Seguridad en Unix y redes - Bibliografía (I)

National Security Agency.
Magnetic Tape Degausser.
Technical Report L14-4-A, National Security Agency/Central Security Service, Octubre 1985.

Ross J. Anderson and Markus Kuhn.
Tamper resistance - a cautionary note.
In Proceedings of the 2nd USENIX Workshop on Electronic Commerce, pages 1-11. The USENIX Association, Noviembre 1996.

Taimur Aslam, Ivan Krsul, and Eugene H. Spafford.
Use of a taxonomy of security faults.
Technical Report TR-96-051, Purdue University Department of Computer Science, 1996.

Stefan Axelsson, Ulf Lindqvist, Ulf Gustafson, and Erland Jonsson.
An approach to Unix Security Logging.
In Proceedings of the 21st National Information Systems Security Conference, pages 62-75. National Institute of Standards and Technology/National Computer Security Center, Octubre 1998.

James P. Anderson.
Computer security threat monitoring and surveillance.
Technical report, James P. Anderson Co., Abril 1980.

Ross J. Anderson.
Why Cryptosystems Fail.
Communications of the ACM, 37:32-40, Noviembre 1994.

Ross J. Anderson.
Tamperproofing of Chip Cards.
Enviado a la lista cypherpunks@cyberpass.net por William H. Geiger III en septiembre, 1997.

Anonymous.
Maximum Security: a hacker´s guide to protecting your Internet site and network.
McMillan Computer Publishing, 1997.

Anonymous.
Maximum Linux Security: a hacker´s guide to protecting your Linux Server and Workstation.
Sams Publishing, 2001.

R. J. Anderson, R. M. Needham, and A. Shamir.
The Steganographic File System.
Lecture Notes in Computer Science, 1525:73-82, 1998.

Ofir Arkin.
Network Scanning Techniques, Noviembre 1999.
PubliCom Communications Solutions.

Derek A. Atkins.
Charon: Kerberos Extensions for Authentication over Secondary Networks.
PhD thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology, 1993.

Stefan Axelsson.
Research in intrusion-detection systems: A survey.
Technical Report 98-17, Chalmers University of Technology, Diciembre 1998.

Sheila L. Brand et al.
Department of Defense Trusted Computer System Evaluation Criteria.
Technical Report DOD 5200.28-STD, Department of Defense, Diciembre 1985.

Sue Berg et al.
Glossary of Computer Security Terms.
Technical Report NCSC-TG-004, National Computer Security Center, Octubre 1988.

Maurice J. Bach.
The Design of the Unix Operating System.
Prentice Hall, 1986.

Edward C. Bailey.
Maximum RPM: Taking the Red Hat Package Manager to the limit.
Red Hat Software, Inc., 1997.

F. Bouchier, J.S. Ahrens, and G. Wells.
Laboratory evaluation of the IriScan prototype biometric identifier.
Technical Report SAND96-1033, Sandia National Laboratories, Abril 1996.

Roland Büschkes and Mark Borning.
Transaction-based Anomaly Detection.
In Proceedings of Workshop on Intrusion Detection and Network Monitoring. The USENIX Association, Abril 1999.

Michael Beck, Harold Bohme, Mirko Dzladzka, Ulrich Kunitz, Robert Magnus, and Dirk Verworner.
Linux Kernel Internals.
Addison-Wesley, 1996.

John Barkley, Lisa Carnahan, Karen Olsen, and John Wack.
Improving security in a network environment.
In John Barkley, editor, Security in Open Systems, chapter 10. National Institute of Standards and Technology (NIST), Julio 1994.
Special Publication 800-7.

Matt Bishop and Michael Dilger.
Checking for race conditions in file accesses.
Computing System, 9(2):131-152, Primavera 1996.

Steven M. Bellovin.
Security problems in the TCP/IP Protocol Suite.
Computer Communications Review, 19(2):32-48, Abril 1989.

Steven M. Bellovin.
There be dragons.
In Proceedings of the Third USENIX Security Symposium, pages 1-16. The USENIX Association, Septiembre 1992.

Walter Belgers.
Unix password security, 1993.

Steven M. Bellovin.
Packets found on an internet.
Computer Communications Review, 23(3):26-31, Julio 1993.

Steven M. Bellovin.
RFC1498: Defending against sequence number attacks, Mayo 1996.

Dirk Balfanz and Edward W. Felten.
Hand-held computers can be better smart cards.
In Proceedings of the 8th USENIX Security Symposium. The USENIX Association, Agosto 1999.

W. Bender, D. Gruhl, N. Morimoto, and A. Lu.
Techniques for data hiding.
IBM Systems Journal, 35(3,4), 1996.

Nishchal Bhalla.
AIX 4.3 bastion host guidelines, Junio 2001.
The SANS Institute.

Matt Bishop.
How to write a setuid program.
;login://, 12(1), Enero 1986.

Matt Bishop.
A Security Analysis of the NTP Protocol, 1990.

Matt Bishop.
A proactive password checker.
In D.T. Lindsay and W.L. Price, editors, Proceedings of the 7th International Conference on Information Security, pages 150-158, Mayo 1991.

Matt Bishop.
Anatomy of a proactive password changer.
In Proceedings of USENIX Unix Security III. The USENIX Association, 1992.

Matt Bishop.
Race conditions, files and security flaws; or the tortoise and the hare redux.
Technical Report CSE-95-8, University of California at Davis, 1995.

Matt Bishop and Daniel V. Klein.
Improving system security via proactive password checking.
Computers & Security, 14(3):233-249, 1995.

Matt Blaze.
A Cryptographic File System for Unix.
In Proceedings of the 1st ACM Conference on Computer and Communications Security, pages 9-16. ACM, Noviembre 1993.

Steven M. Bellovin and Michael Merritt.
Limitations of the Kerberos Authentication System.
In Proceedings of the Winter 1991 USENIX Conference, pages 253-267. The USENIX Association, Enero 1991.

Bill Ball, David Pitts, and William Ball.
Red Hat Linux 7 Unleashed.
Sams Publishing, 2000.

Dave Curry et al.
RFC1244: Site Security Handbook.
Internet Activities Board, Julio 1991.

Crispin Cowan et al.
StackGuard: automatic adaptative detection and prevention of buffer-overflow attacks.
In Proceedings of the 7th USENIX Security Symposium. The USENIX Association, Enero 1998.

Bryan Costales and Eric Allman.
Sendmail.
O´Reilly & Associates, 2nd edition, Enero 1997.

Bryan Costales and Eric Allman.
Sendmail Desktop Reference.
O´Reilly & Associates, Marzo 1997.

Pino Caballero.
Introducción a la Criptografía.
Ra-Ma, 1996.

Valentin Sanz Caja.
Vulnerabilidad y seguridad de los sistemas informáticos.
Fundación Citema, 1982.

William R. Cheswick and Steven M. Bellovin.
Firewalls and Internet Security: Repelling the wily hacker.
Addison Wesley, 1994.

D.B. Cornish and R. V. Clarke.
The Reasoning Criminal: Rational Choice Perspectives on Offending.
Springer-Verlag, 1986.

G.F. Couloris, J. Dollimore, and T. Kindberg.
Distributed Systems. Concepts and design.
Addison Wesley, 2nd edition, 1994.

Rémy Card, Eric Dumas, and Frack Mével.
Programación Linux 2.0: API de sistema y funcionamiento del núcleo.
Eyrolles, 1997.

National Computer Security Center.
Data Remanence in Automated Information Systems.
Technical Report NCSC-TG-025, National Computer Security Center, Septiembre 1991.

CERT.
CERT Advisory CA-99-02. Trojan Horses.
Technical report, Computer Emergency Response Team, Marzo 1999.

CESID.
Glosario de términos de Criptología.
Centro Superior de Información de la Defensa, 1991.

Stephen Ciullo and Daniel Hinojosa.
HP-UX kernel tuning and performance guide.
http://www.hp.com/techpartners/tuning.html∞, 1999.

D. Brent Chapman.
Network (In)Security through IP packet filtering.
In Proceedings of the third USENIX Security Symposium, pages 63-76. The USENIX Association, Septiembre 1992.

William R. Cheswick.
An evening with Berferd, in which a cracker is lured, endured, and studied.
In Proceedings of the Winter USENIX Conference. The USENIX Association, Enero 1992.

Andrew Cherry, Mark W. Henderson, William K. Nickless, Robert Olson, and Gene Rackow.
Pass or fail: A new test for password legitimacy, 1992.

Bruce Corbridge, Robert Henig, and Charles Slater.
Packet filtering in an IP router.
In Proceedings of the Fifth LISA Conference, pages 227-232. The USENIX Association, Octubre 1991.

M. Ruschitzka C. Ko and K. Levitt.
Execution monitoring of security-critical programs in distributed systems: A specification-based approach.
In Proceedings of the 1997 IEEE Symposium on Security and Privacy, pages 175-187. IEEE Computer Society, Mayo 1997.

C.C. Cocks.
A note on non-secret encryption.
Technical report, CESG, Noviembre 1973.

Fred Cohen.
Computer viruses: theory and experiments.
In 7th DoD/NBS Computer Security Conference Proceedings, pages 240-263, Septiembre 1984.

Fred Cohen.
Simulating Cyber Attacks, Defenses and Consequences.
http://all.net/journal/ntb/simulate/simulate.html∞, Mayo 1999.

National Research Council Committee on Information Systems Trustworthiness.
Trust in Cyberspace.
National Academy Press, 1999.

Apollo Computer.
Managing SysV System Software.
Technical Report 010851-A00, Apollo Computer, Inc. (Hewlett Packard), Junio 1988.

Douglas E. Comer.
Internetworking with TCP/IP. Volume 1: Principles, Protocols & Architecture.
Prentice Hall, 3rd edition, 1995.

Intrusion Detection System Consortium.
Intrusion Detection Systems buyer´s guide.
Technical report, ICSA.NET, 1999.

Randle Cowcher.
Physical Security.
In Keith M. Jackson and Jan Hruska, editors, Computer Security Reference Book, chapter 24, pages 311-332. Butterworth-Heinemann, 1992.

Kaare Christian and Susan Richter.
The Unix Operating System.
John Wiley & Sons, 1994.

Jeff Crume.
Inside Internet Security: What hackers don´t want you to know.
Addison Wesley, 2000.

Crispin Cowan, Perry Wagle, Calton Pu, Steve Beattie, and Jonathan Walpole.
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade.
In Proceedings of the SANS 2000 Conference. The SANS Institute, 2000.

D. Brent Chapman and Elizabeth D. Zwicky.
Building Internet Firewalls.
O´Reilly & Associates, 1st edition, Noviembre 1995.