Further Reading: The HoneyNet Project Reverse Challenge 2002


[email protected]

29/May/2002

Reverse Engineering Malware


Lenny Zeltser, May 2001
http://www.zeltser.com/sans/gcih-practical/revmalw.html

Writing Security Advisories


Kurt Seigried, October 2001
http://www.seifried.org/security/articles/20010910-writing-security-advisories.html

Internet Protocol version 4 Protocol Numbers


Internet Assigned Numbers Authority, December 2001
http://www.iana.org/assignments/protocol-numbers

New variants of Trinity and Stacheldraht DDoS


US Department of Energy Computer Incident Advisory Capability, September 2000
http://ciac.llnl.gov/ciac/bulletins/k-072.shtml

Trinity v3 Distributed Denial of Service tool


Jon Larimer, Internet Security Systems (ISS), September 2000
http://www.iss.net/security_center/alerts/advise59.php

Tips for using Fenris for the "Reverse Challenge"


Michal Zalewski (lcamtuf), Last-Modified: Sun, 26 May 2002 00:28:31 GMT
http://lcamtuf.coredump.cx/fenris/reverse.txt

Armouring the ELF: Binary encryption on the UNIX platform


grugq and scut, December 2001
Phrack Volume 11, Issue 58, Phile 5
http://www.phrack.org/show.php?p=58&a=5

Burneye ELF armourer


scut, Teso, January 2002
http://www.team-teso.net/releases.php

Covert Shells


J. Christian Smith, SANS, November 2000
http://rr.sans.org/covertchannels/covert_shells.php