In this paper we will take an
unusual approach to system
security. Instead of merely saying
that something is a problem, and
show _why_ it is one. We will
illustrate that even seemingly
harmless network services can
become valuable tools in the search
for weak points of a system, even
when these services are operating
exactly as they are intended to.
In an effort to shed some light on
how more advanced intrusions
occur, this paper outlines various
mechanisms that crackers have
actually used to obtain access to
systems and, in addition, some
techniques we either suspect
intruders of using, or that we have
used ourselves in tests or in
friendly/authorized environments.
My motivation for writing this
paper is that system
administrators are often unaware
of the dangers presented by
anything beyond the most trivial
attacks.

Click here to download

1 Das Sumitra, UNIX, New delhi, Tata
McGraw- Hill, 2005
2 Forouzon Behrouz A, fegon S.C., data
communication & networking, Tata Mc
Graw- Hill, 2005
3 Fleeger P.P. , Pfleeger, security in
computing, 20006
4 Corner Douglas E., internetworking
with TCP/IP principle, protocol and
architecture, PHI, 2004
5 Troudet T.P., Walters S.M., Newral
Network Architecture, 1991
6 Barrel A., Nelson B.J., “implementing
remote procedure call”, transaction on
computer system, vol-2, pp. 39-59.
7 Chalasomi sandeep, trippireddy suresh,
period of the d- sequence based
random number generator
www.arxiv.org
8 Hilker Michael, Schommer christoph,
service oriented architecture in N/W
security – a novel organization in
security systems.
http://arxiv.org/find/grp_csl/1/
and t ti: :+security/01/0/2008/0/1