copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

Publications





Further Categories
AusCERT Web Log: The AusCERT web log is where our staff have the opportunity to informally discuss current activity and interesting developments in the area information security.

Member Newsletters: Complete archive of news letters distributed to AusCERT members

Checklists:

Presentations and Papers:


Further Information
 denotes AusCERT member only content. Update on Kezaam SecuryTeam Spam and Associated Trojan Incident - This paper provides an overview of a recent "Kezaam SecuryTeam" incident which involved a wide spam run in Australia and elsewhere that attempted to induce recipients to click on a link to a web site for the purposes of installing malicious software. (31/10/2005)

 denotes AusCERT member only content. Windows Rootkit Prevention and Detection - This document is intended to introduce Windows system administrators to the concepts necessary to understand the threat posed by rootkits on the Windows platform. The document also outlines tools and techniques that system administrators, and those responsible for incident response can use to detect and respond to rootkits on the Windows platform. (13/05/2005)

 denotes AusCERT member only content. Risk of Compromise for Organisations using SSL - Specialised software being used by some marketing companies poses a serious threat to the confidentiality and integrity of sensitive data organisations seek to protect through their secure socket layer (SSL) enabled web connections. This paper provides information about this threat, its potential impact on organisations wishing to protect access to confidential web data using SSL and explains what can be done to mitigate the risk. In particular we examine the potential for an SSL man-in-the-middle technique to be used to facilitate online banking fraud compared to other methods of online identity theft. (15/03/2005)

2005 Australian Computer Crime and Security Survey - AusCERT members are encouraged to participate in the 2005 Australian Computer Crime and Security Survey, which is produced by the AHTCC, the AFP, all state police forces and AusCERT. The secure survey web-based questionnaire will be available until Monday, 7 March 2005. (04/03/2005)

Windows Intrusion Detection Checklist - Checklist designed to assist administrators in intrusion detection for Windows Systems. (01/10/2004)

 denotes AusCERT member only content. Enhancing Security of IP Multicast Traffic in Corporate Networks - The use of multicast applications within the Internet is increasing. This paper identifies the security implications related to multicast communication. Possible solutions for enhancing multicast security are examined. (07/07/2004)

CSIRT Resources - A list of Computer Security Incident Response Team (CSIRT) resources useful for people interested in designing, developing and implementing their own CSIRT. (27/02/2004)

Handbook for Management of IT Evidence - The Management of IT Evidence handbook has been completed and is now available from Standards Australia. (09/12/2003)

NIST Special Publication 800-36 - Guide to Selecting Information Technology Security Products - The National Institute of Standards and Technology has published Special Publication 800-36 - Guide to Selecting Information Technology Security Products (28/10/2003)

Putting cyberterrorism into context - 'Cyberterrorism' is an often misused and abused term which results in a misunderstanding of the threat. This article provides an assessment of the threat of cyberterrorism for Australian networks and compares this threat with other existing cyber threats. (24/10/2003)

 denotes AusCERT member only content. Business Impact Assessment - Blaster revisited - The Blaster and Welchia worms continue to have a sustained impact on many Australian networks. The newest Microsoft RPC vulnerabilities announced early on 11 September 2003 provide the potential for a new round of worm attacks. This time, however, the impact could be more severe - if, as we expect, the time to develop the worm code occurs more quickly than before. (16/09/2003)

Business Impact Assessment - Possible Slammer hiatus - The effects of the Slammer worm were short-lived but if circumstances permit a resurgence of harmful network activity may easily occur. (30/01/2003)

Impact analysis of Apache/mod_ssl worm - There are reports that the Apache/mod_ssl worm has compromised around 30,000 hosts. This article looks at some of the implications of distributed denial of service attacks that could be unleashed by compromised Slapper worm agents. (02/10/2002)

Windows 95/98 Computer Security Information - This document is written for users of Microsoft Windows 95/98. The MS Windows 95/98 operating systems are not designed to be used with computers storing data that is considered critical to a project or that must be very securely protected. The Windows 95/98 operating systems are commonly installed on home computers. Because of an increasing number of incident reports from Windows 95/98 users the CERT Coordination Center (CERTCC) and AusCERT have created this document to help users become more aware of computer security. (31/07/2002)

Know Thy Attacker - A pdf file of the presentation "Know Thy Attacker" (19/07/2002)

Secure Unix Programming Checklist - A check list, in short form, for quick reference by lab engineers to use in writing secure Unix code (17/07/2002)

Windows NT Intruder Detection Checklist - (17/07/2002)

Windows NT Configuration Guidelines - This document is being published jointly by the CERT Coordination Center and AusCERT (Australian Computer Emergency Response Team) and details common Microsoft Windows NT 4.0 configuration problems that have been exploited by intruders and recommends practices for deterring several types of break-ins. We encourage system administrators to review all sections of this document and modify their systems accordingly to fix potential weaknesses. (17/07/2002)

Anonymously Launching a DDoS Attack via the Gnutella Network - (01/06/2002)

Information Security Standards - This page provides a range of information about standards directly or peripherally associated with information security within Australia New Zealand, and elsewhere throughout the world. It does not set out to exhaustively list all standards in the known universe that may relate primarily or peripherally to information security. (27/05/2002)

Multiple Vulnerabilities in SNMPv1 implementations - Briefing Note - (12/02/2002)

Steps for Recovering from a UNIX or NT System Compromise - This document is being published jointly by the CERT Coordination Center and AusCERT (Australian Computer Emergency Response Team). It describes suggested steps for responding to a UNIX or NT system compromise. (18/10/2001)

UNIX Security Checklist v2.0 - This document details steps to improve the security of Unix Operating Systems. We encourage system administrators to review all sections of this document and if appropriate modify their systems accordingly to fix potential weaknesses. (08/10/2001)

AusCERT - UNIX Security Checklist v2.0 - The Essentials - This document extracts from the "UNIX Security Checklist v2.0" essential steps to improve the security of Unix Operating Systems. We encourage system administrators to review the full UNIX Security Checklist. (08/10/2001)

Collecting Electronic Evidence After a System Compromise - Collecting forensic evidence for the purposes of investigation and/or prosecution is difficult at the best of times, but when that evidence is electronic an investigator faces extra complexities.... (02/08/2001)

Lessons Learned from Loving Melissa - Between April 1999 and May 2000 a series of events relating to computer security received blanket worldwide coverage. (05/07/2000)

Windows NT Security and Configuration Resources - This document is being published jointly by the CERT Coordination Center and AusCERT (Australian Computer Emergency Response Team). The CERT® Coordination Center and AusCERT® do not review, evaluate, or endorse the resources, tools, mailing lists, or contents of any web sites listed below. The decision to use any of these resources is the responsibility of each user or organization, and we encourage each organization to thoroughly evaluate any resources, any new tools or techniques before installing or using them. We are simply including this information here so that you may be aware of their existence and may evaluate them as appropriate for your site. (17/04/2000)

Distributed Denial of Service Attacks - Recent media coverage has focused on a series of Distributed Denial of Service (DDOS) attacks against a number of high profile sites. In general, these sites have been E-Commerce related. Previous years have seen concentrated Denial of Service (DOS) attacks against other industry groups, particularly ISPs, universities and other agencies throughout the world. (16/02/2000)

Copyright Amendment (Digital Agenda) Bill 1999 Submissions - Submissions on the Exposure Draft of the Copyright Amendment (Digital Agenda) Bill 1999 and Commentary in pdf format. (19/03/1999)

UNIX Intruder Detection Checklist - This document outlines suggested steps for determining if your system has been compromised. System administrators can use this information to look for several types of break-ins. We encourage you to review all sections of this document and modify your systems to close potential weaknesses. (03/10/1997)

Improving Computer Security through Network Design - Security conscious organisations have learned the benefits of protecting their information processing infrastructure from unauthorised actions by intruders. Unfortunately, many organisations leave key systems open to attack due to poor network design. (01/06/1997)

overflow_wrapper.c - Source code to a wrapper which is designed to limit exploitation of programs which have command line argument buffer overflow vulnerabilities. It referenced in the Unix Security Checklist. wrap programs to prevent command line argument buffer overrun vulnerabilities (13/05/1997)

Secure Programming Check List - A check list, in short form, for quick reference by lab engineers to use in writing secure Unix code. The document is reference by the Unix Security Checklist. (23/05/1996)

Enhancing Security of Unix Systems - This paper examines the common threats to data security in open systems highlighting some of the more recent threats, and looks at some of the tools and techniques that are currently available to enhance the security of a Unix system. (01/01/1996)

Forming an Incident Response Team - This paper examines the role an IRT may play in the community, and the issues that should be addressed both during the formation and after commencement of operations. (01/01/1995)


Previous  1, 2, 3, 4  Next denotes AusCERT member only content.