Entries Tagged 'Papers' ↓

CERT.org offers an advanced guide to computer forensics: 

First Responders Guide to Computer Forensics: Advanced Topics

They cover log file analysis, Microsoft Log Parser, running processes, automated process collection, and many other topics.

Microsoft provides A Guide to Basic Computer Forensics for free.

This article also mentions:
The Fundamental Computer Investigation Guide for Windows
The Malware Removal Starter Kit

milw0rm.com hosts many security-related videos and papers for free:

[Papers]
Lateral SQL Injection: A New Class of Vulnerability in Oracle
Security Implications of Windows Access Tokens
802.11 Attacks

[Videos]
Packet sniffing with Ettercap (arp spoofing basics)
Anonymous Voice Vlan Hack
How to Make Files Undetected by AVs
Howto using aircrack-ptw WEP cracking tool
Advanced Mysql Injection in Joomla

WindowSecurity hosts an online version of Firewalls Complete for free.
Sections include:

• Internetworking Protocols and Standards: An Overview
• Basic Connectivity
• Cryptography: Is it Enough?
• Firewalling Challenges: The Basic Web
• Firewalling Challenges: The Advanced Web
• The APIs Security Holes and Its Firewall Interactions
• What is an Internet/Intranet Firewall After All?
• How Vulnerable Are Internet Services?
• Setting Up a Firewall Security Policy
• Putting It Together: Firewall design and Implementation
• Proxy Servers
• Firewall Maintenance
• Firewall Toolkits And Case Studies
• Types of Firewalls and Products on the Market

This document does a pretty good job of covering several basic types of computer vulnerabilities.

http://www.ussrback.com/docs/papers/general/compvuln_draft.pdf

Ignore the date, the information is still relevant.

Headings include:

Anatomy of a Vulnerability
Logic Errors
Social Engineering
Computer Weakness
Policy Oversights
Fault
Severity
Tactics
Authentication
Consequence

Immunity has a few things that are freely available and are of interest:

Regarding papers, Exploit Dev with ImmDBG, Intelligent DBG, Understanding and Bypassing Heap Protection, Exploiting the PHP_Limit bug, Linux Heap Overflows, and MS Heap Overflows I & II are all pretty good and technically oriented. They don’t speak to any specific certification though.

Papers etc: http://www.immunityinc.com/resources-papers.shtml

Immunity Debugger is free and more polished than OllyDBG (In my opinion anyway), SPIKE and SPIKEProxy are great but have a bit of a learning curve to them.

Software: http://www.immunityinc.com/resources-freesoftware.shtml

Forum: http://forum.immunityinc.com is great for folks who use the
Immunity Debugger.

Several people have mentioned that these books are great study material for the CISSP certification:

http://www.wittys.com/textfiles.html#Rainbow

Update 04/30/2008:

I found a more complete set of DoD Rainbow books on WindowSecurity.

Here are the books available:

NCSC-TG-004: Teal Green book
Glossary of Computer Security Terms

NCSC-TG-005: Red book
Trusted Network Interpretation

NCSC-TG-006: Orange book
A Guide to Understanding Configuration management in Trusted Systems

NCSC-TG-007: Burgundy book
A Guide to Understanding Design Documentation in Trusted Systems

NCSC-TG-008: Dark Lavender book
A Guide to Understanding Trusted Distribution in Trusted Systems

NCSC-TG-009: Venice Blue book
Computer Security Subsystem Interpretation of the Trusted Computer System Evaluation Criteria

NCSC-TG-010: Aqua book
A Guide to Understanding Security Modeling in Trusted Systems

NCSC-TG-011: Dark Red book
Trusted Network Interpretation Environments Guideline - Guidance for Applying the Trusted Network Interpretation

NCSC-TG-013: Pink book
Rating Maintenance Phase Program Document

NCSC-TG-014: Purple book
Guidelines for Formal Verification Systems

NCSC-TG-015: Brown book
A Guide to Understanding Trusted Facility Management

NCSC-TG-016: Yellow Green book
Writing Trusted Facility Manuals

NCSC-TG-017: Light Blue book
A Guide to Understanding Identification and Authentication in Trusted Systems

NCSC-TG-018: Light Blue book
A Guide to Understanding Object Reuse in Trusted Systems

NCSC-TG-019: Blue book
Trusted Product Evaluation Questionnaire

NCSC-TG-020A: Grey book
Trusted UNIX Working Group (TRUSIX) Rationale for Selecting Access Control List Features for the UNIX System

NCSC-TG-021: Lavender book
Trusted Database Management System Interpretation of the TCSEC (TDI)

NCSC-TG-022: Yellow book
A Guide to Understanding Trusted Recovery in Trusted Syst

NCSC-TG-023: Bright Orange book
A Guide to Understanding Security Testing and Test Documentation in Trusted Systems

NCSC-TG-025: Green book
A Guide to Understanding Data Remanence in Automated Information Systems

NCSC-TG-026: Hot Peach book
A Guide to Writing the Security Features User’s Guide for Trusted Systems

NCSC-TG-027: Turquiose book
A Guide to Understanding Information System Security Officer Responsibilities for Automated Information Systems

NCSC-TG-028: Violet book
Assessing Controlled Access Protection

NCSC-TG-029: Blue book
Introduction to Certification and Accreditation Concepts

NCSC-TG-030: Light Pink book
A Guide to Understanding Covert Channel Analysis of Trusted Systems

CSC-STD-001-83: Orange book
DoD Trusted Computer System Evaluation Criteria

CSC-STD-002-85: Green book
DoD Password Management Guideline

CSC-STD-003-85: Light Yellow book
Computer Security Requirements - Guidance for Applying the DoD TCSEC in Specific Environments

CSC-STD-004-85: Yellow book
Technical Rationale Behind CSC-STD-003-85: Computer Security Requirements - Guidance for Applying the DoD TCSEC in Specific Environments

NCSC-TG-001: Tan book
A Guide to Understanding Audit in Trusted Systems

NCSC-TG-002: Bright Blue book
Trusted Product Evaluation - A Guide for Vendors

NCSC-TG-003: Neon Orange book
A Guide to Understanding Discretionary Access Control in Trusted Systems