Further Reading: The HoneyNet Project Reverse Challenge 2002
sean.burford@adelaide.edu.au
29/May/2002
Reverse Engineering Malware
Lenny Zeltser, May 2001
http://www.zeltser.com/sans/gcih-practical/revmalw.html
Writing Security Advisories
Kurt Seigried, October 2001
http://www.seifried.org/security/articles/20010910-writing-security-advisories.html
Internet Protocol version 4 Protocol Numbers
Internet Assigned Numbers Authority, December 2001
http://www.iana.org/assignments/protocol-numbers
New variants of Trinity and Stacheldraht DDoS
US Department of Energy Computer Incident Advisory Capability, September 2000
http://ciac.llnl.gov/ciac/bulletins/k-072.shtml
Trinity v3 Distributed Denial of Service tool
Jon Larimer, Internet Security Systems (ISS), September 2000
http://www.iss.net/security_center/alerts/advise59.php
Tips for using Fenris for the "Reverse Challenge"
Michal Zalewski (lcamtuf), Last-Modified: Sun, 26 May 2002 00:28:31 GMT
http://lcamtuf.coredump.cx/fenris/reverse.txt
Armouring the ELF: Binary encryption on the UNIX platform
grugq and scut, December 2001
Phrack Volume 11, Issue 58, Phile 5
http://www.phrack.org/show.php?p=58&a=5
Burneye ELF armourer
scut, Teso, January 2002
http://www.team-teso.net/releases.php
Covert Shells
J. Christian Smith, SANS, November 2000
http://rr.sans.org/covertchannels/covert_shells.php