• IP Sec is defined here:
  • Security Architecture for the Internet Protocol
  • IP Authentication Header
  • The Use of HMAC-MD5-96 within ESP and AH
  • The Use of HMAC-SHA-1-96 within ESP and AH
  • The ESP DES-CBC Cipher Algorithm With Explicit IV
  • IP Encapsulating Security Payload (ESP)
  • The Internet IP Security Domain of Interpretation for ISAKMP
  • Internet Security Association and Key Management Protocol (ISAKMP)
  • The Internet Key Exchange (IKE)
  • The NULL Encryption Algorithm and Its Use With IPsec
  • IP Security Document Roadmap
  • The OAKLEY Key Determination Protocol
• A good review of IP Sec is here
• Here is a paper about system engineering for security
• Here is a paper on stack overflows
• Here are the papers that started the buffer overflow wave:
  • Smashing the Stack for Fun and Profit
  • Mudge's Buffer Overflow Tutorial
• Here is a form of internet-specific attack modeling
• Here is a general attack modeling system
• Here is the "Orange" Book. Relatively short, but very dry. A good introduction on important OS security concepts that are only now being dealt with on the commercial side.
• The "Red" book. The Network interpretation of the "Orange Book". Long, but could be useful, particularly as reference.
• This is related to the book "Firewalls and Internet Security: Repelling the Wiley Hacker".
• Here is a general assessment of the security of the TCP/IP protocol
• Here is a general assessment of the security of packet filters
• Murphy's law and computer security