Information Technology Reference
In-Depth Information
will soon deploy valid countermeasures. An appropriate awareness of the potential
threats may help greatly in preventing the recurrence of a gap between attacks and
countermeasures that not so very long ago caused a great host of problems for busi-
nesses and other institutions.
F
URTHER
R
EADING
[1] IETF, “RFC 791: Internet Protocol”,
http://www.ietf.org/rfc/rfc0791.txt
.
[2] IETF, “RFC 793: Transmission Control Protocol”,
http://www.ietf.org/rfc/rfc0793.txt
.
[3] U.S. Department of Defense, “Trusted computer system evaluation criteria”, 1985.
[4] Comer D.E.,
Internetworking with TCP/IP
, vol. 1, Prentice Hall, New York, 1995.
[5] Szor P.,
The Art of Computer Virus Research and Defense
, Addison-Wesley, Reading,
MA, 2005.
[6] Rowland C.H., “Covert channels in the TCP/IP protocol suite”,
First Monday
(1997),
[7] Owens M., “A discussion of covert channels and steganography”,
http://www.sans.org/
[8] Murdoch S., Lewis S., “Embedding covert channels into TCP/IP”,
http://www.cl.cam.
[9] “Simple Nomad”, README for the ncovert2 tool,
http://ncovert.sourceforge.net/
,
2003.
[10] Bejtlich R.,
The TAO of Network Security Monitoring
, Addison-Wesley, Reading, MA,
2005, pp. 505-517.
[11] Alhambra and daemon9, “Project Loki: ICMP tunneling”,
Phrack Magazine
6
(49)
[12] Carrillo J.F., Ospina C., Rangel M., Rojas J.A., Vergara C., “Covert channels sobre
HTTP”,
http://www.criptored.upm.es/guiateoria/gt_m142m.htm
,
2004.
[13] Dyatlov A., Castro S., “Exploitation of data streams authorized by a network access con-
trol system for arbitrary data transfers: tunneling and covert channels over the HTTP
protocol”,
http://www.gray-world.net/projects/chapters/html/covert_chapter.html
,
2003.
[14] Kaminsky D., “Black Ops of DNS”,
http://www.doxpara.com/dns_bh
,
2004.
[15] IETF, “RFC 2136: Dynamic Updates in the Domain Name System”,
http://www.ietf.
[16] IETF, “RFC 2535: Domain Name System Security Extensions”,
http://www.ietf.org/
[17] Albitz P., Liu C.,
DNS and BIND
, fourth ed., O'Reilly, 2001.
[18] Forte D., “Analyzing the difficulties in backtracing onion router traffic”,
http://www.ijde.
org/archives/02_fall_art3.html
.
The International Journal of Digital Evidence, Utica Col-
lege, United States,
http://www.idje.org
,
JDE 2002 1:3.
[19] Forte D., “The art of log correlation, tool and techniques for log analysis”, in:
Pro-
ceedings of The ISSA Conference 2004, Johannesburg, South Africa
,
Digital Crime and
Forensic Science in Cyberspace
, Idea Publishing, Greece, 2005.