Kissel, Zachary A[.]_ Wang, Jie - Introduction to Network Security_ Theory and Practice-Wiley (2015)[.]pdf

Sharing

Copy URL Twitter E-mail

General

Target

Kissel, Zachary A._ Wang, Jie - Introduction to Network Security_ Theory and Practice-Wiley (2015).pdf
Size

9.8MB
MD5

ef9f97d5f0f7625e2b267553ed0b489e
SHA1

d3ac5f8f94ad052445da8cb03529f20077f151b0
SHA256

72caf13032b5d9c90829f8f19f9959eb498b2cb913b5d0ffdafb0f5be5704e87
SHA512

c6b6f7765adc9d7a27be3b49ea7bf01a11e8816840f90b8686a047566b366b3ac75f7561f67862b6af2a75a7449bba78870a4e649b13e6d770f8f887c5c0c26b
SSDEEP

98304:IhuUow0BRJNruIYPDAYfCBMI5W5ydlycWAZ+VkydlTTeVZhIK3XD:WFuJtrMC3I5c3JkVXxTayK3XD

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

Kissel, Zachary A._ Wang, Jie - Introduction to Network Security_ Theory and Practice-Wiley (2015).pdf
.pdf
- http://www.wiley.com
- http://www.cs.uml.edu/%E2%88%BCwang/NetSec
- http://www.uml.edu
- http://www.oxid.it/cain.html
- http://www.cert.org
- http://www.sans.org
- http://www.microsoft.com/security/default.mspx
- http://www.ntbugtraq.com
- http://www.cve.mitre.org
- http://www.google.com
- http://www.yahoo.com
- http://www.tcpdump.org
- http://www.wireshark.org
- http://www.wire
- http://www.grc.com
- http://www.nessus.org
- http://www.microsoft.com/technet/security/tools/mbsahome.mspx
- http://www.safenet-inc.com/
- http://www.openssl.org
- https://filippo.io/Heartbleed/
- https://lastpass.com/heart
- http://www.pgpi.org/products/pqp/versions/freeware
- http://www.ssh.com
- https://vote.heliosvoting
- http://www.shmoo.com/projects.html
- http://umbra.shmoo.com:6969/
- http://sky.cloud/user/johndoe/usage.We
- http://www.dropbox.com
- http://www.kloth.net/services/nslookup.php
- http://www.ietf.org/rfc/rfc3089.txt
- http://www.snort.org
- http://www.mwcollect.org
- http://www.honeynet.org
- http://honeytrap.mwcollect.org/attacks
- http://www.alienvault.com/blogs/security-essentials/open
- http://www.whitehouse.gov
- http://www.mcafee.com
- http://www.symantec.com
- http://www.avast.com
- http://www.webroot.com
- http://www.malwarebytes.com
- http://www.trendmicro.com
- http://www.pandasoftware.com
- http://free.grisoft.com/
- http://www.clamav.net/
- http://vil
- http://vmyths.com/
- http://www.sophos.com/search/
- http://www.ABC.com/ax_controls/
- http://www.ABC.com/ax_controls
- http://www.symantec.com/security_response/writeup.jsp?docid=2003-081119-5051-99
- http://www.avast.com/eng/download-avast-home.html
- http://www.microsoft.com/downloads
- http://www.anonymizer.com
- http://www.cnn.com
- http://www.xprobe2.org+
- http://www.csrc.nist.gov/publications/nistpubs/800-31/sp800-31.pdf
- http://www.pcworld.com/
- http://www.cert.org/advisories/CA-2001-19.html+
- http://www.cert.org/advisories/
- http://www.cert.org/incident_notes/
- http://www.cert.org/incident
- http://www.cnss.gov/Assets/pdf/cnssp_15_fs.pdf+
- http://csrc
- http://www.eff.org/Privacy/Crypto/
- http://eprint.iacr.org/2006/150
- http://www.securityfocus.com/
- https://bitcoin.org/
- http://www.pcmag.com+verb+/
- http://msdn2.microsoft.com/en-us/library/ms809762.aspx+
- http://msdn.microsoft.com/msdnmag/issues/02/02/PE/default.aspx+
- http://msdn.microsoft.com/msdnmag/issues/02/03/PE2/default
- http://www.voanews.com/++special
- http://cache-www.intel.com/cd/00/00/01/77/17769_80211_part2
- http://wepcrack.sourceforge.net
- http://zigbee.org/Specifications.aspx+
- http://www.wiley.com/go/eula
- http://forcustomerservicesandforinformationabouthowtoapplyforpermissiontoreusethecopyrightmaterialinthisbookpleaseseeourwebsiteatwww.wiley.com
- http://www.cs.uml.edu/wang/NetSec.Duetospacelimitations,someinterestingtopicsandmaterialsarenotpresentedinthisbook.Afterall,onebookcanonlyaccomplishonebook�smission.Weonlyhopethatthisbookcanachieveitsobjective.Ofcourse,onlyyou,thereader,canbethejudgeofit.Wewillbegratefulifyouwillpleaseofferyourcomments,suggestions,[email protected]@merrimack.edu.Wehavebenetedagreatdealfromnumerousdiscussionsoverthelast20yearswithouracademicadvisors,colleagues,teachingassistants,aswellascurrentandformerstudents.WearegratefultoSarahAgha,StephenBachelder,YiqiBai,WilliamBaker,SamipBanker,DavidBestor,RobertBetts,AnnBrady,StephenBrinton,JeffBrown,WilliamBrown,MatthewByrne,RobertCarbone,JasonChan,GuanlingChen,MarkConway,MichaelCourt,AndrewCross,DanielDaSilva,PaulDowning,MatthewDrozdz,ChunyanDu,PaulDuvall,AdamElbirt,ZhengFang,DanielFinch,JamiForan,XinwenFu,AnthonyGendreau,WeiboGong,EdgarGoroza,SwatiGupta,PeterHakewessell,LiwuHao,SteveHomer,QiangHou,MarlonHouse,BeiHuang,JaredKarro,ChristopherKraft,FanyuKong,LingfaKong,ZakiJaber,MingJia,KimberlyJohnson,KenKleiner,Minghui
- http://uml.edu
- http://.TheUniversityI.T.Swww.uml.edu
- http://www.oxid.it/cain.html.1.2.3.6Side-ChannelAttacksSocialmediasites,suchasFacebook,LinkedIn,andTwitter,provideuser-friendlyplatformsforbillionsofuserstointeractwitheachother.Manyusersalsoliketoposttheirpersonaldataonsocialmediasitesforotherstosee.However,securitymeasuresonsocialmediasitesarenotasstrongasonewouldlike.Asaresult,itisofteneasiertoobtainuserlogininformationfromsocialmediasitesthanfromonlinebankingsites.InJune2012,forexample,LinkedInwasunderamassiveattackfromRussia,resultingin6millionuserpasswordsstolen,forthepasswordswerenotencryptedproperly.Ingeneral,attackerscanlegitimatelyobtainpersonalinformationpostedbyusersfromsocialmediasites,includingfavoritefood,pets,siblings,birthdays,andbirthplaces,aswellastheschoolstheygraduatedfrom,andtheplacestheygrewupin.Manyoftheseitemsarethetypicalquestionstheusersareaskedtoverifytheiridentitywhenloggingtotheirbankingaccounts.Tomakethingsworse,peopletendtousethesamepasswordsformultipleaccounts,includingtheirbankingaccounts.Thus,socialmediahasbecomeasidechannelforattackerstoobtainuserpasswordsofrelevantbankingaccounts.
- http://CERTalsotrainscomputersecuritypersonnel.ItsWebsiteiswww.cert.org
- http://andfundsresearch.ItsWebsiteiswww.sans.org
- http://cialWebsitedevotedtoprovidingsecurityinformationforMicrosoftproducts.ItprovidessecurityupdatestoMicrosoftusers.ItsWebsiteiswww.microsoft.com/security/default.mspx.1.5.4NTBugtraqNTBugtraqisamoderatedopenlistserviceforuserstopostanddiscusssecurityexploitsandbugsinMicrosoft�sproducts.ItsWebsiteiswww.ntbugtraq.com.
- http://astandardmaintainedbyNIST.TheCVEWebsiteiswww.cve.mitre.org
- http://enterarp-aontheUNIXprompttolisttheARPtableinyourmachine.1.5.Networksniffersarealsoreferredtoaspacketsniffers.Networksniffersaresoftwareusedtomonitornetworkconnectionsandobtaininformationofnetworkpackets.TCPdumpandWiresharkarewidelyusedpacketsnifferswithfreedownloadsfromwww.tcpdump.organdwww.wireshark.org
- http://www.wireshark.org/andinstallWireshark-win64-1.12.0.exe
- http://andnowheredidIseeanythingsimilartofedex.com
- http://tauthenticateortrust.Ithinkoneofthemainreasonsthatmyphonenumberandemailaddresswerecompromisedismyresumebeingpostedonsiteslikemonster.com
- http://www.microsoft.com/technet/security/tools/mbsahome.mspxThenexecuteMBSAtoscanyourWindowssystem.1.26.Serverprogramsthatruninthebackgroundofyourcomputerareentrypointstoyourcomputerfromthenetwork.Someoftheseprogramsarenecessary,somearenot,andsomearemaliciousprogramsdownloadedbycarelessusers.SupposethatyouarerunningWindowsXPonyourcomputer.
- http://www.safenet-inc.com/data-protection/authentication/pki-authentication/
- http://4.ai
- http://0to23doi.ai
- https://filippo.io/Heartbleed/tocheckifyourOpenSSLserverisstillvulnerabletotheHeartbleedbug.5.14.Usethe�LastPass�SSLdatechecker�athttps://lastpass.com/heartbleed/tocheckifyourOpenSSLserverhasupdateditsSSLcerticate.IftheupdatewasdoneafterApril4,2014,thenitislikelythatthesystemadministratorofyourOpenSSLserverhaspatchedtheHeartbleedbugvulnerability.5.15.TheIPsectransportmodeandtheIPsectunnelmodecanbemixedtogether.Describetheprosandconsofdifferentcombinationsofthesetwomodes.5.16.DescribeusingadiagramtheworkingoftheslidingwindowinAH.5.17.ExplainthemeaningsinthebasicinteractionsinOakleyKDP.5.18.ThefollowingisanISAKMPpayloadexchangeexample:1.I
- http://www.pgpi.org/products/pqp/versions/freewareforyouroperatingsystem.Forexample,forWindowsXP,gotohttp://www.pgpi.org/products/pqp/versions/freeware/winxp.Clicktheleyoudownloadedandinstallit.SelectIamaNewUser,andenteryournameandorganization.SelectPGPMailforMicrosoftOutlookExpressandpresstheNextbutton.AfterPGPisinstalled,dothefollowings:
- https://digitalid.verisign.com/cgi-bin/OEenroll.exe?name=&email=,andobtainafree-trialdigitalIDfromthere.AfteryoureceiveyourdigitalID,clickinsuccessionContinue,Install,andYes.
- https://vote.heliosvoting.org/,anddescribepotentialsecurityawsindeployingthevotingprotocolforastudentgovernmentelection.5.38.IntheelectronicvotingprotocoldescribedinProblem5.37,isitreallynecessaryforAlicetoverifythevotingmachinecorrectlyencryptedherballot?*5.39.DescribeaninteractiveproofprotocolbetweenPeggyandVictorwherePeggy,knowingthethreecoloringofagraph,canprovethisfacttoVictor.Asinthetext,PeggydoesnotwanttoactuallyrevealthethreecoloringtoVictor.
- http://www.shmoo.com/projects.html.Rainbowtablescanbeobtainedfromhttp://umbra.shmoo.com:6969/usingBitTorrent.6.23.WhyisitdifculttodetectwormholeattacksinWMNs?*6.24.Searchtheliteratureandwriteashortpaperdescribingplausibletechniquestodetectwormholeattacks.6.25.CalculatetheS-BoxeseandlinSAFER+.6.26.DrawablockdiagramtorepresenttheithroundofoperationsinSAFER+.6.27.Drawablockdiagramtorepresenttheoutputtransformcomponent.6.28.DescribethedecryptionalgorithmofSAFER+andprovideacorrectnessproof.6.29.DrawablockdiagramdescribinghowtheinitializationKinitisgeneratedbyDAandDB.6.30.AssumingKinitiscreated,drawablockdiagramdescribinghowthelinkkeyKABisgeneratedbyDAandDB.6.31.DrawablockdiagramdescribingthemutualauthenticationprocessinBluetooth.*6.32.LetbethelengthofaPINcode.IftheBluetoothPINcrackingprocedurendsacandidatePINcodethatpassesthevalidationofSRESA,whatistheprobabilitythatthecandidatePINcodeistheoriginalPINcode?Likewise,ifthesamecandidatePINcodealsopassesthevalidationofSRESB,whatistheprobabilitythatthecandidatePINcodeistheoriginalPINcode?**6.33.ThePINcrackingproceduredescribedinSection6.5.6requiresthattheattackerobtainstheentirepairingandauthenticationsession.Thismaynotbepractical.Forexample,ifDAandDBstorealinkkeyKABforfutureuse,thentheydonotneedto
- http://sky.cloud/user/johndoe/usage.WecansimplyexecuteanHTTPGETrequestforthisURI,andtheCPUusagedatawillbereturnedtousinacertainformat.Inthiscase,weassumethattheformatisJSON.Inwhatfollows,weusethetermsofusersandclientsinterchangeably.7.1.2Software-as-a-ServiceTheSaaScloudsprovidespecicapplicationstoallusers.Thatis,usersofSaaScloudscanonlyusetheapplicationsprovidedbytheclouds.ComparedtothePaaSandIaaSclouds,theSaaScloudsprovidetheleastamountofaccessfreedomtotheirusersforthecloudresources.Theseapplicationsaremaintainedsolelybythecloudprovider,thusalleviatingexpensivemaintenancecostsfortheclients.TheSaaSserviceisoneoftheoldestformsofcloudcomputing.Forexample,usersofWebmailsuchasGmailandYahoo!mailareinteractingwithSaaSclouds.GmailusersareinteractingwiththeSaaScloudforGmailandYahoo!mailuserswiththeSaaScloudforYahoo!mail.OthercommonapplicationsincludeonlinesocialnetworkssuchasFacebook,Twitter,andGoogle+.7.1.3Platform-as-a-ServiceThePaaScloudsallowuserstodeploytheirownapplicationsintheclouds.Thecloudmaintainscontrolandmanagestheentirecloudinfrastructure.CommonPaaScloudsincludeGoogleAppEngineandasubsetofAmazonWebServices
- http://ifyouentercs.uml.edu
- http://cs.uml.edu
- http://typegoogle.com
- http://www.kloth.net/services/nslookup.phptocarryoutaDNSsearch.*8.33.Searchtheliteratureanddescribeindetailarealinstanceofattackingarewall.Explainwhythisattackworks.Suggestasolutiontohelpresistsuchanattack.8.34.UnderMicrosoftWindows,youmayuserouteprinttoshowtheroutingtableonyourcomputer.Use,instead,routeoriprouteshowunderLinuxorUNIX.Showhowtousethemandexplainwhatyousee.*8.35.ReadRFC3089athttp://www.ietf.org/rfc/rfc3089.txtandwriteapaperofabout4000wordstodescribetheSOCKSprotocol.
- http://denotedbyso.com
- http://denotedbyde.com
- http://leinthetargetsystem.ThefollowingcommandsarepayloadsofIPpacketstransmittedfromso.comtode.com
- http://so.com
- http://de.com
- http://68bytesso.com
- http://44340so.com
- http://00p.m.to
- http://Justifyyouranswers.so.com
- http://61320so.com
- http://nso.com
- http://honeytrap.mwcollect.org/attacksanddescribe10mostrecentattackstrappedbyHoneytrap.9.23.Atargetbrowsingbehaviormayormaynotbethreatening,whichisapointofinter-estofconductingbehavioraldataforensics.Giveanexampleofanalyzingbrowsingbehaviorstohelpidentifyintrusionactivities.9.24.Ifacertainuserisbrowsingmission-criticallesfromdirectorytodirectoryandfromhosttohost,thenitisasuspiciousactivity.Thisisapointofinterestofconductingbehavioraldataforensics.Givenanexampleofanalyzingcriticallebrowsingtrendtohelpidentifyintrusionactivities.
- http://www.alienvault.com/blogs/security-essentials/open-source-intrusion-detection-tools-a-quick-overview.*9.31.Nodesubversionisaserioussecuritythreatinad-hocWSNs
- http://27.next:28
- http://TheArtofAnti-MaliciousSoftware351Table10.1ExtensionnamesofcommonsafeattachmentsExtensionFiletypeComment.ai
- http://le.art
- http://le.midiAudioSameasabove.mov
- http://le.mp
- http://les.wk1LotusdocumentMaycontainmacroviruses.wk3SameasaboveSameasabove.wk4SameasaboveSameasabove.wksSameasaboveSameasabove.xlsSpreadsheetSameasabove.zip
- http://maycontainSirCamandotherviruses.exeSameasaboveMicrosoftapplications.com
- http://asagivenAMSproductmaynotbeabletocaptureaparticularmalwareprogram.McAfeeVirusScanMcAfeeisanantivirussoftwareproductwidelyusedbyusersinlargeorganizationsandbyhomeusers.Itusesbasicscanningtodetectknownvirusesandusesheuristicscanningtodetectnewviruses.McAfeeVirusScancanbeobtainedfromwww.mcafee.com
- http://aswellasperformpreinstal-lationviruschecks.NortonAntiViruscanbeobtainedfromwww.symantec.com
- http://AntiVirusisagoodantivirusproduct.Itcanbeobtainedfromwww.avast.com
- http://easy-to-useproduct.Itcanbeobtainedfromwww.webroot.com
- http://whichoffersfreeandpaidversionsfordownloadsfromwww.malwarebytes.com
- http://www3.ca.com
- http://free.grisoft.com/5.ClamAV:http://www.clamav.net/AVGAnti-VirusandClamAVarefreeantivirustools,whereClamAVhasaWindowsver-sionandaLinuxversion.10.4.3MalwareEmulatorMalwareemulatorprovidesanisolatedhardwareandsoftwareemulationenvironmenttoactu-allyrunsuspiciousprograms.Doingsohelpstoidentifymalwarewithoutspreadingit.UserscansetupanemulationenvironmentineachhostcomputerorineachLAN,sothatuserscanrunsuspiciousprogramsundertightcontrols.Doingso,however,mayalsoincurhighcomputationoverhead.IBMproposedin1997theconceptofdigitalimmunesystem
- http://vil.mcafee.com/hoax.asp,Vmyths.comathttp://vmyths.com/,andSophos.comathttp://www.sophos.com/search/.10.6Peer-to-PeerSecurityWhilemostnetworkapplicationsareclient-serverapplications,somearepeer-to-peer
- http://www.ABC.com/ax_controlswiththeuniquehexadecimalserialnumber.WhentheclientasksfortheHTMLdocumentfromaWebserverthatcontainsthispieceofcode,ax_examplewillbedownloadedautomaticallytotheclientcomputer,compiledintonativemachinecode,andloadedintheclientcomputer�smemory.BecauseanActiveXcontrolisjustsimilartoanyexecutablemachinecoderunningontheclientcomputer,itcandoanythingonceitisdownloadedintothelocalmachine.Thus,simi-larlytoTrojanhorses,ActiveXcontrolscouldcauseserioussecurityproblems.
- http://www.avast.com/eng/download-avast-home.html,downloadavast!4Homefreeofchargeforhomeusers,andinstallitonyourcomputer.Thenrunittoscanyoursystem.Accordingtowhatyousee,explainthemechanismofthisantivirusproduct.
- http://vesecurityissuesinWeb2.0.Table10.6Web1.0versusWeb2.0Web1.0technologyWeb2.0technologyPersonalWebpagesblogsBlogsAkamaiBitTorrentmp3.com
- http://www.microsoft.com/downloads,downloadWindowsDefenderfreeofcharge,andinstallitonyourcomputer.Thenrunittoscanforspyware.Accordingtowhatyousee,explainthemechanismofthisantispywareproduct.10.26.InWindowsoperatingsystems,cookiesforIEarestoredontheCdriveundertheDocumentsandSettingsdirectory.Firstndyourusername,andthenopentheCookiesdirectory.Selectatrandomacookieleandopenit.Explainwhatyousee,andanswerthefollowingquestions.
- http://pcap-getIV.pl
- http://WEPCrack.pl
- http://file_info.st
- http://www.xprobe2.org
- http://www.csrc.nist.gov/publications/nistpubs/800-31/sp800-31.pdf.BarontiP,PillaiP,ChookVW,ChessaS,GottaA,andHuYF
- http://www.pcworld.com/printable/article/id,131340/printable.html+.BellovinS
- http://www.cert.org/advisories/CA-2001-19.html+.CERTAdvisory
- http://www.cert.org/advisories/CA-2001-26.html+.CERTIncidentNote
- http://www.cert.org/incident_notes/IN-2001-09.html+.CERTIncidentNote
- http://www.cert.org/incident_notes/IN-2003-03.html+.ChaiQandGongG
- http://www.cnss.gov/Assets/pdf/cnssp_15_fs.pdf+.CohenF
- http://csrc.nist.gov/CryptoToolkit/aes/rijndael/Rijndael.pdf+.DawsonEandNielsenL
- http://www.eff.org/Privacy/Crypto/Crypto_misc/DESCracker+.ElgamalT
- http://eprint.iacr.org/2006/150.FIPS171
- http://www.securityfocus.com/infocus/1868/1+.HeCandMitchellJ
- http://bitcoin.org/bitcoin.pdf+.NeumanB-CandTs�oT
- http://www.pcmag.com
- http://msdn2.microsoft.com/en-us/library/ms809762.aspx+.PietrekM
- http://msdn.microsoft.com/msdnmag/issues/02/02/PE/default.aspx+.PartII:http://msdn.microsoft.com/msdnmag/issues/02/03/PE2/default.aspx+.ProctorP
- http://www.voanews.com/++specialenglish/archive/2002-02/a-2002-02-01-26-1.cfm+.WackJ,CutlerK,andPoleJ
- http://cache-www.intel.com/cd/00/00/01/77/17769_80211_part2.pdf+.
- http://zigbee.org/Specifications.aspx+.ZivJandLempelA
- Show all