HWA

HWA-Security.net

This Section mainly sourced from MIXTER's Page Mixter Lots of great stuff here.

White Papers

sql-security.faq.txt SQL Security FAQ http://sqlsecurity.com/

rawip.txt A programming tutorial for raw sockets in C

coding.txt Coding in C - a summary of some popular mistakes

firstaid.txt Emergency and short time measures that can be applied to protect and act against Distributed Denial Of Service attacks

trojans.txt Finding and analyzing trojans under Unix. Discusses methods involving code reviewing, process tracing and disassembling.

protecting.txt Protecting against the unknown, guide to improving network security on boxes hooked to the Internet.

exploit.txt A tutorial about how buffer overflows 'work', and an introduction on how to write your own exploits and shell code.

auditing.txt A guide on how to do systematic network security checking

clientexp.tgz programs that can be used to break security. Includes a sample exploit against tar.

logs.txt Many system intruders delete or clean system logs. Yet, there are many audit trails (logging facilities), which are still overlooked. This text reviews and describes the most reliable audit trails that are left after an intrusion

HWA member and misc collected Important or interesting papers form around and about.

Misc White Papers

stealthcode.txt by xtremist email

irc.html Tracking hackers on IRC a *MUST READ* especially for you newbies.(http://theorygroup.com/Theory/irc.html)

trinoo.analysis.txt Paper on the Trinoo DDoS attack by David Dittrich

tfn.analysis.txt Paper on the Tribe Flood Network DDoS attack tool by David Dittrich

stacheldraht.analysis.txt Paper on the Stacheldraht DDoS attack tool by David Dittrich

mstream.analysis.txt Paper on the Mstream DDoS attack tool (Recently made infamous by Mafiaboy) by David Dittrich

© Copyright 1997, 1998, 1999, 2000 HWA/Cruciphux
cruciphux@dok.org

sql-security.faq.txt	SQL Security FAQ http://sqlsecurity.com/
rawip.txt	A programming tutorial for raw sockets in C
coding.txt	Coding in C - a summary of some popular mistakes
firstaid.txt	Emergency and short time measures that can be applied to protect and act against Distributed Denial Of Service attacks
trojans.txt	Finding and analyzing trojans under Unix. Discusses methods involving code reviewing, process tracing and disassembling.
protecting.txt	Protecting against the unknown, guide to improving network security on boxes hooked to the Internet.
exploit.txt	A tutorial about how buffer overflows 'work', and an introduction on how to write your own exploits and shell code.
auditing.txt	A guide on how to do systematic network security checking
clientexp.tgz	programs that can be used to break security. Includes a sample exploit against tar.
logs.txt	Many system intruders delete or clean system logs. Yet, there are many audit trails (logging facilities), which are still overlooked. This text reviews and describes the most reliable audit trails that are left after an intrusion

stealthcode.txt	by xtremist email
irc.html	Tracking hackers on IRC a MUST READ especially for you newbies.(http://theorygroup.com/Theory/irc.html)
trinoo.analysis.txt	Paper on the Trinoo DDoS attack by David Dittrich
tfn.analysis.txt	Paper on the Tribe Flood Network DDoS attack tool by David Dittrich
stacheldraht.analysis.txt	Paper on the Stacheldraht DDoS attack tool by David Dittrich
mstream.analysis.txt	Paper on the Mstream DDoS attack tool (Recently made infamous by Mafiaboy) by David Dittrich