Books

EE Book   Extreme Exploits Advanced Defenses Against Hardcore Hacks
Published by McGraw-Hill/Osborne
Networking/Security
7 3/8 x 9 1/8
ISBN: 0-07-225955-8
448 pages, 50 illustrations
EAN: 9780072259551
 
SCCNS Book   The Secrets to Carrier Class Network Security
Published by Auerbach Publications / Taylor & Francis
For release in 2009
Networking/Security


Articles in Periodicals

Network Defense Applications using IP Sinkholes
Available in English, Deutsch, Italiano, Espanol, Francais, Czech, Polska.
Published by Hakin9 Magazine
September 2006 Issue, International
Printed in the U.S.A., Germany, France, Italy, Spain, Czech Republic, and Poland.

When "I won't let them in" Fails
Published by SC Magazine
October 2005 Issue, Last Word segment
U.S. Edition

Hacking UNIX 101
Published by Rixstep
March 2006
On-line Edition

Interviews

SploitCast: Interview with Harrison Holland
Podcast, April 2006
Various topics related to network security
Visit: SploitCast
Download: MP3 Audio (Podcast)

Lets Talk Computers: Interview with Alan Ashendorf
Radio show, August 2005
Various topics discussed in our book
Victor Oppleman and Brett Watson in attendance
Listen: RealAudio or ASF (Windows Media) stream

Presentations

Network Defense Applications using Stationary and Event-Driven IP Sinkholes
Slideshow, circa 2006
A lengthy slideshow exploring how IP sinkholes may be used for a variety of network defense applications. The specific ideas covered include defeating denial of service attacks using blackholes, decreasing false positives in your existing network monitoring systems, reducing noise and enriching network intelligence, and much more.
Layer Four Traceroute (LFT), WhoB, and Associated Tools
Slideshow, circa 2005
A brief slideshow explaining how "modern" Internet path analysis can be performed. It discusses how the popular traceroute software works, how LFT software improves path analysis and provides additional valuable information, etc. The slideshow provides an overview of LFT, WhoB, and much of the Prefix WhoIs Project.
 
AUDIO: Download the audio/spoken portion of this presentation in MP3 format. WARNING: The comfort pauses have been removed to speed up the presentation, so parts of it may sound accelerated or compressed. 24.8 MB
Rationalizing Information Security Staffing
Slideshow, circa 2004
A brief slideshow explaining how to staff an information security department based on specific personnel utilization and security tasks/time research

Papers

Setting up Peer-to-Peer (p2p) SIP or IAX to use E-mail Addresses as VoIP URIs
Article-format, circa 2006
There's e164 and a dozen proprietary p2p VoIP systems/services/protocols. But why doesn't everyone with a VoIP PBX like Asterisk simply configure DNS SRV records and set up their dialplan correctly so peer-to-peer VoIP works just by typing in the e-mail address of the person you want to call? Barret Lyon and Victor show how to make this work in a simple article that includes sample configurations and even a demo video. In case there is trouble with the link, here's a local copy.

The Lurking Threat of Malware
Article-format, circa 2004
There has been an enormous misunderstanding when it comes to the lurking threat of resident malware in all organizations. This is a short explanation of the nature of the threat written to help information security professionals understand what's really going on. The article covers botnets, Trojan activity, and explains the difference between the delivery mechanisms and the tangible threat payload. It has been edited and published by a number of private organizations internally. Botnets are the basis of many threats that are now reported through the mass media: http://www.oreillynet.com/lpt/a/5609

Wireless LAN VPN / Jail Vulnerability
Vulnerability brief, circa 2003
An explanation of the layer-2 and layer-3 weaknesses inherent in the wireless LAN security methodology that has become prevalent: using a mixture of a "jail" to segregate the untrusted wireless network and then requiring users to further connect to an enterprise VPN for tangible access. The paper also explains a simple and cost-effective security augmentation solution that isn't vendor-specific. Primarily authored by B. Watson based on V. Oppleman's research.

Currently Aug 1st 2014, 11:50am GMT