http://www.hgesser.de/

Private Homepage von Hans-Georg Eßer

header

Navigation

Privates

Publikationen

Studium

Software

Vorlesungen

Online-Training

Sonstiges

Blaue Links: intern
Rote Links: extern


Ausnutzung verdeckter Kanäle am Beispiel eines Web-Servers > Literatur

Literatur

Diese Datei ist eine HTML-Version des Literaturverzeichnisses aus der Diplomarbeit.

[Amo94] Amoroso, Edward G.: Fundamentals of Computer Security Technology. Prentice-Hall, Inc., 1994. Erhältlich bei http://amazon.co.uk als Print-on-demand-Buch, £ 39,99.
[Ana] Analyzer-Homepage. http://netgroup-serv.polito.it/analyzer/ (29.12.2004).
[Apaa] Download-Adresse für die Apache-Version 1.3.31. http://archive.apache.org/dist/httpd/apache_1.3.31.tar.gz (29.12.2004).
[Apab] Apache Web-Server. http://www.apache.org.
[Apac] Apache: HTTP Server Application Program Interface für Version 1.3. http://httpd.apache.org/docs/misc/API.html.
[Bau03] Bauer, Matthias: New Covert Channels in HTTP: Adding Unwitting Web Browsers to Anonymity Sets. Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2003), Washington, DC, USA, Oktober 2003. http://www1.informatik.uni-erlangen.de/~bauer/109-bauer.ps.
[Bea99] Beazley, David M.: Python Essential Reference. New Riders Publishing, 1999. ISBN 0-7357-0901-7.
[BL73] Bell, D.E. und J. La Padula: Secure Computer Systems: Mathematical Foundations. The MITRE Corporation, Bedford, MA, März 1973. Technical report, ESD-TR-73- 278-I.
[Bra89] Braden, R. T.: Requirements for Internet hosts - communication layers. RFC 1122, Internet Engineering Task Force, 1989. http://www.rfc-editor.org/rfc/rfc1122.txt.
[Cct] Cctt-Homepage. http://www.entreelibre.com/cctt/index_en.html (29.12.2004).
[Cha81] Chaum, David: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 4(2), Februar 1981. http://www.csl.mtu.edu/cs6461/www/Reading/08/Chaum-ACMCOMM81.pdf.
[Com] CommView-Homepage. http://www.tamos.com/ (29.12.2004).
[CSo04] Socket Programming in C: Programmbeispiele, 2004. http://pont.net/socket/ (01.11.2004).
[Dae96] Daemon9: Project Loki: ICMP tunneling. Phrack, 7(49), 1996. http://www.phrack.org/show.php?p=49&a=6.
[Dae97] Daemon9: LOKI2 (the implementation). Phrack, 7(51), 1997. http://www.phrack.org/show.php?p=51&a=6.
[DC03] Dyatlov, Alex und Simon Castro: Exploitation of data streams authorized by a network access control system for arbitrary data transfers: tunneling and covert channels over the HTTP protocol. Juni 2003. http://gray-world.net/projects/papers/html/covert_paper.html (12.06.2004).
[Eat97] Eaton, John W.: GNU Octave - A high-level interactive language for numerical computations. 3. Auflage, 1997. Benutzerhandbuch zu Octave.
[EL00] Ernst, Nico und Jörg Luther: AOL/Netscape spioniert Surfer aus. TecChannel, 2000. http://www.tecchannel.de/internet/468/ (12.06.2004).
[eth] Ethereal-Homepage. http://www.ethereal.com/.
[Eße05] Eßer, Hans-Georg: Ausnutzung verdeckter Kanäle am Beispiel eines Web-Servers - Download-Bereich, 2005. http://privat.hgesser.com/docs/Info-Diplom/.
[FBH+02] Feamster, Nick, Magdalena Balazinska, Greg Harfst, Hari Balakrishnan und David Karger: Infranet: Circumventing Web Censorship and Surveillance. 11th USENIX Security Symposium, San Francisco, CA, August 2002. http://www.usenix.org/publications/library/proceedings/sec02/feamster/feamster.pdf.
[FGM+99] Fielding, R., J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach und T. Berners-Lee: Hypertext Transfer Protocol - HTTP. RFC 2616, Internet Engineering Task Force, 1999. http://www.rfc-editor.org/rfc/rfc2616.txt.
[Gas88] Gasser, Morrie: Building a Secure Computer System. Van Nostrand Reinhold, Juni 1988. ISBN: 0442230222. http://nucia.ist.unomaha.edu/library/gasser.php.
[Ger02] Gerber, Tim: Phone-home-Vorwürfe an Netscape. Heise News, 2002. http://www.heise.de/newsticker/meldung/25493 (12.06.2004).
[Gla] GLADE-Homepage. http://glade.gnome.org/.
[GMS95] Goossens, M., F. Mittelbach und A. Samarin: Der LATEX-Begleiter. Addison-Wesley, 1995.
[Gol03] Goltz, James P.: Under the radar: A look at three covert communications channels. GSEC practical assignment, 2003. http://web.mmert.org/~goltz/GSEC/Jim_Goltz_GSEC_edit.pdf (17.07.2004).
[Goo] The Google Timeline. http://www.google.com/corporate/timeline.html (18.02.2005).
[Ham50] Hamming, R. W.: Error detecting and error correcting codes. The Bell System Tech. Journal, XXIX(2):147-160, 1950. http://engelschall.com/~sb/hamming/ (eingescannt).
[Har01] Hartmann, Mike: Netzwerk Sniffer. TecChannel, 2001. http://www.tecchannel.de/hardware/766/ (12.06.2004).
[Het02] Hetzl, Stefan: Steghide Man Page, 2002. http://steghide.sourceforge.net/documentation/manpage.php (12.06.2004).
[Htt] Httptunnel-Homepage. http://www.nocrew.org/software/httptunnel.html (29.12.2004).
[Ile04] Ilett, Dan: Lexmark accused of installing spyware, 2004. ZDNet UK, http://news.zdnet.co.uk/internet/security/0,39020375,39173517,00.htm (30.12.2004).
[JDB92] Jacobson, V., R. Draden und D. Borman: TCP Extensions for High Performance. RFC 1323, Internet Engineering Task Force, 1992. http://www.faqs.org/rfcs/rfc1323.html.
[Kes04] Kessler, Gary C.: An Overview of Steganography for the Computer Forensics Examiner. Forensic Science Communications, 6(3), 2004. http://www.fbi.gov/hq/lab/fsc/backissu/july2004/research/2004_03_research01.htm.
[Lam73] Lampson, Butler W.: A note on the confinement problem. Commun. ACM, 16(10):613-615, 1973. http://www.cs.cornell.edu/andru/cs711/2003fa/reading/lampson73note.pdf.
[Lan70] Lang, Serge: Linear Algebra. Addison-Wesley Publishing Company, 2. Auflage, 1970.
[LL99] Laurie, Ben und Peter Laurie: Apache: The Definitive Guide. O'Reilly, 2. Auflage, 1999. ISBN: 1-56592-528-9.
[Lut96] Lutz, Mark: Programming Python.
O'Reilly & Associates, Inc., 1. Auflage, 1996. ISBN 1-56592-197-6.
[Mac03] MacKay, David J. C.: Information Theory, Inference, and Learning Algorithms. Cambridge University Press, 2003. http://www.inference.phy.cam.ac.uk/mackay/itila/.
[Mat96] Mathar, Rudolf: Informationstheorie, 9 Aachener Beiträge zur Mathematik. Verlag der Augustinus Buchhandlung, 1996. Skript zur Vorlesung.
[MD90] Mogul, J. C. und S. E. Deering: Path MTU discovery. RFC 1191, Internet Engineering Task Force, 1990. http://www.rfc-editor.org/rfc/rfc1191.txt.
[MM94] Moskowitz, Ira S. und Allen R. Miller: Simple Timing Channels. SP '94: Proceedings of the 1994 IEEE Symposium on Security and Privacy, 56. IEEE Computer Society, 1994. http://chacs.nrl.navy.mil/publications/CHACS/1994moskowitz-oakland.ps.
[MP90] Mathar, Rudolf und Dietmar Pfeifer: Stochastik für Informatiker. Leitfäden und Monographien der Informatik. B. G. Teubner, Stuttgart, 1990.
[MSO01] Mitchell, Mark, Alex Samuel und Jeffrey Oldham: Advanced Linux Programming. Sams (Pearson Education), 2001. ISBN: 0735710430.
[Nma] Nmap-Homepage. http://www.insecure.org/nmap/ (29.12.2004).
[Oct] Octave-Homepage. http://www.octave.org/.
[PAK99] Petitcolas, Fabien A. P., Ross J. Anderson und Markus G. Kuhn: Information hiding--A survey. Proceedings of the IEEE, 87(7):1062-1078, 1999. http://www.petitcolas.net/fabien/publications/ieee99-infohiding.pdf.
[PkZ] PkZIP-Homepage. http://www.pkware.com/products/enterprise/unix/ (29.12.2004).
[Pos81a] Postel, John: Internet Control Message Protocol. RFC 792, Internet Engineering Task Force, 1981. http://www.rfc-editor.org/rfc/rfc792.txt.
[Pos81b] Postel, Jon B.: Internet Protocol. RFC 791, Internet Engineering Task Force, 1981. http://www.rfc-editor.org/rfc/rfc791.txt.
[Pos81c] Postel, Jon B.: Transmission Control Protocol. RFC 793, Internet Engineering Task Force, September 1981. http://www.ietf.org/rfc/rfc793.txt.
[Pos83] Postel, Jon B.: TCP maximum segment size and related topics. RFC 879, Internet Engineering Task Force, 1983. http://www.rfc-editor.org/rfc/rfc879.txt.
[rev] Revsh-Homepage. http://freshmeat.net/projects/revsh/ (29.12.2004).
[Sch95] Schneier, Bruce: Applied cryptography (2nd ed.): protocols, algorithms, and source code in C. John Wiley & Sons, Inc., 1995.
[Sch97] Schweitzer, Frank: Selbstorganisation und Information. in: Krapp, H. und Th. Wagenbaur: Komplexität und Selbstorganisation - Chaos in Natur- und Kulturwissenschaften, 9-129. Wilhelm Fink Verlag, 1997. http://summa.physik.hu-berlin.de/~frank/download/web-tueb.pdf.
[Sha48] Shannon, C. E.: A Mathematical Theory of Communication. The Bell System Technical Journal, 27:379-423, 623-656, Oktober 1948. http://cm.bell-labs.com/cm/ms/what/shannonday/shannon1948.pdf.
[Sko00] Skoll, David F.: A PPPoE Implementation for Linux. Proceedings of the 4th Annual Linux Showcase & Conference, Atlanta, Georgia, USA, 2000. USENIX. http://www.roaringpenguin.com/images/resources_files/PPPoEforLinux.pdf.
[SMC02] Shannon, Colleen, David Moore und K.C. Claffy: Beyond folklore: observations on fragmented traffic. IEEE/ACM Transactions on Networking, 10(6):709-720, 2002. http://www.caida.org/outreach/papers/2002/Frag/frag.pdf.
[Smi02] Smith, Richard M.: Serious privacy problems in Windows Media Player for Windows XP. 2002. http://www.computerbytesman.com/privacy/wmp8dvd.htm (12.06.2004).
[Spa03] Spangler, Ryan: Analysis of Remote Active Operating System Fingerprinting Tools, 2003. http://www.packetwatch.net/documents/papers/osdetection.pdf (12.06.2004).
[Sta02] Stallman, Richard M.: Why Free Software is better than Open Source. In: Free Software, Free Society: Selected Essays of Richard M. Stallman. Oktober 2002. http://www.gnu.org/philosophy/free-software-for-freedom.html.
[Ste97] Stevens, W. Richard: TCP Slow Start, Congestion Avoidance, Fast Retransmit, and Fast Recovery Algorithms. RFC 2001, Internet Engineering Task Force, 1997. http://www.faqs.org/rfcs/rfc2001.html.
[Ste00] Stevens, W. Richard: Programmieren von UNIX-Netzwerken. Carl Hanser Verlag, München, 2. Auflage, 2000. ISBN: 3-446-21334-1, Beispielprogramme: ftp://ftp.cs.columbia.edu/pub/dcc/classes/CS4119-S98/stevens/unpv12e.tar.gz.
[Tou] Touretzky, Dave: Steganography Wing of the Gallery of CSS Descramblers. http://www-2.cs.cmu.edu/~dst/DeCSS/Gallery/Stego/ (29.12.2004).
[Xpr] Xprobe2-Homepage. http://www.sys-security.com/index.php?page=xprobe.
[Yes] YesCoder-Homepage. http://mitglied.lycos.de/JoergGrohne/yescoder.html.


Copyright © 1997-2021 Hans-Georg Eßer; Server: Debian Linux, Apache Web Server, letzte Änderung: Thursday, 03-Nov-2016 15:27:57 CET
Theme: Hazard Area 1.6 (modified), created by Bryan Bell, Copyright © 2000-2006 Weblogger.com.