any network.
IPSEC on Cisco - 19 AUG 2000 - A quick reference on configuring IPSEC on a Cisco router.
Monitoring DoS Attacks with the VIP Console and NetFlow - 21 MAY 2001 - This paper details a method for monitoring DoS attacks on Cisco routers that utilize the VIP cards and NetFlow.
Reality and Security Tools v1.0 - 30 SEP 1997 - A reminder that the tools are only as good as the authors and the users.
Secure BGP Template v3.1 - 15 JAN 2004 - A secure BGP configuration template for use with Cisco routers.
Secure FTOS BGP Template Additions - A secure Force10 router BGP configuration. This template is based on the Secure BGP Template, and was written by Greg Hankins.
Secure BIND Template v5.0 - 15 JAN 2004 - A secure BIND configuration and topology to help defend against BIND attacks.
Secure IOS Template v3.3 - 15 JAN 2004 - A secure IOS configuration template for use with Cisco routers.
Force10 Networks E-Series Network Operations Guide - A Force10 guide along the lines of the Secure IOS Template, courtesy of Greg Hankins.
Solaris STREAMS and FW-1 v1.0 - 19 AUG 2000 - A brief discussion of how and where FW-1 inserts itself into the Solaris IP stack and some sample code to query and pop STREAMS modules.
Syslog Bug v1.0 - 02 JUL 1997 - Turning syslog into a malicious, disk filling daemon.
Tuning Solaris for FireWall-1 v1.0 - 14 AUG 2000 - A discourse on properly tuning Solaris to serve as a router and platform for CheckPoint FireWall-1.
Tracking Spoofed IP Addresses v2.0 - 08 FEB 2001 - This paper details a method for tracking spoofed IP address attacks using common Cisco router commands and features.
UNIX IP Stack Tuning Guide v2.7 - 03 DEC 2000 - A guide designed to harden the UNIX IP stack against a variety of attack types found on the Internet today.
The Realities of NIS v1.0 - 13 NOV 1997 - A response to an overly enthusiastic NIS evangelist.
Writing optimal C programs under Solaris (and other Unix variants).
Creating shared libraries
How to determine if another process is alive from within a C program.
How to add a SVR4 package.
How to create a hidden sniffer.
How to prevent and log stack smashing.
How to set the SPEED and DUPLEX of a HME or QFE NIC.
How to read the output of netstat -k.
How to add an direct map to Sun's automounter.
How to add a Jaz drive to your Solaris workstation.
How to set the host to use the on-board MAC address instead of the MAC address in the PROM.
Speed comparison of various network links.
Fiber distances - A graphic that details the maximum distances of different GigE wiring specifications.
How to configure your Cisco router for multicast.
How to create RJ-45 loopback adapters.