Network Defense

Beginning in the summer of 1997, Richard Power (then Editorial Director of the Computer Security Institute) and I began writing a column entitled Network Defense for Network Magazine. In the Fall of 1998, Richard decided to stop writing his share of columns, and focus on the eighteen or more publications he published every year. Our contract with CMP, publisher of Network, permits me to post the articles that we wrote to the Web after they have been published.

The versions found here are not the copy-edited versions, and also do not include the illustrations created for Network Magazine. Those edited versions, and the illustrations, belong to Network Magazine. Still, I am posting these articles because I feel that the information in them is valuable. Also, in some cases, it is easier to read my versions of command listings.

You will also find that I often provide more resources (URL references than the published article does. Print magazines impose very rigid length requirements, and I often had to cut out references, and even sentences, of my articles so they fit in exactly two pages.

I wrote my last column for Network Magazine in July of 2004 (published in September). The word from the Editor is that my column had been running too long, and that they needed new blood. I do have to agree that it is not easy to come up with new topics every month for seven years, but was still sorry to end the relationship.


Network Defense Columns by Rik Farrow

Blocking Spam , April, 2004.

Reverse Engineering and Exploits , March, 2004.

Targeted Attacks , February, 2004.

Tunneling Past Firewalls , January, 2004.

Fighting Worms and Viruses , December, 2003.

Public Key Infrastructure , November, 2003.

BGP4 and Internet Security , October, 2003.

Wireless Security Three-Ring Circus , September, 2003.

Wiretapping Desktops with Keystroke Loggers, August, 2003.

Redundant ISP Links for Reliability , July, 2003.

The Best Firewalls Stop New Exploits , June, 2003.

Value of Penetration Testing , May, 2003.

Slammer Worm and Leaky Networks , April, 2003.

VLAN Insecurities , March, 2003.

SOAP, XML and the End of Firewalls , February, 2003.

DoS Attack against DNS Root Servers, January, 2003.

Patching System is Essential for Security, December, 2002.

Using Kerberos for Network Authentication, November, 2002.

Learning from Critical Infrastructure Security Issues, October, 2002.

Security of Open Source Software , September, 2002.

Firewalls Should Block Outgoing Traffic, August, 2002.

Internet Explorer: The Most Dangerous Software Ever Written, July, 2002.

VPN Vulnerabilities: VPN Can Pass Through More Than You Expect, June, 2002.

Databases under Fire: SQL Attacks through Web Servers, March, 2002.

DHCP - An Untrustworthy Service , March, 2002.

Routing Instability: BGP4 Relies on Expert Configuration, March, 2002.

Web Servers No Place for Sensitive Data, February, 2002.

Web Anonimizers , January, 2002.

Wireless Insecurity , December, 2001.

Ending Spam , November, 2001.

Windows XP Security , October, 2001.

Network Time Protocol , September, 2001.

Summer Dreams of IDS , August, 2001.

TCP Sequence Numbers , July, 2001.

Linux Worms and Rootkits , June, 2001.

The Forensic Challenge, Tracing a Hacker's Progress , May, 2001.

Router Security , April, 2001.

The Death of Passwords , March, 2001.

DDoS is Neither Dead nor Forgotten , February, 2001.

Problems with SSL , January, 2001.

Revealing Email Headers , December, 2000.

Nmap and System Fingerprinting , November, 2000.

Full Disclosure, or True Tales Embarass Vendors , October, 2000.

Mysteries of ICMP , September, 2000.

Trouble with DNS , August, 2000.

Web Server Security , July, 2000.

PPP, DSL, and Cable Modems-- Home Firewalls, June, 2000.

Source Address Spoofing , May, 2000.

Install Patches or Be Hacked, April, 2000.

Distributed Denial of Service Attacks, March, 2000.

Cryptography is not the Ultimate Solution, February, 2000.

Preparing to Handle Security Incidents, January, 2000.

Anatomy of a Hack: the PC Week Linux Web Server Attack, December, 1999.

Understanding buffer overflow attacks, November, 1999.

Smart cards in your security future, October, 1999.

The role of MIME in active content-based attacks, September, 1999.

Tunneling through firewalls, or how to stop up some of the holes in your firewall, August, 1999.

The strengths and failings of Intrusion Detection Systems, July, 1999.

Making UNIX-based servers more secure, June, 1999.

Hardening NT servers improves your defensive posture by reducing exposure, May, 1999.

SNMP- A useful network service that serves attackers , April 1999.

DNS May Be Giving away Your Secrets, March 1999.

Tracking Intruders, February 1999.

Public Key Infrastructure, January 1999.

Firewall Configuration Problems, December 1998.

 

Network Defense Columns by Richard Power and Rik Farrow

Some of these columns were written originally in Microsoft Word, then translated into ordinary ASCII. Word does not do a good job of this, and you will often see funny characters in the articles written using Word, such as =93 (leading double quotes), an O instead of an apostrohe, etc. Keep in mind that this is the leading word processing product, produced by literate individuals working in the USA, but unable to produce clear and easy to read text from their proprietary formats. Oh well, I am not going to make excuses for Microsoft, but only for the poor state that some of these files are in.

Hacker Secrets, October 1998.

Scanning Networks, September 1998.

Incident Response Teams, August 1998.

Hacker Tools, July 1998.

TCP/IP-based Denial of Service, May 1998.

Year 2000 Issues April 1998.

Web Security for NT Servers March 1998.

Virtual Private Networking February 1998.

Spending on Information Security December 1997.

Electronic Commerce Crime November 1997.

Web Servers and Firewalls October 1997.

Network-based Intrusion Detection September 1997.

Email Dangers August 1997.

Firewall Technologies July 1997.